ZyXEL Communicationsメーカー2602HW Seriesの使用説明書/サービス説明書
ページ先へ移動 of 519
Prestige 2602HW Series ADSL V oIP IAD with 802.1 1g Wireless User ’ s Guide V ersion 3.4 0 1/2005.
.
Prestige 2602HW Series User’s Guide Copyright 3 Copyright Copyright © 2005 by ZyXEL Communications Corpo ration. The contents of this publication may not be reprod uced in any part or as a wh ole, .
Prestige 2602HW Series User’ s Guide 4 Federal Communications Commission (FCC) Interference Statement Federal Communications Commission (FCC) Interference S t atement This device complies with Part 15 of FCC rul es. Operation is subject to the following two conditions: • This device may not cause harmful interference.
Prestige 2602HW Series User’s Guide Safety Warnings 5 Safety W arnings For your safety , be sure to read and fo llow all warning notices and instructions. • T o reduce the risk of fire, use only No. 26 A WG (American W ire Ga uge) or lar ger telecommunication line cord.
Prestige 2602HW Series User’ s Guide 6 ZyXEL Limited Warranty ZyXEL Limited W arranty ZyXEL warrants to the original en d user (purchaser) that this product is free from any defects in materials or workmansh ip for a period of up to two years from the date of purchase.
Prestige 2602HW Series User’s Guide Customer Support 7 Customer Support Please have the following information r eady when you contact customer support. • Product model and serial number . • W arranty Information. • Date that you received your de vice.
Prestige 2602HW Series User’ s Guide 8 Customer Suppo rt.
Prestige 2602HW Series User’s Guide Table of Contents 9 T able of Content s Copyright .................................................. .......................................... ...................... 3 Federal Communications Commissi on (FCC) Interference S t atement .
Prestige 2602HW Series User’ s Guide 10 Table of Contents Chapter 3 Wizard Setup .. .......................................... .......................................... .................... 63 3.1 Wizard Setup Introduction .. .................... .
Prestige 2602HW Series User’s Guide Table of Contents 11 5.4 LAN TCP/IP ............... ................... .................... ................... ................... ............ 81 5.4.1 Factory LAN Defaults .... ................... ............
Prestige 2602HW Series User’ s Guide 12 Table of Contents Chapter 7 W AN Setup ................................................ ..................................................... ....... 109 7.1 W AN Overview .......... ................... ......
Prestige 2602HW Series User’s Guide Table of Contents 13 9.3 SIP ALG ....... ................... .................... ................... ................... .................... ...135 9.4 Pulse Code Modulation ... .................... ............
Prestige 2602HW Series User’ s Guide 14 Table of Contents Chapter 13 Firewalls .................................................... .......................................... .................. 155 13.1 Firewall Overview ....... ....................
Prestige 2602HW Series User’s Guide Table of Contents 15 14.4.2 W AN to LAN Rules . ................. ................... ................... .................... ...172 14.4.3 Alerts ....... .................... ................... ................
Prestige 2602HW Series User’ s Guide 16 Table of Contents Chapter 17 VPN Screens ....................................................... ........................................... ....... 201 17.1 VPN/IPSec Ov erview ........... ...................
Prestige 2602HW Series User’s Guide Table of Contents 17 Chapter 19 Universal Plug-and-Play (UPnP) ............................................. ............................ 233 19.1 Introducing Universal Plug and Play . ................... ........
Prestige 2602HW Series User’ s Guide 18 Table of Contents 22.3.1 System Management T erminal Interf ace Summary .............. ................ 268 22.3.2 SMT Menus Overview ...... .................... ................... ................... .......
Prestige 2602HW Series User’s Guide Table of Contents 19 28.2.2 Encapsulation and Multiplexing Scenarios . ............. ................... ..........296 28.2.2.1 Scenario 1: One VC, Multiple P rotocols ................... ................... 296 28.
Prestige 2602HW Series User’ s Guide 20 Table of Contents Chapter 32 Enabling the Firewall .................................................................................... ....... 329 32.1 Remote Management and the Firewall .....................
Prestige 2602HW Series User’s Guide Table of Contents 21 36.4 Log and T rac e ......... ...................... .................... ................... ................... .......359 36.4.1 Viewing Error Log .................... ... ................
Prestige 2602HW Series User’ s Guide 22 Table of Contents Chapter 39 Remote Management .................................................... ....................................... 387 39.1 Remote Management Overview .... ....................... ....
Prestige 2602HW Series User’s Guide Table of Contents 23 44.4 Problems with the LAN Interface ....................... ................... ................... .......420 44.5 Problems with the WAN Interface .............. ....................... ....
Prestige 2602HW Series User’ s Guide 24 Table of Contents Appendix E Wireless LAN and IEEE 802.11 .... ........................................... ............................ 451 Benefits of a Wireless LAN .............. ................... .......
Prestige 2602HW Series User’s Guide Table of Contents 25 Command Syntax .......... ...................... .................... ................... ...................... ...... 489 Command Usage ... ................... .................... .........
Prestige 2602HW Series User’ s Guide 26 Table of Contents.
Prestige 2602HW Series User’s Guide List of Figure s 27 List of Figures Figure 1 Prestige Internet Access Applic ation ................... .................... ................ 54 Figure 2 Internet T elephony Service Provid er Application ..........
Prestige 2602HW Series User’ s Guide 28 List of Figures Figure 39 W A N Backup ................ ................... ................... ....................... ............. 1 1 6 Figure 40 How NA T Works ........... ................... ............
Prestige 2602HW Series User’s Guide List of Figure s 29 Figure 82 Encryption and Decr yption ........... ................... .................... ................... 196 Figure 83 IPSec Architecture .......................... ................... ...
Prestige 2602HW Series User’ s Guide 30 List of Figures Figure 124 Firmware Upgrade . ....................... ................... ....................... ............. 262 Figure 125 Network T e mporarily Disconnected ........................... ...
Prestige 2602HW Series User’s Guide List of Figure s 31 Figure 167 Menu 15.1.1 First Set .............. ................ ................... ................... ....... 317 Figure 168 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ...
Prestige 2602HW Series User’ s Guide 32 List of Figures Figure 210 Menu 24.1 System Maintenance : S tatus ............................ ................ 356 Figure 21 1 Menu 24.2 System I nformation and Console Port S peed .......... .......... 357 Figure 212 Menu 24.
Prestige 2602HW Series User’s Guide List of Figure s 33 Figure 253 Applying IP Policies Example .............. ...................... ....................... ... 398 Figure 254 Menu 26 Schedule Setup .............. ....................... ..........
Prestige 2602HW Series User’ s Guide 34 List of Figures Figure 296 Displaying Log Parameters Exam ple ... ................... ................... .......... 505 Figure 297 Log Command Example ............ ... ................... ....................
Prestige 2602HW Series User’s Guide List of Tables 35 List of T ables T able 1 ADSL St andards ...... ....................... ................... ....................... ................ 45 T able 2 IEEE 802.1 1g ........ ...........................
Prestige 2602HW Series User’ s Guide 36 List of Tables T able 39 Phone Port Common ............. .................... ...................... .................... ... 148 T able 40 Dynamic DNS ........ .................... ...................... ....
Prestige 2602HW Series User’s Guide List of Tables 37 T able 82 Diagnostic: General ............ ....................... ................... ....................... ... 260 T able 83 Diagnostic: DSL Line ............. .................... ..........
Prestige 2602HW Series User’ s Guide 38 List of Tables T able 125 General Commands for GU I-based FTP Clients ........ ....................... ... 368 T able 126 General Commands for GU I-based TFTP Clients ................ ................ 370 T able 127 Menu 24.
Prestige 2602HW Series User’s Guide List of Tables 39 T able 168 Menu 4 Internet Access Setup (SMT Menu 4) .............. ....................... 469 T able 169 Menu 12 (SMT Menu 12) ......... ................ ................... ...................
Prestige 2602HW Series User’ s Guide 40 List of Tables.
Prestige 2602HW Series User’s Guide Preface 41 Preface Congratulations on your p urchase of the Prestige 2602 HW Series ADSL V oIP IAD with 802.1 1g Wireless. Note: Register your product online to receive e-mail notices of firmwa re upgrades and information at www .
Prestige 2602HW Series User’ s Guide 42 Preface Synt ax Conventions • “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choices. • The SMT menu titles and labels are in Bold T imes New Roman font.
Prestige 2602HW Series User’s Guide Introduction to DSL 43 Graphics Icons Key Introduction to DSL DSL (Digital Subscriber Line) te chnology enhances the data ca pacity of the existing twisted- pair wire that runs betwee n the local telephone co mpany switching of fi ces and most homes and offices.
Prestige 2602HW Series User’ s Guide 44 Introduction to DSL As data rates increase, the carrying distance d ecreases. That means that users who are beyond a certain distance from the telephone company’ s ce ntral office may not be able to obtain the higher spee ds.
Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 45 C HAPTER 1 Getting T o Know Y our Prestige This chapter describes the key features and applications of your Prestige.
Prestige 2602HW Series User’ s Guide 46 Chapter 1 G etting To Know Yo ur Prestige Note: Models ending in “1”, for example Pr estige 2602HW -61, denote a device that works over the analog tele phone system , POTS (Plain Old T elephone Service).
Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 47 Multiple SIP Account s The Prestige allows you to simultaneously use multiple voice (SIP) accounts and assign them to one or both telephone ports. Multiple V oice Channels The Prestige can simu ltaneously handle mu ltiple voice channels (telephone calls).
Prestige 2602HW Series User’ s Guide 48 Chapter 1 G etting To Know Yo ur Prestige High Speed Internet Access Y our Prestige ADSL/ADSL2/ADSL2+ router can support downstream transmission rates of up to 24Mbps and upst ream tran smission rates of 3 .5Mbps.
Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 49 IEEE 802.1 1g Wireless LAN IEEE 802.1 1g is fully compa tible with the IEEE 802.1 1b standard. This means an IEEE 802.1 1b radio card can interface directly with an IEEE 802.
Prestige 2602HW Series User’ s Guide 50 Chapter 1 G etting To Know Yo ur Prestige T raffic Redirect T raffic redirect forwards W AN traffic to a ba ckup gateway when the Pr estige cannot connect to the Internet, thus acting as an auxilia ry if your regular W AN connection fails.
Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 51 ADSL S t andards • Full-Rate (ANSI T1.413, Issue 2; G .dmt (G .992 .1) with line rate support of up to 8 Mbps downstream and 832 Kb ps upstream. • G .lite (G .992.2) with line rate support of up to 1.
Prestige 2602HW Series User’ s Guide 52 Chapter 1 G etting To Know Yo ur Prestige IP Policy Routing (IPPR) T raditionally , routing is based on the destination addre ss only and the router takes the shortest path to forward a packet.
Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 53 • ADSL circuitry •R A M • LAN port Packet Filters The Prestige's packet filtering functions a llows added network security and management. Ease of Inst allation Y our Prestige is designed for quick, intuitive and easy installation.
Prestige 2602HW Series User’ s Guide 54 Chapter 1 G etting To Know Yo ur Prestige Figure 1 Prestige Internet Access Application Internet Single User Account For a SOHO (Small Office/Home Of fice) en.
Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 55 Figure 2 Internet T elephony Service Provider Application 1.4.3 Firewall for Secure Broadband Internet Access The Prestige provides protection from attacks by Internet hackers.
Prestige 2602HW Series User’ s Guide 56 Chapter 1 G etting To Know Yo ur Prestige Figure 4 Prestige LAN-to-LAN Application 1.5 Prestige Hardware Inst allation and Connection Refer to the Quick S tart Guide for information on hardware in stallation an d connections and LED descriptions.
Prestige 2602HW Series User’s Guide Chapter 2 Introducing the Web Configur ator 57 C HAPTER 2 Introducing the W eb Configurator This chapter describes how to access and navigate the web configurator .
Prestige 2602HW Series User’ s Guide 58 Chapter 2 Introducing the Web Configurator Figure 6 Change Password at Login 7 Y ou should now see the SITE MAP screen. Note: The Prestige automatically times out af ter five minutes of inactivit y . Simply log back into the Prestige if this happens to you.
Prestige 2602HW Series User’s Guide Chapter 2 Introducing the Web Configur ator 59 • Click Logout in the navigation panel when you have finished a Prestige mana gement session. Figure 7 Web Configurator SITE MAP Screen Note: Click the icon (located in the top right corner o f most screens) to view embedded help.
Prestige 2602HW Series User’ s Guide 60 Chapter 2 Introducing the Web Configurator V oice SIP Settings Use this screen to configure your Prestige’s Session Initiation Protocol settings. QoS Use this screen to configure your Prestige’s Quality of Service settings.
Prestige 2602HW Series User’s Guide Chapter 2 Introducing the Web Configur ator 61 Diagnostic General These screens displa y information to help you identify problems with the Prestige general connection. DSL Lin e These screens display information to help you identify problems with the DSL line.
Prestige 2602HW Series User’ s Guide 62 Chapter 2 Introducing the Web Configurator.
Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 63 C HAPTER 3 W izard Setup This chapter provides information on the W izard Setup screens for Internet access and V oIP in the web configurat or .
Prestige 2602HW Series User’ s Guide 64 Chapter 3 Wizard Setup 3.1.1.4 RFC 1483 RFC 1483 describes two methods for Multipro tocol Encapsulation over A TM Adaptation Layer 5 (AAL5).
Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 65 Figure 8 Internet Access Wizard Setup: First Screen The following table describes the fields in this screen. 3.2 IP Address and Subnet Mask Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number .
Prestige 2602HW Series User’ s Guide 66 Chapter 3 Wizard Setup If the ISP did not expl icitly give you an IP ne twork number , then most likely you have a sin gle user account and the ISP will assign you a d ynamic IP address when the connection is established.
Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 67 3.2.1.4 Private IP Addresses Every machine on the Internet must ha ve a unique address. If your network s are isolated from the Internet, for example, only between your two branch of fices, you can assign any IP addresses to the hosts without problems.
Prestige 2602HW Series User’ s Guide 68 Chapter 3 Wizard Setup Figure 9 Internet Connection with PPPoE The following table describes the fields in this screen. Table 5 Internet Connection with PPPoE LABEL DESCRIPTION Service Name T ype the name of your PPPoE service here.
Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 69 Figure 10 Internet Connection with RFC 1483 The following table describes the fields in this screen. Figure 1 1 Internet Connection with ENET ENCAP The following table describes the fields in this screen.
Prestige 2602HW Series User’ s Guide 70 Chapter 3 Wizard Setup Figure 12 Internet Connection with PPPoA The following table describes the fields in this screen. Table 7 Internet Connection with ENET ENCAP LABEL DESCRIPTION IP Address A static IP address is a fixed IP that your ISP gives you.
Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 71 3.2.5 SIP Identities A SIP account's Uniform Resource Identifier (URI) identifies the SIP account in a way similar to the way an e-mail address iden tifies an e-mail account. It is also known as a SIP identity or address.
Prestige 2602HW Series User’ s Guide 72 Chapter 3 Wizard Setup Figure 13 Internet Access Wizard Setup: Third Screen Table 9 Internet Access Wizard Se tup: V oice Configuration LABEL DESCRIPTION Active Select this check box to have the Prestige use this SIP account.
Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 73 3.2.7 DHCP Setup DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows in dividual clients to obtain TCP/IP configuration from a server . Y ou can configure the Prestige as a DHCP server or disable it.
Prestige 2602HW Series User’ s Guide 74 Chapter 3 Wizard Setup Figure 14 Internet Access Wizard Setup: Fourth Screen If you want to change your Prestige LAN settings, click Change LAN Configuration to display the screen as shown next.
Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 75 Figure 15 Internet Access Wizard Setup: LAN Configuration The following table describes the fields in this screen. 3.2.9 Internet Access Wizard Setup: Connection T est The Prestige automatically tests the connectio n to the computer(s) connected to the LAN ports.
Prestige 2602HW Series User’ s Guide 76 Chapter 3 Wizard Setup Figure 16 Internet Access Wizard Setup: Connection T ests 3.2.9.1 T est Y our Internet Connection Launch your web brows er and navigate to www .zyxel.com . Interne t access is just the beginning.
Prestige 2602HW Series User’s Guide Chapter 4 Password Setup 77 C HAPTER 4 Password Setup This chapter provides information on the Password screen. 4.1 Password Overview It is highly recommended that you ch ange the password for accessing the Prestige.
Prestige 2602HW Series User’ s Guide 78 Chapter 4 Password Setup.
Prestige 2602HW Series User’s Guide Chapter 5 LAN Setup 79 C HAPTER 5 LAN Setup This chapter describes how to configure LAN settings. 5.1 LAN Overview A Local Area Network (LAN) is a shared comm unication system to which many computers are attached.
Prestige 2602HW Series User’ s Guide 80 Chapter 5 LAN Setup 5.2 DNS Server Address DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely impo rtant because without it, you must know the IP address of a machine before you can access it.
Prestige 2602HW Series User’s Guide Chapter 5 LAN Setup 81 5.4 LAN TCP/IP The Prestige has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability .
Prestige 2602HW Series User’ s Guide 82 Chapter 5 LAN Setup 5.4.4 Multicast T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of host s on the netwo rk - not everybody and not just 1.
Prestige 2602HW Series User’s Guide Chapter 5 LAN Setup 83 Figure 19 Any IP Example The Any IP fe ature does n ot apply to a computer using eit her a dynamic IP addr ess or a static IP address that is in the same subnet as the Prestige’ s IP address.
Prestige 2602HW Series User’ s Guide 84 Chapter 5 LAN Setup 5.6 Configuring LAN Click LAN and LAN Setup to open the following screen. Figure 20 LAN Setup The following table describes the fields in this screen.
Prestige 2602HW Series User’s Guide Chapter 5 LAN Setup 85 5.7 Configuring S t atic DHCP This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Med ia Access Control) addre ss.
Prestige 2602HW Series User’ s Guide 86 Chapter 5 LAN Setup Figure 21 LAN: S tatic DHCP The following table describes the labels in this screen. Table 13 LAN: S tatic DHCP LABEL DESCRIPTION # This is the index number of the S tatic IP table entry (row).
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 87 C HAPTER 6 W ireless LAN Setup This chapter discusses how to configure W ireless LAN on the Prestige. 6.1 Wireless LAN Introduction This section introduces the wireless LAN and some basic configurations.
Prestige 2602HW Series User’ s Guide 88 Chapter 6 Wireless LAN Setup 6.1.4 RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other . The following figure illustrates a hidden node.
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 89 6.1.5 Fragment ation Threshold A Fragmentation Threshold is the maximum data fragment s ize (between 256 and 2432 bytes) that can be sent in the wireless networ k befor e the Prestige will fragment the packet into smaller data frames.
Prestige 2602HW Series User’ s Guide 90 Chapter 6 Wireless LAN Setup 6.3 Dat a Encryption with WEP WEP encryption scrambles the da ta transmitted between the wireless stations and the access points to keep network communications pr ivate. It encrypts unicast and multicast communications in a network.
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 91 Figure 24 Wirele ss LAN The following table describes the fields in this screen. Table 14 Wirel ess LAN LABEL DESCRIPTION Enable W.
Prestige 2602HW Series User’ s Guide 92 Chapter 6 Wireless LAN Setup 6.5 Configuring MAC Filter The MAC filter screen allows you to configure the Prestige to give exclusive access to up to 32 devices (Allow Association) or exclude up to 32 devices from ac cessing the Prestige (Deny Association).
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 93 Figure 25 MAC Addres s Filter The following table describes the fields in this menu. Table 15 MAC Address F ilter LABEL DESCRIPTION Active Select Ye s from the drop down list box to enable MAC address filtering.
Prestige 2602HW Series User’ s Guide 94 Chapter 6 Wireless LAN Setup 6.6 Network Authentication Y ou can set the Prestige and your ne twork to authenticate a wirele ss station before the wireless station can communicate with th e Prestige and the wired network to which the Prestige is connected.
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 95 • Access-Reject Sent by a RADIUS server rejecting access. • Access-Accept Sent by a RADIUS server allowing access. • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access.
Prestige 2602HW Series User’ s Guide 96 Chapter 6 Wireless LAN Setup 3 The wireless station replies with identity info rmation, including username and password. 4 The RADIUS server checks the user informa tion against its user profile database and determines whether or not to au thenticate the wireless station.
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 97 By generating unique data encryption keys for ev ery data packet and by creating an integrity checking mechanism (MIC), TKIP makes it much more dif ficult to decode data on a W i-Fi network than WEP , making it dif ficult for an intruder to break into the network.
Prestige 2602HW Series User’ s Guide 98 Chapter 6 Wireless LAN Setup 2 The RADIUS server then checks the user's iden tification against its database and grants or denies network access accordingly .
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 99 6.1 1 Wireless Client WP A Supplicants A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WP A.
Prestige 2602HW Series User’ s Guide 100 Chapter 6 Wireless LAN Setup 6.12.1 Authenticatio n Required: 802.1x Select Authentication Required in t he Wir eless Port Control field and 802.1x in the Key Management Protocol field to display the next screen.
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 101 T able 18 Wireless LAN: 802.1x/WP A for 802.1x Protocol LABEL DESCRIPTION Wireless Port Control T o control wireless stations access to the wired netwo rk, sele ct a control method from the drop-down list box.
Prestige 2602HW Series User’ s Guide 102 Chapter 6 Wireless LAN Setup Note: Once you enable user auth entication, y ou need to specify an external RADIUS server or create local user account s on the Prestige for authentication.
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 103 6.12.3 Authenticatio n Required: WP A-PSK Select Authentication Required in the Wireless Port Contr ol field and WP A-PSK in the Key Management Protocol field to display the next screen.
Prestige 2602HW Series User’ s Guide 104 Chapter 6 Wireless LAN Setup Figure 32 Wireless LAN: 802.1x/WP A for WP A-PSK Protocol The following table describes the labels not previously discussed. Table 20 Wireless LAN: 802.1x/WP A for W P A-PSK Protocol LABEL DESCRIPTION Key Management Protocol Choose WP A-PSK in this field.
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 105 6.13 Configuring Local User Authentication By storing user profiles locally , your Prestige is able to authenticate wireless users without interacting with a network RADIUS server .
Prestige 2602HW Series User’ s Guide 106 Chapter 6 Wireless LAN Setup 6.14 Configuring RADIUS Once you enable the EAP authentication, you need to specify th e external sever for remote user authenticatio n and accounting. T o set up your Prestige’ s RADIUS server settings, c lick WIRELESS LAN , RADIUS .
Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 107 Table 22 RADIUS LABEL DESCRIPTION Authentication Server Active Select Ye s fro m the drop-down list box to enable user authentication through an external authentication server .
Prestige 2602HW Series User’ s Guide 108 Chapter 6 Wireless LAN Setup.
Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 109 C HAPTER 7 W AN Setup This chapter describes how to configure W A N settings. 7.1 W AN Overview A W AN (W ide Area Network) connection is a conn ection to another network or the Internet. See Chapter 3 on pa ge 63 for more information on th e fields in the W AN screens.
Prestige 2602HW Series User’ s Guide 110 Chapter 7 WAN Setup 7.3 PPPoE Encap sulation The Prestige supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF Draft standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.
Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 111 Figure 35 Example of T raffic Shaping 7.5 Zero Configuration Internet Access Once you turn on and connect the Prestige to a telephone jack.
Prestige 2602HW Series User’ s Guide 112 Chapter 7 WAN Setup Figure 36 W A N Setup (PPPoE) The following table describes the fields in this screen. Table 23 WAN S e t u p LABEL DESCRIPTION Name Enter the name of your Internet Service Provider , e.g.
Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 113 Encapsulation Select th e method of encapsulatio n used by your ISP from the drop-down list box. Choices vary depending on the mode you select in th e Mode field. If you select Bridge in the Mode field, select either PPPoA or RFC 1483 .
Prestige 2602HW Series User’ s Guide 114 Chapter 7 WAN Setup 7.7 T raffic Redirect T raffic redirect forwards traffic to a backup gateway when the Prestige cannot connect to the Internet.
Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 115 Figure 37 T raffic Redirect Example The following network topology allows you to avoid triangle route security issues when the backup gateway is co nnected to the LAN.
Prestige 2602HW Series User’ s Guide 116 Chapter 7 WAN Setup Figure 39 W A N Backup The following table describes the fields in this screen. Table 24 WAN B a c k up LABEL DESCRIPTION Backup T ype Se lect the method that the Pr esti ge uses to check the DSL connection .
Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 117 T imeout T ype the number of seconds (3 recommended) for your Prestige to wait for a ping response from one of the IP addresses in the Check W AN IP Address field before timing out the request.
Prestige 2602HW Series User’ s Guide 118 Chapter 7 WAN Setup.
Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 119 C HAPTER 8 Network Address T ranslation (NA T) Screens This chapter discusses how to configure NA T on the Prestige.
Prestige 2602HW Series User’ s Guide 120 Chapt er 8 Network Addre ss Translation (NA T) Screens 8.1.2 What NA T Do es In the simplest form, NA T changes the sour ce IP address in a packet received from a subscriber (the inside local address) to anothe r (the inside global address) before forwarding the packet to the W AN side.
Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 121 Figure 40 How NA T Works 8.1.4 NA T Application The following figure illustrates a possible NA T application, wher e three inside LANs (logical LANs using IP Alias) behind the Prestige can communicate with three distinct W AN networks.
Prestige 2602HW Series User’ s Guide 122 Chapt er 8 Network Addre ss Translation (NA T) Screens • One to One : In One-to-One mode, the Prestige maps one local IP address to one global IP address. • Many to One : In Many-to-One mode, the Prestige maps multiple local IP addresses to one global IP address.
Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 123 • Choose Full Featur e if you have multiple public W AN IP addresses for your Prestige.
Prestige 2602HW Series User’ s Guide 124 Chapt er 8 Network Addre ss Translation (NA T) Screens 8.3.3 Configuring Ser vers Behind SUA (Example) Let's say you want to assign po rts 21-25 to one FTP , T elnet and SMTP server (A in the example), port 80 to another (B in the exam ple) and assign a default server IP address of 192.
Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 125 Figure 43 NA T Mode The following table describes the labels in this screen.
Prestige 2602HW Series User’ s Guide 126 Chapt er 8 Network Addre ss Translation (NA T) Screens Figure 44 Edit SUA/NA T Server Set The following table describes the fields in this screen. T able 29 Edit SUA/NA T Server Set LABEL DESCRIPTION S tart Port No.
Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 127 8.6 Configuring Address Mapping Ordering your rules is important because the Pr estige applies the rules in the order that you specify .
Prestige 2602HW Series User’ s Guide 128 Chapt er 8 Network Addre ss Translation (NA T) Screens 8.7 Editing an Address Mapping Rule T o edit an address mapping rule, click the rule’ s link in the NA T Address Mapping Rules screen to display the screen sh own next.
Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 129 Table 31 Address Mapping Rule Edit LABEL DESCRIPTION Ty p e Choose the port mapping type from one of the fo llowing. • One-to-One : One-to-One mode maps one local IP address to o ne global IP address.
Prestige 2602HW Series User’ s Guide 130 Chapt er 8 Network Addre ss Translation (NA T) Screens.
Prestige 2602HW Series User’s Guide Chapter 9 Introdu ction to VoIP 131 C HAPTER 9 Introduction to V oIP This chapter provides backgro und information on V oIP and SIP . 9.1 Introduction to V oIP V oIP is the sendin g of voice signals over th e Internet Protocol.
Prestige 2602HW Series User’ s Guide 132 Chapter 9 Intr oduction to VoIP 9.2.1.2 SIP Service Domain The SIP service domain of the V oIP service provid er is the domain name in a SIP URI. For example, if the SIP address is 1 122334455@ V oIP-provider .
Prestige 2602HW Series User’s Guide Chapter 9 Introdu ction to VoIP 133 9.2.3.1 SIP User Agent Server A SIP user agent server can make and receive V o IP telephone ca lls. This means that SIP can be used for peer-to-peer comm unications even though it is a client-server p rotocol.
Prestige 2602HW Series User’ s Guide 134 Chapter 9 Intr oduction to VoIP Figure 48 SIP Proxy Server 9.2.3.3 SIP Re direct Server A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends the translated IP address back to th e device that sent the request.
Prestige 2602HW Series User’s Guide Chapter 9 Introdu ction to VoIP 135 Figure 49 SIP Redirect Server 9.2.3.4 SIP Re gister Server A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your u ser name and password when you register .
Prestige 2602HW Series User’ s Guide 136 Chapter 9 Intr oduction to VoIP 9.5 V oice Coding A codec (coder/decoder) codes anal og voice signals into digital signals and decodes the digital signals back into voice signals. The Prestige supports the following c odecs.
Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 137 C HAPTER 10 V oice Screens This chapter describes how to configure advanced V oIP , QoS, phone and phone book setting s. 10.1 V oice Screens Introduction This chapter covers th e configuration of the Vo I P screens.
Prestige 2602HW Series User’ s Guide 138 Chapter 10 Voice Screens 10.3 Advanced V oice Settings Configuration Click Vo i c e in the navigation panel and then SIP Settings to open the SIP Settings screen. Select a SIP account and then click Settings to display the following screen.
Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 139 Figure 51 V oice Advanc ed Setup The following table describes the labels in this screen. Table 34 Voice Advanced Setup LABEL DESCRIPTION Advanced V oIP Settings This read-only field displays th e num ber of the SIP account that you a re configuring.
Prestige 2602HW Series User’ s Guide 140 Chapter 10 Voice Screens 10.4 Quality of Service (QoS) Quality of Service (QoS) refers to both a networ k's ability to deliver data with minimum delay , and the networking methods used to provide ba ndwidth for real-time mu ltimedia applications.
Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 141 10.4.2 DiffServ DiffServ is a class of service (CoS) mode l that ma rks pac kets so that they receive specific per - hop treatment at DiffServ-compliant network de vices along the route based on the application types and traf fic flow .
Prestige 2602HW Series User’ s Guide 142 Chapter 10 Voice Screens Figure 53 QoS The following table describes the labels in this screen. 10.6 Phone Y ou can configure the volume, ec ho cancellation and V AD settings for each individual phone port on the Prestige.
Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 143 10.6.1 V oice Activity D etection/Silence Suppression V oice Activity Detection (V AD) detects whether or not speech is present. This lets the Prestige reduce the bandwidth that a call uses by not transmitting “sile nt packets” when you are not speaking.
Prestige 2602HW Series User’ s Guide 144 Chapter 10 Voice Screens The following table describes the labels in this screen. 10.8 S peed Dial Speed dial provides shortcuts for dialin g frequently used (V oIP) phone numbers. 10.8.1 Peer-to-Peer Calls Y ou can call another V oIP device directly with out going throug h a SIP server .
Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 145 10.9 S peed Dial Configuration Click Vo i c e in the navigati on panel and then Speed Dial to display the following screen. Figure 55 S peed Dial The following table describes the labels in this screen.
Prestige 2602HW Series User’ s Guide 146 Chapter 10 Voice Screens 10.10 Lifeline (Prestige 2602HW -L) W ith lifeline you can make and receive regula r phone calls. Use a prefix number to make a regular call. When the Prestige 2602HW -L does not have power , you can make regular call s without dialing a prefix n umber .
Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 147 Figure 56 Lifeline The following table describes the labels in this screen. 10.12 Common Phone Port Configuration Click PHONE in the navigation panel an d then Common to display the following screen.
Prestige 2602HW Series User’ s Guide 148 Chapter 10 Voice Screens Figure 57 Phone Port Common The following table describes the labels in this screen. Table 39 Phone Port Common LABEL DESCRIPTION Country Settings Use the drop-down list box to sele ct the country wh ere your P restige is located.
Prestige 2602HW Series User’s Guide Chapter 11 Dynamic DNS Setup 149 C HAPTER 11 Dynamic DNS Setup This chapter discusses how to configure your Prestige to use Dynamic DNS.
Prestige 2602HW Series User’ s Guide 150 Chapter 1 1 Dynamic DNS Setup Figure 58 Dynamic DNS The following table describes the fields in this screen. Table 40 Dynamic DNS LABEL DESCRIPTION Active Select this check box to use dynamic DNS. Service Provider This is the name of your Dynami c DNS service provi der .
Prestige 2602HW Series User’s Guide Chapter 12 Time and Date 151 C HAPTER 12 T ime and Date Use this screen to configure the Prestige’ s time and date settings.
Prestige 2602HW Series User’ s Guide 152 Chapter 12 Time and Da te Figure 59 T ime and Date The following table describes the fields in this screen. Table 42 T ime and Date LABEL DESCRIPTION T ime Server Use Protocol when Bootup Select the time service protocol that your time server sends when you turn on the Prestige.
Prestige 2602HW Series User’s Guide Chapter 12 Time and Date 153 S tart Date Enter the month and day that your daylight -savings time start s on if yo u selected Daylight Savings . End Date Ente r the month and day that your daylig ht-savings time ends on if you selected Daylight Savings .
Prestige 2602HW Series User’ s Guide 154 Chapter 12 Time and Da te.
Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 155 C HAPTER 13 Firewalls This chapter gives some backgr ound information on firewalls and introduces the Prestige firewall. 13.1 Firewall Overview Originally , the term firewall referred to a construction techni que designed to prevent the spread of fire from one room to another .
Prestige 2602HW Series User’ s Guide 156 Chapter 13 Firewalls Information hiding prevents the names of in ternal systems from being made known via DNS to outside systems, since the ap plication gateway is the only ho st whose name must be m ade known to outside systems.
Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 157 13.3.1 Denial of Service Att acks Figure 60 Prestige Firewall Application 13.4 Denial of Service Denials of Service (DoS) attacks are aimed at devices and networks w ith a connection to the Internet.
Prestige 2602HW Series User’ s Guide 158 Chapter 13 Firewalls 13.4.2 T ypes of DoS Att acks There are four types of DoS attacks: 1 Those that exploit bugs in a TCP/IP implementation. 2 Those that exploit weaknesses in the TCP/IP specification. 3 Brute-force attacks that flood a network with useless data.
Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 159 Figure 61 Three-W ay Handshake Under normal circumstances, the applica tion that initiates a session sends a SYN (synchronize) packet to the receiving server .
Prestige 2602HW Series User’ s Guide 160 Chapter 13 Firewalls amount of ICMP echo request and response traffic. If a hacker chooses to spoof the source IP address of the ICMP echo request packet, th.
Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 161 13.4.2.3 T raceroute T raceroute is a utility used to determine th e path a packet takes between two endpoints. Sometimes when a packet filter firewall is conf igured incorrectly an at tacker can traceroute the firewall gaining knowledge of the network topology inside the firewall.
Prestige 2602HW Series User’ s Guide 162 Chapter 13 Firewalls Figure 64 S tateful Inspection The previous figure shows the Prestige’ s default firewall rules in action as well as demonstrates how stateful inspection works. User A can initiate a T elnet session from within the LAN and responses to this request are allowe d.
Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 163 temporary entries might be modified, in order to permit only packets that are valid for the current state o f the conn ection.
Prestige 2602HW Series User’ s Guide 164 Chapter 13 Firewalls When the Prestige receives any subsequent packet (from the In ternet or from the LAN), its connection information is extracted and checked against the cache.
Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 165 • Limit who can telnet into your router . • Don't enable any local service (such as SN MP or NTP) that you don't use. Any enab led service could present a potential sec urity risk.
Prestige 2602HW Series User’ s Guide 166 Chapter 13 Firewalls • Always shred confidential in formation, particularly about your computer , before throwing it away . Some hackers dig through the trash of companies or individuals for information that might he lp them in an attack.
Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 167 • A range of source an d destination IP address es as well as port numbers can be specified within one firewall rule making the fire wall a better choice when complex rules are required.
Prestige 2602HW Series User’ s Guide 168 Chapter 13 Firewalls.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 169 C HAPTER 14 Firewall Configuration This chapter shows you how to enable and configure the Prestige firewall. 14.1 Access Methods The web configurator is, by far , the most co mprehensive firewall configuration tool yo ur Prestige has to offer .
Prestige 2602HW Series User’ s Guide 170 Chapter 14 Firewall Configuration Note: If you configure firewall rules wit hout a good underst anding of how they work, you might inadvertently introduce securi ty risks to the f irewall and to the protected network.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 171 4 Does a rule that allows Internet users acces s to resources on the LAN create a security vulnerability? For example, if FTP ports (TCP 20, 21) are al lowed from the Internet to t he LAN, Internet users may be able to connect to computers with running FTP servers.
Prestige 2602HW Series User’ s Guide 172 Chapter 14 Firewall Configuration 14.4.1 LAN to W AN Rules The default rule for LAN to W AN traffic is that all use rs on the LAN are allowed non- restricted access to the W AN.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 173 14.4.3 Alert s Alerts are reports on events, such as attacks, that you may want to know about right away .
Prestige 2602HW Series User’ s Guide 174 Chapter 14 Firewall Configuration 14.6 Rule Summary Note: The ordering of your rule s is very import ant as rules are app lied in turn. Click on Fire wall , then Rule Summary to bring up the following screen.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 175 Figure 68 Firewall: Rule Summary Table 48 Rule Summary LABEL DESCRIPTION Firewall Rules S torage Sp ace in Use This read-only bar shows how much of the Prestige' s memory for recording firewall rules it is currently using.
Prestige 2602HW Series User’ s Guide 176 Chapter 14 Firewall Configuration 14.6.1 Configuring Firewall Rules Follow these directions to create a new rule.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 177 Figure 69 Firewall: Edit Rule The following table describes the labels in this screen.
Prestige 2602HW Series User’ s Guide 178 Chapter 14 Firewall Configuration Table 49 Firewall: Edit Rule LABEL DESCRIPTION Active Select this option to ena ble this firewall rule. Action for Matched Packet Use the radio button to select whether to disca rd ( Block ) or allow th e passage of ( Forward ) packets that match this rule.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 179 14.7 Customized Services Configure customized services and port numb ers not predefined by the Prestige. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website.
Prestige 2602HW Series User’ s Guide 180 Chapter 14 Firewall Configuration Figure 71 Firewall: Configure Customized Services The following table describes the labels in this screen. 14.9 Example Firewall Rule The following Internet firewa ll rule example allows a hypot hetical “My Service” connection from the Internet.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 181 Figure 72 Firewall Example: Rule Summary 3 In the Rule Summary screen, type the index number for where you want to put the rule. For example, if you type “6”, your new rule becomes number 6 and the previous rule 6 (i f there is one) becomes rule 7.
Prestige 2602HW Series User’ s Guide 182 Chapter 14 Firewall Configuration Figure 73 Firewall Example: Edit Ru le: Des tination Address 7 In the Edit Rule screen, click the Edit Customized Services link to open the Customized Services screen. 8 Click the number of a customized service to open the configuratio n screen.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 183 Figure 75 Firewall Example: Edit Rule: Select Customized Services Note: Custom ports show up with an “*” before their names in the Services list b ox and the Rule Summary list box.
Prestige 2602HW Series User’ s Guide 184 Chapter 14 Firewall Configuration Figure 76 Firewall Example: Rule Summary: My Service 14.10 Predefined Services The A vailable Services list box in the Edit Rule screen (see Section 1 4.6.1 on page 176 ) displays all predefined services that the Prestig e already supports.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 185 HTTP(TCP:80) Hyper T ext Transfer Protocol - a cl ient/server protocol for the world wide web. HTTPS HTTPS is a secured ht tp session of ten used in e-commerce. ICQ(UDP:4000) This is a popular Internet chat program.
Prestige 2602HW Series User’ s Guide 186 Chapter 14 Firewall Configuration 14.1 1 Anti-Probing If an outside user attempts to probe an unsupp orted port on your Prestige, an ICMP respon se packet is automatically returned. This allows the outside user to know the Prestige exists.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 187 Figure 77 Firewall: Anti Probing The following table describes the labels in this screen. 14.12 DOS Thresholds For DoS attacks, the Prestige uses thresholds to determine when to drop s essions that do not become fully established.
Prestige 2602HW Series User’ s Guide 188 Chapter 14 Firewall Configuration 14.12.1 Threshold V alues T une these parameters when some thing is not working an d after you have checked the firewall counters. These default values sh ould work fine for most small offices.
Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 189 Whenever the number of half-o pen sessions with the same destin ation host address rises above a threshold ( TCP Maximum In.
Prestige 2602HW Series User’ s Guide 190 Chapter 14 Firewall Configuration One Minute High This is the rate of new half-ope n sessions that causes the firewall to start deleting half-open sessions.
Prestige 2602HW Series User’s Guide Chapter 15 Content Filtering 191 C HAPTER 15 Content Filtering This chapter covers how to configure content filtering. 15.1 Content Filtering Overview Internet content filtering allows you to create and enforce Internet access policies tailored to your needs.
Prestige 2602HW Series User’ s Guide 192 Chapter 15 Content Filtering Figure 79 Content Filter: Keyword The following table describes the labels in this screen. 15.3 Configuring the Schedule T o set the days and times for the Prestige to perform content filtering, click Con tent Filter and Schedule .
Prestige 2602HW Series User’s Guide Chapter 15 Content Filtering 193 Figure 80 Content Filter: Schedule The following table describes the labels in this screen. 15.4 Configuring T rusted Computers T o exclude a range of users on the LAN from content filtering on your Prestige, click Content Filter and Tr u s t e d .
Prestige 2602HW Series User’ s Guide 194 Chapter 15 Content Filtering Figure 81 Content Filter: T rusted The following table describes the labels in this screen.
Prestige 2602HW Series User’s Guide Chapter 16 Introduction to IPSec 195 C HAPTER 16 Introduction to IPSec This chapter introduces the basics of IPSec VPNs. 16.1 VPN Overview A VPN (V irtual Private Network) provides sec ure communications betw een sites without the expense of leased site-to-site lines.
Prestige 2602HW Series User’ s Guide 196 Chapter 1 6 Introduction t o IPSec Figure 82 Encryption and Decryption 16.1.3.2 Dat a Confidentiality The IPSec sender can encrypt packets befo re transmitting them across a network.
Prestige 2602HW Series User’s Guide Chapter 16 Introduction to IPSec 197 16.2 IPSec Architecture The overall IPSec architect ure is shown as follows.
Prestige 2602HW Series User’ s Guide 198 Chapter 1 6 Introduction t o IPSec Figure 84 T ransport and T unnel Mode IPSec Encap sulation 16.3.1 T ransport Mode Tr a n s p o r t mode is used to protect up per layer prot ocols and only af fects the data in the IP packet.
Prestige 2602HW Series User’s Guide Chapter 16 Introduction to IPSec 199 NA T is incompatible with the AH protocol in both Tr a n s p o r t and T unnel mode. An IPSec VPN using the AH protocol digitally sig ns the outbound packet, both data payload and headers, with a hash value appe nded to the pack et.
Prestige 2602HW Series User’ s Guide 200 Chapter 1 6 Introduction t o IPSec.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 201 C HAPTER 17 VPN Screens This chapter introduces the VPN screens. See th e chapter on logs for information on viewing logs and the appendix on l ogs for IPSec log descriptions.
Prestige 2602HW Series User’ s Guide 202 Chapter 17 VP N Screens 17.2.2 ESP (Encap sulating Security Payload) Protocol The ESP protocol (RF C 2406) provides encryptio n as well as the services offered by AH .
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 203 • If the W AN connection goes down, the Prestige uses the dial backup IP address for the VPN tunnel when usin g dial backup or the LAN IP address when using traf fic redirect. See the chapter on W AN for details on dial backup and traf fic redirect.
Prestige 2602HW Series User’ s Guide 204 Chapter 17 VP N Screens Click VPN and Setup to open the VPN Summary screen. This is a re ad-only menu of your IPSec rules (tunnels). The IPSec summa ry menu is read-only . Edit a VPN by selecting an index number and then con figuring its associated su bmenus.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 205 17.6 Keep Alive When you initiate an IPSec tunnel with keep alive enabled, the Prestige automatically renegotiates the tunnel wh en the IPSec SA lifetime period expires (see Section 17.12 on page 214 for more on the IPSec SA lifetime).
Prestige 2602HW Series User’ s Guide 206 Chapter 17 VP N Screens The following figure depicts an example wher e three VPN tunnels are created from Prestige A; one to branch of fice 2, one to branch office 3 and another to headqu arters.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 207 17.8.1 NA T T raversal Configuration For NA T traversal to work you must: • Use ESP security protocol (in either transport or tunnel mode). • Use IKE keying mode. • Enable NA T traversal on both IPSec endpoints.
Prestige 2602HW Series User’ s Guide 208 Chapter 17 VP N Screens 17.9.1 ID T ype and Content Examples T wo IPSec routers must have matching ID type and content configuration in order to set up a VPN tunnel. The two Prestiges in this ex ample can complete negotiation and establish a VPN tunnel.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 209 The two Prestiges in this ex ample cannot complete their negotiation because Prestige B’ s Local ID type is IP , but Prestige A ’ s Peer ID type is set to E-mail . An “ID mismatche d” message displays in the IPSEC LOG .
Prestige 2602HW Series User’ s Guide 210 Chapter 17 VP N Screens Figure 89 VPN IKE The following table describes the fields in this screen..
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 211 Table 65 VPN IKE LABEL DESCRIPTION IPSec Setup Active Select this check box to activate this VPN policy . This option determines whether a VPN rule is applied before a packet leaves the firewall.
Prestige 2602HW Series User’ s Guide 212 Chapter 17 VP N Screens IP Address S tart When the Lo cal Address T yp e field is configured to Singl e , enter a (static) IP address on the LAN behind your Prestige.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 213 My IP Address Enter the WAN IP address of your Prestige. The VPN tunnel has to be rebuilt if this IP address changes. The following applies if this field is configured as 0.0.0.0 : The Prestige uses the current Prestige WAN IP address (static or dynamic) to set up the VPN tunnel.
Prestige 2602HW Series User’ s Guide 214 Chapter 17 VP N Screens 17.12 IKE Phases There are two phases to every IKE (Internet Key Exchange) ne gotiation – phase 1 (Authentication) and ph ase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate SAs for IPSe c.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 215 Figure 90 T wo Phases to Set Up the IPSec S A In phase 1 you must: • Choose a negotiation mode. • Authenticate the connection by entering a pre-shared key . • Choose an encryption algorithm.
Prestige 2602HW Series User’ s Guide 216 Chapter 17 VP N Screens 17.12.1 Negotiation Mode The phase 1 Negotiation Mode you select determines how the Security Association (SA) will be established for each conn ection through IKE negotiations.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 217 Figure 91 VPN IKE: Advanced Setup The following table describes the fields in this screen. Table 66 VPN IKE: Advanced Setup LABEL DESCRIPTION VPN - IKE Protocol Enter 1 for ICMP , 6 for TCP , 17 for UDP , etc.
Prestige 2602HW Series User’ s Guide 218 Chapter 17 VP N Screens Remote S tart Port 0 is the default and signifies any port. T y pe a port number from 0 to 65535. Some of the mo st common I P port s are: 2 1, FTP; 53, DNS; 23, T elnet; 80, HTTP; 25, SMTP; 1 10, POP3.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 219 17.14 Manual Key Setup Manual key managemen t is useful if you have problems with IKE key mana gement. 17.14.1 Security Parameter Index (SPI) An SPI is used to distinguish dif ferent SAs te rminating at the same de stination and using the same IPSec protocol.
Prestige 2602HW Series User’ s Guide 220 Chapter 17 VP N Screens 17.15 Configuring Manual Key Y ou only configure VPN Man ual Key when you select Manual in the IPSec Key Mode field on the VPN IKE screen. This is the VPN Manual Key screen as shown next.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 221 Table 67 VPN: Manual Key LABEL DESCRIPTION IPSec Setup Active Select this check box to activate this VPN policy . Name T ype up to 32 characters to identify this VPN policy . Y ou may use any character , including spaces, but the Prestige drops trailing spaces.
Prestige 2602HW Series User’ s Guide 222 Chapter 17 VP N Screens End / Subnet Mask When the Remote Address T ype field is configured to Single , this field is N/A. When the Remote Ad dress T ype field is configured to Range , enter the end (static) IP address, in a range of computers on the network behind the remote IPSec router .
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 223 17.16 V iewing SA Monitor Click VPN and Monitor to open the SA Monitor screen as shown. Use this screen to display and manage activ e VPN conn ections. A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel.
Prestige 2602HW Series User’ s Guide 224 Chapter 17 VP N Screens Figure 93 VPN: SA Monitor The following table describes the fields in this screen. Table 68 VPN: SA Monitor LABEL DESCRIPTION No This is the security association index nu mber . Name This field displays the identifi cation name for this VPN policy .
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 225 17.17 Configuring Global Setting T o change your Prestige’ s global settings, click VPN and the n Global Setting . The screen appears as shown. Figure 94 VPN: Global Setting The following table describes the fields in this screen.
Prestige 2602HW Series User’ s Guide 226 Chapter 17 VP N Screens Figure 95 T elecommuters Sharing One VPN Rule Example 17.18.2 T elecommuters Usin g Unique VPN Rules Example In this example the tele.
Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 227 Figure 96 T elecommuters Using Unique VPN Rules Example Table 71 T elecommuters Using Unique VPN Rules Example T ELECOMMUTERS HEADQUARTERS All T elecommu ter Rules: All Headquarters Rules: My IP Address 0.
Prestige 2602HW Series User’ s Guide 228 Chapter 17 VP N Screens 17.19 VPN and Remote Management If a VPN tunnel uses T elnet, FTP , WWW , then you should configure remo te management ( Remote Management ) to allow access for that service.
Prestige 2602HW Series User’s Guide Chapter 18 Remote M anagement Configura tion 229 C HAPTER 18 Remote Management Configuration This chapter provides information on config uring remote management.
Prestige 2602HW Series User’ s Guide 230 Chapter 18 Remote Manag ement Configuration • A filter in SMT menu 3.1 (LAN) or in menu 1 1 .5 (W AN) is applied to block a T elnet, FTP or W eb service. • Y ou have disabled that service in one of the remote management screens.
Prestige 2602HW Series User’s Guide Chapter 18 Remote M anagement Configura tion 231 18.4 W eb Y ou can use the Prestige’ s embedded web configurator for co nfiguration and file management. See the online help for details. 18.5 Configuring Remote Management Click Remote Management to open the following screen.
Prestige 2602HW Series User’ s Guide 232 Chapter 18 Remote Manag ement Configuration.
Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 233 C HAPTER 19 Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configura tor .
Prestige 2602HW Series User’ s Guide 234 Chapter 19 Universa l Plug-and-Play (UPnP) All UPnP-enabled devices may communicate freely with eac h other without additional configuration.
Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 235 19.3 Inst alling UPnP in Windows Example This section shows ho w to install UPnP in W indows Me and W indows XP . Inst alling UPnP in Windows Me Follow the steps below to inst all the UPnP in W indows Me.
Prestige 2602HW Series User’ s Guide 236 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 100 Add/Remove Programs: Wind ows Setup: Communication 3 In the Communications window , select the Universal Plug and Play check box in the Components selection box.
Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 237 Inst alling UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP .
Prestige 2602HW Series User’ s Guide 238 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 103 Windows Optiona l Networking Component s Wizard 5 In the Networking Services window , select the Universal Plug and Play check box.
Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 239 Figure 104 Networking Services 6 Click OK to go back to the W indows Optional Networking Component W izard window and click Next . 19.4 Using UPnP in Windows XP Example This section shows yo u how to use the UPn P feature in W indows XP .
Prestige 2602HW Series User’ s Guide 240 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 105 Network Connections 3 In the Internet Connection Properties window , click Se ttings to see the port mappings there were automatically created.
Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 241 Figure 106 Internet Connection Properties 4 Y ou may edit or delete the port map pings or click Add to manually add port mappings.
Prestige 2602HW Series User’ s Guide 242 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 107 Internet Connection Properties: Adva nced Settings Figure 108 Internet Connection Proper ties: Adva nced Settings: Add 5 When the UP nP-enabled device is disco nnected from your computer , all port mappings will be deleted automatically .
Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 243 Figure 109 System T ray Icon 7 Double-click on the icon to display yo ur curr ent Internet connection st atus.
Prestige 2602HW Series User’ s Guide 244 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 1 1 1 Network Connections 4 An icon with the description for e ach UPnP-enabled device displays unde r Local Network . 5 Right-click on the icon for your Prestige and select Invoke .
Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 245 Figure 1 12 Network Connections: My Network Places 6 Right-click on the icon for your Prestige and select Pr operties . A properties window displays with basic information about the Prestige.
Prestige 2602HW Series User’ s Guide 246 Chapter 19 Universa l Plug-and-Play (UPnP).
Prestige 2602HW Series User’s Guide Chapter 20 Logs Scree ns 247 C HAPTER 20 Logs Screens This chapter contains inform ation about configuring genera l log settings and viewing the Prestige’ s logs. Refer to the appendix for example log message explanations.
Prestige 2602HW Series User’ s Guide 248 Chapter 20 Log s Screens Figure 1 14 Log Settings.
Prestige 2602HW Series User’s Guide Chapter 20 Logs Scree ns 249 The following table describes the fields in this screen. Table 74 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e -mail addresses specified below .
Prestige 2602HW Series User’ s Guide 250 Chapter 20 Log s Screens 20.3 Displaying the Logs Click Logs and then Vi e w L o g to open the Vie w L o g s sc reen. Use the Vi e w L o g s screen to see the logs for the categorie s that you selected in the Log Settings screen (see Section 20.
Prestige 2602HW Series User’s Guide Chapter 20 Logs Scree ns 251 E-mail error messages appear in SMT menu 24.3.1 as "SMTP action request failed. ret= ??". The “??"are described in the following table. 20.4.1 Example E-mail Log An "End of Log" message displays for each ma il in which a complete log has been sent.
Prestige 2602HW Series User’ s Guide 252 Chapter 20 Log s Screens Figure 1 16 E-mail Log Example Subject: Firewall Alert From Prestige Date: Fri, 07 Apr 2000 10:05:42 From: user@zyxel.com To: user@zyxel.com 1| Apr 7 00 |From:192.168.1.1 To:192.168.1.
Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 253 C HAPTER 21 Maintenance This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics.
Prestige 2602HW Series User’ s Guide 254 Chapter 21 Maintenance Figure 1 17 System S tatus.
Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 255 The following table describes the fields in this screen. Table 77 System S tatus LABEL DESCRIPTION System S tatus System Name This is the name of your Pre stige. It is for identification purposes.
Prestige 2602HW Series User’ s Guide 256 Chapter 21 Maintenance 21.2.1 System St atistics Click Show S tatistics in the System S tatus screen to open the following screen. Read-only information here includes port status and packet specific statistics.
Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 257 21.3 DHCP T able Screen DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows in dividual clients to obtain TCP/IP configuration at star t-up from a server . Y ou can configure the Prestige as a DHCP server or disable it.
Prestige 2602HW Series User’ s Guide 258 Chapter 21 Maintenance Figure 1 19 DHCP T able The following table describes the fields in this screen. 21.4 Any IP T able Screen Click Maintenance , Any IP .
Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 259 21.5 Wireless Screen The read-only screen displays informa tion about the Prestige’ s wireless LAN. 21.5.1 Association List This screen displays the MAC address(es) of the wireless stations that are currently logged in to the network.
Prestige 2602HW Series User’ s Guide 260 Chapter 21 Maintenance 21.6 Diagnostic Screens These read-only screens display information to help you identify proble ms with the Prestige. 21.6.1 Diagnostic General Screen Click Diagnostic and then General to open the screen sho wn next.
Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 261 Figure 123 Diagnostic: DSL Line The following table describes the fields in this screen. Table 83 Diagnostic: DSL Line LABEL DESCRIPTION Reset ADSL Line Click this button to reinitialize the ADSL line.
Prestige 2602HW Series User’ s Guide 262 Chapter 21 Maintenance 21.7 Firmware Screen Find firmware at www .zyxel.com in a file that (usually) uses the system model name with a "*.bin" extension, e.g., "Prestige.bin". The upload process uses HTTP (Hypertext T ransfer Protocol) and may take up to two minutes.
Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 263 The Prestige automatically restarts in this time causing a temporary networ k disconnect.
Prestige 2602HW Series User’ s Guide 264 Chapter 21 Maintenance.
Prestige 2602HW Series User’s Guide Chapter 22 Intro ducing the SMT 265 C HAPTER 22 Introducing the SMT This chapter explains how to access and na viga te the System Management T erminal and gives an overview of its menus.
Prestige 2602HW Series User’ s Guide 266 Cha pter 22 Introd ucing the SMT Figure 127 Initial Screen 22.2.2 Entering the Password The login screen appears after you press [ENTER] , prompting you to enter the password, as shown below . For your first login, en ter the default password “ 1234 ”.
Prestige 2602HW Series User’s Guide Chapter 22 Intro ducing the SMT 267 22.2.4 Entering Password The login screen appears after you press [ENTER] , prompting you to enter the password, as shown next. For your first login, en ter the default password " 1234 ".
Prestige 2602HW Series User’ s Guide 268 Cha pter 22 Introd ucing the SMT After you enter the password, the SMT di splays the main menu, as shown next.
Prestige 2602HW Series User’s Guide Chapter 22 Intro ducing the SMT 269 22.3.2 SMT Menus Overview The following table gi ves you an overview o f your Prestige’ s various SMT menus. 24 System Maintenance This menu provides syst em status, diagnostics, software upload, etc.
Prestige 2602HW Series User’ s Guide 270 Cha pter 22 Introd ucing the SMT 22.4 Changing the System Password Change the P restige defa u lt password by following the steps show n next. 21 Filter an d Firewall Rule Setup 21.1 Filter Setup 21.1 Filter Rules Summary 21.
Prestige 2602HW Series User’s Guide Chapter 22 Intro ducing the SMT 271 1 Enter 23 in the main menu to display Menu 23 - System Securi ty . 2 Enter 1 to display Menu 23.1 - System Security - Change Password as shown next. 3 T ype your existing system password in the Old Password field, for example “ 1234 ", and press [ENTER] .
Prestige 2602HW Series User’ s Guide 272 Cha pter 22 Introd ucing the SMT.
Prestige 2602HW Series User’s Guide Chapter 23 Menu 1 General Setup 273 C HAPTER 23 Menu 1 General Setup Menu 1 - General Setup contains administra tive an d system-related information. 23.1 General Setup Menu 1 — General Setup contains administrative and system-related information (shown next).
Prestige 2602HW Series User’ s Guide 274 Chapter 23 Menu 1 General Setup Figure 131 Menu 1 General Setu p Fill in the required fields. Refer to the tabl e shown next for more information about these fields. 23.2.1 Procedure to Configure Dynamic DNS Note: If you have a private W AN IP address, then you cannot use dynamic DNS.
Prestige 2602HW Series User’s Guide Chapter 23 Menu 1 General Setup 275 Figure 132 Menu 1.1 Configure Dyn amic DNS Follow the instructions in the next tabl e to configure dynamic DNS parameters. Menu 1.1 - Configure Dynamic DNS Service Provider= WWW.
Prestige 2602HW Series User’ s Guide 276 Chapter 23 Menu 1 General Setup.
Prestige 2602HW Series User’s Guide Chapter 24 Menu 2 WAN Backup Setup 277 C HAPTER 24 Menu 2 W AN Backup Setup This chapter describes how to co nfigure traffic redirect and dial-backup using me nu 2 and 2.1. 24.1 Introduction to W AN Backup Setup This chapter explains how to configure the Prestige for traf fic redirect connections.
Prestige 2602HW Series User’ s Guide 278 Chapter 24 Menu 2 WAN Backup Setup 24.2.1 T raffic Redirect Setup Configure parameters that determine when th e Prestige will forward W AN traffic to the backup gateway using Menu 2.1 — T raffic Redir ect Setup .
Prestige 2602HW Series User’s Guide Chapter 24 Menu 2 WAN Backup Setup 279 Metric Th is field sets this route's prio rity among the routes the Prestige uses. The metric represents the "cost of transm ission". A router determine s the best route for transmission by choosing a path with th e lowest "cost".
Prestige 2602HW Series User’ s Guide 280 Chapter 24 Menu 2 WAN Backup Setup.
Prestige 2602HW Series User’s Guide Chapter 25 Menu 3 LAN Setup 281 C HAPTER 25 Menu 3 LAN Setup This chapter covers how to configure your wired Local Area Network (LAN) settings. 25.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 — LAN Setup .
Prestige 2602HW Series User’ s Guide 282 C hapter 25 Menu 3 LAN Setup • For TCP/IP Ethernet setup refer to Section 27. 6 on page 292 . • For bridging Ethernet setup refer to Chapter 30 on page 3 09 . 25.3 TCP/IP Ethernet Setup and DHCP Use menu 3.
Prestige 2602HW Series User’s Guide Chapter 25 Menu 3 LAN Setup 283 Follow the instructions in the following tabl e to configure TCP/IP parameters for the Ethernet port. Size of Client IP Pool This field specifies the size or count of the IP address pool.
Prestige 2602HW Series User’ s Guide 284 C hapter 25 Menu 3 LAN Setup.
Prestige 2602HW Series User’s Guide Chapter 26 Wireless LAN Setup 285 C HAPTER 26 W ireless LAN Setup This chapter covers how to configure wireless LAN settings in SMT menu 3.5. 26.1 Wireless LAN Overview Refer to the chapter on the wireless LAN scr eens for wireless LAN background information.
Prestige 2602HW Series User’ s Guide 286 C hapter 26 Wireless LAN Setup 26.2.1 Wireless LAN MAC Address Filter The next layer of security is MAC address filter . T o allow a wireless st ation to associate with the Prestige, enter the MAC address of the wireless LAN adapter on that wireless st ation in the MAC address table.
Prestige 2602HW Series User’s Guide Chapter 26 Wireless LAN Setup 287 Figure 139 Menu 3.5.1 WLAN MAC Address Filtering The following table describes the fields in this menu.
Prestige 2602HW Series User’ s Guide 288 C hapter 26 Wireless LAN Setup.
Prestige 2602HW Series User’s Guide Chapter 27 Internet Access 289 C HAPTER 27 Internet Access This chapter shows you how to configure the LAN and W AN of your Prestige for Internet access .
Prestige 2602HW Series User’ s Guide 290 Chapter 27 Internet Access Figure 140 IP Alias Network Example Use menu 3.2.1 to co nfigure IP Alias on your Prestige.
Prestige 2602HW Series User’s Guide Chapter 27 Internet Access 291 Figure 142 Menu 3.2.1 IP Alias Setup Follow the instructions in the following table to configure IP Alias parameters. 27.5 Route IP Setup The first step is to en able the IP routing in Menu 1 — General Setup .
Prestige 2602HW Series User’ s Guide 292 Chapter 27 Internet Access Figure 143 Menu 1 General Setu p 27.6 Internet Access Configuration Menu 4 allows you to enter the Internet Access information in one screen. Menu 4 is actually a simplified setup for one of t he remote nodes that you c an access in menu 1 1.
Prestige 2602HW Series User’s Guide Chapter 27 Internet Access 293 . If all your settings are correct your Prestige shou ld connect automatically to the Internet. If the connection fails, note the error message that you receive on the screen and take the appropriate troubleshooting steps.
Prestige 2602HW Series User’ s Guide 294 Chapter 27 Internet Access.
Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 295 C HAPTER 28 Remote Node Configuration This chapter covers remo te node configuration. 28.1 Remote Node Setup Overview This section describes the protocol-independent parameters for a remote node.
Prestige 2602HW Series User’ s Guide 296 Chapter 28 Remote Node Configu ration Figure 145 Menu 1 1 Remote Node Setup 28.2.2 Encap sulation and Multiplexing Scenarios For Internet access you should use the encapsulation and multiple xing methods used by your ISP .
Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 297 Figure 146 Menu 1 1.1 Remote Node Profile In Menu 1 1.1 – Remote Node Pr ofile , fill in the fields as describ ed in the following table.
Prestige 2602HW Series User’ s Guide 298 Chapter 28 Remote Node Configu ration 28.2.3 Outgoing Au thentication Protocol For obvious reasons, you sho uld employ the strongest authentication protocol possible. However , some vendors’ implementation includes specific authentication protocol in the user profile.
Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 299 28.3 Remote Node Network Layer Options For the TCP/IP parameters, perf orm the following steps to edit Menu 1 1.3 – Remote Node Network Layer Options as shown next. 1 In menu 1 1.
Prestige 2602HW Series User’ s Guide 300 Chapter 28 Remote Node Configu ration 28.3.1 My W AN Addr Sample IP Addresses The following figure uses sample IP addresses to help yo u understand the field of My W AN Addr in menu 1 1.
Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 301 Figure 148 Sample IP Addresses for a TC P/IP LAN-to-LAN Connection 28.4 Remote Node Filter Move the cu rs or to the Edit Filter Sets field in menu 1 1.1, then press [SP ACE BAR] to select Ye s .
Prestige 2602HW Series User’ s Guide 302 Chapter 28 Remote Node Configu ration Figure 149 Menu 1 1.5 Remote Node Filter (RFC 1483 or ENET Encapsu lation) Figure 150 Menu 1 1.5 Remote Node Filter (PPPoA or PPPoE Encapsulation) 28.5 Editing A TM Layer Options Follow the steps shown next to edit Menu 1 1.
Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 303 Figure 151 Menu 1 1.6 for VC-based Multiplexing 28.5.2 LLC-based Multiplexing or PPP Encap sulation For LLC-based multiplexing or PPP encapsulation, one VC ca rries multiple protocols with protocol identifyi ng information bein g contained in each p acket header .
Prestige 2602HW Series User’ s Guide 304 Chapter 28 Remote Node Configu ration Figure 153 Menu 1 1.1 Remote Node Profile Move the cursor to the Edit Advance Options field, press [SP ACE BAR] to select Ye s , then press [ENTER] to display Menu 1 1.8 – Advance Setup Options .
Prestige 2602HW Series User’s Guide Chapter 29 Static Route Setup 305 C HAPTER 29 S t atic Route Setup This chapter shows how to setup IP static routes. 29.1 IP S t atic Route Overview Stat ic routes tell the Prestige ro uting information that i t cann ot learn automatically through other means.
Prestige 2602HW Series User’ s Guide 306 Chapter 29 Static Route Setup Figure 156 Menu 12 S tatic Route Setu p From menu 12, select 1 to open Menu 12.1 — IP S tatic Route Setup (shown next). Figure 157 Menu 12.1 IP S tatic Route Setup Now , type the route number of a st atic route you want to co nfigure.
Prestige 2602HW Series User’s Guide Chapter 29 Static Route Setup 307 T able 102 Menu12.1.1 Edit IP S tatic Ro ute FIELD DESCRIPTION Route # This is the index number of the stat ic route that you chose in menu 12.1. Route Name T ype a descriptive name for this route .
Prestige 2602HW Series User’ s Guide 308 Chapter 29 Static Route Setup.
Prestige 2602HW Series User’s Guide Chapter 30 Bridgin g Setup 309 C HAPTER 30 Bridging Setup This chapter shows you how to configure the bridgin g parameters of your Prestig e.
Prestige 2602HW Series User’ s Guide 310 Chapter 30 Bridging Setup Figure 159 Menu 1 1.1 Remote Node Profile 3 Move the cursor to the Edit IP/Bridge field, then press [ SP ACE BAR ] to set the value to Ye s and pres s [ENTER] to edit Menu 1 1.3 – Remote Node Network Layer Options .
Prestige 2602HW Series User’s Guide Chapter 30 Bridgin g Setup 311 30.2.2 Bridge St atic Route Setup Similar to network layer static routes, a bridging static route tells the Prestige the route to a node before a conn ection is established. Y ou c onfigure bridge static routes in menu 12.
Prestige 2602HW Series User’ s Guide 312 Chapter 30 Bridging Setup.
Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 313 C HAPTER 31 Network Address T ranslation (NA T) This chapter discusses how to configure NA T on the Prestige.
Prestige 2602HW Series User’ s Guide 314 Chapter 31 Network Address Transla tion (NAT) Figure 162 Menu 4 Applying NA T for Internet Access The following figure shows how you ap ply NA T to the remote node in menu 1 1.1. 1 Enter 1 1 from the main menu.
Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 315 31.3 NA T Setup Use the address mapping sets me nus and submenus to create the mapping table used to assign global addresses to computers on the LAN. Set 255 is used for SUA.
Prestige 2602HW Series User’ s Guide 316 Chapter 31 Network Address Transla tion (NAT) Figure 165 Menu 15.1 Addr ess Mapping Sets 31.3.1.1 SUA Address Mapping Set Enter 255 to display the next screen (see also secti on 27.1.1). The fields in t his menu cannot be changed.
Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 317 31.3.1.2 User-Defined Address Mapping Set s Now let’ s look at option 1 in menu 15.1. Enter 1 to bring up this menu. W e’ll just look at the differences from the previous menu.
Prestige 2602HW Series User’ s Guide 318 Chapter 31 Network Address Transla tion (NAT) 31.3.1.3 Ordering Y our Rules Ordering your rules is important because the Pr estige applies the rules in the order that you specify . When a rule matches the current pa ck et, the Prestige takes the corresponding action and the remaining rules are ignored.
Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 319 Figure 168 Menu 15.1.1.1 Editing/Configuring a n Individual Rule in a Set The following table explains the fields in t his menu.
Prestige 2602HW Series User’ s Guide 320 Chapter 31 Network Address Transla tion (NAT) Figure 169 Menu 15.2 NA T Server Se tup 3 Enter 1 to go to Menu 15.2 NA T Server Setup as follows. Figure 170 Menu 15.2 NA T Server Se tup 4 Enter a port number in an unused St a r t P o r t N o field.
Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 321 Figure 171 Multiple Servers Behind NA T Example 31.5 General NA T Examples The following are some exam ples of NA T configuration.
Prestige 2602HW Series User’ s Guide 322 Chapter 31 Network Address Transla tion (NAT) Figure 173 Menu 4 Internet Access & NA T Example From menu 4, choose the SUA Only option from the Network Addr ess T ranslation field. This is the Many-to-One mapping discus sed in Section 31.
Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 323 Figure 175 Menu 15.2.1 S pecifying an Inside Server 31.5.3 Example 3: Multiple Public IP Addresses With Inside Servers In this example, there are 3 IGAs from our IS P .
Prestige 2602HW Series User’ s Guide 324 Chapter 31 Network Address Transla tion (NAT) Figure 176 NA T Exam ple 3 In this case you need to configure Address Mapping Set 1 from Menu 15.1 - Addr ess Mapping Sets. Therefore you must choose the Full Feature option from the Network Address T ranslation field (in menu 4 or menu 1 1.
Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 325 Figure 178 Example 3: Menu 15.1.1.1 Figure 179 Example 3: Final Menu 15.1.1 Now configure the IGA3 to map to our web server and mail server on the LAN. 1 Enter 15 from the main menu.
Prestige 2602HW Series User’ s Guide 326 Chapter 31 Network Address Transla tion (NAT) Figure 180 Example 3: Menu 15.2 31.5.4 Example 4: NA T Unfr iendly Application Programs Some applications do not support NA T Mapping using TCP or UDP port address translation.
Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 327 Figure 182 Example 4: Menu 15.1.1.1 Address Mappin g Rule After you’ve configured your rule , you should be able to check the settings in menu 15.1.1 as shown next.
Prestige 2602HW Series User’ s Guide 328 Chapter 31 Network Address Transla tion (NAT).
Prestige 2602HW Series User’s Guide Chapter 32 Enabling the Firewall 329 C HAPTER 32 Enabling the Firewall This chapter shows you how to get started with the Prestige firewall.
Prestige 2602HW Series User’ s Guide 330 Chapter 32 Enablin g the Firewall Figure 184 Menu 21.2 Firewa ll Setup Use the we b configura tor or the co mmand in terpreter to confi gure the firewall rules Menu 21.2 - Firewall Setup The firewall protects against Denial of Service (DOS) attacks w hen it is active.
Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 331 C HAPTER 33 Filter Configuration This chapter shows you how to create and apply filters. 33.1 About Filtering Y our Prestige uses filters to deci de whether or not to allow passage of a data packet and/or to make a call.
Prestige 2602HW Series User’ s Guide 332 Chapter 33 Filter Configuration Figure 186 Filter Rule Process Y ou can apply up to four filter sets to a partic ular port to block various types of packets. Because each filter set can have up to six rules, you can have a maximum of 24 rules active for a single port.
Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 333 33.2 Configuring a Filter Set for the Prestige T o configure a filter set, follow the steps shown ne xt. 1 Enter 21 in the main menu to display Menu 21 – Filter and Fir ewall Setup .
Prestige 2602HW Series User’ s Guide 334 Chapter 33 Filter Configuration Figure 189 NetBIOS_LAN Filter Rules Summary Figure 190 IGMP Filter Rules Summary 33.3 Filter Rules Summary Menus The following tables briefly descri be the abbreviations used in menus 21.
Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 335 The protocol dependent filter rules abbreviation are listed as follows: 33.4 Configuring a Filter Rule T o configure a filter rule , type its number in Menu 21.1.x – Filter Rules Summary and press [ENTER] to open menu 21.
Prestige 2602HW Series User’ s Guide 336 Chapter 33 Filter Configuration 33.4.1 TCP/IP Filter Rule This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on the fiel ds in the IP and the up per layer protocol, for example, UDP and TCP headers.
Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 337 The following figure illustrates th e logic flow of an IP filter. Port # T ype the de stination port of the packets you want to fi lter . The field rang e is 0 to 65535. A 0 field i s ignored.
Prestige 2602HW Series User’ s Guide 338 Chapter 33 Filter Configuration Figure 192 Executing an IP Filter 33.4.2 Generic Filter Rule This section shows you how to co nfigure a generic filter rule. The purpose of generic rules is to allow you to filter non-IP packets.
Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 339 T o configure a generic rule select an empty filter set in menu 21, for example 5. Select Generic Filter Rule in the Filter T ype field and press [ENTER] to open Menu 21.1.5.1 – Generic Filter Rule , as shown in th e following figure.
Prestige 2602HW Series User’ s Guide 340 Chapter 33 Filter Configuration 33.5 Filter T ypes and NA T There are two classes of filter rules, Generic Filter Device rules and Protocol Filter ( TCP/IP ) rules. Generic Filter rules act on the raw data from/ to LAN and W AN.
Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 341 Figure 195 Sample T elnet Filter 1 Enter 1 in the menu 21 to display Menu 21. 1 — Filter Set Configuration . 2 Enter the index number of th e filter set you want to configure (in this case 6) .
Prestige 2602HW Series User’ s Guide 342 Chapter 33 Filter Configuration 2 Go to the Edit Filter Sets field, press [SP ACE BAR] to choose Ye s and press [ENTER]. This brings you to menu 1 1.5. Apply the example filter set (for example, fi lter set 3) in this menu as shown in the next section.
Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 343 33.7.1 Ethernet T raffic Y ou seldom need to filter Ethernet traffic; ho wever , the filter sets may be useful to block certain packets, reduce traffic and prevent secur ity breaches.
Prestige 2602HW Series User’ s Guide 344 Chapter 33 Filter Configuration.
Prestige 2602HW Series User’s Guide Chapter 34 SNMP Configuration 345 C HAPTER 34 SNMP Configuration This chapter explains SNMP Configuration menu 22. 34.1 About SNMP Simple Network Management Protocol (SNM P) i s a protoc ol used for ex changing management information b etween network devices.
Prestige 2602HW Series User’ s Guide 346 Chapter 34 SNMP Configuration The managed devices cont ain object variables/ managed objects that define each piece of information to be collected ab out a device. Examples of vari ables include the number of packets received, node port status etc.
Prestige 2602HW Series User’s Guide Chapter 34 SNMP Configuration 347 Figure 201 Menu 22 SNMP Configurat ion The following table describes the SNMP configuration parameters.
Prestige 2602HW Series User’ s Guide 348 Chapter 34 SNMP Configuration The port number is its interface index under the interface group. 5 authenticationFailure ( defined in RFC-1215 ) A trap is sent to the manager when receiving any SNMP gets or set s requirements with wrong community (password).
Prestige 2602HW Series User’s Guide Chapter 35 System Security 349 C HAPTER 35 System Security This chapter describes how to configur e the system security on the Prestige. 35.1 System Security Y ou can configure the system password.. 35.1.1 System Password Enter 23 in the main menu to display Menu 23 – System Security .
Prestige 2602HW Series User’ s Guide 350 Chapter 35 Syst em Security Figure 204 Menu 23.2 System Security: RADIUS Server The following table describes the fields in this menu. Menu 23.2 - System Security - RADIUS Server Authentication Server: Active= No Server Address= 10.
Prestige 2602HW Series User’s Guide Chapter 35 System Security 351 35.1.3 IEEE802.1x The IEEE802.1x standards outline enhanced secur ity methods for both the authentication of wireless stations and en cryption key managemen t. Follow the steps below to enable EA P authentication on your Prestige.
Prestige 2602HW Series User’ s Guide 352 Chapter 35 Syst em Security T able 1 18 Menu 23.4 System Security: IEEE802.1x FIELD DESCRIPTION Wireless Port Control Press [SP ACE BAR] and select a securi ty mode for the wireless LAN access.
Prestige 2602HW Series User’s Guide Chapter 35 System Security 353 Once you enable user authenticatio n, you need to specify an exte rnal RADIUS server or create local user accounts on the Prestige for authentication.
Prestige 2602HW Series User’ s Guide 354 Chapter 35 Syst em Security Figure 207 Menu 14 Dial-in User Setup 2 T ype a number and press [ENTER] to edit the user profile. Figure 208 Menu 14.1 Edit Dial-in User The following table describes the fields in this menu.
Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 355 C HAPTER 36 System Information and Diagnosis This chapter covers the information and diag nostic tools in SMT menus 24.
Prestige 2602HW Series User’ s Guide 356 Chapter 36 System Information and Diagnosis The following table describes the fields present in Menu 24.1 — System Maintenance — St a t u s which are read-only and meant for diag nostic purposes. Figure 210 Menu 24.
Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 357 36.3 System Information T o get to the System Information: 1 Enter 24 to display Menu 24 — System Maintenance . 2 Enter 2 to display Menu 24.2 — System Information and Console Port Speed.
Prestige 2602HW Series User’ s Guide 358 Chapter 36 System Information and Diagnosis Figure 212 Menu 24.2.1 System Maintenance: In formation The following table describes the fields in this menu. 36.3.2 Console Port Speed Y ou can set up different port speeds for the console port through Menu 24.
Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 359 Figure 213 Menu 24.2.2 System Maintenance : Chang e Console Port S peed Once you change the Prestige console po rt speed , you must also set the speed parameter for the communication software you are using to connect to the Prestige.
Prestige 2602HW Series User’ s Guide 360 Chapter 36 System Information and Diagnosis Figure 215 Sample Error an d Information M essages 36.4.2 Syslog and Accounting The Prestige uses the syslog fa cility to log the CDR (Call Deta il Record) and system messages to a syslog server.
Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 361 Figure 217 Syslog Example 1 - CDR SdcmdSyslogSend ( SYSLOG_CDR, SYSLOG _INFO, String); String = board xx line xx .
Prestige 2602HW Series User’ s Guide 362 Chapter 36 System Information and Diagnosis 36.5 Diagnostic The diagnostic facility allows you to test the di f ferent aspects of your Prestige to determine if it is working properly .
Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 363 The following table describes the diagnostic tests available in menu 24.4 for and the connections. T able 123 Menu 24.4 System Maintenance Menu: Diagnostic FIELD DESCRIPTION Reset xDSL Re-initia lize the xDSL link to the telephone company .
Prestige 2602HW Series User’ s Guide 364 Chapter 36 System Information and Diagnosis.
Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 365 C HAPTER 37 Firmware and Configuration File Maintenance This chapter tells y ou how to backup and re stor e your configuration file as well as upload new firmware and configuration files.
Prestige 2602HW Series User’ s Guide 366 Chapter 37 Firmware and Con figuration File Maintenance The following table is a summary . Please note that the internal filename refe rs to the filename on .
Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 367 Figure 219 T elnet in Menu 24.5 37.2.2 Using the FTP Command from the Command Line 1 Launch the FTP client on your computer . 2 Enter “ open ”, followed by a space and the IP address of your Prestige.
Prestige 2602HW Series User’ s Guide 368 Chapter 37 Firmware and Con figuration File Maintenance Figure 220 FTP Session Example 37.2.4 GUI-based FTP Clients The following table describes some of the commands that you may see in GUI-based FTP clients.
Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 369 37.2.6 Backup Configuration Using TFTP The Prestige support s the up/downloading of the firmware and the configuration file using TFTP (T rivial File T ransfer Protocol) over LA N.
Prestige 2602HW Series User’ s Guide 370 Chapter 37 Firmware and Con figuration File Maintenance Refer to Section 37.2.5 on page 368 to read about configurations that disallow TFTP and FTP over W AN. 37.2.9 Backup V ia Console Port Back up configuration vi a console port by following the Hype rT erminal procedure shown next.
Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 371 Figure 223 Backup Configuration Example T ype a location for storing the configuration file or click Br owse to look for one. Choose the Xmodem protocol.
Prestige 2602HW Series User’ s Guide 372 Chapter 37 Firmware and Con figuration File Maintenance Figure 225 T elnet into Menu 24.6 1 Launch the FTP client on your computer . 2 Enter “ open ”, followed by a space and the IP address of your Prestige.
Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 373 37.3.3 Restore V ia Console Port Restore configuration via console port by fol lowing the HyperT erminal procedure shown next. Procedures using other serial communicat i ons programs should be similar .
Prestige 2602HW Series User’ s Guide 374 Chapter 37 Firmware and Con figuration File Maintenance Figure 230 Successful Restoration Confirmati on Screen 37.4 Uploading Firmware and Configuration Files This section shows yo u how to upload firmware and co nfiguration files.
Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 375 Figure 232 T elnet Into Menu 24.7.2 System Maintenance T o upload the firmware and the configuration file, follow these examples 37.4.3 FTP File Upload Comman d from the DOS Prompt Example 1 Launch the FTP client on your computer .
Prestige 2602HW Series User’ s Guide 376 Chapter 37 Firmware and Con figuration File Maintenance 37.4.4 FTP Session Exampl e of Firmware File Upload Figure 233 FTP Session Example of Firmware File Upload More commands (found in GUI-based FTP clie nts) are listed earlier in this chapter .
Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 377 37.4.6 TFTP Upload Command Example The following is an example TFTP command: tftp [-i] host put firmware.
Prestige 2602HW Series User’ s Guide 378 Chapter 37 Firmware and Con figuration File Maintenance 37.4.9 Example Xmodem Firmwa re Upload Using HyperT erminal Click T ransfer , then Send File to display the following screen. Figure 235 Example Xmodem Upload After the firmware upload process has comple t ed, the Prestige will automatically restart.
Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 379 3 Enter “atgo” to restart the Prestige. 37.4.1 1 Example Xmodem Configur ation Upload Using HyperT erminal Click T ransfer , then Send File to display the following screen.
Prestige 2602HW Series User’ s Guide 380 Chapter 37 Firmware and Con figuration File Maintenance.
Prestige 2602HW Series User’s Guide Chapter 38 System Maintenance 381 C HAPTER 38 System Maintenance This chapter leads you through SM T menus 24.8 to 24. 10. 38.1 Command Interpreter Mode The Command Interpreter (CI) is a part of the ma in system firmware.
Prestige 2602HW Series User’ s Guide 382 Chapter 38 Syst em Maintena nce 38.2 Call Control Support Call Control Support is only applicable when Encapsulation is set to PPPoE in menu 4 or menu 1 1.1. The budget management func tion allows you to set a limit on the total outgoing call time of the Prestige within certain times.
Prestige 2602HW Series User’s Guide Chapter 38 System Maintenance 383 The total budget is the time li mit on the accumulated time for ou tgoing calls to a remo te node. When this limit is reached, th e call will be dropped and further outgoing calls to that remote node will be blocked.
Prestige 2602HW Series User’ s Guide 384 Chapter 38 Syst em Maintena nce Figure 243 Menu 24.10 System Maintenance : T ime and Date Setting 38.3.1 Resetting the T ime • The Prestige resets the time in three instances: • On leaving menu 24.10 after making changes.
Prestige 2602HW Series User’s Guide Chapter 38 System Maintenance 385 • 24-hour intervals after starting..
Prestige 2602HW Series User’ s Guide 386 Chapter 38 Syst em Maintena nce.
Prestige 2602HW Series User’s Guide Chapter 39 Remo te Management 387 C HAPTER 39 Remote Management This chapter covers remote ma nagement (SMT menu 24.1 1). 39.1 Remote Management Overview Remote management allows you to determ ine which services/protocols can access which Prestige interface (if any) from which computers.
Prestige 2602HW Series User’ s Guide 388 Chapter 39 Remote Manageme nt Figure 244 Menu 24.1 1 Remote Management Control The following table describes the fields in this menu. 39.2.2 Remote Management Limit ations Remote management over LAN or W AN will not work when: • A filter in menu 3.
Prestige 2602HW Series User’s Guide Chapter 39 Remo te Management 389 39.3 Remote Management and NA T When NA T is enabled: • Use the Prestige’ s W A N IP address when configuring from the W AN. • Use the Prestige’ s LAN IP address when configurin g from the LAN.
Prestige 2602HW Series User’ s Guide 390 Chapter 39 Remote Manageme nt.
Prestige 2602HW Series User’s Guide Chapter 40 IP Policy Routing 391 C HAPTER 40 IP Policy Routing This chapter covers setting and appl ying policies used for IP routing. 40.1 IP Policy Routing Overview T raditionally , routing is based on the destinatio n address only and the IAD takes the shortest path to forward a packet.
Prestige 2602HW Series User’ s Guide 392 Chapter 40 IP Policy Routing • routing the packet to a different gate way (and hence the outgoing interface). • setting the TO S and precedence fields in the IP header . IPPR follows the existing packet filtering facility of RAS in st yle and in impl ementation.
Prestige 2602HW Series User’s Guide Chapter 40 IP Policy Routing 393 Figure 246 Menu 25.1 IP Routing Po licy Setup T ype a number from 1 to 6 to d isplay Menu 25.1.1 – IP Rou ting Policy (see the next figure). This menu allows you to configure a policy rule.
Prestige 2602HW Series User’ s Guide 394 Chapter 40 IP Policy Routing Figure 247 Menu 25.1.1 IP Routing Policy The following table describes the fields in this menu.
Prestige 2602HW Series User’s Guide Chapter 40 IP Policy Routing 395 40.5 Applying an IP Policy This section shows yo u where to apply the IP policies after you design them. 40.5.1 Ethernet IP Policies From Menu 3 — Ethernet Setup , type 2 to go to Menu 3.
Prestige 2602HW Series User’ s Guide 396 Chapter 40 IP Policy Routing Figure 248 Menu 3.2 TCP/IP and DHCP Ethernet Se tup Go to menu 1 1 .3 (shown next) and type the number(s) of the IP Routing Policy set (s) as appropriate. Y ou can cascade up to four polic y sets by typing the ir numbers separated by commas.
Prestige 2602HW Series User’s Guide Chapter 40 IP Policy Routing 397 Figure 250 Example of IP Policy Routing T o force packets coming from clients with IP addresses of 192.16 8.1.33 to 192.16 8.1.64 to be routed to the Internet via the W AN port of the Prestige, follow the steps as shown next.
Prestige 2602HW Series User’ s Guide 398 Chapter 40 IP Policy Routing 3 Create a rule in menu 25.1 for this set to route packets from any host ( IP=0.0.0.0 means any host) with protocol TCP and port FTP access through another gateway (192.168.1.100).
Prestige 2602HW Series User’s Guide Chapter 41 Call Scheduling 399 C HAPTER 41 Call Scheduling Call scheduling (applicable for PPPoA or PPPoE encapsulati on only) allows you to dictate when a remote node sho uld be called and for h ow long.
Prestige 2602HW Series User’ s Guide 400 Chapter 41 Call Scheduling T o setup a schedule set, select the schedule set you want to setup from menu 26 (1-12) and press [ENTER] to see Menu 26.1 — Schedule Set Setup as shown next. Figure 255 Menu 26.1 Schedule Set Setup If a connection has been already established, your Prestige wil l not drop it.
Prestige 2602HW Series User’s Guide Chapter 41 Call Scheduling 401 Once your schedule sets are conf igured , you must then apply them to the desired remote node(s).
Prestige 2602HW Series User’ s Guide 402 Chapter 41 Call Scheduling.
Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 403 C HAPTER 42 VPN/IPSec Setup This chapter introduces the VPN SMT menus. 42.1 VPN/IPSec Overview The VPN/IPSec main SMT menu has these main submenus: Define VPN policies in menu 27.
Prestige 2602HW Series User’ s Guide 404 Chapter 42 VPN/IPSec Setup Figure 258 Menu 27 VPN/IPSec Setup 42.2 IPSec Summary Screen T ype 1 in me nu 27 and then press [ENTER] to display Menu 27.1 IPSec Summary . This is a summary read-only menu of your IPSec rules (t unnels).
Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 405 A Y signifies that this VPN rule is active. Local Addr St a r t When the Addr T ype field in Menu 27.1 .1 IPSec Setup is configured to Single , this is a static IP address on the LAN behind your Prestige.
Prestige 2602HW Series User’ s Guide 406 Chapter 42 VPN/IPSec Setup 42.3 IPSec Setup Select Edit in the Select Command field; type the index number of a rule in the Select Rule field and press [ENTER] to edit the VPN using the menu shown next. Note: Y ou must also configure menu 27.
Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 407 Figure 260 Menu 27.1.1 IPSec Setup The following table describes the fields in this menu. Menu 27.1.1 – IPSec Setup Index= 1 Name= Taiwan Active= Yes Keep Alive= No Nat Traversal= No Local ID type= IP Conten t: My IP Addr= 0.
Prestige 2602HW Series User’ s Guide 408 Chapter 42 VPN/IPSec Setup Nat T raversal Press [SP ACE BAR] to choose either Ye s or No . Choose Ye s and press [ENTER] to enable NA T traversal. NA T traversal allows you to set up a VPN connection when there are NA T routers betwee n the two IPSec rout ers.
Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 409 DNS Server If there is a private DNS server that serv ices the VPN, type its IP address here. The Prestige assigns this additional DNS server to the Prestige's DHCP clients that have IP addresses in this IPSec ru le's range of local addresses.
Prestige 2602HW Series User’ s Guide 410 Chapter 42 VPN/IPSec Setup 42.4 IKE Setup T o edit this menu, the Key Manageme nt field in Menu 27.1.1 – IPSec Setup must be set to IKE . Move the cursor to the Edit Key Management Setup field in Menu 27.1.
Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 411 Figure 261 Menu 27.1.1.1 KE Setup The following table describes the fields in this menu.
Prestige 2602HW Series User’ s Guide 412 Chapter 42 VPN/IPSec Setup 42.5 Manual Setup Y ou only configure Menu 27.1.1.2 – Man ual Setup when you select Manual in the Key Management field in Menu 27.1.1 – IPSec Setup . Manual key mana gement is useful if you have problem s with IKE key management.
Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 413 Figure 262 Menu 27.1.1.2 Manual Setup The following table describes the fields in this menu.
Prestige 2602HW Series User’ s Guide 414 Chapter 42 VPN/IPSec Setup Authentication Algorithm Press [SP ACE BAR] to choose from MD5 or SHA1 and then press [ENTER]. Key Enter the authentication key to be used by IPSec if applicable. The key must be unique.
Prestige 2602HW Series User’s Guide Chapter 43 SA Monitor 415 C HAPTER 43 SA Monitor This chapter teaches you h ow to manage your SAs by using the SA Monitor in SMT menu 27.2. 43.1 SA Monitor Overview A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel.
Prestige 2602HW Series User’ s Guide 416 Chapter 43 SA Monitor Figure 263 Menu 27.2 SA Monitor The following table describes the fields in this menu. Menu 27.2 - SA Monitor # Name Encap. IPSec ALgorithm --- -------------------------------- --------- ---------------- 001 Taiwan : 3.
Prestige 2602HW Series User’s Guide Chapter 43 SA Monitor 417 Select Command Press [SP ACE BAR] to choose from Refresh , Disco nnect , None , Next Page , or Previous Page and then press [ENTER]. Y ou must select a connection in the ne xt field when you choose the Disconnect command.
Prestige 2602HW Series User’ s Guide 418 Chapter 43 SA Monitor.
Prestige 2602HW Series User’s Guide Chapter 44 Troubleshooting 419 C HAPTER 44 T r oubleshooting This chapter covers potential proble ms and the corresponding remed ies.
Prestige 2602HW Series User’ s Guide 420 Chapter 44 Troublesh ooting 44.3 Problems with the DSL LED 44.4 Problems with the LAN Interface 44.5 Problems with the W AN Interface Table 141 Troubleshooting the DSL LED PROBLEM CORRECTIVE ACTION The DSL LED is off.
Prestige 2602HW Series User’s Guide Chapter 44 Troubleshooting 421 44.6 Problems with Internet Access 44.7 Problems with the Password Table 144 Troubleshooting Internet Access PROBLEM CORRECTIVE ACTION I cannot access the Intern et. Make sure the Prestige is turned on and connected to the network.
Prestige 2602HW Series User’ s Guide 422 Chapter 44 Troublesh ooting 44.8 Problems with the W eb Configurator 44.9 Problems with Remote Management Table 146 Troubleshooting the Web Configu rator PROBLEM CORRECTIVE ACTION I cannot access the web configurator .
Prestige 2602HW Series User’s Guide Chapter 44 Troubleshooting 423 44.10 T elephone Problems Table 148 Troubleshooting Telephone PROBLEM CORRECTIVE ACTION The telephone port won’t work or the telephone lacks a dial to ne. Check the telephone con nections and telephone wire.
Prestige 2602HW Series User’ s Guide 424 Chapter 44 Troublesh ooting.
Prestige 2602HW Series User’s Guide 425 A PPENDIX A Hardware S pecifications Ethernet Cable Pin Assignment s Figure 264 Ethernet Cable Pin Assignment s Prestige 2602HW -L DSL Port Pin Assignment s T.
Prestige 2602HW Series User’ s Guide 426 Figure 265 Prestige 2602HW -L DSL Port Pin Assignments.
Prestige 2602HW Series User’s Guide 427 Prestige 2602HW Series Power Adaptor Specifications Table 149 Prestige 2602HW Ser ies Po wer Adaptor Specifications NORTH AMERICAN PLUG STANDARDS AC Power Adapter Model ADS68 18-1818-W 1810 Input Power AC 100~240V olts/50/60Hz/0.
Prestige 2602HW Series User’ s Guide 428.
Prestige 2602HW Series User’s Guide 429 A PPENDIX B Setting up Y our Computer ’ s IP Address All computers must have a 10M or 100M Et hernet adapter card and TCP/IP installed.
Prestige 2602HW Series User’ s Guide 430 Figure 266 WIndows 95/98 /Me: Network: Co nfiguration Inst alling Components The Network window Configuration tab displays a list of installed components. Y ou need a network adapter , the TCP/IP protocol and Client for Microso ft Networks.
Prestige 2602HW Series User’s Guide 431 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click OK .
Prestige 2602HW Series User’ s Guide 432 Figure 268 Windows 95/98/Me : TCP/IP Pr operties: DNS Configuration 4 Click the Gateway tab. • If you do no t know your gateway’ s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add .
Prestige 2602HW Series User’s Guide 433 Figure 269 Windows XP: S tart Menu 2 For W indows XP , click Network Connections . For W indows 2000/NT , click Network and Dial-up Connections . Figure 270 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Pr operties .
Prestige 2602HW Series User’ s Guide 434 Figure 271 Windows XP: Control Panel: Network Connections: Pro perties 4 Select Internet Protocol (TCP/IP) (under the Genera l tab in W in XP) and cli ck Properties .
Prestige 2602HW Series User’s Guide 435 • If you have a static IP address click Use the following IP Address and fill in the IP addr ess , Subnet mask , and Default gateway fields.
Prestige 2602HW Series User’ s Guide 436 7 In the Internet Protocol TCP/IP Pr operties window (the General tab in W indows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP addre ss(es).
Prestige 2602HW Series User’s Guide 437 Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel .
Prestige 2602HW Series User’ s Guide 438 Figure 276 Macintosh O S 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configur e: list. 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually .
Prestige 2602HW Series User’s Guide 439 Figure 277 Macintosh O S X: Apple M enu 2 Click Network i n the icon bar . • Select Automatic from the Location list. • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list .
Prestige 2602HW Series User’ s Guide 440 5 Click Apply Now and clo se the w indow . 6 T urn on your Prestige and restart y our computer (if pro mpted).
Prestige 2602HW Series User’s Guide 441 A PPENDIX C IP Subnetting IP Addressing Routers “route” based on the network number . The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (ei ght bits), wri tten in dotted decimal notation, for example, 192.
Prestige 2602HW Series User’ s Guide 442 Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a valu e of 0 to 127. Similarly the first octet of a class “B” must begi n with “10”, therefore the first octet of a class “B” address has a valid range of 128 to 191.
Prestige 2602HW Series User’s Guide 443 Since the mask is always a continuous number of ones begin ning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet.
Prestige 2602HW Series User’ s Guide 444 Note: In the following chart s , shaded/bold last oc tet bit values indi cate host ID bit s “borrowed” to form network ID bit s. The number of “borrowed” host ID bits determines the number of sub nets y ou can have.
Prestige 2602HW Series User’s Guide 445 Example: Four Subnet s The above exampl e illustrated using a 25-bit subne t mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00 , 01, 10 and 1 1.
Prestige 2602HW Series User’ s Guide 446 Example Eight Subnet s Similarly use a 27-bit mask to create 8 subnets (001, 010, 01 1, 100, 101, 1 10). The following table shows class C IP ad dress last octet values for each subnet. The following table is a summary for class “C” subnet planning.
Prestige 2602HW Series User’s Guide 447 Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet ma sk also determines which bits are part of the network number and which are part of the h ost ID.
Prestige 2602HW Series User’ s Guide 448.
Prestige 2602HW Series User’s Guide 449 A PPENDIX D PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP ov er Ethernet, RFC 2516) from your computer to an A TM PVC (Permanent V irt ual Circuit) which connec ts to a DSL Access Concentrator where th e PPP session terminates ( Figure 279 on page 450 ).
Prestige 2602HW Series User’ s Guide 450 Figure 279 Single-Compute r per Router Hard ware Configuration How PPPoE W orks The PPPoE driver makes the Ethernet appea r as a serial link to the computer and the c omputer runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC).
Prestige 2602HW Series User’s Guide 451 A PPENDIX E W ireless LAN and IEEE 802.1 1 A wireless LAN (WLAN) provides a fle xible data communications system that you can use to access various services (navigating the Internet, E-mail, printer services , etc.
Prestige 2602HW Series User’ s Guide 452 Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an inde pendent (Ad-hoc) WLAN that connects a set of computers with wireless nodes or stations (ST A), which is called a Basic Service Set (BSS).
Prestige 2602HW Series User’s Guide 453 Figure 282 ESS Provides Camp us-Wide Coverage.
Prestige 2602HW Series User’ s Guide 454.
Prestige 2602HW Series User’s Guide 455 A PPENDIX F Wireless LAN W ith IEEE 802.1x As wireless networks become po pular for both portable comp uting and corporate networks , security is now a priority . Security Flaws with IEEE 802.1 1 W ireless networks based on the original IEEE 802.
Prestige 2602HW Series User’ s Guide 456 RADIUS Server Authen tication Sequence The following figure depicts a typical wireless ne twork with a remote R ADIUS server for user authentication using EAPOL (EAP Over LAN).
Prestige 2602HW Series User’s Guide 457 A PPENDIX G T ypes of EAP Authentication This appendix discusses three pop ular EAP authentication types: EAP-MD5 , EAP-TLS and EAP-TTLS . The type of authentication yo u use depends on the RADIUS server or the AP .
Prestige 2602HW Series User’ s Guide 458 LEAP LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE802.1x. Table 164 Comparison of EAP Authentication Types EAP-MD5 .
Prestige 2602HW Series User’s Guide 459 A PPENDIX H T riangle Route The Ideal Setup When the firewall is on, your Prestige acts as a secure gateway between your LAN and the Internet. In an ideal network topology , all incoming and outgoing network traf fic passes through the Prestige to protect your LAN against attacks.
Prestige 2602HW Series User’ s Guide 460 Figure 285 “T riangle Route” Problem The “T riangle Route” Solutions This section presents you two solutions to the “triangle route” problem. IP Aliasing IP alias allows you to partition your network into logical sections over the same Ethernet interface.
Prestige 2602HW Series User’s Guide 461 Gateways on the W AN Side A second solution to the “triangle route” problem is to put all of your network gateways on the W AN side as the following figure shows. This en sures that all incoming network traffic passes through your Prestige to your LAN.
Prestige 2602HW Series User’ s Guide 462.
Prestige 2602HW Series User’s Guide 463 A PPENDIX I Internal SPTGEN Internal SPTGEN Overview Internal SP TGEN (System Parame ter T able Generator) is a configuration text file useful for efficient configuration of multiple Prestiges.
Prestige 2602HW Series User’ s Guide 464 Some parameters are dependent on othe rs. For example, if you disable the Configur e d field in menu 1 (see Figure 288 on page 463 ), then you disable every field in this menu .
Prestige 2602HW Series User’s Guide 465 Figure 291 Internal SP TGEN FTP Download Example Note: Y ou can rename your “ rom-t ” file wh en you save it to your computer but it must be named “ rom-t ” when you uplo ad it to your Prestige. Internal SPTGEN FTP Upload Example 1 Launch your FTP application.
Prestige 2602HW Series User’ s Guide 466 The following ar e Internal SP TGEN screens a sso ciated with the SMT screens of your Pres tige. PV A Parameter V alues Allowed INPUT An example of what you may enter * Applies to the Prestige.
Prestige 2602HW Series User’s Guide 467 FIN FN PVA INPUT 30200001 = DHCP <0(None) | 1(Server) | 2(Relay)> = 0 30200002 = Client IP Pool Starting Address = 192.168.1.33 30200003 = Size of Client IP Pool = 32 30200004 = Primary DNS Server = 0.0.
Prestige 2602HW Series User’ s Guide 468 30201008 = IP Alias #1 Incoming protocol filters Set 3 = 256 30201009 = IP Alias #1 Incoming protocol filters Set 4 = 256 30201010 = IP Alias #1 Outgoing pro.
Prestige 2602HW Series User’s Guide 469 30500004 = RTS Threshold <0 ~ 2432> = 2432 30500005 = FRAG. Threshold <256 ~ 2432> = 2432 30500006 = WEP <0(DISABLE) | 1(64-bit WEP) | 2(128-bi.
Prestige 2602HW Series User’ s Guide 470 40000002 = Active <0(No) | 1(Yes)> = 1 40000003 = ISP's Name = ChangeMe 40000004 = Encapsulation <2(PPPOE) | 3(RFC 1483)| 4(PPPoA )| 5(ENET ENC.
Prestige 2602HW Series User’s Guide 471 40000032= RIP Version <0(Rip-1) | 1(Rip-2B) |2(Rip-2M)> = 0 40000033= Nailed-up Connection <0(No) |1(Yes)> = 0 Table 168 Menu 4 Internet Access Setup ( SMT Menu 4) (continued) Table 169 Menu 12 (SMT Menu 1 2) / Menu 12.
Prestige 2602HW Series User’ s Guide 472 / Menu 12.1.4 IP Static Route Setup (SMT Menu 12.1.4) FIN FN PVA INPUT 120104001 = IP Static Route set #4, Name <Str> = 120104002 = IP Static Route set #4, Active <0(No) |1(Yes)> = 0 120104003 = IP Static Route set #4, Destination IP address = 0.
Prestige 2602HW Series User’s Guide 473 120107006 = IP Static Route set #7, Metric = 0 120107007 = IP Static Route set #7, Private <0(No) |1(Yes)> = 0 / Menu 12.
Prestige 2602HW Series User’ s Guide 474 120111004 = IP Static Route set #11, Destination IP subnetmask = 0 120111005 = IP Static Route set #11, Gateway = 0.0.0.0 120111006 = IP Static Route set #11, Metric = 0 120111007 = IP Static Route set #11, Private <0(No) |1(Yes)> = 0 */ Menu 12.
Prestige 2602HW Series User’s Guide 475 120115002 = IP Static Route set #15, Active <0(No) |1(Yes)> = 0 120115003 = IP Static Route set # 15, Destination IP address = 0.0.0.0 120115004 = IP Static Route set # 15, Destination IP subnetmask = 0 120115005 = IP Static Route set #15, Gateway = 0.
Prestige 2602HW Series User’ s Guide 476 150000014 = SUA Server #4 Port Start = 0 150000015 = SUA Server #4 Port End = 0 150000016 = SUA Server #4 Local IP address = 0.
Prestige 2602HW Series User’s Guide 477 150000048 = SUA Server #11 Protocol <0(All)|6(TCP)|17(U DP)> = 0 150000049 = SUA Server #11 Port Start = 0 150000050 = SUA Server #11 Port End = 0 150000051 = SUA Server #11 Local IP addr ess = 0.
Prestige 2602HW Series User’ s Guide 478 / Menu 21.1.1.2 set #1, rule #2 (SMT Menu 21.1.1.2) FIN FN PVA INPUT 210102001 = IP Filter Set 1,Rule 2 Type <2(TCP/IP)> = 2 210102002 = IP Filter Set 1,Rule 2 Active <0(No)|1(Yes)> = 1 210102003 = IP Filter Set 1,Rule 2 Protocol = 6 210102004 = IP Filter Set 1,Rule 2 Dest IP address = 0.
Prestige 2602HW Series User’s Guide 479 210103013 = IP Filter Set 1,Rule 3 Act Match <1(check next)|2(forward)| 3(drop) = 3 210103014 = IP Filter Set 1,Rule 3 Act Not Match <1(check next)|2(forward)| 3(drop) = 1 / Menu 21.1.1.4 set #1, rule #4 (SMT Menu 21.
Prestige 2602HW Series User’ s Guide 480 210105009 = IP Filter Set 1,Rule 5 Src Subnet Mask = 0 210105010 = IP Filter Set 1,Rule 5 Src Port = 0 210105011 = IP Filter Set 1,Rule 5 Src Port Comp <0.
Prestige 2602HW Series User’s Guide 481 / Menu 21.1.2.1 Filter set #2, rule #1 (SMT Menu 21.1.2.1) FIN FN PVA INPUT 210201001 = IP Filter Set 2, Rule 1 Type <0(none)|2(TCP/IP)> = 2 210201002 =.
Prestige 2602HW Series User’ s Guide 482 210202009 = IP Filter Set 2, Rule 2 Src Subne t Mask = 0 210202010 = IP Filter Set 2,Rule 2 Src Port = 0 210202011 = IP Filter Set 2, Rule 2 Src Port Comp &l.
Prestige 2602HW Series User’s Guide 483 210204002 = IP Filter Set 2, Rule 4 Active <0(No)|1(Yes )> = 1 210204003 = IP Filter Set 2, Rule 4 Protocol = 17 210204004 = IP Filter Set 2, Rule 4 Dest IP address = 0.
Prestige 2602HW Series User’ s Guide 484 210205011 = IP Filter Set 2, Rule 5 Src Port Comp <0(none)|1(equal)|2 (not equal)|3(less)|4(gr eater)> = 0 210205013 = IP Filter Set 2, Rule 5 Act Matc.
Prestige 2602HW Series User’s Guide 485 Table 173 Menu 23 System Menus (SMT Me nu 23) */ Menu 23.1 System Password Setup ( SMT Menu 23.1) FIN FN PVA INPUT 230000000 = System Password = 1234 */ Menu 23.
Prestige 2602HW Series User’ s Guide 486 Command Examples The following are example Internal SP TGEN scr eens associated with the Prestige’ s command interpreter commands.
Prestige 2602HW Series User’s Guide 487 FIN FN PVA INPUT 990000001 = ADSL OPMD <0(etsi)|1(normal) |2(gdmt)|3(multimo de)> = 3 Table 175 Command Examples (continued) FIN FN PV A INPUT.
Prestige 2602HW Series User’ s Guide 488.
Prestige 2602HW Series User’s Guide 489 A PPENDIX J Command Interpreter The following describes how to use the comman d interpreter . Enter 24 in the main menu to bring up the system maintena nce menu. Enter 8 to go to Menu 24.8 - Command Interpr eter Mode .
Prestige 2602HW Series User’ s Guide 490.
Prestige 2602HW Series User’s Guide 491 A PPENDIX K Firewall Commands Sys Firewall Commands The following describes the firewa ll commands. See the Command Interpreter appendix for inform ation on the command structure. Each of these commands must be preceded by sys firewall when you use them.
Prestige 2602HW Series User’ s Guide 492.
Prestige 2602HW Series User’s Guide 493 A PPENDIX L Boot Commands The BootModule A T comm ands execute from wi thin the router’ s bootup software, when debug mode is selected before the main router firmware is start ed.
Prestige 2602HW Series User’ s Guide 494 Figure 294 Boot Module Commands AT just answer OK ATHE print help ATBAx change baud rate. 1:38.4k, 2:19.2k, 3:9.
Prestige 2602HW Series User’s Guide 495 A PPENDIX M Log Descriptions This appendix provides descrip tions of example log messages. Table 177 System Maintenance Logs LOG MESSAGE DESCRIPTION Time calibration is successful The router has adjusted its time based on information from the time server .
Prestige 2602HW Series User’ s Guide 496 Configuration Change: PC = 0x%x, Task ID = 0x%x The router is saving configuration changes. Successful SSH login Someone has logged on to the router ’s SSH server . SSH login failed Someone has failed to log on to the router ’s SSH server .
Prestige 2602HW Series User’s Guide 497 For type and code details, see T able 190 on page 501 . Table 180 TCP Reset Lo gs LOG MESSAGE DESCRIPTION Under SYN flood attack, sent TCP RST The router sent a TCP reset packet when a host was u nder a SYN flood attack (the TCP incomplete count is per destination h ost.
Prestige 2602HW Series User’ s Guide 498 Triangle route packet forwarded: ICMP The firewall allow ed a triangle route session to pass through. Packet without a NAT table entry blocked: ICMP The router blocked a packet that didn’t have a corresponding NA T table entry .
Prestige 2602HW Series User’s Guide 499 For type and code details, see T able 190 on page 501 . Table 185 UPnP Logs LOG MESSAGE DESCRIPTION UPnP pass through Firewall UPnP p ackets can pass through the firewall.
Prestige 2602HW Series User’ s Guide 500 ip spoofing - no routing entry ICMP (type:%d, code:%d) The firewall classified an ICMP packet with no source routing entry as an IP spoofing attack. vulnerability ICMP (type:%d, code:%d) The firewall detecte d an ICMP vulnerability attack.
Prestige 2602HW Series User’s Guide 501 No Server to authenticate user. Th ere is no authentication serv er to authenticate a user . Local User Database does not find user`s credential. A user was not authenticated by the local user database because the user is not listed in th e local user database.
Prestige 2602HW Series User’ s Guide 502 11 T ime Exceeded 0 T ime to live exceeded in transit 1 Fragment reassembly time exceeded 12 Parameter Problem 0 Pointer indicates the error 13 T imestamp 0 .
Prestige 2602HW Series User’s Guide 503 Table 193 RTP Logs LOG MESSAGE DESCRIPTION Error, RTP init fail The initialization of an RTP session failed. Error, Call fail: RTP connect fail A V oIP phone call failed because th e R TP session could not be established.
Prestige 2602HW Series User’ s Guide 504 The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to the RFC for detailed information on each type. Log Commands Go to the command interpreter interface ( Appendix J on page 489 explains how to access and use the commands).
Prestige 2602HW Series User’s Guide 505 Figure 296 Displaying Log Para meters Example 4 Use sys logs category foll owed by a log category and a parameter to decide what to record.
Prestige 2602HW Series User’ s Guide 506 Log Command Example This example shows how to set the Prestige to re cord the access logs and alerts and then view the results. Figure 297 Log Command Example ras> sys logs load ras> sys logs category access 3 ras> sys logs save ras> sys logs display access # .
Prestige 2602HW Series User’s Guide Index 507 Index Numerics 11 0 V A C 5 230V AC 5 64kbps 140 8kbps 140 A Abnormal Working Conditions 6 AbS 136 AC 5 Access methods 329 Accessories 5 ACK Message 132.
Prestige 2602HW Series User’ s Guide 508 Index Call filtering 331 Call filters Built-in 331 User-defined 331 Call Scheduling 39 9 Maximum Number of Schedule Sets 399 PPPoE 401 Precedence 399 Precede.
Prestige 2602HW Series User’s Guide Index 509 Destination Address 171 Device Filter rules 340 Device rule 340 DH 216 DHCP 51 , 73 , 80 , 81 , 149 , 257 , 358 DHCP client 51 DHCP relay 51 DHCP server.
Prestige 2602HW Series User’ s Guide 510 Index Europe 5 Exiting the SMT 268 Expiration Duration 139 Exposure 5 Extended Service Se t 452 Extended Service Se t (ESS) 87 Extensible Authentication Prot.
Prestige 2602HW Series User’s Guide Index 511 H Half-Open Sessions 188 Harmful Interfere nce 4 Hidden Menus 267 Hidden node 88 High V oltage Points 5 Hop Count 300 , 307 Host 77 Host IDs 441 HTTP 12.
Prestige 2602HW Series User’ s Guide 512 Index IP S tatic Route 305 IP S tatic Route Se tup 306 IPSec 195 IPSec Algorithm 405 IPSec algorithm 416 IPSec Algorithms 197 , 201 IPSec and NA T 198 IPSec .
Prestige 2602HW Series User’s Guide Index 513 Modem 43 Modifications 4 Moving the Cursor 267 MSDU (MAC Service Data Unit) 286 Multicast 82 , 300 Multimedia 131 Multiple SIP Accounts 47 Multiple V oi.
Prestige 2602HW Series User’ s Guide 514 Index PHONE 1 and 2 Ports 138 Phone Port Screen 143 , 148 Phone Port Settings 144 , 148 Photocopying 3 Ping 260 , 363 Ping of Death 158 Pipes 5 Point to Poin.
Prestige 2602HW Series User’s Guide Index 515 REGISTER Server Port 72 , 138 Register ed 3 Registered Trademark 3 Regular Mail 7 Related Documentation 41 Relay to PSTN 147 Relocate 4 Re-manufact ured.
Prestige 2602HW Series User’ s Guide 516 Index Security Parame ter Index (SPI) 412 Security Parameters 98 security protocols 405 Security Ramifications 170 Separation Between Equipment and Receiver .
Prestige 2602HW Series User’s Guide Index 517 System Information 357 System S tatus 355 System Information 357 System Information & Diagnosis 355 System Maintenance 250 , 355 , 357 , 366 , 369 ,.
Prestige 2602HW Series User’ s Guide 518 Index User Authentication 96 User Name 150 User Profiles 105 user profiles 353 V VA D 47 , 143 V AD Su pport 144 Va l u e 6 V ariab le Bit Rate 293 VBR 293 V.
Prestige 2602HW Series User’s Guide Index 519 X Xmodem File Upload 378 XMODEM protocol 366 Z Zero Configu ration 11 4 Zero Configurati on Internet Access 48 Zero configuratio n Internet access 111 Z.
デバイスZyXEL Communications 2602HW Seriesの購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
ZyXEL Communications 2602HW Seriesをまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはZyXEL Communications 2602HW Seriesの技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。ZyXEL Communications 2602HW Seriesの取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。ZyXEL Communications 2602HW Seriesで得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
ZyXEL Communications 2602HW Seriesを既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はZyXEL Communications 2602HW Seriesの不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、ZyXEL Communications 2602HW Seriesに関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちZyXEL Communications 2602HW Seriesデバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。