Page 1 Prestige 2602R Series ADSL VoIP IAD User’s Guide Version 3.40 7/2005...
Page 4: Federal Communications Commission (Fcc) Interference Statement
Prestige 2602R Series User’s Guide Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
Page 5: Safety Warnings
Prestige 2602R Series User’s Guide Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord.
Page 6: Zyxel Limited Warranty
Prestige 2602R Series User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During...
Page 7: Customer Support
Prestige 2602R Series User’s Guide Customer Support Please have the following information ready when you contact customer support. • Product model and serial number. • Warranty Information. • Date that you received your device. • Brief description of the problem and the steps you took to solve it.
Page 8 Prestige 2602R Series User’s Guide METHOD SUPPORT E-MAIL TELEPHONE WEB SITE REGULAR MAIL SALES E-MAIL FTP SITE LOCATION support@zyxel.co.uk +44 (0) 1344 303044 www.zyxel.co.uk ZyXEL Communications UK Ltd.,11 The Courtyard, 08707 555779 (UK only) UNITED KINGDOM Eastern Road, Bracknell, Berkshire, RG12 2XB, sales@zyxel.co.uk...
Page 9: Table Of Contents
Prestige 2602R Series User’s Guide Table of Contents Copyright ........................3 Federal Communications Commission (FCC) Interference Statement ....4 Safety Warnings ....................... 5 ZyXEL Limited Warranty..................6 Customer Support....................7 Table of Contents ..................... 9 List of Figures ......................25 List of Tables ......................
Page 10 Prestige 2602R Series User’s Guide Chapter 3 Wizard Setup ......................57 3.1 Connection Setup ....................57 3.1.1 Internet Access Wizard Setup: First Screen ..........57 3.1.2 Internet Access Wizard Setup: Second Screen ........58 3.1.3 Internet Access Wizard Setup: Voice Configuration .........62 3.1.4 Internet Access Wizard Setup: Fourth Screen ..........63 3.1.5 Internet Access Wizard Setup: Connection Test ........65...
Page 11 Prestige 2602R Series User’s Guide 5.1.1.4 RFC 1483 ..................80 5.1.2 Multiplexing ....................80 5.1.2.1 VC-based Multiplexing ..............80 5.1.2.2 LLC-based Multiplexing ..............80 5.1.3 VPI and VCI ....................80 5.1.4 IP Address Assignment ................80 5.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulation .....80 5.1.4.2 IP Assignment with RFC 1483 Encapsulation .........81 5.1.4.3 IP Assignment with ENET ENCAP Encapsulation ......81...
Page 12 Prestige 2602R Series User’s Guide 7.2.2 SIP Call Progression ................104 7.2.3 SIP Servers .....................104 7.2.3.1 SIP User Agent ................105 7.2.3.2 SIP Proxy Server ................105 7.2.3.3 SIP Redirect Server ..............106 7.2.3.4 SIP Register Server ..............106 7.2.4 RTP ......................106 7.3 SIP ALG ......................107 7.4 Pulse Code Modulation ..................107...
Page 13 Prestige 2602R Series User’s Guide 8.10.3.2 USA Call Waiting ................122 8.10.3.3 USA Call Transfer ...............122 8.10.3.4 USA Three-Way Conference ............122 8.11 Common Phone Port Configuration ...............123 8.12 Call Forward Configuration ................124 Chapter 9 Phone Usage ......................127 9.1 Dialing a Telephone Number ................127 9.2 Using Speed Dial to Dial a Telephone Number ..........127...
Page 14 Prestige 2602R Series User’s Guide 12.5.3 TCP Security ..................143 12.5.4 UDP/ICMP Security ................144 12.5.5 Upper Layer Protocols ................144 12.6 Guidelines for Enhancing Security with Your Firewall ........144 12.6.1 Security In General ................145 12.7 Packet Filtering Vs Firewall ................146 12.7.1 Packet Filtering: ..................146 12.7.1.1 When To Use Filtering ..............146...
Page 15 Prestige 2602R Series User’s Guide 14.2 Configuring Keyword Blocking ...............171 14.3 Configuring the Schedule ................172 14.4 Configuring Trusted Computers ..............173 Chapter 15 Remote Management Configuration ..............175 15.1 Remote Management Overview ..............175 15.1.1 Remote Management Limitations ............175 15.1.2 Remote Management and NAT ............176 15.1.3 System Timeout ...................176...
Page 16 Prestige 2602R Series User’s Guide 18.4.3 Application and Subnet-based Bandwidth Management Example ..201 18.5 Scheduler .......................201 18.5.1 Priority-based Scheduler ..............202 18.5.2 Fairness-based Scheduler ..............202 18.6 Maximize Bandwidth Usage ................202 18.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic ......202 18.6.2 Maximize Bandwidth Usage Example ..........203 18.7 Bandwidth Borrowing ..................204...
Page 17 Prestige 2602R Series User’s Guide Chapter 22 Menu 2 WAN Backup Setup ................235 22.1 Introduction to WAN Backup Setup ..............235 22.2 Configuring WAN Backup in Menu 2 ..............235 22.2.1 Traffic Redirect Setup ................236 Chapter 23 Menu 3 LAN Setup ....................239 23.1 LAN Setup ......................239...
Page 18 Prestige 2602R Series User’s Guide 26.2 Configuration ....................259 Chapter 27 Bridging Setup ..................... 263 27.1 Bridging in General ..................263 27.2 Bridge Ethernet Setup ..................263 27.2.1 Remote Node Bridging Setup ...............263 27.2.2 Bridge Static Route Setup ..............265 Chapter 28 Network Address Translation (NAT) ..............267 28.1 Using NAT ......................267...
Page 19 Prestige 2602R Series User’s Guide 30.7 Applying Filters and Factory Defaults ............297 30.7.1 Ethernet Traffic ..................297 30.7.2 Remote Node Filters ................298 Chapter 31 SNMP Configuration .................... 299 31.1 About SNMP ....................299 31.2 Supported MIBs ....................300 31.3 SNMP Configuration ..................300 31.4 SNMP Traps ....................301 Chapter 32 System Information and Diagnosis ..............
Page 20 Prestige 2602R Series User’s Guide 33.4.5 TFTP File Upload ..................322 33.4.6 TFTP Upload Command Example ............323 Chapter 34 System Maintenance.................... 325 34.1 Command Interpreter Mode ................325 34.2 Call Control Support ..................326 34.2.1 Budget Management ................326 34.3 Time and Date Setting ..................327 34.3.1 Resetting the Time ................329...
Page 21 Prestige 2602R Series User’s Guide 38.4.1.3 Java Permissions ................355 38.5 Telephone Problems ..................357 Appendix A Product Specifications ..................359 Prestige 2602R Series Power Adaptor Specifications ........... 362 Appendix B Setting up Your Computer’s IP Address............363 Windows 95/98/Me....................363 Installing Components ..................364 Configuring ......................
Page 22 Prestige 2602R Series User’s Guide Appendix E Triangle Route ...................... 389 The Ideal Setup...................... 389 The “Triangle Route” Problem................389 The “Triangle Route” Solutions ................390 IP Aliasing ......................390 Gateways on the WAN Side................... 391 Appendix F SIP Passthrough ....................393 Enabling/Disabling the SIP ALG ................
Page 23 Prestige 2602R Series User’s Guide Index........................439 Table of Contents...
Page 24 Prestige 2602R Series User’s Guide Table of Contents...
Page 25: List Of Figures
Prestige 2602R Series User’s Guide List of Figures Figure 1 Prestige Internet Access Application ............46 Figure 2 Internet Telephony Service Provider Application ........47 Figure 3 Peer-to-peer Calling ................. 47 Figure 4 Firewall Application .................. 48 Figure 5 Prestige LAN-to-LAN Application ............. 48 Figure 6 Front Panel ....................
Page 26 Prestige 2602R Series User’s Guide Figure 38 SIP User Agent ..................105 Figure 39 SIP Proxy Server ................... 105 Figure 40 SIP Redirect Server ................106 Figure 41 SIP Settings ................... 109 Figure 42 Voice Advanced Setup ................111 Figure 43 DiffServ: Differentiated Service Field ............. 113 Figure 44 QoS ......................
Page 27 Prestige 2602R Series User’s Guide Figure 80 Networking Services ................185 Figure 81 Network Connections ................186 Figure 82 Internet Connection Properties ............. 187 Figure 83 Internet Connection Properties: Advanced Settings ......188 Figure 84 Internet Connection Properties: Advanced Settings: Add ...... 188 Figure 85 System Tray Icon ...................
Page 28 Prestige 2602R Series User’s Guide Figure 123 Menu 3.2 TCP/IP and DHCP Setup ............ 244 Figure 124 Menu 3.2.1 IP Alias Setup ..............245 Figure 125 Menu 1 General Setup ................. 246 Figure 126 Menu 4 Internet Access Setup ............. 246 Figure 127 Menu 11 Remote Node Setup ..............
Page 29 Prestige 2602R Series User’s Guide Figure 166 Menu 21.2 Firewall Setup ..............284 Figure 167 Outgoing Packet Filtering Process ............285 Figure 168 Filter Rule Process ................286 Figure 169 Menu 21 Filter Set Configuration ............287 Figure 170 NetBIOS_WAN Filter Rules Summary ..........288 Figure 171 NetBIOS_LAN Filter Rules Summary ..........
Page 30 Prestige 2602R Series User’s Guide Figure 209 Menu 25.1 IP Routing Policy Setup ............. 337 Figure 210 Menu 25.1.1 IP Routing Policy ............. 338 Figure 211 Menu 3.2 TCP/IP and DHCP Ethernet Setup ........340 Figure 212 Menu 11.3 Remote Node Network Layer Options ....... 340 Figure 213 Example of IP Policy Routing ..............
Page 31 Prestige 2602R Series User’s Guide Figure 252 Single-Computer per Router Hardware Configuration ......380 Figure 253 Prestige as a PPPoE Client ..............380 Figure 254 Ideal Setup ................... 389 Figure 255 “Triangle Route” Problem ..............390 Figure 256 IP Alias ....................390 Figure 257 Gateways on the WAN Side ..............
Page 32 Prestige 2602R Series User’s Guide List of Figures...
Page 33: List Of Tables
Prestige 2602R Series User’s Guide List of Tables Table 1 ADSL Standards ..................41 Table 2 Front Panel LEDs ..................48 Table 3 Web Configurator Screens Summary ............54 Table 4 Wizard Setup: First Screen ............... 58 Table 5 Internet Connection with PPPoE ............. 59 Table 6 Internet Connection with RFC 1483 ............
Page 34 Prestige 2602R Series User’s Guide Table 39 ICMP Commands That Trigger Alerts ............. 140 Table 40 Legal NetBIOS Commands ..............140 Table 41 Legal SMTP Commands ............... 140 Table 42 Firewall: Default Policy ................153 Table 43 Rule Summary ..................154 Table 44 Firewall: Edit Rule ...................
Page 35 Table 120 Device Specifications ................359 Table 121 Firmware Specifications ................ 360 Table 122 Prestige 2602R Series Power Adaptor Specifications ......362 Table 123 Classes of IP Addresses ..............381 Table 124 Allowed IP Address Range By Class ............ 382...
Page 36 Prestige 2602R Series User’s Guide Table 125 “Natural” Masks ................... 382 Table 126 Alternative Subnet Mask Notation ............383 Table 127 Two Subnets Example ................383 Table 128 Subnet 1 ....................384 Table 129 Subnet 2 ....................384 Table 130 Subnet 1 ....................385 Table 131 Subnet 2 ....................
Page 37: Preface
Prestige 2602R Series User’s Guide Preface Congratulations on your purchase of the Prestige 2602R Series ADSL VoIP IAD. Note: Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com North American products.
Page 38: Syntax Conventions
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”. • The Prestige 2602R series may be referred to as the Prestige in this user’s guide. This refers to both models (ADSL over POTS and ADSL over ISDN) unless specifically identified.
Page 39: Introduction To Dsl
Prestige 2602R Series User’s Guide Introduction to DSL DSL (Digital Subscriber Line) technology enhances the data capacity of the existing twisted- pair wire that runs between the local telephone company switching offices and most homes and offices. While the wire itself can handle higher frequencies, the telephone switching...
Page 40 Prestige 2602R Series User’s Guide Introduction to DSL...
Page 41: Getting To Know Your Prestige
Prestige 2602R Series User’s Guide H A P T E R Getting To Know Your Prestige This chapter describes the key features and applications of your Prestige. Introducing the Prestige The Prestige P2602R ADSL VoIP IAD (Integrated Access Device) combines high-speed ADSL Internet access and Voice over IP (VoIP) communication capabilities.
Page 42: Features Of The Prestige
Prestige 2602R Series User’s Guide 1.1.1 Features of the Prestige The following sections describe the features of the Prestige. High Speed Internet Access Your Prestige ADSL/ADSL2/ADSL2+ router can support downstream transmission rates of up to 24Mbps and upstream transmission rates of 1 Mbps. Actual speeds attained depend on ISP DSLAM environment.
Page 43: Multiple Sip Accounts
Prestige 2602R Series User’s Guide Network Address Translation (NAT) Network Address Translation (NAT) allows the translation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet).
Page 44: Traffic Redirect
Prestige 2602R Series User’s Guide QoS (Quality of Service) Quality of Service (QoS) mechanisms help to provide better service on a per-flow basis. The Prestige supports Type of Service (ToS) tagging and Differentiated Services (DiffServ) tagging. This allows the Prestige to tag voice frames so they can be prioritized over the network.
Page 45: Applications For The Prestige
Prestige 2602R Series User’s Guide Multiple PVC (Permanent Virtual Circuits) Support Your Prestige supports up to 8 PVC’s. IP Alias IP Alias allows you to partition a physical network into logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physical Ethernet interface with the Prestige itself as the gateway for each LAN network.
Page 46: Internet Access
Prestige 2602R Series User’s Guide 1.2.1 Internet Access The Prestige is the ideal high-speed Internet access solution. Your Prestige supports the TCP/ IP protocol, which the Internet uses exclusively. It is compatible with all major ADSL DSLAM (Digital Subscriber Line Access Multiplexer) providers. A DSLAM is a rack of ADSL line cards with data multiplexed into a backbone network interface/connection (for example, T1, OC3, DS3, ATM or Frame Relay).
Page 47: Make Peer-To-Peer Calls
Prestige 2602R Series User’s Guide Figure 2 Internet Telephony Service Provider Application 1.2.3 Make Peer-to-peer Calls Use the Prestige to make a call to the recipient’s IP address without using a SIP proxy server Peer-to-peer calls are also called “Point to Point” or “IP-to-IP” calls. You must know the peer’s IP address in order to do this.
Page 48: Lan To Lan Application
Prestige 2602R Series User’s Guide Figure 4 Firewall Application 1.2.5 LAN to LAN Application You can use the Prestige to connect two geographically dispersed networks over the ADSL line. A typical LAN-to-LAN application for your Prestige is shown as follows.
Page 49 Prestige 2602R Series User’s Guide Table 2 Front Panel LEDs (continued) COLOR STATUS DESCRIPTION 10/100M Green The Prestige has a successful 10Mb Ethernet connection. Blinking The Prestige is sending/receiving data. Amber The Prestige has a successful 100Mb Ethernet connection. Blinking The Prestige is sending/receiving data.
Page 50 Prestige 2602R Series User’s Guide Chapter 1 Getting To Know Your Prestige...
Page 51: Introducing The Web Configurator
Prestige 2602R Series User’s Guide H A P T E R Introducing the Web Configurator This chapter describes how to access and navigate the web configurator. 2.1 Web Configurator Overview The web configurator is an HTML-based management interface that allows easy Prestige setup and management via Internet browser.
Page 52: Resetting The Prestige
Prestige 2602R Series User’s Guide Figure 7 Password Screen 6 It is highly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Ignore to proceed to the main menu if you do not want to change the password now.
Page 53: Navigating The Prestige Web Configurator
Prestige 2602R Series User’s Guide 2.1.3 Navigating the Prestige Web Configurator The following summarizes how to navigate the web configurator from the SITE MAP screen. We use the Prestige 2602R-61 web screens in this guide as an example. Screens vary slightly for different Prestige models.
Page 54: Table 3 Web Configurator Screens Summary
Prestige 2602R Series User’s Guide Note: Click the icon (located in the top right corner of most screens) to view embedded help. Table 3 Web Configurator Screens Summary LINK SUB-LINK FUNCTION Wizard Setup Connection Use these screens for initial configuration including general...
Page 55 Prestige 2602R Series User’s Guide Table 3 Web Configurator Screens Summary (continued) LINK SUB-LINK FUNCTION UPnP Use this screen to enable UPnP on the Prestige. Logs Log Settings Use this screen to change your Prestige’s log settings. View Log Use this screen to view the logs for the categories that you selected.
Page 56 Prestige 2602R Series User’s Guide Chapter 2 Introducing the Web Configurator...
Page 57: Chapter 3 Wizard Setup
Prestige 2602R Series User’s Guide H A P T E R Wizard Setup This chapter provides information on the Wizard Setup screens for Internet access and VoIP and media bandwidth management in the web configurator. 3.1 Connection Setup Use the wizard screens to configure your system for Internet access and Voice with the information provided by your ISP and voice service provider.
Page 58: Internet Access Wizard Setup: Second Screen
Prestige 2602R Series User’s Guide The following table describes the fields in this screen. Table 4 Wizard Setup: First Screen LABEL DESCRIPTION Mode From the Mode drop-down list box, select Routing (default) if your ISP allows multiple computers to share an Internet account. Otherwise select Bridge.
Page 59: Figure 12 Internet Connection With Rfc 1483
Prestige 2602R Series User’s Guide The following table describes the fields in this screen. Table 5 Internet Connection with PPPoE LABEL DESCRIPTION Service Name Type the name of your PPPoE service here. User Name Enter the user name exactly as your ISP assigned. If assigned a name in the form...
Page 60: Figure 13 Internet Connection With Enet Encap
Prestige 2602R Series User’s Guide Table 6 Internet Connection with RFC 1483 (continued) LABEL DESCRIPTION Back Click Back to go back to the first wizard screen. Next Click Next to continue to the next wizard screen. Figure 13 Internet Connection with ENET ENCAP The following table describes the fields in this screen.
Page 61: Figure 14 Internet Connection With Pppoa
Prestige 2602R Series User’s Guide Figure 14 Internet Connection with PPPoA The following table describes the fields in this screen. Table 8 Internet Connection with PPPoA LABEL DESCRIPTION User Name Enter the login name that your ISP gives you. Password Enter the password associated with the user name above.
Page 62: Internet Access Wizard Setup: Voice Configuration
Prestige 2602R Series User’s Guide 3.1.3 Internet Access Wizard Setup: Voice Configuration Use this screen to configure the voice settings (for the Prestige’s SIP account one) with the information from your voice service provider. Figure 15 Wizard Setup: Third Screen The following table describes the fields in this screen.
Page 63: Internet Access Wizard Setup: Fourth Screen
Prestige 2602R Series User’s Guide Table 9 Wizard Setup: Voice Configuration (continued) LABEL DESCRIPTION REGISTER Server Port Enter the SIP register server’s listening port for SIP in this field. Note: If you were not given a register server port, then enter the port from the SIP Server Port field again here.
Page 64: Figure 16 Internet Access Wizard Setup: Fourth Screen
Prestige 2602R Series User’s Guide Figure 16 Internet Access Wizard Setup: Fourth Screen If you want to change your Prestige LAN settings, click Change LAN Configuration to display the screen as shown next. Chapter 3 Wizard Setup...
Page 65: Internet Access Wizard Setup: Connection Test
Prestige 2602R Series User’s Guide Figure 17 Wizard Setup: LAN Configuration The following table describes the fields in this screen. Table 10 Wizard Setup: LAN Configuration LABEL DESCRIPTION LAN IP Address Enter the IP address of your Prestige in dotted decimal notation, for example, 192.168.1.1 (factory default).
Page 66: Test Your Internet Connection
Prestige 2602R Series User’s Guide Figure 18 Wizard Setup: Connection Tests 3.1.5.1 Test Your Internet Connection Launch your web browser and navigate to www.zyxel.com. Internet access is just the beginning. Refer to the rest of this User’s Guide for more detailed information on the complete range of Prestige features.
Page 67: Predefined Media Bandwidth Management Services
Prestige 2602R Series User’s Guide 3.2.1 Predefined Media Bandwidth Management Services The following is a description of the services that you can select and to which you can apply media bandwidth management using the wizard screens. Table 11 Media Bandwidth Mgnt. Wizard Setup: Services...
Page 68: Media Bandwidth Mgnt. Wizard Setup: Second Screen
Prestige 2602R Series User’s Guide Figure 19 Media Bandwidth Mgnt. Wizard Setup: First Screen The following table describes the labels in this screen. Table 12 Media Bandwidth Mgnt. Wizard Setup: First Screen LABEL DESCRIPTION Active Select the Active check box to have the Prestige apply bandwidth management to traffic going out through the Prestige’s WAN or LAN port.
Page 69: Media Bandwidth Mgnt. Wizard Setup: Finish
Prestige 2602R Series User’s Guide Figure 20 Media Bandwidth Mgnt. Wizard Setup: Second Screen (all services selected) The following table describes the fields in this screen. Table 13 Media Bandwidth Mgnt. Wizard Setup: Second Screen LABEL DESCRIPTION Service These fields display the service(s) selected in the previous screen.
Page 70: Password Setup
Prestige 2602R Series User’s Guide Figure 21 Media Bandwidth Mgnt. Wizard Setup: Finish 3.3 Password Setup It is highly recommended that you change the password for accessing the Prestige. 3.3.1 Configuring Password To change your Prestige’s password (recommended), click Password in the Site Map screen.
Page 71: Chapter 4 Lan Setup
Prestige 2602R Series User’s Guide H A P T E R LAN Setup This chapter describes how to configure LAN settings. 4.1 LAN Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is a computer network limited to the immediate area, usually the same building or floor of a building.
Page 72: Ip Pool Setup
Prestige 2602R Series User’s Guide 4.1.2.1 IP Pool Setup The Prestige is pre-configured with a pool of IP addresses for the DHCP clients (DHCP Pool). See the product specifications in the appendices. Do not assign static IP addresses from the DHCP pool to your LAN computers.
Page 73: Lan Tcp/Ip
Prestige 2602R Series User’s Guide • The Prestige acts as a DNS proxy when the Primary and Secondary DNS Server fields are left blank in the LAN Setup screen. 4.4 LAN TCP/IP The Prestige has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability.
Page 74: Private Ip Addresses
Prestige 2602R Series User’s Guide Once you have decided on the network number, pick an IP address that is easy to remember, for instance, 192.168.1.1, for your Prestige, but make sure that no other device on your network is using that IP address.
Page 75: Multicast
Prestige 2602R Series User’s Guide The Version field controls the format and the broadcasting method of the RIP packets that the Prestige sends (it recognizes both formats when receiving). RIP-1 is universally supported; but RIP-2 carries more information. RIP-1 is probably adequate for most networks, unless you have an unusual network topology.
Page 76: How Any Ip Works
Prestige 2602R Series User’s Guide The following figure depicts a scenario where a computer is set to use a static private IP address in the corporate environment. In a residential house where a Prestige is installed, you can still use the computer to access the Internet without changing the network settings, even when the IP addresses of the computer and the Prestige are not in the same subnet.
Page 77: Configuring Lan
Prestige 2602R Series User’s Guide 5 When the Prestige receives packets from the computer, it creates an entry in the IP routing table so it can properly forward packets intended for the computer. After all the routing information is updated, the computer can access the Prestige and the Internet as if it is in the same subnet as the Prestige.
Page 78: Table 15 Lan Setup
Prestige 2602R Series User’s Guide The following table describes the fields in this screen. Table 15 LAN Setup LABEL DESCRIPTION DHCP DHCP If set to Server, your Prestige can assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client.
Page 79: Chapter 5 Wan Setup
Prestige 2602R Series User’s Guide H A P T E R WAN Setup This chapter describes how to configure WAN settings. 5.1 WAN Overview A WAN (Wide Area Network) is an outside connection to another network or the Internet. 5.1.1 Encapsulation Be sure to use the encapsulation method required by your ISP.
Page 80: Rfc 1483
Prestige 2602R Series User’s Guide 5.1.1.4 RFC 1483 RFC 1483 describes two methods for Multiprotocol Encapsulation over ATM Adaptation Layer 5 (AAL5). The first method allows multiplexing of multiple protocols over a single ATM virtual circuit (LLC-based multiplexing) and the second method assumes that each protocol is carried over a separate ATM virtual circuit (VC-based multiplexing).
Page 81: Ip Assignment With Rfc 1483 Encapsulation
Prestige 2602R Series User’s Guide 5.1.4.2 IP Assignment with RFC 1483 Encapsulation In this case the IP Address Assignment must be static with the same requirements for the IP Address and ENET ENCAP Gateway fields as stated above. 5.1.4.3 IP Assignment with ENET ENCAP Encapsulation In this case you can have either a static or dynamic IP.
Page 82: Pppoe Encapsulation
Prestige 2602R Series User’s Guide IP Policy Routing overrides the default routing behavior and takes priority over all of the routes mentioned above (see Chapter 36 on page 335). 5.3 PPPoE Encapsulation The Prestige supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.) connection.
Page 83: Zero Configuration Internet Access
Prestige 2602R Series User’s Guide The following figure illustrates the relationship between PCR, SCR and MBS. Figure 26 Example of Traffic Shaping 5.5 Zero Configuration Internet Access Once you turn on and connect the Prestige to a telephone jack, it automatically detects the Internet connection settings (such as the VCI/VPI numbers and the encapsulation method) from the ISP and makes the necessary configuration changes.
Page 84: Figure 27 Wan Setup (Pppoe)
Prestige 2602R Series User’s Guide Figure 27 WAN Setup (PPPoE) The following table describes the fields in this screen. Table 16 WAN Setup LABEL DESCRIPTION Name Enter the name of your Internet Service Provider, e.g., MyISP. This information is for identification purposes only.
Page 85 Prestige 2602R Series User’s Guide Table 16 WAN Setup (continued) LABEL DESCRIPTION Encapsulation Select the method of encapsulation used by your ISP from the drop-down list box. Choices vary depending on the mode you select in the Mode field. If you select Bridge in the Mode field, select either PPPoA or RFC 1483.
Page 86: Traffic Redirect
Prestige 2602R Series User’s Guide Table 16 WAN Setup (continued) LABEL DESCRIPTION Connect on Demand Select Connect on Demand when you don't want the connection up all the time and specify an idle time-out in the Max Idle Timeout field.
Page 87: Configuring Wan Backup
Prestige 2602R Series User’s Guide Figure 28 Traffic Redirect Example The following network topology allows you to avoid triangle route security issues when the backup gateway is connected to the LAN. Use IP alias to configure the LAN into two or three logical networks with the Prestige itself as the gateway for each LAN network.
Page 88: Figure 30 Wan Backup
Prestige 2602R Series User’s Guide Figure 30 WAN Backup The following table describes the fields in this screen. Table 17 WAN Backup LABEL DESCRIPTION Backup Type Select the method that the Prestige uses to check the DSL connection. Select DSL Link to have the Prestige check if the connection to the DSLAM is up.
Page 89 Prestige 2602R Series User’s Guide Table 17 WAN Backup (continued) LABEL DESCRIPTION Timeout Type the number of seconds (3 recommended) for your Prestige to wait for a ping response from one of the IP addresses in the Check WAN IP Address field before timing out the request.
Page 90 Prestige 2602R Series User’s Guide Chapter 5 WAN Setup...
Page 91: Network Address Translation (Nat) Screens
Prestige 2602R Series User’s Guide H A P T E R Network Address Translation (NAT) Screens This chapter discusses how to configure NAT on the Prestige. 6.1 NAT Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
Page 92: What Nat Does
Prestige 2602R Series User’s Guide 6.1.2 What NAT Does In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host.
Page 93: Nat Application
Prestige 2602R Series User’s Guide Figure 31 How NAT Works 6.1.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP Alias) behind the Prestige can communicate with three distinct WAN networks. More examples follow at the end of this chapter.
Page 94: Sua (Single User Account) Versus Nat
Prestige 2602R Series User’s Guide • One to One: In One-to-One mode, the Prestige maps one local IP address to one global IP address. • Many to One: In Many-to-One mode, the Prestige maps multiple local IP addresses to one global IP address. This is equivalent to SUA (for instance, PAT, port address translation), ZyXEL’s Single User Account feature that previous ZyXEL routers...
Page 95: Sua Server
Prestige 2602R Series User’s Guide • Choose Full Feature if you have multiple public WAN IP addresses for your Prestige. 6.3 SUA Server A SUA server set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though SUA makes your whole inside network appear as a single computer to the outside world.
Page 96: Configuring Servers Behind Sua (Example)
Prestige 2602R Series User’s Guide Table 20 Services and Port Numbers (continued) SERVICES PORT NUMBER SNMP trap PPTP (Point-to-Point Tunneling Protocol) 1723 6.3.3 Configuring Servers Behind SUA (Example) Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example).
Page 97: Configuring Sua Server
Prestige 2602R Series User’s Guide Figure 34 NAT Mode The following table describes the labels in this screen. Table 21 NAT Mode LABEL DESCRIPTION None Select this radio button to disable NAT. SUA Only Select this radio button if you have just one public WAN IP address for your Prestige.
Page 98: Figure 35 Edit Sua/Nat Server Set
Prestige 2602R Series User’s Guide Figure 35 Edit SUA/NAT Server Set The following table describes the fields in this screen. Table 22 Edit SUA/NAT Server Set LABEL DESCRIPTION Start Port No. Enter a port number in this field. To forward only one port, enter the port number again in the End Port No. field.
Page 99: Configuring Address Mapping
Prestige 2602R Series User’s Guide 6.6 Configuring Address Mapping Ordering your rules is important because the Prestige applies the rules in the order that you specify. When a rule matches the current packet, the Prestige takes the corresponding action and the remaining rules are ignored. If there are any empty rules before your new configured rule, your configured rule will be pushed up by that number of empty rules.
Page 100: Editing An Address Mapping Rule
Prestige 2602R Series User’s Guide Table 23 Address Mapping Rules (continued) LABEL DESCRIPTION Type 1-1: One-to-one mode maps one local IP address to one global IP address. Note that port numbers do not change for the One-to-one NAT mapping type.
Page 101: Table 24 Address Mapping Rule Edit
Prestige 2602R Series User’s Guide Table 24 Address Mapping Rule Edit LABEL DESCRIPTION Type Choose the port mapping type from one of the following. • One-to-One: One-to-One mode maps one local IP address to one global IP address. Note that port numbers do not change for One-to-one NAT mapping type.
Page 102 Prestige 2602R Series User’s Guide Chapter 6 Network Address Translation (NAT) Screens...
Page 103: Introduction To Voip
Prestige 2602R Series User’s Guide H A P T E R Introduction to VoIP This chapter provides background information on VoIP and SIP. 7.1 Introduction to VoIP VoIP is the sending of voice signals over the Internet Protocol. This allows you to make phone calls and send faxes over the Internet at a fraction of the cost of using the traditional circuit- switched telephone network.
Page 104: Sip Service Domain
Prestige 2602R Series User’s Guide 7.2.1.2 SIP Service Domain The SIP service domain of the VoIP service provider is the domain name in a SIP URI. For example, if the SIP address is 1122334455@VoIP-provider.com, then “VoIP-provider.com” is the SIP service domain.
Page 105: Sip User Agent
Prestige 2602R Series User’s Guide 7.2.3.1 SIP User Agent A SIP user agent can make and receive VoIP telephone calls. This means that SIP can be used for peer-to-peer communications even though it is a client-server protocol. In the following figure, either A or B can act as a SIP user agent client to initiate a call.
Page 106: Sip Redirect Server
Prestige 2602R Series User’s Guide 7.2.3.3 SIP Redirect Server A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends the translated IP address back to the device that sent the request. Then the client device that originally sent the request can send requests to the IP address that it received back from the redirect server.
Page 107: Sip Alg
Prestige 2602R Series User’s Guide 7.3 SIP ALG The Prestige is a SIP Application Layer Gateway (ALG). A SIP ALG allows VoIP calls to pass through NAT by examining and translating IP addresses embedded in the data stream. When a VoIP device behind the Prestige registers with the SIP register server, the Prestige translates the device’s private IP address inside the SIP data stream to a public IP address.
Page 108: Mwi (Message Waiting Indication)
Prestige 2602R Series User’s Guide 7.7 MWI (Message Waiting Indication) Enable Message Waiting Indication (MWI) enables your phone to give you a message– waiting (beeping) dial tone when you have a voice message(s). Your voice service provider must have a messaging system that sends message waiting status SIP packets as defined in RFC 3842.
Page 109: Chapter 8 Voice Screens
Prestige 2602R Series User’s Guide H A P T E R Voice Screens This chapter describes how to configure advanced VoIP, QoS, phone and phone book settings. 8.1 Voice Screens Introduction This chapter covers the configuration of the VoIP screens.
Page 110: Advanced Voice Settings Configuration
Prestige 2602R Series User’s Guide Table 26 SIP Settings LABEL DESCRIPTION SIP Account You can configure the Prestige to use multiple SIP accounts. Select one to configure its settings on the Prestige. Active SIP Select this check box to have the Prestige use this SIP account. Clear the check box to have the Prestige not use this SIP account.
Page 111: Figure 42 Voice Advanced Setup
Prestige 2602R Series User’s Guide Figure 42 Voice Advanced Setup The following table describes the labels in this screen. Table 27 Voice Advanced Setup LABEL DESCRIPTION SIP Account This read-only field displays the number of the SIP account that you are configuring.
Page 112 Prestige 2602R Series User’s Guide Table 27 Voice Advanced Setup (continued) LABEL DESCRIPTION Session Expires Use this field to set the longest time that the Prestige will allow a SIP session to remain idle (without traffic) before dropping it. Min-SE When two SIP devices negotiate a SIP session, they must negotiate a common expiration time for idle SIP sessions.
Page 113: Quality Of Service (Qos)
Prestige 2602R Series User’s Guide 8.4 Quality of Service (QoS) Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to provide bandwidth for real-time multimedia applications. 8.4.1 Type Of Service (ToS)
Page 114: Qos Configuration
Prestige 2602R Series User’s Guide Your Prestige can add IEEE 802.1Q VLAN ID tags to voice frames that it sends to the network. This allows the Prestige to communicate with a SIP server that is a member of the same VLAN group. Some ISPs use the VLAN tag to identify voice traffic and give it priority over other traffic.
Page 115: Phone
Prestige 2602R Series User’s Guide 8.6 Phone You can configure the volume, echo cancellation and VAD settings for each individual phone port on the Prestige. You can also select which SIP account to use for making outgoing calls. 8.6.1 Voice Activity Detection/Silence Suppression Voice Activity Detection (VAD) detects whether or not speech is present.
Page 116: Figure 45 Phone
Prestige 2602R Series User’s Guide Figure 45 Phone The following table describes the labels in this screen. Table 29 Phone LABEL DESCRIPTION Phone Port Settings Use this field to select the phone port that you want to configure. Speaking Volume Use this field to set the loudness that the Prestige uses for the speech signal that it sends to the peer device.
Page 117: Speed Dial
Prestige 2602R Series User’s Guide Table 29 Phone (continued) LABEL DESCRIPTION Dialing Interval When you are dialing a telephone number the Prestige waits this long after you stop pressing the buttons before initiating the call. Select how many seconds you want the Prestige to wait after the last input on the telephone’s keypad before dialing (making) a call.
Page 118: Figure 46 Speed Dial
Prestige 2602R Series User’s Guide Figure 46 Speed Dial The following table describes the labels in this screen. Table 30 Speed Dial LABEL DESCRIPTION Add New Entry Use this section of the screen to edit and save new or existing speed dial phone book entries.
Page 119: Supplementary Phone Services Overview
Prestige 2602R Series User’s Guide Table 30 Speed Dial (continued) LABEL DESCRIPTION Speed Dial This is the entry’s speed dial key combination. Press this key combination on a telephone attached to the Prestige in order to call the party named in this entry.
Page 120: Europe Type Supplementary Phone Services
Prestige 2602R Series User’s Guide Europe Type Supplementary Phone Services 8.10.2 This section describes how to use supplementary phone services with the Europe Type Call Service Mode. Commands for supplementary services are listed in the table below. After pressing the flash key, if you do not issue the sub-command before the default sub- command timeout (2 seconds) expires or issue an invalid sub-command, the current operation will be aborted.
Page 121: European Call Transfer
Prestige 2602R Series User’s Guide Press the flash key and then press “0”. • Disconnect the first call and answer the second call. Either press the flash key and press “1”, or just hang up the phone and then answer the phone after it rings.
Page 122: Usa Call Hold
Prestige 2602R Series User’s Guide After pressing the flash key, if you do not issue the sub-command before the default sub- command timeout (2 seconds) expires or issue an invalid sub-command, the current operation will be aborted. Table 32 USA Flash Key Commands...
Page 123: Common Phone Port Configuration
Prestige 2602R Series User’s Guide 3 When the second call is answered, press the flash key, wait for the sub-command tone and press “3” to create a three-way conversation. 4 Hang up the phone to drop the connection. 5 If you want to separate the activated three-way conference into two individual connections (one is on-line, the other is on hold), press the flash key, wait for the sub- command tone and press “2”.
Page 124: Call Forward Configuration
Prestige 2602R Series User’s Guide Table 33 Voice Common (continued) LABEL DESCRIPTION Call Service Mode Use this field to set how the Prestige handles supplementary phone services (call hold, call waiting, call transfer and three-way conference calls). Select the mode that your voice service provider supports.
Page 125: Figure 48 Voice Call Forward
Prestige 2602R Series User’s Guide Figure 48 Voice Call Forward The following table describes the labels in this screen. Table 34 Voice Call Forward LABEL DESCRIPTION Table Number Select which call forwarding table you want to configure. You can configure a different call forwarding table for each SIP account or use the same call forwarding table for both.
Page 126 Prestige 2602R Series User’s Guide Table 34 Voice Call Forward LABEL DESCRIPTION Unconditional Enable this feature to have the Prestige forward all incoming calls to the number Forward to Number that you configure regardless of whether or not the phone(s) connected to the phone port(s) is busy.
Page 127: Chapter 9 Phone Usage
Prestige 2602R Series User’s Guide H A P T E R Phone Usage This chapter describes how to use a phone connected to your Prestige for basic tasks. 9.1 Dialing a Telephone Number The PHONE LED turns green when your SIP account is registered. Dial a SIP number like “12345”...
Page 128: Auto Firmware Upgrade
Prestige 2602R Series User’s Guide 9.5 Auto Firmware Upgrade During auto-provisioning, the Prestige checks to see if there is a newer firmware version. If newer firmware is available, the Prestige plays a recording when you pick up your phone’s handset.
Page 129: Chapter 10 Dynamic Dns Setup
Prestige 2602R Series User’s Guide H A P T E R Dynamic DNS Setup This chapter discusses how to configure your Prestige to use Dynamic DNS. 10.1 Dynamic DNS Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.).
Page 130: Figure 49 Dynamic Dns
Prestige 2602R Series User’s Guide Figure 49 Dynamic DNS The following table describes the fields in this screen. Table 35 Dynamic DNS LABEL DESCRIPTION Active Select this check box to use dynamic DNS. Service Provider This is the name of your Dynamic DNS service provider.
Page 131: Chapter 11 Time And Date
Prestige 2602R Series User’s Guide H A P T E R Time and Date Use this screen to configure the Prestige’s time and date settings. 11.1 Pre-defined NTP Time Servers List The Prestige uses the following pre-defined list of NTP time servers if you do not specify a time server or it cannot synchronize with the time server you specified.
Page 132: Figure 50 Time And Date
Prestige 2602R Series User’s Guide Figure 50 Time and Date The following table describes the fields in this screen. Table 37 Time and Date LABEL DESCRIPTION Time Server Use Protocol when Select the time service protocol that your time server uses. Not all time servers...
Page 133 Prestige 2602R Series User’s Guide Table 37 Time and Date (continued) LABEL DESCRIPTION End Date Enter the month and day that your daylight-savings time ends on if you selected Daylight Savings. Synchronize Select this option to have your Prestige use the time server (that you configured system clock with above) to set its internal system clock.
Page 134 Prestige 2602R Series User’s Guide Chapter 11 Time and Date...
Page 135: Chapter 12 Firewalls
Prestige 2602R Series User’s Guide H A P T E R Firewalls This chapter gives some background information on firewalls and introduces the Prestige firewall. 12.1 Firewall Overview Originally, the term firewall referred to a construction technique designed to prevent the spread of fire from one room to another.
Page 136: Stateful Inspection Firewalls
Prestige 2602R Series User’s Guide Information hiding prevents the names of internal systems from being made known via DNS to outside systems, since the application gateway is the only host whose name must be made known to outside systems. Robust authentication and logging pre-authenticates application traffic before it reaches internal hosts and causes it to be logged more effectively than if it were logged with standard host logging.
Page 137: Denial Of Service Attacks
Prestige 2602R Series User’s Guide 12.3.1 Denial of Service Attacks Figure 51 Prestige Firewall Application 12.4 Denial of Service Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources.
Page 138: Types Of Dos Attacks
Prestige 2602R Series User’s Guide Table 38 Common IP Ports Telnet HTTP SMTP POP3 12.4.2 Types of DoS Attacks There are four types of DoS attacks: 1 Those that exploit bugs in a TCP/IP implementation. 2 Those that exploit weaknesses in the TCP/IP specification.
Page 139: Figure 53 Syn Flood
Prestige 2602R Series User’s Guide Under normal circumstances, the application that initiates a session sends a SYN (synchronize) packet to the receiving server. The receiver sends back an ACK (acknowledgment) packet and its own SYN, and then the initiator responds with an ACK (acknowledgment).
Page 140: Icmp Vulnerability
Prestige 2602R Series User’s Guide Figure 54 Smurf Attack 12.4.2.1 ICMP Vulnerability ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types trigger an alert: Table 39 ICMP Commands That Trigger Alerts REDIRECT TIMESTAMP_REQUEST TIMESTAMP_REPLY...
Page 141: Traceroute
Prestige 2602R Series User’s Guide 12.4.2.3 Traceroute Traceroute is a utility used to determine the path a packet takes between two endpoints. Sometimes when a packet filter firewall is configured incorrectly an attacker can traceroute the firewall gaining knowledge of the network topology inside the firewall.
Page 142: Stateful Inspection Process
Prestige 2602R Series User’s Guide Figure 55 Stateful Inspection The previous figure shows the Prestige’s default firewall rules in action as well as demonstrates how stateful inspection works. User A can initiate a Telnet session from within the LAN and responses to this request are allowed. However other Telnet traffic initiated from the WAN is blocked.
Page 143: Stateful Inspection And The Prestige
Prestige 2602R Series User’s Guide temporary entries might be modified, in order to permit only packets that are valid for the current state of the connection. 8 Any additional inbound or outbound packets that belong to the connection are inspected to update the state table entry and to modify the temporary inbound access list entries as required, and are forwarded through the interface.
Page 144: Udp/Icmp Security
Prestige 2602R Series User’s Guide When the Prestige receives any subsequent packet (from the Internet or from the LAN), its connection information is extracted and checked against the cache. A packet is only allowed to pass through if it corresponds to a valid connection (that is, if it is a response to a connection which originated on the LAN).
Page 145: Security In General
Prestige 2602R Series User’s Guide • Limit who can telnet into your router. • Don't enable any local service (such as SNMP or NTP) that you don't use. Any enabled service could present a potential security risk. A determined hacker might be able to find creative ways to misuse the enabled services to access the firewall or the network.
Page 146: Packet Filtering Vs Firewall
Prestige 2602R Series User’s Guide • Always shred confidential information, particularly about your computer, before throwing it away. Some hackers dig through the trash of companies or individuals for information that might help them in an attack. 12.7 Packet Filtering Vs Firewall Below are some comparisons between the Prestige’s filtering and firewall functions.
Page 147 Prestige 2602R Series User’s Guide • A range of source and destination IP addresses as well as port numbers can be specified within one firewall rule making the firewall a better choice when complex rules are required. • To selectively block/allow inbound or outbound traffic between inside host/networks and outside host/networks.
Page 148 Prestige 2602R Series User’s Guide Chapter 12 Firewalls...
Page 149: Firewall Configuration
Prestige 2602R Series User’s Guide H A P T E R Firewall Configuration This chapter shows you how to enable and configure the Prestige firewall. 13.1 Access Methods The web configurator is, by far, the most comprehensive firewall configuration tool your Prestige has to offer.
Page 150: Rule Logic Overview
Prestige 2602R Series User’s Guide Note: If you configure firewall rules without a good understanding of how they work, you might inadvertently introduce security risks to the firewall and to the protected network. Make sure you test your rules after you configure them.
Page 151: Key Fields For Configuring Rules
Prestige 2602R Series User’s Guide 3 Does a rule that allows Internet users access to resources on the LAN create a security vulnerability? For example, if FTP ports (TCP 20, 21) are allowed from the Internet to the LAN, Internet users may be able to connect to computers with running FTP servers.
Page 152: Lan To Wan Rules
Prestige 2602R Series User’s Guide 13.4.1 LAN to WAN Rules The default rule for LAN to WAN traffic is that all users on the LAN are allowed non- restricted access to the WAN. When you configure a LAN to WAN rule, you in essence want to limit some or all users from accessing certain services on the WAN.
Page 153: Configuring Basic Firewall Settings
Prestige 2602R Series User’s Guide 13.5 Configuring Basic Firewall Settings Click Firewall and then Default Policy to display the following screen. Activate the firewall by selecting the Firewall Enabled check box as seen in the following screen. Figure 58 Firewall: Default Policy The following table describes the labels in this screen.
Page 154: Rule Summary
Prestige 2602R Series User’s Guide Table 42 Firewall: Default Policy (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the Prestige. Cancel Click Cancel to begin configuring this screen afresh. 13.6 Rule Summary Note: The ordering of your rules is very important as rules are applied in turn.
Page 155: Configuring Firewall Rules
Prestige 2602R Series User’s Guide Table 43 Rule Summary (continued) LABEL DESCRIPTION The following read-only fields summarize the rules you have created that apply to traffic traveling in the selected packet direction. The firewall rules that you configure (summarized below) take priority over the general firewall action settings above.
Page 156: Figure 60 Firewall: Edit Rule
Prestige 2602R Series User’s Guide Figure 60 Firewall: Edit Rule The following table describes the labels in this screen. Chapter 13 Firewall Configuration...
Page 157: Table 44 Firewall: Edit Rule
Prestige 2602R Series User’s Guide Table 44 Firewall: Edit Rule LABEL DESCRIPTION Active Select this option to enable this firewall rule. Action for Matched Use the radio button to select whether to discard (Block) or allow the passage of Packet (Forward) packets that match this rule.
Page 158: Customized Services
Prestige 2602R Series User’s Guide 13.7 Customized Services Configure customized services and port numbers not predefined by the Prestige. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website. For further information on these services, please read Section 13.10 on...
Page 159: Example Firewall Rule
Prestige 2602R Series User’s Guide Figure 62 Firewall: Configure Customized Services The following table describes the labels in this screen. Table 46 Firewall: Configure Customized Services LABEL DESCRIPTION Service Name Type a unique name for your custom port. Service Type Choose the IP port (TCP, UDP or TCP/UDP) that defines your customized port from the drop down list box.
Page 160: Figure 63 Firewall Example: Rule Summary
Prestige 2602R Series User’s Guide Figure 63 Firewall Example: Rule Summary 3 In the Rule Summary screen, type the index number for where you want to put the rule. For example, if you type “6”, your new rule becomes number 6 and the previous rule 6 (if there is one) becomes rule 7.
Page 161: Figure 64 Firewall Example: Edit Rule: Destination Address
Prestige 2602R Series User’s Guide Figure 64 Firewall Example: Edit Rule: Destination Address 7 In the Edit Rule screen, click the Edit Customized Services link to open the Customized Services screen. 8 Click the number of a customized service to open the configuration screen. Configure it as follows and click Apply.
Page 162: Figure 66 Firewall Example: Edit Rule: Select Customized Services
Prestige 2602R Series User’s Guide Figure 66 Firewall Example: Edit Rule: Select Customized Services Note: Custom ports show up with an “*” before their names in the Services list box and the Rule Summary list box. Click Apply after you’ve created your custom port.
Page 163: Predefined Services
Prestige 2602R Series User’s Guide Figure 67 Firewall Example: Rule Summary: My Service 13.10 Predefined Services The Available Services list box in the Edit Rule screen (see Section 13.6.1 on page 155) displays all predefined services that the Prestige already supports. Next to the name of the service, two fields appear in brackets.
Page 164 Prestige 2602R Series User’s Guide Table 47 Predefined Services (continued) SERVICE DESCRIPTION HTTPS HTTPS is a secured http session often used in e-commerce. ICQ(UDP:4000) This is a popular Internet chat program. IKE(UDP:500) The Internet Key Exchange algorithm is used for key distribution and management.
Page 165: Anti-Probing
Prestige 2602R Series User’s Guide Table 47 Predefined Services (continued) SERVICE DESCRIPTION SNMP-TRAPS (TCP/ Traps for use with the SNMP (RFC:1215). UDP:162) SQL-NET(TCP:1521) Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers.
Page 166: Dos Thresholds
Prestige 2602R Series User’s Guide Figure 68 Firewall: Anti Probing The following table describes the labels in this screen. Table 48 Firewall: Anti Probing LABEL DESCRIPTION Respond to PING The Prestige does not respond to any incoming Ping requests when Disable is selected.
Page 167: Threshold Values
Prestige 2602R Series User’s Guide 13.12.1 Threshold Values Tune these parameters when something is not working and after you have checked the firewall counters. These default values should work fine for most small offices. Factors influencing choices for threshold values are: •...
Page 168: Figure 69 Firewall: Threshold
Prestige 2602R Series User’s Guide The Prestige also sends alerts whenever TCP Maximum Incomplete is exceeded. The global values specified for the threshold and timeout apply to all TCP connections. Click Firewall, and Threshold to bring up the next screen.
Page 169 Prestige 2602R Series User’s Guide Table 49 Firewall: Threshold (continued) LABEL DESCRIPTION DEFAULT VALUES Maximum This is the number of existing half-open 100 existing half-open sessions. Incomplete High sessions that causes the firewall to start The above values causes the deleting half-open sessions.
Page 170 Prestige 2602R Series User’s Guide Chapter 13 Firewall Configuration...
Page 171: Chapter 14 Content Filtering
Prestige 2602R Series User’s Guide H A P T E R Content Filtering This chapter covers how to configure content filtering. 14.1 Content Filtering Overview Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering gives you the ability to block web sites that contain key words (that you specify) in the URL.
Page 172: Configuring The Schedule
Prestige 2602R Series User’s Guide Figure 70 Content Filter: Keyword The following table describes the labels in this screen. Table 50 Content Filter: Keyword LABEL DESCRIPTION Enable Keyword Blocking Select this check box to enable this feature. Block Websites that contain...
Page 173: Configuring Trusted Computers
Prestige 2602R Series User’s Guide Figure 71 Content Filter: Schedule The following table describes the labels in this screen. Table 51 Content Filter: Schedule LABEL DESCRIPTION Days to Block: Select a check box to configure which days of the week (or everyday) you want the content filtering to be active.
Page 174: Figure 72 Content Filter: Trusted
Prestige 2602R Series User’s Guide Figure 72 Content Filter: Trusted The following table describes the labels in this screen. Table 52 Content Filter: Trusted LABEL DESCRIPTION Trusted User IP Range From Type the IP address of a computer (or the beginning IP address of a specific range of computers) on the LAN that you want to exclude from content filtering.
Page 175: Remote Management Configuration
Prestige 2602R Series User’s Guide H A P T E R Remote Management Configuration This chapter provides information on configuring remote management. 15.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which Prestige interface (if any) from which computers.
Page 176: Remote Management And Nat
Prestige 2602R Series User’s Guide • A filter in SMT menu 3.1 (LAN) or in menu 11.5 (WAN) is applied to block a Telnet, FTP or Web service. • You have disabled that service in one of the remote management screens.
Page 177: Web
Prestige 2602R Series User’s Guide 15.4 Web You can use the Prestige’s embedded web configurator for configuration and file management. See the online help for details. 15.5 Configuring Remote Management Click Remote Management to open the following screen. Figure 74 Remote Management The following table describes the fields in this screen.
Page 178 Prestige 2602R Series User’s Guide Chapter 15 Remote Management Configuration...
Page 179: Universal Plug-And-Play (Upnp)
Prestige 2602R Series User’s Guide H A P T E R Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configurator. 16.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices.
Page 180: Upnp And Zyxel
Prestige 2602R Series User’s Guide All UPnP-enabled devices may communicate freely with each other without additional configuration. Disable UPnP if this is not your intention. 16.2 UPnP and ZyXEL ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum Creates UPnP™...
Page 181: Installing Upnp In Windows Example
Prestige 2602R Series User’s Guide The following table describes the fields in this screen. Table 54 Configuring UPnP LABEL DESCRIPTION Enable the Universal Plug Select this checkbox to activate UPnP. Be aware that anyone could use and Play (UPnP) Service...
Page 182: Figure 76 Add/Remove Programs: Windows Setup: Communication
Prestige 2602R Series User’s Guide Figure 76 Add/Remove Programs: Windows Setup: Communication 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box. Figure 77 Add/Remove Programs: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next.
Page 183: Figure 78 Network Connections
Prestige 2602R Series User’s Guide Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections. 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components ….
Page 184: Figure 79 Windows Optional Networking Components Wizard
Prestige 2602R Series User’s Guide Figure 79 Windows Optional Networking Components Wizard 5 In the Networking Services window, select the Universal Plug and Play check box. Chapter 16 Universal Plug-and-Play (UPnP)
Page 185: Using Upnp In Windows Xp Example
Prestige 2602R Series User’s Guide Figure 80 Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 16.4 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the Prestige.
Page 186: Figure 81 Network Connections
Prestige 2602R Series User’s Guide Figure 81 Network Connections 3 In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Chapter 16 Universal Plug-and-Play (UPnP)
Page 187: Figure 82 Internet Connection Properties
Prestige 2602R Series User’s Guide Figure 82 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings. Chapter 16 Universal Plug-and-Play (UPnP)
Page 188: Figure 83 Internet Connection Properties: Advanced Settings
Prestige 2602R Series User’s Guide Figure 83 Internet Connection Properties: Advanced Settings Figure 84 Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Page 189: Figure 85 System Tray Icon
Prestige 2602R Series User’s Guide Figure 85 System Tray Icon 7 Double-click on the icon to display your current Internet connection status. Figure 86 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the Prestige without finding out the IP address of the Prestige first.
Page 190: Figure 87 Network Connections
Prestige 2602R Series User’s Guide Figure 87 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your Prestige and select Invoke. The web configurator login screen displays.
Page 191: Figure 88 Network Connections: My Network Places
Prestige 2602R Series User’s Guide Figure 88 Network Connections: My Network Places 6 Right-click on the icon for your Prestige and select Properties. A properties window displays with basic information about the Prestige. Figure 89 Network Connections: My Network Places: Properties: Example...
Page 192 Prestige 2602R Series User’s Guide Chapter 16 Universal Plug-and-Play (UPnP)
Page 193: Chapter 17 Logs Screens
Prestige 2602R Series User’s Guide H A P T E R Logs Screens This chapter contains information about configuring general log settings and viewing the Prestige’s logs. Refer to the appendix for example log message explanations. 17.1 Logs Overview The web configurator allows you to choose which categories of events and/or alerts to have the Prestige log and then display the logs or have the Prestige send them to an administrator (as e-mail) or to a syslog server.
Page 194: Figure 90 Log Settings
Prestige 2602R Series User’s Guide Figure 90 Log Settings The following table describes the fields in this screen. Table 55 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below.
Page 195: Displaying The Logs
Prestige 2602R Series User’s Guide Table 55 Log Settings (continued) LABEL DESCRIPTION Send log to Logs are sent to the e-mail address specified in this field. If this field is left blank, logs will not be sent via e-mail. Send alerts to Alerts are sent to the e-mail address specified in this field.
Page 196: Smtp Error Messages
Prestige 2602R Series User’s Guide Figure 91 View Logs The following table describes the fields in this screen. Table 56 View Logs LABEL DESCRIPTION Display The categories that you select in the Log Settings screen (see section ) display in the drop-down list box.
Page 197: Example E-Mail Log
Prestige 2602R Series User’s Guide E-mail error messages appear in SMT menu 24.3.1 as "SMTP action request failed. ret= ??". The “??"are described in the following table. Table 57 SMTP Error Messages -1 means Prestige out of socket -2 means tcp SYN fail...
Page 198: Figure 92 E-Mail Log Example
Prestige 2602R Series User’s Guide Figure 92 E-mail Log Example Subject: Firewall Alert From Prestige Date: Fri, 07 Apr 2000 10:05:42 From: user@zyxel.com user@zyxel.com 1|Apr 7 00 |From:192.168.1.1 To:192.168.1.255 |default policy |forward | 09:54:03 |UDP src port:00520 dest port:00520 |<1,00>...
Page 199: Media Bandwidth Management Advanced Setup
Prestige 2602R Series User’s Guide H A P T E R Media Bandwidth Management Advanced Setup This chapter describes the functions and advanced configuration of bandwidth management. 18.1 Bandwidth Management Advanced Setup Overview Bandwidth management allows you to allocate an interface’s outgoing capacity to specific types of traffic.
Page 200: Proportional Bandwidth Allocation
Prestige 2602R Series User’s Guide you configure child-classes with filters for any classes that you configure without filters. The Prestige leaves the bandwidth budget allocated and unused for a class that does not have a filter itself or child-classes with filters. View your configured bandwidth classes and child- classes in the Class Setup screen (see Section 18.9 on page 207...
Page 201: Application And Subnet-Based Bandwidth Management Example
Prestige 2602R Series User’s Guide Figure 94 Subnet-based Bandwidth Management Example 18.4.3 Application and Subnet-based Bandwidth Management Example The following example uses bandwidth classes based on LAN subnets and applications (specific applications in each subnet are allotted bandwidth). Table 58 Application and Subnet-based Bandwidth Management Example...
Page 202: Priority-Based Scheduler
Prestige 2602R Series User’s Guide 18.5.1 Priority-based Scheduler With the priority-based scheduler, the Prestige forwards traffic from bandwidth classes according to the priorities that you assign to the bandwidth classes. The larger a bandwidth class’s priority number is, the higher the priority. Assign real-time applications (like those using audio or video) a higher priority number to provide smoother operation.
Page 203: Maximize Bandwidth Usage Example
Prestige 2602R Series User’s Guide 18.6.2 Maximize Bandwidth Usage Example Here is an example of a Prestige that has maximized bandwidth usage enabled on an interface. The first figure shows each bandwidth class’s bandwidth budget and priority. The classes are set up based on subnets.
Page 204: Bandwidth Borrowing
Prestige 2602R Series User’s Guide Figure 97 Maximize Bandwidth Usage Example 18.7 Bandwidth Borrowing Bandwidth borrowing allows a child-class to borrow unused bandwidth from its parent class, whereas maximize bandwidth usage allows bandwidth classes to borrow any unused or unbudgeted bandwidth on the whole interface.
Page 205: Maximize Bandwidth Usage With Bandwidth Borrowing
Prestige 2602R Series User’s Guide Figure 98 Bandwidth Borrowing Example • The Administration and Sales classes cannot borrow unused bandwidth from the Root class because the Administration and Sales classes has bandwidth borrowing disabled. • The Marketing and R&D classes can both borrow unused bandwidth from the Root class because the Marketing and R&D classes both have bandwidth borrowing enabled.
Page 206: Figure 99 Media Bandwidth Management: Summary
Prestige 2602R Series User’s Guide Figure 99 Media Bandwidth Management: Summary The following table describes the labels in this screen. Table 59 Media Bandwidth Management: Summary LABEL DESCRIPTION These read-only labels represent the physical interfaces. Active Select an interface’s check box to enable bandwidth management on that interface.
Page 207: Configuring Class Setup
Prestige 2602R Series User’s Guide 18.9 Configuring Class Setup The class setup screen displays the configured bandwidth classes by individual interface. Select an interface and click the buttons to perform the actions described next. Click “+” to expand the class tree or click “-“ to collapse the class tree. Each interface has a permanent root class.
Page 208: Media Bandwidth Management Class Configuration
Prestige 2602R Series User’s Guide 18.9.1 Media Bandwidth Management Class Configuration Configure a bandwidth management class in the Class Configuration screen. You must use the Media Bandwidth Management - Summary screen to enable bandwidth management on an interface before you can configure classes for that interface.
Page 209 Prestige 2602R Series User’s Guide Table 61 Media Bandwidth Management: Class Configuration (continued) LABEL DESCRIPTION Borrow bandwidth Select this option to allow a child-class to borrow bandwidth from its parent class from parent class if the parent class is not using up its bandwidth budget.
Page 210: Media Bandwidth Management Statistics
Prestige 2602R Series User’s Guide Table 62 Services and Port Numbers SERVICES PORT NUMBER ECHO FTP (File Transfer Protocol) SMTP (Simple Mail Transfer Protocol) DNS (Domain Name System) Finger HTTP (Hyper Text Transfer protocol or WWW, Web) POP3 (Post Office Protocol)
Page 211: Bandwidth Monitor
Prestige 2602R Series User’s Guide Table 63 Media Bandwidth Management Statistics LABEL DESCRIPTION Dropped Bytes This field displays the total number of bytes dropped. Bandwidth Statistics for the Past 8 Seconds (t-8 to t-1) This field displays the bandwidth statistics (in bps) for the past one to eight seconds. For example, t-1 means one second ago.
Page 212 Prestige 2602R Series User’s Guide Table 64 Media Bandwidth Management: Monitor LABEL DESCRIPTION Back Click Back to go to the main Media Bandwidth Management screen. Refresh Click Refresh to update the page. Chapter 18 Media Bandwidth Management Advanced Setup...
Page 213: Chapter 19 Maintenance
Prestige 2602R Series User’s Guide H A P T E R Maintenance This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics. 19.1 Maintenance Overview The maintenance screens can help you view system information, upload new firmware, manage configuration and restart your Prestige.
Page 214: Figure 104 System Status
Prestige 2602R Series User’s Guide Figure 104 System Status Chapter 19 Maintenance...
Page 215: Table 65 System Status
Prestige 2602R Series User’s Guide The following table describes the fields in this screen. Table 65 System Status LABEL DESCRIPTION System Status System Name This is the name of your Prestige. It is for identification purposes. ZyNOS Firmware This is the ZyNOS firmware version and the date created. ZyNOS is ZyXEL's Version proprietary Network Operating System design.
Page 216: System Statistics
Prestige 2602R Series User’s Guide 19.2.1 System Statistics Click Show Statistics in the System Status screen to open the following screen. Read-only information here includes port status and packet specific statistics. Also provided are "system up time" and "poll interval(s)". The Poll Interval(s) field is configurable.
Page 217: Dhcp Table Screen
Prestige 2602R Series User’s Guide Table 66 System Status: Show Statistics (continued) LABEL DESCRIPTION TxPkts This field displays the number of packets transmitted on this port. RxPkts This field displays the number of packets received on this port. Errors This field displays the number of error packets on this port.
Page 218: Any Ip Table Screen
Prestige 2602R Series User’s Guide Figure 106 DHCP Table The following table describes the fields in this screen. Table 67 DHCP Table LABEL DESCRIPTION Host Name This is the name of the host computer. IP Address This field displays the IP address relative to the Host Name field.
Page 219: Diagnostic Screens
Prestige 2602R Series User’s Guide Table 68 Any IP Table LABEL DESCRIPTION MAC Address This field displays the MAC (Media Access Control) address of the computer with the displayed IP address. Every Ethernet device has a unique MAC address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Page 220: Diagnostic Dsl Line Screen
Prestige 2602R Series User’s Guide The following table describes the fields in this screen. Table 69 Diagnostic: General LABEL DESCRIPTION TCP/IP Type the IP address of a computer that you want to ping in order to test a connection. Address Ping Click this button to ping the IP address that you entered.
Page 221: Firmware Screen
Prestige 2602R Series User’s Guide The following table describes the fields in this screen. Table 70 Diagnostic: DSL Line LABEL DESCRIPTION Reset ADSL Click this button to reinitialize the ADSL line. The large text box above then displays Line the progress and results of this operation, for example: "Start to reset ADSL...
Page 222: Figure 110 Firmware Upgrade
Prestige 2602R Series User’s Guide Figure 110 Firmware Upgrade The following table describes the labels in this screen. Table 71 Firmware Upgrade LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it.
Page 223: Figure 112 Error Message
Prestige 2602R Series User’s Guide If the upload was not successful, the following screen will appear. Click Back to go back to the Firmware screen. Figure 112 Error Message Chapter 19 Maintenance...
Page 224 Prestige 2602R Series User’s Guide Chapter 19 Maintenance...
Page 225: Chapter 20 Introducing The Smt
Prestige 2602R Series User’s Guide H A P T E R Introducing the SMT This chapter explains how to access and navigate the System Management Terminal and gives an overview of its menus. 20.1 Introduction to the SMT The Prestige’s SMT (System Management Terminal) is a menu-driven interface that you can access over a telnet connection.
Page 226: Navigating The Smt Interface
Prestige 2602R Series User’s Guide Figure 113 Login Screen Enter Password : **** 20.2 Navigating the SMT Interface The SMT (System Management Terminal) is the interface that you use to configure your Prestige. Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below.
Page 227: System Management Terminal Interface Summary
Prestige 2602R Series User’s Guide After you enter the password, the SMT displays the main menu, as shown next. Table 73 SMT Main Menu Copyright (c) 1994 - 2005 ZyXEL Communications Corp. Prestige 2602R-61 Main Menu Getting Started Advanced Management 1.
Page 228: Smt Menus Overview
Prestige 2602R Series User’s Guide 20.2.2 SMT Menus Overview The following table gives you an overview of your Prestige’s various SMT menus. Table 75 SMT Menus Overview MENUS SUB MENUS 1 General Setup 1.1 Configure Dynamic DNS 2 WAN Backup 2.1 Traffic Redirect Setup...
Page 229: Changing The System Password
Prestige 2602R Series User’s Guide Table 75 SMT Menus Overview (continued) MENUS SUB MENUS 24 System 24.1 Status Maintenance 24.2 System Information and 24.2.1 Information Console Port Speed 24.2.2 Change Console Port Speed 24.3 Log and Trace 24.3.1 View Error Log 24.3.2 UNIX Syslog...
Page 230 Prestige 2602R Series User’s Guide 4 Re-type your new system password in the Retype to confirm field for confirmation and press [ENTER]. Note: Note that as you type a password, the screen displays an “ ” for each character you type.
Page 231: Chapter 21 Menu 1 General Setup
Prestige 2602R Series User’s Guide H A P T E R Menu 1 General Setup Menu 1 - General Setup contains administrative and system-related information. 21.1 General Setup Menu 1 — General Setup contains administrative and system-related information (shown next). The System Name field is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name".
Page 232: Procedure To Configure Dynamic Dns
Prestige 2602R Series User’s Guide Figure 115 Menu 1 General Setup Menu 1 General Setup System Name= ? Location= Contact Person's Name= Domain Name= Edit Dynamic DNS= No Route IP= Yes Bridge= No Press ENTER to Confirm or ESC to Cancel: Fill in the required fields.
Page 233: Figure 116 Menu 1.1 Configure Dynamic Dns
Prestige 2602R Series User’s Guide Figure 116 Menu 1.1 Configure Dynamic DNS Menu 1.1 - Configure Dynamic DNS Service Provider= WWW.DynDNS.ORG Active= No Host= EMAIL= USER= Password= ******** Enable Wildcard= No Press ENTER to Confirm or ESC to Cancel: Follow the instructions in the next table to configure dynamic DNS parameters.
Page 234 Prestige 2602R Series User’s Guide Chapter 21 Menu 1 General Setup...
Page 235: Chapter 22 Menu 2 Wan Backup Setup
Prestige 2602R Series User’s Guide H A P T E R Menu 2 WAN Backup Setup This chapter describes how to configure traffic redirect and dial-backup using menu 2 and 2.1. 22.1 Introduction to WAN Backup Setup This chapter explains how to configure the Prestige for traffic redirect connections.
Page 236: Traffic Redirect Setup
Prestige 2602R Series User’s Guide Table 78 Menu 2 WAN Backup Setup (continued) FIELD DESCRIPTION KeepAlive Fail Type the number of times (2 recommended) that your Prestige may ping the IP Tolerance addresses configured in the Check WAN IP Address field without getting a response before switching to a WAN backup connection (or a different WAN backup connection).
Page 237 Prestige 2602R Series User’s Guide Table 79 Menu 2.1Traffic Redirect Setup FIELD DESCRIPTION Metric This field sets this route's priority among the routes the Prestige uses. The metric represents the "cost of transmission". A router determines the best route for transmission by choosing a path with the lowest "cost". RIP routing uses hop count as the measurement of cost, with a minimum of "1"...
Page 238 Prestige 2602R Series User’s Guide Chapter 22 Menu 2 WAN Backup Setup...
Page 239: Chapter 23 Menu 3 Lan Setup
Prestige 2602R Series User’s Guide H A P T E R Menu 3 LAN Setup This chapter covers how to configure your wired Local Area Network (LAN) settings. 23.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 — LAN Setup. From the main menu, enter 3 to display menu 3.
Page 240: Protocol Dependent Ethernet Setup
Prestige 2602R Series User’s Guide 23.2 Protocol Dependent Ethernet Setup Depending on the protocols for your applications, you need to configure the respective Ethernet Setup, as outlined below. • For TCP/IP Ethernet setup refer to Section 24.6 on page 246.
Page 241: Table 80 Dhcp Ethernet Setup
Prestige 2602R Series User’s Guide Follow the instructions in the following table on how to configure the DHCP fields. Table 80 DHCP Ethernet Setup FIELD DESCRIPTION DHCP Setup DHCP If set to Server, your Prestige can assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client.
Page 242 Prestige 2602R Series User’s Guide Chapter 23 Menu 3 LAN Setup...
Page 243: Chapter 24 Internet Access
Prestige 2602R Series User’s Guide H A P T E R Internet Access This chapter shows you how to configure the LAN and WAN of your Prestige for Internet access 24.1 Internet Access Overview Refer to the chapters on the web configurator’s wizard, LAN and WAN screens for more background information on fields in the SMT screens covered in this chapter.
Page 244: Ip Alias Setup
Prestige 2602R Series User’s Guide Figure 122 IP Alias Network Example Use menu 3.2.1 to configure IP Alias on your Prestige. 24.4 IP Alias Setup Use menu 3.2 to configure the first network. Move the cursor to Edit IP Alias field and press [SPACEBAR] to choose Yes and press [ENTER] to configure the second and third network.
Page 245: Route Ip Setup
Prestige 2602R Series User’s Guide Figure 124 Menu 3.2.1 IP Alias Setup Menu 3.2.1 - IP Alias Setup IP Alias 1= No IP Address= N/A IP Subnet Mask= N/A RIP Direction= N/A Version= N/A Incoming protocol filters= N/A Outgoing protocol filters= N/A...
Page 246: Internet Access Configuration
Prestige 2602R Series User’s Guide Figure 125 Menu 1 General Setup Menu 1 - General Setup System Name= ? Location= location Contact Person's Name= Domain Name= Edit Dynamic DNS= No Route IP= Yes Bridge= No Press ENTER to Confirm or ESC to Cancel: 24.6 Internet Access Configuration...
Page 247: Table 83 Menu 4 Internet Access Setup
Prestige 2602R Series User’s Guide Table 83 Menu 4 Internet Access Setup FIELD DESCRIPTION ISP’s Name Enter the name of your Internet Service Provider (ISP). This information is for identification purposes only. SPACE BAR Encapsulation Press [ ] to select the method of encapsulation used by your ISP.
Page 248 Prestige 2602R Series User’s Guide Chapter 24 Internet Access...
Page 249: Remote Node Configuration
Prestige 2602R Series User’s Guide H A P T E R Remote Node Configuration This chapter covers remote node configuration. 25.1 Remote Node Setup Overview This section describes the protocol-independent parameters for a remote node. A remote node is required for placing calls to a remote gateway. A remote node represents both the remote gateway and the network behind it across a WAN connection.
Page 250: Encapsulation And Multiplexing Scenarios
Prestige 2602R Series User’s Guide Figure 127 Menu 11 Remote Node Setup Menu 11 - Remote Node Setup 1. MyISP (ISP, SUA) 2. ________ 3. ________ 4. ________ 5. ________ 6. ________ 7. ________ 8. ________ Enter Node # to Edit: 25.2.2 Encapsulation and Multiplexing Scenarios...
Page 251: Figure 128 Menu 11.1 Remote Node Profile
Prestige 2602R Series User’s Guide Figure 128 Menu 11.1 Remote Node Profile Menu 11.1 - Remote Node Profile Rem Node Name= MyISP Route= IP Active= Yes Bridge= No Encapsulation= RFC 1483 Edit IP/Bridge= No Multiplexing= LLC-based Edit ATM Options= No...
Page 252: Outgoing Authentication Protocol
Prestige 2602R Series User’s Guide Table 84 Menu 11.1 Remote Node Profile (continued) FIELD DESCRIPTION Authen This field sets the authentication protocol used for outgoing calls. Options for this field are: CHAP/PAP – Your Prestige will accept either CHAP or PAP when requested by this remote node.
Page 253: Remote Node Network Layer Options
Prestige 2602R Series User’s Guide 25.3 Remote Node Network Layer Options For the TCP/IP parameters, perform the following steps to edit Menu 11.3 – Remote Node Network Layer Options as shown next. 1 In menu 11.1, make sure IP is among the protocols in the Route field.
Page 254: My Wan Addr Sample Ip Addresses
Prestige 2602R Series User’s Guide Table 85 Menu 11.3 Remote Node Network Layer Options (continued) FIELD DESCRIPTION Address When Full Feature is selected in the NAT field, configure address mapping sets in Mapping Set menu 15.1. Select one of the NAT server sets (2-10) in menu 15.2 (see...
Page 255: Remote Node Filter
Prestige 2602R Series User’s Guide Figure 130 Sample IP Addresses for a TCP/IP LAN-to-LAN Connection 25.4 Remote Node Filter Move the cursor to the Edit Filter Sets field in menu 11.1, then press [SPACE BAR] to select Yes. Press [ENTER] to display Menu 11.5 – Remote Node Filter.
Page 256: Editing Atm Layer Options
Prestige 2602R Series User’s Guide Figure 131 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation) Menu 11.5 - Remote Node Filter Input Filter Sets: protocol filters= device filters= Output Filter Sets: protocol filters= device filters= Enter here to CONFIRM or ESC to CANCEL: Figure 132 Menu 11.5 Remote Node Filter (PPPoA or PPPoE Encapsulation)
Page 257: Llc-Based Multiplexing Or Ppp Encapsulation
Prestige 2602R Series User’s Guide Figure 133 Menu 11.6 for VC-based Multiplexing Menu 11.6 - Remote Node ATM Layer Options VPI/VCI (VC-Multiplexing) VC Options for IP: VC Options for Bridge: VPI #= 8 VPI #= 1 VCI #= 35 VCI #= 36...
Page 258: Figure 135 Menu 11.1 Remote Node Profile
Prestige 2602R Series User’s Guide Figure 135 Menu 11.1 Remote Node Profile Menu 11.1 - Remote Node Profile Rem Node Name= MyISP Route= IP Active= Yes Bridge= No Encapsulation= PPPoE Edit IP/Bridge= No Multiplexing= LLC-based Edit ATM Options= No Service Name=...
Page 259: Chapter 26 Static Route Setup
Prestige 2602R Series User’s Guide H A P T E R Static Route Setup This chapter shows how to setup IP static routes. 26.1 IP Static Route Overview Static routes tell the Prestige routing information that it cannot learn automatically through other means.
Page 260: Figure 138 Menu 12 Static Route Setup
Prestige 2602R Series User’s Guide Figure 138 Menu 12 Static Route Setup Menu 12 - Static Route Setup 1. IP Static Route 3. Bridge Static Route Please enter selection: From menu 12, select 1 to open Menu 12.1 — IP Static Route Setup (shown next).
Page 261: Table 87 Menu12.1.1 Edit Ip Static Route
Prestige 2602R Series User’s Guide The following table describes the fields for Menu 12.1.1 – Edit IP Static Route Setup. Table 87 Menu12.1.1 Edit IP Static Route FIELD DESCRIPTION Route # This is the index number of the static route that you chose in menu 12.1.
Page 262 Prestige 2602R Series User’s Guide Chapter 26 Static Route Setup...
Page 263: Chapter 27 Bridging Setup
Prestige 2602R Series User’s Guide H A P T E R Bridging Setup This chapter shows you how to configure the bridging parameters of your Prestige. 27.1 Bridging in General Bridging bases the forwarding decision on the MAC (Media Access Control), or hardware address, while routing does it on the network layer (IP) address.
Page 264: Figure 141 Menu 11.1 Remote Node Profile
Prestige 2602R Series User’s Guide Figure 141 Menu 11.1 Remote Node Profile Menu 11.1 - Remote Node Profile Rem Node Name= ? Route= IP Active= Yes Bridge= Yes Encapsulation= ENET ENCAP Edit IP/Bridge= No Multiplexing= VC-based Edit ATM Options= No...
Page 265: Bridge Static Route Setup
Prestige 2602R Series User’s Guide 27.2.2 Bridge Static Route Setup Similar to network layer static routes, a bridging static route tells the Prestige the route to a node before a connection is established. You configure bridge static routes in menu 12.3.1 (go to menu 12, choose option 3, then choose a static route to edit) as shown next.
Page 266 Prestige 2602R Series User’s Guide Chapter 27 Bridging Setup...
Page 267: Network Address Translation (Nat)
Prestige 2602R Series User’s Guide H A P T E R Network Address Translation (NAT) This chapter discusses how to configure NAT on the Prestige. 28.1 Using NAT You must create a firewall rule in addition to setting up SUA/NAT, to allow traffic from the WAN to be forwarded through the Prestige.
Page 268: Figure 144 Menu 4 Applying Nat For Internet Access
Prestige 2602R Series User’s Guide Figure 144 Menu 4 Applying NAT for Internet Access Menu 4 - Internet Access Setup ISP's Name= MyISP Encapsulation= RFC 1483 Multiplexing= LLC-based VPI #= 8 VCI #= 35 ATM QoS Type= UBR Peak Cell Rate (PCR)= 0...
Page 269: Nat Setup
Prestige 2602R Series User’s Guide Table 90 Applying NAT in Menus 4 & 11.3 FIELD DESCRIPTION Press [SPACE BAR] and then [ENTER] to select Full Feature if you have multiple public WAN IP addresses for your Prestige. The SMT uses the address mapping set that you...
Page 270: Sua Address Mapping Set
Prestige 2602R Series User’s Guide Figure 147 Menu 15.1 Address Mapping Sets Menu 15.1 - Address Mapping Sets 1. ACL Default Set 255. SUA (read only) Enter Menu Selection Number: 28.3.1.1 SUA Address Mapping Set Enter 255 to display the next screen (see also section 27.1.1). The fields in this menu cannot be changed.
Page 271: User-Defined Address Mapping Sets
Prestige 2602R Series User’s Guide Table 91 SUA Address Mapping Rules (continued) FIELD DESCRIPTION Global Start IP This is the starting global IP address (IGA). If you have a dynamic IP, enter 0.0.0.0 as the Global Start IP. Global End IP This is the ending global IP address (IGA).
Page 272: Figure 150 Menu 15.1.1.1 Editing/Configuring An Individual Rule In A Set
Prestige 2602R Series User’s Guide Now if you delete rule 4, rules 5 to 7 will be pushed up by 1 rule, so as old rule 5 becomes rule 4, old rule 6 becomes rule 5 and old rule 7 becomes rule 6.
Page 273: Configuring A Server Behind Nat
Prestige 2602R Series User’s Guide Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set Table 93 (continued) FIELD DESCRIPTION This is the ending local IP address (ILA). If the rule is for all local IPs, then put the Start IP as 0.0.0.0 and the End IP as 255.255.255.255. This field is N/A for One-to-One and Server types.
Page 274: General Nat Examples
Prestige 2602R Series User’s Guide Figure 152 Menu 15.2 NAT Server Setup Menu 15.2 - NAT Server Setup Rule Start Port No. End Port No. IP Address --------------------------------------------------- Default Default 0.0.0.0 192.168.1.33 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0...
Page 275: Example 1: Internet Access Only
Prestige 2602R Series User’s Guide 28.5.1 Example 1: Internet Access Only In the following Internet access example, you only need one rule where your ILAs (Inside Local addresses) all map to one dynamic IGA (Inside Global Address) assigned by your ISP.
Page 276: Example 3: Multiple Public Ip Addresses With Inside Servers
Prestige 2602R Series User’s Guide Figure 156 NAT Example 2 In this case, you do exactly as above (use the convenient pre-configured SUA Only set) and also go to menu 15.2 to specify the Inside Server behind the NAT as shown in the next figure.
Page 277: Figure 158 Nat Example 3
Prestige 2602R Series User’s Guide Map the other outgoing LAN traffic to IGA3 (Many : 1 mapping). You also map your third IGA to the web server and mail server on the LAN. Type Server allows you to specify multiple servers, of different types, to other computers behind NAT on the LAN.
Page 278: Figure 159 Example 3: Menu 11.3
Prestige 2602R Series User’s Guide Figure 159 Example 3: Menu 11.3 Menu 11.3 - Remote Node Network Layer Options IP Options: Bridge Options: IP Address Assignment= Static Ethernet Addr Timeout (min)= 0 Rem IP Addr: 0.0.0.0 Rem Subnet Mask= 0.0.0.0 My WAN Addr= 0.0.0.0...
Page 279: Figure 161 Example 3: Final Menu 15.1.1
Prestige 2602R Series User’s Guide Figure 161 Example 3: Final Menu 15.1.1 Menu 15.1.1 - Address Mapping Rules Set Name= Example3 Local Start IP Local End IP Global Start IP Global End IP Type --------------- --------------- --------------- --------------- 1. 192.168.1.10 10.132.50.1...
Page 280: Example 4: Nat Unfriendly Application Programs
Prestige 2602R Series User’s Guide 28.5.4 Example 4: NAT Unfriendly Application Programs Some applications do not support NAT Mapping using TCP or UDP port address translation. In this case it is better to use Many-to-Many No Overload mapping as port numbers do not change for Many-to-Many No Overload (and One-to-One) NAT mapping types.
Page 281: Figure 165 Example 4: Menu 15.1.1 Address Mapping Rules
Prestige 2602R Series User’s Guide Figure 165 Example 4: Menu 15.1.1 Address Mapping Rules Menu 15.1.1 - Address Mapping Rules Set Name= Example4 Local Start IP Local End IP Global Start IP Global End IP Type --------------- ------------- --------------- --------------- ---- 192.168.1.10...
Page 282 Prestige 2602R Series User’s Guide Chapter 28 Network Address Translation (NAT)
Page 283: Chapter 29 Enabling The Firewall
Prestige 2602R Series User’s Guide H A P T E R Enabling the Firewall This chapter shows you how to get started with the Prestige firewall. 29.1 Remote Management and the Firewall When SMT menu 24.11 is configured to allow management (see the Remote Management chapter) and the firewall is enabled: •...
Page 284: Figure 166 Menu 21.2 Firewall Setup
Prestige 2602R Series User’s Guide Figure 166 Menu 21.2 Firewall Setup Menu 21.2 - Firewall Setup The firewall protects against Denial of Service (DOS) attacks when it is active. The default Policy sets 1. allow all sessions originating from the LAN to the WAN and 2.
Page 285: Chapter 30 Filter Configuration
Prestige 2602R Series User’s Guide H A P T E R Filter Configuration This chapter shows you how to create and apply filters. 30.1 About Filtering Your Prestige uses filters to decide whether or not to allow passage of a data packet and/or to make a call.
Page 286: The Filter Structure Of The Prestige
Prestige 2602R Series User’s Guide Figure 168 Filter Rule Process Start Packet intoFilter Fetch First Filter Set Filter Set Fetch Next Fetch First Filter Set Filter Rule Fetch Next Filter Rule Next filter Next Filter Set Rule Active? Available? Available?
Page 287: Configuring A Filter Set For The Prestige
Prestige 2602R Series User’s Guide 30.2 Configuring a Filter Set for the Prestige To configure a filter set, follow the steps shown next. 1 Enter 21 in the main menu to display Menu 21 – Filter and Firewall Setup. 2 Enter 1 to display Menu 21.1 – Filter Set Configuration as shown next.
Page 288: Figure 170 Netbios_Wan Filter Rules Summary
Prestige 2602R Series User’s Guide Figure 170 NetBIOS_WAN Filter Rules Summary Menu 21.1.2 - Filter Rules Summary # A Type Filter Rules M m n - - ---- --------------------------------------------------------------- - 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N 2 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=138...
Page 289: Filter Rules Summary Menus
Prestige 2602R Series User’s Guide 30.3 Filter Rules Summary Menus The following tables briefly describe the abbreviations used in menus 21.1.1 and 21.1.2. Table 94 Abbreviations Used in the Filter Rules Summary Menu FIELD DESCRIPTION The filter rule number: 1 to 6.
Page 290: Configuring A Filter Rule
Prestige 2602R Series User’s Guide 30.4 Configuring a Filter Rule To configure a filter rule, type its number in Menu 21.1.x – Filter Rules Summary and press [ENTER] to open menu 21.1.x.1 for the rule. There are two types of filter rules: TCP/IP and Generic. Depending on the type of rule, the parameters for each type will be different.
Page 291: Table 96 Menu 21.1.X.x Tcp/Ip Filter Rule
Prestige 2602R Series User’s Guide The following table describes how to configure your TCP/IP filter rule. Table 96 Menu 21.1.x.x TCP/IP Filter Rule FIELD DESCRIPTION Filter # This is the filter set, filter rule coordinates, for instance, 2, 3 refers to the second filter set and the third filter rule of that set.
Page 292: Figure 174 Executing An Ip Filter
Prestige 2602R Series User’s Guide Table 96 Menu 21.1.x.x TCP/IP Filter Rule (continued) FIELD DESCRIPTION Action Not Select the action for a packet not matching the rule. Choices are Check Next Rule, Matched Forward or Drop. When you have completed this menu, press [ENTER] at the prompt “...
Page 293: Generic Filter Rule
Prestige 2602R Series User’s Guide 30.4.2 Generic Filter Rule This section shows you how to configure a generic filter rule. The purpose of generic rules is to allow you to filter non-IP packets. For IP, it is generally easier to use the IP rules directly.
Page 294: Filter Types And Nat
Prestige 2602R Series User’s Guide Table 97 Menu 21.1.5.1 Generic Filter Rule (continued) FIELD DESCRIPTION More If Yes, a matching packet is passed to the next filter rule before an action is taken or else the packet is disposed of according to the action fields.
Page 295: Example Filter
Prestige 2602R Series User’s Guide 30.6 Example Filter Let’s look at an example to block outside users from telnetting into the Prestige. Figure 177 Sample Telnet Filter 1 Enter 1 in the menu 21 to display Menu 21.1 — Filter Set Configuration.
Page 296: Figure 178 Menu 21.1.6.1 Sample Filter
Prestige 2602R Series User’s Guide Figure 178 Menu 21.1.6.1 Sample Filter Menu 21.1.6.1 - TCP/IP Filter Rule Filter #: 6,1 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 6 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0...
Page 297: Applying Filters And Factory Defaults
Prestige 2602R Series User’s Guide Figure 179 Menu 21.1.6.1 Sample Filter Rules Summary Menu 21.1.6 - Filter Rules Summary # A Type Filter Rules M m n - - ---- --------------------------------------------------------------- - 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D F Enter Filter Rule Number (1-6) to Configure: 1 30.7 Applying Filters and Factory Defaults...
Page 298: Remote Node Filters
Prestige 2602R Series User’s Guide Figure 180 Filtering Ethernet Traffic Menu 3.1 – LAN Port Filter Setup Input Filter Sets: protocol filters= 3 device filters= Output Filter Sets: protocol filters= device filters= Press ENTER to Confirm or ESC to Cancel: 30.7.2 Remote Node Filters...
Page 299: Chapter 31 Snmp Configuration
Prestige 2602R Series User’s Guide H A P T E R SNMP Configuration This chapter explains SNMP Configuration menu 22. 31.1 About SNMP Simple Network Management Protocol (SNMP) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite.
Page 300: Supported Mibs
Prestige 2602R Series User’s Guide The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include the number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects.
Page 301: Snmp Traps
Prestige 2602R Series User’s Guide Figure 183 Menu 22 SNMP Configuration Menu 22 - SNMP Configuration SNMP: Get Community= public Set Community= public Trusted Host= 0.0.0.0 Trap: Community= public Destination= 0.0.0.0 Press ENTER to Confirm or ESC to Cancel: The following table describes the SNMP configuration parameters.
Page 302: Table 101 Ports And Permanent Virtual Circuits
Prestige 2602R Series User’s Guide Table 100 SNMP Traps (continued) TRAP # TRAP NAME DESCRIPTION authenticationFailure (defined in A trap is sent to the manager when receiving any RFC-1215) SNMP gets or sets requirements with wrong community (password). whyReboot (defined in ZYXEL-MIB) A trap is sent with the reason of restart before rebooting when the system is going to restart (warm start).
Page 303: System Information And Diagnosis
Prestige 2602R Series User’s Guide H A P T E R System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4. 32.1 Overview These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software.
Page 304: Figure 185 Menu 24.1 System Maintenance : Status
Prestige 2602R Series User’s Guide The following table describes the fields present in Menu 24.1 — System Maintenance — Status which are read-only and meant for diagnostic purposes. Figure 185 Menu 24.1 System Maintenance : Status Menu 24.1 - System Maintenance - Status 00:36:37 Sat.
Page 305: System Information
Prestige 2602R Series User’s Guide Table 102 Menu 24.1 System Maintenance: Status (continued) FIELD DESCRIPTION Line Status This shows the current status of the xDSL line, which can be Up or Down. Upstream This shows the upstream transfer rate in kbps.
Page 306: Console Port Speed
Refers to the routing protocol used. ZyNOS F/W Version Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. ADSL Chipset Displays the vendor of the ADSL chipset and DSL version.
Page 307: Log And Trace
Prestige 2602R Series User’s Guide Figure 188 Menu 24.2.2 System Maintenance: Change Console Port Speed Menu 24.2.2 – System Maintenance – Change Console Port Speed Console Port Speed: 9600 Press ENTER to Confirm or ESC to Cancel: Once you change the Prestige console port speed, you must also set the speed parameter for the communication software you are using to connect to the Prestige.
Page 308: Syslog And Accounting
Prestige 2602R Series User’s Guide Figure 190 Sample Error and Information Messages 53 Sat Jan 01 00:00:03 2000 PP01 -WARN SNMP TRAP 0: cold start 54 Sat Jan 01 00:00:03 2000 PP01 INFO main: init completed 55 Sat Jan 01 00:00:03 2000 PP01...
Page 309: Figure 192 Syslog Example
Prestige 2602R Series User’s Guide Figure 192 Syslog Example 1 - CDR SdcmdSyslogSend ( SYSLOG_CDR, SYSLOG_INFO, String); String = board xx line xx channel xx, call xx, str board = the hardware board ID line = the WAN ID in a board...
Page 310: Diagnostic
Prestige 2602R Series User’s Guide Figure 192 Syslog Example (continued) prot: Protocol (“TCP”, ”UDP”, ”ICMP”) spo: Source port dpo: Destination port Jul 19 14:43:55 192.168.102.2 ZYXEL: IP [Src=202.132.154.123 Dst=255.255.255.255 UDP spo=0208 dpo=0208]} S03>R01mF Jul 19 14:44:00 192.168.102.2 ZYXEL: IP [Src=192.168.102.20 Dst=202.132.154.1 UDP spo=05d4 dpo=0035]} S03>R01mF...
Page 311: Table 105 Menu 24.4 System Maintenance Menu: Diagnostic
Prestige 2602R Series User’s Guide The following table describes the diagnostic tests available in menu 24.4 for and the connections. Table 105 Menu 24.4 System Maintenance Menu: Diagnostic FIELD DESCRIPTION Reset xDSL Re-initialize the xDSL link to the telephone company.
Page 312 Prestige 2602R Series User’s Guide Chapter 32 System Information and Diagnosis...
Page 313: Firmware And Configuration File Maintenance
Prestige 2602R Series User’s Guide H A P T E R Firmware and Configuration File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files. 33.1 Filename Conventions The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password, DHCP Setup, TCP/IP Setup, etc.
Page 314: Backup Configuration
Prestige 2602R Series User’s Guide The following table is a summary. Please note that the internal filename refers to the filename on the Prestige and the external filename refers to the filename not on the Prestige, that is, on your computer, local network or FTP site and so the name (but not the extension) may vary.
Page 315: Using The Ftp Command From The Command Line
Prestige 2602R Series User’s Guide Figure 194 Telnet in Menu 24.5 Menu 24.5 - System Maintenance - Backup Configuration To transfer the configuration file to your workstation, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your Prestige. Then type "root" and SMT password as requested.
Page 316: Gui-Based Ftp Clients
Prestige 2602R Series User’s Guide Figure 195 FTP Session Example 331 Enter PASS command Password: 230 Logged in ftp> bin 200 Type I OK ftp> get rom-0 zyxel.rom 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp: 16384 bytes sent in 1.10Seconds 297.89Kbytes/sec.
Page 317: Backup Configuration Using Tftp
Prestige 2602R Series User’s Guide 33.2.6 Backup Configuration Using TFTP The Prestige supports the up/downloading of the firmware and the configuration file using TFTP (Trivial File Transfer Protocol) over LAN. Although TFTP should work over WAN as well, it is not recommended.
Page 318: Restore Configuration
Prestige 2602R Series User’s Guide Table 108 General Commands for GUI-based TFTP Clients COMMAND DESCRIPTION Host Enter the IP address of the Prestige. 192.168.1.1 is the Prestige’s default IP address when shipped. Send/Fetch Use “Send” to upload the file to the Prestige and “Fetch” to back up the file on your computer.
Page 319: Restore Using Ftp Session Example
Prestige 2602R Series User’s Guide Figure 196 Telnet into Menu 24.6 Menu 24.6 -- System Maintenance - Restore Configuration To transfer the firmware and configuration file to your workstation, follow the procedure below: 1. Launch the FTP client on your workstation.
Page 320: Uploading Firmware And Configuration Files
Prestige 2602R Series User’s Guide 33.4 Uploading Firmware and Configuration Files This section shows you how to upload firmware and configuration files. You can upload configuration files by following the procedure in Section 33.2 on page 314 or by following the instructions in Menu 24.7.2 –...
Page 321: Ftp File Upload Command From The Dos Prompt Example
Prestige 2602R Series User’s Guide Figure 199 Telnet Into Menu 24.7.2 System Maintenance Menu 24.7.2 - System Maintenance - Upload System Configuration File To upload the system configuration file, follow the procedure below: 1. Launch the FTP client on your workstation.
Page 322: Ftp Session Example Of Firmware File Upload
Prestige 2602R Series User’s Guide 33.4.4 FTP Session Example of Firmware File Upload Figure 200 FTP Session Example of Firmware File Upload 331 Enter PASS command Password: 230 Logged in ftp> bin 200 Type I OK ftp> put firmware.bin ras...
Page 323: Tftp Upload Command Example
Prestige 2602R Series User’s Guide 33.4.6 TFTP Upload Command Example The following is an example TFTP command: tftp [-i] host put firmware.bin ras where “ ” specifies binary image transfer mode (use this mode when transferring binary files), “ ” is the Prestige’s IP address and “...
Page 324 Prestige 2602R Series User’s Guide Chapter 33 Firmware and Configuration File Maintenance...
Page 325: Chapter 34 System Maintenance
Upload Firmware Command Interpreter Mode Call Control 10. Time and Date Setting 11. Remote Management Enter Menu Selection Number: Figure 202 Valid Commands Copyright (c) 1994 - 2005 ZyXEL Communications Corp. ras> ? Valid commands are: exit device ether config...
Page 326: Call Control Support
Prestige 2602R Series User’s Guide 34.2 Call Control Support Call Control Support is only applicable when Encapsulation is set to PPPoE in menu 4 or menu 11.1. The budget management function allows you to set a limit on the total outgoing call time of the Prestige within certain times.
Page 327: Time And Date Setting
Prestige 2602R Series User’s Guide The total budget is the time limit on the accumulated time for outgoing calls to a remote node. When this limit is reached, the call will be dropped and further outgoing calls to that remote node will be blocked.
Page 328: Figure 206 Menu 24.10 System Maintenance: Time And Date Setting
Prestige 2602R Series User’s Guide Figure 206 Menu 24.10 System Maintenance: Time and Date Setting Menu 24.10 - System Maintenance - Time and Date Setting Use Time Server when Bootup= None Time Server Address= N/A Current Time: 05 : 21 : 01...
Page 329: Resetting The Time
Prestige 2602R Series User’s Guide 34.3.1 Resetting the Time The Prestige resets the time in three instances: • On leaving menu 24.10 after making changes. • When the Prestige starts up, if there is a timeserver configured in menu 24.10.
Page 330 Prestige 2602R Series User’s Guide Chapter 34 System Maintenance...
Page 331: Chapter 35 Remote Management
Prestige 2602R Series User’s Guide H A P T E R Remote Management This chapter covers remote management (SMT menu 24.11). 35.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which Prestige interface (if any) from which computers.
Page 332: Remote Management Limitations
Prestige 2602R Series User’s Guide Figure 207 Menu 24.11 Remote Management Control Menu 24.11 - Remote Management Control TELNET Server: Server Port = 23 Server Access = LAN only Secured Client IP = 0.0.0.0 FTP Server: Server Port = 21 Server Access = LAN only Secured Client IP = 0.0.0.0...
Page 333: Remote Management And Nat
Prestige 2602R Series User’s Guide 35.3 Remote Management and NAT When NAT is enabled: • Use the Prestige’s WAN IP address when configuring from the WAN. • Use the Prestige’s LAN IP address when configuring from the LAN. 35.4 System Timeout There is a default system management idle timeout of five minutes (three hundred seconds).
Page 334 Prestige 2602R Series User’s Guide Chapter 35 Remote Management...
Page 335: Chapter 36 Ip Policy Routing
Prestige 2602R Series User’s Guide H A P T E R IP Policy Routing This chapter covers setting and applying policies used for IP routing. 36.1 IP Policy Routing Overview Traditionally, routing is based on the destination address only and the IAD takes the shortest path to forward a packet.
Page 336: Ip Routing Policy Setup
Prestige 2602R Series User’s Guide • routing the packet to a different gateway (and hence the outgoing interface). • setting the TOS and precedence fields in the IP header. IPPR follows the existing packet filtering facility of RAS in style and in implementation. The policies are divided into sets, where related policies are grouped together.
Page 337: Figure 209 Menu 25.1 Ip Routing Policy Setup
Prestige 2602R Series User’s Guide Figure 209 Menu 25.1 IP Routing Policy Setup Menu 25.1 - IP Routing Policy Setup Criteria/Action - - ---------------------------------------------------------------------- 1 Y SA=1.1.1.1-1.1.1.1,DA=2.2.2.2-2.2.2.5 SP=20-25,DP=20-25,P=6,T=NM,PR=0 |GW=192.168.1.1,T=MT,PR=0 2 N ______________________________________________________________________ ______________________________________________________________________ 3 N ______________________________________________________________________ ______________________________________________________________________ 4 N ______________________________________________________________________...
Page 338: Figure 210 Menu 25.1.1 Ip Routing Policy
Prestige 2602R Series User’s Guide Figure 210 Menu 25.1.1 IP Routing Policy Menu 25.1.1 - IP Routing Policy Policy Set Name= 1 Active= No Criteria: IP Protocol Type of Service= Don't Care Packet length= 0 Precedence = Don't Care Len Comp= N/A Source: addr start= 0.0.0.0...
Page 339: Applying An Ip Policy
Prestige 2602R Series User’s Guide Table 113 Menu 25.1.1 IP Routing Policy (continued) FIELD DESCRIPTION Gateway type Press [SPACE BAR] and then [ENTER] to select Gateway addr and enter the IP address of the gateway if you want to specify the IP address of the gateway.
Page 340: Ip Policy Routing Example
Prestige 2602R Series User’s Guide Figure 211 Menu 3.2 TCP/IP and DHCP Ethernet Setup Menu 3.2 - TCP/IP and DHCP Setup DHCP Setup DHCP= Server Client IP Pool Starting Address= 192.168.1.33 Size of Client IP Pool= 32 Primary DNS Server= 0.0.0.0 Secondary DNS Server= 0.0.0.0...
Page 341: Figure 213 Example Of Ip Policy Routing
Prestige 2602R Series User’s Guide Figure 213 Example of IP Policy Routing To force packets coming from clients with IP addresses of 192.168.1.33 to 192.168.1.64 to be routed to the Internet via the WAN port of the Prestige, follow the steps as shown next.
Page 342: Figure 215 Ip Routing Policy Example
Prestige 2602R Series User’s Guide 3 Create a rule in menu 25.1 for this set to route packets from any host ( IP=0.0.0.0 means any host) with protocol TCP and port FTP access through another gateway (192.168.1.100). Figure 215 IP Routing Policy Example Menu 25.1.1 - IP Routing Policy...
Page 343: Chapter 37 Call Scheduling
Prestige 2602R Series User’s Guide H A P T E R Call Scheduling Call scheduling (applicable for PPPoA or PPPoE encapsulation only) allows you to dictate when a remote node should be called and for how long. 37.1 Introduction The call scheduling feature allows the Prestige to manage a remote node and dictate when a remote node should be called and for how long.
Page 344: Figure 218 Menu 26.1 Schedule Set Setup
Prestige 2602R Series User’s Guide To setup a schedule set, select the schedule set you want to setup from menu 26 (1-12) and press [ENTER] to see Menu 26.1 — Schedule Set Setup as shown next. Figure 218 Menu 26.1 Schedule Set Setup Menu 26.1 Schedule Set Setup...
Page 345: Figure 219 Applying Schedule Set(S) To A Remote Node (Pppoe)
Prestige 2602R Series User’s Guide Table 114 Menu 26.1 Schedule Set Setup (continued) FIELD DESCRIPTION Action Forced On means that the connection is maintained whether or not there is a demand call on the line and will persist for the time period specified in the Duration field.
Page 346 Prestige 2602R Series User’s Guide Chapter 37 Call Scheduling...
Page 347: Chapter 38 Troubleshooting
Prestige 2602R Series User’s Guide H A P T E R Troubleshooting This chapter covers potential problems and the corresponding remedies. 38.1 Problems Starting Up the Prestige Table 115 Troubleshooting Starting Up Your Prestige PROBLEM CORRECTIVE ACTION None of the Make sure that the Prestige’s power adaptor is connected to the Prestige and plugged...
Page 348: Problems With The Wan
Prestige 2602R Series User’s Guide 38.3 Problems with the WAN Table 117 Troubleshooting the WAN PROBLEM CORRECTIVE ACTION The DSL LED is Check the telephone wire and connections between the Prestige DSL port and the off. wall jack. Make sure that the telephone company has checked your phone line and set it up for DSL service.
Page 349: Problems Accessing The Prestige
Prestige 2602R Series User’s Guide 38.4 Problems Accessing the Prestige Table 118 Troubleshooting Accessing the Prestige PROBLEM CORRECTIVE ACTION I cannot The username is “admin”. The default password is “1234”. The Password and access the Username fields are case-sensitive. Make sure that you enter the correct password Prestige.
Page 350: Internet Explorer Pop-Up Blockers
Prestige 2602R Series User’s Guide • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. 38.4.1.1 Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Page 351: Figure 221 Internet Options
Prestige 2602R Series User’s Guide Figure 221 Internet Options 3 Click Apply to save this setting. 38.4.1.1.2 Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Page 352: Figure 222 Internet Options
Prestige 2602R Series User’s Guide Figure 222 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites.
Page 353: Javascripts
Prestige 2602R Series User’s Guide Figure 223 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 38.4.1.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Page 354: Figure 224 Internet Options
Prestige 2602R Series User’s Guide Figure 224 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default).
Page 355: Java Permissions
Prestige 2602R Series User’s Guide Figure 225 Security Settings - Java Scripting 38.4.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM.
Page 356: Figure 226 Security Settings - Java
Prestige 2602R Series User’s Guide Figure 226 Security Settings - Java 38.4.1.3.1 JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for <applet> under Java (Sun) is selected.
Page 357: Telephone Problems
Prestige 2602R Series User’s Guide Figure 227 Java (Sun) 38.5 Telephone Problems Table 119 Troubleshooting Telephone PROBLEM CORRECTIVE ACTION The telephone port Check the telephone connections and telephone wire. won’t work or the Make sure you have the Voice SIP Settings screen properly configured.
Page 358 Prestige 2602R Series User’s Guide Chapter 38 Troubleshooting...
Page 359: Product Specifications
Prestige 2602R Series User’s Guide Appendix A Product Specifications See also the Introduction chapter for a general overview of the key features. Specification Tables Table 120 Device Specifications Default IP Address 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) Default Password...
Page 360: Table 121 Firmware Specifications
Prestige 2602R Series User’s Guide Table 121 Firmware Specifications ADSL Standards Multi-Mode standard (ANSI T1.413,Issue 2; G.dmt(G.992.1); G.lite(G992.2)) EOC specified in ITU-T G.992.1 ADSL2 G.dmt.bis (G.992.3) ADSL2 G.lite.bis (G.992.4) ADSL2+ (G.992.5) Reach-Extended ADSL (RE ADSL) SRA (Seamless Rate Adaptation) Auto-negotiating rate adaptation...
Page 361 Prestige 2602R Series User’s Guide Table 121 Firmware Specifications (continued) NAT/SUA Port Forwarding 1024 NAT sessions Multimedia application PPTP under NAT/SUA IPSec passthrough SIP ALG passthrough Content Filtering Web page blocking by URL keyword. Static Routes 16 IP Voice Features...
Page 362: Prestige 2602R Series Power Adaptor Specifications
Prestige 2602R Series User’s Guide Figure 228 Ethernet Cable Pin Assignments Prestige 2602R Series Power Adaptor Specifications Table 122 Prestige 2602R Series Power Adaptor Specifications NORTH AMERICAN PLUG STANDARDS AC Power Adapter Model 30-112-122204 Input Power 120VAC/60Hz Output Power 12V AC, 1A...
Page 363: Setting Up Your Computer's Ip Address
Prestige 2602R Series User’s Guide Appendix B Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.
Page 364: Installing Components
Prestige 2602R Series User’s Guide Figure 229 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add.
Page 365: Configuring
Prestige 2602R Series User’s Guide 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click 5 Restart your computer so the changes you made take effect. Configuring...
Page 366: Verifying Settings
Prestige 2602R Series User’s Guide Figure 231 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add.
Page 367: Figure 232 Windows Xp: Start Menu
Prestige 2602R Series User’s Guide Figure 232 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 233 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Page 368: Figure 234 Windows Xp: Control Panel: Network Connections: Properties
Prestige 2602R Series User’s Guide Figure 234 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 235 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Page 369: Figure 236 Windows Xp: Internet Protocol (Tcp/Ip) Properties
Prestige 2602R Series User’s Guide • Click Advanced. Figure 236 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
Page 370: Figure 237 Windows Xp: Advanced Tcp/Ip Properties
Prestige 2602R Series User’s Guide Figure 237 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 371: Verifying Settings
Prestige 2602R Series User’s Guide Figure 238 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Page 372: Figure 239 Macintosh Os 8/9: Apple Menu
Prestige 2602R Series User’s Guide Figure 239 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 240 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list.
Page 373: Verifying Settings
Prestige 2602R Series User’s Guide 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box.
Page 374: Verifying Settings
Prestige 2602R Series User’s Guide Figure 242 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box.
Page 375: Using The K Desktop Environment (Kde)
Prestige 2602R Series User’s Guide Note: Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting and click Network.
Page 376: Using Configuration Files
Prestige 2602R Series User’s Guide • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address, click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields.
Page 377: Figure 247 Red Hat 9.0: Dynamic Ip Address Setting In Ifconfig-Eth0
Prestige 2602R Series User’s Guide 1 Assuming that you have only one network card on the computer, locate the ifconfig- configuration file (where is the name of the Ethernet card). Open the eth0 eth0 configuration file with any plain text editor.
Page 378: Verifying Settings
Prestige 2602R Series User’s Guide Figure 250 Red Hat 9.0: Restart Ethernet Card [root@localhost init.d]# network restart Shutting down interface eth0: [OK] Shutting down loopback interface: [OK] Setting network parameters: [OK] Bringing up loopback interface: [OK] Bringing up interface eth0:...
Page 379: Appendix Cpppoe
Prestige 2602R Series User’s Guide P P E N D I X PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP over Ethernet, RFC 2516) from your computer to an ATM PVC (Permanent Virtual Circuit) which connects to a DSL Access...
Page 380: How Pppoe Works
Prestige 2602R Series User’s Guide Figure 252 Single-Computer per Router Hardware Configuration How PPPoE Works The PPPoE driver makes the Ethernet appear as a serial link to the computer and the computer runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC).
Page 381: Ip Subnetting
Prestige 2602R Series User’s Guide P P E N D I X IP Subnetting IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1.
Page 382: Subnet Masks
Prestige 2602R Series User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B”...
Page 383: Example: Two Subnets
Prestige 2602R Series User’s Guide Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/”...
Page 384: Table 128 Subnet 1
Prestige 2602R Series User’s Guide Note: In the following charts, shaded/bold last octet bit values indicate host ID bits “borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have...
Page 385: Example: Four Subnets
Prestige 2602R Series User’s Guide Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow”...
Page 386: Example Eight Subnets
Prestige 2602R Series User’s Guide Table 133 Subnet 4 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 11000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.193 192.168.1.192 Broadcast Address: Highest Host ID: 192.168.1.254 192.168.1.255...
Page 387: Subnetting With Class A And Class B Networks
Prestige 2602R Series User’s Guide Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID.
Page 388 Prestige 2602R Series User’s Guide Appendix D IP Subnetting...
Page 389: Appendix E Triangle Route
Prestige 2602R Series User’s Guide P P E N D I X Triangle Route The Ideal Setup When the firewall is on, your Prestige acts as a secure gateway between your LAN and the Internet. In an ideal network topology, all incoming and outgoing network traffic passes through the Prestige to protect your LAN against attacks.
Page 390: The "Triangle Route" Solutions
Prestige 2602R Series User’s Guide Figure 255 “Triangle Route” Problem The “Triangle Route” Solutions This section presents you two solutions to the “triangle route” problem. IP Aliasing IP alias allows you to partition your network into logical sections over the same Ethernet interface.
Page 391: Gateways On The Wan Side
Prestige 2602R Series User’s Guide Gateways on the WAN Side A second solution to the “triangle route” problem is to put all of your network gateways on the WAN side as the following figure shows. This ensures that all incoming network traffic passes through your Prestige to your LAN.
Page 392 Prestige 2602R Series User’s Guide Appendix E Triangle Route...
Page 393: Appendix Fsip Passthrough
Prestige 2602R Series User’s Guide P P E N D I X SIP Passthrough Enabling/Disabling the SIP ALG You can turn off the Prestige SIP ALG to avoid retranslating the IP address of an existing SIP device that is using STUN. If you want to use STUN with a SIP client device (a SIP phone or IP phone for example) behind the Prestige, use the ip alg disable ALG_SIP command to turn off the SIP ALG.
Page 394 Prestige 2602R Series User’s Guide Appendix F SIP Passthrough...
Page 395: Appendix G Internal Sptgen
Prestige 2602R Series User’s Guide P P E N D I X Internal SPTGEN Internal SPTGEN Overview Internal SPTGEN (System Parameter Table Generator) is a configuration text file useful for efficient configuration of multiple Prestiges. Internal SPTGEN lets you configure, save and upload multiple menus at the same time using just one configuration text file –...
Page 396: Internal Sptgen Ftp Download Example
Prestige 2602R Series User’s Guide Some parameters are dependent on others. For example, if you disable the Configured field in menu 1 (see Figure 258 on page 395), then you disable every field in this menu. If you enter a parameter that is invalid in the Input column, the Prestige will not save the configuration and the command line will display the Field Identification Number.
Page 397: Internal Sptgen Ftp Upload Example
Prestige 2602R Series User’s Guide Figure 261 Internal SPTGEN FTP Download Example c:\ftp 192.168.1.1 220 PPP FTP version 1.0 ready at Sat Jan 1 03:22:12 2000 User (192.168.1.1:(none)): 331 Enter PASS command Password: 230 Logged in ftp>bin 200 Type I OK ftp>...
Page 398: Table 138 Menu 1 General Setup (Smt Menu 1)
Prestige 2602R Series User’s Guide Table 137 Abbreviations Used in the Example Internal SPTGEN Screens Table ABBREVIATION MEANING Parameter Values Allowed INPUT An example of what you may enter Applies to the Prestige. The following are Internal SPTGEN screens associated with the SMT screens of your Prestige.
Page 399 Prestige 2602R Series User’s Guide Table 139 Menu 3 (SMT Menu 3 (continued)) INPUT 30200001 = DHCP <0(None) | 1(Server) | 2(Relay)> 30200002 = Client IP Pool Starting Address 192.168.1.33 30200003 = Size of Client IP Pool = 32 30200004 = Primary DNS Server = 0.0.0.0...
Page 400 Prestige 2602R Series User’s Guide Table 139 Menu 3 (SMT Menu 3 (continued)) 30201008 = IP Alias #1 Incoming protocol filters = 256 Set 3 30201009 = IP Alias #1 Incoming protocol filters = 256 Set 4 30201010 = IP Alias #1 Outgoing protocol filters...
Page 401 Prestige 2602R Series User’s Guide Table 139 Menu 3 (SMT Menu 3 (continued)) 30500004 = RTS Threshold <0 ~ 2432> = 2432 30500005 = FRAG. Threshold <256 ~ 2432> = 2432 30500006 = <0(DISABLE) | 1(64-bit WEP) | 2(128-bit WEP)>...
Page 402: Table 140 Menu 4 Internet Access Setup (Smt Menu 4)
Prestige 2602R Series User’s Guide Table 140 Menu 4 Internet Access Setup (SMT Menu 4) (continued) 40000002 = Active <0(No) | 1(Yes)> 40000003 = ISP's Name = ChangeMe 40000004 = Encapsulation <2(PPPOE) | 3(RFC 1483)| 4(PPPoA )| 5(ENET ENCAP)> 40000005 = Multiplexing <1(LLC-based)
Page 403: Table 141 Menu 12 (Smt Menu 12)
Prestige 2602R Series User’s Guide Table 140 Menu 4 Internet Access Setup (SMT Menu 4) (continued) 40000032= RIP Version <0(Rip-1) | 1(Rip-2B) |2(Rip-2M)> 40000033= Nailed-up Connection <0(No) |1(Yes)> Table 141 Menu 12 (SMT Menu 12) / Menu 12.1.1 IP Static Route Setup (SMT Menu 12.1.1)
Page 404 Prestige 2602R Series User’s Guide Table 141 Menu 12 (SMT Menu 12) (continued) / Menu 12.1.4 IP Static Route Setup (SMT Menu 12.1.4) INPUT 120104001 = IP Static Route set #4, Name <Str> 120104002 = IP Static Route set #4, Active <0(No) |1(Yes)>...
Page 405 Prestige 2602R Series User’s Guide Table 141 Menu 12 (SMT Menu 12) (continued) 120107006 = IP Static Route set #7, Metric 120107007 = IP Static Route set #7, Private <0(No) |1(Yes)> / Menu 12.1.8 IP Static Route Setup (SMT Menu 12.1.8)
Page 406 Prestige 2602R Series User’s Guide Table 141 Menu 12 (SMT Menu 12) (continued) 120111004 = IP Static Route set #11, Destination IP subnetmask 120111005 = IP Static Route set #11, Gateway = 0.0.0.0 120111006 = IP Static Route set #11, Metric...
Page 407 Prestige 2602R Series User’s Guide Table 141 Menu 12 (SMT Menu 12) (continued) 120115002 = IP Static Route set #15, Active <0(No) |1(Yes)> 120115003 = IP Static Route set #15, Destination = 0.0.0.0 IP address 120115004 = IP Static Route set #15, Destination...
Page 408: Table 142 Menu 15 Sua Server Setup (Smt Menu 15)
Prestige 2602R Series User’s Guide Table 142 Menu 15 SUA Server Setup (SMT Menu 15) (continued) 150000014 = SUA Server #4 Port Start 150000015 = SUA Server #4 Port End 150000016 = SUA Server #4 Local IP address = 0.0.0.0...
Page 409: Table 143 Menu 21.1 Filter Set #1 (Smt Menu 21.1)
Prestige 2602R Series User’s Guide Table 142 Menu 15 SUA Server Setup (SMT Menu 15) (continued) 150000048 = SUA Server #11 Protocol <0(All)|6(TCP)|17(U DP)> 150000049 = SUA Server #11 Port Start 150000050 = SUA Server #11 Port End 150000051 = SUA Server #11 Local IP address = 0.0.0.0...
Page 410 Prestige 2602R Series User’s Guide Table 143 Menu 21.1 Filter Set #1 (SMT Menu 21.1) (continued) / Menu 21.1.1.2 set #1, rule #2 (SMT Menu 21.1.1.2) INPUT 210102001 = IP Filter Set 1,Rule 2 Type <2(TCP/IP)> 210102002 = IP Filter Set 1,Rule 2 Active <0(No)|1(Yes)>...
Page 411 Prestige 2602R Series User’s Guide Table 143 Menu 21.1 Filter Set #1 (SMT Menu 21.1) (continued) 210103013 = IP Filter Set 1,Rule 3 Act Match <1(check next)|2(forward)| 3(drop) 210103014 = IP Filter Set 1,Rule 3 Act Not Match <1(check next)|2(forward)| 3(drop) / Menu 21.1.1.4 set #1, rule #4 (SMT Menu 21.1.1.4)
Page 412: Table 144 Menu 21.1 Filer Set #2, (Smt Menu 21.1)
Prestige 2602R Series User’s Guide Table 143 Menu 21.1 Filter Set #1 (SMT Menu 21.1) (continued) 210105009 = IP Filter Set 1,Rule 5 Src Subnet Mask 210105010 = IP Filter Set 1,Rule 5 Src Port 210105011 = IP Filter Set 1,Rule 5 Src Port Comp <0(none)|1(equal)
Page 413 Prestige 2602R Series User’s Guide Table 144 Menu 21.1 Filer Set #2, (SMT Menu 21.1) (continued) / Menu 21.1.2.1 Filter set #2, rule #1 (SMT Menu 21.1.2.1) INPUT 210201001 = IP Filter Set 2, Rule 1 Type <0(none)|2(TCP/IP)> = 2...
Page 414 Prestige 2602R Series User’s Guide Table 144 Menu 21.1 Filer Set #2, (SMT Menu 21.1) (continued) 210202009 = IP Filter Set 2, Rule 2 Src Subnet Mask 210202010 = IP Filter Set 2,Rule 2 Src Port 210202011 = IP Filter Set 2, Rule 2 Src Port <0(none)|1(equal)|2...
Page 415 Prestige 2602R Series User’s Guide Table 144 Menu 21.1 Filer Set #2, (SMT Menu 21.1) (continued) 210204002 = IP Filter Set 2, Rule 4 Active <0(No)|1(Yes )> = 1 210204003 = IP Filter Set 2, Rule 4 Protocol = 17...
Page 416 Prestige 2602R Series User’s Guide Table 144 Menu 21.1 Filer Set #2, (SMT Menu 21.1) (continued) 210205011 = IP Filter Set 2, Rule 5 Src Port <0(none)|1(equal)|2 Comp (not equal)|3(less)|4(gr eater)> 210205013 = IP Filter Set 2, Rule 5 Act Match <1(check...
Page 417: Table 145 Menu 23 System Menus (Smt Menu 23)
Prestige 2602R Series User’s Guide Table 145 Menu 23 System Menus (SMT Menu 23) */ Menu 23.1 System Password Setup (SMT Menu 23.1) INPUT 230000000 = System Password = 1234 */ Menu 23.2 System security: radius server (SMT Menu 23.2)
Page 418: Command Examples
Prestige 2602R Series User’s Guide Table 145 Menu 23 System Menus (SMT Menu 23) (continued) 230400008 = WPA Mixed Mode <0(Disable) |1(Enable)> 230400009 = Data Privacy for Broadcast/ <0(TKIP) |1(WEP)> Multicast packets 230400010 = WPA Broadcast/Multicast Key Update Timer Table 146 Menu 24.11 Remote Management Control (SMT Menu 24.11) / Menu 24.11 Remote Management Control (SMT Menu 24.11)
Page 419 Prestige 2602R Series User’s Guide Table 147 Command Examples (continued) INPUT INPUT 990000001 = ADSL OPMD <0(etsi)|1(normal) |2(gdmt)|3(multimo de)> Appendix G Internal SPTGEN...
Page 420 Prestige 2602R Series User’s Guide Appendix G Internal SPTGEN...
Page 421: Appendix H Command Interpreter
Prestige 2602R Series User’s Guide P P E N D I X Command Interpreter The following describes how to use the command interpreter. Enter 24 in the main menu to bring up the system maintenance menu. Enter 8 to go to Menu 24.8 - Command Interpreter Mode.
Page 422 Prestige 2602R Series User’s Guide Appendix H Command Interpreter...
Page 423: Appendix I Firewall Commands
Prestige 2602R Series User’s Guide P P E N D I X Firewall Commands Sys Firewall Commands The following describes the firewall commands. See the Command Each of Interpreter appendix for information on the command structure. these commands must be preceded by...
Page 424 Prestige 2602R Series User’s Guide Appendix I Firewall Commands...
Page 425: Appendix J Boot Commands
Prestige 2602R Series User’s Guide P P E N D I X Boot Commands The BootModule AT commands execute from within the router’s bootup software, when debug mode is selected before the main router firmware is started. When you start up your Prestige, you are given a choice to go into debug mode by pressing a key at the prompt shown in the following screen.
Page 426: Figure 264 Boot Module Commands
Prestige 2602R Series User’s Guide Figure 264 Boot Module Commands just answer OK ATHE print help ATBAx change baudrate. 1:38.4k, 2:19.2k, 3:9.6k 4:57.6k 5:115.2k ATENx,(y) set BootExtension Debug Flag (y=password) ATSE show the seed of password generator ATTI(h,m,s) change system time to hour:min:sec or show current time...
Page 427: Appendix K Log Descriptions
Prestige 2602R Series User’s Guide P P E N D I X Log Descriptions This appendix provides descriptions of example log messages. Table 149 System Maintenance Logs LOG MESSAGE DESCRIPTION The router has adjusted its time based on information from the Time calibration is time server.
Page 428: Table 150 System Error Logs
Prestige 2602R Series User’s Guide Table 149 System Maintenance Logs (continued) LOG MESSAGE DESCRIPTION The router is saving configuration changes. Configuration Change: PC = 0x%x, Task ID = 0x%x Someone has logged on to the router’s SSH server. Successful SSH login Someone has failed to log on to the router’s SSH server.
Page 429: Table 152 Tcp Reset Logs
Prestige 2602R Series User’s Guide Table 152 TCP Reset Logs LOG MESSAGE DESCRIPTION The router sent a TCP reset packet when a host was under a SYN Under SYN flood attack, flood attack (the TCP incomplete count is per destination host.)
Page 430: Table 155 Cdr Logs
Prestige 2602R Series User’s Guide Table 154 ICMP Logs (continued) LOG MESSAGE DESCRIPTION The firewall allowed a triangle route session to pass Triangle route packet forwarded: through. ICMP The router blocked a packet that didn’t have a Packet without a NAT table entry corresponding NAT table entry.
Page 431: Table 157 Upnp Logs
Prestige 2602R Series User’s Guide Table 157 UPnP Logs LOG MESSAGE DESCRIPTION UPnP packets can pass through the firewall. UPnP pass through Firewall Table 158 Content Filtering Logs LOG MESSAGE DESCRIPTION The content of a requested web page matched a user defined keyword.
Page 432: Table 160 Acl Setting Notes
Prestige 2602R Series User’s Guide Table 159 Attack Logs (continued) LOG MESSAGE DESCRIPTION The firewall classified an ICMP packet with no source routing entry ip spoofing - no routing as an IP spoofing attack. entry ICMP (type:%d, code:%d) The firewall detected an ICMP vulnerability attack.
Page 433: Table 162 Syslog Logs
Prestige 2602R Series User’s Guide Table 161 ICMP Notes (continued) TYPE CODE DESCRIPTION Redirect datagrams for the Type of Service and Host Echo Echo message Time Exceeded Time to live exceeded in transit Fragment reassembly time exceeded Parameter Problem Pointer indicates the error...
Page 434: Table 164 Rtp Logs
Prestige 2602R Series User’s Guide Table 163 SIP Logs (continued) LOG MESSAGE DESCRIPTION The listed SIP account’s registration was deleted from the SIP SIP UnRegistration register server. Success by SIP:SIP Phone Number An attempt to delete the listed SIP account’s registration from the SIP UnRegistration Fail by SIP register server failed.
Page 435: Log Commands
Prestige 2602R Series User’s Guide Table 166 FSM Logs: Callee Side LOG MESSAGE DESCRIPTION A VoIP phone call came to the Prestige from the listed SIP VoIP Call Start from number. SIP[SIP Port Number] A VoIP phone call was set up from the listed SIP number to the VoIP Call Established Prestige.
Page 436: Displaying Logs
Prestige 2602R Series User’s Guide 2 Use to view a list of the log categories. sys logs category Figure 265 Displaying Log Categories Example Copyright (c) 1994 - 2005 ZyXEL Communications Corp. ras> ? Valid commands are: exit device ether...
Page 437: Log Command Example
Prestige 2602R Series User’s Guide Log Command Example This example shows how to set the Prestige to record the access logs and alerts and then view the results. Figure 267 Log Command Example ras> sys logs load ras> sys logs category access 3 ras>...
Page 438 Prestige 2602R Series User’s Guide Appendix K Log Descriptions...
Page 439 Prestige 2602R Series User’s Guide Index Numerics ATM Layer Options ATM Loopback Test ATM QoS Type 110V AC ATM Status 230V AC Attack Alert 64kbps Attack Types 8kbps AUTH (TCP 113) Authentication Authentication Password 63, 110 Authentication Protocol Authentication User ID...
Page 440 Prestige 2602R Series User’s Guide Ethernet Addr Timeout Command Interpreter Mode Remote Node Communications Static Route Setup Community Brute-force Attack Compliance, FCC Budget Management 326, 327 Components BW Budget Computer BYE Request Computer Name Condition Configuration 71, 217 Configuration File...
Page 441 Prestige 2602R Series User’s Guide Device Rule Electrical Pipes DHCP 44, 71, 72, 73, 129, 217, 306 Electrocution DHCP Client E-mail Log Example DHCP Relay Embedded Help DHCP Server 44, 163 Encapsulated Routing Link Protocol (ENET ENCAP) DHCP Table Encapsulation...
Page 442 Prestige 2602R Series User’s Guide Filtering 285, 290 G.992.5 Filtering Process G.dmt Outgoing Packets G.lite Finger G992.2 FINGER (TCP 79) Gas Pipes Finland, Contact Information Gateway Firewall Gateway Node Access Methods 149, 283 General Ethernet Setup Address Type General Setup...
Page 443 Prestige 2602R Series User’s Guide IGMP v2 IP Routing Policy (IPPR) Benefits IKE (UDP 500) Cost Savings Immediate Dial 123, 126 Criteria Indirect Damages Load Sharing Install UPnP Setup Windows Me IP Spoofing 138, 141 Windows XP IP Static Route...
Page 444 Prestige 2602R Series User’s Guide Local Network Rule Summary Log and Trace N/A Fields Log Facility Nailed-Up Connection Logging Option 291, 294 73, 95, 96, 294 Logical Networks Address Mapping Rule Login Application Logs Applying NAT in the SMT Menus...
Page 445 Prestige 2602R Series User’s Guide Point to Point Protocol over ATM Adaptation Layer 5 (AAL5) Point-to-Point Point-to-point Calls OK Response Point-to-Point Tunneling Protocol 96, 164 One-Minute High Policy-based Routing Opening Pool Operating Condition POP3 95, 137, 138 Operation Humidity POP3 (TCP 110)
Page 446 Prestige 2602R Series User’s Guide Protocol Filter Related Documentation Protocol Filter Rules Relocate PSTN Call Setup Signaling Re-manufactured Pulse Code Modulation Remote Command Service Pulse Dialing Remote Desktop Protocol Purchase, Proof of Remote DHCP Server Purchaser Remote Execution Daemon PVC (Permanent Virtual Circuit)
Page 447 Prestige 2602R Series User’s Guide Rights Security Ramifications Rights, Legal Separation Between Equipment and Receiver Ringer Equivalence Number Serial Number 241, 254 Server 38, 94, 269, 271, 272, 273, 274, 275, 276, 277, RIP See Routing Information Protocol Server Behind NAT...
Page 448 Prestige 2602R Series User’s Guide SMTP (TCP 25) Support E-mail SMTP Error Messages Supporting Disk Smurf 139, 140 Sustain Cell Rate SNMP 95, 96, 360 Sustain Cell Rate (SCR) Community Sustained Cell Rate (SCR) Configuration Sweden, Contact Information Swimming Pool...
Page 449 Prestige 2602R Series User’s Guide Temperature Uniform Resource Identifier Terminal Access Controller Access Control System Universal Plug and Play Application Test Your Internet Connection Security issues Text File Format Universal Plug and Play (UPnP) TFTP Universal Plug and Play Forum...
Page 450 Prestige 2602R Series User’s Guide VLAN VLAN Group VLAN ID Zero Configuration VLAN ID Tags Zero Configuration Internet Access 42, 83 VLAN Tag ZyNOS 3, 314 VNC (TCP 5900) ZyNOS (ZyXEL Network Operating System) Voice Activity Detection 43, 115, 361...

ZyXEL Communications Prestige 2602R Series User Manual

Table of Contents

List of Figures

Chapter 1 Getting to Know Your Prestige

Chapter 2 Introducing the Web Configurator

Chapter 3 Wizard Setup

Chapter 4 LAN Setup

Chapter 5 WAN Setup

Chapter 6 Network Address Translation (NAT) Screens

Chapter 7 Introduction to Voip

Chapter 8 Voice Screens

Chapter 9 Phone Usage

Chapter 10 Dynamic DNS Setup

Chapter 11 Time and Date

Chapter 12 Firewalls

Chapter 13 Firewall Configuration

Chapter 14 Content Filtering

Chapter 15 Remote Management Configuration

Chapter 16 Universal Plug-And-Play (Upnp)

Chapter 17 Logs Screens

Chapter 18 Media Bandwidth Management Advanced Setup

Chapter 19 Maintenance

Chapter 20 Introducing the SMT

Chapter 21 Menu 1 General Setup

Chapter 22 Menu 2 WAN Backup Setup

Chapter 23 Menu 3 LAN Setup

Chapter 24 Internet Access

Chapter 25 Remote Node Configuration

Chapter 26 Static Route Setup

Chapter 27 Bridging Setup

Chapter 28 Network Address Translation (NAT)

Chapter 29 Enabling the Firewall

Chapter 30 Filter Configuration

Chapter 31 SNMP Configuration

Chapter 32 System Information and Diagnosis

Chapter 33 Firmware and Configuration File Maintenance

Chapter 34 System Maintenance

Chapter 35 Remote Management

Chapter 36 IP Policy Routing

Chapter 37 Call Scheduling

Chapter 38 Troubleshooting

Appendix A Product Specifications

Appendix B Setting up Your Computer's IP Address

Appendix Cpppoe

Appendix D IP Subnetting

Appendix E Triangle Route

Appendix Fsip Passthrough

Appendix G Internal SPTGEN

Appendix H Command Interpreter

Appendix I Firewall Commands

Appendix J Boot Commands

Appendix K Log Descriptions

Quick Links

Chapters

Troubleshooting

Related Manuals for ZyXEL Communications Prestige 2602R Series

Summary of Contents for ZyXEL Communications Prestige 2602R Series