ZyXEL Communications p-661hw series Manuals

Manuals and User Guides for ZyXEL Communications p-661hw series. We have 3 ZyXEL Communications p-661hw series manuals available for free PDF download: User Manual, Specifications

ZyXEL Communications p-661hw series User Manual (383 pages)

802.11g Wireless ADSL2+ 4-port Security Gateway

Brand: ZyXEL Communications | Category: Gateway | Size: 14.33 MB

Copyright
3
Certifications
4
Safety Warnings
6
Zyxel Limited Warranty
7
Customer Support
8
Table of Contents
11
List of Figures
23
List of Tables
29
Preface
33
User Guide Feedback
34
Chapter 1 Getting to Know Your Zyxel Device

35
- Getting to Know Your Zyxel Device
  35
- Introducing the Zyxel Device
  35
- Table 1 ADSL Standards
  35
- Features
  36
  - Dynamic Dns Support
    37
  - Wireless Features (Wireless Devices Only)
    38
- Applications for the Zyxel Device
  39
  - Protected Internet Access
    39
  - LAN to LAN Application
    40
- Figure 1 Protected Internet Access Applications
  40
- Figure 2 LAN-To-LAN Application Example
  40
- Figure 3 Front Panel
  40
- Front Panel Leds
  40
- Hardware Connection
  41
- Splitters and Microfilters
  41
Chapter 2 Introducing the Web Configurator

45
- Web Configurator Overview
  45
- Accessing the Web Configurator
  45
- Figure 6 Password Screen
  46
- Figure 7 Change Password at Login
  46
- Resetting the Zyxel Device
  47
  - Using the Reset Button
    47
- Navigating the Web Configurator
  47
  - Navigation Panel
    47
  - Figure 8 Select a Mode
    47
  - Figure 9 Web Configurator: Main Screen
    48
  - Table 3 Web Configurator Screens Summary
    48
  - Status Screen
    51
  - Figure 10 Status Screen
    51
  - Table 4 Status Screen
    51
  - Status: any IP Table
    53
  - Figure 11 Status: any IP Table
    53
  - Table 5 Status: any IP Table
    53
  - Status: WLAN Status (Wireless Devices Only)
    54
  - Status: VPN Status
    54
  - Figure 12 Status: WLAN Status
    54
  - Table 6 Status: WLAN Status
    54
  - Status: Bandwidth Status
    55
  - Figure 13 Status: VPN Status
    55
  - Figure 14 Status: Bandwidth Status
    55
  - Table 7 Status: VPN Status
    55
  - Status: Packet Statistics
    56
  - Figure 15 Status: Packet Statistics
    56
  - Table 8 Status: Packet Statistics
    56
  - Changing Login Password
    57
  - Figure 16 System General
    58
  - Table 9 System General: Password
    58
Chapter 3 Wizards

59
- Figure 17 Wizard Main Screen
  59
Chapter 4 WAN Setup

77
- WAN Overview
  77
  - Encapsulation
    77
    
    Enet Encap
    77
    
    PPP over Ethernet
    77
    
    Pppoa
    78
    
    Rfc 1483
    78
  - Multiplexing
    78
    
    LLC-Based Multiplexing
    78
    
    VC-Based Multiplexing
    78
  - VPI and VCI
    78
  - IP Address Assignment
    79
    
    IP Assignment with ENET ENCAP Encapsulation
    79
    
    IP Assignment with Pppoa or Pppoe Encapsulation
    79
    
    IP Assignment with RFC 1483 Encapsulation
    79
  - Nailed-Up Connection (PPP)
    79
  - Nat
    79
- Metric
  80
- Traffic Shaping
  80
  - ATM Traffic Classes
    81
    
    Constant Bit Rate (CBR)
    81
    
    Figure 37 Example of Traffic Shaping
    81
    
    Variable Bit Rate (VBR)
    81
    
    Unspecified Bit Rate (UBR)
    82
- Zero Configuration Internet Access
  82
- Internet Connection
  82
- Configuring more Connections
  86
- Traffic Redirect
  91
- Figure 43 Traffic Redirect Example
  91
- Configuring WAN Backup
  92
- Figure 44 Traffic Redirect LAN Setup
  92
- Figure 45 WAN Backup Setup
  93
- Table 29 WAN Backup Setup
  93
Chapter 5 LAN Setup

95
- LAN Overview
  95
  - Lans, Wans and the Zyxel Device
    95
  - Figure 46 LAN and WAN IP Addresses
    95
  - DHCP Setup
    96
    
    IP Pool Setup
    96
  - DNS Server Address
    96
  - DNS Server Address Assignment
    97
- Lan Tcp/Ip
  97
  - IP Address and Subnet Mask
    97
    
    Private IP Addresses
    98
  - RIP Setup
    98
  - Multicast
    99
  - Any IP
    99
    
    Figure 47 any IP Example
    100
    
    How any IP Works
    100
- Configuring LAN IP
  101
  - Configuring Advanced LAN Setup
    101
  - Figure 48 LAN IP
    101
  - Table 30 LAN IP
    101
  - Figure 49 Advanced LAN Setup
    102
  - Table 31 Advanced LAN Setup
    102
- DHCP Setup
  103
- Figure 50 DHCP Setup
  103
- LAN Client List
  104
- Table 32 DHCP Setup
  104
- Figure 51 LAN Client List
  105
- Table 33 LAN Client List
  105
- LAN IP Alias
  106
- Figure 52 Physical Network & Partitioned Logical Networks
  106
- Figure 53 LAN IP Alias
  106
- Table 34 LAN IP Alias
  107
Chapter 6 Wireless LAN

109
- Wireless Network Overview
  109
- Wireless Security Overview
  110
  - Ssid
    110
  - MAC Address Filter
    110
  - User Authentication
    110
  - Encryption
    111
  - Table 35 Types of Encryption for each Type of Authentication
    111
  - One-Touch Intelligent Security Technology (OTIST)
    112
- Wireless Performance Overview
  112
  - Quality of Service (Qos)
    112
- General Wireless LAN Screen
  112
  - Figure 54 Wireless LAN: General
    113
  - Table 36 Wireless LAN: General
    113
  - Figure 55 Wireless: no Security
    114
  - No Security
    114
  - Table 37 Wireless: no Security
    114
  - WEP Encryption
    114
  - Figure 56 Wireless: Static WEP Encryption
    115
  - Table 38 Wireless: Static WEP Encryption
    115
  - Wpa-Psk/Wpa2-Psk
    115
  - Figure 57 Wireless: WPA-PSK/WPA2-PSK
    116
  - Table 39 Wireless: WPA-PSK/WPA2-PSK
    116
  - Figure 58 Wireless: WPA/WPA2
    117
  - Wpa/Wpa2
    117
  - Table 40 Wireless: WPA/WPA2
    118
  - Figure 59 Wireless LAN: Advanced
    119
  - Table 41 Wireless LAN: Advanced
    119
  - Wireless LAN Advanced Setup
    119
- Otist
  120
  - Enabling OTIST
    120
    
    Figure 60 Wireless LAN: OTIST
    121
    
    Figure 61 Example Wireless Client OTIST Screen
    122
    
    Table 42 OTIST
    122
    
    Wireless Client
    122
  - Starting OTIST
    123
  - Notes on OTIST
    123
  - Figure 62 Security Key
    123
  - Figure 63 OTIST in Progress (AP)
    123
  - Figure 64 OTIST in Progress (Client)
    123
  - Figure 65 no AP with OTIST Found
    123
- MAC Filter
  124
- Figure 66 Start OTIST
  124
- Figure 67 MAC Address Filter
  125
- Table 43 MAC Address Filter
  125
- WMM Qos
  126
  - WMM Qos Example
    126
  - WMM Qos Priorities
    126
  - Table 44 WMM Qos Priorities
    126
  - Services
    127
  - Table 45 Commonly Used Services
    127
- Qos Screen
  128
Chapter 7 Network Address Translation (NAT) Screens

133
- NAT Overview
  133
  - NAT Definitions
    133
  - Table 48 NAT Definitions
    133
  - What NAT Does
    134
  - How NAT Works
    134
  - Figure 70 How NAT Works
    134
  - NAT Application
    135
  - NAT Mapping Types
    135
  - Figure 71 NAT Application with IP Alias
    135
- SUA (Single User Account) Versus NAT
  136
- NAT General Setup
  136
- Table 49 NAT Mapping Types
  136
- Port Forwarding
  137
- Configuring Port Forwarding
  139
  - Figure 73 Multiple Servers Behind NAT Example
    139
  - Figure 74 Port Forwarding
    139
  - Figure 75 Port Forwarding Rule Setup
    140
  - Port Forwarding Rule Edit
    140
  - Table 52 Port Forwarding
    140
- Address Mapping
  141
  - Table 53 Port Forwarding Rule Setup
    141
  - Figure 76 Address Mapping Rules
    142
  - Table 54 Address Mapping Rules
    142
  - Address Mapping Rule Edit
    143
  - Figure 77 Edit Address Mapping Rule
    143
  - Table 55 Edit Address Mapping Rule
    143
Chapter 8 Firewalls

145
- Firewall Overview
  145
- Types of Firewalls
  145
  - Packet Filtering Firewalls
    145
  - Application-Level Firewalls
    146
  - Stateful Inspection Firewalls
    146
- Introduction to Zyxel's Firewall
  146
  - Denial of Service Attacks
    147
- Denial of Service
  147
  - Basics
    147
  - Figure 78 Zyxel Device Firewall Application
    147
  - Types of Dos Attacks
    148
    
    Figure 79 Three-Way Handshake
    148
    
    Table 56 Common IP Ports
    148
    
    Figure 80 SYN Flood
    149
    
    Figure 81 Smurf Attack
    150
    
    ICMP Vulnerability
    150
    
    Illegal Commands (Netbios and SMTP)
    150
    
    Table 57 ICMP Commands that Trigger Alerts
    150
    
    Table 58 Legal Netbios Commands
    150
    
    Table 59 Legal SMTP Commands
    150
    
    Traceroute
    151
- Stateful Inspection
  151
  - Figure 82 Stateful Inspection
    151
  - Stateful Inspection and the Zyxel Device
    152
  - Stateful Inspection Process
    152
  - TCP Security
    153
  - UDP/ICMP Security
    153
  - Upper Layer Protocols
    154
- Guidelines for Enhancing Security with Your Firewall
  154
  - Security in General
    154
- Packet Filtering Vs Firewall
  155
  - Packet Filtering
    155
    
    When to Use Filtering
    156
  - Firewall
    156
    
    When to Use the Firewall
    156
Chapter 9 Firewall Configuration

157
- Rule Logic Overview
  158
  - Rule Checklist
    158
  - Security Ramifications
    158
  - Key Fields for Configuring Rules
    159
    
    Action
    159
    
    Destination Address
    159
    
    Service
    159
    
    Source Address
    159
- Connection Direction
  159
  - LAN to WAN Rules
    160
  - Alerts
    160
- Triangle Route
  160
- The "Triangle Route" Problem
  160
- Figure 83 Ideal Firewall Setup
  160
- Solving the "Triangle Route" Problem
  161
- Figure 84 "Triangle Route" Problem
  161
- Figure 85 IP Alias
  161
- General Firewall Policy
  162
- Figure 86 Firewall: General
  162
- Table 60 Firewall: General
  162
- Firewall Rules Summary
  163
  - Figure 87 Firewall Rules
    163
  - Configuring Firewall Rules
    164
  - Table 61 Firewall Rules
    164
  - Figure 88 Firewall: Edit Rule
    165
  - Table 62 Firewall: Edit Rule
    166
  - Customized Services
    167
  - Figure 89 Firewall: Customized Services
    167
  - Table 63 Customized Services
    167
  - Configuring a Customized Service
    168
- Example Firewall Rule
  168
- Figure 90 Firewall: Configure Customized Services
  168
- Table 64 Firewall: Configure Customized Services
  168
- Figure 91 Firewall Example: Rules
  169
- Figure 92 Edit Custom Port Example
  169
- Figure 93 Firewall Example: Edit Rule: Destination Address
  170
- Figure 94 Firewall Example: Edit Rule: Select Customized Services
  171
- Predefined Services
  172
- Figure 95 Firewall Example: Rules: Myservice
  172
- Table 65 Predefined Services
  172
- Anti-Probing
  174
- Figure 96 Firewall: Anti Probing
  174
- Dos Thresholds
  175
  - Threshold Values
    175
  - Table 66 Firewall: Anti Probing
    175
  - Half-Open Sessions
    176
    
    TCP Maximum Incomplete and Blocking Time
    176
  - Configuring Firewall Thresholds
    177
  - Figure 97 Firewall: Threshold
    177
  - Table 67 Firewall: Threshold
    177
- Firewall Configuration
  157
  - Access Methods
    157
  - Firewall Policies Overview
    157
Chapter 10 Trend Micro Security Services

179
- Trend Micro Security Services Overview
  179
  - TMSS Web Page
    179
  - Figure 98 TMSS First Time Access
    179
  - Figure 99 Download Activex to View TMSS Web Page
    180
  - Figure 100 TMSS Web Page (Dashboard)
    180
  - Figure 101 TMSS Service Summary
    180
  - Figure 102 TMSS 3 Steps
    181
  - Figure 103 TMSS Registration Form
    181
- Configuring TMSS on the Zyxel Device
  182
- TMSS Virus Protection
  185
- Figure 108 Virus Protection
  185
- Table 70 Virus Protection
  185
- Parental Controls
  186
  - Figure 109 no Parental Controls License
    186
  - Figure 110 Parental Controls
    187
  - Table 71 Parental Controls
    187
  - Parental Controls Statistics
    188
- Activex Controls in Internet Explorer
  189
- Figure 111 Parental Controls Statistics
  189
- Table 72 Parental Controls Statistics
  189
- Figure 112 Internet Options Security
  190
- Figure 113 Security Setting Activex Controls
  191
Chapter 11 Content Filtering

193
- Content Filtering Overview
  193
- Configuring Keyword Blocking
  193
- Figure 114 Content Filter: Keyword
  193
- Configuring the Schedule
  194
- Figure 115 Content Filter: Schedule
  194
- Table 73 Content Filter: Keyword
  194
- Configuring Trusted Computers
  195
- Figure 116 Content Filter: Trusted
  195
- Table 74 Content Filter: Schedule
  195
- Table 75 Content Filter: Trusted
  195
Chapter 12 Introduction to Ipsec

197
- VPN Overview
  197
  - Ipsec
    197
  - Security Association
    197
  - Other Terminology
    197
    
    Encryption
    197
    
    Data Confidentiality
    198
    
    Data Integrity
    198
    
    Data Origin Authentication
    198
  - VPN Applications
    198
  - Figure 117 Encryption and Decryption
    198
- Ipsec Architecture
  199
  - Ipsec Algorithms
    199
  - Key Management
    199
- Encapsulation
  199
  - Figure 118 Ipsec Architecture
    199
  - Transport Mode
    200
  - Tunnel Mode
    200
- Ipsec and NAT
  200
- Figure 119 Transport and Tunnel Mode Ipsec Encapsulation
  200
- Table 76 VPN and NAT
  201
Chapter 13 VPN Screens

203
- Vpn/Ipsec Overview
  203
- Ipsec Algorithms
  203
  - AH (Authentication Header) Protocol
    203
  - ESP (Encapsulating Security Payload) Protocol
    203
- My IP Address
  204
- Table 77 AH and ESP
  204
- Secure Gateway Address
  205
  - Dynamic Secure Gateway Address
    205
- VPN Setup Screen
  205
- Figure 120 Ipsec Summary Fields
  205
- Figure 121 VPN Setup
  206
- Table 78 VPN Setup
  206
- Keep Alive
  207
- VPN, NAT, and NAT Traversal
  207
- Remote DNS Server
  208
- Figure 122 NAT Router between Ipsec Routers
  208
- Table 79 VPN and NAT
  208
- ID Type and Content
  209
- Pre-Shared Key
  211
- Editing VPN Policies
  211
- Table 83 Mismatching ID Type and Content Configuration Example
  211
- Figure 124 Edit VPN Policies
  212
- Table 84 Edit VPN Policies
  212
- IKE Phases
  216
  - Figure 125 Two Phases to Set up the Ipsec SA
    216
  - Negotiation Mode
    217
  - Diffie-Hellman (DH) Key Groups
    218
  - Perfect Forward Secrecy (PFS)
    218
- Configuring Advanced IKE Settings
  218
- Figure 126 Advanced VPN Policies
  219
- Table 85 Advanced VPN Policies
  219
- Manual Key Setup
  221
  - Security Parameter Index (SPI)
    221
- Configuring Manual Key
  221
- Figure 127 VPN: Manual Key
  222
- Table 86 VPN: Manual Key
  222
- Viewing SA Monitor
  224
- Configuring Global Setting
  225
- Figure 128 VPN: SA Monitor
  225
- Table 87 VPN: SA Monitor
  225
- Telecommuter Vpn/Ipsec Examples
  226
- VPN and Remote Management
  229

ZyXEL Communications p-661hw series User Manual (358 pages)

802.11g Wireless ADSL2+ 4-port Security Gateway

Brand: ZyXEL Communications | Category: Gateway | Size: 13.74 MB

About this User's Guide
3
- Document Conventions
  4
- Safety Warnings
  6
- Table of Contents
  9
- Contents Overview
  9
- Table of Contents
  11
- List of Figures
  21
- List of Tables
  27
Introduction
31
- PART I Introduction
  31
Chapter 1 Getting to Know Your Zyxel Device

33
Chapter 2 Introducing the Web Configurator

39
- Accessing the Web Configurator
  39
Chapter 3 Wizards

53
- Figure 17 Wizard Main Screen
  53
- Table 10 Wizard Main Screen
  53
- Automatic Detection
  54
- Internet Setup Wizard
  54
- Manual Configuration
  54
- Table 14 Internet Setup Wizard: ISP Parameters (RFC1483 + Routing Mode)
  58
- No DSL Detection
  59
- Table 19 Manually Assign a WEP Key
  64
- Bandwidth Management Wizard
  65
- Figure 36 Bandwidth Management Wizard: Complete
  69
- Network
  71
  - Part II: Network
    71
  - Encapsulation
    73
  - WAN Overview
    73
  - WAN Setup
    73
    
    IP Address Assignment
    74
    
    Multiplexing
    74
    
    VPI and VCI
    74
    
    Metric
    75
    
    Nailed-Up Connection (PPP)
    75
    
    Nat
    75
    
    Traffic Shaping
    76
    
    Figure 38 Internet Connection (Pppoe)
    78
    
    Table 24 Internet Connection
    78
    
    Configuring Advanced Internet Connection
    79
    
    Figure 39 Advanced Internet Connection
    80
    
    Table 25 Advanced Internet Connection
    80
    
    Configuring more Connections
    81
    
    Figure 40 more Connections
    82
    
    More Connections Edit
    82
    
    Table 26 more Connections
    82
    
    Figure 41 more Connections Edit
    83
    
    Figure 42 more Connections Advanced Setup
    85
    
    Table 28 more Connections Advanced Setup
    85
    
    Figure 43 Traffic Redirect Example
    86
    
    Traffic Redirect
    86
    
    Configuring WAN Backup Setup
    87
    
    Figure 44 Traffic Redirect LAN Setup
    87
    
    Figure 45 WAN Backup Setup
    87
    
    Table 29 WAN Backup Setup
    88
    
    LAN Overview
    89
    
    LAN Setup
    89
    
    Lans, Wans and the Zyxel Device
    89
    
    DHCP Setup
    90
    
    DNS Server Address
    90
    
    DNS Server Address Assignment
    90
    
    IP Address and Subnet Mask
    91
    
    Lan Tcp/Ip
    91
    
    Multicast
    92
    
    RIP Setup
    92
    
    Any IP
    93
    
    Configuring LAN IP
    94
    
    Figure 49 Advanced LAN Setup
    95
    
    Table 30 LAN IP
    95
    
    Table 31 Advanced LAN Setup
    95
    
    DHCP Setup
    96
    
    Figure 50 DHCP Setup
    97
    
    Table 32 DHCP Setup
    97
    
    Figure 51 LAN Client List
    98
    
    LAN Client List
    98
    
    Table 33 LAN Client List
    98
    
    Figure 52 Physical Network & Partitioned Logical Networks
    99
    
    LAN IP Alias
    99
    
    Figure 53 LAN IP Alias
    100
    
    Table 34 LAN IP Alias
    100
    
    Wireless LAN
    101
    
    Wireless Network Overview
    101
    
    MAC Address Filter
    102
    
    Ssid
    102
    
    User Authentication
    102
    
    Wireless Security Overview
    102
    
    Encryption
    103
    
    Figure 54 Wireless LAN: General
    105
    
    Table 36 Wireless LAN: General
    105
    
    Figure 55 Wireless: no Security
    106
    
    Table 37 Wireless: no Security
    106
    
    WEP Encryption
    106
    
    Figure 56 Wireless: Static WEP Encryption
    107
    
    Table 38 Wireless: Static WEP Encryption
    107
    
    Wpa-Psk/Wpa2-Psk
    107
    
    Figure 57 Wireless: WPA-PSK/WPA2-PSK
    108
    
    Table 39 Wireless: WPA-PSK/WPA2-PSK
    108
    
    Figure 58 Wireless: WPA/WPA2
    109
    
    Wpa/Wpa2
    109
    
    Table 40 Wireless: WPA/WPA2
    110
    
    Figure 59 Wireless LAN: Advanced
    111
    
    Table 41 Wireless LAN: Advanced
    111
    
    Wireless LAN Advanced Setup
    111
    
    Enabling OTIST
    112
    
    Otist
    112
    
    Figure 60 Wireless LAN: OTIST
    113
    
    Table 42 OTIST
    113
    
    Figure 61 Example Wireless Client OTIST Screen
    114
    
    Figure 62 Security Key
    114
    
    Starting OTIST
    114
    
    Figure 63 OTIST in Progress (AP)
    115
    
    Figure 64 OTIST in Progress (Client)
    115
    
    Figure 65 no AP with OTIST Found
    115
    
    Figure 66 Start OTIST
    115
    
    Notes on OTIST
    115
    
    Figure 67 MAC Address Filter
    116
    
    MAC Filter
    116
    
    Table 43 MAC Address Filter
    116
    
    Table 44 WMM Qos Priorities
    117
    
    WMM Qos
    117
    
    WMM Qos Example
    117
    
    WMM Qos Priorities
    117
    
    Services
    118
    
    Table 45 Commonly Used Services
    118
    
    Qos Screen
    119
    
    Figure 68 Wireless LAN: Qos
    120
    
    Table 46 Wireless LAN: Qos
    120
    
    Tos (Type of Service) and WMM Qos
    120
    
    Application Priority Configuration
    121
  - Table 27 more Connections Edit
    83
  - Configuring more Connections Advanced Setup
    85
Chapter 4 WAN Setup

73
Chapter 5 LAN Setup

89
Chapter 6 Wireless LAN

101
Chapter 7 Network Address Translation (NAT) Screens

123
- NAT Definitions
  123
  - NAT Overview
    123
    
    Table 48 NAT Definitions
    123
    
    Figure 70 How NAT Works
    124
    
    Figure 71 NAT Application with IP Alias
    125
    
    NAT General Setup
    126
    
    SUA (Single User Account) Versus NAT
    126
    
    Table 49 NAT Mapping Types
    126
    
    Default Server IP Address
    127
    
    Port Forwarding
    127
  - How NAT Works
    124
  - NAT Application
    124
  - What NAT Does
    124
  - NAT Mapping Types
    125
  - Figure 72 NAT General
    127
  - Table 50 NAT General
    127
  - Table 51 Services and Port Numbers
    128
  - Configuring Port Forwarding
    129
- Configuring Servers Behind Port Forwarding (Example)
  128
- Port Forwarding: Services and Port Numbers
  128
- Figure 73 Multiple Servers Behind NAT Example
  129
- Figure 74 Port Forwarding
  130
- Table 52 Port Forwarding
  130
- Address Mapping
  131
- Figure 75 Port Forwarding Rule Setup
  131
- Port Forwarding Rule Edit
  131
- Table 53 Port Forwarding Rule Setup
  131
- Figure 76 Address Mapping Rules
  132
- Table 54 Address Mapping Rules
  132
- Address Mapping Rule Edit
  133
- Figure 77 Edit Address Mapping Rule
  133
- Table 55 Edit Address Mapping Rule
  134
- Security
  135
  - Part III: Security
    135
Chapter 8 Firewalls

137
- Firewall Overview
  137
- Firewalls
  137
  - Packet Filtering Firewalls
    137
    
    Types of Firewalls
    137
    
    Application-Level Firewalls
    138
    
    Introduction to Zyxel's Firewall
    138
    
    Stateful Inspection Firewalls
    138
    
    Basics
    139
    
    Denial of Service
    139
    
    Denial of Service Attacks
    139
    
    Figure 78 Zyxel Device Firewall Application
    139
    
    Table 56 Common IP Ports
    139
    
    Figure 79 Three-Way Handshake
    140
    
    Table 57 ICMP Commands that Trigger Alerts
    142
    
    Table 58 Legal Netbios Commands
    142
    
    Table 59 Legal SMTP Commands
    142
    
    Figure 82 Stateful Inspection
    143
    
    Stateful Inspection and the Zyxel Device
    144
    
    TCP Security
    144
    
    UDP/ICMP Security
    145
    
    Upper Layer Protocols
    145
    
    Guidelines for Enhancing Security with Your Firewall
    146
    
    Security in General
    146
    
    Firewall
    147
    
    Packet Filtering
    147
    
    Packet Filtering Vs Firewall
    147
  - Stateful Inspection Process
    143
- Types of Dos Attacks
  140
- Figure 80 SYN Flood
  141
- Figure 81 Smurf Attack
  141
- Stateful Inspection
  142
Chapter 9 Firewall Configuration

149
- Access Methods
  149
- Firewall Policies Overview
  149
- Rule Logic Overview
  150
- Rule Checklist
  150
- Security Ramifications
  150
- Key Fields for Configuring Rules
  151
- Connection Direction
  151
- LAN to WAN Rules
  152
- Alerts
  152
- Triangle Route
  152
- Figure 83 Ideal Firewall Setup
  152
- The "Triangle Route" Problem
  152
  - Figure 84 "Triangle Route" Problem
    153
    
    Figure 85 IP Alias
    153
    
    Figure 86 Firewall: General
    154
    
    General Firewall Policy
    154
    
    Table 60 Firewall: General
    154
    
    Firewall Rules Summary
    155
    
    Figure 87 Firewall Rules
    156
    
    Table 61 Firewall Rules
    156
    
    Configuring Firewall Rules
    157
    
    Figure 88 Firewall: Edit Rule
    158
    
    Table 62 Firewall: Edit Rule
    159
    
    Configuring a Customized Service
    160
    
    Customized Services
    160
    
    Figure 89 Firewall: Customized Services
    160
    
    Table 63 Customized Services
    160
    
    Example Firewall Rule
    161
    
    Figure 90 Firewall: Configure Customized Services
    161
    
    Table 64 Firewall: Configure Customized Services
    161
    
    Figure 91 Firewall Example: Rules
    162
    
    Figure 92 Edit Custom Port Example
    162
    
    Figure 93 Firewall Example: Edit Rule: Destination Address
    163
    
    Figure 95 Firewall Example: Rules: Myservice
    165
    
    Figure 96 Firewall: Anti Probing
    165
    
    Dos Thresholds
    166
    
    Table 65 Firewall: Anti Probing
    166
    
    Threshold Values
    166
    
    Configuring Firewall Thresholds
    167
    
    Half-Open Sessions
    167
    
    Figure 97 Firewall: Thresholds
    168
    
    Table 66 Firewall: Thresholds
    168
    
    Content Filtering
    171
    
    Figure 99 Content Filter: Schedule
    173
    
    Table 68 Content Filter: Schedule
    173
    
    Figure 100 Content Filter: Trusted
    174
    
    Table 69 Content Filter: Trusted
    174
    
    Introduction to Ipsec
    175
    
    Ipsec
    175
    
    Other Terminology
    175
    
    Security Association
    175
    
    VPN Overview
    175
    
    Ipsec Architecture
    176
    
    VPN Applications
    176
    
    Figure 103 Transport and Tunnel Mode Ipsec Encapsulation
    178
    
    Table 70 VPN and NAT
    179
    
    AH (Authentication Header) Protocol
    181
    
    VPN Screens
    181
    
    Figure 104 Ipsec Summary Fields
    183
    
    Figure 105 VPN Setup
    184
    
    Table 72 VPN Setup
    184
    
    Figure 106 NAT Router between Ipsec Routers
    185
    
    Keep Alive
    185
    
    VPN, NAT, and NAT Traversal
    185
    
    Figure 107 VPN Host Using Intranet DNS Server Example
    186
    
    Remote DNS Server
    186
    
    Table 73 VPN and NAT
    186
    
    ID Type and Content
    187
    
    Table 74 Local ID Type and Content Fields
    187
    
    Table 75 Peer ID Type and Content Fields
    187
    
    Editing VPN Policies
    188
    
    ID Type and Content Examples
    188
    
    Pre-Shared Key
    188
    
    Table 76 Matching ID Type and Content Configuration Example
    188
    
    Table 77 Mismatching ID Type and Content Configuration Example
    188
    
    Figure 108 Edit VPN Policies
    189
    
    Table 78 Edit VPN Policies
    189
    
    Figure 109 Two Phases to Set up the Ipsec SA
    193
    
    IKE Phases
    193
    
    Diffie-Hellman (DH) Key Groups
    194
    
    Negotiation Mode
    194
    
    Perfect Forward Secrecy (PFS)
    194
    
    Configuring Advanced IKE Settings
    195
    
    Figure 110 Advanced VPN Policies
    195
    
    Table 79 Advanced VPN Policies
    195
    
    Configuring Manual Key
    197
    
    Manual Key Setup
    197
    
    Security Parameter Index (SPI)
    197
    
    Figure 111 VPN: Manual Key
    198
    
    Table 80 VPN: Manual Key
    198
    
    Viewing SA Monitor
    200
    
    Configuring Global Setting
    201
    
    Figure 112 VPN: SA Monitor
    201
    
    Figure 113 VPN: Global Setting
    201
    
    Table 81 VPN: SA Monitor
    201
    
    Figure 114 Telecommuters Sharing One VPN Rule Example
    202
    
    Table 82 VPN: Global Setting
    202
    
    Telecommuter Vpn/Ipsec Examples
    202
    
    Telecommuters Sharing One VPN Rule Example
    202
    
    Figure 115 Telecommuters Using Unique VPN Rules Example
    203
    
    Table 83 Telecommuters Sharing One VPN Rule Example
    203
    
    Telecommuters Using Unique VPN Rules Example
    203
    
    VPN and Remote Management
    204
  - Figure 94 Firewall Example: Edit Rule: Select Customized Services
    164
  - Anti Probing
    165
Chapter 10 Content Filtering

171
- Configuring Keyword Blocking
  171
- Content Filtering Overview
  171
- Configuring the Schedule
  172
- Figure 98 Content Filter: Keyword
  172
- Table 67 Content Filter: Keyword
  172
- Configuring Trusted Computers
  173
- Encapsulation
  177
- Ipsec Algorithms
  177
- Key Management
  177
- ESP (Encapsulating Security Payload) Protocol
  181
- Ipsec Algorithms
  181
- Vpn/Ipsec Overview
  181
- My IP Address
  182
- Secure Gateway Address
  182

ZyXEL Communications p-661hw series Specifications (2 pages)

802.11g Wireless ADSL2+ Gateway

Brand: ZyXEL Communications | Category: Gateway | Size: 0.25 MB

ZyXEL Communications Categories

Gateway

Network Router

Switch Wireless Router Adapter

More ZyXEL Communications Manuals

ZyXEL Communications p-661hw series Manuals

ZyXEL Communications p-661hw series User Manual (383 pages)

Table of Contents

Chapter 1 Getting to Know Your Zyxel Device

Chapter 2 Introducing the Web Configurator

Chapter 3 Wizards

Chapter 4 WAN Setup

Chapter 5 LAN Setup

Chapter 6 Wireless LAN

Chapter 7 Network Address Translation (NAT) Screens

Chapter 8 Firewalls

Chapter 9 Firewall Configuration

Chapter 10 Trend Micro Security Services

Chapter 11 Content Filtering

Chapter 12 Introduction to Ipsec

Chapter 13 VPN Screens

ZyXEL Communications p-661hw series User Manual (358 pages)

Table of Contents

Chapter 1 Getting to Know Your Zyxel Device

Chapter 2 Introducing the Web Configurator

Chapter 3 Wizards

Chapter 4 WAN Setup

Chapter 5 LAN Setup

Chapter 6 Wireless LAN

Chapter 7 Network Address Translation (NAT) Screens

Chapter 8 Firewalls

Chapter 9 Firewall Configuration

Chapter 10 Content Filtering

ZyXEL Communications p-661hw series Specifications (2 pages)

Table of Contents

Related Products

ZyXEL Communications Categories