Sign In
Upload
Manuals
Brands
ZyXEL Communications Manuals
Network Router
Prestige 652
ZyXEL Communications Prestige 652 Manuals
Manuals and User Guides for ZyXEL Communications Prestige 652. We have
2
ZyXEL Communications Prestige 652 manuals available for free PDF download: User Manual
ZyXEL Communications Prestige 652 User Manual (521 pages)
ADSL Security/Wireless LAN Router
Brand:
ZyXEL Communications
| Category:
Wireless Router
| Size: 12.72 MB
Table of Contents
Copyright
2
Federal Communications Commission
3
Safety Warnings
4
Zyxel Limited Warranty
4
Customer Support
5
Table of Contents
6
List of Figures
18
Preface
35
What Is DSL
37
Getting Started
38
Chapter 1 Getting to Know Your Prestige
39
Introducing the Prestige 652 Series
39
Features of the Prestige
39
Dynamic Dns Support
41
Protocol Support
42
Lan Port
44
Packet Filters
44
Applications for the Prestige
44
Figure 1-1 Prestige Internet Access Application
45
Firewall for Secure Broadband Internet Access
45
Figure 1-2 Firewall Application
46
Figure 1-3 VPN Application
47
Lan to Lan Application
47
Figure 1-4 Prestige LAN-To-LAN Application
48
Chapter 2 Introducing the Web Configurator
49
Web Configurator Overview
49
Accessing the Prestige Web Configurator
49
Navigating the Prestige Web Configurator
50
Figure 2-1 Password Screen
50
Resetting the Prestige
51
Figure 2-2 Web Configurator SITE MAP Screen
51
Using the Reset Button
51
Figure 2-3 Example Xmodem Upload
52
Chapter 3 Wizard Setup
53
Encapsulation
53
Enet Encap
53
Ppp over Ethernet
53
Wizard Setup Introduction
53
Multiplexing
54
VPI and VCI
54
Wizard Setup Configuration: First Screen
54
IP Address and Subnet Mask
56
IP Address Assignment
56
Ip Assignment with Enet Encap Encapsulation
57
Ip Assignment with Pppoa or Pppoe Encapsulation
57
Ip Assignment with Rfc 1483 Encapsulation
57
Private Ip Addresses
57
Figure 3-2 Internet Connection with Pppoe
58
Nailed-Up Connection (PPP)
58
Nat
58
Wizard Setup Configuration: Second Screen
58
Table 3-2 Internet Connection with Pppoe
59
Figure 3-3 Internet Connection with RFC 1483
60
Table 3-3 Internet Connection with RFC 1483
60
Figure 3-4 Internet Connection with ENET ENCAP
61
Table 3-4 Internet Connection with ENET ENCAP
61
Figure 3-5 Internet Connection with Pppoa
62
DHCP Setup
63
Table 3-5 Internet Connection with Pppoa
63
Ip Pool Setup
64
Wizard Setup Configuration: Third Screen
64
Figure 3-7 Wizard : LAN Configuration
65
Table 3-6 Wizard : LAN Configuration
65
Wizard Setup Configuration: Connection Tests
66
Test Your Internet Connection
67
Password, LAN, Wireless LAN and WAN
68
Chapter 4 Password Setup
69
Password Overview
69
Configuring Password
69
Chapter 5 LAN Setup
71
LAN Overview
71
DNS Server Address
71
Figure 5-1 LAN and WAN IP Addresses
71
DNS Server Address Assignment
72
Factory Lan Defaults
72
Lan Tcp/Ip
72
Rip Setup
73
Configuring LAN
74
Chapter 6 Wireless LAN Setup
77
Wireless LAN Overview
77
Figure 6-1 RTS/CTS
78
Fragmentation Threshold
79
Levels of Security
79
Figure 6-2 Prestige Wireless Security Levels
79
Data Encryption with WEP
80
Inserting a PCMCIA Wireless LAN Card
80
Configuring Wireless LAN
80
Configuring MAC Filter
82
Figure 6-4 MAC Address Filter
83
Network Authentication
84
Table 6-2 MAC Address Filter
84
Eap Authentication Overview
85
Types of Radius Messages
85
Configuring 802.1X
86
Figure 6-5 EAP Authentication
86
Figure 6-6 802.1X
86
Table 6-3 802.1X
87
Configuring Local User Authentication
88
Figure 6-7 Local User Database
89
Configuring RADIUS
90
Figure 6-8 RADIUS
90
Table 6-4 Local User Database
90
Table 6-5 RADIUS
91
Chapter 7 WAN Setup
93
WAN Overview
93
Metric
93
Pppoe Encapsulation
93
Traffic Shaping
94
Configuring WAN Setup
95
Figure 7-1 Example of Traffic Shaping
95
WAN Backup
99
Traffic Redirect
99
Figure 7-3 Traffic Redirect Setup Example
100
Figure 7-4 Traffic Redirect LAN Setup
100
Configuring WAN Backup
101
Figure 7-5 WAN Backup
101
Table 7-2 WAN Backup
101
Configuring Advanced WAN Backup
103
Figure 7-6 Advanced WAN Backup
104
Table 7-3 Advanced WAN Backup
105
AT Command Strings
107
DTR Signal
108
Response Strings
108
Configuring Advanced Modem Setup
108
Figure 7-7 Advanced Modem Setup
109
Table 7-4 Advanced Modem Setup
109
NAT, Dynamic DNS and Time Zone
111
Chapter 8 Network Address Translation (NAT) Screens
113
Nat Overview
113
Nat Definitions
113
What Nat Does
114
How Nat Works
114
Figure 8-1 How NAT Works
115
Nat Application
115
Figure 8-2 NAT Application with IP Alias
116
Nat Mapping Types
116
SUA (Single User Account) Versus NAT
117
Table 8-2 NAT Mapping Types
117
SUA Server
118
Default Server Ip Address
118
Table 8-3 Services and Port Numbers
119
Selecting the NAT Mode
120
Figure 8-3 Multiple Servers Behind NAT Example
120
Figure 8-4 NAT Mode
120
Configuring SUA Server
121
Table 8-4 NAT Mode
121
Figure 8-5 Edit SUA/NAT Server Set
122
Table 8-5 Edit SUA/NAT Server Set
122
Configuring Address Mapping
123
Figure 8-6 Address Mapping Rules
123
Editing an Address Mapping Rule
124
Table 8-6 Address Mapping Rules
124
Figure 8-7 Address Mapping Rule Edit
125
Table 8-7 Address Mapping Rule Edit
125
Chapter 9 Dynamic DNS Setup
127
Dynamic DNS
127
Dyndns Wildcard
127
Configuring Dynamic DNS
127
Figure 9-1 DDNS
128
Table 9-1 DDNS
128
Chapter 10 Time Zone
129
Configuring Time Zone
129
Figure 10-1 Time/Date
129
Table 10-1 Time/Date
130
Firewall and Content Filters
132
Chapter 11 Firewalls
134
Firewall Overview
134
Types of Firewalls
134
Packet Filtering Firewalls
134
Stateful Inspection Firewalls
135
Introduction to Zyxel's Firewall
135
Denial of Service
136
Figure 11-1 Prestige Firewall Application
136
Types of Dos Attacks
137
Table 11-1 Common IP Ports
137
Figure 11-2 Three-Way Handshake
138
Figure 11-3 SYN Flood
138
Figure 11-4 Smurf Attack
139
Table 11-2 ICMP Commands that Trigger Alerts
139
Stateful Inspection
140
Table 11-3 Legal Netbios Commands
140
Table 11-4 Legal SMTP Commands
140
Stateful Inspection Process
141
Stateful Inspection and the Prestige
142
Tcp Security
143
Upper Layer Protocols
143
Guidelines for Enhancing Security with Your Firewall
144
Security in General
144
Packet Filtering Vs Firewall
145
When to Use Filtering
145
When to Use the Firewall
146
Chapter 12 Firewall Configuration
148
Remote Management and the Firewall
148
Enabling the Firewall
148
Figure 12-1 Enabling the Firewall
148
Threshold Values
149
Attack Alert
149
Tcp Maximum Incomplete and Blocking Time
150
Figure 12-2 Attack Alert
151
Table 12-1 Attack Alert
151
Chapter 13 Creating Custom Rules
153
Rules Overview
153
Rule Checklist
153
Rule Logic Overview
153
Security Ramifications
154
Key Fields for Configuring Rules
154
Source Address
155
Connection Direction
155
Destination Address
155
Figure 13-1 LAN to WAN Traffic
155
Lan to Wan Rules
155
Wan to Lan Rules
155
Logs
156
Rule Summary
156
Figure 13-2 WAN to LAN Traffic
156
Figure 13-3 Firewall Rules Summary: First Screen
157
Table 13-1 Firewall Rules Summary: First Screen
157
Predefined Services
158
Table 13-2 Predefined Services
159
Creating/Editing Firewall Rules
161
Figure 13-4 Creating/Editing a Firewall Rule
162
Table 13-3 Creating/Editing a Firewall Rule
162
Timeout
164
Figure 13-5 Adding/Editing Source and Destination Addresses
164
Table 13-4 Adding/Editing Source and Destination Addresses
164
Figure 13-6 Timeout
165
Table 13-5 Timeout
165
Chapter 14 Customized Services
167
Introduction to Customized Services
167
Figure 14-1 Customized Services
167
Creating/Editing a Customized Service
168
Figure 14-2 Creating/Editing a Customized Service
168
Table 14-1 Customized Services
168
Example Custom Service Firewall Rule
169
Table 14-2 Creating/Editing a Customized Service
169
Figure 14-3 Configure Source IP Example
170
Figure 14-4 Customized Service for Myservice Example
170
Figure 14-5 Syslog Rule Configuration Example
171
Figure 14-6 Rule Summary Example
172
Chapter 15 Content Filtering Screens
173
Content Filtering Overview
173
Configuring Keyword Blocking
173
Figure 15-1 Content Filter: Keyword
174
Table 15-1 Content Filter: Keyword
174
Configuring the Schedule
175
Figure 15-2 Content Filter: Schedule
175
Configuring Trusted Computers
176
Figure 15-3 Content Filter: Trusted
176
Table 15-2 Content Filter: Schedule
176
Table 15-3 Content Filter: Trusted
176
Vpn/Ipsec
178
Chapter 16 Introduction to Ipsec
179
VPN Overview
179
Security Association
179
Other Terminology
179
Figure 16-1 Encryption and Decryption
180
Vpn Applications
180
Ipsec Architecture
181
Figure 16-2 VPN Application
181
Figure 16-3 Ipsec Architecture
182
Key Management
182
Encapsulation
183
Transport Mode
183
Ipsec and NAT
183
Tunnel Mode
183
Figure 16-4 Transport and Tunnel Mode Ipsec Encapsulation
183
Table 16-1 VPN and NAT
184
Chapter 17 VPN Screens
185
Vpn/Ipsec Overview
185
Ipsec Algorithms
185
My IP Address
186
Secure Gateway Address
186
Table 17-1 AH and ESP
186
VPN Summary Screen
187
Figure 17-1 Ipsec Summary Fields
187
Figure 17-2 VPN Summary
188
Table 17-2 VPN Summary
188
Keep Alive
189
ID Type and Content
189
Table 17-3 Local ID Type and Content Fields
190
Table 17-4 Peer ID Type and Content Fields
190
Table 17-5 Matching ID Type and Content Configuration Example
190
Pre-Shared Key
191
Editing VPN Policies
191
Table 17-6 Mismatching ID Type and Content Configuration Example
191
Figure 17-3 VPN IKE
192
Table 17-7 VPN IKE
193
IKE Phases
197
Figure 17-4 Two Phases to Set up the Ipsec SA
197
Negotiation Mode
198
Configuring Advanced IKE Settings
198
Figure 17-5 VPN IKE: Advanced
199
Table 17-8 VPN IKE: Advanced
199
Manual Key Setup
202
Configuring Manual Key
203
Figure 17-6 Manual Setup
203
Table 17-9 VPN Manual Setup
204
Viewing SA Monitor
206
Figure 17-7 SA Monitor
207
Table 17-10 SA Monitor
207
Configuring Global Setting
208
Figure 17-8 Global Setting
208
Table 17-11 Global Setting
208
Telecommuters Sharing One Vpn Rule Example
209
Telecommuter Vpn/Ipsec Examples
209
Table 17-12 Telecommuter and Headquarters Configuration Example
209
Figure 17-9 Telecommuters Sharing One VPN Rule Example
210
Telecommuters Using Unique Vpn Rules Example
210
VPN and Remote Management
211
Figure 17-10 Telecommuters Using Unique VPN Rules Example
211
Remote Management, Upnp and Logs
212
Chapter 18 Remote Management Configuration
213
Remote Management Overview
213
Remote Management Limitations
213
Telnet
214
Ftp
214
Figure 18-1 Telnet Configuration on a TCP/IP Network
214
Web
215
Configuring Remote Management
215
Figure 18-2 Remote Management
215
Chapter 19 Universal Plug-And-Play (Upnp)
217
Introducing Universal Plug and Play
217
Nat Traversal
217
Cautions with Upnp
217
Upnp and Zyxel
218
Figure 19-1 Configuring Upnp
218
Table 19-1 Configuring Upnp
218
Installing Upnp in Windows Example
219
Using Upnp in Windows XP Example
221
Chapter 20 Logs Screens
225
Logs Overview
225
Alerts and Logs
225
Configuring Log Settings
225
Figure 20-1 Log Settings
226
Table 20-1 Log Settings
227
Displaying the Logs
228
Figure 20-2 View Logs
228
Table 20-2 View Logs
228
SMTP Error Messages
229
Table 20-3 SMTP Error Messages
229
Figure 20-3 E-Mail Log Example
230
Bandwidth Management
231
Chapter 21 Bandwidth Management
233
Bandwidth Management Overview
233
Bandwidth Classes and Filters
233
Proportional Bandwidth Allocation
234
Bandwidth Management Usage Examples
234
Figure 21-1 Application-Based Bandwidth Management Example
234
Figure 21-2 Subnet-Based Bandwidth Management Example
235
Table 21-1 Application and Subnet-Based Bandwidth Management Example
235
Scheduler
236
Maximize Bandwidth Usage
236
Figure 21-3 Application and Subnet-Based Bandwidth Management Example
236
Maximize Bandwidth Usage Example
237
Figure 21-4 Bandwidth Allotment Example
237
Figure 21-5 Maximize Bandwidth Usage Example
238
Bandwidth Borrowing
239
Figure 21-6 Bandwidth Borrowing Example
240
Maximize Bandwidth Usage with Bandwidth Borrowing
241
Configuring Summary
241
Figure 21-7 Bandwidth Manager: Summary
242
Table 21-2 Bandwidth Manager: Summary
242
Configuring Class Setup
243
Figure 21-8 Bandwidth Manager: Class Setup
244
Table 21-3 Bandwidth Manager: Class Setup
244
Figure 21-9 Bandwidth Manager: Class Configuration
246
Table 21-4 Bandwidth Manager: Class Configuration
246
Table 21-5 Services and Port Numbers
248
Figure 21-10 Bandwidth Management Statistics
249
Table 21-6 Bandwidth Management Statistics
249
Configuring Monitor
250
Figure 21-11 Bandwidth Manager Monitor
250
Table 21-7 Bandwidth Manager Monitor
250
Maintenance
252
Chapter 22 Maintenance
253
Maintenance Overview
253
System Status Screen
253
Figure 22-1 System Status
254
Table 22-1 System Status
255
Figure 22-2 System Status: Show Statistics
256
Table 22-2 System Status: Show Statistics
257
DHCP Table Screen
258
Figure 22-3 DHCP Table
258
Wireless Screens
259
Figure 22-4 Association List
259
Table 22-3 DHCP Table
259
Table 22-4 Association List
260
Diagnostic Screens
261
Figure 22-5 Channel Usage Table
261
Table 22-5 Channel Usage Table
261
Diagnostic General Screen
261
Figure 22-6 Diagnostic General
262
Table 22-6 Diagnostic General
262
Figure 22-7 Diagnostic DSL Line
263
Table 22-7 Diagnostic DSL Line
263
Firmware Screen
264
Figure 22-8 Firmware Upgrade
265
Table 22-8 Firmware Upgrade
265
Figure 22-9 Network Temporarily Disconnected
266
Figure 22-10 Error Message
266
SMT General Configuration
267
Chapter 23 Introducing the SMT
269
SMT Introduction
269
Procedure for Smt Configuration Via Telnet
269
Entering Password
269
Figure 23-1 Login Screen
270
Prestige Smt Menu Overview
270
Navigating the SMT Interface
271
Figure 5-2 LAN
271
Figure 6-3 Wireless
271
Figure 23-2 Prestige 652HW-31 SMT Menu Overview
271
Table 5-1 LAN
271
Table 6-1 Wireless
271
Table 18-1 Remote Management
271
Table 23-1 Main Menu Commands
272
Figure 23-3 SMT Main Menu
273
Table 23-2 Main Menu Summary
273
System Management Terminal Interface Summary
273
Changing the System Password
274
Figure 23-4 Menu 23 System Password
274
Chapter 24 Menu 1 General Setup
275
General Setup
275
Procedure to Configure Menu 1
275
Figure 24-1 Menu 1 General Setup
276
Table 24-1 Menu 1 General Setup
276
Figure 24-2 Menu 1.1 Configure Dynamic DNS
277
Table 24-2 Menu 1.1 Configure Dynamic DNS
277
Chapter 25 Menu 2 WAN Backup Setup
279
Introduction to WAN Backup Setup
279
Dial Backup
279
Configuring Dial Backup in Menu 2
279
Figure 25-1 Menu 2 WAN Backup Setup
280
Table 25-1 Menu 2 WAN Backup Setup
280
Figure 25-2 Menu 2.1Traffic Redirect Setup
281
Configuring Dial Backup Setup
282
Table 25-2 Menu 2.1Traffic Redirect Setup
282
Figure 25-3 Menu 2.2 Dial Backup Setup
283
Table 25-3 Menu 2.2 Dial Backup Setup
283
Advanced Dial Backup Setup
284
Figure 25-4 Menu 2.2.1 Advanced Dial Backup Setup
284
Table 25-4 Menu 2.2.1 Advanced Dial Backup Setup: at Commands Fields
284
Table 25-5 Menu 2.2.1 Advanced Dial Backup Setup: Call Control Parameters
285
Remote Node Profile (Backup ISP)
286
Figure 25-5 Menu 11.1 Remote Node Profile (Backup ISP)
286
Table 25-6 Menu 11.1 Remote Node Profile (Backup ISP)
286
Editing PPP Options
288
Figure 25-6 Menu 11.2 Remote Node PPP Options
288
Editing TCP/IP Options
289
Figure 25-7 Menu 11.2 Remote Node PPP Options
289
Figure 25-8 Menu 11.3 Remote Node Network Layer Options
289
Table 25-7 Menu 11.3 Remote Node Network Layer Options
289
Editing Login Script
291
Remote Node Filter
292
Figure 25-9 Menu 11.4 Remote Node Setup Script
292
Table 25-8 Menu 11.4 Remote Node Setup Script
292
Figure 25-10 Menu 11.1 Remote Node Profile (Backup ISP)
293
Figure 25-11 Menu 11.5 Dial Backup Remote Node Filter
293
Chapter 26 Menu 3 LAN Setup
295
LAN Setup
295
Figure 26-1 Menu 3 LAN Setup
295
Figure 26-2 Menu 3.1 LAN Port Filter Setup
295
General Ethernet Setup
295
Protocol Dependent Ethernet Setup
296
TCP/IP Ethernet Setup and DHCP
296
Figure 26-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup
296
Table 26-1 DHCP Ethernet Setup Menu Fields
297
Table 26-2 TCP/IP Ethernet Setup Menu Fields
297
Chapter 27 Wireless LAN Setup
299
Wireless LAN Overview
299
Inserting a PCMCIA Wireless LAN Card
299
Wireless LAN Setup
299
Figure 27-1 Menu 3.5 - Wireless LAN Setup
300
Table 27-1 Menu 3.5 - Wireless LAN Setup
300
Wireless Lan Mac Address Filter
301
Figure 27-2 Menu 3.5.1 WLAN MAC Address Filtering
302
Table 27-2 Menu 3.5.1 WLAN MAC Address Filtering
302
Chapter 28 Internet Access
303
Internet Access Overview
303
IP Policies
303
IP Alias
303
IP Alias Setup
304
Figure 28-1 Physical Network
304
Figure 28-3 Menu 3.2 TCP/IP and DHCP Setup
305
Figure 28-4 Menu 3.2.1 IP Alias Setup
305
Route IP Setup
306
Figure 28-5 Menu 1 General Setup
306
Table 28-1 Menu 3.2.1 IP Alias Setup
306
Internet Access Configuration
307
Figure 28-6 Menu 4 Internet Access Setup
307
Table 28-2 Menu 4 Internet Access Setup
307
Chapter 29 Remote Node Configuration
311
Remote Node Setup Overview
311
Remote Node Setup
311
Figure 29-1 Menu 11 Remote Node Setup
312
Encapsulation and Multiplexing Scenarios
312
Figure 29-2 Menu 11.1 Remote Node Profile
313
Table 29-1 Menu 11.1 Remote Node Profile
313
Outgoing Authentication Protocol
315
Remote Node Network Layer Options
316
Figure 29-3 Menu 11.3 Remote Node Network Layer Options
316
Table 29-2 Menu 11.3 Remote Node Network Layer Options
316
Remote Node Filter
318
Figure 29-4 Sample IP Addresses for a TCP/IP LAN-To-LAN Connection
318
My Wan Addr Sample Ip Addresses
318
Editing ATM Layer Options
319
Figure 29-5 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation)
319
Figure 29-6 Menu 11.5 Remote Node Filter (Pppoa or Pppoe Encapsulation)
319
Figure 29-7 Menu 11.6 for VC-Based Multiplexing
320
Figure 29-8 Menu 11.6 for LLC-Based Multiplexing or PPP Encapsulation
320
Figure 29-9 Menu 11.1 Remote Node Profile
321
Figure 29-10 Menu 11.8 Advance Setup Options
321
Table 29-3 Menu 11.8 Advance Setup Options
322
Chapter 30 Static Route Setup
323
IP Static Route Overview
323
Figure 30-1 Sample Static Routing Topology
323
Configuration
324
Figure 30-2 Menu 12 Static Route Setup
324
Figure 30-3 Menu 12.1 IP Static Route Setup (P652H/HW)
324
Figure 30-4 Menu12.1.1 Edit IP Static Route
325
Table 30-1 Menu12.1.1 Edit IP Static Route
325
Chapter 31 Bridging Setup
327
Bridging in General
327
Bridge Ethernet Setup
327
Remote Node Bridging Setup
327
Figure 31-1 Menu 11.1 Remote Node Profile
328
Figure 31-2 Menu 11.3 Remote Node Network Layer Options
328
Figure 31-3 Menu 12.3.1 Edit Bridge Static Route
329
Table 31-1 Remote Node Network Layer Options : Bridge Fields
329
Table 31-2 Menu 12.3.1 Edit Bridge Static Route
329
Chapter 32 Network Address Translation (NAT)
331
Using NAT
331
Applying NAT
331
Figure 32-1 Menu 4 Applying NAT for Internet Access
332
NAT Setup
333
Figure 32-2 Menu 11.3 Applying NAT to the Remote Node
333
Figure 32-3 Menu 15 NAT Setup
334
Figure 32-4 Menu 15.1 Address Mapping Sets
334
Figure 32-5 Menu 15.1.255 SUA Address Mapping Rules
335
Table 32-2 SUA Address Mapping Rules
335
Figure 32-6 Menu 15.1.1 First Set
336
Table 32-3 Menu 15.1.1 First Set
337
Figure 32-7 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set
338
Table 32-4 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set
338
Configuring a Server Behind NAT
339
Figure 32-8 Menu 15.2 NAT Server Setup
339
Figure 32-9 Menu 15.2.1 NAT Server Setup
340
General NAT Examples
341
Figure 32-10 Multiple Servers Behind NAT Example
341
Figure 32-11 NAT Example 1
342
Figure 32-12 Menu 4 Internet Access & NAT Example
342
Figure 32-14 Menu 15.2.1 Specifying an Inside Server
343
Figure 32-16 Example 3: Menu 11.3
345
Figure 32-17 Example 3: Menu
346
Figure 32-20 Example 4: Menu 15.1.1.1 Address Mapping Rule
348
Figure 32-21 Example 4: Menu 15.1.1 Address Mapping Rules
348
Advertisement
ZyXEL Communications Prestige 652 User Manual (331 pages)
ZyXEL ADSL Security Router User's Guide
Brand:
ZyXEL Communications
| Category:
Network Router
| Size: 4.45 MB
Table of Contents
Zyxel Limited Warranty
5
Customer Support
6
Warranty Information
6
Table of Contents
7
Related Documentation
23
Syntax Conventions
24
Getting Started
27
Chapter 1 Getting to Know Your Prestige
29
Features
29
Protocol Support
31
Networking Compatibility
32
Applications for the Prestige 652
33
Figure 1-1 Internet Access Application
34
Figure 1-2 Firewall Application
34
Figure 1-3 LAN-To-LAN Application
35
Figure 1-4 VPN Application
36
Chapter 2 Hardware Installation and Initial Setup
37
Front Panel Leds of the P652
37
Figure 2-1 Front Panel
37
Table 2-1 Front Panel LED Description
37
Rear Panel and Connections
38
Figure 2-2 Rear Panel
38
Additional Installation Requirements
39
P652 with POTS
40
Figure 2-3 Connecting a POTS Splitter
41
P652 with ISDN
42
Figure 2-4 Connecting a Microfilter
42
Figure 2-5 P652 with ISDN
42
Turning on Your Prestige
43
Configuring Your Prestige for Internet Access
43
Figure 2-6 Power-On Display
43
Resetting the Prestige
44
Figure 2-7 Login Screen
44
Procedure to Use the Reset Button
45
Navigating the SMT Interface
46
Figure 2-8 SMT Menu Overview
46
Table 2-2 Main Menu Commands
47
Figure 2-9 SMT Main Menu
48
Table 2-3 Main Menu Summary
48
Changing the System Password
49
Figure 2-10 Menu 23 - System Password
49
Chapter 3 General Setup
51
System Name
51
Dynamic DNS
51
General Setup
52
Figure 3-1 Menu 1 - General Setup
52
Table 3-1 General Setup Menu Fields
52
Figure 3-2 Configure Dynamic DNS
53
LAN Setup
54
Table 3-2 Configure Dynamic DNS Menu Fields
54
Protocol Dependent Ethernet Setup
55
Figure 3-3 Menu 3 - Ethernet Setup
55
Figure 3-4 Menu 3.1 - LAN Port Filter Setup
55
Chapter 4 Internet Access
57
Factory Ethernet Defaults
57
Lans and Wans
57
TCP/IP Parameters
58
Figure 4-1 LAN & WAN Ips
58
Private Ip Addresses
59
Rip Setup
59
Dhcp Configuration
60
IP Multicast
61
IP Policies
61
IP Alias
61
Figure 4-2 Physical Network
62
Figure 4-3 Partitioned Logical Networks
62
Figure 4-4 Menu 3.2 - TCP/IP and DHCP Ethernet Setup
62
Figure 4-5 Menu 3.2.1 - IP Alias Setup
63
Table 4-1 IP Alias Setup Menu Fields
63
Route IP Setup
64
TCP/IP Ethernet Setup and DHCP
64
Figure 4-6 Menu 1 - General Setup
64
Figure 4-7 Menu 3.2 - TCP/IP and DHCP Ethernet Setup
65
Table 4-2 DHCP Ethernet Setup Menu Fields
65
Table 4-3 TCP/IP Ethernet Setup Menu Fields
66
VPI and VCI
67
Multiplexing
67
Encapsulation
67
IP Address Assignment
68
Internet Access Configuration
69
Table 4-4 Internet Account Information
69
Traffic Shaping
70
Figure 4-8 Example of Traffic Shaping
71
Figure 4-9 Internet Access Setup
71
Table 4-5 Internet Access Setup Menu Fields
72
Advanced Applications
74
Chapter 5 Remote Node Configuration
75
Figure 5-1 Menu 11 - Remote Node Setup
75
Encapsulation and Multiplexing Scenarios
76
Figure 5-2 Menu 11.1 - Remote Node Profile
77
Table 5-1 Remote Node Profile Menu Fields
77
Remote Node Setup
79
Figure 5-3 Remote Node Network Layer Options
80
Table 5-2 Remote Node Network Layer Options
80
Remote Node Filter
81
Figure 5-4 Menu 11.5 - Remote Node Filter
82
Chapter 6 Remote Node TCP/IP Configuration
83
TCP/IP Configuration
83
Figure 6-1 Menu 11.6 for RFC-1483 or ENET ENCAP with VC-Based Multiplexing
83
Figure 6-2 Menu 11.6 for LLC-Based Multiplexing or Pppoa or Pppoe Encapsulation
84
Figure 6-3 Sample IP Addresses for a TCP/IP LAN-To-LAN Connection
85
Table 6-1 TCP/IP-Related Fields in Menu 11.1 - Remote Node Profile
85
Figure 6-4 Remote Node Network Layer Options
86
Table 6-2 TCP/IP Remote Node Configuration
86
Ip Static Route Setup
87
Figure 6-5 Sample Static Routing Topology
88
Figure 6-6 Menu 12 - Static Route Setup
89
Figure 6-7 Menu 12.1 - IP Static Route Setup
89
Figure 6-8 Edit IP Static Route
89
Table 6-3 Edit IP Static Route Menu Fields
90
Chapter 7 Bridging Setup
91
Bridging in General
91
Bridge Ethernet Setup
91
Figure 7-1 Menu 11.3 - Remote Node Bridging Options
92
Table 7-1 Remote Node Bridge Options
92
Figure 7-2 Menu 12.3.1 - Edit Bridge Static Route
93
Table 7-2 Edit Bridge Static Route Menu Fields
93
Chapter 8 Network Address Translation (NAT)
95
Introduction
95
Table 8-1 NAT Definitions
95
How Nat Works
96
What Nat Does
96
Figure 8-1 How NAT Works
97
Nat Application
97
Figure 8-2 NAT Application with IP Alias
98
Nat Mapping Types
98
Using NAT
99
Table 8-2 NAT Mapping Types
99
Figure 8-3 Menu 4 - Applying NAT for Internet Access
100
NAT Setup
101
Figure 8-4 Menu 11.3 - Applying NAT to the Remote Node
101
Table 8-3 Applying NAT in Menus 4 & 11.3
101
Figure 8-5 Menu 15 - NAT Setup
102
Figure 8-6 Menu 15.1 - Address Mapping Sets
102
Figure 8-7 Menu 15.1.255 - SUA Address Mapping Rules
103
Table 8-4 SUA Address Mapping Rules
103
Figure 8-8 Menu 15.1.1 - First Set
104
Ordering Your Rules
104
Figure 8-9 Menu 15.1.1.1 - Editing/Configuring an Individual Rule in a Set
106
Table 8-6 Menu 15.1.1.1 - Editing/Configuring an Individual Rule in a Set
106
NAT Server Sets - Port Forwarding
107
Table 8-7 Services & Port Numbers
107
Figure 8-10 Menu 15.2 - NAT Server Setup
108
Configuring a Server Behind Nat
108
Figure 8-11 Menu 15.2.1 - NAT Server Setup
109
Figure 8-12 Multiple Servers Behind NAT Example
110
General NAT Examples
111
Figure 8-13 NAT Example 1
111
Figure 8-14 Menu 4 - Internet Access & NAT Example
111
Figure 8-15 NAT Example 2
112
Figure 8-16 Menu 15.2.1 - Specifying an Inside Server
113
Figure 8-17 NAT Example 3
114
Figure 8-18 Example 3: Menu 11.3
115
Figure 8-19 Example 3: Menu 15.1.1.1
115
Figure 8-21 NAT Example 4
117
Figure 8-22 Example 4: Menu 15.1.1.1 - Address Mapping Rule
118
Figure 8-23 Example 4: Menu 15.1.1 - Address Mapping Rules
119
Firewall and Content Filters
120
Chapter 9 Firewalls
122
What Is a Firewall
122
Types of Firewalls
122
Introduction to Zyxel's Firewall
123
Denial of Service
124
Figure 9-1 Prestige Firewall Application
124
Types of Dos Attacks
125
Table 9-1 Common IP Ports
125
Figure 9-2 Three-Way Handshake
126
Figure 9-3 SYN Flood
126
Figure 9-4 Smurf Attack
127
Table 9-2 ICMP Commands that Trigger Alerts
127
Stateful Inspection
128
Table 9-3 Legal Netbios Commands
128
Table 9-4 Legal SMTP Commands
128
Figure 9-5 Stateful Inspection
129
Stateful Inspection and the Prestige
130
Tcp Security
131
Guidelines for Enhancing Security with Your Firewall
132
Packet Filtering Vs Firewall
133
Packet Filtering
134
When to Use Filtering
134
When to Use the Firewall
134
Chapter 10 Introducing the Prestige Firewall
136
Remote Management and the Firewall
136
Access Methods
136
Using Prestige SMT Menus
136
Figure 10-1 Menu 21 - Filter and Firewall Setup
136
Figure 10-2 Menu 21.2 - Firewall Setup
137
Figure 10-3 Example Firewall Log
137
Table 10-1 View Firewall Log
138
Chapter 11 Using the Prestige Web Configurator
140
Web Configurator Login and Main Menu Screens
140
Enabling the Firewall
141
E-Mail
141
Figure 11-1 Enabling the Firewall
141
Figure 11-2 E-Mail Screen
142
Table 11-1 E-Mail
143
Table 11-2 SMTP Error Messages
144
Attack Alert
145
Figure 11-3 E-Mail Log
145
Tcp Maximum Incomplete and Blocking Time
146
Figure 11-4 Attack Alert
147
Table 11-3 Attack Alert
148
Chapter 12 Creating Custom Rules
150
Rules Overview
150
Rule Logic Overview
150
Security Ramifications
151
Key Fields for Configuring Rules
151
Connection Direction
152
Figure 12-1 LAN to WAN Traffic
152
Rule Summary
153
Figure 12-2 WAN to LAN Traffic
153
Figure 12-3 Firewall Rules Summary - First Screen
154
Table 12-1 Firewall Rules Summary - First Screen
154
Predefined Services
155
Table 12-2 Predefined Services
156
Figure 12-4 Creating/Editing a Firewall Rule
159
Table 12-3 Creating/Editing a Firewall Rule
159
Source and Destination Addresses
160
Figure 12-5 Adding/Editing Source and Destination Addresses
161
Table 12-4 Adding/Editing Source and Destination Addresses
161
Timeout
162
Figure 12-6 Timeout Screen
162
Table 12-5 Timeout Menu
163
Chapter 13 Customized Services
164
Introduction
164
Figure 13-1 Customized Services
164
Table 13-1 Customized Services
165
Creating/Editing a Customized Service
166
Figure 13-2 Creating/Editing a Customized Service
166
Table 13-2 Creating/Editing a Custom Port
166
Example DHCP Negotiation and Syslog Connection from the Internet
167
Figure 13-3 Configure Source IP
168
Figure 13-4 Customized Service for Syslog
169
Figure 13-5 Syslog Rule Configuration
170
Figure 13-6 Example Rule Summary
171
Chapter 14 Logs
172
Log Screen
172
Figure 14-1 Log Screen
172
Table 14-1 Log Screen
173
Chapter 15 Content Filtering
174
Keyword
174
Schedule
174
Trusted
174
Logs
174
Advanced Management
175
Chapter 16 Filter Configuration
176
About Filtering
176
Figure 16-1 Outgoing Packet Filtering Process
176
Figure 16-2 Filter Rule Process
177
Filter Set
177
Configuring a Filter Set
178
Figure 16-4 Menu 21 - Filter and Firewall Setup
178
Figure 16-5 Menu 21.1 - Filter Set Configuration
179
Figure 16-6 Netbios_Wan Filter Rules Summary
180
Figure 16-7 Netbios _LAN Filter Rules Summary
180
Figure 16-8 Pppoe Filter Rules Summary
181
Figure 16-9 TEL_FTP_WEB_SNM Filter Rules Summary
181
Table 16-1 Filter Rules Summary Menu Abbreviations
182
Table 16-2 Rule Abbreviations Used
182
Configuring a Filter Rule
183
Figure 16-10 Menu 21.1.7.1 - TCP/IP Filter Rule
183
Table 16-3 TCP/IP Filter Rule Menu Fields
184
Figure 16-11 Executing an IP Filter
186
Filter Configuration
186
Generic Filter Rule
187
Table 16-4 Generic Filter Rule Menu Fields
188
Filter Types and NAT
189
Example Filter
189
Figure 16-13 Protocol and Device Filter Sets
189
Figure 16-14 Sample Telnet Filter
190
Figure 16-15 Sample Filter - Menu 21.1.9.1
191
Applying Filters and Factory Defaults
192
Figure 16-17 Filtering Ethernet Traffic
193
Table 16-5 Filter Sets Table
193
Figure 16-18 Filtering Remote Node Traffic
194
Figure 16-19 Filtering Remote Node Traffic with Pppoe
194
Chapter 17 SNMP Configuration
196
About SNMP
196
Figure 17-1 SNMP Management Model
196
Supported Mibs
197
SNMP Configuration
197
Figure 17-2 Menu 22 - SNMP Configuration
198
Table 17-1 SNMP Configuration Menu Fields
198
SNMP Traps
199
Table 17-2 SNMP Traps
199
Table 17-3 Ports and Permanent Virtual Circuits
199
Chapter 18 System Information and Diagnosis
200
System Status
200
System Information and Console Port Speed
202
Figure 18-3 Menu 24.2 - System Information and Console Port Speed
202
Figure 18-4 Menu 24.2.1 - System Maintenance - Information
203
Table 18-2 Fields in System Maintenance
203
Log and Trace
204
Figure 18-5 Menu 24.2.2 - System Maintenance - Change Console Port Speed
204
Figure 18-6 Menu 24.3 - System Maintenance - Log and Trace
204
Figure 18-7 Sample Error and Information Messages
205
Figure 18-8 Menu 24.3.2 - System Maintenance - Syslog and Accounting
205
Table 18-3 System Maintenance Menu - Syslog Parameters
206
Diagnostic
207
Figure 18-9 Menu 24.4 - System Maintenance - Diagnostic
207
Command Interpreter Mode
208
Figure 18-10 Command Mode
208
Table 18-4 System Maintenance Menu - Diagnostic
208
Chapter 19 Firmware and Configuration File Maintenance
210
Filename Conventions
210
Backup Configuration
211
Table 19-1 Filename Conventions
211
Figure 19-1 Telnet in Menu 24.5
212
Figure 19-2 FTP Session Example
213
Table 19-2 General Commands for GUI-Based FTP Clients
213
Backup Configuration Using Tftp
214
Tftp Command Example
214
Figure 19-3 System Maintenance - Backup Configuration
215
Table 19-3 General Commands for GUI-Based TFTP Clients
215
Restore Configuration
216
Figure 19-4 System Maintenance - Starting Xmodem Download Screen
216
Figure 19-5 Backup Configuration Example
216
Figure 19-6 Successful Backup Confirmation Screen
216
Figure 19-7 Telnet into Menu 24.6
217
Figure 19-8 Restore Using FTP Session Example
218
Figure 19-9 System Maintenance - Restore Configuration
218
Figure 19-10 System Maintenance - Starting Xmodem Download Screen
218
Uploading Firmware and Configuration Files
219
Figure 19-11 Restore Configuration Example
219
Figure 19-12 Successful Restoration Confirmation Screen
219
Figure 19-13 Telnet into Menu 24.7.1 - Upload System Firmware
220
Figure 19-14 Telnet into Menu 24.7.2 - System Maintenance
220
Figure 19-15 FTP Session Example of Firmware File Upload
221
Tftp Upload Command Example
222
Uploading Via Console Port
222
Figure 19-16 Menu 24.7.1 as Seen Using the Console Port
223
Figure 19-17 Example Xmodem Upload
223
Figure 19-18 Menu 24.7.2 as Seen Using the Console Port
224
Figure 19-19 Example Xmodem Upload
225
Chapter 20 System Maintenance and Information
226
Command Interpreter Mode
226
Figure 20-1 Command Mode in Menu 24
226
Call Control Support
227
Figure 20-2 Valid Commands
227
Figure 20-3 Call Control
227
Figure 20-4 Budget Management
228
Table 20-1 Budget Management
228
Time and Date Setting
229
Figure 20-5 Menu 24 - System Maintenance
229
Figure 20-6 Menu 24.10 System Maintenance - Time and Date Setting
229
Resetting the Time
230
Table 20-2 Time and Date Setting Fields
230
Advertisement
Related Products
ZyXEL Communications Prestige 652H/HW
ZyXEL Communications Prestige 652H series
ZyXEL Communications PRESTIGE 652HI -
ZyXEL Communications Prestige 652HW series
ZyXEL Communications PRESTIGE 652HWI -
ZyXEL Communications Prestige 652R-11
ZyXEL Communications Prestige 652R-13
ZyXEL Communications Prestige 652H-31
ZyXEL Communications Prestige 652H-33
ZyXEL Communications Prestige 652H-37
ZyXEL Communications Categories
Gateway
Network Router
Switch
Wireless Router
Adapter
More ZyXEL Communications Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL