1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Wireless Router
  5. P-2608HWL-D1
  6. Support notes

ZyXEL Communications P-2608HWL-D1 Support Notes

P-2608hwl series
Hide thumbs Also See for P-2608HWL-D1:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
P-2608HWL Series
Support Notes
Version 3.40
August. 2006

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications P-2608HWL-D1

Summary of Contents for ZyXEL Communications P-2608HWL-D1

  • Page 1 P-2608HWL Series Support Notes Version 3.40 August. 2006...

  • Page 2: Table Of Contents

    Peer to Peer call ...121 Phone Port Settings ...126 Configuring Advanced Voice Settings ...130 Speed dial Phone book...132 Voice - QoS setup...135 Call Forwarding Setup ...136 Voice – Common Settings...139 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 3 Does Prestige support dynamic IP addressing? ...151 What is the difference between the internal IP and the real IP from my ISP? ...151 How does e-mail work through the Prestige? ...151 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 4 What is the relationship between codec and VoIP? ...159 What advantage does Voice over IP provide?...159 What is the difference between H.323 and SIP?...159 Can H.323 and SIP interoperate with one another? ...160 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 5 Why do I need a VPN? ...168 What are the most commonly used VPN protocols? ...169 What is PPTP? ...169 What is L2TP? ...169 What is IPSec? ...169 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 6 Can the Prestige work as a NAT router with IPSec passthrough and an IPSec gateway at the same time? ...177 Wireless FAQ ...178 What is a Wireless LAN ?...178 What are the advantages of Wireless LANs ?...178 All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 7 By turning off SSID broadcasting, can someone still sniff the SSID? ...185 What are Insertion Attacks? ...185 What is a Wireless Snifter? ...185 What is the difference between Open System and Shared Key Authentication Types ?...185 All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 8 What is AAA? ...186 What is RADIUS?...186 What is WPA? ...186 What is WPA-PSK? ...186 Troubleshooting... 187 Using Embedded Packet Trace ...187 Debugging PPPoE Connection ...202 CLI Command List ... 213 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 9: Application Notes

    2. DHCP server enabled with client IP address pool starting from 192.168.1.33 3. Default SMT login password = 1234 • Setting up your Windows computer(s) 1. Ethernet connection Your computer(s) must have an Ethernet card installed. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 10 Prestige is powered on before clicking Yes. Repeat the above steps for each computer on your network. • Setting up the Prestige router All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes window, click the button.
  • Page 11 A login screen displays. Enter the password and press Login. The default password is '1234' which is the same as the one you use to log into the SMT. 3. Use the WIZARD SETUP screens to configure Internet access settings on the Prestige. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 12 P-2608HWL Series Support Notes The Internet access configuration screen varies depending on the Internet connection type you select. The following figure shows an example screen for PPPoE connection type. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 13: Set Up The Prestige As A Dhcp Relay

    What is DHCP Relay? DHCP (Dynamic Host Configuration Protocol) allows a network device to obtain IP settings from a server. You can configure the P-2608 as a DHCP server or DHCP relay. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 14 Third DNS Server= N/A IP Address= N/A DHCP Server Address= 192.168.1.2 Press ENTER to Confirm or ESC to Cancel: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes TCP/IP Setup: IP Address= 192.168.1.1 IP Subnet Mask= 255.255.255.0...

  • Page 15: Configure An Internal Server Behind The Prestige

    SUA servers. You can obtain the WAN IP address of the Prestige in SMT menu 24.1. • The following figure shows a configuration example to allow public access to an internal Web server All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 16 • The following table lists some common service port numbers. Service Telnet SMTP DNS (Domain Name Server) www-http (Web) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes End Port No. IP Address Default 0.0.0.0 192.168.1.10 0.0.0.0 0.0.0.0...

  • Page 17: Configure A Pptp Server Behind Sua

    Since PPTP encapsulates its data stream in the PPP protocol, VPN requires a second dial-up adapter. This second dial-up adapter for VPN is added during the installation phase of the Upgrade in addition to the first dial-up adapter that provides PPP support for the analog or ISDN modem. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 18 Enable the RAS port Select a network protocol (such as IPX or TCP/IP NetBEUI) for the RAS port Set the Prestige as the Internet gateway PPTP client setup (Windows 9x) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 19 After you have set the settings to allow public access to the PPTP server, test the connection from the PPTP client to the PPTP server. You can use Ping to check that the PPTP client can reach the PPTP All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes End Port No.
  • Page 20 The following figure shows an example VPN dial-up screen. The VPN Server field is 140.113.1.225 which is a dynamic IP address assigned to the Prestige by the ISP. Make sure you enter the WAN IP address of the Prestige correctly; otherwise, the VPN connection will fail. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 21: Using Nat / Multi-Nat

    The Prestige keeps a record of the ILA-IGA mappings so packets received from the outside network can be forwarded to the intended computer on the inside network. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 22 In Many-to-One mode, the Prestige maps multiple ILAs to one IGA. This is equivalent to SUA (or PAT, Port Address Translation). ZyXEL's Single User Account (SUA) feature is also supported on routers with the previous ZyNOS version. You can select to use SUA or multi-NAT in ZyXEL routers with ZyNOS V3.40. 4. Many to Many Overload In Many-to-Many Overload mode, the Prestige maps multiple ILAs to a shared IGA.
  • Page 23 • SUA Versus NAT ZyXEL's SUA (Single User Account) implementation in the previous ZyNOS versions is similar to having two NAT modes: Many-to-One and Server. With the able to map global IP addresses to local IP addresses. With multiple global IP addresses, multiple severs of the same type (e.g., FTP servers) are allowed on the LAN for outside access.
  • Page 24 The following table describes the options for the Network Address Translation field. Field Options Network Address Translation Full Feature None All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes 4-Internet Access Setup. Full Feature Description When you select this option, the SMT will use Address Mapping Set 1 (in SMT menu 15.1 see the following...
  • Page 25 NAT Server Set on the Prestige, configure a server rule in the server set menu. Refer to more information on the related configuration menus. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes When you select this option, the SMT uses Address Mapping Set 255 (in SMT menu 15.1 see the following...
  • Page 26 The following figure shows the address mapping rules for set 255. NAT address mapping set 255 is used for SUA only and is equivalent to the SUA feature in ZyXEL routers with pre-ZyNOS v3.40 versions. . You cannot changes the fields in this screen.
  • Page 27 Menu 15.1.1 - Address Mapping Rules Set Name= ? Idx Local Start IP Local End IP --- --------------- --------------- --------------- --------------- ------ All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Global Start IP Global End IP Type Option/Example 0.0.0.0...
  • Page 28 Select Rule field. The Menu 15.1.1.1-Address Mapping Rule screen displays in which you can edit an individual rule and configure the Type, Local and Global Start/End IPs. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes , Select Rule= 0...
  • Page 29 Note: For all Local and Global IPs, the End IP address must begin after the IP Start address. Thus you cannot have an End IP address that begins before the Start IP address. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 30 [ESC] at any time to cancel. Menu 15.2 - NAT Server Setup (Used for SUA Only) Rule Start Port No. End Port No. IP Address --------------------------------------------------- All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 31 Prestige for Internet access only. In this case, one rule is needed to map all ILAs to the one IGA assigned by the ISP. The following figure shows a network example. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Default 0.0.0.0...
  • Page 32 My Login= cso@zyxel My Password= ******** Idle Timeout (sec)= 0 IP Address Assignment= Dynamic IP Address= N/A Network Address Translation= SUA Only Address Mapping Set= 1 Press ENTER to Confirm or ESC to Cancel: All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 33 Menu 15.2 - NAT Server Setup (Used for SUA Only) Rule Start Port No. End Port No. IP Address --------------------------------------------------- Default All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Default 0.0.0.0 192.168.1.33 0.0.0.0...
  • Page 34 8. Rule 4 (Server type) maps the web and mail server with ILA3 (192.168.1.20) to IGA3. The Server rule type allows you to specify more then one inside servers behind NAT on the LAN. Step 1: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes 0.0.0.0 0.0.0.0...
  • Page 35 The following figure shows the four rules for this network example. For Rule 1: Select One-to-One in the Type field to map FTP Server 1 with ILA1 (192.168.1.10) to IGA1. Menu 15.1.1.1 - - Rule 1 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Full Feature...
  • Page 36 For Rule 3: Select Many-to-One in the Type field to map other LAN clients to IGA3. Menu 15.1.1.3 - - Rule 3 Type: Many-to-One Local IP: Start= 0.0.0.0 End = 255.255.255.255 Global IP: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 37 Idx Local Start IP Local End IP --- --------------- --------------- --------------- --------------- ------ 1. 192.168.1.10 2. 192.168.1.11 3. 0.0.0.0 255.255.255.255 [IGA3] All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Global Start IP Global End IP Type [IGA1] [IGA2] [IGA3]...
  • Page 38 Menu 15.2 - NAT Server Setup Rule Start Port No. End Port No. IP Address --------------------------------------------------- Default Press ENTER to Confirm or ESC to Cancel: 4. NAT Unfriendly Applications All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Default 0.0.0.0 192.168.1.20 192.168.1.20 0.0.0.0...
  • Page 39 [Enter IGA1] End = [Enter IGA3] Press ENTER to Confirm or ESC to Cancel: The following screens show how to configure a One-to-One mapping rule for each IGA. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 40 Global IP: Start= [Enter IGA2] End = N/A Press ENTER to Confirm or ESC to Cancel: Menu 15.1.1.3 - - Rule 3 Type: One-to-One Local IP: Start= 192.168.1.12 End = N/A Global IP: All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 41 Many One to One • Server The following table summarizes these types. NAT Type IP Mapping One-to-One ILA1<--->IGA1 ILA1<--->IGA1 Many-to-One ILA2<--->IGA1 (SUA/PAT) ILA1<--->IGA1 ILA2<--->IGA2 Many-to-Many ILA3<--->IGA1 Overload ILA4<--->IGA2 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 42: Introduction To Filter & Filter Examples

    24 filter rules on a port. The following figure shows the logic flow of a filter rule on the Prestige. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 43 LAN and WAN. The IP and IPX filter rules belong to the protocol category; they act on the IP and IPX packets. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes device and protocol.
  • Page 44 If SUA is enabled, SUA changes the destination IP address from 203.205.115.6 to 92.168.1.33 and port number from 4034 to 1023. • WAN protocol input filter sets. • LAN device and protocol output filter sets. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 45 Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 0 Port # Comp= None Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Log= None IP Source Route= No error message...
  • Page 46 The menus are modified to include new fields as shown below. Menu 3.1: Menu 3.1 - General Ethernet Setup Input Filter Sets: protocol filters= device filters= Output Filter Sets: protocol filters= device filters= Menu 11.1: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Log= None...
  • Page 47 Output Filter Sets: protocol filters= device filters= Call Filter Sets: protocol filters= device filters= All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Route= IP Bridge= No Edit IP/Bridge= No Edit ATM Options= No Edit Advance Options= No...
  • Page 48 Rule 3- block DNS packets, UDP (17) protocol type with port number 53 Apply the filter set in menu 4 1. Create a filter set in Menu 21 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 49 Port # Comp= Equal Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= Port # Comp= None TCP Estab= No More= No All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Filter Set # Comments ------ ----------------- _______________...
  • Page 50 4. Configure rule 3 for (c). DNS packets using UDP(17) and port number 53 Menu 21.1.2 - TCP/IP Filter Rule Filter #: 1,2 Filter Type= TCP/IP Filter Rule All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Drop IP Source Route= No Equal...
  • Page 51 6. Apply the filter set in the 'Output Protocol Filter Set' field for remote node setup . A filter to block a specific client Configuration All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes IP Source Route= No...
  • Page 52 Port # Comp= None Source: IP Addr= IP Mask= Port #= Port # Comp= None TCP Estab= N/A More= No All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Filter Set # Comments ------ ----------------- _______________ _______________...
  • Page 53 Now a client on the LAN is trying to ping Prestige……… ras> sys trcp sw off ras> sys trcp disp TIME: 37c060 enet0-RECV len:74 call=0 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Drop Forward 'Output...
  • Page 54 - IP address 202.132.155.93 (Source IP address) ----> 202.132.155.99(Destination IP address) - No option + Internet Control Message Protocol - Type: 8 - Echo Request - Code: 0 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes 08 00 45 00 ----> 00-A0-C5-23-45...
  • Page 55 Length= Mask= ffffffffffff Value= 0080c84cea63 More= No Action Matched= Action Not Matched= Key Settings: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes [00 80 c8 4c ea 63]. 08 00 45 00 Log= None Drop Forward...
  • Page 56 'Generic Filter Rule'). You must configure Generic and TCPIP (IPX) filter rules in different filter sets. Menu 21.1.2 - Generic Filter Rule Filter #: 1,2 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes that the Prestige should use to compare with the...
  • Page 57 Prestige blocks NetBIOS connection to an outside host by default. To enable the NetBIOS service, remove the filter sets applied in menus 3.1 and 4.1. The details of the filter settings are described as follows. • Configuration All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Log= None General Ethernet Setup.
  • Page 58 _______________ _______________ _______________ _______________ Enter Filter Set Number to Configure= 1 Edit Comments= Press ENTER to Confirm or ESC to Cancel: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Filter Set # Comments ------ ----------------- _______________...
  • Page 59 Menu 21.1.2 - TCP/IP Filter Rule Filter #: 1,2 Filter Type= TCP/IP Filter Rule Active= IP Protocol= All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes IP Source Route= No Equal Log= None Drop IP Source Route= No...
  • Page 60 Port # Comp= None TCP Estab= No More= No Action Matched= Drop Action Not Matched= Check Next Rule All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Equal Log= None IP Source Route= No Equal Log= None...
  • Page 61 Rule 5-Destination port number 139 with protocol number 6 (TCP) Menu 21.1.5 - TCP/IP Filter Rule Filter #: 1,5 Filter Type= TCP/IP Filter Rule All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes IP Source Route= No Equal Log= None...
  • Page 62 Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 0 Port # Comp= None TCP Estab= N/A More= No All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes IP Source Route= No Equal Log= None IP Source Route= No...
  • Page 63 Menu 21.2.1 - TCP/IP Filter Rule Filter #: 2,1 Filter Type= TCP/IP Filter Rule Active= IP Protocol= Destination: IP Addr= 0.0.0.0 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Drop Forward M m n N D N N D N...
  • Page 64 TCP Estab= N/A More= No Action Matched= Drop Action Not Matched= Press ENTER to Confirm or ESC to Cancel: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Equal Equal Log= None IP Source Route= No Equal...

  • Page 65: Using The Dynamic Dns (Ddns)

    (the domain name), the DNS server automatically maps the web site address to a public IP address and redirects the request to the intended web server. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 66 DNS server database since the WAN IP address changes. Thus Dynamic DNS (DDNS) is used to solve this problem. For example, if you have hosted a web site (say www.zyxel.com) on a server behind the Prestige which is assigned a dynamic WAN IP address from the ISP, users can still access the web site from the WAN when you have set up the DDNS settings.
  • Page 67 Use IP Address= N/A Press ENTER to Confirm or ESC to Cancel: Field Settings for DDNS: Option Description Service Provider Enter the DDNS server in this field. Currently, the Prestige supports All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 68: Network Management Using Snmp

    TCP/IP protocol suite and it uses UDP to exchange messages between a management Client and an Agent, residing in a network node. There are two versions of SNMP: Version 1 and Version 2. ZyXEL supports SNMPv1. Most of the changes introduced in Version 2 enhance SNMP's security capabilities. SNMP encompasses three main areas: 1.
  • Page 69 (such as IP routing table) in managed devices. 9. Traps The managed devices asynchronously report events to NMSs through traps. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Management Information Base...
  • Page 70 There are two parts in an SNMPv1 message. The first part contains a version number and a community name. The second part contains the actual SNMP protocol data unit (PDU) specifying the operation to be performed All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 71 Currently, some Prestige models support SNMPv1 that allows the Prestige to communicate with SNMPv1 NMSs. For SNMPv1 operation, ZyXEL allows one community string so that the Prestige can only belong to one community and allows trap messages to be sent to only one NMS manager.
  • Page 72 And traps with the message "System reboot by user !" will be sent. (ii) For fatal error : System has to reboot due to unrecoverable errors. Traps with the error codes will be sent. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 73 The SNMP related settings in Prestige are configured in SMT Menu 22 - SNMP Configuration. The configuration procedure is described next. Menu 22 - SNMP Configuration SNMP: Get Community= public Set Community= public Trusted Host= 192.168.1.33 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 74: Using Syslog

    Prestige will not send traps to any NMS manager. Using syslog 4. Prestige Setup Menu 24.3.2 - System Maintenance - UNIX Syslog and Accounting UNIX Syslog: Active= Syslog IP Address= Log Facility= Local 1 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes 192.168.1.33...
  • Page 75 Internet domain socket with the syslog service. The default setting is NOT enabled. 2. Add the following line at the end of the local1.* /var/log/zyxel.log Where /var/log/zyxel.log is the full path of the log file. 3. Restart syslogd. • CDR log(call messages) Format: sdcmdSyslogSend( SYSLOG_CDR, SYSLOG_INFO, String );...
  • Page 76 Feb 14 16:57:17 192.168.1.1 ZyXEL Communications Corp.: board 0 line 0 channel 0, call 18, C01 Incoming Call OK Feb 14 17:07:18 192.168.1.1 ZyXEL Communications Corp.: board 0 line 0 channel 0, call 18, C02 Call Terminated • Packet triggered log Format: sdcmdSyslogSend( SYSLOG_PKTTRI, SYSLOG_NOTICE, String );...
  • Page 77 Protocol (TCP,UDP,ICMP) spo: Source port dpo: Destination port Example: Jul 19 14:44:09 192.168.1.1 ZyXEL Communications Corp.: IP[Src=202.132.154.1 Dst=192.168.1.33 UDP spo=0035 dpo=05d4]}S03>R01mF Jul 19 14:44:13 192.168.1.1 ZyXEL Communications Corp.: IP[Src=192.168.1.33 Dst=202.132.154.1 ICMP]}S03>R01mF • PPP Log Format: sdcmdSyslogSend( SYSLOG_PPPLOG, SYSLOG_NOTICE, String );...

  • Page 78: Using Ip Alias

    When you enable DHCP server on the Prestige, you can configure the client address pool for any of the networks. Copyright (c) 1994 - 2004 ZyXEL Communications Corp. ras> ip ro st...
  • Page 79 TCP/IP and DHCP Setup If the Prestige's DHCP server is enabled, configure the client address pool for any of the DHCP Setup three logical networks. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes 041b 0 192.168.1.33...

  • Page 80: Using Call Scheduling

    Select Yes and enter the LAN IP address for the third logical network on the Prestige. IP Alias 2 This will create the third route entry on the enif0:1 interface. Using Call Scheduling 1. What is Call Scheduling ? All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes 255.255.255.0 255.255.255.0...
  • Page 81 Force On, Force Down, Enable Dial On-Demand or Disable Dial-On-Demand for the connection to the remote node. • SMT Menu for Call Scheduling 1. Configure schedule set settings in menu 26: Copyright (c) 1994 - 2006 ZyXEL Communications Corp. P-2608HWL- D1 Main Menu Getting Started 1. General Setup 2. WAN Backup Setup 3.
  • Page 82 Friday= N/A Saturday= N/A Start Time(hh:mm)= 12 : 00 Duration(hh:mm)= 16 : 00 Action= Enable Dial-on-demand All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes ------ ----------------- 7 _______________ 8 _______________ 9 _______________ 10 _______________ 11 _______________...
  • Page 83 In this case, schedule set 1 has the highest priority and its settings replace the settings of schedule set 2. Likewise, schedule 2 settings applied will over-write settings applied in schedule 3 and so on. Menu 11.1 - Remote Node Profile All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 84 Prestige is able to obtain the current time, date and the time zone information from the external time server. Menu 24.10 - System Maintenance - Time and Date Setting Use Time Server when Bootup= Time Server IP Address= 202.132.154.1 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Route= IP Edit IP= No Telco Option:...

  • Page 85: Using Ip Multicast

    The Prestige then updates the information through periodic queries. The Prestige supports IGMP versions 1 and 2. You can enable/disable multicast setting on the Ethernet interface or to the remote node. • IP Multicast Setup All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 86 Metric= 2 Private= No RIP Direction= None Version= RIP-2B Multicast= IGMP-v2 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Menu 3.2 - TCP/IP and DHCP Setup TCP/IP Setup: IP Address= 192.168.1.1 IP Subnet Mask= 255.255.255.0 RIP Direction= None...

  • Page 87: Using Traffic Redirect

    Set up the backup gateway device in the LAN network behind the Prestige as shown in the example figure below. Traffic Redirect on LAN port • Traffic Redirect Setup All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 88 Check WAN IP Address fields without getting a response before switching to a WAN backup connection (or a different WAN backup connection). When the Prestige is using a lower priority connection (usually a WAN backup connection), it periodically Recovery All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes DSL Link...

  • Page 89: Using Universal Plug N Play (Upnp)

    Click Back to return to the previous screen. Apply Click Apply to save the changes. Cancel Click Cancel to begin configuring this screen afresh. Using Universal Plug n Play (UPnP) • 1. What is UPnP All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 90 (in this case, a laptop) to a network, the device may ask the network to find UPnP-enabled devices. These devices respond with their URLs and device descriptions. UPnP Operations All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 91 2. Using UPnP in ZyXEL devices In this example, we will introduce how to enable UPnP in ZyXEL devices. Currently, Microsoft MSN is the most popular application that uses UPnP, so we will use Microsoft MSN application as an example. From this example, you will also learn how MSN benefits from the NAT traversal feature in UPnP.
  • Page 92 1. Enable the UPnP function in a ZyXEL device To enable UPnP on a ZyXEL device, log into the web management interface and click Advanced->UPnP. Then select the Active UPnP feature and Allow users to make configuration changes through UPnP check boxes.
  • Page 93 2. After the dynamic port mapping is created and that your computer has obtained an IP address from the Prestige, you can launch the MSN application and connect to the MSN server. 3. After a successful sign-in, you can start a video conversation with another MSN user. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 94 P-2608HWL Series Support Notes 4. The remote MSN user can select Accept to allow your conversation request. 5. Finally, you and the remote MSN user can start the video conversation. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 95: Wireless Application Notes

    IEEE 802.11b/Wi-Fi client. In infrastructure mode, the wireless client can associate with an IEEE 802.11b/Wi-Fi Access Point in order to communicate with other wireless clients that also connect to the same AP in infrastructure mode. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 96 Channel ID= CH06 2437MHz RTS Threshold= 2432 Frag. Threshold= 2432 WEP= Disable Default Key= N/A Key1= N/A Key2= N/A Key3= N/A Key4= N/A Edit MAC Address Filter= No All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 97 1. From the web configurator main menu, click Network >Wireless LAN to display the Wireless Setup screen. 3. Configure the wireless setting on the Prestige and select the Active wireless LAN check box. 4. Click Apply to make the changes take effect. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 98 • Configuring the Wireless Client Follow the steps below to configure a wireless client (such as ZyXEL's B-100, B-200 or B-300 wireless client adaptor) to connect to the Prestige. 1. Double-click on the ZyXEL wireless utility icon in your windows task bar to display the utility screen.
  • Page 99 P-2608HWL Series Support Notes 5. Double-click on the AP you want to associate with. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 100: Wireless Mac Address Filtering

    You can use the MAC Filter feature to restrict unauthorized wireless clients from accessing to the AP. With this feature, ZyXEL APs are able to check the MAC address of a wireless client before allowing it to connect to the network.
  • Page 101 Allow or block association from MAC addresses contained in this list. If Allow Association Filter Action is selected in this field, hosts with MAC addresses configured in this list will be allowed to All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes 00:00:00:00:00:00...
  • Page 102 4. Specify the Filter Action to allow or deny association from wireless clients with the listed MAC addresses. 5. Enter the MAC addresses of the wireless clients you want to allow or block associations from. 6. Click Apply to save the settings. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 103: Wep (Wired Equivalent Privacy)

    The standard does not discuss how the shared key is established. In practice, most implementations use a single key that is shared between all wireless clients and access points. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 104 40-bit and 104-bit. The reason for the different term used is that the 40/104-bit WEP key is concatenated with the initialization vector (24 bits) resulting in a total key size of 64/128 bits. Setting up the Access Point All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 105 128-bit WEP key (secret key) with 13 characters 128-bit WEP key (secret key) with 26 hexadecimal digits You can configure the WEP keys on a ZyXEL AP using the SMT or the web configurator. • WEP Key Configuration on the Access Point Using the SMT Set up the WEP keys in SMT Menu 3.5 –...
  • Page 106 64-bit WEP with 10 hexadecimal digits ('0-9', 'A-F') 128-bit WEP with 13 characters 128-bit WEP with 26 hexadecimal digits ('0-9', 'A-F') All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Example Key1= 2e3f4 Key2= 5y7js Key3= 24fg7...
  • Page 107 Similarly when the wireless client encrypts data with Key 2 and sends the encrypted data to the access point, the access point will use its Key 2 to decrypt the received data. • WEP Key Configuration on the Access Point Using the Web Configurator All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 108 Enter exactly 5, 13 or 29 characters for the 40/64bit, 128-bit, 256-bit WEP keys respectively. WEP Key Configuration on the Wireless Client 1. Double-click on the ZyXEL utility icon in the system tray or right-click on the utility icon and select 'Show Config Utility'.
  • Page 109 Select the same encryption type as the access point. Configure the same four WEP keys as the access point. Select a WEP key as the default key to use for data encryption in the wireless LAN. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 110 P-2608HWL Series Support Notes All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 111: Site Survey

    Concrete walls, buildings, and natural obstacles reduce wireless signal quality and increase attenuation. These result in irregular FR coverage patterns. With the Site survey feature, you can easily detect wireless devices within transmission range. Preparation All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 112 3. Use a notebook with a wireless client adapter installed, run the site survey utility and walk around the AP. The site survey should detect and display wireless information such as connection speed, current used channel, associated rate, link quality, signal strength, etc.. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 113 4. It's always a good idea to start with putting the AP at one corner of the room and walk away from the AP. Record down the changes at the point where the transfer rate drops dramatically and also the link quality and signal strength information on the diagram as you go alone. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 114 7. The markings determine how many APs you need to provide full wireless coverage in the area. 8. Repeat steps 1~6 for any rooms in the location. Once completed, you should have a complete wireless network mapping as shown in the example figure below. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 115: Pstn Lifeline Application Notes

    Furthermore, when power to the Prestige is cut during natural disasters (such as earthquake or hurricane), it automatically switch to use the PSTN line for phone calls without you having to enter the prefix number. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 116: Lifeline Configuration

    In other words, numbers which specify on this field do not need to dial prefix number to be dialed out. However, these numbers must be for phones on the PSTN (not VOIP phones) and currently, P2608HWL Series support up to nine entries under this field. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 117: How To Connect Lifeline And Dsl Connection

    3. Connect the DSL cable to the splitter modem jack or ADSL line 4. Connect the splitter jack where it labels Line to ADSL line from the ISP. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 118: Voip Application Notes

    SIP handles telephone calls and can interface with traditional circuit-switched telephone networks. The Prestige supports up to eight SIP accounts simultaneously. Follow the procedure below to configure SIP accounts. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Figure 2 Splitterless type...
  • Page 119 Your ISP should provide you with the account information. Step 5. Under Authentication, enter the account user name and password exactly as given by your ISP. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 120 If you were not given a register server address, then enter the address from the SIP Server Address field again here. REGISTER Enter the SIP register server’s listening port for SIP in this field. Server Port All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 121: Peer To Peer Call

    Apply Click Apply to save your changes back to the Prestige. Reset Click Reset to begin configuring this screen afresh. Peer to Peer call Topology All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 122 (2) Make a call using the caller's SIP number You need to configure the your SIP number and specify the address of the caller, SIP server, SIP proxy, Domain server in the VoIP configuration screen. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 123 P-2608HWL Series Support Notes Setup--- Configuring SIP / VoIP related settings in device A All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 124 2. Enter the IP address of device B as the SIP server address, Register server address (as shown in this example). 3. Set up the speed dial. Enter the information of device B in the column. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 125 P-2608HWL Series Support Notes Setup--- Configuring SIP / VoIP related settings in device B All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 126: Phone Port Settings

    Prestige allows you to configure the volume and echo cancellation setting for each individual phone port. Analog Phone Configuration Outgoing Call Use - You can set the Prestige to use the analog phone for the selected SIP account(s) for outgoing calls. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 127 SIP1 number from a remote end, all of your analog phone will ring. You can configure the ring/speaker volume and the echo cancellation settings for each phone port. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 128 Use this field to set the loudness that the Prestige uses for the speech signal Listening that it receives from the peer device and sends to your phone. -1 is the Volume quietest and 1 is the loudest. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 129 Prestige to wait after the last input on the telephone’s keypad before dialing (making) a call. Apply Click Apply to save your changes back to the Prestige. Reset Click Reset to begin configuring this screen afresh. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 130: Configuring Advanced Voice Settings

    In the web configurator, click VoIP > SIP to open the SIP Settings screen. Select a SIP account to configure and then click Advanced Settings to display the following screen. Use this screen to change SIP server, RTP port range, preferred compression type (codec), DTMF type and Message Waiting Indication (MWI) settings. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 131 Use this field to configure the Prestige’s listening port range for RTP traffic. Leave these fields set to the defaults if you were not given a range of RTP ports to use. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 132: Speed Dial Phone Book

    Click Apply to save your changes back to the Prestige. Speed dial Phone book You can configure up to 10 SIP phone number in the Prestige's phone book for speed dialing. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 133 Then select Use Proxy or select Non Proxy and enter the static IP address or URL of the remote peer. Step 6. Click Add to save the entry to the phone book. The table below describes the fields in this screen. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 134 Add New Entry section of the screen where you can edit it. Click this button to remove all of the entries from the speed dial phonebook. Clear All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 135: Voice - Qos Setup

    Type the VLAN ID (VID) from 1 to 4095 for the Prestige to add to voice Ethernet frames that it sends out. Disable VLAN tagging if the Prestige does not need to be a member of a All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 136: Call Forwarding Setup

    SIP accounts. Unconditional Forward to Number Enable this feature to have the Prestige forward incoming calls to the number that you configure. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 137 Enable this feature to have the Prestige forward incoming calls to the Forward to number that you configure whenever you do not answer the call after a Number specific time period. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 138 Select Block to have the Prestige reject calls from the number specified in the call forwarding entry. Select Accept to have the Prestige allow calls from the number specified in the Incoming Call Number field. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 139: Voice - Common Settings

    These numbers must be for phones on the PSTN (not VoIP phones). Use this field to set how the Prestige handles supplementary phone services Call Service (call hold, call waiting, call transfer and three-way conference calls). Select Mode All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 140: Group Ring

    Below are the screenshots to explain the usage of this particular feature. 1. Test the ring before configure the group ring function All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes services from your voice service provider.
  • Page 141 P-2608HWL Series Support Notes 2. Select the ring under each group.(We predefined four different group – Family, Friends, Workmate and VIP). Item “--"means the default ring which differs for each country All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 142 3. Fill in the table to configure the group ring. “Name"field means the name of the caller. “TEL" field is the caller's phone number. Then select the distinctive ring by selecting the “Group" item. Finally, mark the “Enable" item to make this entry valid. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 143 P-2608HWL Series Support Notes 4. Save the settings by clicking “Apply” button. If you want to return to the original setting, click on “Reset” button. All contents copyright (c) 2005 ZyXEL Communications Corporation.
  • Page 144 P-2608HWL Series Support Notes All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 145: Zynos Faq

    ZyNOS FAQ What is ZyNOS? ZyNOS is ZyXEL's proprietary Network Operating System. It is the platform on all Prestige routers that delivers network services and applications. It is designed in a modular fashion so it is easy for developers to add new features.

  • Page 146: How Do I Upgrade/Back Up The Firmware Using An Ftp Client Program Through The Lan

    Follow the procedure below to back up the configuration file from the device via the web configurator. a. Log on into the web configurator. b. In the navigation panel, click MAINTENANCE. c. Click the Configuration tab. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 147: How Do I Back Up/Restore Configurations Using An Ftp Client Program Through The Lan

    When SUA is enabled on the Prestige and a packet is received from a local client destined for the outside Internet, the Prestige replaces the source address in the IP packet header with its WAN IP address and the All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 148: What Is The Difference Between Nat And Sua

    The goal of ZyXEL's SUA design is to minimize the Internet access cost in a small office environment by using a single IP address to represent multiple hosts on the LAN. It does more than IP address translation, so that multiple hosts on the LAN can access the Internet at the same time.

  • Page 149: Why Can't I Configure Device Filters Or Protocol Filters

    PPPoE (Point-to-Point Protocol over Ethernet) is an IETF draft standard specifying how a computer interacts with a broadband modem (such as xDSL, cable, wireless, etc.) to access the high-speed data networks via a PPP All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 150: Does The Prestige Support Pppoe

    What network interface types does the Prestige have? The Prestige comes with a 10/100M Ethernet interface to connect to your LAN computer or hub/switch and one 10/100M ADSL interface to the ISP. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 151: What Can We Do With Prestige

    Therefore, to make a local server accessible to the outside users, you must enter the port number and the inside IP address of the server in SMT Menu 15 - SUA Server Setup. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 152: What Dhcp Capability Does The Prestige Support

    ISP, etc. Depending on your computer, data process speed varies and few computers can achieve data processing rates at up to 30 Mbps. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 153: What Is Multi-Nat

    RFC 1631, and we call this feature as 'Multi-NAT'. For more information on IP address translation, refer to The IP Network Address Translator (NAT) RFC 1631, All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes 註解 [user1]: Is this still true?

  • Page 154: When Do I Need Multi-Nat

    In Many-to-One mode, the Prestige maps multiple ILAs to one IGA. This is equivalent to SUA (also known as PAT, port address translation), ZyXEL's Single User Account (SUA) feature that routers using older ZyNOS versions supported (similar to the SUA-only option on routers with ZyNOS 3.40 or later).

  • Page 155: What Is The Difference Between Sua And Multi-Nat

    Set in SMT menu 15.1 is a convenient, pre-configured, read-only, Many-to-One mapping set, which is sufficient for most purposes and helpful to people already familiar with SUA in the previous ZyNOS versions. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 156: What Is Bootp/Dhcp

    IP is dynamic which changes. With DDNS supported on the Prestige, you use a DNS name (e.g., www.zyxel.com.tw) supplied by the DDNS service provider to your server (e.g., Web server). Outside users can always access the web server at www.zyxel.com.tw regardless of whether the WAN IP on the Prestige is dynamic or static.

  • Page 157: What Is Ddns Wildcard

    P2608HW is a SIP-based VoIP/analog telephone adapter. It allows you to send voice signals over the Internet (known as VoIP) using the SIP protocol which is an internationally recognized standard for VoIP technology. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 158: What Is The Lifeline Feature

    Voice over IP (VoIP) is an emerging technology based on the open IEEE standards. VoIP refers to the transmission of voice data over the Internet. Various protocols are available for voice transport. The most commonly used are SIP and H.323. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 159: How Does Voice Over Ip Work

    Internet, or IP. Whereas H.323 emerged around 1996, and as an International Telecommunication Union standard, it was designed from a telecommunications perspective. Both standards have the same objective - to enable voice and multimedia convergence with IP protocols. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 160: Can H.323 And Sip Interoperate With One Another

    What codec types does the Prestige support? The Prestige supports the following commonly used codecs. • G.729 voice codec • G.711u-law voice codec • G.711a-law voice codec All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 161: Which Codec Should I Choose

    NOT recommended that you install a NAT router in front of the Prestige as this may cause unexpected problems. If you still want to install a NAT router, use a VoIP ATA (VoIP Analog Telephone Adapter), such as the Prestige ATA series, instead. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 162: I Can Register To The Sip Server But Cannot Establish A Call

    In this case, contact your local service provider for support. If they cannot solve your problem, they will send your problem to the ZyXEL global technical support center. help out the problem they will escalate your problem to ZyXEL tech center.

  • Page 163: Firewall Faq

    Refer to the troubleshooting section in the user’s guide for basic hardware troubleshooting and diagnostic tips. If the hardware problem persists after you have followed the User’s Guide to remedy the problem, contact your ZyXEL local vendor and send the device in for service (with an RMA number). Firewall FAQ What is a network firewall? A firewall is a system or group of systems that enforces an access-control policy between two networks.

  • Page 164: What Advantages Does The Prestige Firewall Provide

    Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources. There are four types of DoS attacks: 1. Those that exploits bugs in a TCP/IP implementation such as Ping of Death and Teardrop. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 165: What Is A Ping Of Death Attack

    A Smurf hacker flood a destination IP address of each packet using the broadcast address of the network. Thus the router will All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 166: What Is An Ip Spoofing Attack

    Block packets from the WAN (outside) that claim to be from the LAN (inside) • Allow everything that is not trying to spoof the Prestige or internal network All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 167: Content Filter Faq

    Can I have multiple policies enabled at different times of the day or week? Yes. However, the ZyWALL device currently allows one schedule during which the policies are enabled. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 168: Ipsec Faq

    P-2608HWL Series Support Notes Can I override (block or allow) certain URLs based on a word ? Yes, You can configure keyword blocking on the ZyXEL device to block access to web sites whose URLs match the specified key words.

  • Page 169: What Are The Most Commonly Used Vpn Protocols

    Traditionally, you have to dial to your ISP to establish a VPN connection. Thus using the ZyXEL device as your VPN gateway, you can greatly reduce your phone bills and still enjoy secure VPN connections to remote sites. 2).Reduces the number of access lines required In the past, most companies pay monthly charges for two types access lines: one high-speed connection for Internet access and one frame relay, ISDN Primary Rate Interface or T1 line to carry data.

  • Page 170: What Secure Protocols Does Ipsec Support

    'Pre-shared' because you have to share it with another party before you can communicate with them over a secure connection. What are the differences between IKE and manual key VPN? The only difference between IKE and manual key is how the encryption keys and SPIs are determined. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 171: What Are Local Id And Peer Id

    By default, the Prestige and the remote device use IP as the phase 1 ID type. However, if the remote peer uses DNS or E-mail ID type, you must also set the Prestige to use the same ID type. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 172: When Should I Use Fqdn

    What VPN protocols are supported on the Prestige? All Prestige series support ESP (protocol number 50) and AH (protocol number 51). What VPN encryption types are supported on the Prestige? The Prestige supports 56-bit DES,168-bit 3DES and AES encryption. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 173: What Vpn Authentication Types Does The Prestige Support

    If it is a dynamic IP given by your ISP, you can still configure this IP address after the remote Prestige is online and its WAN IP is available from the ISP. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 174: Does The Prestige Support Dynamic Secure Gateway Ip

    KAME IPSec for UNIX • Nortel IPSec for UNIX • Intel VPN, v. 6.90 • FreeS/WAN for Linux • SSH Remote ISAKMP Testing Page, (http://isakmp-test.ssh.fi/cgi-bin/nph-isakmp-test) • Windows 2000, Windows XP IPSec All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...

  • Page 175: Will Zyxel Support Secure Remote Management

    Phase 1 ID can be configured in the VPN setup screen as follows. Note that you configure the same settings either in the web configurator or SMT. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Supported IPSec Protocol...

  • Page 176: If I Have A Nat Router Between Two Vpn Gateways, And I Would Like To Use Ip Type As Phase 1 Id, What Information Do I Need

    If I have a NAT router between two VPN gateways, and I would like to use IP type as Phase 1 ID, what information do I need? The following shows a typical network setup. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 177: How Can I Keep A Tunnel Alive

    Configure Firewall forwarding in the web configurator. Click Setup > Firewall, select WAN to LAN Packet Direction and create a firewall rule the forwards IKE(UDP:500) traffic. Can the Prestige work as a NAT router with IPSec passthrough and an IPSec gateway at All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 178: Wireless Faq

    Reduced Cost-of-Ownership: While the initial investment required for wireless LAN hardware can be higher than the cost of wired LAN hardware, overall installation expenses and life-cycle costs can be significantly lower. Long-term All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 179: What Are The Disadvantages Of Wireless Lans

    LAN devices can communicate to each other. IEEE 802.11 provides 1 or 2 Mbps transmission speeds in the 2.4 GHz ISM band using either FHSS or DSSS. What is IEEE 802.11b ? All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 180: How Fast Is Ieee 802.11B

    Yes. As long as the products comply with the IEEE 802.11 standard. The Wi-Fi logo indicates an IEEE 802.11b compatible product. Wi-Fi5 is a compatibility standard for IEEE 802.11a products operating in the 5GHz band. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 181: What Is Wi-Fi

    What factors may cause interference among WLAN products ? Factors of interference: 1. Obstacles: walls, ceilings, furniture… etc. 2. Building Materials: metal door, aluminum studs. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 182: What's The Difference Between A Wlan And A Wwan

    This depends on the surrounding terrain, the diameter of the client population, and the number of clients. If an area is large with dispersed pockets of populations, then extension points can be used for extending coverage. What is the Direct-Sequence Spread Spectrum (DSSS) Technology ? All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 183: What Is The Frequency-Hopping Spread Spectrum (Fhss) Technology

    ESSID stands for Extended Service Set Identifier and it identifies the wireless LAN. The ESSID of a mobile device must match the ESSID of the AP to communicate with the AP. The ESSID is a 32-character All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 184: How Do I Secure Data Transmitted To/From An Access Point Over The Wireless Connection

    This means that a wireless client using a 128-bit WEP key cannot communicate with a peer wireless client who is using a 64-bit or 256-bit WEP. Although a 128-bit WEP key also uses a 24-bit Initialization Vector, it uses a 104-bit secret key. All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 185: Can The Ssid Be Encrypted

    This is the optional authentication method that involves a more rigorous exchange of frames, ensuring that the requesting station is authentic. For a station to use shared key authentication, it must implement All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 186: Allowed And Authentication Required

    What is WPA? WPA (Wi-Fi Protected Access) is a subset of the IEEE 802.11i security specification draft. difference between WPA and WEP are user authentication and improve data encryption. What is WPA-PSK? All contents copyright (c) 2005 ZyXEL Communications Corporation.

  • Page 187: Troubleshooting

    1. Online Trace--display the trace real time on screen 2. Offline Trace--capture the trace first and display later The following details the trace commands in SMT menu 24.8. Online Trace All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 188 LAN Frame: ENET0-RECV Size: 62/ 62 Frame Type: TCP 192.168.1.2:1116->192.31.7.130:80 Ethernet Header: Destination MAC Addr = 00A0C5921311 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes & sys trcl sw on sys trcd parse Time: 12089.790 sec...
  • Page 189 0010: 00 30 33 0B 40 00 80 06-3E 71 C0 A8 01 02 C0 1F .03.@...>q... 0020: 07 82 04 5C 00 50 00 BD-15 A7 00 00 00 00 70 02 ...\.P...p. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 190 = 0x00BD15A8 (12391848) Header Length = 24 Flags = 0x12 (.A..S.) Window Size = 0xFAF0 (64240) Checksum = 0xF877 (63607) Urgent Ptr = 0x0000 (0) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Time: 12090.020 sec...
  • Page 191 = 0xC0A80102 (192.168.1.2) Destination IP = 0xC01F0782 (192.31.7.130) TCP Header: Source Port = 0x045C (1116) Destination Port = 0x0050 (80) Sequence Number = 0x00BD15A8 (12391848) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes ...w... Time: 12090.210 sec...
  • Page 192 12367.680 ENET1-R[0070] UDP 202.132.155.95:520->202.132.155.255:520 12370.980 ENET1-T[0062] TCP 202.132.155.97:10261->192.31.7.130:80 12373.940 ENET1-T[0062] TCP 202.132.155.97:10261->192.31.7.130:80 12374.930 ENET1-R[0064] TCP 192.31.7.130:80->202.132.155.97:10261 12374.940 ENET1-T[0054] TCP 202.132.155.97:10261->192.31.7.130:80 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes "8... & sys trcl sw on sys trcd parse...
  • Page 193 = 0x281E (10270) Sequence Number = 0xD3E95985 (3555285381) Ack Number = 0x00C18F63 (12685155) Header Length = 20 Flags = 0x19 (.AP..F) Window Size = 0xFAF0 (64240) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Time: 12387.260 sec...
  • Page 194 = 0x7A0C (31244) Flags = 0x02 Fragment Offset = 0x00 Time to Live = 0x7F (127) Protocol = 0x06 (TCP) Header Checksum = 0x543C (21564) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes .*L/../... Time: 12387.490 sec...
  • Page 195 IP Version Header Length = 20 Type of Service = 0x00 (0) Total Length = 0x0028 (40) Identification = 0x7B0C (31500) Flags = 0x02 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes ..z... Time: 12387.490 sec...
  • Page 196 0020: 07 82 28 1E 00 50 00 C1-8F 63 D3 E9 5D E9 50 11 ..(..P...c..].P. 0030: 1D D5 7A 11 00 00 Prestige> Offline Trace 1. Trace LAN packet 2. Trace WAN packet 1. Trace LAN packet All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes ..z...
  • Page 197 Prestige> sys trcp parse 5 5 ---<0005>---------------------------------------------------------------- LAN Frame: ENET0-XMIT Size: 58/ 58 Frame Type: TCP 192.31.7.130:80->192.168.1.2:1103 Ethernet Header: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes & sys trcl sw on & sys trcl sw off...
  • Page 198 0000: 00 80 C8 4C EA 63 00 A0-C5 92 13 11 08 00 45 00 ...L.c...E. 0010: 00 2C 7F 02 40 00 ED 06-85 7D C0 1F 07 82 C0 A8 .,..@...}... All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 199 Frame Type: TCP 204.217.0.2:80->202.132.155.97:10278 Ethernet Header: Destination MAC Addr = 00A0C5921312 Source MAC Addr = 00A0C5591284 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes & sys trcl sw on & sys trcl sw off Time: 12865.120 sec...
  • Page 200 0000: 00 A0 C5 92 13 12 00 A0-C5 59 12 84 08 00 45 00 ...Y...E. 0010: 00 E5 E9 3B 40 00 F0 06-6E 15 CC D9 00 02 CA 84 ...;@...n... All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Modified..Date:...
  • Page 201 = 0x0050 (80) Sequence Number = 0x00C8C015 (13156373) Ack Number = 0x4D713E47 (1299267143) Header Length = 20 Flags = 0x18 (.AP...) Window Size = 0x1E87 (7815) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Time: 12865.130 sec...

  • Page 202: Debugging Pppoe Connection

    4. Type the following commands: sys trcp sw on (turn on packet trace) sys errctl 3 (save crash information and make system to enter the debug mode after the crash) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes oftimes.gi...
  • Page 203 1 type 1 code x09 sess-id 0 len 12(x000C) ### Hit any key to continue.### $$$ DIALING dev=6 ch=0... poeI/C: ver 1 type 1 code x07 sessId x0000 len 274(x0112) poeCtrlI/C: pkt len 274 poeGetTags() All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 204 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2b ...b...f...j...n e5bdc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2b ...b...f...j...n All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 205 (Compressed) Version: RAS P2608HWL, start: bfc58030 Length: 3DB3EC, Checksum: 9AA9 Compressed Length: 12AC58, Checksum: DC06 Copyright (c) 1994 - 2004 ZyXEL Communications Corp. initialize ch = 0, ethernet address: 00:a0:c5:d1:78:e9 Wan Channel init ... done ... done VC5402 Init...OK Press ENTER to continue...
  • Page 206 1.4 Display brief online trace results online : 1.5 Display detailed online trace results online : Example: All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes & sys trcl sw on sys trcd brief...
  • Page 207 Total Length = 0x0030 (48) Identification = 0x330B (13067) Flags = 0x02 Fragment Offset = 0x00 Time to Live = 0x80 (128) Protocol = 0x06 (TCP) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Time: 12089.790 sec...
  • Page 208 = 0080C84CEA63 Source MAC Addr = 00A0C5921311 Network Type = 0x0800 (TCP/IP) IP Header: IP Version Header Length = 20 Type of Service = 0x00 (0) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes Time: 12090.020 sec...
  • Page 209 0030: FA F0 F8 77 00 00 02 04-05 B4 ---<0002>---------------------------------------------------------------- LAN Frame: ENET0-RECV Size: 60/ 60 Frame Type: TCP 192.168.1.2:1116->192.31.7.130:80 Ethernet Header: Destination MAC Addr = 00A0C5921311 Source MAC Addr = 0080C84CEA63 All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes ...w... Time: 12090.210 sec...
  • Page 210 0010: 00 28 35 0B 40 00 80 06-3C 79 C0 A8 01 02 C0 1F .(5.@...<y... 0020: 07 82 04 5C 00 50 00 BD-15 A8 4A D1 B5 80 50 10 ...\.P...J...P. All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes...
  • Page 211 = 20 Type of Service = 0x00 (0) Total Length = 0x048B (1163) Identification = 0xB139 (45369) All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes "8... & sys trcl sw on sys trcd brief sys trcd parse...
  • Page 212 0040: A5 3C 2B 59 E2 78 A7 98-8F 3F A9 09 E4 0F 26 14 .<+Y.x...?...&. 0050: 9C 58 3E 95 3E E7 FC 2A-4C 2F FB BE 2F FE EF D0 .X>.>..*L/../... Offline Trace All contents copyright (c) 2005 ZyXEL Communications Corporation. P-2608HWL Series Support Notes .*L/../...

  • Page 213: Cli Command List

    1.6 Display brief trace results : sys trcp parse <from_index> <to_index> 1.7 Display specific packet trace results : CLI Command List The most updated CI command list is available in the release notes with every ZyXEL firmware release. Download latest firmware package (*.zip),...

This manual is also suitable for:

P-2608hwl-d3

Table of Contents