Page 1 P-334WT 802.11g Wireless Broadband Router with Firewall User’s Guide Version 3.60 1/2006...
Page 4: Federal Communications Commission (Fcc) Interference Statement
P-334WT User’s Guide Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
Page 5: Safety Warnings
P-334WT User’s Guide Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord. • Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks.
Page 6: Zyxel Limited Warranty
P-334WT User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During...
Page 7: Customer Support
P-334WT User’s Guide Customer Support Please have the following information ready when you contact customer support. • Product model and serial number. • Warranty Information. • Date that you received your device. • Brief description of the problem and the steps you took to solve it.
Page 8 P-334WT User’s Guide METHOD SUPPORT E-MAIL TELEPHONE WEB SITE REGULAR MAIL SALES E-MAIL FTP SITE LOCATION info@pl.zyxel.com +48-22-5286603 www.pl.zyxel.com ZyXEL Communications ul.Emilli Plater 53 POLAND +48-22-5206701 00-113 Warszawa Poland http://zyxel.ru/support +7-095-542-89-29 www.zyxel.ru ZyXEL Russia Ostrovityanova 37a Str. RUSSIA sales@zyxel.ru +7-095-542-89-25...
Page 9: Table Of Contents
P-334WT User’s Guide Table of Contents Copyright ........................3 Federal Communications Commission (FCC) Interference Statement ....4 Safety Warnings ....................... 5 ZyXEL Limited Warranty..................6 Customer Support....................7 Table of Contents ..................... 9 Preface ........................37 Chapter 1 Getting to Know Your Prestige ................39 1.1 Prestige Overview ....................39...
Page 10 P-334WT User’s Guide 2.4.7 Summary: Packet Statistics ...............60 2.4.8 Summary: Port Isolation ................61 2.4.9 Summary: Wireless Station Status ............62 2.4.9.1 WMM QoS ..................62 Chapter 3 Connection Wizard....................65 3.1 Wizard Setup ......................65 3.2 Connection Wizard: STEP 1: System Information ..........66 3.2.1 System Name ...................66...
Page 11 P-334WT User’s Guide 4.4.4 Introduction to WPA and WPA2 ..............89 4.4.5 WPA(2)-PSK Application Example ............89 4.4.6 WPA-PSK/WPA2-PSK Authentication Screen ..........89 4.4.7 Wireless Client WPA Supplicants .............91 4.4.8 WPA(2) with RADIUS Application Example ..........91 4.4.9 WPA/WPA2 Authentication Screen ............92 4.4.10 IEEE 802.1x Overview ................94 4.4.11 IEEE 802.1x and Dynamic WEP Key Exchange ........94...
Page 12 P-334WT User’s Guide 6.2.3 RIP Setup ....................124 6.2.4 Multicast ....................124 6.3 Any IP .......................125 6.3.1 How Any IP Works ..................126 6.4 IP Screen ......................126 6.5 LAN IP Alias ....................127 6.6 Advanced LAN Screen ..................128 Chapter 7 DHCP Server ......................131 7.1 DHCP .......................131...
Page 13 P-334WT User’s Guide 9.1.4 Guidelines For Enhancing Security With Your Firewall ......148 9.2 General Firewall Screen ...................148 9.3 Services Screen ....................149 Chapter 10 Content Filtering ....................153 10.1 Introduction to Content Filtering ..............153 10.2 Restrict Web Features ...................153 10.3 Days and Times .....................153 10.4 Filter Screen ....................153...
Page 14 P-334WT User’s Guide 12.4.1 Dynamic Secure Gateway Address ............167 12.5 VPN Summary Screen ...................167 12.6 Keep Alive ......................168 12.7 NAT Traversal ....................169 12.7.1 NAT Traversal Configuration ..............169 12.7.2 Remote DNS Server ................169 12.8 ID Type and Content ..................170 12.8.1 ID Type and Content Examples ............171 12.9 Pre-Shared Key ....................172...
Page 15 P-334WT User’s Guide 13.4.7 Configuring the User List in Per-User Mode .........210 13.4.8 Content Blocking Categories ..............211 13.5 Port Isolation ....................212 Chapter 14 Static Route Screens ................... 215 14.1 Static Route Overview ..................215 14.2 IP Static Route Screen ...................215 14.2.1 Static Route Setup Screen ..............216 Chapter 15 Bandwidth Management ..................
Page 16 P-334WT User’s Guide Chapter 17 UPnP........................241 17.1 Universal Plug and Play Overview ..............241 17.1.1 How Do I Know If I'm Using UPnP? ............241 17.1.2 NAT Traversal ..................241 17.1.3 Cautions with UPnP ................241 17.2 UPnP and ZyXEL ...................242 17.3 UPnP Screen ....................242 17.4 Installing UPnP in Windows Example ............243...
Page 17 P-334WT User’s Guide 21.1.2 Entering Password ................267 21.1.3 Prestige SMT Menu Overview ..............268 21.2 Navigating the SMT Interface .................269 21.2.1 System Management Terminal Interface Summary ......271 21.3 Changing the System Password ..............271 Chapter 22 Menu 1 General Setup ..................273 22.1 General Setup ....................273...
Page 18 P-334WT User’s Guide 26.2.3 PPTP Encapsulation ................294 26.3 Edit IP ......................295 26.4 Remote Node Filter ..................297 26.4.1 Traffic Redirect Setup ................298 Chapter 27 Static Route Setup ....................301 27.1 IP Static Route Setup ..................301 Chapter 28 Network Address Translation (NAT) ..............303 28.1 Using NAT ......................303...
Page 19 P-334WT User’s Guide 30.6 Applying a Filter ....................333 30.6.1 Applying LAN Filters ................333 30.6.2 Applying Remote Node Filters ..............334 Chapter 31 SNMP Configuration .................... 335 31.1 About SNMP ....................335 31.2 Supported MIBs ....................336 31.3 SNMP Configuration ..................336 31.4 SNMP Traps ....................337 Chapter 32 System Security ....................
Page 20 P-334WT User’s Guide 34.2.5 TFTP and FTP over WAN Management Limitations ......358 34.2.6 Backup Configuration Using TFTP ............358 34.2.7 TFTP Command Example ..............358 34.2.8 GUI-based TFTP Clients ..............359 34.3 Restore Configuration ..................359 34.3.1 Restore Using FTP ................359 34.3.2 Restore Using FTP Session Example ..........360 34.4 Uploading Firmware and Configuration Files ..........361...
Page 21 P-334WT User’s Guide Chapter 39 SA Monitor ......................387 39.1 SA Monitor Overview ..................387 39.2 Using SA Monitor ...................387 Chapter 40 Troubleshooting ....................389 40.1 Problems Starting Up the Prestige ..............389 40.2 Problems with the LAN ...................389 40.3 Problems with the WAN .................390 40.4 Problems Accessing the Prestige ..............391...
Page 22 P-334WT User’s Guide Table of Contents...
Page 23 Figure 1 Secure Internet Access via Cable, DSL or Wireless Modem ........ 45 Figure 2 VPN Application ....................46 Figure 3 Internet Access Application Example ..............46 Figure 4 P-334WT Front Panel ................... 47 Figure 5 Change Password Screen ..................50 Figure 6 Web Configurator Status Screen ................51 Figure 7 Summary: Any IP Table ..................
Page 24 P-334WT User’s Guide Figure 37 Wireless: WPA-PSK/WPA2-PSK ................. 90 Figure 38 WPA(2) with RADIUS Application Example ............92 Figure 39 Wireless: WPA/WPA2 ..................92 Figure 40 Wireless: 802.1x and Dynamic WEP ..............94 Figure 41 Wireless: 802.1x and Static WEP ............... 96 Figure 42 Wireless: 802.1x ....................
Page 25 P-334WT User’s Guide Figure 80 IPSec Summary Fields ..................167 Figure 81 VPN Summary ....................167 Figure 82 NAT Router Between IPSec Routers ..............169 Figure 83 VPN Host using Intranet DNS Server Example ..........170 Figure 84 Mismatching ID Type and Content Configuration Example ........ 172 Figure 85 VPN Rule Setup ....................
Page 26 P-334WT User’s Guide Figure 123 Telnet Remote Management ................234 Figure 124 FTP Remote Management ................234 Figure 125 SNMP Management Model ................236 Figure 126 SNMP Remote Management ................237 Figure 127 DNS Remote Management ................238 Figure 128 Security Remote Management ................. 239 Figure 129 Configuring UPnP .....................
Page 27 P-334WT User’s Guide Figure 166 Menu 11.5: Remote Node Filter (PPPoE or PPTP Encapsulation) ....298 Figure 167 Menu 11.6: Traffic Redirect Setup ..............298 Figure 168 Menu 12 IP Static Route Setup ................ 301 Figure 169 Menu12.1 Edit IP Static Route ................301 Figure 170 Menu 4: Applying NAT for Internet Access ............
Page 28 P-334WT User’s Guide Figure 209 Menu 23.2 System Security : RADIUS Server ..........340 Figure 210 Menu 23.4 System Security : IEEE802.1x ............341 Figure 211 Menu 24 System Maintenance ................343 Figure 212 Menu 24.1 System Maintenance : Status ............344 Figure 213 Menu 24.2 System Information and Console Port Speed .......
Page 29 P-334WT User’s Guide Figure 252 Java (Sun) ......................400 Figure 253 Internet Options Security .................. 401 Figure 254 Security Setting ActiveX Controls ..............402 Figure 255 WIndows 95/98/Me: Network: Configuration ............. 404 Figure 256 Windows 95/98/Me: TCP/IP Properties: IP Address ......... 405 Figure 257 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ......
Page 30 P-334WT User’s Guide List of Figures...
Page 31 P-334WT User’s Guide List of Tables Table 1 Front Panel LEDs ....................47 Table 2 Status Screen Icon Key ..................51 Table 3 Web Configurator Status Screen ................52 Table 4 Screens Summary ....................53 Table 5 Summary: Any IP Table ..................56 Table 6 Summary: DHCP Table ..................
Page 32 P-334WT User’s Guide Table 37 Advanced ......................103 Table 38 WMM QoS Priorities .................... 105 Table 39 Commonly Used Services ................... 105 Table 40 QoS ........................108 Table 41 Application Priority Configuration ................ 109 Table 42 Ethernet Encapsulation ..................112 Table 43 PPPoE Encapsulation ..................
Page 33 P-334WT User’s Guide Table 80 Settings: Parental Control Screen ............... 207 Table 81 Content Blocking Categories ................211 Table 82 Port Isolation ......................213 Table 83 IP Static Route ..................... 216 Table 84 Static Route Setup ....................217 Table 85 Application and Subnet-based Bandwidth Management Example ...... 220 Table 86 Bandwidth Management Priorities ...............
Page 34 P-334WT User’s Guide Table 123 New Fields in Menu 4 (PPPoE) screen ............. 290 Table 124 Menu 11.1 Remote Node Profile for Ethernet Encapsulation ......292 Table 125 Fields in Menu 11.1 (PPPoE Encapsulation Specific) ........294 Table 126 Menu 11.1 Remote Node Profile for PPTP Encapsulation ........ 295 Table 127 Remote Node Network Layer Options ...............
Page 35 P-334WT User’s Guide Table 166 Troubleshooting Restricted Web Pages and Keyword Blocking ......391 Table 167 Troubleshooting the Password ................392 Table 168 Troubleshooting Telnet ..................392 Table 169 Classes of IP Addresses ................... 419 Table 170 Allowed IP Address Range By Class ..............420 Table 171 “Natural”...
Page 36 P-334WT User’s Guide List of Tables...
Page 37: Preface
Note: Use the web configurator, System Management Terminal (SMT) or command interpreter interface to configure your Prestige. Not all features can be configured through all interfaces. This manual may refer to the P-334WT, 802.11g Wireless Broadband Router with Firewall as the Prestige. About This User's Guide This User’s Guide is designed to guide you through the configuration of your Prestige using...
Page 38 P-334WT User’s Guide Syntax Conventions • “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choice. • The SMT menu titles and labels are in Bold Times New Roman font. Predefined field choices are in Bold Arial font.
Page 39: Getting To Know Your Prestige
The embedded web configurator is easy to operate. In the Prestige product name, “W” denotes wireless functionality. The P-334WT has an embedded mini-PCI module for 802.11g Wireless LAN connectivity. Note: Only use firmware for your Prestige’s specific model.
Page 40: Non-Physical Features
P-334WT User’s Guide 4-Port Switch A combination of switch and router makes your Prestige a cost-effective and viable network solution. You can add up to four computers to the Prestige without the cost of a hub. Add more than four computers to your LAN by using a hub.
Page 41: Packet Filtering
P-334WT User’s Guide Packet Filtering The packet filtering mechanism blocks unwanted traffic from entering/leaving your network. Time and Date The Prestige allows you to get the current time and date from an external server when you turn on your Prestige. You can also set the time manually.
Page 42 P-334WT User’s Guide IP Alias IP Alias allows you to partition a physical network into logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physical Ethernet LAN interface with the Prestige itself as the gateway for each LAN network.
Page 43: Wireless Features
802.11b standard, meaning that you can have both IEEE 802.11b and IEEE 802.11g wireless clients in the same wireless network. Note: The P-334WT may be prone to RF (Radio Frequency) interference from other 2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth enabled devices, and other wireless LANs.
Page 44: Wep Encryption
P-334WT User’s Guide WPA(2) Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA 2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA(2) and WEP are improved data encryption and user authentication.
Page 45: Applications For The Prestige
P-334WT User’s Guide 1.3 Applications for the Prestige Here are some examples of what you can do with your Prestige. 1.3.1 Secure Broadband Internet Access via Cable or DSL Modem You can connect a cable modem, DSL or wireless modem to the Prestige for broadband Internet access via an Ethernet or a wireless port on the modem.
Page 46: Wireless Lan Application
P-334WT User’s Guide Figure 2 VPN Application 1.3.3 Wireless LAN Application Add a wireless LAN to your existing network without expensive network cables. Wireless stations can move freely anywhere in the coverage area and use resources on the wired network.
Page 47: Front Panel Leds
P-334WT User’s Guide 1.3.4 Front Panel LEDs Figure 4 P-334WT Front Panel The following table describes the LEDs. Table 1 Front Panel LEDs COLOR STATUS DESCRIPTION Green The Prestige is receiving power and functioning properly. Blinking The Prestige is performing testing.
Page 48 P-334WT User’s Guide Chapter 1 Getting to Know Your Prestige...
Page 49: Introducing The Web Configurator
P-334WT User’s Guide H A P T E R Introducing the Web Configurator This chapter describes how to access the Prestige web configurator and provides an overview of its screens. 2.1 Web Configurator Overview The web configurator is an HTML-based management interface that allows easy Prestige setup and management via Internet browser.
Page 50: Resetting The Prestige
P-334WT User’s Guide Figure 5 Change Password Screen Note: The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes). Simply log back into the Prestige if this happens to you.
Page 51: Figure 6 Web Configurator Status Screen
P-334WT User’s Guide Figure 6 Web Configurator Status Screen The following table describes the icons shown in the Status screen. Table 2 Status Screen Icon Key ICON DESCRIPTION Select a language from the drop-down list box to have the web configurator display in that language.
Page 52: Table 3 Web Configurator Status Screen
P-334WT User’s Guide Table 2 Status Screen Icon Key ICON DESCRIPTION Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the end of every time interval or to not refresh the screen statistics.
Page 53: Navigation Panel
P-334WT User’s Guide Table 3 Web Configurator Status Screen LABEL DESCRIPTION Interface Status Interface This displays the Prestige port types. The port types are: WAN, LAN and WLAN. Status For the LAN and WAN ports, this field displays Down (line is down) or Up (line is up or connected).
Page 54 P-334WT User’s Guide Table 4 Screens Summary LINK FUNCTION Wireless LAN General Use this screen to configure wireless LAN. OTIST This screen allows you to assign wireless clients the Prestige’s wireless security settings. MAC Filter Use the MAC filter screen to configure the Prestige to block access to devices or block the devices from accessing the Prestige.
Page 55: Summary: Any Ip Table
P-334WT User’s Guide Table 4 Screens Summary LINK FUNCTION TMSS General Use this screen to enable or disable TMSS. Exception List Use this screen to decide which computers in the network you can apply TMSS. Virus Protection Use this screen to check the computers in the network for Trend Micro Internet Security.
Page 56: Summary: Dhcp Table
P-334WT User’s Guide Figure 7 Summary: Any IP Table The following table describes the labels in this screen. Table 5 Summary: Any IP Table LABEL DESCRIPTION This field displays the index number. IP Address This field displays the IP address of the network device.
Page 57: Summary: Parental Controls Statistics
P-334WT User’s Guide The following table describes the labels in this screen. Table 6 Summary: DHCP Table LABEL DESCRIPTION This is the index number of the host computer. IP Address This field displays the IP address relative to the # field listed above.
Page 58: Figure 9 Summary: Parental Control Statistics
P-334WT User’s Guide Figure 9 Summary: Parental Control Statistics The following table describes the labels in this screen. Table 7 Summary: Parental Control Statistics LABEL DESCRIPTION Control Mode This displays the current parental control mode (General Control or Per-User Control).
Page 59: Summary: Vpn Monitor
P-334WT User’s Guide 2.4.5 Summary: VPN Monitor Click the VPN Monitor (Details...) hyperlink in the Status screen. Read-only information here includes encapsulation mode and security protocol. Figure 10 Summary: VPN Monitor The following table describes the labels in this screen.
Page 60: Summary: Packet Statistics
P-334WT User’s Guide Figure 11 Summary: BW MGMT Monitor 2.4.7 Summary: Packet Statistics Click the Packet Statistics (Details...) hyperlink in the Status screen. Read-only information here includes port status and packet specific statistics. Also provided are "system up time" and "poll interval(s)".
Page 61: Summary: Port Isolation
P-334WT User’s Guide The following table describes the labels in this screen. Table 9 Summary: Packet Statistics LABEL DESCRIPTION Port This is the WAN, LAN or WLAN port. Status For the LAN ports, this displays the port speed and duplex setting or Down when the line is disconnected.
Page 62: Summary: Wireless Station Status
P-334WT User’s Guide Figure 13 Summary: Port Isolation The following table describes the labels in this screen. Table 10 Summary: Wireless Association List LABEL DESCRIPTION Port This is the LAN or WLAN port. Bypass This displays whether port isolation is performed on the port.
Page 63: Figure 14 Summary: Wireless Association List
P-334WT User’s Guide Figure 14 Summary: Wireless Association List The following table describes the labels in this screen. Table 11 Summary: Wireless Association List LABEL DESCRIPTION This is the index number of an associated wireless station. MAC Address This field displays the MAC address of an associated wireless station.
Page 64 P-334WT User’s Guide Chapter 2 Introducing the Web Configurator...
Page 65: Chapter 3 Connection Wizard
P-334WT User’s Guide H A P T E R Connection Wizard This chapter provides information on the Wizard setup screens in the web configurator. 3.1 Wizard Setup The web configurator’s Wizard setup helps you configure your device to access the Internet.
Page 66: Connection Wizard: Step 1: System Information
P-334WT User’s Guide Figure 16 Select a Language 4 Read the on-screen information and click Next. Figure 17 Welcome to the Connection Wizard 3.2 Connection Wizard: STEP 1: System Information System Information contains administrative and system-related information. 3.2.1 System Name System Name is for identification purposes.
Page 67: Domain Name
P-334WT User’s Guide 3.2.2 Domain Name The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the Prestige via DHCP.
Page 68: Basic(Wep) Security
P-334WT User’s Guide Figure 19 Wizard Step 2: Wireless LAN The following table describes the labels in this screen. Table 13 Wizard Step 2: Wireless LAN LABEL DESCRIPTION Name(SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN.
Page 69: Figure 20 Wizard Step 2: Basic(Wep) Security
P-334WT User’s Guide Figure 20 Wizard Step 2: Basic(WEP) Security The following table describes the labels in this screen. Table 14 Wizard Step 2: Basic(WEP) Security LABEL DESCRIPTION Passphrase Type a Passphrase (up to 32 printable characters) and click Generate. The Prestige automatically generates a WEP key.
Page 70: Extend(Wpa-Psk Or Wpa2-Psk) Security
P-334WT User’s Guide Table 14 Wizard Step 2: Basic(WEP) Security LABEL DESCRIPTION Back Click Back to display the previous screen. Next Click Next to proceed to the next screen. Exit Click Exit to close the wizard screen without saving. 3.3.2 Extend(WPA-PSK or WPA2-PSK) Security Choose Extend(WPA-PSK) or Extend(WPA2-PSK) security in the Wireless LAN setup screen to set up a Pre-Shared Key.
Page 71: Connection Wizard: Step 3: Internet Configuration
P-334WT User’s Guide Figure 22 Wizard Step 2: OTIST The following table describes the labels in this screen. Table 16 Wizard Step 2: OTIST LABEL DESCRIPTION Do you want to Select the Yes radio button and click Next to proceed with the setup wizard and enable OTIST? enable OTIST only when you click Finish in the final wizard screen.
Page 72: Ethernet Connection
P-334WT User’s Guide This wizard screen varies according to the connection type that you select. Figure 23 Wizard Step 3: ISP Parameters. The following table describes the labels in this screen, Table 17 Wizard Step 3: ISP Parameters CONNECTION TYPE...
Page 73: Pppoe Connection
P-334WT User’s Guide 3.4.2 PPPoE Connection Point-to-Point Protocol over Ethernet (PPPoE) functions as a dial-up connection. PPPoE is an IETF (Internet Engineering Task Force) standard specifying how a host personal computer interacts with a broadband modem (for example DSL, cable, wireless, etc.) to achieve access to high-speed data networks.
Page 74: Pptp Connection
P-334WT User’s Guide Table 18 Wizard Step 3: PPPoE Connection LABEL DESCRIPTION Back Click Back to return to the previous screen. Next Click Next to continue. Exit Click Exit to close the wizard screen without saving. 3.4.3 PPTP Connection Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables transfers of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/ IP-based networks.
Page 75: Your Ip Address
P-334WT User’s Guide The following table describes the fields in this screen Table 19 Wizard Step 3: PPTP Connection LABEL DESCRIPTION ISP Parameters for Internet Access Connection Type Select PPTP from the drop-down list box. To configure a PPTP client, you must configure the User Name and Password fields for a PPP connection and the PPTP parameters for a PPTP connection.
Page 76: Wan Ip Address Assignment
P-334WT User’s Guide The following table describes the labels in this screen Table 20 Wizard Step 3: Your IP Address LABEL DESCRIPTION Get automatically from Select this option If your ISP did not assign you a fixed IP address. This is your ISP the default selection.
Page 77: Dns Server Address Assignment
P-334WT User’s Guide If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. The Internet Assigned Number Authority (IANA) reserved this block of addresses specifically for private use;...
Page 78: Figure 28 Wizard Step 3: Wan Ip And Dns Server Addresses
P-334WT User’s Guide Figure 28 Wizard Step 3: WAN IP and DNS Server Addresses The following table describes the labels in this screen Table 22 Wizard Step 3: WAN IP and DNS Server Addresses LABEL DESCRIPTION WAN IP Address Assignment My WAN IP Address Enter your WAN IP address in this field.
Page 79: Wan Mac Address
P-334WT User’s Guide 3.4.9 WAN MAC Address Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. Table 23 Example of Network Properties for LAN Servers with Fixed IP Addresses Choose an IP address 192.168.1.2-192.168.1.32;...
Page 80: Connection Wizard: Step 4: Bandwidth Management
P-334WT User’s Guide Table 24 Wizard Step 3: WAN MAC Address LABEL DESCRIPTION Back Click Back to return to the previous screen. Next Click Next to continue. Exit Click Exit to close the wizard screen without saving. 3.5 Connection Wizard: STEP 4: Bandwidth management Bandwidth management allows you to control the amount of bandwidth going out through the Prestige’s WAN, LAN or WLAN port and prioritize the distribution of the bandwidth...
Page 81: Figure 31 Connection Wizard Save
P-334WT User’s Guide Figure 31 Connection Wizard Save Follow the on-screen instructions and click Finish to complete the wizard setup. Figure 32 Connection Wizard Complete Well done! You have successfully set up your Prestige to operate on your network and access the Internet.
Page 82 P-334WT User’s Guide Chapter 3 Connection Wizard...
Page 83: Chapter 4 Wireless Lan
P-334WT User’s Guide H A P T E R Wireless LAN This chapter discusses how to configure Wireless LAN. 4.1 Introduction A wireless LAN can be as simple as two computers with wireless LAN adapters communicating in a peer-to-peer network or as complex as a number of computers with wireless LAN adapters communicating through access points which bridge network traffic to the wired LAN.
Page 84: Restricted Access
P-334WT User’s Guide 4.2.3 Restricted Access The MAC Filter screen allows you to configure the AP to give exclusive access to devices (Allow) or exclude them from accessing the AP (Deny). 4.2.4 Hide Prestige Identity If you hide the ESSID, then the Prestige cannot be seen when a wireless client scans for local APs.
Page 85: General Wireless Lan Screen
P-334WT User’s Guide 4 If you have OTIST-enabled clients, configure OTIST in the OTIST screen. OTIST transfers device SSID and WEP or WPA-PSK key settings (if enabled) to wireless clients. The following figure shows the relative effectiveness of these wireless security methods available on your Prestige.
Page 86: No Security
P-334WT User’s Guide The following table describes the general wireless LAN labels in this screen. Table 27 Wireless LABEL DESCRIPTION Enable Click the check box to activate wireless LAN. Wireless LAN Name(SSID) (Service Set IDentity) The SSID identifies the Service Set with which a wireless station is associated.
Page 87: Wep Encryption
P-334WT User’s Guide The following table describes the labels in this screen. Table 28 Wireless No Security LABEL DESCRIPTION Security Mode Choose No Security from the drop-down list box. Apply Click Apply to save your changes back to the Prestige.
Page 88: Figure 35 Wireless: Static Wep Encryption
P-334WT User’s Guide Figure 35 Wireless: Static WEP Encryption The following table describes the wireless LAN security labels in this screen. Table 29 Wireless: Static WEP Encryption LABEL DESCRIPTION Passphrase Enter a Passphrase (up to 32 printable characters) and clicking Generate. The Prestige automatically generates a WEP key.
Page 89: Introduction To Wpa And Wpa2
P-334WT User’s Guide 4.4.4 Introduction to WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA is preferred to WEP as WPA has user authentication and improved data encryption. WPA improves data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x.
Page 90: Figure 37 Wireless: Wpa-Psk/Wpa2-Psk
P-334WT User’s Guide Figure 37 Wireless: WPA-PSK/WPA2-PSK The following table describes the labels in this screen. Table 30 Wireless: WPA-PSK/WPA2-PSK LABEL DESCRIPTION WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field.
Page 91: Wireless Client Wpa Supplicants
P-334WT User’s Guide Table 30 Wireless: WPA-PSK/WPA2-PSK LABEL DESCRIPTION Group Key Update The Group Key Update Timer is the rate at which the AP (if using WPA-PSK/ Timer WPA2-PSK key management) or RADIUS server (if using WPA/WPA2 key management) sends a new group key out to all clients. The re-keying process is the WPA/WPA2 equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis.
Page 92: Wpa/Wpa2 Authentication Screen
P-334WT User’s Guide Figure 38 WPA(2) with RADIUS Application Example 4.4.9 WPA/WPA2 Authentication Screen Click the Wireless LAN link under Network to display the Wireless General screen. Figure 39 Wireless: WPA/WPA2 Chapter 4 Wireless LAN...
Page 93: Table 31 Wireless: Wpa/Wpa2
P-334WT User’s Guide The following table describes the labels in this screen. Table 31 Wireless: WPA/WPA2 LABEL DESCRIPTION WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field. Select the check box to have both WPA2 and WPA wireless clients be able to communicate with the Prestige even when the Prestige is using WPA2-PSK or WPA2.
Page 94: Ieee 802.1X Overview
P-334WT User’s Guide Table 31 Wireless: WPA/WPA2 LABEL DESCRIPTION Apply Click Apply to save your changes back to the Prestige. Reset Click Reset to reload the previous configuration for this screen. 4.4.10 IEEE 802.1x Overview You need the following for IEEE 802.1x authentication.
Page 95: Ieee 802.1X And Static Wep Key Exchange
P-334WT User’s Guide The following table describes the labels in this screen. Table 32 Wireless: 802.1x and Dynamic WEP LABEL DESCRIPTION ReAuthentication Specify how often wireless stations have to resend usernames and passwords in Timer (in seconds) order to stay connected. Enter a time interval between 10 and 9999 seconds. The default time interval is 1800 seconds (30 minutes).
Page 96: Figure 41 Wireless: 802.1X And Static Wep
P-334WT User’s Guide Figure 41 Wireless: 802.1x and Static WEP The following table describes the labels in this screen. Table 33 Wireless: 802.1x and Static WEP LABEL DESCRIPTION Passphrase Enter a Passphrase (up to 32 printable characters) and clicking Generate. The Prestige automatically generates a WEP key.
Page 97 P-334WT User’s Guide Table 33 Wireless: 802.1x and Static WEP LABEL DESCRIPTION Key 1 to Key 4 The WEP keys are used to encrypt data. Both the Prestige and the wireless stations must use the same WEP key for data transmission.
Page 98: Ieee 802.1X + No Wep
P-334WT User’s Guide 4.4.13 IEEE 802.1x + no WEP In order to configure and enable 802.1x; click the Wireless LAN link under Network to display the Wireless General screen. Select 802.1x + No WEP from the Security Mode list. Figure 42 Wireless: 802.1x The following table describes the labels in this screen.
Page 99: Otist
P-334WT User’s Guide Table 34 Wireless: 802.1x and No WEP LABEL DESCRIPTION Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared between the external authentication server and the Prestige. The key must be the same on the external authentication server and your Prestige.
Page 100: Activating Otist
P-334WT User’s Guide Figure 43 OTIST The following table describes the labels in this screen. Table 35 OTIST LABEL DESCRIPTION Setup Key Type an OTIST Setup Key of exactly eight ASCII characters in length. The default OTIST setup key is "01234567".
Page 101: Mac Filter
P-334WT User’s Guide Figure 44 OTIST Start Note: The process takes three minutes. During this time the Prestige assigns its security settings to OTIST-enabled wireless clients within range that have selected to associate with this Prestige. Figure 45 OTIST Process When the previous screen closes, your current Prestige security configuration is automatically saved to the wireless clients.
Page 102: Wireless Lan Advanced Screen
P-334WT User’s Guide Figure 46 MAC Address Filter The following table describes the labels in this menu. Table 36 MAC Address Filter LABEL DESCRIPTION Active Select Yes from the drop down list box to enable MAC address filtering. Filter Action Define the filter action for the list of MAC addresses in the MAC Address table.
Page 103: Figure 47 Advanced
P-334WT User’s Guide To enable roaming on your Prestige, click the Wireless LAN link under Network and then the Advanced tab. The screen appears as shown. Figure 47 Advanced The following table describes the labels in this screen. Table 37 Advanced...
Page 104: Wmm Qos
P-334WT User’s Guide Table 37 Advanced LABEL DESCRIPTION Preamble Select a preamble type from the drop-down list menu. Choices are Long, Short or Dynamic. The default setting is Long. See the section on preamble for more information. 802.11 Mode Select 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to associate with the Prestige.
Page 105: Wmm Qos Priorities
P-334WT User’s Guide 4.8.2 WMM QoS Priorities The following table describes the priorities that you can apply to traffic that the Prestige sends to the wireless network. Table 38 WMM QoS Priorities PRIORITY LEVELS: Highest Typically used for voice traffic or video that is especially sensitive to jitter (variations in delay).
Page 106 P-334WT User’s Guide Table 39 Commonly Used Services SERVICE DESCRIPTION HTTP(TCP:80) Hyper Text Transfer Protocol - a client/server protocol for the world wide web. HTTPS(TCP:443) HTTPS is a secured http session often used in e-commerce. ICQ(UDP:4000) This is a popular Internet chat program.
Page 107: Qos Screen
P-334WT User’s Guide Table 39 Commonly Used Services SERVICE DESCRIPTION SSH(TCP/UDP:22) Secure Shell Remote Login Program. STRM WORKS(UDP:1558) Stream Works Protocol. SYSLOG(UDP:514) Syslog allows you to send system logs to a UNIX server. TACACS(UDP:49) Login Host Protocol used for (Terminal Access Controller Access Control System).
Page 108: Figure 48 Qos
P-334WT User’s Guide Figure 48 QoS The following table describes the fields in this screen. Table 40 QoS LABEL DESCRIPTION QoS Setup Enable WMM QoS Select the check box to enable WMM QoS on the Prestige. WMM QoS Policy Select Default to have the Prestige automatically give a service a priority level according to the ToS value in the IP header of packets it sends.
Page 109: Application Priority Configuration Screen
P-334WT User’s Guide 4.10 Application Priority Configuration Screen To edit a WMM QoS application entry, click the edit icon under Modify. The following screen displays. Figure 49 Application Priority Configuration The following table describes the fields in this screen. Table 41 Application Priority Configuration...
Page 110 P-334WT User’s Guide Chapter 4 Wireless LAN...
Page 111: Chapter 5 Wan
P-334WT User’s Guide H A P T E R This chapter describes how to configure WAN settings. 5.1 WAN Overview See the chapter about the connection wizard for more information on the fields in the WAN screens. 5.2 TCP/IP Priority (Metric) The metric represents the "cost of transmission".
Page 112: Wan Isp Screen
P-334WT User’s Guide 5.4 WAN ISP Screen To change your Prestige’s WAN ISP settings, click WAN, then the WAN ISP tab. The screen differs by the encapsulation. 5.4.1 Ethernet Encapsulation The screen shown next is for Ethernet encapsulation. Figure 50 Ethernet Encapsulation The following table describes the labels in this screen.
Page 113: Pppoe Encapsulation
P-334WT User’s Guide Table 42 Ethernet Encapsulation LABEL DESCRIPTION Login Server (Telia Type the domain name of the Telia login server, for example login1.telia.com. Login only) Relogin Every(min) The Telia server logs the Prestige out if the Prestige does not log in periodically.
Page 114: Figure 51 Pppoe Encapsulation
P-334WT User’s Guide By implementing PPPoE directly on the Prestige (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the Prestige does that part of the task. Furthermore, with NAT, all of the LANs’ computers will have access.
Page 115: Table 43 Pppoe Encapsulation
P-334WT User’s Guide The following table describes the labels in this screen. Table 43 PPPoE Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation The PPP over Ethernet choice is for a dial-up connection using PPPoE. The Prestige supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF Draft standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem (i.e.
Page 116: Pptp Encapsulation
P-334WT User’s Guide Table 43 PPPoE Encapsulation LABEL DESCRIPTION Clone the Select Clone the computer's MAC address - IP Address and enter the IP computer’s MAC address of the computer on the LAN whose MAC you are cloning. Once it is...
Page 117: Figure 52 Pptp Encapsulation
P-334WT User’s Guide Figure 52 PPTP Encapsulation Chapter 5 WAN...
Page 118: Table 44 Pptp Encapsulation
P-334WT User’s Guide The following table describes the labels in this screen. Table 44 PPTP Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks.
Page 119: Advanced Wan Screen
P-334WT User’s Guide Table 44 PPTP Encapsulation LABEL DESCRIPTION Private (PPPoE and This parameter determines if the Prestige will include the route to this remote PPTP only) node in its RIP broadcasts. If set to Yes, this route is kept private and not included in RIP broadcast.
Page 120: Table 45 Advanced
P-334WT User’s Guide The following table describes the labels in this screen. Table 45 Advanced LABEL DESCRIPTION DNS Servers First DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the Prestige's WAN IP address). The field to the right displays the (read-only) Second DNS Server DNS server IP address that the ISP assigns.
Page 121: Traffic Redirect
P-334WT User’s Guide Table 45 Advanced LABEL DESCRIPTION Apply Click Apply to save your changes back to the Prestige. Reset Click Reset to begin configuring this screen afresh. 5.6 Traffic Redirect Traffic redirect forwards WAN traffic to a backup gateway when the Prestige cannot connect to the Internet through its normal gateway.
Page 122: Traffic Redirect Screen
P-334WT User’s Guide 5.7 Traffic Redirect Screen To change your Prestige’s Traffic Redirect settings, click the WAN link under Network and the Traffic Redirect tab. The screen appears as shown. Figure 56 WAN: Traffic Redirect The following table describes the labels in this screen.
Page 123: Chapter 6 Lan
P-334WT User’s Guide H A P T E R This chapter describes how to configure LAN settings. 6.1 LAN Overview Local Area Network (LAN) is a shared communication system to which many computers are attached. The LAN screens can help you configure a LAN DHCP server, manage IP addresses, and partition your physical network into logical networks.
Page 124: Ip Address And Subnet Mask
P-334WT User’s Guide 6.2.2 IP Address and Subnet Mask Refer to the IP Address and Subnet Mask section in the Connection Wizard chapter for this information. 6.2.3 RIP Setup RIP (Routing Information Protocol, RFC 1058 and RFC 1389) allows a router to exchange routing information with other routers.
Page 125: Any Ip
P-334WT User’s Guide The Prestige supports both IGMP version 1 (IGMP-v1) and IGMP version 2 (IGMP-v2). At start up, the Prestige queries all directly connected networks to gather group membership. After that, the Prestige periodically updates this information. IP multicasting can be enabled/ disabled on the Prestige LAN and/or WAN interfaces in the web configurator (LAN;...
Page 126: How Any Ip Works
P-334WT User’s Guide 6.3.1 How Any IP Works Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. IP routing table is defined on IP Ethernet devices (the Prestige) to decide which hop to use, to help forward data along to its specified destination.
Page 127: Lan Ip Alias
P-334WT User’s Guide The following table describes the labels in this screen. Table 47 LAN IP LABEL DESCRIPTION LAN TCP/IP IP Address Type the IP address of your Prestige in dotted decimal notation 192.168.1.1 (factory default). IP Subnet Mask The subnet mask specifies the network number portion of an IP address. Your Prestige will automatically calculate the subnet mask based on the IP address that you assign.
Page 128: Advanced Lan Screen
P-334WT User’s Guide The following table describes the labels in this screen. Table 48 LAN IP Alias LABEL DESCRIPTION IP Alias 1,2 Select the check box to configure another LAN network for the Prestige. IP Address Enter the IP address of your Prestige in dotted decimal notation.
Page 129: Figure 60 Advanced
P-334WT User’s Guide Figure 60 Advanced The following table describes the labels in this screen. Table 49 Advanced LABEL DESCRIPTION RIP Direction RIP (Routing Information Protocol, RFC1058 and RFC 1389) allows a router to exchange routing information with other routers. The RIP Direction field controls the sending and receiving of RIP packets.
Page 130 P-334WT User’s Guide Table 49 Advanced LABEL DESCRIPTION Windows Networking (NetBIOS over TCP/IP): NetBIOS (Network Basic Input/Output System) are TCP or UDP broadcast packets that enable a computer to connect to and communicate with a LAN. For some dial-up services such as PPPoE or PPTP, NetBIOS packets cause unwanted calls. However it may sometimes be necessary to allow NetBIOS packets to pass through to the WAN in order to find a computer on the WAN.
Page 131: Chapter 7 Dhcp Server
P-334WT User’s Guide H A P T E R DHCP Server 7.1 DHCP DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the Prestige as a DHCP server or disable it.
Page 132: Static Dhcp Screen
P-334WT User’s Guide The following table describes the labels in this screen. Table 50 General LABEL DESCRIPTION Enable DHCP Server DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients (computers) to obtain TCP/IP configuration at startup from a server.
Page 133: Client List Screen
P-334WT User’s Guide Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. To change your Prestige’s Static DHCP settings, click the DHCP Server link under Network and the Static DHCP tab.
Page 134: Figure 63 Client List
P-334WT User’s Guide Figure 63 Client List The following table describes the labels in this screen. Table 52 Client List LABEL DESCRIPTION This is the index number of the host computer. IP Address This field displays the IP address relative to the # field listed above.
Page 135: Network Address Translation (Nat)
P-334WT User’s Guide H A P T E R Network Address Translation (NAT) This chapter discusses how to configure NAT on the Prestige. 8.1 NAT Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet.
Page 136: What Nat Does
P-334WT User’s Guide 8.1.2 What NAT Does In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host.
Page 137: Nat Application
P-334WT User’s Guide 8.1.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP Alias) behind the Prestige can communicate with three distinct WAN networks. More examples follow at the end of this chapter.
Page 138: Using Nat
P-334WT User’s Guide The following table summarizes these types. Table 54 NAT Mapping Types TYPE IP MAPPING SMT ABBREVIATION One-to-One ILA1 IGA1 Many-to-One (SUA/PAT) ILA1 IGA1 ILA2 IGA1 … Many-to-Many Overload ILA1 IGA1 M-M Ov ILA2 IGA2 ILA3 IGA1 ILA4 IGA2 …...
Page 139: Default Server Ip Address
P-334WT User’s Guide You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one server can support more than one service (for example both FTP and web service), it might be better to specify a range of port numbers.
Page 140: Configuring Servers Behind Sua (Example)
P-334WT User’s Guide The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers. Please also refer to the Supporting CD for more examples and details on SUA/NAT.
Page 141: Port Forwarding Screen
P-334WT User’s Guide Figure 67 NAT General The following table describes the labels in this screen. Table 56 NAT General LABEL DESCRIPTION Network Address Network Address Translation (NAT) allows the translation of an Internet protocol Translation address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet).
Page 142: Figure 68 Port Forwarding
P-334WT User’s Guide Figure 68 Port Forwarding The following table describes the labels in this screen. Table 57 Port Forwarding LABEL DESCRIPTION Default Server In addition to the servers for specified services, NAT supports a default server. A default server receives packets from ports that are not specified in this screen.
Page 143: Port Forwarding Rule Setup
P-334WT User’s Guide 8.5.1 Port Forwarding Rule Setup To edit a port forwarding rule, click the edit icon under Modify. The following screen displays. Figure 69 Port Forwarding Rule Setup The following table describes the labels in this screen. Table 58 Port Forwarding Rule Setup...
Page 144: Trigger Port Forwarding Example
P-334WT User’s Guide Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns using the service. The Prestige records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific port number and protocol (a "trigger"...
Page 145: Trigger Port Forwarding Screen
P-334WT User’s Guide 8.7 Trigger Port Forwarding Screen To change your Prestige’s trigger port settings, click the NAT link under Network and the Trigger Port tab. The screen appears as shown. Note: Only one LAN computer can use a trigger port (range) at a time.
Page 146 P-334WT User’s Guide Chapter 8 Network Address Translation (NAT)
Page 147: Chapter 9 Firewall
P-334WT User’s Guide H A P T E R Firewall This chapter gives some background information on firewalls and explains how to get started with the Prestige firewall. 9.1 Introduction to Firewall 9.1.1 What is a Firewall? Originally, the term firewall referred to a construction technique designed to prevent the spread of fire from one room to another.
Page 148: Guidelines For Enhancing Security With Your Firewall
P-334WT User’s Guide The Prestige has one Ethernet WAN port and four Ethernet LAN ports, which are used to physically separate the network into two areas.The WAN (Wide Area Network) port attaches to the broadband (cable or DSL) modem to the Internet.
Page 149: Services Screen
P-334WT User’s Guide The following table describes the labels in this screen. Table 60 Firewall General LABEL DESCRIPTION Enable Firewall Select this check box to activate the firewall. The Prestige performs access control and protects against Denial of Service (DoS) attacks when the firewall is activated.
Page 150: Figure 73 Services
P-334WT User’s Guide Figure 73 Services The following table describes the labels in this screen. Table 61 Firewall Services LABEL DESCRIPTION Enable Services Select this check box to enable this feature. Blocking Available Service This is a list of pre-defined services (ports) you may prohibit your LAN computers from using.
Page 151 P-334WT User’s Guide Table 61 Firewall Services LABEL DESCRIPTION Time of Day to Select the time of day you want service blocking to take effect. Configure blocking Block (24-Hour to take effect all day by selecting the All Day check box. You can also configure...
Page 152 P-334WT User’s Guide Chapter 9 Firewall...
Page 153: Chapter 10 Content Filtering
P-334WT User’s Guide H A P T E R Content Filtering This chapter provides a brief overview of content filtering using the embedded web GUI. 10.1 Introduction to Content Filtering Internet content filtering allows you to create and enforce Internet access policies tailored to their needs.
Page 154: Figure 75 Content Filter: Filter
P-334WT User’s Guide Figure 75 Content Filter: Filter The following table describes the labels in this screen. Table 62 Content Filter: Filter LABEL DESCRIPTION Trusted IP Setup To enable this feature, type an IP address of any one of the computers in your network that you want to have as a trusted computer.
Page 155: Schedule
P-334WT User’s Guide Table 62 Content Filter: Filter LABEL DESCRIPTION Keyword List This list displays the keywords already added. Click Add after you have typed a keyword. Repeat this procedure to add other keywords. Up to 64 keywords are allowed.
Page 156: Customizing Keyword Blocking Url Checking
P-334WT User’s Guide The following table describes the labels in this screen. Table 63 Content Filter: Schedule LABEL DESCRIPTION Day to Block Select check boxes for the days that you want the Prestige to perform content filtering. Select the Everyday check box to have content filtering turned on all days of the week.
Page 157: File Name Url Checking
P-334WT User’s Guide 10.6.3 File Name URL Checking Filename URL checking has the Prestige check all of the characters in the URL. For example, filename URL checking searches for keywords within the URL www.zyxel.com.tw/news/pressroom.php. Use the ip urlfilter customize actionFlags 8 [disable | enable] command to extend (or not extend) the keyword blocking search to include the URL's complete filename.
Page 158 P-334WT User’s Guide Chapter 10 Content Filtering...
Page 159: Chapter 11 Introduction To Ipsec
P-334WT User’s Guide H A P T E R Introduction to IPSec This chapter introduces the basics of IPSec VPNs. 11.1 VPN Overview A VPN (Virtual Private Network) provides secure communications between sites without the expense of leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, authentication, access control and auditing technologies/services used to transport traffic over the Internet or any insecure network that uses the TCP/IP protocol suite for communication.
Page 160: Data Confidentiality
P-334WT User’s Guide Figure 77 Encryption and Decryption 11.1.3.2 Data Confidentiality The IPSec sender can encrypt packets before transmitting them across a network. 11.1.3.3 Data Integrity The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not been altered during transmission.
Page 161: Ipsec Algorithms
P-334WT User’s Guide Figure 78 IPSec Architecture 11.2.1 IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406) and AH (Authentication Header) protocol (RFC 2402) describe the packet formats and the default standards for packet structure (including implementation algorithms). The Encryption Algorithm describes the use of encryption techniques such as DES (Data Encryption Standard) and Triple DES algorithms.
Page 162: Transport Mode
P-334WT User’s Guide Figure 79 Transport and Tunnel Mode IPSec Encapsulation 11.3.1 Transport Mode Transport mode is used to protect upper layer protocols and only affects the data in the IP packet. In Transport mode, the IP packet contains the security protocol (AH or ESP) located after the original IP header and options, but before any upper layer protocols contained in the packet (such as TCP and UDP).
Page 163: Table 64 Vpn And Nat
P-334WT User’s Guide NAT is incompatible with the AH protocol in both Transport and Tunnel mode. An IPSec VPN using the AH protocol digitally signs the outbound packet, both data payload and headers, with a hash value appended to the packet. When using AH protocol, packet contents (the data payload) are not encrypted.
Page 164 P-334WT User’s Guide Chapter 11 Introduction to IPSec...
Page 165: Chapter 12 Vpn Screens
P-334WT User’s Guide H A P T E R VPN Screens This chapter introduces the VPN web configurator. See the chapter on logs for information on viewing logs and the Appendices for IPSec log descriptions. 12.1 VPN/IPSec Overview Use the screens documented in this chapter to configure rules for VPN connections and manage VPN connections.
Page 166: My Ip Address
P-334WT User’s Guide Table 65 AH and ESP Encryption DES (default) Data Encryption Standard (DES) is a widely used method of data encryption using a secret key. DES applies a 56-bit key to each 64-bit block of data. 3DES Triple DES (3DES) is a variant of DES,...
Page 167: Dynamic Secure Gateway Address
P-334WT User’s Guide You can also enter a remote secure gateway’s domain name in the Secure Gateway Address field if the remote secure gateway has a dynamic WAN IP address and is using DDNS. The Prestige has to rebuild the VPN tunnel each time the remote secure gateway’s WAN IP address changes (there may be a delay until the DDNS servers are updated with the remote gateway’s new WAN IP address).
Page 168: Keep Alive
P-334WT User’s Guide The following table describes the labels in this screen. Table 66 VPN Summary LABEL DESCRIPTION The VPN policy index number. Active This field displays whether the VPN policy is active or not. The icon is turned on when this VPN policy is active.
Page 169: Nat Traversal
P-334WT User’s Guide Note: When there is outbound traffic with no inbound traffic, the Prestige automatically drops the tunnel after two minutes. 12.7 NAT Traversal NAT traversal allows you to set up a VPN connection when there are NAT routers between IPSec routers A and B.
Page 170: Id Type And Content
P-334WT User’s Guide The following figure depicts an example where three VPN tunnels are created from Prestige A; one to branch office 2, one to branch office 3 and another to headquarters. In order to access computers that use private domain names on the headquarters (HQ) network, the Prestige at branch office 1 uses the Intranet DNS server in headquarters.
Page 171: Id Type And Content Examples
P-334WT User’s Guide between three encryption algorithms (DES and 3DES), two authentication algorithms (MD5 and SHA1) and two key groups (DH1 and DH2) when you configure a VPN rule (see Section 12.12 on page 178). The ID type and content act as an extra level of identification for incoming SAs.
Page 172: Pre-Shared Key
P-334WT User’s Guide The two Prestiges in this example cannot complete their negotiation because Prestige B’s Local ID type is IP, but Prestige A’s Peer ID type is set to E-mail. An “ID mismatched” message displays in the IPSEC LOG.
Page 173: Figure 85 Vpn Rule Setup
P-334WT User’s Guide Figure 85 VPN Rule Setup The following table describes the labels in this screen. Table 70 VPN Rule Setup LABEL DESCRIPTION Active Select this check box to activate this VPN tunnel. This option determines whether a VPN rule is applied before a packet leaves the firewall.
Page 174 P-334WT User’s Guide Table 70 VPN Rule Setup (continued) LABEL DESCRIPTION DNS Server (for If there is a private DNS server that services the VPN, type its IP address here. IPSec VPN) The Prestige assigns this additional DNS server to the Prestige’s DHCP clients that have IP addresses in this IPSec rule's range of local addresses.
Page 175 P-334WT User’s Guide Table 70 VPN Rule Setup (continued) LABEL DESCRIPTION Peer ID Type Select IP to identify the remote IPSec router by its IP address. Select DNS to identify the remote IPSec router by a domain name. Select E-mail to identify the remote IPSec router by an e-mail address.
Page 176: Ike Phases
P-334WT User’s Guide Table 70 VPN Rule Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the Prestige. Reset Click Reset to begin configuring this screen afresh. 12.11 IKE Phases There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and phase 2 (Key Exchange).
Page 177: Negotiation Mode
P-334WT User’s Guide Choose Tunnel mode or Transport mode. Set the IPSec SA lifetime. This field allows you to determine how long the IPSec SA should stay up before it times out. The Prestige automatically renegotiates the IPSec SA if there is traffic when the IPSec SA lifetime period expires.
Page 178: Advanced Rule Setup Screen
P-334WT User’s Guide 12.12 Advanced Rule Setup Screen Select Advanced at the bottom of the Rule Setup screen. The following screen displays. Figure 87 Advanced Rule Setup Chapter 12 VPN Screens...
Page 179: Table 71 Advanced Rule Setup
P-334WT User’s Guide The following table describes the labels in this screen. Table 71 Advanced Rule Setup LABEL DESCRIPTION Active Select this check box to activate this VPN policy. Keep Alive Select this check box to turn on the Keep Alive feature for this SA.
Page 180 P-334WT User’s Guide Table 71 Advanced Rule Setup (continued) LABEL DESCRIPTION Remote Address Start Remote IP addresses must be static and correspond to the remote IPSec router's configured local IP addresses. The remote address fields do not apply when the Secure Gateway Address field is configured to 0.0.0.0. In this case only the remote IPSec router can initiate the VPN.
Page 181 P-334WT User’s Guide Table 71 Advanced Rule Setup (continued) LABEL DESCRIPTION Peer Content The configuration of the peer content depends on the peer ID type. • For IP, type the IP address of the computer with which you will make the VPN connection.
Page 182: Manual Key
P-334WT User’s Guide Table 71 Advanced Rule Setup (continued) LABEL DESCRIPTION IPSec Protocol Select ESP or AH from the drop-down list box. The Prestige's IPSec Protocol should be identical to the secure remote gateway. The ESP (Encapsulation Security Payload) protocol (RFC 2406) provides encryption as well as the authentication offered by AH.
Page 183: Manual Key Screen
P-334WT User’s Guide Note: Current ZyXEL implementation assumes identical outgoing and incoming SPIs. 12.14 Manual Key Screen You only configure VPN Manual Key when you select Manual in the Key Management field on the Rule Setup screen. The Rule Setup Manual screen as shown next.
Page 184 P-334WT User’s Guide Table 72 Rule Setup with Manual Key LABEL DESCRIPTION Local Address The Local IP address must be static and correspond to the remote IPSec router's configured remote IP addresses. Two active SAs can have the same local or remote IP address, but not both.
Page 185: Sa Monitor Screen
P-334WT User’s Guide Table 72 Rule Setup with Manual Key LABEL DESCRIPTION IPSec Protocol Select ESP if you want to use ESP (Encapsulation Security Payload). The ESP protocol (RFC 2406) provides encryption as well as some of the services offered by AH. If you select ESP here, you must select options from the Encryption Algorithm and Authentication Algorithm fields (described next).
Page 186: Global Setting Screen
P-334WT User’s Guide Figure 89 SA Monitor The following table describes the labels in this screen. Table 73 SA Monitor LABEL DESCRIPTION This is the security association index number. Name This field displays the identification name for this VPN policy.
Page 187: Telecommuter Vpn/Ipsec Examples
P-334WT User’s Guide The following table describes the labels in this screen. Table 74 Global Setting LABEL DESCRIPTION Windows Networking NetBIOS (Network Basic Input/Output System) are TCP or UDP broadcast (NetBIOS over TCP/IP) packets that enable a computer to find other computers. It may sometimes...
Page 188: Telecommuters Using Unique Vpn Rules Example
P-334WT User’s Guide Figure 91 Telecommuters Sharing One VPN Rule Example 12.17.2 Telecommuters Using Unique VPN Rules Example With aggressive negotiation mode (see Section 12.11.1 on page 177), the Prestige can use the ID types and contents to distinguish between VPN rules. Telecommuters can each use a separate VPN rule to simultaneously access a Prestige at headquarters.
Page 189: Vpn And Remote Management
P-334WT User’s Guide Figure 92 Telecommuters Using Unique VPN Rules Example 12.18 VPN and Remote Management If a VPN tunnel uses a remote management service port (Telnet, FTP, WWW SNMP, DNS or ICMP) and terminates at the Prestige’s LAN or WAN port, configure remote management (REMOTE MGNT) to allow access for that service.
Page 190 P-334WT User’s Guide Chapter 12 VPN Screens...
Page 191: Trend Micro Home Network Security (Tmss)
P-334WT User’s Guide H A P T E R Trend Micro Home Network Security (TMSS) This chapter provides instructions for installing and configuring Trend Micro Home Network Security, also known as “TMSS”. It includes the following sections: • Installing the Trend Micro Dashboard on page 192 •...
Page 192: Installing The Trend Micro Dashboard
P-334WT User’s Guide 13.2 Installing the Trend Micro Dashboard Note: The Trend Micro dashboard requires Microsoft Internet Explorer version 5.5 or later. If you are using a non-Microsoft browser or an earlier version of Internet Explorer, please install Internet Explorer 5.5 or later before continuing.
Page 193: Installing The Trend Micro Dashboard: Troubleshooting
P-334WT User’s Guide 4 After a few seconds, the Trend Micro dashboard appears (Figure 95). Note: If the dashboard screen does not appear, please refer to Section 13.2.1 on page 193. Figure 95 Trend Micro Dashboard) To start the Trend Micro dashboard in future, click Trend Micro Security Services in the Start menu or the icon in your browser’s toolbar.
Page 194: Activating Your Free Services
P-334WT User’s Guide 3 Choose the following settings: Table 76 Internet Explorer Default Security Settings SETTING CHOOSE Download signed ActiveX controls Prompt Script ActiveX control marked safe for scripting Enable Run ActiveX controls and plug-ins Enable Java permissions High safety...
Page 195: Registering A Trend Micro Customer Account
P-334WT User’s Guide 13.3.1 Registering a Trend Micro Customer Account To register a Trend Micro customer account: 1 Start the dashboard by clicking Trend Micro Security Services in the Start menu or the icon in your browser’s toolbar. The dashboard’s home screen appears...
Page 196: Figure 97 3 Steps Screen
P-334WT User’s Guide Figure 97 3 Steps Screen 4 Click Next. The account registration screen appears (Figure 98 on page 196). Figure 98 Account Registration Screen Chapter 13 Trend Micro Home Network Security (TMSS)
Page 197: Installing Trend Micro Internet Security
P-334WT User’s Guide 5 On the account registration screen, type your name, email address, and other required information, and then click Next. The Check Information screen appears. Note: If you already have a Trend Micro customer account, type your user ID and password, click Log in Now, and then click Next.
Page 198: Figure 99 Download Now Screen
P-334WT User’s Guide Figure 99 Download Now Screen 4 Click Start Download & Install. A file download message box opens. 5 Click Run or Open, and then wait while Setup downloads the installation files. If a second message box opens asking “Do you want to run this software?”, click Run. After downloading the files, the Location to Save Files screen appears.
Page 199: Figure 100 Registration Information Screen
P-334WT User’s Guide 8 Type your name, Trend Micro Internet Security serial number, and organization (optional). Click Next. The Installation Location screen appears. Note: When you activated your customer account, Trend Micro sent you an email message containing your Trend Micro Internet Security serial number.
Page 200: Registering Trend Micro Internet Security
P-334WT User’s Guide Note: Use the same serial number each time you install Trend Micro Internet Security. You can install the program on up to ten computers using this serial number. 13.3.3 Registering Trend Micro Internet Security After installing Internet Security, register your software to get free updates to scanning components during the trial period, and free use of Parental Controls for one year.
Page 201: Tmss Settings
P-334WT User’s Guide The Account Confirmed screen shows your Trend Micro Internet Security serial number and the expiration date of your trial subscription. To purchase an annual subscription now, click Upgrade Now. 13.4 TMSS Settings This section describes the following Trend Micro Home Network Security (TMSS) configuration screens: •...
Page 202: Exception List Screen
P-334WT User’s Guide The following table describes the settings on this screen. Table 77 Settings: General Screen LABEL DESCRIPTION Enable Trend Micro Select this check box to enable Trend Micro Home Network Security on Security Services your Prestige. Enable Parental Controls Select this check box to enable this feature on your Prestige.
Page 203: Figure 103 Exception List Screen
P-334WT User’s Guide Figure 103 Exception List Screen The following table describes the settings on this screen. Table 78 Settings: Exception List Screen LABEL DESCRIPTION Exclude computer(s) from displaying Trend Micro Home Network Security Services Computer(s) that will This box lists the Prestige LAN computers that will automatically display the display Trend Micro Trend Micro dashboard at the interval selected on the General screen.
Page 204: Virus Protection Screen
P-334WT User’s Guide Table 78 Settings: Exception List Screen LABEL DESCRIPTION Include specified Select this radio button to enable Parental Controls only on the computers with address ranges in IP addresses listed in the Selected IP Addresses list box. the Parental Control enforcement.
Page 205: Parental Control Screen
P-334WT User’s Guide Table 79 Settings: Virus Protection Screen LABEL DESCRIPTION IP Address This field displays the IP address of a TMSS client computer or the Prestige. Computer Name This field displays the host name of a TMSS client computer or the Prestige system name.
Page 206: Parents Override Password
P-334WT User’s Guide 13.4.4.2 Parents Override Password This password allows mature users to view blocked web pages. You can also use it on the Trend Micro dashboard's Parental Controls screen to override Parental Controls for a specified period. In per-user control mode, select Parents as the user name to have full access to restricted web content.
Page 207: Figure 106 Parental Control Screen: Per-User Control Mode
P-334WT User’s Guide Figure 106 Parental Control Screen: Per-User Control Mode The following table describes the labels on this screen. Table 80 Settings: Parental Control Screen LABEL DESCRIPTION Restrict Web Features Select the check boxes to restrict web features. When you download a page containing a restricted feature, that part of the web page will appear blank or grayed out.
Page 208: Configuring An Access Profile In General Control Mode
P-334WT User’s Guide Table 80 Settings: Parental Control Screen LABEL DESCRIPTION Parents Override This password allows users to bypass Parental Control. Enter a password Password between four and 32 printable characters. Spaces are not allowed. Confirmed Password To change the override password, type the new password in the Parents Override Password field, retype it in the Confirmed Password field, and then click Apply.
Page 209: Configuring A Schedule
P-334WT User’s Guide 3 Click Edit Category. In the Profile list box, choose the pre-defined access profile that will apply to all users. To create a custom profile, choose Custom and then select the check boxes for the categories you want to block. (For additional choices, click more categories).
Page 210: Configuring The User List In Per-User Mode
P-334WT User’s Guide Figure 108 General Mode: Edit Schedule 13.4.7 Configuring the User List in Per-User Mode The User List in per-user control mode shows each user’s name and access profile. Active users (green light bulb) can access the websites permitted by their access profiles. Inactive users (gray light bulb) cannot log in and cannot access the Internet.
Page 211: Content Blocking Categories
P-334WT User’s Guide Figure 109 Per-User Control Mode: Edit User List 13.4.8 Content Blocking Categories Trend Micro has defined twelve categories of potentially offensive websites. The following table summarizes the blocking criteria for each category. Table 81 Content Blocking Categories...
Page 212: Port Isolation
P-334WT User’s Guide Table 81 Content Blocking Categories CATEGORY DESCRIPTION Gambling Sites at which users can place bets or participate in betting pools (including lotteries) online. Also includes sites that provide information, assistance, recommendations, or training on placing bets or participating in games of chance.
Page 213: Figure 110 Port Isolation Example
P-334WT User’s Guide Figure 110 Port Isolation Example Click Security > TMSS > Port Isolation to display the screen as shown next. Figure 111 Port Isolation The following table describes the labels on this screen. Table 82 Port Isolation LABEL...
Page 214 P-334WT User’s Guide Table 82 Port Isolation LABEL DESCRIPTION Bypass Port Isolation Select the check box(es) of the interface(s) that are exempt from port isolation. Apply Click Apply to save the settings. Reset Click Reset to begin configuring this screen afresh.
Page 215: Chapter 14 Static Route Screens
P-334WT User’s Guide H A P T E R Static Route Screens This chapter shows you how to configure static routes for your Prestige. 14.1 Static Route Overview Each remote node specifies only the network to which the gateway is directly connected, and the Prestige has no knowledge of the networks beyond.
Page 216: Static Route Setup Screen
P-334WT User’s Guide Figure 113 IP Static Route The following table describes the labels in this screen. Table 83 IP Static Route LABEL DESCRIPTION Number of an individual static route. Name Name that describes or identifies this route. Active This icon is turned on when this static route is active.
Page 217: Figure 114 Static Route Setup
P-334WT User’s Guide Figure 114 Static Route Setup The following table describes the labels in this screen. Table 84 Static Route Setup LABEL DESCRIPTION Route Name Enter the name of the IP static route. Leave this field blank to delete this static route.
Page 218 P-334WT User’s Guide Chapter 14 Static Route Screens...
Page 219: Chapter 15 Bandwidth Management
P-334WT User’s Guide H A P T E R Bandwidth Management This chapter contains information about configuring bandwidth management, editing rules and viewing the Prestige’s bandwidth management logs. 15.1 Bandwidth Management Overview ZyXEL’s Bandwidth Management allows you to specify bandwidth management rules based on an application and/or subnet.
Page 220: Application And Subnet-Based Bandwidth Management
P-334WT User’s Guide The following figure shows LAN subnets. You could configure one bandwidth class for subnet A and another for subnet B. Figure 115 Subnet-based Bandwidth Management Example 15.4 Application and Subnet-based Bandwidth Management You could also create bandwidth classes based on a combination of a subnet and an application.
Page 221: Bandwidth Management Priorities
P-334WT User’s Guide 15.5 Bandwidth Management Priorities The following table describes the priorities that you can apply to traffic that the Prestige forwards out through an interface. Table 86 Bandwidth Management Priorities PRIORITY LEVELS: TRAFFIC WITH A HIGHER PRIORITY GETS THROUGH FASTER WHILE TRAFFIC WITH A LOWER PRIORITY IS DROPPED IF THE NETWORK IS CONGESTED.
Page 222: Services And Port Numbers
P-334WT User’s Guide Table 87 Media Bandwidth Management Setup: Services (continued) SERVICE DESCRIPTION MSN Webcam MSN messenger allows you to chat online and send instant messages. If you use MSN messenger and also have a webcam, you can send your image/photo in real-...
Page 223 P-334WT User’s Guide Table 88 Commonly Used Services SERVICE DESCRIPTION IPSEC_TUNNEL(ESP:0) The IPSEC ESP (Encapsulation Security Protocol) tunneling protocol uses this service. IRC(TCP/UDP:6667) This is another popular Internet chat program. MSN Messenger(TCP:1863) Microsoft Networks’ messenger service uses this protocol. MULTICAST(IGMP:0) Internet Group Multicast Protocol is used when sending packets to a specific group of hosts.
Page 224: Default Bandwidth Management Classes And Priorities
P-334WT User’s Guide Table 88 Commonly Used Services SERVICE DESCRIPTION TELNET(TCP:23) Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems.
Page 225: Bandwidth Management Advanced Configuration
P-334WT User’s Guide Figure 116 Bandwidth Management: General The following table describes the labels in this screen. Table 90 Bandwidth Management: General LABEL DESCRIPTION Enable Bandwidth Select this check box to have the Prestige apply bandwidth management. Management Enable bandwidth management to give traffic that matches a bandwidth rule priority over traffic that does not match a bandwidth rule.
Page 226: Figure 117 Bandwidth Management: Advanced
P-334WT User’s Guide Figure 117 Bandwidth Management: Advanced The following table describes the labels in this screen. Table 91 Bandwidth Management: Advanced LABEL DESCRIPTION Upstream Enter the amount of bandwidth in kbps (2 to 100,000) that you want to allocate for Bandwidth (kbps) traffic.
Page 227: Rule Configuration With The Pre-Defined Service
P-334WT User’s Guide Table 91 Bandwidth Management: Advanced (continued) LABEL DESCRIPTION Enable Select this check box to have the Prestige apply this bandwidth management rule. Service This is the name of the service. Priority Select a priority from the drop down list box. Choose High, Mid or Low.
Page 228: Rule Configuration With The User-Defined Service
P-334WT User’s Guide The following table describes the labels in this screen. Table 92 Bandwidth Management Rule Configuration: Pre-defined Service LABEL DESCRIPTION This is the number of an individual bandwidth management rule. Enable Select an interface’s check box to enable bandwidth management on that interface.
Page 229: Bandwidth Management Monitor
P-334WT User’s Guide The following table describes the labels in this screen. Table 93 Bandwidth Management Rule Configuration: User-defined Service LABEL DESCRIPTION BW Budget Select Maximum Bandwidth or Minimum Bandwidth and specify the maximum or minimum bandwidth allowed for the rule in kilobits per second.
Page 230 P-334WT User’s Guide Chapter 15 Bandwidth Management...
Page 231: Remote Management Screens
P-334WT User’s Guide H A P T E R Remote Management Screens This chapter provides information on the Remote Management screens. 16.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which Prestige interface (if any) from which computers.
Page 232: Remote Management And Nat
P-334WT User’s Guide 3 The IP address in the Secured Client IP Address field does not match the client IP address. If it does not match, the Prestige will disconnect the session immediately. 4 There is already another remote management session with an equal or higher priority running.
Page 233: Telnet
P-334WT User’s Guide The following table describes the labels in this screen. Table 94 WWW Remote Management LABEL DESCRIPTION Server Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
Page 234: Ftp Screen
P-334WT User’s Guide Figure 123 Telnet Remote Management The following table describes the labels in this screen. Table 95 Telnet Remote Management LABEL DESCRIPTION Server Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
Page 235: Snmp
P-334WT User’s Guide The following table describes the labels in this screen. Table 96 FTP Remote Management LABEL DESCRIPTION Server Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
Page 236: Figure 125 Snmp Management Model
P-334WT User’s Guide Figure 125 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the Prestige). An agent translates the local management information from the managed device into a form compatible with SNMP.
Page 237: Supported Mibs
P-334WT User’s Guide 16.6.1 Supported MIBs The Prestige supports MIB II that is defined in RFC-1213 and RFC-1215. The focus of the MIBs is to let administrators collect statistical data and monitor status and performance. 16.6.2 SNMP Traps The Prestige will send traps to the SNMP manager when any one of the following events...
Page 238: Dns Screen
P-334WT User’s Guide The following table describes the labels in this screen. Table 98 SNMP Remote Management LABEL DESCRIPTION SNMP Configuration Get Community Enter the Get Community, which is the password for the incoming Get and GetNext requests from the management station. The default is public and allows all requests.
Page 239: Security Screen
P-334WT User’s Guide The following table describes the labels in this screen. Table 99 DNS Remote Management LABEL DESCRIPTION Server Port The DNS service port number is 53 and cannot be changed here. Server Access Select the interface(s) through which a computer may send DNS queries to the Prestige.
Page 240: Table 100 Security Remote Management
P-334WT User’s Guide The following table describes the labels in this screen. Table 100 Security Remote Management LABEL DESCRIPTION ICMP Internet Control Message Protocol is a message control and error-reporting protocol between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams, but the messages are processed by the TCP/IP software and directly apparent to the application user.
Page 241: Chapter 17 Upnp
P-334WT User’s Guide H A P T E R UP N P This chapter introduces the Universal Plug and Play feature. 17.1 Universal Plug and Play Overview Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices.
Page 242: Upnp And Zyxel
P-334WT User’s Guide All UPnP-enabled devices may communicate freely with each other without additional configuration. Disable UPnP if this is not your intention. 17.2 UPnP and ZyXEL ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum Creates UPnP™...
Page 243: Installing Upnp In Windows Example
P-334WT User’s Guide Table 101 Configuring UPnP LABEL DESCRIPTION Allow UPnP to pass UPnP broadcasts are only allowed on the LAN. If you block LAN-to-LAN/ through Firewall Prestige traffic using the firewall, then you need to select this check box to allow UPnP-enabled traffic to pass through the firewall.
Page 244: Installing Upnp In Windows Xp
P-334WT User’s Guide 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box. 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted.
Page 245: Using Upnp In Windows Xp Example
P-334WT User’s Guide 4 Select Networking Service in the Components selection box and click Details. 5 In the Networking Services window, select the Universal Plug and Play check box. 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next.
Page 246: Auto-Discover Your Upnp-Enabled Network Device
P-334WT User’s Guide 17.5.1 Auto-discover Your UPnP-enabled Network Device 1 Click Start and Control Panel. Double- click Network Connections. An icon displays under Internet Gateway. 2 Right-click the icon and select Properties. 3 In the Internet Connection Properties 4 You may edit or delete the port...
Page 247: Web Configurator Easy Access
P-334WT User’s Guide 6 Double-click the icon to display your current Internet connection status. 17.5.2 Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL device without finding out the IP address of the ZyXEL device first. This is helpful if you do not know the IP address of the ZyXEL device.
Page 248: Web Configurator Easy Access
P-334WT User’s Guide 6 Right-click the icon for your ZyXEL device and select Properties. A properties window displays with basic information about the ZyXEL device. 17.5.3 Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL device without finding out the IP address of the ZyXEL device first.
Page 249 P-334WT User’s Guide 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click the icon for your ZyXEL device and select Invoke. The web configurator login screen displays. 6 Right-click the icon for your ZyXEL device and select Properties.
Page 250 P-334WT User’s Guide Chapter 17 UPnP...
Page 251: Chapter 18 System
P-334WT User’s Guide H A P T E R System This chapter provides information on the System screens. 18.1 System Overview See the chapter about wizard setup for more information on the next few screens. 18.2 System General Screen Click the System link under Maintenance and the General tab. The following screen displays.
Page 252: Dynamic Dns
P-334WT User’s Guide Table 102 System General LABEL DESCRIPTION Administrator Type how many minutes a management session (either via the web configurator Inactivity Timer or SMT) can be left idle before the session times out. The default is 5 minutes.
Page 253: Figure 131 Dynamic Dns
P-334WT User’s Guide Figure 131 Dynamic DNS The following table describes the labels in this screen. Table 103 Dynamic DNS LABEL DESCRIPTION Enable Dynamic DNS Select this check box to use dynamic DNS. Service Provider Select the name of your Dynamic DNS service provider.
Page 254: Time Setting Screen
P-334WT User’s Guide 18.5 Time Setting Screen To change your Prestige’s time and date, click the System link under Maintenance and the Time Setting tab. The screen appears as shown. Use this screen to configure the Prestige’s time based on your local time zone.
Page 255 P-334WT User’s Guide Table 104 Time Setting LABEL DESCRIPTION New Time This field displays the last updated time from the time server or the last time configured manually. (hh:mm:ss) When you set Time and Date Setup to Manual, enter the new time in this field and then click Apply.
Page 256 P-334WT User’s Guide Table 104 Time Setting LABEL DESCRIPTION Start Date Configure the day and time when Daylight Saving Time starts if you selected Daylight Saving. The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time starts in most parts of the United States on the first Sunday of April.
Page 257: Chapter 19 Logs
P-334WT User’s Guide H A P T E R Logs This chapter contains information about configuring general log settings and viewing the Prestige’s logs. Refer to the appendices for example log message explanations. 19.1 View Log The web configurator allows you to look at all of the Prestige’s logs in one location.
Page 258: Log Settings
P-334WT User’s Guide The following table describes the labels in this screen. Table 105 View Logs LABEL DESCRIPTION Display The categories that you select in the Log Settings page (see Section 19.2 on page 258) display in the drop-down list box.
Page 259: Figure 134 Log Settings
P-334WT User’s Guide Figure 134 Log Settings The following table describes the labels in this screen. Table 106 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below.
Page 260 P-334WT User’s Guide Table 106 Log Settings LABEL DESCRIPTION Send Alerts To Alerts are real-time notifications that are sent as soon as an event, such as a DoS attack, system error, or forbidden web access attempt occurs. Enter the E- mail address where the alert messages will be sent.
Page 261: Chapter 20 Tools
P-334WT User’s Guide H A P T E R Tools This chapter shows you how to upload a new firmware, upload or save backup configuration files and restart the Prestige. 20.1 Firmware Upload Screen Find firmware at www.zyxel.com in a file that (usually) uses the system model name with a "*.bin"...
Page 262: Configuration Screen
P-334WT User’s Guide After you see the Firmware Upload In Process screen, wait two minutes before logging into the Prestige again. Figure 136 Upload Warning The Prestige automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.
Page 263: Backup Configuration
P-334WT User’s Guide Click the Tools link under Maintenance, and the Configuration tab. Information related to factory defaults, backup configuration, and restoring configuration appears as shown next. Figure 139 Configuration 20.2.1 Backup Configuration Backup configuration allows you to back up (save) the Prestige’s current configuration to a file on your computer.
Page 264: Back To Factory Defaults
P-334WT User’s Guide Figure 140 Configuration Restore Successful The Prestige automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 141 Temporarily Disconnected If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default Prestige IP address (192.168.1.1).
Page 265: Restart Screen
P-334WT User’s Guide 20.3 Restart Screen System restart allows you to reboot the Prestige without turning the power off. Click the Tools link under Maintenance, and the Restart tab. Click Restart to have the Prestige reboot. This does not affect the Prestige's configuration.
Page 266 P-334WT User’s Guide Chapter 20 Tools...
Page 267: Chapter 21 Introducing The Smt
P-334WT User’s Guide H A P T E R Introducing the SMT This chapter explains how to access and navigate the System Management Terminal and gives an overview of its menus. 21.1 SMT Introduction The Prestige’s SMT (System Management Terminal) is a menu-driven interface that you can access from a terminal emulator through the console port or over a telnet connection.
Page 268: Prestige Smt Menu Overview
P-334WT User’s Guide 21.1.3 Prestige SMT Menu Overview The following figure gives you an overview of the various SMT menu screens of your Prestige.The following table gives you an overview of your Prestige’s various SMT menus. Table 109 SMT Menus Overview...
Page 269: Navigating The Smt Interface
P-334WT User’s Guide Table 109 SMT Menus Overview (continued) MENUS SUB MENUS 24 System Maintenance 24.1 System Status 24.2 System Information and 24.2.1 System Information Console Port Speed 24.2.2 Console Port Speed 24.3 Log and Trace 24.3.2 Syslog Logging 24.3.4 Call-Triggering Packet 24.4 Diagnostic...
Page 270: Figure 145 Smt Main Menu
[ENTER]. the SMT interface. After you enter the password, the SMT displays the main menu, as shown next. Figure 145 SMT Main Menu Copyright (c) 1994 - 2005 ZyXEL Communications Corp. P-334WT Main Menu Getting Started Advanced Management 1. General Setup 21.
Page 271: System Management Terminal Interface Summary
P-334WT User’s Guide 21.2.1 System Management Terminal Interface Summary The following table describes the fields in the previous screen. Table 111 Main Menu Summary MENU TITLE DESCRIPTION General Setup Use this menu to set up your general information. WAN Setup Use this menu to clone a MAC address from a computer on your LAN.
Page 272: Figure 146 Menu 23 System Password
P-334WT User’s Guide Figure 146 Menu 23 System Password Menu 23.1 - System Security - Change Password Old Password= ? New Password= ? Retype to confirm= ? Enter here to CONFIRM or ESC to CANCEL: 3 Type your new system password in the New Password field (up to 30 characters), and press [ENTER].
Page 273: Chapter 22 Menu 1 General Setup
P-334WT User’s Guide H A P T E R Menu 1 General Setup Menu 1 - General Setup contains administrative and system-related information. 22.1 General Setup Menu 1 — General Setup contains administrative and system-related information (shown next). The System Name field is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name".
Page 274: Figure 147 Menu 1 General Setup
P-334WT User’s Guide Figure 147 Menu 1 General Setup. Menu 1 - General Setup System Name= Domain Name= zyxel.com.tw First System DNS Server= From ISP IP Address= N/A Second System DNS Server= From ISP IP Address= N/A Third System DNS Server= From ISP...
Page 275: Procedure To Configure Dynamic Dns
P-334WT User’s Guide 22.2.1 Procedure to Configure Dynamic DNS Note: If you have a private WAN IP address, then you cannot use Dynamic DNS. To configure Dynamic DNS, go to Menu 1 — General Setup and select Yes in the Edit Dynamic DNS field.
Page 276 P-334WT User’s Guide Table 113 Menu 1.1 Configure Dynamic DNS FIELD DESCRIPTION Enable Off Line This field is only available when CustomDNS is selected in the DDNS Type field. http:/ Option Press [SPACE BAR] and then [ENTER] to select Yes. When Yes is selected, /www.dyndns.org/...
Page 277: Chapter 23 Menu 2 Wan Setup
P-334WT User’s Guide H A P T E R Menu 2 WAN Setup This chapter describes how to configure the WAN using menu 2. 23.1 WAN Setup From the main menu, enter 2 to open menu 2. Figure 149 Menu 2 WAN Setu...
Page 278 P-334WT User’s Guide Chapter 23 Menu 2 WAN Setup...
Page 279: Chapter 24 Menu 3 Lan Setup
P-334WT User’s Guide H A P T E R Menu 3 LAN Setup This chapter covers how to configure your wired Local Area Network (LAN) settings. 24.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 - LAN Setup. From the main menu, enter 3 to display menu 3.
Page 280: Protocol Dependent Ethernet Setup
P-334WT User’s Guide 24.2 Protocol Dependent Ethernet Setup Depending on the protocols for your applications, you need to configure the respective Ethernet Setup, as outlined below. • For TCP/IP Ethernet setup refer to the Internet Access Application chapter. • For bridging Ethernet setup refer to the Bridging Setup chapter.
Page 281: Table 116 Menu 3.2: Lan Tcp/Ip Setup Fields
P-334WT User’s Guide Table 115 DHCP Ethernet Setup Fields FIELD DESCRIPTION Size of Client IP This field specifies the size, or count of the IP address pool. Pool The Prestige passes a DNS (Domain Name System) server IP address (in the order First DNS Server you specify here) to the DHCP clients.
Page 282: Ip Alias Setup
P-334WT User’s Guide 24.3.1 IP Alias Setup IP alias allows you to partition a physical network into different logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physical Ethernet interface with the Prestige itself as the gateway for each LAN network.
Page 283: Wireless Lan Setup
P-334WT User’s Guide Table 117 Menu 3.2.1: IP Alias Setup FIELD DESCRIPTION IP Subnet Mask Your Prestige will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the Prestige.
Page 284: Table 118 Menu 3.5: Wireless Lan Setup
P-334WT User’s Guide The following table describes the fields in this menu. Table 118 Menu 3.5: Wireless LAN Setup FIELD DESCRIPTION ESSID The ESSID (Extended Service Set IDentity) identifies the AP to which the wireless stations associate. Wireless stations associating to the AP must have the same ESSID.
Page 285: Configuring Mac Address Filter
P-334WT User’s Guide 24.4.1 Configuring MAC Address Filter Your Prestige checks the MAC address of the wireless station device against a list of allowed or denied MAC addresses. However, intruders could fake allowed MAC addresses so MAC- based authentication is less secure than EAP authentication.
Page 286: Configuring Roaming On The Prestige
P-334WT User’s Guide Table 119 Menu 3.5.1: WLAN MAC Address Filter FIELD DESCRIPTION 1..32 Enter the MAC addresses (in XX:XX:XX:XX:XX:XX format) of the client computers that are allowed or denied access to the Prestige in these address fields. When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save your configuration, or press [ESC] at any time to cancel.
Page 287: Chapter 25 Internet Access
P-334WT User’s Guide H A P T E R Internet Access This chapter shows you how to configure your Prestige for Internet access 25.1 Introduction to Internet Access Setup Use information from your ISP along with the instructions in this chapter to set up your Prestige to access the Internet.
Page 288: Table 121 Internet Access Setup
P-334WT User’s Guide The following table describes the fields in this menu. Table 121 Internet Access Setup (Ethernet FIELD DESCRIPTION ISP’s Name Enter the name of your Internet Service Provider, e.g., myISP. This information is for identification purposes only. Encapsulation Press [SPACE BAR] and then press [ENTER] to choose Ethernet.
Page 289: Configuring The Pptp Client
P-334WT User’s Guide 25.3 Configuring the PPTP Client Note: The Prestige supports only one PPTP server connection at any given time To configure a PPTP client, you must configure the My Login and Password fields for a PPP connection and the PPTP parameters for a PPTP connection.
Page 290: Basic Setup Complete
P-334WT User’s Guide Figure 160 Internet Access Setup (PPPoE) Menu 4 - Internet Access Setup ISP's Name= MyISP Encapsulation= PPPoE Service Type= N/A My Login= My Password= ******** Retype to Confirm= ******** Idle Timeout= 100 IP Address Assignment= Dynamic IP Address= N/A...
Page 291: Remote Node Configuration
P-334WT User’s Guide H A P T E R Remote Node Configuration This chapter covers remote node configuration. 26.1 Introduction to Remote Node Setup A remote node is required for placing calls to a remote gateway. A remote node represents both the remote gateway and the network behind it across a WAN connection.
Page 292: Figure 161 Menu 11.1 Remote Node Profile For Ethernet Encapsulation
P-334WT User’s Guide Figure 161 Menu 11.1 Remote Node Profile for Ethernet Encapsulation Menu 11.1 - Remote Node Profile Rem Node Name= MyISP Route= IP Active= Yes Encapsulation= Ethernet Edit IP= No Service Type= Standard Session Options: Service Name= N/A...
Page 293: Pppoe Encapsulation
P-334WT User’s Guide Table 124 Menu 11.1 Remote Node Profile for Ethernet Encapsulation FIELD DESCRIPTION Edit IP This field leads to a “hidden” menu. Press [SPACE BAR] to select Yes and press [ENTER] to go to Menu 11.3 - Remote Node Network Layer Options.
Page 294: Nailed-Up Connection
P-334WT User’s Guide 26.2.2.2 Nailed-Up Connection A nailed-up connection is a dial-up line where the connection is always up regardless of traffic demand. The Prestige does two things when you specify a nailed-up connection. The first is that idle timeout is disabled. The second is that the Prestige will try to bring up the connection when turned on and whenever the connection is down.
Page 295: Edit Ip
P-334WT User’s Guide Figure 163 Menu 11.1 Remote Node Profile for PPTP Encapsulation Menu 11.1 - Remote Node Profile Rem Node Name= MyISP Route= IP Active= Yes Encapsulation= PPTP Edit IP= No Service Type= Standard Telco Option: Service Name= N/A...
Page 296: Figure 164 Menu 11.3 Remote Node Network Layer Options For Ethernet Encapsulation
P-334WT User’s Guide Figure 164 Menu 11.3 Remote Node Network Layer Options for Ethernet Encapsulation Menu 11.3 - Remote Node Network Layer Options IP Address Assignment= Dynamic IP Address= N/A IP Subnet Mask= N/A Gateway IP Addr= N/A Network Address Translation= SUA Only...
Page 297: Remote Node Filter
P-334WT User’s Guide Table 127 Remote Node Network Layer Options FIELD DESCRIPTION Metric Enter a number from 1 to 15 to set this route’s priority among the Prestige’s routes (see the Metric section in the WAN and Dial Backup Setup chapter) The smaller the number, the higher priority the route has.
Page 298: Traffic Redirect Setup
P-334WT User’s Guide Figure 166 Menu 11.5: Remote Node Filter (PPPoE or PPTP Encapsulation) Menu 11.5 - Remote Node Filter Input Filter Sets: protocol filters= device filters= Output Filter Sets: protocol filters= device filters= Call Filter Sets: protocol filters= device filters= Enter here to CONFIRM or ESC to CANCEL: 26.4.1 Traffic Redirect Setup...
Page 299 P-334WT User’s Guide Table 128 Menu 11.6 Traffic Redirect Setup FIELD DESCRIPTION Check WAN IP Enter the IP address of a reliable nearby computer (for example, your ISP’s DNS Address server address) to test your Prestige’s WAN accessibility. The Prestige uses the default gateway IP address if you do not enter an IP address here.
Page 300 P-334WT User’s Guide Chapter 26 Remote Node Configuration...
Page 301: Chapter 27 Static Route Setup
P-334WT User’s Guide H A P T E R Static Route Setup This chapter shows how to setup IP static routes. 27.1 IP Static Route Setup To configure an IP static route, use Menu 12 – Static Routing Setup (shown next).
Page 302: Table 129 Menu12.1 Edit Ip Static Route
P-334WT User’s Guide The following table describes the fields for Menu 12.1 – Edit IP Static Route Setup. Table 129 Menu12.1 Edit IP Static Route FIELD DESCRIPTION Route # This is the index number of the static route that you chose in menu 12.
Page 303: Network Address Translation (Nat)
P-334WT User’s Guide H A P T E R Network Address Translation (NAT) This chapter discusses how to configure NAT on the Prestige. 28.1 Using NAT Note: You must create a firewall rule in addition to setting up SUA/NAT, to allow traffic from the WAN to be forwarded through the Prestige.
Page 304: Figure 170 Menu 4: Applying Nat For Internet Access
P-334WT User’s Guide Figure 170 Menu 4: Applying NAT for Internet Access Menu 4 - Internet Access Setup ISP's Name= MyISP Encapsulation= Ethernet Service Type= Standard My Login= N/A My Password= N/A Retype to Confirm= N/A Login Server= N/A Relogin Every (min)=...
Page 305: Nat Setup
P-334WT User’s Guide The following table describes the options for Network Address Translation. Table 130 Applying NAT in Menus 4 & 11.3 FIELD DESCRIPTION Press [SPACE BAR] and then [ENTER] to select Full Feature if you have multiple public WAN IP addresses for your Prestige. The SMT uses the address mapping set that you configure and enter in the Address Mapping Set field (menu 15.1 - see...
Page 306: User-Defined Address Mapping Sets
P-334WT User’s Guide Enter 255 to display the next screen, (see Section 28.1.1 on page 303). The fields in this menu cannot be changed. Figure 174 Menu 15.1.255 SUA Address Mapping Rules Menu 15.1.255 - Address Mapping Rules Set Name= SUA...
Page 307: Ordering Your Rules
P-334WT User’s Guide Figure 175 Menu 15.1.1 First Set Menu 15.1.1 - Address Mapping Rules Set Name= NAT_SET Local Start IP Local End IP Global Start IP Global End IP Type --------------- -------------- --------------- --------------- ------ Action= Edit Select Rule= Press ENTER to Confirm or ESC to Cancel: Note: If the Set Name field is left blank, the entire set will be deleted.
Page 308: Figure 176 Menu 15.1.1.1 Editing/Configuring An Individual Rule In A Set
P-334WT User’s Guide Note: You must press [ENTER] at the bottom of the screen to save the whole set. You must do this again if you make any changes to the set – including deleting a rule. No changes to the set take place until this action is taken Selecting Edit in the Action field and then selecting a rule brings up the following menu, Menu 15.1.1.1 - Address Mapping Rule in which you can edit an individual rule and...
Page 309: Configuring A Server Behind Nat
P-334WT User’s Guide 28.4 Configuring a Server behind NAT Follow these steps to configure a server behind NAT: 1 Enter 15 in the main menu to go to Menu 15 - NAT Setup. 2 Enter 2 to display Menu 15.2 - NAT Server Setup as shown next.
Page 310: General Nat Examples
P-334WT User’s Guide Figure 178 Multiple Servers Behind NAT Example 28.5 General NAT Examples The following are some examples of NAT configuration. 28.5.1 Example 1: Internet Access Only In the following Internet access example, you only need one rule where the ILAs (Inside Local Addresses) of computers A through D map to one dynamic IGA (Inside Global Address) assigned by your ISP.
Page 311: Example 2: Internet Access With An Inside Server
P-334WT User’s Guide Figure 180 Menu 4 Internet Access & NAT Example Menu 4 - Internet Access Setup ISP's Name= MyISP Encapsulation= Ethernet Service Type= Standard My Login= N/A My Password= N/A Retype to Confirm= N/A Login Server= N/A Relogin Every (min)=...
Page 312: Example 3: Multiple Public Ip Addresses With Inside Servers
P-334WT User’s Guide Figure 182 Menu 15.2.1 Specifying an Inside Server Menu 15.2.1 - NAT Server Setup Rule Start Port No. End Port No. IP Address --------------------------------------------------- Default Default 192.168.1.10 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0...
Page 313: Figure 183 Nat Example 3
P-334WT User’s Guide Figure 183 NAT Example 3 1 In this case you need to configure Address Mapping Set 1 from Menu 15.1 - Address Mapping Sets. Therefore you must choose the Full Feature option from the Network Address Translation field (in menu 4 or menu 11.3) Figure 164 on page 296.
Page 314: Figure 185 Example 3: Menu 15.1.1.1
P-334WT User’s Guide Figure 185 Example 3: Menu 15.1.1.1 Menu 15.1.1.1 Address Mapping Rule Type= One-to-One Local IP: Start= 192.168.1.10 = N/A Global IP: Start= 10.132.50.1 = N/A Press ENTER to Confirm or ESC to Cancel: Press Space Bar to Toggle.
Page 315: Example 4: Nat Unfriendly Application Programs
P-334WT User’s Guide Figure 187 Example 3: Menu 15.2 Menu 15.2 - NAT Server Setup Rule Start Port No. End Port No. IP Address --------------------------------------------------- Default Default 0.0.0.0 192.168.1.21 192.168.1.20 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Press ENTER to Confirm or ESC to Cancel: HTTP:80 FTP:21 Telnet:23 SMTP:25 POP3:110 PPTP:1723 28.5.4 Example 4: NAT Unfriendly Application Programs...
Page 316: Configuring Trigger Port Forwarding
P-334WT User’s Guide Figure 189 Example 4: Menu 15.1.1.1 Address Mapping Rule. Menu 15.1.1.1 Address Mapping Rule Type= Many-One-to-One Local IP: Start= 192.168.1.10 = 192.168.1.12 Global IP: Start= 10.132.50.1 = 10.132.50.3 Press ENTER to Confirm or ESC to Cancel: After you’ve configured your rule, you should be able to check the settings in menu 15.1.1 as shown next.
Page 317: Figure 191 Menu 15.3 Trigger Port Setup
P-334WT User’s Guide Figure 191 Menu 15.3 Trigger Port Setup Menu 15.3 - Trigger Port Setup Incoming Trigger Rule Name Start Port End Port Start Port End Port ---------------------------------------------------------------------- Real Audio 6970 7170 7070 7070 Press ENTER to Confirm or ESC to Cancel: The following table describes the fields in this screen.
Page 318 P-334WT User’s Guide Chapter 28 Network Address Translation (NAT)
Page 319: Chapter 29 Enabling The Firewall
P-334WT User’s Guide H A P T E R Enabling the Firewall This chapter shows you how to get started with the Prestige firewall. 29.1 Remote Management and the Firewall When SMT menu 24.11 is configured to allow management (see the Remote Management chapter) and the firewall is enabled: •...
Page 320: Figure 192 Menu 21.2 Firewall Setup
P-334WT User’s Guide Figure 192 Menu 21.2 Firewall Setup Menu 21.2 - Firewall Setup The firewall protects against Denial of Service (DoS) attacks when it is active. Your network is vulnerable to attacks when the firewall is turned off. Refer to the User's Guide for details about the firewall default policies.
Page 321: Chapter 30 Filter Configuration
P-334WT User’s Guide H A P T E R Filter Configuration This chapter shows you how to create and apply filters. 30.1 Introduction to Filters Your Prestige uses filters to decide whether to allow passage of a data packet and/or to make a call.
Page 322: The Filter Structure Of The Prestige
P-334WT User’s Guide 30.1.1 The Filter Structure of the Prestige A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the rules for NetBIOS, into a single set and give it a descriptive name. The Prestige allows you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system.
Page 323: Configuring A Filter Set
P-334WT User’s Guide Figure 194 Filter Rule Process You can apply up to four filter sets to a particular port to block multiple types of packets. With each filter set having up to six rules, you can have a maximum of 24 rules active for a single port.
Page 324: Figure 195 Menu 21: Filter And Firewall Setup
P-334WT User’s Guide Figure 195 Menu 21: Filter and Firewall Setup Menu 21 - Filter and Firewall Setup 1. Filter Setup 2. Firewall Setup Enter Menu Selection Number: 2 Enter 1 to bring up the following menu. Figure 196 Menu 21.1: Filter Set Configuration Menu 21.1 - Filter Set Configuration...
Page 325: Configuring A Filter Rule
P-334WT User’s Guide Table 135 Abbreviations Used in the Filter Rules Summary Menu FIELD DESCRIPTION Action Matched. “F” means to forward the packet immediately and skip checking the remaining rules. “D” means to drop the packet. “N“ means to check the next rule.
Page 326: Figure 197 Menu 21.1.1.1 Tcp/Ip Filter Rule
P-334WT User’s Guide To configure TCP/IP rules, select TCP/IP Filter Rule from the Filter Type field and press [ENTER] to open Menu 21.1.x.x - TCP/IP Filter Rule, as shown next Figure 197 Menu 21.1.1.1 TCP/IP Filter Rule. Menu 21.1.1.1 - TCP/IP Filter Rule...
Page 327 P-334WT User’s Guide Table 137 Menu 21.1.x.x TCP/IP Filter Rule FIELD DESCRIPTION OPTIONS Source IP Address Enter the source IP Address of the packet you wish to filter. This 0.0.0.0 field is ignored if it is 0.0.0.0. IP Mask Enter the IP mask to apply to the Source: IP Addr.
Page 328: Configuring A Generic Filter Rule
P-334WT User’s Guide Figure 198 Executing an IP Filter 30.2.3 Configuring a Generic Filter Rule This section shows you how to configure a generic filter rule. The purpose of generic rules is to allow you to filter non-IP packets. For IP, it is generally easier to use the IP rules directly.
Page 329: Figure 199 Menu 21.1.4.1 Generic Filter Rule
P-334WT User’s Guide Figure 199 Menu 21.1.4.1 Generic Filter Rule Menu 21.1.4.1 - Generic Filter Rule Filter #: 4,1 Filter Type= Generic Filter Rule Active= No Offset= 0 Length= 0 Mask= N/A Value= N/A More= No Log= None Action Matched= Check Next Rule...
Page 330: Example Filter
P-334WT User’s Guide Table 138 Menu 21.1.x.x Generic Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Action Select the action for a packet matching the rule. Check Next Rule Matched Forward Drop Action Not Select the action for a packet not matching the rule.
Page 331: Figure 201 Example Filter: Menu 21.1.3.1
P-334WT User’s Guide Figure 201 Example Filter: Menu 21.1.3.1 Menu 21.1.3.1 - TCP/IP Filter Rule Filter #: 3,1 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 6 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 23 Port # Comp= Equal Source: IP Addr= 0.0.0.0...
Page 332: Filter Types And Nat
P-334WT User’s Guide Figure 202 Example Filter Rules Summary: Menu 21.1.3 Menu 21.1.3 - Filter Rules Summary # A Type Filter Rules M m n - - ---- --------------------------------------------------------- - - - 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D F...
Page 333: Firewall Versus Filters
P-334WT User’s Guide Figure 203 Protocol and Device Filter Sets 30.5 Firewall Versus Filters Firewall configuration is discussed in the firewall chapters of this manual. Further comparisons are also made between filtering, NAT and the firewall. 30.6 Applying a Filter This section shows you where to apply the filter(s) after you design it (them).
Page 334: Applying Remote Node Filters
P-334WT User’s Guide 30.6.2 Applying Remote Node Filters Go to menu 11.5 (shown below – note that call filter sets are only present for PPPoE encapsulation) and enter the number(s) of the filter set(s) as appropriate. You can cascade up to four filter sets by entering their numbers separated by commas.
Page 335: Chapter 31 Snmp Configuration
P-334WT User’s Guide H A P T E R SNMP Configuration This chapter explains SNMP Configuration menu 22. 31.1 About SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your Prestige supports SNMP agent functionality, which allows a manager station to manage and monitor the Prestige through the network.
Page 336: Supported Mibs
P-334WT User’s Guide The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include the number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects.
Page 337: Snmp Traps
P-334WT User’s Guide The following table describes the SNMP configuration parameters. Table 139 Menu 22 SNMP Configuration FIELD DESCRIPTION SNMP: Get Community Type the Get Community, which is the password for the incoming Get- and GetNext requests from the management station.
Page 338: Table 141 Ports And Permanent Virtual Circuits
P-334WT User’s Guide The port number is its interface index under the interface group. Table 141 Ports and Permanent Virtual Circuits PVC (PERMANENT PORT VIRTUAL CIRCUIT) Ethernet LAN … … xDSL Chapter 31 SNMP Configuration...
Page 339: Chapter 32 System Security
P-334WT User’s Guide H A P T E R System Security This chapter describes how to configure the system security on the Prestige. 32.1 System Security You can configure the system password, an external RADIUS server and 802.1x in this menu.
Page 340: Figure 209 Menu 23.2 System Security : Radius Server
P-334WT User’s Guide Figure 209 Menu 23.2 System Security : RADIUS Server Menu 23.2 - System Security - RADIUS Server Authentication Server: Active= No Server Address= 0.0.0.0 Port #= 1812 Shared Secret= ******** Accounting Server: Active= No Server Address= 0.0.0.0...
Page 341: Ieee 802.1X
P-334WT User’s Guide 32.4 IEEE 802.1x The IEEE802.1x standards outline enhanced security methods for both the authentication of wireless stations and encryption key management. Follow the steps below to enable EAP authentication on your Prestige. 1 From the main menu, enter 23 to display Menu23 - System Security.
Page 342 P-334WT User’s Guide Table 143 Menu 23.4 System Security : IEEE802.1x FIELD DESCRIPTION Idle Timeout The ZyAIR automatically disconnects a client from the wired network after a period of inactivity. The client needs to enter the username and password again (in second) before access to the wired network is allowed.
Page 343: System Information And Diagnosis
P-334WT User’s Guide H A P T E R System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software.
Page 344: Figure 212 Menu 24.1 System Maintenance : Status
P-334WT User’s Guide Figure 212 Menu 24.1 System Maintenance : Status Menu 24.1 - System Maintenance - Status 01:04:32 Sun. Jan. 02, 2000 Port Status TxPkts RxPkts Cols Tx B/s Rx B/s Up Time 100M/Full 2440 21360 1:02:03 100M/Full 2563...
Page 345: System Information
P-334WT User’s Guide Table 144 System Maintenance: Status Menu Fields FIELD DESCRIPTION Name This is the Prestige's system name + domain name assigned in menu 1. For example, System Name= xxx; Domain Name= baboo.mickey.com Name= xxx.baboo.mickey.com Routing Refers to the routing protocol used.
Page 346: Console Port Speed
Routing Refers to the routing protocol used. ZyNOS F/W Version Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Refers to the country code of the firmware. Country Code Ethernet Address Refers to the Ethernet MAC (Media Access Control) of your Prestige.
Page 347: Figure 216 Menu 24.3.2 System Maintenance : Syslog Logging
P-334WT User’s Guide Figure 216 Menu 24.3.2 System Maintenance : Syslog Logging Menu 24.3.2 - System Maintenance - Syslog Logging Syslog: Active= No Syslog Server IP Address= 0.0.0.0 Log Facility= Local 1 Press ENTER to Confirm or ESC to Cancel: You need to configure the syslog parameters described in the following table to activate syslog then choose what you want to log.
Page 348: Cdr
P-334WT User’s Guide 33.3.1.1 CDR CDR Message Format SdcmdSyslogSend ( SYSLOG_CDR, SYSLOG_INFO, String); String = board xx line xx channel xx, call xx, str board = the hardware board ID line = the WAN ID in a board Channel = channel ID within the WAN...
Page 349: Filter Log
P-334WT User’s Guide 33.3.1.3 Filter log Filter log Message Format SdcmdSyslogSend(SYSLOG_FILLOG, SYSLOG_NOTICE, String ); String = IP[Src=xx.xx.xx.xx Dst=xx.xx.xx.xx prot spo=xxxx dpo=xxxx] S04>R01mD IP[…] is the packet header and S04>R01mD means filter set 4 (S) and rule 1 (R), match (m) drop (D).
Page 350: Firewall Log
P-334WT User’s Guide 33.3.1.5 Firewall log Firewall Log Message Format SdcmdSyslogSend(SYSLOG_FIREWALL, SYSLOG_NOTICE, buf); buf = IP[Src=xx.xx.xx.xx : spo=xxxx Dst=xx.xx.xx.xx : dpo=xxxx | prot | rule | action] Src: Source Address spo: Source port (empty means no source port information) Dst: Destination Address dpo: Destination port (empty means no destination port information) prot: Protocol (“TCP”,”UDP”,”ICMP”, ”IGMP”, ”GRE”, ”ESP”)
Page 351: Diagnostic
P-334WT User’s Guide Figure 217 Call-Triggering Packet Example IP Frame: ENET0-RECV Size: Time: 17:02:44.262 Frame Type: IP Header: IP Version Header Length = 20 Type of Service = 0x00 (0) Total Length = 0x002C (44) Identification = 0x0002 (2) Flags...
Page 352: Wan Dhcp
P-334WT User’s Guide Figure 218 Menu 24.4 System Maintenance : Diagnostic Menu 24.4 - System Maintenance - Diagnostic TCP/IP 1. Ping Host 2. WAN DHCP Release 3. WAN DHCP Renewal 4. Internet Setup Test System 11. Reboot System Enter Menu Selection Number: Host IP Address= N/A 33.4.1 WAN DHCP...
Page 353 P-334WT User’s Guide Table 147 System Maintenance Menu Diagnostic FIELD DESCRIPTION Internet Setup Test Enter 4 to test the Internet setup. You can also test the Internet setup in Menu 4 - Internet Access. Please refer to the Internet Access chapter for more details.
Page 354 P-334WT User’s Guide Chapter 33 System Information and Diagnosis...
Page 355: Firmware And Configuration File Maintenance
P-334WT User’s Guide H A P T E R Firmware and Configuration File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files. 34.1 Filename Conventions The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password, DHCP Setup, TCP/IP Setup, etc.
Page 356: Backup Configuration
P-334WT User’s Guide The following table is a summary. Please note that the internal filename refers to the filename on the Prestige and the external filename refers to the filename not on the Prestige, that is, on your computer, local network or FTP site and so the name (but not the extension) may vary.
Page 357: Using The Ftp Command From The Command Line
P-334WT User’s Guide 34.2.2 Using the FTP Command from the Command Line 1 Launch the FTP client on your computer. 2 Enter “open”, followed by a space and the IP address of your Prestige. 3 Press [ENTER] when prompted for a username.
Page 358: Tftp And Ftp Over Wan Management Limitations
P-334WT User’s Guide 34.2.5 TFTP and FTP over WAN Management Limitations TFTP, FTP and Telnet over WAN will not work when: • You have disabled Telnet service in menu 24.11. • You have applied a filter in menu 3.1 (LAN) or in menu 11.5 (WAN) to block Telnet service.
Page 359: Gui-Based Tftp Clients
P-334WT User’s Guide where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the Prestige IP address, “get” transfers the file source on the Prestige (rom-0, name of the configuration file on the Prestige) to the file destination on the computer and renames it config.rom.
Page 360: Restore Using Ftp Session Example
P-334WT User’s Guide Figure 222 Telnet into Menu 24.6. Menu 24.6 -- System Maintenance - Restore Configuration To transfer the firmware and configuration file to your workstation, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your Prestige. Then type "root" and SMT password as requested.
Page 361: Uploading Firmware And Configuration Files
P-334WT User’s Guide 34.4 Uploading Firmware and Configuration Files This section shows you how to upload firmware and configuration files. You can upload configuration files by following the procedure in the previous section about restoring configuration or by following the instructions in Menu 24.7.2 – System Maintenance –...
Page 362: Ftp File Upload Command From The Dos Prompt Example
P-334WT User’s Guide Figure 225 Telnet Into Menu 24.7.2 System Maintenance . Menu 24.7.2 - System Maintenance - Upload System Configuration File To upload the system configuration file, follow the procedure below: 1. Launch the FTP client on your workstation.
Page 363: Ftp Session Example Of Firmware File Upload
P-334WT User’s Guide 34.4.4 FTP Session Example of Firmware File Upload Figure 226 FTP Session Example of Firmware File Upload 331 Enter PASS command Password: 230 Logged in ftp> bin 200 Type I OK ftp> put firmware.bin ras 200 Port command okay...
Page 364 P-334WT User’s Guide tftp [-i] host put firmware.bin ras where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the Prestige’s IP address and “put” transfers the file source on the computer (firmware.bin – name of the firmware on the computer) to the file destination on the remote host (ras - name of the firmware on the Prestige).
Page 365: Chapter 35 System Maintenance
P-334WT User’s Guide H A P T E R System Maintenance This chapter leads you through SMT menus 24.8 to 24.10. 35.1 Command Interpreter Mode The Command Interpreter (CI) is a part of the main system firmware. The CI provides much of the same functionality as the SMT, while adding some low-level setup and diagnostic functions.
Page 366: Command Usage
A list of commands can be found by typing help or ? at the command prompt. Always type the full command. Type exit to return to the SMT main menu when finished. Figure 228 Valid Commands Copyright (c) 1994 - 2004 ZyXEL Communications Corp. P-334WT> ? Valid commands are:...
Page 367: Call History
P-334WT User’s Guide Figure 230 Budget Management Menu 24.9.1 - Budget Management Remote Node Connection Time/Total Budget Elapsed Time/Total Period 1.MyISP No Budget No Budget The total budget is the time limit on the accumulated time for outgoing calls to a remote node.
Page 368: Time And Date Setting
P-334WT User’s Guide Figure 231 Menu 24.9.2 - Call History Menu 24.9.2 - Call History Phone Number Rate #call Total Enter Entry to Delete(0 to exit): The following table describes the fields in this menu. Table 152 Call History Fields...
Page 369: Figure 232 Menu 24: System Maintenance
P-334WT User’s Guide Figure 232 Menu 24: System Maintenance Menu 24 - System Maintenance System Status System Information and Console Port Speed Log and Trace Diagnostic Backup Configuration Restore Configuration Upload Firmware Command Interpreter Mode Call Control 10. Time and Date Setting 11.
Page 370: Resetting The Time
P-334WT User’s Guide The following table describes the fields in this screen. Table 153 Time and Date Setting Fields FIELD DESCRIPTION Time Protocol Enter the time service protocol that your timeserver sends when you turn on the Prestige. Not all timeservers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works.
Page 371: Chapter 36 Remote Management
P-334WT User’s Guide H A P T E R Remote Management This chapter covers remote management (SMT menu 24.11). 36.1 Remote Management Remote management allows you to determine which services/protocols can access which Prestige interface (if any) from which computers.
Page 372: Remote Management Limitations
P-334WT User’s Guide The following table describes the fields in this screen. Table 154 Menu 24.11 – Remote Management Control FIELD DESCRIPTION Telnet Server Each of these read-only labels denotes a service or protocol. FTP Server Web Server SNMP Service...
Page 373: Chapter 37 Call Scheduling
P-334WT User’s Guide H A P T E R Call Scheduling Call scheduling (applicable for PPPoA or PPPoE encapsulation only) allows you to dictate when a remote node should be called and for how long. 37.1 Introduction to Call Scheduling The call scheduling feature allows the Prestige to manage a remote node and dictate when a remote node should be called and for how long.
Page 374: Figure 236 Menu 26.1 Schedule Set Setup
P-334WT User’s Guide To setup a schedule set, select the schedule set you want to setup from menu 26 (1-12) and press [ENTER] to see Menu 26.1 - Schedule Set Setup as shown next. Figure 236 Menu 26.1 Schedule Set Setup Menu 26.1 - Schedule Set Setup...
Page 375: Figure 237 Applying Schedule Set(S) To A Remote Node (Pppoe)
P-334WT User’s Guide Table 155 Menu 26.1 Schedule Set Setup FIELD DESCRIPTION Action Forced On means that the connection is maintained whether or not there is a demand call on the line and will persist for the time period specified in the Duration field.
Page 376 P-334WT User’s Guide Chapter 37 Call Scheduling...
Page 377: Chapter 38 Vpn/Ipsec Setup
P-334WT User’s Guide H A P T E R VPN/IPSec Setup This chapter introduces the VPN SMT menus. 38.1 VPN/IPSec Overview The VPN/IPSec main SMT menu has these main submenus: 1 Define VPN policies in menu 27.1 submenus, including security policies, endpoint IP addresses, peer IPSec router IP address and key management.
Page 378: Ipsec Summary Screen
P-334WT User’s Guide 38.2 IPSec Summary Screen Type 1 in menu 27 and then press [ENTER] to display Menu 27.1 - IPSec Summary. This is a summary read-only menu of your IPSec rules (tunnels). Edit or create an IPSec rule by selecting an index number and then configuring the associated submenus.
Page 379 P-334WT User’s Guide Table 156 Menu 27.1 IPSec Summary FIELD DESCRIPTION Key Mgt This field displays the SA’s type of key management, (IKE or Manual). Remote Addr When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is a Start static IP address on the network behind the remote IPSec router.
Page 380: Figure 241 Menu 27.1.1 Ipsec Setup
P-334WT User’s Guide Figure 241 Menu 27.1.1 IPSec Setup Menu 27.1.1 - IPSec Setup Index #= 2 Name= example Active= Yes Keep Alive= No Nat Traversal= No Local ID type= IP Content= My IP Addr= 0.0.0.0 Peer ID type= IP Content= Secure Gateway Address= zwtest.zyxel.com.tw...
Page 381 P-334WT User’s Guide Table 157 Menu 27.1.1 IPSec Setup FIELD DESCRIPTION Content When you select IP in the Local ID Type field, type the IP address of your computer or leave the field blank to have the Prestige automatically use its own IP address.
Page 382 P-334WT User’s Guide Table 157 Menu 27.1.1 IPSec Setup FIELD DESCRIPTION Enter a port number in this field to define a port range. This port number must be greater than that specified in the previous field. This field is N/A when 0 is configured in the Port Start field.
Page 383: Ike Setup
P-334WT User’s Guide 38.3 IKE Setup To edit this menu, the Key Management field in Menu 27.1.1 – IPSec Setup must be set to IKE. Move the cursor to the Edit Key Management Setup field in Menu 27.1.1 – IPSec Setup;...
Page 384: Manual Setup
P-334WT User’s Guide Table 158 Menu 27.1.1.1 IKE Setup FIELD DESCRIPTION Encryption When DES is used for data communications, both sender and receiver must know Algorithm the same secret key, which can be used to encrypt and decrypt the message or to generate and verify a message authentication code.
Page 385: Active Protocol
P-334WT User’s Guide 38.4.1 Active Protocol This field is a combination of mode and security protocols used for the VPN. See the Web Configurator part on VPN for more information on these parameters. Table 159 Active Protocol: Encapsulation and Security Protocol...
Page 386 P-334WT User’s Guide Table 160 Menu 27.1.1.2 Manual Setup FIELD DESCRIPTION Encryption Press [SPACE BAR] to choose from NULL, 3DES or DES and then press [ENTER]. Algorithm Fill in the Key1 field below when you choose DES and fill in fields Key1 to Key3 when you choose 3DES.
Page 387: Chapter 39 Sa Monitor
P-334WT User’s Guide H A P T E R SA Monitor This chapter teaches you how to manage your SAs by using the SA Monitor in SMT menu 27.2. 39.1 SA Monitor Overview A Security (SA) is the group of security settings related to a specific VPN tunnel. This menu (shown next) displays active VPN connections.
Page 388: Table 161 Menu 27.2 Sa Monitor
P-334WT User’s Guide The following table describes the fields in this menu. Table 161 Menu 27.2 SA Monitor FIELD DESCRIPTION This is the security index number. Name This field displays the identification name for this VPN policy. This name is unique for each connection where the secure gateway IP address is a public static IP address.
Page 389: Chapter 40 Troubleshooting
P-334WT User’s Guide H A P T E R Troubleshooting This chapter covers potential problems and the corresponding remedies. 40.1 Problems Starting Up the Prestige Table 162 Troubleshooting Starting Up Your Prestige PROBLEM CORRECTIVE ACTION None of the Make sure that the Prestige’s power adaptor is connected to the Prestige and plugged LEDs turn on in to an appropriate power source.
Page 390: Problems With The Wan
P-334WT User’s Guide 40.3 Problems with the WAN Table 164 Troubleshooting the WAN PROBLEM CORRECTIVE ACTION The WAN LED is Check the connections between the Prestige WAN port and the cable/DSL modem off. or ethernet jack. Check whether your cable/DSL device requires a crossover or straight-through cable.
Page 391: Problems Accessing The Prestige
P-334WT User’s Guide 40.4 Problems Accessing the Prestige Table 165 Troubleshooting Accessing the Prestige PROBLEM CORRECTIVE ACTION I cannot The username is “admin”. The default password is “1234”. The Password and access the Username fields are case-sensitive. Make sure that you enter the correct password Prestige.
Page 392: Pop-Up Windows, Javascripts And Java Permissions
P-334WT User’s Guide Table 166 Troubleshooting Restricted Web Pages and Keyword Blocking PROBLEM CORRECTIVE ACTION Parental Restart the device to clear the cache. Control is The content filter server may be unavailable. The View Logs screen can display configured content filtering log messages. See the Log Descriptions appendix for a list of possible correctly, but I log messages.
Page 393: Internet Explorer Pop-Up Blockers
P-334WT User’s Guide • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. 40.5.1.1 Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Page 394: Figure 246 Internet Options
P-334WT User’s Guide Figure 246 Internet Options 3 Click Apply to save this setting. 40.5.1.1.2 Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Page 395: Figure 247 Internet Options
P-334WT User’s Guide Figure 247 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites.
Page 396: Javascripts
P-334WT User’s Guide Figure 248 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 40.5.1.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Page 397: Figure 249 Internet Options
P-334WT User’s Guide Figure 249 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default).
Page 398: Java Permissions
P-334WT User’s Guide Figure 250 Security Settings - Java Scripting 40.5.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected.
Page 399: Figure 251 Security Settings - Java
P-334WT User’s Guide Figure 251 Security Settings - Java 40.5.1.3.1 JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window.
Page 400: Activex Controls In Internet Explorer
P-334WT User’s Guide Figure 252 Java (Sun) 40.5.2 ActiveX Controls in Internet Explorer If ActiveX is disabled, you will not be able to download ActiveX controls or to use Trend Micro Security Serivces. Make sure that ActiveX controls are allowed in Internet Explorer.
Page 401: Figure 253 Internet Options Security
P-334WT User’s Guide Figure 253 Internet Options Security 3 Scroll down to ActiveX controls and plug-ins. 4 Under Download signed ActiveX controls select the Prompt radio button. 5 Under Run ActiveX controls and plug-ins make sure the Enable radio button is selected.
Page 402: Figure 254 Security Setting Activex Controls
P-334WT User’s Guide Figure 254 Security Setting ActiveX Controls Chapter 40 Troubleshooting...
Page 403: Setting Up Your Computer's Ip Address
P-334WT User’s Guide P P E N D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.
Page 404: Figure 255 Windows 95/98/Me: Network: Configuration
P-334WT User’s Guide Figure 255 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add.
Page 405: Figure 256 Windows 95/98/Me: Tcp/Ip Properties: Ip Address
P-334WT User’s Guide 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click 5 Restart your computer so the changes you made take effect. Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab.
Page 406: Figure 257 Windows 95/98/Me: Tcp/Ip Properties: Dns Configuration
P-334WT User’s Guide Figure 257 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add.
Page 407: Figure 258 Windows Xp: Start Menu
P-334WT User’s Guide Figure 258 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 259 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. Appendix A Setting up Your Computer’s IP Address...
Page 408: Figure 260 Windows Xp: Control Panel: Network Connections: Properties
P-334WT User’s Guide Figure 260 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 261 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Page 409: Figure 262 Windows Xp: Internet Protocol (Tcp/Ip) Properties
P-334WT User’s Guide • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. • Click Advanced. Figure 262 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK.
Page 410: Figure 263 Windows Xp: Advanced Tcp/Ip Properties
P-334WT User’s Guide Figure 263 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 411: Figure 264 Windows Xp: Internet Protocol (Tcp/Ip) Properties
P-334WT User’s Guide Figure 264 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Page 412: Figure 265 Macintosh Os 8/9: Apple Menu
P-334WT User’s Guide Figure 265 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 266 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. Appendix A Setting up Your Computer’s IP Address...
Page 413: Figure 267 Macintosh Os X: Apple Menu
P-334WT User’s Guide 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Prestige in the Router address box.
Page 414: Figure 268 Macintosh Os X: Network
P-334WT User’s Guide Figure 268 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box.
Page 415: Figure 269 Red Hat 9.0: Kde: Network Configuration: Devices
P-334WT User’s Guide Note: Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting and click Network.
Page 416: Figure 271 Red Hat 9.0: Kde: Network Configuration: Dns
P-334WT User’s Guide • If you have a dynamic IP address click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields.
Page 417: Figure 273 Red Hat 9.0: Dynamic Ip Address Setting In Ifconfig-Eth0
P-334WT User’s Guide 1 Assuming that you have only one network card on the computer, locate the ifconfig- configuration file (where is the name of the Ethernet card). Open the eth0 eth0 configuration file with any plain text editor. •...
Page 418: Verifying Settings
P-334WT User’s Guide Figure 276 Red Hat 9.0: Restart Ethernet Card [root@localhost init.d]# network restart Shutting down interface eth0: [OK] Shutting down loopback interface: [OK] Setting network parameters: [OK] Bringing up loopback interface: [OK] Bringing up interface eth0: [OK] 40.5.3 Verifying Settings Enter in a terminal screen to check your TCP/IP properties.
Page 419: Appendix Bip Subnetting
P-334WT User’s Guide P P E N D I X IP Subnetting IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1.
Page 420: Table 170 Allowed Ip Address Range By Class
P-334WT User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B”...
Page 421: Table 172 Alternative Subnet Mask Notation
P-334WT User’s Guide Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/”...
Page 422: Table 174 Subnet 1
P-334WT User’s Guide Note: In the following charts, shaded/bolded last octet bit values indicate host ID bits “borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have...
Page 423: Table 176 Subnet 1
P-334WT User’s Guide Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192.
Page 424: Table 179 Subnet 4
P-334WT User’s Guide Table 179 Subnet 4 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 11000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.193 192.168.1.192 Broadcast Address: Highest Host ID: 192.168.1.254 192.168.1.255...
Page 425: Table 182 Class B Subnet Planning
P-334WT User’s Guide Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID. A class “B” address has two host ID octets available for subnetting and a class “A” address has...
Page 426 P-334WT User’s Guide Appendix B IP Subnetting...
Page 427: Pppoe
P-334WT User’s Guide P P E N D I X PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP over Ethernet, RFC 2516) from your computer to an ATM PVC (Permanent Virtual Circuit) which connects to a DSL Access...
Page 428: Figure 278 Single-Computer Per Router Hardware Configuration
P-334WT User’s Guide Figure 278 Single-Computer per Router Hardware Configuration How PPPoE Works The PPPoE driver makes the Ethernet appear as a serial link to the computer and the computer runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC).
Page 429: Appendix Dpptp
P-334WT User’s Guide P P E N D I X PPTP What is PPTP? PPTP (Point-to-Point Tunneling Protocol) is a Microsoft proprietary protocol (RFC 2637 for PPTP is informational only) to tunnel PPP frames. How can we transport PPP frames from a computer to a broadband...
Page 430: Figure 281 Pptp Protocol Overview
P-334WT User’s Guide PPTP Protocol Overview PPTP is very similar to L2TP, since L2TP is based on both PPTP and L2F (Cisco’s Layer 2 Forwarding). Conceptually, there are three parties in PPTP, namely the PNS (PPTP Network Server), the PAC (PPTP Access Concentrator) and the PPTP user. The PNS is the box that hosts both the PPP and the PPTP stacks and forms one end of the PPTP tunnel.
Page 431: Figure 282 Example Message Exchange Between Computer And An Ant
P-334WT User’s Guide Figure 282 Example Message Exchange between Computer and an ANT PPP Data Connection The PPP frames are tunneled between the PNS and PAC over GRE (General Routing Encapsulation, RFC 1701, 1702). The individual calls within a tunnel are distinguished using the Call ID field in the GRE header.
Page 432 P-334WT User’s Guide Appendix D PPTP...
Page 433: Appendix E Wireless Lans
P-334WT User’s Guide P P E N D I X Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless stations (A, B, C).
Page 434: Figure 284 Basic Service Set
P-334WT User’s Guide Figure 284 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS).
Page 435: Figure 285 Infrastructure Wlan
P-334WT User’s Guide Figure 285 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.11a/b/g wireless devices. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a different channel than an adjacent AP (access point) to reduce interference.
Page 436: Figure 286 Rts/Cts
P-334WT User’s Guide Figure 286 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Page 437: Table 183 Ieee 802.11G
P-334WT User’s Guide A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size.
Page 438: Types Of Radius Messages
P-334WT User’s Guide IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.1x are:...
Page 439: Types Of Authentication
P-334WT User’s Guide • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access- Request message. The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting: •...
Page 440: Dynamic Wep Key Exchange
P-334WT User’s Guide EAP-TLS (Transport Layer Security) With EAP-TLS, digital certifications are needed by both the server and the wireless stations for mutual authentication. The server presents a certificate to the client. After validating the identity of the server, the client sends a different certificate to the server. The exchange of certificates is done in the open before a secured tunnel is created.
Page 441: Table 184 Comparison Of Eap Authentication Types
P-334WT User’s Guide For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, a simple user name and password pair is more practical. The following table is a comparison of the features of authentication types.
Page 442: Table 185 Wireless Security Relational Matrix
P-334WT User’s Guide The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering them and resending them. The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC. If they do not match, it is assumed that the data has been tampered with and the packet is dropped.
Page 443: Appendix F Log Descriptions
P-334WT User’s Guide P P E N D I X Log Descriptions This appendix provides descriptions of example log messages. Table 186 System Maintenance Logs LOG MESSAGE DESCRIPTION The router has adjusted its time based on information from the Time calibration is time server.
Page 444: Table 187 System Error Logs
P-334WT User’s Guide Table 186 System Maintenance Logs (continued) LOG MESSAGE DESCRIPTION The router is saving configuration changes. Configuration Change: PC = 0x%x, Task ID = 0x%x Someone has logged on to the router’s SSH server. Successful SSH login Someone has failed to log on to the router’s SSH server.
Page 445: Table 189 Tcp Reset Logs
P-334WT User’s Guide Table 189 TCP Reset Logs LOG MESSAGE DESCRIPTION The router sent a TCP reset packet when a host was under a SYN Under SYN flood attack, flood attack (the TCP incomplete count is per destination host.) sent TCP RST...
Page 446: Table 191 Icmp Logs
P-334WT User’s Guide Table 191 ICMP Logs LOG MESSAGE DESCRIPTION ICMP access matched the default policy and was blocked Firewall default policy: ICMP or forwarded according to the user's setting. For type and <Packet Direction>, <type:%d>, code details, see Table 203 on page 455.
Page 447: Table 194 Upnp Logs
P-334WT User’s Guide Table 193 PPP Logs (continued) LOG MESSAGE DESCRIPTION The PPP connection’s Link Control Protocol stage is closing. ppp:LCP Closing The PPP connection’s Internet Protocol Control Protocol stage is closing. ppp:IPCP Closing Table 194 UPnP Logs LOG MESSAGE DESCRIPTION UPnP packets can pass through the firewall.
Page 448: Table 196 Attack Logs
P-334WT User’s Guide Table 195 Content Filtering Logs (continued) LOG MESSAGE DESCRIPTION The connection to the external content filtering server failed. Connecting to content filter server fail License key is invalid The external content filtering license key is invalid. Table 196 Attack Logs...
Page 449: Table 197 Ipsec Logs
P-334WT User’s Guide Table 197 IPSec Logs LOG MESSAGE DESCRIPTION The router received and discarded a packet with an incorrect Discard REPLAY packet sequence number. The router received a packet that has been altered. A third party may Inbound packet have altered or tampered with the packet.
Page 450 P-334WT User’s Guide Table 198 IKE Logs (continued) LOG MESSAGE DESCRIPTION The router couldn’t resolve the IP address from the domain Cannot resolve Secure Gateway name that was used for the secure gateway address. Addr for rule <%d> The displayed ID information did not match between the two Peer ID: <peer id>...
Page 451 P-334WT User’s Guide Table 198 IKE Logs (continued) LOG MESSAGE DESCRIPTION The router was not able to use extended authentication to XAUTH fail! Username: authenticate the listed username. <Username> The listed rule’s IKE phase 1 negotiation mode did not match Rule[%d] Phase 1 negotiation between the router and the peer.
Page 452: Table 199 Pki Logs
P-334WT User’s Guide Table 198 IKE Logs (continued) LOG MESSAGE DESCRIPTION The listed rule’s IKE phase 2 did not match between the router Rule [%d] phase 2 mismatch and the peer. The listed rule’s IKE phase 2 key lengths (with the AES...
Page 453: Table 200 Certificate Path Verification Failure Reason Codes
P-334WT User’s Guide Table 199 PKI Logs (continued) LOG MESSAGE DESCRIPTION The router received directory data that was too large (the size is listed) Rcvd data <size> too from the LDAP server whose address and port are recorded in the large! Max size Source field.
Page 454: Table 201 802.1X Logs
P-334WT User’s Guide Table 200 Certificate Path Verification Failure Reason Codes (continued) CODE DESCRIPTION Database method failed. Path was not verified. Maximum path length reached. Table 201 802.1X Logs LOG MESSAGE DESCRIPTION A user was authenticated by the local user database.
Page 455: Table 202 Acl Setting Notes
P-334WT User’s Guide Table 202 ACL Setting Notes PACKET DIRECTION DIRECTION DESCRIPTION (L to W) LAN to WAN ACL set for packets traveling from the LAN to the WAN. (W to L) WAN to LAN ACL set for packets traveling from the WAN to the LAN.
Page 456: Table 204 Syslog Logs
P-334WT User’s Guide Table 203 ICMP Notes (continued) TYPE CODE DESCRIPTION Time Exceeded Time to live exceeded in transit Fragment reassembly time exceeded Parameter Problem Pointer indicates the error Timestamp Timestamp request message Timestamp Reply Timestamp reply message Information Request...
Page 457: Figure 287 Displaying Log Categories Example
1 Use the sys logs load command to load the log setting buffer that allows you to configure which logs the Prestige is to record. 2 Use sys logs category to view a list of the log categories. Figure 287 Displaying Log Categories Example Copyright (c) 1994 - 2004 ZyXEL Communications Corp. ras>? Valid commands are: exit...
Page 458: Displaying Logs
P-334WT User’s Guide Use 0 to not record logs for that category, 1 to record only logs for that category, 2 to record only alerts for that category, and 3 to record both logs and alerts for that category. Not every parameter is available with every category.
Page 459: Wall-Mounting Instructions
P-334WT User’s Guide P P E N D I X Wall-mounting Instructions Do the following to hang your Prestige on a wall. Note: See the product specifications appendix for the size of screws to use and how far apart to place them.
Page 460 P-334WT User’s Guide Appendix G Wall-mounting Instructions...
Page 461 P-334WT User’s Guide Index Numerics 110V AC 230V AC Cables, Connecting 802.1x Call Control Call History Call Scheduling Maximum Number of Schedule Sets PPPoE Precedence Precedence Example Abnormal Working Conditions Call-Trigerring Packet Accessories CDR (Call Detail Record) Active Certificate Authority...
Page 462 P-334WT User’s Guide Copyright Ethernet Encapsulation 139, 291, 292 Correcting Interference Europe Corrosive Liquids Exposure Cost Of Transmission Extended Service Set Covers Extended Service Set IDentification CTS (Clear to Send) Extended wireless security Customer Support Factory LAN Defaults Damage Fail Tolerance...
Page 463 P-334WT User’s Guide Gateway IP Addr IP Pool Setup Gateway IP Address IP Ports 381, 382 General wireless LAN screen IP Static Route Setup Germany, Contact Information Global God, act of Java 154, 207 Harmful Interference Hidden Menus Hidden node...
Page 464 P-334WT User’s Guide My Password 288, 292 Period(hr) My Server IP Addr Permission Photocopying Ping Pipes Point-to-Point Tunneling Protocol 116, 140 Pool Nailed-Up Connection POP3 Nailed-up Connection Port Numbers 138, 139, 140, 296, 332 Postage Prepaid. Applying NAT in the SMT Menus...
Page 465 P-334WT User’s Guide Receiving Antenna Security Association Registered Security Parameters Registered Trademark Separation Between Equipment and Receiver Regular Mail Serial Number Related Documentation Server 137, 138, 255, 288, 292, 305, 306, 308, 309, 311, 312, 370 Relocate Server IP Rem Node Name...
Page 466 P-334WT User’s Guide System Information & Diagnosis System Maintenance 258, 343, 345, 352, 356, 358, 363, 365, 366, 367, 369 Value System Name Vendor System Timeout Ventilation Slots Viewing Certifications Voltage Supply Voltage, High VPN monitor Tampering TCP/IP 127, 325, 326, 332 TCP/IP filter rule Telecommunication Line Cord.
Page 467 P-334WT User’s Guide Written Permission www.dyndns.org ZyNOS 3, 345, 356 ZyNOS F/W Version 345, 356 ZyXEL Communications Corporation ZyXEL Home Page ZyXEL Limited Warranty Note ZyXEL Network Operating System Index...

ZyXEL Communications P-334WT User Manual

Chapter 1 Getting to Know Your Prestige

Chapter 2 Introducing the Web Configurator

Chapter 3 Connection Wizard

Chapter 4 Wireless LAN

Chapter 5 WAN

Chapter 6 LAN

Chapter 7 DHCP Server

Chapter 8 Network Address Translation (NAT)

Chapter 9 Firewall

Chapter 10 Content Filtering

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications P-334WT

Summary of Contents for ZyXEL Communications P-334WT