7. What should I do when the power (PWR) LED is off? ....12 8. How to debug while DSL LED is off? ..........12 9. How do I verify my PC's IP address assigned by the P-793H v2? .. 12 10. What is Traffic Shaping?..............12 11.
Page 3
........................ 15 20. Can the P-793H v2's SUA handle IPSec packets sent by the IPSec gateway? ....................15 21. How do I setup my P-793H v2 for routing IPSec packets over SUA? ........................ 15 22. What is VLAN? ................16 23.
Page 4
22. How to setup Dial Backup?............85 IPSEC VPN Application Notes ........1. How to use P-793H v2 to build VPN Tunnel with another VPN Gateway/ Software?................86 2. How to build a VPN between Secure Gateway with Dynamic WAN IP Address?...................
4. How do I upgrade/backup the ZyNOS firmware by using TFTP client program via LAN? The P-793H v2 allows you to transfer the firmware from/to P-793H v2 by using TFTP program via LAN. The procedure for uploading via TFTP is as follows.
P-793H v 2 Support Notes (1) Use the TELNET client program in your PC to login to your P-793H v2, and use Menu 24.8 to enter CI command 'sys stdio 0' to disable console idle timeout (2) To upgrade firmware, use TFTP client program to put firmware in file 'ras' in the P-793H v2.
Internet concurrently for the cost of a single user account. When P-793H v2 acts as SUA receives a packet from a local client destined for the outside Internet, it replaces the source address in the IP packet header with its own address and the source port in the TCP or UDP header with another value chosen out of a local pool.
P-793H v 2 Support Notes The P-793H v2 supports NAT sets on a remote node basis. They are reusable, but only one set is allowed for each remote node. The P-793H v2 supports 8 sets since there are 8 remote nodes.
Server 2 IP<--->IGA1 14. How many network users can the SUA/NAT support? The P-793H v2 does not limit the number of the users but the number of the NAT sessions. The P-793H v2 supports 2048 sessions that you can use the 'ip nat session' command in CLI to see.
Note: In ZyNOS, you can not mix different filter groups in the same filter set. 16. How can I protect against IP spoofing attacks? The P-793H v2's filter sets provide a means to protect against IP spoofing attacks. The basic scheme is as follows:...
Page 11
P-793H v 2 Support Notes Allow packets that originate from us Filter rule setup: Filter Type =TCP/IP Filter Rule Active =Yes Destination IP Addr =a.b.c.d Destination IP Mask =w.x.y.z Action Matched =Drop Action No Matched =Forward Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask.
Moreover, only with Administrator Password, you could manage the P-793H v2 via FTP/TFTP or Telnet. 5. How do I know the P-793H v2's WAN IP address assigned by the ISP? You can view "IP Address: x.x.x.x" shown in Web Configurator „Status- >Device Information ->WAN Information‟.
If there are several VCs in the P-793H v2 but only one VC activated at one time, the P-793H v2 allocates all the Bandwidth to the VC and the VC gets full bandwidth. If another VCs are activated later, the bandwidth is yield to other VCs after ward.
VC with Peak Cell rate before yielding to other VCs. The P-793H v2 holds the parameters for shaping the traffic among its virtual channels. If you do not need traffic shaping, please set SCR = 0, MBS = 0 and PCR as the maximum value according to the line rate (for example, 2.3 Mbps...
Without DDNS, we always tell the users to use the WAN IP of the P-793H v2to reach our internal server. It is inconvenient for the users if this IP is dynamic. With DDNS supported by the P-793H v2, you apply a DNS name (e.g.,...
WAN IP of the P-793H v2. When the ISP assigns the P-793H v2 a new IP, the P-793H v2 updates this IP to DDNS server so that the server can update its IP-to-DNS entry. Once the IP-to-DNS table in the DDNS server is updated, the DNS name for your web server (i.e., www.zyxel.com.tw) is still usable.
SUA and the outside users access the server using the P-793H v2's WAN IP address. So, we have to configure the internal IPsec client as a default server (unspecified service port) when it acts a server gateway.
When the DSL connection is re-established, traffic will be fully restored. The WAN Backup Solution saves device maintenance cost and reduces loss from daily operation. In addition, P-793H v2 also performs backup functions by redirecting traffic to a specific gateway to ensure availability of the Internet connection. DSL FAQ 1.
2. How do I know the DSL line is up? You can see the DSL LEDs on the P-793H v2's front panel are on Green when the DSL physical layer is up. Note: There are two DSL LEDs: DSL1 and DSL2.
P-793H v 2 Support Notes 6. What are the signaling pins of the DSL connector? The signaling pins on the P-793H v2's DSL connector RJ11 cable are pin 3 and 4 for 2-wire mode, and pin 2, 3, 4 and 5 for 4-wire mode.
Service (DoS) attacks such as Ping of Death, SYN Flood, LAND attack, IP Spoofing, etc. It also uses stateful packet inspection to determine if an inbound connection is allowed through the firewall to the private LAN. The P-793H v2 supports Network Address Translation (NAT), which translates the private local addresses to one or multiple public addresses.
Page 22
The P-793H v2's firewall is fast. It uses a hashing function to search the matched session cache instead of going through every individual rule for a packet.
Page 23
P-793H v 2 Support Notes 6. What is Denials of Service (DoS) attack? Denial of Service (DoS) attacks are aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources.
1. How do I configure the firewall? You can use the Web Configurator to configure the firewall for P-793H v2. By factory default, if you connect your PC to the LAN Interface of P-793H v2, you can access Web Configurator via „http://192.168.1.1‟.
Page 25
The default value in this field is 0.0.0.0, which means you do not care which host is trying to telnet your P-793H v2 or access the Web Configurator of Plus: Above configuration can also be realized via SMT menu 24.11 as below: 3.
Page 26
P-793H v 2 Support Notes (1) When the firewall is turned on, all connections from WAN to LAN are blocked by the default ACL rule. To enable WWW/Telnet from WAN, you must turn the firewall off, or create a firewall rule to allow WWW/Telnet connection from WAN.
Page 28
P-793H v 2 Support Notes The P-793H v2 generates the firewall log immediately when the packet matches a firewall rule. The log for Default Firewall Policy (LAN to WAN, WAN to LAN, WAN to WAN) is generated automatically with factory default setting, but you can customize it in Web Configurator, Advanced setup, Maintenance ->...
5. What is the difference between the log and alert? A log entry is just added to the log inside the P-793H v2 and e-mailed together with all other log entries at the scheduled time as configured. An alert is e-mailed immediately after an attacked is detected.
Page 30
P-793H v 2 Support Notes Because users typically dial the their local ISP for VPN, thus, long distance phone charge is reduced than making a long direct connection to the remote office. (2).Reducing number of access lines Many companies pay monthly charges for two types access lines: (1) high- speed links for their Internet access and (2) frame relay, ISDN Primary Rate Interface or T1 lines to carry data.
Page 31
P-793H v 2 Support Notes There are two protocols provided by IPSec, they are AH (Authentication Header, protocol number 51) and ESP (Encapsulated Security Payload, protocol number 50). 8. What are the differences between 'Transport mode' and 'Tunnel mode? The IPSec protocols (AH and ESP) can be used to protect either an entire IP payload or only the upper-layer protocols of an IP payload.
Page 32
IP 202.132.154.1 DNS www.zyxel.com E-mail support@zyxel.com.tw Please note that, in P-793H v2, if "DNS" or "E-mail" type is chosen, you can still use a random string as the content, such as "this_is_P-793H v2". It's not necessary to follow the format exactly.
P-793H v 2 Support Notes 15. When should I use FQDN? If your VPN connection is P-793H v2 to P-793H v2, and both of them have static IP address, and there is no NAT router in between, you can ignore this option.
Page 34
P-793H v 2 Support Notes If your P-793H v2 is capable of VPN, you can find the VPN options in Advanced>VPN tab. For configuring a 'box-to-box VPN', there are some tips: If there is a NAT router running in the front of P-793H v2, please make sure the NAT router supports to pass through IPSec.
Page 36
IP and its service port in SUA/NAT Server Table. However, if both NAT and IPSec is enabled in P-793H v2, the edit of the table is necessary only if the connection is a non-secure connections. For secure connections, none SUA server settings are required since private IP is reachable in the VPN case.
Page 38
P-793H v 2 Support Notes function on P-793H v2. To disable it, you can either deactivate each VPN rule or issue a CI command, "ipsec switch off" from SMT menu 24.8. You can get into SMT menu via either telnet or console connection.
In this case, we use P-793H v2 which works as an DSL bridge modem to connect to the ISP. The ISP will generally give one Internet account and limit only one computer to access the Internet.
Page 40
P-793H v 2 Support Notes Setup your P-793H v2 The following procedure shows you how to configure your P-793H v2 as bridge mode. We will use Web Configurator to guide you through the related menu. (1) Configure P-793H v2 as bridge mode and configure Internet setup parameters in Web Configurator, Advanced Setup, Network ->...
Identifier) given to you by your ISP. (2) Turn off DHCP Server and configure a LAN IP for the P-793H v2 in Web Configurator, Advanced Setup, Network -> LAN. We use 192.168.1.1 as the LAN IP for P-793H v2 in this case: Step 1: Inactivate DHCP Server and apply.
Page 42
P-793H v 2 Support Notes Set up your P-793H v2 under routing mode The following procedure shows you how to configure your P-793H v2 as Routing mode for routing traffic. We will use Web Configurator to guide you through related menu.
P-793H v 2 Support Notes (2) Configure a LAN IP for the P-793H v2 and the DHCP settings in Web Configurator, Advanced Setup, Network -> LAN. 3. Internet Access scenarios 4 Wire Application 2 Wire Application Configuration Guide: Network WAN Internet Connection,...
P-793H v 2 Support Notes 1 - 2 back to back Note 1: It is also compatible with G.SHDSL 2.3Mbps application when we connect it with P-792H or P-791R. Note2 : There are two DSL led: DSL1 and DSL2. When we use one line for Internet access or back to back application, DSL1 and DSL2 will act the same as one LED.
What is DHCP Relay? DHCP stands for Dynamic Host Configuration Protocol. In addition to the DHCP server feature, the P-793H v2 supports the DHCP relay function. When it is configured as DHCP server, it assigns the IP addresses to the LAN clients.
P-793H v 2 Support Notes Setup the P-793H v2 as a DHCP Relay We could set the P-793H v2 as a DHCP Relay via menu 3.2 as below: Or via the following command in CLI: Ip dhcp enif0 mode relay Ip dhcp enif0 relay server [Server IP Address] 8.
Page 48
Cu-SeeMe, and ICQ will need to connect to the local user behind the P-793H v2. In such case, a SUA server must be configured to forward the incoming packets to the true destination behind SUA. After the required server are configured in Web Configurator, Advanced Setup, Network ->...
Page 49
P-793H v 2 Support Notes ICQ 99a None for Chat. Default/client IP For DCC, please set: ICQ -> preference -> connections -> firewall and set the firewall time out to 80 seconds in firewall setting. ICQ 2000b None for Chat None for Chat ICQ Phone 2000b None...
Page 50
Certain Quake servers do not allow multiple users to login using the same unique IP, so only one Quake user will be allowed in this case. Moreover, when a Quake server is configured behind SUA, P-793H v2 will not be able to provide information of that server on the internet.
Page 51
A service is identified by the port number. Also, since you need to specify the IP address of a server behind the P-793H v2, a server must have a fixed IP address and not be a DHCP client whose IP address potentially changes each time P-793H v2 is powered on.
Page 52
P-793H v 2 Support Notes Setup, Network -> NAT -> Port Forwarding. The outside users can access the local server using the P-793H v2's WAN IP address which can be obtained from Web Configurator, Status -> WAN Information. For example: Configuring an internal Web server for outside access (suppose the Server IP Address is 192.168.1.10 ) :...
Page 53
P-793H v 2 Support Notes Telnet SMTP DNS (Domain Name Server) www-http (Web) Configure a PPTP server behind SUA Introduction PPTP is a tunneling protocol defined by the PPTP forum that allows PPP packets to be encapsulated within Internet Protocol (IP) packets and forwarded over any IP network, including the Internet itself.
Page 54
IP address of Windows NT server. Example The following example shows how to dial to an ISP via the P-793H v2 and then establish a tunnel to a private network. There will be three items that you need to set up for PPTP application, these are PPTP server (WinNT), PPTP client (Win9x) and the P-793H v2.
Page 55
(3) P-793H v2 setup Before making a VPN connection from Win9x to WinNT server, you need to connect P-793H v2 router to your ISP first. Enter the IP address of the PPTP server (WinNT server) and the port number for PPTP as shown below: Select service name as „PPTP‟, fill in the Server IP Address, then press button...
Before making a VPN connection from the Win9x client to the NT server, you need to know the exact Internet IP address that the ISP assigns to P-793H v2 router in SUA mode and enter this IP address in the VPN dial-up dialog box.
Page 57
Configuring NAT The P-793H v2 has 8 remote nodes and so allows you to configure 8 NAT Address Mapping Sets, You must specify which NAT Address Mapping Set (1~8) to use in the remote node when you select Full Feature NAT.
Page 58
P-793H v 2 Support Notes -> NAT -> Port Forwarding. The following table explains the fields in this above screen: Field Description Option/Example This is sequence number for Address Mapping Sets 255 for SUA Internal 0.0.0.0 for the This is the starting local IP address (ILA). Start IP Many-to-One type.
Page 59
P-793H v 2 Support Notes Please note that a server can support more than one service, e.g., a server can provide both FTP and Mail service, while another provides only Web service. The following procedures show how to configure a server behind NAT. Step 1: Login Web Configurator, Advanced Setup, Network ->...
Page 61
P-793H v 2 Support Notes below: (3) Using Multiple Global IP addresses for clients and servers (One-to-One, Many-to-One, Server Set mapping types are used) In this case we have 3 IGAs from the ISP. We have two very busy internal FTP servers and also an internal general server for the web and mail.
Page 62
Step 1: In this case, we need to map ILA to more than one IGA, therefore we must choose the Full Feature option from the NAT field in currently active remote node, and assign IGA3 to P-793H v2‟s WAN IP Address. Step 2: Go to Web Configurator, Advanced Setup, Network -> NAT ->...
Page 63
P-793H v 2 Support Notes Rule 4 Setup: Select Server type to map our web server and mail server with ILA3 (192.168.1.20) to IGA3. Menu Network -> NAT -> Address Mapping should look as follows now: Step 3: Now we configure all other incoming traffic to go to our web server and mail server from Web Configurator, Advanced Setup, Network ->...
This solves the problems if your DNS server uses an IP associated with dynamic IPs. Without DDNS, we always tell the users to use the WAN IP of the P-793H v2 to access the internal server. It is inconvenient for the users if this IP is dynamic.
Page 65
WAN IP of the P-793H v2. When the ISP assigns the P-793H v2 a new IP, the P-793H v2 must inform the DDNS server the change of this IP so that the server can update its IP-to-DNS entry.
11. Network Management Using SNMP ZyXEL SNMP Implementation ZyXEL currently includes SNMP support in some P-793H v2 routers. It is implemented based on the SNMP v1, so it will be able to communicate with SNMPv1 NMSs. Further, users can also add ZyXEL's private MIB in the NMS to monitor and control additional system variables.
Page 68
Trusted SNMP messages coming from this IP address. If 0.0.0.0 is entered, the Host P-793H v2 w ill respond to all NMS m anagers. Enter the community name in each sent trap to the NMS. This Trap Trap Community must match w hat the NMS is expecting. The default is Community 'public'.
'IP Alias'. In this case, an internal router is not required. For example, the network manager can divide the local network into three networks and connect them to the Internet using P-793H v2's single user account. See the figure below.
Page 70
'IP Alias 1' and 'IP Alias 2' can be configured in Network -> LAN -> IP Alias. There are three internal virtual LAN interfaces for the P-793H v2 to route the packets from/to the three networks correctly. They are enif0 for the major network, enif0:0 for the IP alias 1 and enif0:1 for the IP alias 2.
Page 71
If the P-793H v2's DHCP server is enabled, the IP pool for the clients can be any of the three netw orks. Setup TCP/IP Enter the first LAN IP address for the P-793H v2. This w ill create the first route Setup in the enif0 interface.
IP Alias 1 w ill create the second route in the enif0:0 interface. Active it and enter the third LAN IP address for the P-793H v2. This w ill IP Alias 2 create the third route in the enif0:1 interface.
Page 73
P-793H v 2 Support Notes Cost Savings- IPPR allows organizations to distribute interactive traffic on high-bandwidth, high-cost path while using low-path for batch traffic. Load Sharing- Network administrators can use IPPR to distribute traffic among multiple paths. How does the IPPR work? A policy defines the matching criteria and the action to take when a packet meets the criteria.
15. Using Call Scheduling What is Call Scheduling? Call scheduling enables the mechanism for the P-793H v2 to run the remote node connection according to the pre-defined schedule. This feature is just like the scheduler in a video recorder which records the program according to the specified time.
Page 75
Idle Timeout(sec)= 0 Time Service in P-793H v2 There is no RTC (Real-Time Clock) chip so the P-793H v2 should launch a mechanism to get current time and date from external server in boot time. Time service is implemented by the Daytime protocol (RFC-867), Time...
IGMP to report their multicast group membership to any immediate-neighbor multicast routers so the multicast routers can decide if a multicast packet needs to be forwarded. At start up, the P-793H v2 queries all directly connected networks to gather group membership.
P-793H v 2 Support Notes IP Multicast Setup (1) Enable IGMP in P-793H v2's LAN in Web Configurator, Advanced Setup, Network -> LAN -> IP -> Advanced Setup. (2) Enable IGMP in P-793H v2's remote node in Web Configurator, Advanced Setup, Network ->...
Page 78
P-793H v 2 Support Notes Key Settings: Check the box to enable BWM on the interface. Note that if you w ould like Active to manage traffic from WAN to LAN, you should apply BWM on LAN interface. Enter the total speed to manage on this interface. This value is the budget Speed of the class tree's root.
Page 79
P-793H v 2 Support Notes Key Settings: RuleName Give this rule a name, for example, 'WWW' BW Budget Configure the bandw idth you w ould like to allocate to this rule Enter a number betw een 0 and 7 to set the priority of this class. The Priority higher the number, the higher the priority.
18. How to configure packet filter on P-793H v2? The P-793H v2 allows you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system. You can apply up to four filter sets to a particular port to block multiple types of packets.
Backup Type: Select the method that the P-793H v2 uses to check the DSL connection. Select DSL Link to have the P-793H v2 check if the connection to the DSLAM is up. Select ICMP to have the P-793H v2 periodically ping the IP address configured in the Check WAN IP Address fields.
Page 82
(usually a WAN Backup connection), it periodically checks to whether or not it can use a higher priority connection. Type the number of seconds (30 recommended) for the P-793H v2 to wait between checks. Allow more time if your destination IP address handles lots of traffic.
Page 84
1. A computer on the LAN initiates a connection by sending out a SYN packet to a receiving server on the WAN. 2. The P-793H v2 reroutes the SYN packet through Gateway B on the LAN to the WAN. 3. The reply from WAN goes directly to the computer on the LAN without going through the P-793H v2.
Page 85
Put all of your network gateways on the WAN side as the following figure shows. This ensures that all incoming network traffic passes through your P-793H v2 to your LAN. Therefore your LAN is protected. Traffic redirect LAN setup example 2:...
P-793H v 2 Support Notes 22. How to setup Dial Backup? Please refer to “20.How to setup traffic redirect in P-793H v2?” to Configure parameters in WEB Configuration “Network WAN Wan Backup”. After finishing WAN Backup Setup settings, please do below configurations for dial backup: Active: Turn on or off dial backup.
WAN backup setup.(For more descriptions, please refer to User‟s Guide). IPSEC VPN Application Notes 1. How to use P-793H v2 to build VPN Tunnel with another VPN Gateway/ Software? This page will guide you to setup a VPN connection between two Prestige routers.
Page 88
Prestige in URL field. Default LAN IP is 192.168.1.1, default password to login advanced web configurator is 1234. (2) Go to VPN Setup page to edit a VPN Rule. On P-793H v2, you could begin with Security -> VPN -> Summery:...
Page 89
P-793H v 2 Support Notes (3) On the SUMMARY menu, select a policy to edit by clicking Edit. On P- 793H v2, we can build at most 2 VPN Tunnels. Just make a click on the „Edit‟ button in the table, we can begin to configure the VPN rule. (4) In the IPSEC Setup field, toggle Active check box and give a name, Test in the example to this policy.
Page 90
P-793H v 2 Support Notes My IP Address is the WAN IP of Prestige A, 202.132.154.1 in the example. Secure Gateway Address is the remote secure gateway, Prestige B‟s WAN IP, 168.10.10.66 in the example. Local ID Type as IP, and Content as 0.0.0.0 in the example. Peer ID Type as IP, and Content as 0.0.0.1 in the example.
Page 91
P-793H v 2 Support Notes Note: If there‟s a NAT router between the two VPN Secure Gateways, we should only choose „ESP‟ VPN Protocol. The minimum length of Pre-Shared Key is 8. (8) A common VPN Rule has been completed, you can click „Apply‟ to save it. But if you want to make more special configuration, you could click „Advanced‟...
Page 92
IPSec in Prestige: (1) Check the VPN Monitor On P-793H v2 Web Configurator, Security -> VPN -> Monitor, you can check every active IPSec connections. The VPN Name, Encapsulation, and IPSec Algorithm will be shown in the Monitor Table. If you can't see the name of your IPSec rule, it means that the SA establishment fails.
We can also view the log for IPSec and IKE connections for trouble shooting. On P-793H v2, we can check the logs via Web Configurator or CLI. The log menu is also useful for troubleshooting please capture to us if necessary.
Page 94
P-793H v 2 Support Notes Most of the cases, static IP addresses are used for VPN tunneling endpoints. But for SOHO users, generally, it is a dynamic case. In this case, this IP will not be available to be predefined in the VPN box. There are some tips when configure Prestige in any dynamic case.
IP address of My IP as 0.0.0.0 and Secure Gateway as 0.0.0.0 (Here we take P-793H v2 Web Configurator as the example). Step 3: In Prestige B, please specify the IP address of My IP as 0.0.0.0 and Secure Gateway as the domain name you registered for Prestige A.
P-793H v 2 Support Notes Generally, without IPSec, to configure an internal server for outside access, we need to configure the server private IP and its service port in SUA/NAT Server Table. The NAT router then will forward the incoming connections to the internal server according to the service port and private IP entered in SUA/NAT Server Table.
Page 97
P-793H v 2 Support Notes The IP addresses we use in this example are as shown below. Branch_A Headquarter Branch_B WAN:202.3.1.1 WAN:202.1.1.1 WAN:202.2.1.1 LAN:192.168.3.1 LAN:192.168.1.1 LAN:192.168.2.1 LAN of Branch_A LAN of Headquarter LAN of Branch_B 192.168.3.0/24 192.168.1.0/24 192.168.2.0/24 Setp 1: Setup VPN in branch office A Because VPN routing enables branch offices to talk to each other via tunnels concentrated on headquarter.
Page 98
P-793H v 2 Support Notes Remote Address Type is Range Address and IP Address Start is 192.168.1.0, IP Address End is 192.168.2.255. This section covers the LAN segment of both headquarter and branch office B. (2) My IP Address is the WAN IP of Prestige in Branch_A, 202.3.1.1 in the example.
Page 99
P-793H v 2 Support Notes (3) Suppose the pre-shared key is 01234567, we should configure the same key in the corresponding rule in Headquarter VPN Gateway. (4) You can setup IKE phase 1 and phase 2 parameters by pressing Advanced button. Please make sure that parameters you set in this menu match with all the parameters with the corresponding VPN rule in headquarter.
WAN interfaces. It is designed for users with technical backgrounds who are interested in the details of the packet flow on LAN or WAN end of P-793H v2. It is also very helpful for diagnostics if you have compatibility problems you‟re your ISP or if you want to know the details of a packet for configuring a filter rule.
Page 101
P-793H v 2 Support Notes (2) Trace WAN packet Disable the capture of the LAN packet by entering: sys trcp channel enet0 none Enable to capture the WAN packet by entering: sys trcp channel mpoa00 bothw ay Enable the trace log by entering: sys trcp sw on &...
Page 102
Enable the trace log by entering: sys trcp sw on & sys trcl sw on Wait for packet passing through the P-793H v2 over LAN Disable the trace log by entering: sys trcp sw off & sys trcl sw off...
Page 105
FLASH ROM and reboot itself. An example: The 192.168.1.1 is the IP address of the P-793H v2. The local file is the source file of the ZyNOS firmware that is available in your hard disk. The remote file is the file name that will be saved in P-793H v2.
Page 106
The local file is the source file of your configuration file that is available in your hard disk. The remote file is the file name that will be saved in P-793H v2. Check the port number 69 and 512-Octet blocks for TFTP.
Using FTP client software Note: The remote file name for the firmware is 'ras' and the configuration file is 'rom-0'. Use FTP client from your workstation to connect to the P-793H v2 by Step 1 entering the IP address of the P-793H v2.
Page 108
Step 5 Use 'put' command to transfer the file to the P-793H v2. Example: Step 1: Connect to the P-793H v2 by entering the P-793H v2's IP and Administrator password in the FTP software. Set the transfer type to 'Auto- Detect' or 'Binary'.
P-793H v 2 Support Notes CI Command Reference Command Syntax and General User Interface CI has the following command syntax: command <iface | device > subcommand [param] command subcommand [param] command ? | help command subcommand ? | help General user interface: Shows the following commands and all major (sub)commands 2.
P-793H v 2 Support Notes Reference 1. PPP Numbers POINT-TO-POINT PROTOCOL FIELD ASSIGNMENTS PPP DLL PROTOCOL NUMBERS The Point-to-Point Protocol (PPP) Data Link Layer [146,147,175] contains a 16 bit Protocol field to identify the encapsulated protocol. The Protocol field is consistent with the ISO 3309 (HDLC) extension mechanism for Address fields.
Page 112
P-793H v 2 Support Notes 004d 004f Pv6 Header Compression 0051 KNX Bridging Data [ianp] 0053 Encryption [Meyer] 0055 Individual Link Encryption [Meyer] 0057 Internet Protocol version 6 [Hinden] 006f Stampede Bridging 0071 Reserved [Fox] 0073 MP+ Protocol [Smith] 007d reserved (Control Escape) [RFC1661] 007f reserved (compression inefficient) [RFC1662]...
Page 113
P-793H v 2 Support Notes 802b Novell IPX Control Protocol 802d reserved 802f reserved 8031 Bridging NCP 8033 Stream Protocol Control Protocol 8035 Banyan Vines Control Protocol 8037 reserved till 1993 8039 reserved 803b reserved 803d Multi-Link Control Protocol 803f NETBIOS Framing Control Protocol 8041 Cisco Systems Control Protocol...
Page 114
P-793H v 2 Support Notes c021 Link Control Protocol c023 Password Authentication Protocol c025 Link Quality Report c027 Shiva Password Authentication Protocol c029 CallBack Control Protocol (CBCP) c02b BACP Bandwidth Allocation Control Protocol [RFC2125] c02d BAP [RFC2125] c081 Container Control Protocol [KEN] c223 Challenge Handshake Authentication Protocol c225...
Page 115
P-793H v 2 Support Notes Code-Reject Protocol-Reject Echo-Request 10 * Echo-Reply 11 * Discard-Request 12 * Identification 13 * Time-Remaining 14 + Reset-Request [RFC1962] 15 + Reset-Reply [RFC1962] LCP Only CCP Only PPP LCP CONFIGURATION OPTION TYPES The Point-to-Point Protocol (PPP) Link Control Protocol (LCP) specifies a number of Configuration Options which are distinguished by an 8 bit Type field.
Page 116
P-793H v 2 Support Notes DCE-Identifier [SCHNEIDER] Multi-Link-Plus-Procedure [Smith] Link Discriminator for BACP [RFC2125] LCP-Authentication-Option [ Culbert] Consistent Overhead Byte Stuffing (COBS) [Carlson] Prefix elision [Bormann] Multilink header format [Bormann] IPV6CP CONFIGURATION OPTIONS IPV6CP Configuration Options allow negotiation of desirable IPv6 parameters. IPV6CP uses the same Configuration Option format defined for LCP, with a separate set of Options.
Page 117
P-793H v 2 Support Notes Puddle Jumper [RFC1962] 4-15 unassigned Hewlett-Packard PPC [RFC1962] Stac Electronics LZS [RFC1974] Microsoft PPC [RFC2118] Gandalf FZA [RFC1962] V.42bis compression [RFC1962] BSD Compress [RFC1977] unassigned LZS-DCP [RFC1967] MVRCA (Magnalink) [RFC1975] DCE [RFC1976] Deflate [RFC1979] 27-254 unassigned Reserved [RFC1962] The unassigned values 4-15 are intended to be assigned to other freely...
Page 118
P-793H v 2 Support Notes A one octet field is used in the Challenge-Handshake Authentication Protocol (CHAP) to indicate which algorithm is in use [RFC1994]. Number Name ------------------------------------------------------------------ Reserved [RFC1994] Reserved [RFC1994] Reserved [RFC1994] Reserved [RFC1994] Reserved [RFC1994] CHAP with MD5 [RFC1994] MS-CHAP [Crocker] LCP FCS-ALTERNATIVES The Point-to-Point Protocol (PPP) Link Control Protocol (LCP)
Page 119
P-793H v 2 Support Notes The Point-to-Point Protocol (PPP) Link Control Protocol (LCP) Callback Configuration Option contains an 8-bit Operations field which identifies the format of the Message. These are assigned as follows: Operation Description ---------------------------------------------------------------------------------- Location determined by user authentication. Dialing string.
Page 120
P-793H v 2 Support Notes AT-Compression-Protocol Reserved Server-information Zone-information Default-Router-Address PPP OSINLCP CONFIGURATION OPTION TYPES The Point-to-Point Protocol (PPP) OSI Network Layer Control Protocol (OSINLCP) specifies a number of Configuration Options [RFC1377] which are distinguished by an 8 bit Type field. These Types are assigned as follows: Type Configuration Option --------------------------------------------------------...
Page 121
P-793H v 2 Support Notes MAC-Address Spanning-Tree-Protocol PPP BRIDGING MAC TYPES The Point-to-Point Protocol (PPP) Bridging Control Protocol (BCP) contains an 8 bit MAC Type field which identifies the MAC encapsulated. These Types are assigned as follows: Type -------------------------------------------------------------------------------- Reserved IEEE 802.3/Ethernet with cannonical addresses IEEE 802.4 with cannonical addresses IEEE 802.5 with non-cannonical addresses...
P-793H v 2 Support Notes PPP EAP REQUEST/RESPONSE TYPES A one octet field is used in the Extensible Authentication Protocol (EAP) to indicate the function and structure of EAP Request and Response packets [RFC2284]. Type Description ----------------------------------------------------------------- Identity [RFC2284] Notification [RFC2284] Nak (Response only) [RFC2284] MD5-Challenge [RFC2284] One Time Password (OTP) [RFC2289]...
P-793H v 2 Support Notes rscs6 10006/udp rscs7 10007/udp rscs8 10008/udp rscs9 10009/udp rscsa 10010/udp rscsb 10011/udp qmaster 10012/tcp qmaster 10012/udp 3. Protocol Numbers In the Internet Protocol version 4 (IPv4) [RFC791] there is a field, called "Protocol", to identify the next level protocol. This is an 8 bit field. In Internet Protocol version 6 (IPv6) [RFC1883] this field is called the "Next Header"...
Page 128
P-793H v 2 Support Notes XNS-IDP XEROX NS IDP [ETHERNET,XEROX] TRUNK-1 Trunk-1 [BWB6] TRUNK-2 Trunk-2 [BWB6] LEAF-1 Leaf-1 [BWB6] LEAF-2 Leaf-2 [BWB6] Reliable Protocol [RFC908,RH6] Data IRTP Internet Reliable Transaction[RFC938,TXM] ISO-TP4 ISO Transport Protocol Class 4 [RFC905,RC77] NETBLT Bulk Data Transfer Protocol [RFC969,DDC1] MFE-NSP MFE Network...
Page 129
P-793H v 2 Support Notes KRYPTOLAN Kryptolan [PXL1] MIT Remote Disk Protocol [MBG] Virtual IPPC Internet Pluribus Packet Core [SHB] any distributed file system [IANA] SAT-MON SATNET Monitoring [SHB] VISA VISA Protocol [GXT1] Packet Core Utility [SHB] Protocol Network Executive[DXM2] Protocol Heart Beat [DXM2] Wang Span Network...