ZyXEL Communications P-334 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366

Ir a la página of

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones ZyXEL Communications P-334. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica ZyXEL Communications P-334 o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual ZyXEL Communications P-334 se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales ZyXEL Communications P-334, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones ZyXEL Communications P-334 debe contener:
- información acerca de las especificaciones técnicas del dispositivo ZyXEL Communications P-334
- nombre de fabricante y año de fabricación del dispositivo ZyXEL Communications P-334
- condiciones de uso, configuración y mantenimiento del dispositivo ZyXEL Communications P-334
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de ZyXEL Communications P-334 no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de ZyXEL Communications P-334 y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico ZyXEL Communications en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de ZyXEL Communications P-334, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo ZyXEL Communications P-334, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual ZyXEL Communications P-334. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    Prestige 334 Broadband Router with Firewall User ’ s Guide V ersion 3.60 12/2004[...]

  • Página 2

    Prestige 334 User’s Guide Copyright 2 Copyright Copyright © 2004 by ZyXEL Communications Corpo ration. The contents of this publication may not be reprod uced in any part or as a whole, transcribed, stored in a retrieval system, tran slated into any language, or transmitted in any form or by any means, el ectronic, mechanical , magnetic, optical[...]

  • Página 3

    Prestige 334 User’s Guide 3 Federal Communications Commission (FCC) Interference Statement Federal Communications Commission (FCC) Interference S t atement This device complies with Part 15 of FCC rul es. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any inter[...]

  • Página 4

    Prestige 334 User’s Guide ZyXEL Limited Warranty 4 ZyXEL Limited W arranty ZyXEL warrants to the original en d user (purchaser) that this product is free from any defects in materials or workmansh ip for a period of up to tw o years from the date of purchase . During the warranty period, and upon proof of purchase, should the product have ind ica[...]

  • Página 5

    Prestige 334 User’s Guide 5 ZyXEL Limited Warranty[...]

  • Página 6

    Prestige 334 User’s Guide Customer Support 6 Customer Support Please have the following information r eady when you contact customer support. • Product model and serial number . • W arranty Information. • Date that you received your de vice. • Brief description of the problem and the steps yo u took to solve i t. METHOD LOCATION SUPPORT E[...]

  • Página 7

    Prestige 334 User’s Guide 7 Customer Suppo rt a. “+” is the (prefix) number yo u enter to make an international telephone call.[...]

  • Página 8

    [...]

  • Página 9

    Prestige 334 User’s Guide Table of Contents 8 T able of Content s Copyright .................. ............................................................................................... . 2 Federal Communications Commissi on (FCC) Interference St atement ............... 3 ZyXEL Limited W arranty ..............................................[...]

  • Página 10

    Prestige 334 User’s Guide 9 Table of Contents 1.2.2.17 Port Forwarding .................... ................ ................ ............. ............ 35 1.2.2.18 DHCP (Dynamic Host Configuration Protocol) ......................... .....35 1.2.2.19 Full Network Management ...... .......... ............. ................ ............. ..35 1.2.2[...]

  • Página 11

    Prestige 334 User’s Guide Table of Contents 10 4.5 Configuring Password ............... ............. ............. ................ ............. ............. .....60 4.6 Configuring T ime Setting ........................ ................ ............. ................ ............. ..60 Chapter 5 LAN Screens ...................................[...]

  • Página 12

    Prestige 334 User’s Guide 11 Table of Contents 7.3.1 Default Server IP Address .. ............. ................ ............. ................ ............ 91 7.3.2 Port Forwarding: Serv ices and Port Numbers .............. ............. ............... 91 7.3.3 Configuring Servers Behind SUA (E xample) ... ................ ............. .......[...]

  • Página 13

    Prestige 334 User’s Guide Table of Contents 12 Chapter 1 1 Firewall ........................................... ..................................................... .................. 126 1 1.1 Introduction ................. ................ ................ ............. ................ ............. .......... 126 1 1.1.1 What is a Firewall? [...]

  • Página 14

    Prestige 334 User’s Guide 13 Table of Contents 14.1.3.1 Encryption .. ... .......... ............. ............. ................ ............. ............. 150 14.1.3.2 Data Confidentiality .............. ............. ............. ................ ............. 151 14.1.3.3 Data Integrity . ............. ............. ............. ..........[...]

  • Página 15

    Prestige 334 User’s Guide Table of Contents 14 15.17.2 T elecommuters U sing Unique VPN Rules Example .... .................... ...181 15.18 VPN and Remote Management ................... ................ ................ ................ 182 Chapter 16 Centralized Logs ...................................................................... .......[...]

  • Página 16

    Prestige 334 User’s Guide 15 Table of Contents Chapter 21 Menu 3 LAN Setup .............. ..................................................... ............................ 212 21.1 LAN Setup .. ................ ............. ................ ............. ................ ............. ............. 212 21.1.1 General Ethernet Se tup . .........[...]

  • Página 17

    Prestige 334 User’s Guide Table of Contents 16 25.5 General NA T Ex amples ..................... ...... ............. ............. ................ ............. 244 25.5.1 Example 1: In ternet Access Only ...... ................ ............. ............. .......... 245 25.5.2 Example 2: In ternet Access with an I nside Se rver ..... .........[...]

  • Página 18

    Prestige 334 User’s Guide 17 Table of Contents 29.3.1.1 CDR .................. ............. ................ ............. ................ ............. ...279 29.3.1.2 Packet triggered ......... .......... ....... ............ ................. ............ .......279 29.3.1.3 Filter log ................. ................ ............. .......[...]

  • Página 19

    Prestige 334 User’s Guide Table of Contents 18 Chapter 32 Remote Management .................................................... ....................................... 306 32.1 Remote Management ....... ................. ................ ............. ................ ................ 306 32.1.1 Remote Management Limitations .. ....... .........[...]

  • Página 20

    Prestige 334 User’s Guide 19 Table of Contents Appendix H TMSS .............................................................................. ....................................... 356 Appendix I Triangle Route ............................................................... ....................................... 360[...]

  • Página 21

    Prestige 334 User’s Guide List of Figure s 20 List of Figures Figure 1 Secure Internet Acce ss via Cable, DSL or Wireless Modem ......... ................ ....... 36 Figure 2 VPN Application ... ................ ............. ................ ................ ............. ................ ....... 37 Figure 3 Change Password Screen .......... ...[...]

  • Página 22

    Prestige 334 User’s Guide 21 List of Figures Figure 37 S tatic Route: Edit .................. ............. ................. ............ ................. ................ ... 10 4 Figure 38 Configuring UPnP ........ ................ ................ ............. ................ ................ .......... 108 Figure 39 Service Settings .....[...]

  • Página 23

    Prestige 334 User’s Guide List of Figure s 22 Figure 80 Network T emporarily Disconnected .......................... ................ ................ .......... 195 Figure 81 Maintenance Configur ation ............. ................ ............. ................ ............. .......... 196 Figure 82 Configuration Restore Successful ... .......[...]

  • Página 24

    Prestige 334 User’s Guide 23 List of Figures Figure 123 Menu 15.2.1 Specifyi ng an Inside Server ............... ................ ............. ............. 246 Figure 124 NA T Example 3 ... ................ ............. ................. ................ ............. ................ ... 247 Figure 125 NA T Example 3: Menu 1 1.3 .............[...]

  • Página 25

    Prestige 334 User’s Guide List of Figure s 24 Figure 166 V alid Commands . ................ ............. ................. ............ ................. ................ ... 299 Figure 167 Menu 24.9 System Maintenance : Ca ll C ontrol .......... ................ ............. .......... 299 Figure 168 Budget Management ........ ................[...]

  • Página 26

    Prestige 334 User’s Guide 25 List of Figures[...]

  • Página 27

    Prestige 334 User’s Guide List of Tables 26 List of T ables T able 1 Screens Summary .......... ............. ................ ................ ............. ................ ............. 41 T able 2 Wizard 2: Ethernet Encapsulation .. ................ ................ ................ ................ ....... 46 T able 3 Wizard 2: PPPoE Encaps [...]

  • Página 28

    Prestige 334 User’s Guide 27 List of Tables T able 37 Content Filter ......... ............. ................ ............. ................ ............. ................ ...... .1 3 5 T able 38 Remote Management: WW W .......... ....... ......... ............. ................ ............. .......... 140 T able 39 Remote Management: T elnet ..[...]

  • Página 29

    Prestige 334 User’s Guide List of Tables 28 T able 80 Applying NA T in Menus 4 & 1 1.3 ........ ................. ................ ................ ................ 238 T able 81 SUA Address Mapping Rules .......... ................ ................ ............. ................ ....... 240 T able 82 Menu 15.1.1 Firs t Set ......... ........[...]

  • Página 30

    Prestige 334 User’s Guide 29 List of Tables[...]

  • Página 31

    Prestige 334 User’s Guide Preface 30 Preface Congratulations on your p u rchase of the Presti ge 334 Broadband Router with Firewall. This manual is designed to guide you through the configuration of your Prestige for its various applications. This manual may refer to the Prest ige 334 or Broadband Router with Firewall as the Prestige. About This [...]

  • Página 32

    Prestige 334 User’s Guide 31 Preface User Guide Feedback Help us help you! E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The T echnical W riting T eam, ZyXEL Communications Corp., 6 In novatio n Road II, Science-Based Industrial Park, Hsinchu, 300, T aiwan. Tha[...]

  • Página 33

    Prestige 334 User’s Guide Chapter 1 Getting to K now Your Pr estige 32 C HAPTER 1 Getting to Know Y our Prestige This chapter introduces the main featur es and applications of the Prestige. 1.1 Prestige Internet Security Gateway Overview The Prestige is the ideal secure ga teway for all data passing between the Internet and LAN’ s. By integrati[...]

  • Página 34

    Prestige 334 User’s Guide 33 Chapter 1 Getting to Know Your Prestige 1.2.1.5 Reset Button The Prestige reset button is built into the rear panel. Use this button to restore the factory default password to 1234 ; IP address to 192.168.1 .1, subnet mask to 255.25 5.255.0 and DHCP server enabled with a pool of 32 IP addresses starting at 192.168.1.3[...]

  • Página 35

    Prestige 334 User’s Guide Chapter 1 Getting to K now Your Pr estige 34 1.2.2.7 Universal Plug and Play (UPnP) Using the standard TCP/IP protocol, the Pr estige and other UPnP enabled devic es can dynamically join a network, obtain an IP addr ess and convey its capab ilities to other devices on the network. 1.2.2.8 Call Scheduling Configure call t[...]

  • Página 36

    Prestige 334 User’s Guide 35 Chapter 1 Getting to Know Your Prestige 1.2.2.14 SNMP SNMP (Simple Network Management Protoc ol) is a protocol u sed for exch anging management information b etween network devices. SNMP is a member of the TCP/IP protocol suite. Y o ur Prestige supports SNMP agent functionality , wh ich allows a mana ger station to ma[...]

  • Página 37

    Prestige 334 User’s Guide Chapter 1 Getting to K now Your Pr estige 36 • Unix syslog facility support. • Firewall logs. • Content filtering logs. 1.2.2.22 Upgrade Prest ige Firmware via LAN The firmware of the Prestige can be upgraded via the LAN ( r efer to Maintenance- F/W Upload Scr een) . 1.2.2.23 Embedded FTP and TFTP Servers The Prest[...]

  • Página 38

    Prestige 334 User’s Guide 37 Chapter 1 Getting to Know Your Prestige Figure 2 VPN Application[...]

  • Página 39

    Prestige 334 User’s Guide Chapter 2 Introducing the Web Configur ator 38 C HAPTER 2 Introducing the W eb Configurator This chapter describes how to access the Prestige web config urator and provides an overview of its screens. 2.1 W eb Configurator Overview The embedded web configurator allows you to manage the Prestige fro m anywhere through a b[...]

  • Página 40

    Prestige 334 User’s Guide 39 Chapter 2 Introducing the Web Configurator Figure 3 Change Password Screen Y ou should now see the MAIN MENU screen ) 2.3 Resetting the Prestige If you forget your password or cannot access th e web configurator , you will need to use the RESET button at the back of the Pres tige to reload the factory-defa ult configu[...]

  • Página 41

    Prestige 334 User’s Guide Chapter 2 Introducing the Web Configur ator 40 • Click to view the web configurator in the language of your choic e. • Click LOGOUT at any time to exit the web configurator . • Click MAINTENANCE to view information about your Prestige or upgrade configuration/firmware files. Maintenance includes St a t u s (S tatis[...]

  • Página 42

    Prestige 334 User’s Guide 41 Chapter 2 Introducing the Web Configurator The following table describes the sub-menus. Table 1 Screens Summary LINK TA B FUNCTION WIZARD SETUP Use these screens for initial co nfiguration including general setup, ISP parameters for In ternet Access and WAN IP/DNS Server/MAC address assignme nt. SYSTEM General This sc[...]

  • Página 43

    Prestige 334 User’s Guide Chapter 2 Introducing the Web Configur ator 42 REMOTE MGMT TELNET Use this screen to configure through which inte rface(s) and from which IP address(es) users can use T elnet to manage the Prestige. FTP Use this screen to configure through which inte rface(s) and from which IP address(es) users can use FTP to acce ss the[...]

  • Página 44

    Prestige 334 User’s Guide 43 Chapter 2 Introducing the Web Configurator[...]

  • Página 45

    Prestige 334 User’s Guide Chapter 3 Wizard Setup 44 C HAPTER 3 W izard Setup This chapter provides informa tion on the W izard Setup screens in the web configurator . 3.1 Wizard Setup Overview The web configurator ’ s setup w izard helps you configure your devic e to access the Internet. The second screen has three variations dependi ng on what[...]

  • Página 46

    Prestige 334 User’s Guide 45 Chapter 3 Wizard Setup Figure 5 Wizard 1: General Setup 3.3 Wizard Setup: Screen 2 The Prestige offers three choices of encapsulation. They are Ethernet , PPP over Ethernet or PP TP . 3.3.1 Ethernet Choose Ethernet when the W AN po rt is used as a r egular Ethernet.[...]

  • Página 47

    Prestige 334 User’s Guide Chapter 3 Wizard Setup 46 Figure 6 Wizard 2: Ethernet Encap sulation The following table describes the labels in this screen. Table 2 Wizard 2: Ethernet Enca psulation LABEL DESCRIPTION ISP Parameters fo r Internet Access Encapsulation Y ou must choose the Ethernet option when the W AN port is us ed as a regular Ethernet[...]

  • Página 48

    Prestige 334 User’s Guide 47 Chapter 3 Wizard Setup 3.3.2 PPPoE Encap sulation Point-to-Point Protocol ov er Ethernet (PPPoE) function s as a dial-up connection. PPPoE is an IETF (Internet Engineering T ask Force) draft standard specifying how a host personal computer interacts with a broadband modem (for example DSL, cable, wireless, etc.) to ac[...]

  • Página 49

    Prestige 334 User’s Guide Chapter 3 Wizard Setup 48 Figure 7 Wizard 2: PPPoE Encapsulation The following table describes the labels in this screen. 3.3.3 PPTP Encap sulation Point-to-Point T unneling Protocol (PP TP) is a network protoc ol that enables transfers of da ta from a remote client to a private server , crea ting a V irtual Private Netw[...]

  • Página 50

    Prestige 334 User’s Guide 49 Chapter 3 Wizard Setup Refer to the appendix for more information on PP TP . Figure 8 Wizard 2: PPTP Encapsulation The following table describes the fields in this screen Note: The PRESTIGE supports one PP TP server connection at any given time. Table 4 Wizard 2: PPTP Encapsulation LABEL DESCRIPTION ISP Parameters fo [...]

  • Página 51

    Prestige 334 User’s Guide Chapter 3 Wizard Setup 50 3.4 Wizard Setup: Screen 3 The fifth wizard screen allows you to configure W AN IP address assignment, DNS server address assignment and the W AN MAC address. 3.4.1 W AN IP Address Assignment Every computer on the Internet must have a unique IP address. If your networks are is olated from the In[...]

  • Página 52

    Prestige 334 User’s Guide 51 Chapter 3 Wizard Setup Where you obtain your netwo rk number depends on your particular situation. If the ISP or your network administrator assigns yo u a bloc k of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not expl icitly give you an IP networ[...]

  • Página 53

    Prestige 334 User’s Guide Chapter 3 Wizard Setup 52 Y ou can configure the W AN port's MAC address by either using the factory default or cloning the MAC address from a computer on your LAN. Onc e it is successfully configured, the address will be copied to the "r om" file (ZyNOS configuration f ile). It will not change unless you [...]

  • Página 54

    Prestige 334 User’s Guide 53 Chapter 3 Wizard Setup 3.5 Basic Setup Complete Click Back to return to the previous screen or click Finish to complete and save the wizard setup. Gateway IP Address T ype the IP address of the gateway . The ga teway is an imme diate neighbour of your Prestige that will forward the packet to the destination. The gatew[...]

  • Página 55

    Prestige 334 User’s Guide Chapter 3 Wizard Setup 54 Figure 10 Wizard Fi nish W ell done! Y ou have successfully set up your Pr estige to operate on your network and access the Internet.[...]

  • Página 56

    Prestige 334 User’s Guide 55 Chapter 3 Wizard Setup[...]

  • Página 57

    Prestige 334 User’s Guide Chapter 4 Syst em Screens 56 C HAPTER 4 System Screens This chapter provides informa tion on the System screens. 4.1 System Overview See the Wi z a r d S e t u p chapter for more informatio n on the next few screens. 4.2 Configuring General Setup Click SYSTEM to open the General screen.[...]

  • Página 58

    Prestige 334 User’s Guide 57 Chapter 4 Syste m Screens Figure 1 1 System General Setup The following table describes the labels in this screen. Table 8 System Gene ral Setup LABEL DESCRIPTION System Name Choose a descriptive name for identification purposes. It is recommended you enter your computer ’s “Computer name” in this field (see the[...]

  • Página 59

    Prestige 334 User’s Guide Chapter 4 Syst em Screens 58 4.3 Dynamic DNS Dynamic DNS allows you to update your curre nt dynamic IP address with one or many dynamic DNS services so that anyone can c ont act you (in NetMeeting, CU-SeeMe, etc.). Y ou can also access your FTP server or W eb site on your own computer using a domain name (for instance my[...]

  • Página 60

    Prestige 334 User’s Guide 59 Chapter 4 Syste m Screens Figure 12 DDNS The following table describes the labels in this screen. Table 9 DDNS LABEL DESCRIPTION Active Select this check box to use dynamic DNS. Service Provider Select the name of your Dy namic DNS service provider . DDNS T ype Select the type of service th at you ar e registered fo r[...]

  • Página 61

    Prestige 334 User’s Guide Chapter 4 Syst em Screens 60 4.5 Configuring Password T o change your Prestige’ s password (recommended), click SYSTEM , then the Password tab. The screen appears as shown. This screen a llows you to change the Prestige’ s password. Figure 13 Password The following table describes the labels in this screen. 4.6 Confi[...]

  • Página 62

    Prestige 334 User’s Guide 61 Chapter 4 Syste m Screens Figure 14 Ti m e S etting The following table describes the labels in this screen. Table 11 Time Setting LABEL DESCRIPTION Use T ime Server when Bootup Select the time service protocol that your time server sends when you turn on the Prestige. Not all time servers support all protocols, so yo[...]

  • Página 63

    Prestige 334 User’s Guide Chapter 4 Syst em Screens 62 New Date This field disp lays the last updated date from the time server . When you select None in the Time Pro tocol field, enter the new date in this field and then click Apply . Ti m e Z o ne Choose th e T ime Zon e of your location. This will set the time difference between your time zone[...]

  • Página 64

    Prestige 334 User’s Guide 63 Chapter 4 Syste m Screens[...]

  • Página 65

    Prestige 334 User’s Guide Chapter 5 LAN Screens 64 C HAPTER 5 LAN Screens This chapter describes how to configure LAN settings. 5.1 LAN Overview Local Area Network (LAN) is a shared communic ation system to which many computers are attached. The LAN screens can help you config ure a LAN DHCP server, ma nage IP addresses, and partition your physic[...]

  • Página 66

    Prestige 334 User’s Guide 65 Chapter 5 LA N Screens • IP address of 1 92.168.1.1 with subn et mask of 255.255.25 5.0 (24 bits) • DHCP server enabled with 32 client IP addresses starting from 192.168.1.33. These parameters should work fo r the majority of installations . If your ISP gives yo u explicit DNS server address(es), read the embedde [...]

  • Página 67

    Prestige 334 User’s Guide Chapter 5 LAN Screens 66 224.0.0.0 is not assigned to any group and is used by IP multicast computers. The address 224.0.0.1 is used for query messages and is assi gned to the permanent group of all IP hosts (including gateways). All hosts must join the 22 4.0.0.1 group in order to participate in IGMP . The address 224.0[...]

  • Página 68

    Prestige 334 User’s Guide 67 Chapter 5 LA N Screens Figure 15 LAN IP The following table describes the labels in this screen. Table 12 LAN IP LABEL DESCRIPTION DHCP Server DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allow s individual clients (computers) to obtain TC P/IP configuration at startup from a server . Leave the DH[...]

  • Página 69

    Prestige 334 User’s Guide Chapter 5 LAN Screens 68 First DNS Server Second DNS Server Third DNS Server Select From ISP if your ISP dynamically assign s DNS server information (and the Prestige's W A N IP address). The field to the right displays the (read-only) DNS server IP address that the ISP assigns. Select User-Defined if you have the I[...]

  • Página 70

    Prestige 334 User’s Guide 69 Chapter 5 LA N Screens 5.5 Configuring S tatic DHCP This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Med ia Access Control) addre ss. The MAC address is assigned at the factory and consists of six pairs of hex[...]

  • Página 71

    Prestige 334 User’s Guide Chapter 5 LAN Screens 70 Figure 16 S tatic DHCP The following table describes the labels in this screen. 5.6 Configuring IP Alias IP Alias allows you to partition a physical netw ork into dif ferent logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physic[...]

  • Página 72

    Prestige 334 User’s Guide 71 Chapter 5 LA N Screens Figure 17 IP Alias The following table describes the labels in this screen. Table 14 IP Alias LABEL DESCRIPTION IP Alias 1,2 Select the check box to configure another LAN network fo r the Prestige. IP Address Enter the IP address of your Pres tige in dotted decimal notation. IP Subnet Mask Y our[...]

  • Página 73

    Prestige 334 User’s Guide Chapter 6 WAN Screens 72 C HAPTER 6 W AN Screens This chapter describes how to configure W AN settings. 6.1 W AN Overview See the Wi z a r d S e t u p chapter for more information on the fields in the W AN screens. 6.2 TCP/IP Priority (Metric) The metric represents the "cost of transmissi on". A router determin[...]

  • Página 74

    Prestige 334 User’s Guide 73 Chapter 6 WAN Screen s Figure 18 WA N : Ro ut e The following table describes the labels in this screen. 6.4 Configuring W AN ISP T o change your Prestige’ s W AN ISP settings, click WA N , then the WA N I S P tab. The screen differs by the encapsulation. 6.4.1 Ethernet Encap sulation The screen shown next is for Et[...]

  • Página 75

    Prestige 334 User’s Guide Chapter 6 WAN Screens 74 Figure 19 Ethernet Encapsulation The following table describes the labels in this screen. 6.4.2 PPPoE Encap sulation The Prestige supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF Draft standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband m[...]

  • Página 76

    Prestige 334 User’s Guide 75 Chapter 6 WAN Screen s For the service provider , PPPoE of fers an acces s and authentication method that works with existing access control systems (for exampl e Radius). PPPoE provides a login and authentication method that the existing Microsoft Dial-Up Networ king software ca n activate, and therefore requires no [...]

  • Página 77

    Prestige 334 User’s Guide Chapter 6 WAN Screens 76 Figure 20 PPPoE Encapsulation The following table describes the labels in this screen. Table 17 PPPoE Encapsulation LABEL DESCRIPTION ISP Parameters fo r Internet Access Encapsulation The PPP over Ethernet choice is for a dial-up connection using PPPoE. The Prestige supports PPPoE (Point-to-P oin[...]

  • Página 78

    Prestige 334 User’s Guide 77 Chapter 6 WAN Screen s 6.4.3 PPTP Encap sulation Point-to-Point T unneling Protocol (PP TP) is a ne twork protocol that enables secure transfer of data from a remote client to a private server , creating a V irtual Private Network (VPN) using TCP/IP-based networks. PP TP supports on-demand, multi-protoco l and virtual[...]

  • Página 79

    Prestige 334 User’s Guide Chapter 6 WAN Screens 78 6.5 Configuring W AN IP T o change your Prestige’ s W AN IP settings, click WA N , then the WA N I P tab. This screen varies according to the type of encapsulation you select. If your ISP did not assign you a fixed IP address, click Get automatically from ISP (Default );otherwise click Use fixe[...]

  • Página 80

    Prestige 334 User’s Guide 79 Chapter 6 WAN Screen s Figure 22 WA N : IP The following table describes the labels in this screen. Table 19 WAN: I P LABEL DESCRIPTION W AN IP Address Assignmen t Get automatically from ISP Select this option If your ISP did not assi gn you a fixed IP address. This is the default selection. Use fixed IP address Selec[...]

  • Página 81

    Prestige 334 User’s Guide Chapter 6 WAN Screens 80 Network Address T ransla tion Network Address T ransl ation (NA T) allows the translation of an Internet protocol address used wi thin one n etw ork (for example a private IP add ress used in a local network) to a different IP address known wi thin another netwo rk (for example a public IP addres[...]

  • Página 82

    Prestige 334 User’s Guide 81 Chapter 6 WAN Screen s 6.6 Configuring W AN MAC T o change your Prestige’ s W AN MAC settings, click WA N , then the W AN MAC tab. The screen appears as shown. Figure 23 MAC Setup The MAC address screen allows users to conf igure the W AN port's MAC a ddress by either using the factory default o r cloning the M[...]

  • Página 83

    Prestige 334 User’s Guide Chapter 6 WAN Screens 82 Otherwise, click Spoof this computer's MAC addr ess - IP Address and enter the IP address of the computer on the LAN w hose MAC you ar e cloning. Once it is successfully configured, the address will be copied to the rom file (ZyNOS configuration file). It will not change unless you change th[...]

  • Página 84

    Prestige 334 User’s Guide 83 Chapter 6 WAN Screen s Figure 25 T raffic Redirect LAN Setup 6.8 Configuring T raffic Redirect T o change your Prestige’ s T r affic Redirect settings, click WA N , then the T r affic Redirect tab. The screen appears as shown. Figure 26 W AN: Traffic Redirect The following table describes the labels in this screen. [...]

  • Página 85

    Prestige 334 User’s Guide Chapter 6 WAN Screens 84 Metric This field sets this route's priority among th e routes the Prestige uses. The metric represents the "cost of transm ission". A router determines the best route for transmission by choosin g a path with the lowest "cost". RIP routing u ses hop count as the measurem[...]

  • Página 86

    Prestige 334 User’s Guide 85 Chapter 6 WAN Screen s[...]

  • Página 87

    Prestige 334 User’s Guide Chapter 7 Network Address Translatio n (NAT) Screens 86 C HAPTER 7 Network Address T ranslation (NA T) Screens This chapter discusses how to configure NA T on the Prestige. 7.1 NA T Overview NA T (Network Address Translation - NA T , RFC 1631) is the translation of the IP address of a host in a packet. For example, the s[...]

  • Página 88

    Prestige 334 User’s Guide 87 Chapter 7 Network Addre ss Translation (NAT) Screen s 7.1.2 What NA T Does In the simplest form, NA T changes the sour ce IP address in a packet received from a subscriber (the inside local address) to anothe r (the inside global address) before forwarding the packet to the W AN side. When the response comes back, NA [...]

  • Página 89

    Prestige 334 User’s Guide Chapter 7 Network Address Translatio n (NAT) Screens 88 Figure 27 How NA T W orks 7.1.4 NA T Application The following figure illustrates a possible NA T application, wher e three inside LANs (logical LANs using IP Alias) behind the Prestige can communicate with three distinct W AN networks. More examples follow at the e[...]

  • Página 90

    Prestige 334 User’s Guide 89 Chapter 7 Network Addre ss Translation (NAT) Screen s Figure 28 NA T Application With IP Alias 7.1.5 NA T Mapping T ypes NA T supports five types of IP/port mapping. They are: • One to One : In One-to-One mode, the Prestige maps one local IP address to one global IP address. • Many to One : In Many-to-One mode, th[...]

  • Página 91

    Prestige 334 User’s Guide Chapter 7 Network Address Translatio n (NAT) Screens 90 The following table summarizes these types. 7.2 Using NA T 7.2.1 SUA (Single User Account) V ersus NA T SUA (Single User Account) is a ZyNOS implemen tation of a subset of NA T that supports two types of mapping, Many-to-One and Server . The Prestige also supports F[...]

  • Página 92

    Prestige 334 User’s Guide 91 Chapter 7 Network Addre ss Translation (NAT) Screen s Y ou may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server . The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown serv[...]

  • Página 93

    Prestige 334 User’s Guide Chapter 7 Network Address Translatio n (NAT) Screens 92 The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers. Please also re fer to the Supporting CD for more examples and details on SUA/NA T. 7.3.3 Configuring Ser vers Behind SUA (Example)[...]

  • Página 94

    Prestige 334 User’s Guide 93 Chapter 7 Network Addre ss Translation (NAT) Screen s Figure 29 Multiple Servers Be hind NA T Example 7.4 Configuring SUA Server Click SUA/NA T to open the SUA Server screen. Refer to T able 23 for port numbers commonly u sed for particular services. Note: If you do not assign a Default Server IP Address, the Prestige[...]

  • Página 95

    Prestige 334 User’s Guide Chapter 7 Network Address Translatio n (NAT) Screens 94 Figure 30 SUA/NA T Setup The following table describes the labels in this screen. Table 24 SUA/NAT Setup LABEL DESCRIPTION Default Server In addition to the servers for specifi ed services, NA T supports a default server . A default server receives packets from port[...]

  • Página 96

    Prestige 334 User’s Guide 95 Chapter 7 Network Addre ss Translation (NAT) Screen s 7.5 Configuring Address Mapping Ordering your rules is important because the Pr estige applies the rules in the order that you specify . When a rule matches the c urrent pack et, the Prestige take s the corresponding action and the remaining rules are ignored. If t[...]

  • Página 97

    Prestige 334 User’s Guide Chapter 7 Network Address Translatio n (NAT) Screens 96 7.5.1 Configuring Address Mapping T o edit an address mapping rule, select the radio button of a rule and click the Edit button to display the screen shown next. Ty p e 1. One-to-One mode maps one local IP address to one global IP address. Note that port numbers do [...]

  • Página 98

    Prestige 334 User’s Guide 97 Chapter 7 Network Addre ss Translation (NAT) Screen s Figure 32 Address Mapping Edit The following table describes the labels in this screen. Table 26 Address Mapp ing Edit LABEL DESCRIPTION Ty p e Choose the port mapping type from one of the following. 1. One-to-One : One-to-one mode map s one local IP address to one[...]

  • Página 99

    Prestige 334 User’s Guide Chapter 7 Network Address Translatio n (NAT) Screens 98 7.6 T rigger Port Forwarding Some services use a dedicated range of ports on the client side and a dedica ted range of ports on the server side. W ith regular port forwarding you set a forwarding port in NA T to forward a service (coming in from the server on the W [...]

  • Página 100

    Prestige 334 User’s Guide 99 Chapter 7 Network Addre ss Translation (NAT) Screen s 7.6.2 T w o Point s T o Remember About T rigger Port s 1 T rigger events only happen on data that is going coming from inside the Prestige and going to the outside. 2 If an application needs a continuous data stream, that port (range) will be tied up so that anothe[...]

  • Página 101

    Prestige 334 User’s Guide Chapter 7 Network Address Translatio n (NAT) Screens 100 Incoming Incoming is a port (or a range of ports) that a server on the W AN uses when it sends out a particular service. The Prestige forwar ds the traffic with this port (or range of ports) to the client computer on t he LAN that requested the service. St a r t P [...]

  • Página 102

    Prestige 334 User’s Guide 101 Chapt er 7 Network Ad dress Transla tion (NAT) Scr eens[...]

  • Página 103

    Prestige 334 User’s Guide Chapter 8 Static Route Screens 102 C HAPTER 8 S t atic Route Screens This chapter shows you how to config ure static routes for your Prestige. 8.1 St atic Route Overview Each remote node specifies only the network to which the gateway is di rectly connected, and the Prestige has no knowledge of the networks beyon d. For [...]

  • Página 104

    Prestige 334 User’s Guide 103 Chapter 8 Static Route Screens Figure 36 S tatic Route The following table describes the labels in this screen. 8.2.1 Configuring Route Entr y Select a static route index numb er and click Edit . The screen shown next appears. Fill in the required information for each static route. Table 28 Stati c Route LABEL DESCRI[...]

  • Página 105

    Prestige 334 User’s Guide Chapter 8 Static Route Screens 104 Figure 37 S tatic Route: Edit The following table describes the labels in this screen. Table 29 Static Route: Edit LABEL DESCRIPTION Route Name Enter the n ame of the IP static route. Leave this field blank to delete this static route. Active This field allows you to activa te /deactiva[...]

  • Página 106

    Prestige 334 User’s Guide 105 Chapter 8 Static Route Screens[...]

  • Página 107

    Prestige 334 User’s Guide Chapter 9 UPnP 106 C HAPTER 9 UP N P This chapter introduces the Universal Plug and Play feature. 9.1 Universal Plug and Play Overview Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectiv ity between devices. A UPnP device can dynamically joi[...]

  • Página 108

    Prestige 334 User’s Guide 107 Chapter 9 UPnP All UPnP-enabled devices may communicate freely with eac h other without additional configuration. Disable UPnP if this is not your intention. 9.2 UPnP and ZyXEL ZyXEL has achieved UPnP certification from th e Universal Plug and Play Forum Creates UPnP™ Implementers Corp. (UIC). ZyXEL' s UPnP im[...]

  • Página 109

    Prestige 334 User’s Guide Chapter 9 UPnP 108 Figure 38 Configuring U PnP The following table describes the labels in this screen. 9.4 Inst alling UPnP in Windows Example This section shows ho w to install UPnP in W indows Me and W indows XP . Table 30 Configuring U PnP LABEL DESCRIPTION Enable the Universal Pl ug and Play (UPnP) feature Select th[...]

  • Página 110

    Prestige 334 User’s Guide 109 Chapter 9 UPnP 9.4.1 Inst alling UPnP in Windows Me Follow the steps below to in stall UPnP in W indows Me. 1 Click St a r t and Control Panel . Double- click Add/Remove Programs . 2 Click on the Win d o ws S et u p ta b and select Communication in the Components selection box. Click Details . 3 In the Communications[...]

  • Página 111

    Prestige 334 User’s Guide Chapter 9 UPnP 110 9.4.2 Inst alling UPnP in Windows XP Follow the steps below to install UPnP in W indows XP . 1 Click St a r t and Contr ol Panel . 2 Double-click Network Connections . 3 In the Network Connections window , click Advanced in the main menu and select Optional Networking Components … . 4 The W indows Op[...]

  • Página 112

    Prestige 334 User’s Guide 111 Chapter 9 UPnP 9.5 Using UPnP in Windows XP Example This section shows yo u how to use the UPnP feature in Wi ndows XP . Y ou must al ready have UPnP installed in W indows XP and UPnP activated on the ZyXEL devi ce. Make sure the computer is co nnected to a LAN port of the ZyXEL device. Tu rn on your computer and the[...]

  • Página 113

    Prestige 334 User’s Guide Chapter 9 UPnP 112 9.5.1 Auto-discover Y our UPnP-en abled Network Device 1 Click St a r t and Control Panel . Double-click Network Connections . An icon displays under Internet Gateway . 2 Right-click the icon and select Prop erties . 3 In the Internet Connection Properties window , click Settings to see the port mappin[...]

  • Página 114

    Prestige 334 User’s Guide 113 Chapter 9 UPnP 9.5.2 Web Configurator Easy Access W ith UPnP , you can access the web-bas ed configur ator on the ZyXEL device without finding out the IP address of the ZyXEL device first. This is helpful if you do not know the IP address of the ZyXEL device. Follow the steps below to access the web configurator . 5 [...]

  • Página 115

    Prestige 334 User’s Guide Chapter 9 UPnP 114 9.5.3 Web Configurator Easy Access W ith UPnP , you can access the web-bas ed configur ator on the ZyXEL device without finding out the IP address of the ZyXEL device first. This is helpful if you do not know the IP address of the ZyXEL device. 1 Click St a r t and then Control Pan e l . 2 Double-click[...]

  • Página 116

    Prestige 334 User’s Guide 115 Chapter 9 UPnP Follow the steps below to access the web configurator . 1 Click Start and then Control Panel. 2 Double-click Network Connections . 3 Select My Network Places under Other Places . 4 An icon with the d escription for each UPnP-enabled device displays under Local Network . 5 Right-click the icon for your [...]

  • Página 117

    Prestige 334 User’s Guide Chapter 10 Tre nd Micro Se curity Services 116 C HAPTER 10 T rend Micro Security Services This chapter contains informa tion about configuring T rend Micr o Security Services settings, virus protection, parental controls an d customization. 10.1 T rend Micro Security Service Overview T rend Micro Security Services (TMSS)[...]

  • Página 118

    Prestige 334 User’s Guide 117 Chapter 10 Trend Micro Security Services Figure 39 Service Settings The following table describes the labels in this screen. Table 31 Service Settings LABEL DESCRIPTION Enable Trend Micro Security Services Select the checkbox to enable T rend Micro Security Services o n your Prestige. Note: Make sure that you have no[...]

  • Página 119

    Prestige 334 User’s Guide Chapter 10 Tre nd Micro Se curity Services 118 10.3 V irus Protection This screen allows you to check the computers in the network for Trend Micro Internet Security . Y ou can also select antivirus compon ent update time intervals and monitor the virus protection status on each client computer in your network. T rend Mic[...]

  • Página 120

    Prestige 334 User’s Guide 119 Chapter 10 Trend Micro Security Services Figure 40 Virus Protection The following table describes the labels in this screen. Table 32 Virus Protec tion LABEL DESCRIPTION Check for T rend Micro In ternet Security Automatically check for update components Select the checkb ox to have the Prestige download the latest sc[...]

  • Página 121

    Prestige 334 User’s Guide Chapter 10 Tre nd Micro Se curity Services 120 10.5 Parent al Controls Parental Controls lets a parent (LAN admini strator) control a LAN user's Internet access privileges by blocking spec ified categories. Y ou can define time periods and day s during which Parental Controls are enabled and block W eb pages dependi[...]

  • Página 122

    Prestige 334 User’s Guide 121 Chapter 10 Trend Micro Security Services Figure 41 Parental Controls Licens e S tatus If you have registered with TMSS and your license is valid, you can configure the Parental Controls configuration screen.[...]

  • Página 123

    Prestige 334 User’s Guide Chapter 10 Tre nd Micro Se curity Services 122 Figure 42 Parental Controls The following table describes the labels in this screen. Table 33 Parental Controls LABEL DESCRIPTION Enable Parental Controls Select the check box to enable this feature on your Prestige. Note: The Prestige automatically checks the st atus of you[...]

  • Página 124

    Prestige 334 User’s Guide 123 Chapter 10 Trend Micro Security Services T ime of Day to Block (24- Hour Format) Select the time of day you want web page blocking to take effect. Configure blocking to take effect all day by selecting the All Day check box. Y ou can also configure specific ti mes by entering the start time in the S tart (hr) and S t[...]

  • Página 125

    Prestige 334 User’s Guide Chapter 10 Tre nd Micro Se curity Services 124 10.6.1 Parent al Controls St atistics The Prestige can display a record of attempted entries to W eb pages or actual entries to W eb pages from a list of content filtering categories. Exclude specified address ranges from the Parental Control enforcement. Select the radio bu[...]

  • Página 126

    Prestige 334 User’s Guide 125 Chapter 10 Trend Micro Security Services Figure 43 Parental Controls S tatistics The following table describes the labels in this screen. Table 34 Parental Contro ls Statisti c s LABEL DESCRIPTION Category All categories are displayed includi ng; Pornography , Illegal/Questio nable, V iolence/Hate /Racism, Illegal Dr[...]

  • Página 127

    Prestige 334 User’s Guide Chapter 11 Firewall 126 C HAPTER 11 Firewall This chapter gives some bac kground information on firewalls and explains how to get started with the Prestige firewall. 1 1.1 Introduction 1 1.1.1 What is a Firewall? Originally , the term fir ewall referred to a construction tech nique designed to prevent the spread of fire [...]

  • Página 128

    Prestige 334 User’s Guide 127 Chapter 11 Fir ewall The Prestige has one Ethernet W AN port and fo ur Ethernet LAN ports, which are used to physically separate the network into two areas .The W AN (W ide Area Network) port attaches to the broadband (cab le or DSL) modem to the Internet. The LAN (Local Area Network) port attac hes to a network of c[...]

  • Página 129

    Prestige 334 User’s Guide Chapter 11 Firewall 128 Figure 44 Firewall: Settings The following table describes the labels in this screen. Table 35 Firewall: Settings LABEL DESCRIPTION Enable Firewall Select this che ck box to activate th e firewall. The Prestige performs access control and protects against Denial of Service (DoS) attacks when the f[...]

  • Página 130

    Prestige 334 User’s Guide 129 Chapter 11 Fir ewall 1 1.3 The Firewall, NA T and Remote Management Figure 45 Firewall Rule Directions 1 1.3.1 LAN-to-W AN rules LAN-to-W AN rules are local netw ork to Internet firewall rules. The default is to forward all traffic from your local network to the Internet. How can you block certain LAN to W AN traffic[...]

  • Página 131

    Prestige 334 User’s Guide Chapter 11 Firewall 130 • Configuring WA N or LAN & W AN access for services in the Remote Management screens or SMT menus. When you a llow re mote management from the W AN, you are actually configuring W AN-to-W AN/Prestig e firewall rules. W AN-to-W AN/Prestige firewall rules are Internet to the Prestige W AN int[...]

  • Página 132

    Prestige 334 User’s Guide 131 Chapter 11 Fir ewall Figure 46 Firewall: Service The following table describes the labels in this screen. Table 36 Firewall: Service LABEL DESCRIPTION Enable Services Blocking Select this ch eck box to enabl e this feature. Available Service This is a list of pre-defin ed services (ports) you may prohibit your LAN co[...]

  • Página 133

    Prestige 334 User’s Guide Chapter 11 Firewall 132 Clear All Click Clear All to empty the Blocked Service . Day to Block: Select a check box to configure which da ys of the we ek (or everyday) you w ant the content filtering to be active. T ime of Day to Block (24-Hour Format) Select the time of day you want service blocking to take effect. Config[...]

  • Página 134

    Prestige 334 User’s Guide 133 Chapter 11 Fir ewall[...]

  • Página 135

    Prestige 334 User’s Guide Chapter 12 Content Filtering 134 C HAPTER 12 Content Filtering This chapter provides a brief overview of co ntent filtering using the embedded W ebGUI. 12.1 Introduction to Content Filtering Internet content filtering allows you to create and enforce Internet access policies tailored to their needs. Content filtering is [...]

  • Página 136

    Prestige 334 User’s Guide 135 Chapter 12 Content Filtering Figure 47 Content Filter The following table describes the labels in this screen. Table 37 Content Filter LABEL DESCRIPTION Restrict Web Features Select the box(es) to restri ct a feature. When you download a page containing a restricted feature, that pa rt of the web page will app ear bl[...]

  • Página 137

    Prestige 334 User’s Guide Chapter 12 Content Filtering 136 Keyword T ype a keyword in this field. Y ou may use any character (up to 64 characters). Wildcards are not allowed. Y ou can also enter a numerical IP address. Keyword List This list displays the keywords a lready added. Add Click Add after you have typed a keyword. Repeat this procedure [...]

  • Página 138

    Prestige 334 User’s Guide 137 Chapter 12 Content Filtering[...]

  • Página 139

    Prestige 334 User’s Guide Chapter 13 Remo te Management Scr eens 138 C HAPTER 13 Remote Management Screens This chapter provides information on the Remote Management screens. 13.1 Remote Management Overview Remote management allows you to determ ine which services/protocols can access which Prestige interface (if any) from which computers. Y ou m[...]

  • Página 140

    Prestige 334 User’s Guide 139 Chapter 13 Remo te Managemen t Screens 2 Y ou have disabled that service in one of the remote management screens. 3 The IP address in the Secured Client IP field does not match th e client IP address. If it does not match, the Prestige will disconnect the session immediately . 4 There is already another remote manage[...]

  • Página 141

    Prestige 334 User’s Guide Chapter 13 Remo te Management Scr eens 140 Figure 48 Remote Management: WWW The following table describes the labels in this screen. 13.3 Configuring T elnet Y ou can configure your Prestige for remote T e lnet access as shown next. The administrator uses T elnet from a computer on a remo te network to access the Prestig[...]

  • Página 142

    Prestige 334 User’s Guide 141 Chapter 13 Remo te Managemen t Screens Figure 49 T elnet Configuration on a TCP/IP Network 13.4 Configuring TELNET Click REMOTE MGMT and the TELNET tab to display the screen as shown. Figure 50 Remote Management: T elnet The following table describes the labels in this screen. Table 39 Remote Management: Telnet LABEL[...]

  • Página 143

    Prestige 334 User’s Guide Chapter 13 Remo te Management Scr eens 142 13.5 Configuring FTP Y ou can upload and download the Prestige’ s firmware and co nfiguration files using FTP , please see the chapter on firmware and configuration file maintena nce for details. T o use this feature, your computer must have an FTP client. T o change your Pres[...]

  • Página 144

    Prestige 334 User’s Guide 143 Chapter 13 Remo te Managemen t Screens 13.6 SNMP Simple Network Management Protocol (SNM P) i s a protocol u sed for exchanging management information b etween network devices. SNMP is a member of the TCP/IP protocol suite. Y o ur Prestige supports SNMP agent functionality , wh ich allows a mana ger station to manage[...]

  • Página 145

    Prestige 334 User’s Guide Chapter 13 Remo te Management Scr eens 144 SNMP itself is a simple request/response prot ocol based on the manager/agent model. The manager issues a request and the agent retu rns responses using the following protocol operations: • Get - Allows the manager to retrieve an object variable from the ag ent. • GetNext - [...]

  • Página 146

    Prestige 334 User’s Guide 145 Chapter 13 Remo te Managemen t Screens Figure 53 Remote Management: SNMP The following table describes the labels in this screen. Table 42 Remote Management: SNMP LABEL DESCRIPTION SNMP Configuration Get Community En ter the Get Community , which is the password for the incoming Get and GetNext requests from the mana[...]

  • Página 147

    Prestige 334 User’s Guide Chapter 13 Remo te Management Scr eens 146 13.7 Configuring DNS Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Refer to the chapter on W izard Setup for background information. T o change your Prestige’ s DNS settings, click REMOTE MGMT , then the DNS ta b. The screen [...]

  • Página 148

    Prestige 334 User’s Guide 147 Chapter 13 Remo te Managemen t Screens 13.8 Configuring Security T o change your Prestige’ s security settings, click REMOTE MGMT , then the Security tab. The screen appears as shown. If an outside user attempts to probe an unsupp orted port on your Prestige, an ICMP respon se packet is automatically returned. This[...]

  • Página 149

    Prestige 334 User’s Guide Chapter 13 Remo te Management Scr eens 148 Do not respond to requests for unauthorized services Select this option to prevent hackers from finding the Prestige by probing for unused ports. If you select this option, the Prestige will not respond to port request(s) for unused ports, thus leavin g the unuse d ports and the[...]

  • Página 150

    Prestige 334 User’s Guide 149 Chapter 13 Remo te Managemen t Screens[...]

  • Página 151

    Prestige 334 User’s Guide Chapter 14 Introduction to IPSec 150 C HAPTER 14 Introduction to IPSec This chapter introduces the basics of IPSec VPNs 14.1 VPN Overview A VPN (V irtual Private Network) provides sec ure communications between sites without the expense of leased site-to-site lines. A secure VP N is a combination of tunneling, encryption[...]

  • Página 152

    Prestige 334 User’s Guide 151 Chapter 1 4 Introduc tion to IPSec Figure 56 Encryption and Decryption 14.1.3.2 Dat a Confidentiality The IPSec sender can encrypt packets befo re transmitting them across a network. 14.1.3.3 Dat a Integrity The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not been altered [...]

  • Página 153

    Prestige 334 User’s Guide Chapter 14 Introduction to IPSec 152 Figure 57 IPSec Architecture 14.2.1 IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406) and AH (Authentication Header) protocol (RFC 2402 ) describe the packe t formats and the default standards for packet structure (including implemen tation algori thms). Th[...]

  • Página 154

    Prestige 334 User’s Guide 153 Chapter 1 4 Introduc tion to IPSec Figure 58 T ransport and T unnel Mode IPSec Encapsulation 14.3.1 T ransport Mode Tr a n s p o r t mode is used to protect upper layer prot ocols and only af fects the da ta in the IP packet. In Tr a n s p o r t mode, the IP packet contai ns the security protoc ol ( AH or ESP ) locat[...]

  • Página 155

    Prestige 334 User’s Guide Chapter 14 Introduction to IPSec 154 NA T is incompatible with the AH protocol in both Tr a n s p o r t and T unnel mode. An IPSec VPN using the AH protocol digitally sig n s the outbound packet, both data p a yload and headers, with a hash value appe nded to the pack et. When using AH protoc ol, packet contents (the dat[...]

  • Página 156

    Prestige 334 User’s Guide 155 Chapter 1 4 Introduc tion to IPSec[...]

  • Página 157

    Prestige 334 User’s Guide Chapter 15 VPN Screens 156 C HAPTER 15 VPN Screens This chapter introduces the VPN W eb Configurator . See the Logs chapter for information on viewing logs and the Appendices for IPSec log descriptions. 15.1 VPN/IPSec Overview Use the screens documented in this chapter to configure rules for VPN connections and manage VP[...]

  • Página 158

    Prestige 334 User’s Guide 157 Chapter 15 VPN Screen s An added featu re of the ESP is payload padding, which further protects communications b y concealing the size of the packet being transmitted. 15.3 My IP Address My IP Address is the W AN IP address of the Prestige. If this field is configured as 0.0.0.0, then the Prestige will use the cu rre[...]

  • Página 159

    Prestige 334 User’s Guide Chapter 15 VPN Screens 158 15.4.1 Dynamic Secure Gateway Address If the remote secure gateway has a dynamic W AN IP address and does not use DDNS, enter 0.0.0.0 as the secure gateway’ s address. In th is ca se only the remote secure gateway can initiate SAs. This may be useful for teleco mmut ers initiating a VPN tunne[...]

  • Página 160

    Prestige 334 User’s Guide 159 Chapter 15 VPN Screen s Figure 60 VPN: Summary The following table describes the labels in this screen. Table 47 VPN: Summary LABEL DESCRIPTION # The VPN po licy index number . Active This field displays whether the VPN policy is active or not. A Y signifies that this VPN policy is active. N signifies that this VPN p[...]

  • Página 161

    Prestige 334 User’s Guide Chapter 15 VPN Screens 160 15.6 Keep Alive When you initiate an IPSec tunnel with keep alive enabled, the Prestige automatically renegotiates the tunnel when the IPSec SA lif etime period expires ( the IPSec Algorithms section for more on the IPSec SA lifetime). In ef fect, the IPSec tunne l becomes an “always on” co[...]

  • Página 162

    Prestige 334 User’s Guide 161 Chapter 15 VPN Screen s • Enable NA T traversal on both IPSec endpoints. In order for IPSec router A (see the figure) to receive an initiating IPSec packet from IPSec router B, set the NA T router to forward UDP port 500 to IPSec router A. 15.7.2 Remote DNS Server In cases where you want to use domain names to acce[...]

  • Página 163

    Prestige 334 User’s Guide Chapter 15 VPN Screens 162 15.8 ID T ype and Content W ith aggressive negotiation mode (see Section Negotiation Mode), th e Prestige identifies incoming SAs by ID type and content since this identifying information is not encrypted. This enables the Prestige to distinguish between mu ltiple rules for SAs that connect fro[...]

  • Página 164

    Prestige 334 User’s Guide 163 Chapter 15 VPN Screen s 15.8.1 ID T ype and Content Examples T wo IPSec routers must have matching ID type and content configuration in order to set up a VPN tunnel. The two Prestiges in this example can complete negotiation and establish a VPN tunnel The two Prestiges in this ex ample cannot complete their negotiati[...]

  • Página 165

    Prestige 334 User’s Guide Chapter 15 VPN Screens 164 15.10 Editing VPN Rules Click Edit on th e Summary screen or click the Rule Setup tab to edit VPN rules. Figure 64 VPN: Rule Setup (Basic) The following table describes the labels in this screen. Table 51 VPN: Rule Setup (Basic) LABEL DESCRIPTION Active Select this check box to ac tivate this V[...]

  • Página 166

    Prestige 334 User’s Guide 165 Chapter 15 VPN Screen s IPSec Keying Mode Select IKE or Manual from the drop-down list box. IKE provides more p rotection so it is generally recommended. Manual is a useful optio n for troubleshooting. Local Address The local IP address must be static and correspond to the remote IPSec router's configured remote[...]

  • Página 167

    Prestige 334 User’s Guide Chapter 15 VPN Screens 166 Secure Gateway Address T ype the WAN IP address or the URL (up to 31 characters) of the IPSec router with which you're making the VPN connection. Set this fiel d to 0.0.0.0 if the remote IPSec router has a dynamic W AN IP address (the IPSec Keyi ng Mode field must be set to IKE ). The remo[...]

  • Página 168

    Prestige 334 User’s Guide 167 Chapter 15 VPN Screen s 15.1 1 IKE Phases There are two phases to every IKE (Internet Key Exchange) ne gotiation – phase 1 (Authentication) and ph ase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate SAs for IPSe c. Figure 65 T wo Phases to Set Up the IPSec SA [...]

  • Página 169

    Prestige 334 User’s Guide Chapter 15 VPN Screens 168 • Choose an encryption algorithm. • Choose an authentication algorithm • Choose whether to enable Perfect Forward Secrecy (PFS) using Dif fie-Hellman public- key cryptog raphy – see Section Pe rfect Forwar d Secr e cy (PFS) . Select None (the default) to disable PFS. Choose T unnel mode[...]

  • Página 170

    Prestige 334 User’s Guide 169 Chapter 15 VPN Screen s This may be unnecessary for data that does not require such security , so PFS is disabled ( None ) by default in the Prestige. Disabling PF S means new authenti cation and encryption keys are derived from the same root secret (which may have secu rity im plications in the long run) but allows [...]

  • Página 171

    Prestige 334 User’s Guide Chapter 15 VPN Screens 170 Figure 66 VPN IKE: Advance d[...]

  • Página 172

    Prestige 334 User’s Guide 171 Chapter 15 VPN Screen s The following table describes the labels in this screen. Table 52 VPN IKE: Advanced LABEL DESCRIPTION Active Select this check box to activate this VPN policy . Keep Alive Select this check box to turn on the Keep Alive feature for this SA. T u rn on Keep Alive to have the Prestige automati ca[...]

  • Página 173

    Prestige 334 User’s Guide Chapter 15 VPN Screens 172 Remote Addres s End/ Mask When the remote IP address is a single address, type it a second ti me here. When the remote IP address is a range, en te r the end (static) IP address, in a range of computers on the network behind the re mote IPSec ro uter . When the remote IP address is a subnet add[...]

  • Página 174

    Prestige 334 User’s Guide 173 Chapter 15 VPN Screen s Peer Content The configuration of the peer content depen ds on the peer ID type. •F o r IP , type the IP address of the computer with which you will make the VPN connection. If you configure this field to 0.0.0.0 or lea ve it blank, the Prestige will use the address in the Secure Ga teway Ad[...]

  • Página 175

    Prestige 334 User’s Guide Chapter 15 VPN Screens 174 15.13 Manual Key Setup Manual key managemen t is useful if you have pro blems with IKE key managemen t. IPSec Protocol Select ESP or AH from the drop-down list box. The Prestige's IPSec Protocol should be identical to the secure remote gatew ay . The ESP (Encapsulation Security Payload) pr[...]

  • Página 176

    Prestige 334 User’s Guide 175 Chapter 15 VPN Screen s 15.13.1 Security Pa rameter Index (SPI) An SPI is used to distinguish dif ferent SAs te rminating at the same de stination and using the same IPSec protocol. This data allows for the multiplexing of SAs to a single gateway . The SPI (Security Parameter Index) along with a destination IP addres[...]

  • Página 177

    Prestige 334 User’s Guide Chapter 15 VPN Screens 176 Figure 67 Setup: Manual The following table describes the labels in this screen. Table 53 Rule Setup: Ma nual LABEL DESCRIPTION Active Select this check box to activate this VPN policy . IPSec Keying Mode Select IKE or Manual from the drop-down list box. Manual is a useful option for troublesho[...]

  • Página 178

    Prestige 334 User’s Guide 177 Chapter 15 VPN Screen s Local Port End T ype a port number in this field to define a port range. This port number must be greater than that specified in the previo us field. If Local Port S tart is left at 0, Local Port End will also remain at 0. Remote Addr ess S tart Remote IP ad dresses must be static and correspo[...]

  • Página 179

    Prestige 334 User’s Guide Chapter 15 VPN Screens 178 15.15 V iewing SA Monitor In the web configurator , click VPN and the SA Monitor tab. Use this screen to display and manage active VPN connections. A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel. This screen displays active VPN connections. Use [...]

  • Página 180

    Prestige 334 User’s Guide 179 Chapter 15 VPN Screen s Figure 68 SA Monitor The following table describes the labels in this screen. 15.16 Configuring Global Setting T o change your Prestige’ s Global Settings, click VPN , then the Global Setting tab. The screen appears as shown. Table 54 SA Monitor LABEL DESCRIPTION # This is the securi ty a ss[...]

  • Página 181

    Prestige 334 User’s Guide Chapter 15 VPN Screens 180 Figure 69 VPN: Global Setting The following table describes the labels in this screen. 15.17 T elecommuter VPN/IPSec Examples The following examples show how multiple telecommuters can make VPN connections to a single Prestige at headquarters from remote IPSec routers that use dynamic W AN IP a[...]

  • Página 182

    Prestige 334 User’s Guide 181 Chapter 15 VPN Screen s Having everyone use the same pre-shared key ma y create a vulnerability . If the pre-shared key is compromised, all of the VPN connections using that VPN rule are at risk. A recommended alternative is to use a dif ferent VPN rule for each telecommuter and identify them by unique IDs (see the T[...]

  • Página 183

    Prestige 334 User’s Guide Chapter 15 VPN Screens 182 See the following graphic for an example where three telecommut ers each use a different VPN rule to initiate a VPN connection to a Prestig e l ocated at headquarters. The Prestige at headquarters identifies each by its secure gate way address (a dynamic domain name ) and uses the appropriat e [...]

  • Página 184

    Prestige 334 User’s Guide 183 Chapter 15 VPN Screen s[...]

  • Página 185

    Prestige 334 User’s Guide Chapter 16 Centralized Logs 184 C HAPTER 16 Centralized Logs This chapter contains inform ation about configuring genera l log settings and viewing the Prestige’ s logs. Refer to the appendices for example log message explanations. 16.1 V iew Log The web confi gurator allows you to look at all of the Prestige’ s logs[...]

  • Página 186

    Prestige 334 User’s Guide 185 Chapter 16 Centralized Logs Figure 72 Vi ew Logs The following table describes the labels in this screen. Table 57 View Logs LABEL DESCRIPTION Display The categories that you select in the Log Settings page (see section ) display in the drop-do wn list box. Select a category of logs to view; select All Logs to view l[...]

  • Página 187

    Prestige 334 User’s Guide Chapter 16 Centralized Logs 186 16.2 Log Settings Y ou can configure the Pr estige’ s general log settin gs in one location. Click the LOGS in the navigation panel and then the Log Settings tab to open the Log Settings screen. Use the Log Settings screen to configure to where the Prestig e is to send logs; the schedule[...]

  • Página 188

    Prestige 334 User’s Guide 187 Chapter 16 Centralized Logs Figure 73 Log Settings The following table describes the labels in this screen. Table 58 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the ser ver name or the IP address of the mail server for the e-ma il addresses specified below . If thi s field is left blank, logs and al[...]

  • Página 189

    Prestige 334 User’s Guide Chapter 16 Centralized Logs 188 Mail Subject T ype a title that you want to be in the su bject line of the log e-mail message that the Prestige sends. Not all Prestige models have this field. Send Log T o The Prestige se nds logs to the e-mail address s pecified in this field. If this field is left blank, the Prestige do[...]

  • Página 190

    Prestige 334 User’s Guide 189 Chapter 16 Centralized Logs[...]

  • Página 191

    Prestige 334 User’s Guide Chapter 17 Maintenance 190 C HAPTER 17 Maintenance This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics. 17.1 Maintenance Overview The maintenanc e screens can help you view system inform a tion, upload new firmware, manage configuratio n and restart your Prestige[...]

  • Página 192

    Prestige 334 User’s Guide 191 Chapter 17 Maintenance Figure 74 Maintenance S tatus The following table describes the labels in this screen. Table 59 Maintenance Status LABEL DESCRIPTION System Name This is the System Name you chose in the first Inter net Access Wizard screen. It is for identifica tion purposes Model Name The model name id entifie[...]

  • Página 193

    Prestige 334 User’s Guide Chapter 17 Maintenance 192 17.2.1 System St atistics Read-only information here includ es port status and packet specific statistics. Also provided are "system up time" and "poll interval(s)". The Poll Interval(s) field is configurable. Figure 75 Maintenance System S tatistics The following table desc[...]

  • Página 194

    Prestige 334 User’s Guide 193 Chapter 17 Maintenance Click MAINTENANCE , and then the DHCP T able tab. Read-only information here relates to your DHCP status. The DHCP table shows cu rrent DHCP Client information (including IP Address , Host Name and MAC Address ) of all network clients using the DHCP server . Figure 76 Maintenance DHCP T able Th[...]

  • Página 195

    Prestige 334 User’s Guide Chapter 17 Maintenance 194 Use the upgrade tool file with a "*.exe" extension found in the ZIP file and follow the steps to begin the firmware upgrade. 17.4.1 Prep aring your Pr estige for Firmware Upload 1 Change the login password of the Prestige to the factory default password of “1234”. 2 Change the IP [...]

  • Página 196

    Prestige 334 User’s Guide 195 Chapter 17 Maintenance Figure 78 Upgrade T ool If you log into your Prestige befo re the upgrade is co mplete, the following screen is displayed. Figure 79 Upload W arning 6 The Prestige automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following ic[...]

  • Página 197

    Prestige 334 User’s Guide Chapter 17 Maintenance 196 • Change your Prestige passwo rd and IP address back to your preferred setting. 8 Log in again and ch eck your new firmware version in the System S tatus screen. 17.5 Configuration Screen See the Firmwar e and Configura tion File Maintenance chapter for transferring configuration files using [...]

  • Página 198

    Prestige 334 User’s Guide 197 Chapter 17 Maintenance Click Backup to save the Prestige’ s current configuration to your compute r 17.5.2 Restore Configuration Restore configuration allows you to upload a new or previously saved configuration file from your computer to your Prestige. After you see a “configuration upload successf ul” screen,[...]

  • Página 199

    Prestige 334 User’s Guide Chapter 17 Maintenance 198 If the upload was not successful, the following screen will appear . Click Return to go back to the Configuration screen. Figure 84 Configuration Resto re Error 17.5.3 Back to Factory Default s Pressing the Reset button in this section clears al l user-e ntered configuration information and ret[...]

  • Página 200

    Prestige 334 User’s Guide 199 Chapter 17 Maintenance Figure 86 System Restart[...]

  • Página 201

    Prestige 334 User’s Guide Chapter 18 Intro ducing the SMT 200 C HAPTER 18 Introducing the SMT This chapter explains how to access and na viga te the System Management T erminal and gives an overview of its menus. 18.1 SMT Introduction T he Prestige’ s SMT (System Managem ent T ermin al) is a menu-driven inte rface that you can access from a ter[...]

  • Página 202

    Prestige 334 User’s Guide 201 Chapter 18 In troducing the SMT Figure 87 Login Screen 18.1.3 Prestige SMT Menu Overview The following figure gives you an overview of the various SMT menu screens of you r Prestige. Figure 88 SMT Menu O verview 18.2 Navigating the SMT Interface The SMT(System Management T e rminal) is the interface that you u se to [...]

  • Página 203

    Prestige 334 User’s Guide Chapter 18 Intro ducing the SMT 202 Several operations that you should be fam iliar with before you a ttempt to modify the configuration are listed in the table below . After you enter the password, the SMT di splays the main menu, as shown next. Table 63 Main Menu Com mands OPERATION KEYSTROKE DESCRIPTION Move down to a[...]

  • Página 204

    Prestige 334 User’s Guide 203 Chapter 18 In troducing the SMT Figure 89 SMT Main Menu 18.2.1 System Manage ment T erminal Interface Summary The following table describes the fields in the previous screen. Copyright (c) 1994 - 2 004 ZyXEL Communications Corp. Prestig e 334 Main Menu Getting Started Advanced Management 1. General Setup 21. Filter a[...]

  • Página 205

    Prestige 334 User’s Guide Chapter 18 Intro ducing the SMT 204 18.3 Changing the System Password Change the P restige defau lt password by following the steps shown next. 1 Enter 23.1 in the ma in menu to display Menu 23.1 - System Security - Change Password. 2 T ype your existing system password in the Old Password field, for example “1234”, [...]

  • Página 206

    Prestige 334 User’s Guide 205 Chapter 18 In troducing the SMT[...]

  • Página 207

    Prestige 334 User’s Guide Chapter 19 Menu 1 General Setup 206 C HAPTER 19 Menu 1 General Setup Menu 1 - General Setup contains administrative and system-related informa tion. 19.1 General Setup Menu 1 — General Setup contains administrative and system-related information (shown next). The System Name field is for identification purpo ses. Howev[...]

  • Página 208

    Prestige 334 User’s Guide 207 Chapter 19 Menu 1 General Setup Figure 91 Menu 1 General Setup. 2 Fill in the required fields. Refer to the tabl e sho wn next for more information about these fields. Menu 1 - General Setup System Name= Domain Name= zyxel.com.tw First System DNS Server= Fr om ISP IP Address= N/A Second System DNS Server= F rom ISP I[...]

  • Página 209

    Prestige 334 User’s Guide Chapter 19 Menu 1 General Setup 208 19.2.1 Procedure to Configure Dynamic DNS T o configure Dynamic DNS, go to Menu 1 — General Setup and select Ye s in the Edit Dynamic DNS field. Press [ ENTER ] to display Menu 1.1— Configur e Dynamic DNS as shown next. Figure 92 Menu 1.1 Configure Dynamic DNS Follow the instructio[...]

  • Página 210

    Prestige 334 User’s Guide 209 Chapter 19 Menu 1 General Setup Offline This field is only available when CustomDNS is selected in the DDNS T ype field. Press [SP ACE BAR] and then [ENTER] to select Ye s . When Ye s is selected, http:/ /www .dyndns.or g/ traffic is redirected to a URL that you h ave previously specified (see www .dyndns.org for det[...]

  • Página 211

    Prestige 334 User’s Guide Chapter 20 Menu 2 WAN Setup 210 C HAPTER 20 Menu 2 W AN Setup This chapter describes how to configure th e W AN using menu 2. 20.1 Introduction to W AN This chapter explains how to configure settings for your W AN port. 20.2 W AN Setup From the main menu, enter 2 to open menu 2. Figure 93 Menu 2 W AN Setu The following t[...]

  • Página 212

    Prestige 334 User’s Guide 211 Chapter 20 Menu 2 WAN Setup[...]

  • Página 213

    Prestige 334 User’s Guide Chapter 21 Menu 3 LAN Setup 212 C HAPTER 21 Menu 3 LAN Setup This chapter covers how to configure your wired Local Area Network (LAN) settings. 21.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 — LAN Setup . From the main menu, enter 3 to display menu 3. Figure 94 Menu 3 LAN Setup 21.1.1 [...]

  • Página 214

    Prestige 334 User’s Guide 213 C hapter 21 Men u 3 LAN Setup 21.2 Protocol Dependent Ethernet Setup Depending on the proto cols for your applications, you need to co nfigure the respectiv e Ethernet Setup, as outlined below . • For TCP/IP Ethernet setup refer to the Internet Access Application chapte r . • For bridging Ethernet setup refer to [...]

  • Página 215

    Prestige 334 User’s Guide Chapter 21 Menu 3 LAN Setup 214 Use the instructions in the following table to configure TCP/IP parameters for the LAN port. Size of Client IP Pool This field specifies the size, or count of the IP address pool. First DNS Server Second DNS Server Third DNS Server The Prestige passes a DNS (Domain Name System) server IP a[...]

  • Página 216

    Prestige 334 User’s Guide 215 C hapter 21 Men u 3 LAN Setup 21.3.1 IP Alias Setup IP alias allows you to partition a physical network into dif fer ent logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physical Ethernet interface with the Prestige itself as the gateway for ea ch LA[...]

  • Página 217

    Prestige 334 User’s Guide Chapter 21 Menu 3 LAN Setup 216 IP Subnet Mask Y our Prestige will automatically calc ulate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the Prestige. RIP Direction Press [SP ACE BAR] and then [ENTER] to select the RIP direction. Options [...]

  • Página 218

    Prestige 334 User’s Guide 217 C hapter 21 Men u 3 LAN Setup[...]

  • Página 219

    Prestige 334 User’s Guide Chapter 22 Internet Access 218 C HAPTER 22 Internet Access This chapter shows you how to config ure your Prestige for Internet access . 22.1 Introduction to Internet Access Setup Use information from your ISP along with the in st ructions in this chapter to set up your Prestige to access the Internet. There are three dif[...]

  • Página 220

    Prestige 334 User’s Guide 219 Chapter 22 Internet Access Figure 99 Menu 4 Internet Access Setup The following table describes the fields in this menu. Menu 4 - Interne t Access Setup ISP's Name= MyISP Encapsulation= Ethernet Service Type= Standard My Login= N/A My Password= N/A Retype to Confirm= N/A Login Server= N/A Relogin Every (min)= N/[...]

  • Página 221

    Prestige 334 User’s Guide Chapter 22 Internet Access 220 22.3 Configuring the PPTP Client T o configure a PP TP client, you must configure the My Login and Password fields for a PPP connection and the PP TP parame ters for a PP TP connection. After configuring My Login and Password for PPP connection, press [ SP ACE BAR] and then [ENTER] in the E[...]

  • Página 222

    Prestige 334 User’s Guide 221 Chapter 22 Internet Access Figure 100 Internet Access Setup (PPTP) The following table contains in structions about the new fie lds when you choose PPTP in the Encapsula tion field in menu 4. 22.4 Configuring the PPPoE Client If you enable PPPoE in menu 4, you wil l see th e next screen. For more information on PPPoE[...]

  • Página 223

    Prestige 334 User’s Guide Chapter 22 Internet Access 222 Figure 101 Internet Access Setup (PPPoE) The following table contains instructions about the new fields when you choose PPPoE in the Encapsula tion field in menu 4. If you need a PPPoE service name to identify and reach the P PPoE server , ple ase go to menu 1 1 and enter the PPPoE service [...]

  • Página 224

    Prestige 334 User’s Guide 223 Chapter 22 Internet Access[...]

  • Página 225

    Prestige 334 User’s Guide Chapter 23 Remot e Node Configur ation 224 C HAPTER 23 Remote Node Configuration This chapter covers remo te node configuration. 23.1 Introduction to Remote Node Setup A remote node is required for placing calls to a remote gatewa y . A remote node represents both the remote gateway an d the network behind it across a W [...]

  • Página 226

    Prestige 334 User’s Guide 225 Chap ter 23 Remote Node Configuratio n Figure 102 Menu 1 1.1 Remote Node Profile for Ether net Encapsulation The following table describes the fields in this menu. Menu 11.1 - R emote Node Profile Rem Node Name= MyISP Route= IP Active= Yes Encapsulation= Ethernet Edit IP= No Service Type= Standard Session Options: Se[...]

  • Página 227

    Prestige 334 User’s Guide Chapter 23 Remot e Node Configur ation 226 23.2.2 PPPoE Encap sulation The Prestige supports PPPoE (Point-to-Point Pr otocol over Ethernet). Y ou can only use PPPoE encapsulation when you’re using the Prestige with a DSL modem as the W AN device. If you change the Encap sulation to PPPoE, then you will see the next scr[...]

  • Página 228

    Prestige 334 User’s Guide 227 Chap ter 23 Remote Node Configuratio n 23.2.2.2 Nailed-Up Connection A nailed-up connection is a dial-u p line where the connectio n is always up regardless of tra ffic demand. The Prestige does two things when you specify a nailed-up connection. The first is that idle timeout is disabled. Th e second is that the Pre[...]

  • Página 229

    Prestige 334 User’s Guide Chapter 23 Remot e Node Configur ation 228 Figure 104 Menu 1 1.1 Remote Node Profile for PPTP Encapsulation The next table shows h ow to configure field s in menu 1 1.1 not previously discussed . 23.3 Edit IP Move the cu rs or to the Edit IP field in menu 1 1.1, then press [SP ACE BAR] to select Ye s . Press [ENTER] to o[...]

  • Página 230

    Prestige 334 User’s Guide 229 Chap ter 23 Remote Node Configuratio n Figure 105 Menu 1 1.3 Remote Node Network Layer Op tions for Ethernet Encapsulation This menu displays the My W A N Addr field for PPPoE and PPTP encapsulations and Gateway IP Addr field for Ethernet encapsulation. The following table describes the fields in this menu. Menu 11.3[...]

  • Página 231

    Prestige 334 User’s Guide Chapter 23 Remot e Node Configur ation 230 23.4 Remote Node Filter Move the cu rsor to the field Edit Filter Sets in menu 1 1.1, and then press [SP ACE BAR] to set the value to Ye s . Pre ss [ENTER] to open Menu 1 1.5 - Remote Node Filter . Use menu 11.5 to specify the filter set(s) to apply to the incomi ng and outgoing[...]

  • Página 232

    Prestige 334 User’s Guide 231 Chap ter 23 Remote Node Configuratio n Figure 106 M enu 1 1.5: Remote Node Filter (Ethernet Encap sulation) Figure 107 Menu 1 1.5: Remote Node Filter (PPP oE or PPTP Encapsulation) 23.4.1 T raffic Redirect Setup Configure parameters that determine when th e Prestige will forward W AN traffic to the backup gateway usi[...]

  • Página 233

    Prestige 334 User’s Guide Chapter 23 Remot e Node Configur ation 232 Figure 108 Menu 1 1.6: T raffic Redirect Setup The following table describes the fields in this screen. Menu 11.6 - Tra ffic Redirect Setup Active= Yes Configuration: Backup Gateway IP A ddress= 0.0.0.0 Metric= 15 Check WAN IP Addres s= 0.0.0.0 Fail Tolerance= 2 Period(sec)= 5 T[...]

  • Página 234

    Prestige 334 User’s Guide 233 Chap ter 23 Remote Node Configuratio n[...]

  • Página 235

    Prestige 334 User’s Guide Chapter 24 Static Route Setup 234 C HAPTER 24 S t atic Route Setup This chapter shows how to setup IP static routes. 24.1 IP S t atic Route Setup T o configure an IP static route, use Menu 12 – S tatic Routing Setup (shown next). Figure 109 Menu 12 IP S tatic Route Setup Now , type the route number of a st atic route y[...]

  • Página 236

    Prestige 334 User’s Guide 235 Chapter 24 Static Route Setup Figure 1 10 Menu12.1 Edit IP S tatic Route The following table describes the fields for Menu 12.1 – Edit IP S tatic Route Set up . Menu 12.1 - Edit IP Static Route Route #: 1 Route Name= ? Active= No Destination IP Address= ? IP Subnet Mask= ? Gateway IP Address= ? Metric= 2 Private= N[...]

  • Página 237

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 236 C HAPTER 25 Network Address T ranslation (NA T) This chapter discusses how to configure NA T on the Prestige. 25.1 Using NA T 25.1.1 SUA (Single User Account) V ersus NA T SUA (Single User Account) is a ZyNOS implemen tation of a subset of NA T that supports two types of m[...]

  • Página 238

    Prestige 334 User’s Guide 237 Chapter 25 Network Address Transla tion (NAT) Figure 1 1 1 Menu 4 Applying NA T for Interne t Access The following figure shows how you apply NA T to the remote node in menu 1 1.1. 1 Enter 1 1 from the main menu. 2 When menu 1 1 appears, as shown in th e follo wing figure, type the number of the remote node that you [...]

  • Página 239

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 238 Figure 1 12 Menu 1 1.3 Applying NA T to the Remote Node The following table describes the optio ns for Network Address T ranslation. 25.3 NA T Setup Use the address mapping sets me nus and submenus to create the mapping table used to assign global addresses to computers on[...]

  • Página 240

    Prestige 334 User’s Guide 239 Chapter 25 Network Address Transla tion (NAT) Figure 1 13 Menu 15 NA T Setup 25.3.1 Address Mapping Set s Enter 1 to bring up Menu 15.1 — Address Mapping Sets . Figure 1 14 Menu 15.1 Addr ess Mapping Set s Enter 255 to display the next screen (see the SUA (Single User Account) V ersus NA T sec tion ) . The fields i[...]

  • Página 241

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 240 Figure 1 15 Menu 15.1.255 SUA Address Mapping Rule s The following table explains the fields in t his menu. 25.3.1.1 User-Defined Address Mapping Set s Now let’ s look at option 1 in menu 15.1. En ter 1 to bring up this menu. W e’ll just look at the differences from th[...]

  • Página 242

    Prestige 334 User’s Guide 241 Chapter 25 Network Address Transla tion (NAT) Figure 1 16 Menu 15.1.1 First Set 25.3.1.2 Ordering Y our Rules Ordering your rules is important because the Pr estige applies the rules in the order that you specify . When a rule matches the c urrent pack et, the Prestige take s the corresponding action and the remainin[...]

  • Página 243

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 242 Now if you delete rule 4, rules 5 to 7 will be pus hed up by 1 rule, so as old rule 5 become s rule 4, old rule 6 becomes rule 5 and o ld rule 7 becomes rule 6. Selecting Edit in the Action field and then selecting a rule brings up the following menu, Menu 15.1.1.1 - Addr [...]

  • Página 244

    Prestige 334 User’s Guide 243 Chapter 25 Network Address Transla tion (NAT) Figure 1 17 Menu 15.1.1.1 Editing/ Configuring an Individual Rule in a Set The following table explains the fields in t his menu. 25.4 Configuring a Server behind NA T Follow these steps to config ure a server behind NA T : 1 Enter 15 in the main menu to go to Menu 15 - N[...]

  • Página 245

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 244 Figure 1 18 Menu 15.2.1 NA T Server Setup 3 Enter a port number in an unused St a r t P o r t N o field. T o forward only one port, enter it again in the End Port No field. T o specify a range of po rts, enter the last port to be forwarded in the End Port No field. 4 Enter[...]

  • Página 246

    Prestige 334 User’s Guide 245 Chapter 25 Network Address Transla tion (NAT) 25.5.1 Example 1: Internet Access Only In the following Internet access example, you onl y need one rule where the ILAs (Inside Local Addresses) of computers A through D map to one dynamic IGA (Inside Global Address) assigned by your ISP . Figure 120 NA T Examp le 1 Figur[...]

  • Página 247

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 246 Figure 122 NA T Examp le 2 In this case, you do exactly as above (use the convenient pre-configured SUA Only set) and also go to menu 15.2 to specify the Inside Server behind the NA T as shown in the next figure. Figure 123 Menu 15.2.1 Specifying an Inside Server 25.5.3 Ex[...]

  • Página 248

    Prestige 334 User’s Guide 247 Chapter 25 Network Address Transla tion (NAT) 4 Y ou also map your third IGA to the web serv er and mail server on the LAN. T ype Server allows you to specify multiple servers, of different t ypes, to other computers behind NA T on the LAN. The exampl e situation lo oks somewhat like this: Figure 124 NA T Examp le 3 [...]

  • Página 249

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 248 Figure 125 NA T Example 3: Menu 1 1.3 The following figures show how to configure the first rule. Menu 11.3 - Remote Node Network Laye r Options IP Address Assignment= Dy namic IP Address= N/A IP Subnet Mask= N/A Gateway IP Addr= N/A Network Address Translati on = Full Fea[...]

  • Página 250

    Prestige 334 User’s Guide 249 Chapter 25 Network Address Transla tion (NAT) Figure 126 Example 3: Menu 15.1.1.1 Figure 127 Example 3: Final Menu 15.1.1 Now configure the IGA3 to map to our web server and mail server on the LAN. 8 Enter 15 from the main menu. 9 Enter 2 in Menu 15 - NA T Setup . 10 Enter 1 in Menu 15.2 - NA T Server Setup to see th[...]

  • Página 251

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 250 Figure 128 Example 3: Menu 15.2 25.5.4 Example 4: NA T Unfr iendly Application Programs Some applications do not support NA T Mapping using TCP or UDP port address translation. In this case it is better to use Many-to-Many No Overload mapping as port numb ers do not change[...]

  • Página 252

    Prestige 334 User’s Guide 251 Chapter 25 Network Address Transla tion (NAT) Figure 129 NA T Examp le 4 Follow the steps outlined in example 3 to configure t h ese two menus as follows Figure 130 Example 4: Menu 15.1.1.1 Address Map ping Rule. After you’ve configured your rule , you should be able to check the settings in menu 15.1.1 as shown ne[...]

  • Página 253

    Prestige 334 User’s Guide Chapter 25 Network Address Translation (NAT) 252 Figure 131 Example 4: Menu 15.1.1 Address Map ping Rules 25.6 Configuring T rigger Port Forwarding Enter 3 in menu 15 to d isplay Menu 15.3 — T rigger Port Setup , shown next. Menu 15.1.1 - Address Mapping Rules Set Name= Example4 Idx Local Start IP Local End IP Global S[...]

  • Página 254

    Prestige 334 User’s Guide 253 Chapter 25 Network Address Transla tion (NAT) Figure 132 Menu 15.3 T rigger Port Setup The following table describes the fields in this screen. Menu 15.3 - Trigger Port Setup Inco ming Trigger Rule Name Start Port End Port Start Port End Port ---------------------------------- ------------------------------------ 1. [...]

  • Página 255

    Prestige 334 User’s Guide Chapter 26 Enabling the Firewall 254 C HAPTER 26 Enabling the Firewall This chapter shows you how to get started with the Prestige firewall. 26.1 Remote Management and the Firewall When SMT menu 24.1 1 is configured to allow management (see the Remote Management chapter) and the firewall is enabled: • The firewall bloc[...]

  • Página 256

    Prestige 334 User’s Guide 255 Chapter 26 Enablin g the Firewall Figure 133 Menu 21.2 Firewa ll Setup Menu 21.2 - Firewa ll Setup The firewall protects against D enial of Service (DoS) attacks when it is active. Your network is vulnerable to a ttacks when the firewall is turned off. Refer to the User's Guide for d etails about the firewall de[...]

  • Página 257

    Prestige 334 User’s Guide Chapter 27 Filter Configuration 256 C HAPTER 27 Filter Configuration This chapter shows you how to create and apply filters. 27.1 Introduction to Filters Y our Prestige uses filters to decide whether to a llow passage of a data packet and/or to make a call. There are two types of filter applications : data filtering and [...]

  • Página 258

    Prestige 334 User’s Guide 257 Chapter 27 Filter Configuration 27.1.1 The Filter St ructure of the Prestige A filter set consists of one or more filter rules. Usually , you would group related rules, e.g., all the rules for NetBIOS, into a single set and gi ve it a descriptive name. The P restige allows you to configure up to twelve filter sets wi[...]

  • Página 259

    Prestige 334 User’s Guide Chapter 27 Filter Configuration 258 Figure 135 Filter Rule Process Y ou can apply up to four filter sets to a particular port to block multiple types of packets. W ith each filter set having up to six rules, you can have a maximum of 24 rules active for a single port. 27.2 Configuring a Filter Set The Prestige includes f[...]

  • Página 260

    Prestige 334 User’s Guide 259 Chapter 27 Filter Configuration Figure 136 Menu 21: Filter and Firewa ll Setup 2 Enter 1 to bring up the following menu. Figure 137 Menu 21.1: Filter Set Configuration 3 Select the filter set you wish to configure (1-12) and press [ENTER] . 4 Enter a descriptive name or comment in the Edit Comments field and press [E[...]

  • Página 261

    Prestige 334 User’s Guide Chapter 27 Filter Configuration 260 The protocol dependent filter rules abbreviation are listed as follows: Refer to the next section for inform ation on configurin g the filter rules. 27.2.1 Configuring a Filter Rule T o configure a filter rule, type its number in Menu 21.1.1 - Filter Rules Summary and press [ENTER] to [...]

  • Página 262

    Prestige 334 User’s Guide 261 Chapter 27 Filter Configuration T o configure TCP/IP rules, select TCP/IP Filter Rule from the Filter T ype field and press [ENTER] to open Menu 21.1.1.1 - TCP/IP Filter Rule , as shown next Figure 138 Menu 21.1.1.1 TCP/IP Filter Rule. The following table describes how to co nfigure your TCP/IP filter rule. Menu 21.1[...]

  • Página 263

    Prestige 334 User’s Guide Chapter 27 Filter Configuration 262 The following figure illustrates th e logic flow of an IP filter . Source IP Address Enter the source IP Address of th e packet you wish to filter . Th is field is ignored i f it is 0.0.0.0. 0.0.0.0 IP Mask Enter th e IP mask to apply to the Source: IP Addr . 0.0.0.0 Port # Enter the s[...]

  • Página 264

    Prestige 334 User’s Guide 263 Chapter 27 Filter Configuration Figure 139 Executing an IP Filter 27.2.3 Configuring a Generic Filter Rule This section shows you how to configure a generi c filter rule. The purpose of generic rules is to allow you to filter non-IP packets. For IP , it is generally easier to us e the IP rules directly . For generic [...]

  • Página 265

    Prestige 334 User’s Guide Chapter 27 Filter Configuration 264 Figure 140 Menu 21.1.4.1 Generic Filter Ru le The following table describes the fiel ds in the Generic Filter Rule menu. Menu 21.1.4.1 - Generic Filter Ru le Filter #: 4,1 Filter Type= Generic Filter Rule Active= No Offset= 0 Length= 0 Mask= N/A Value= N/A More= No Log= Non e Action Ma[...]

  • Página 266

    Prestige 334 User’s Guide 265 Chapter 27 Filter Configuration 27.3 Example Filter Let’ s look at an example to block outside users from accessing the Prestige via telnet. Figure 141 T elnet Filter Example 1 Enter 21 from the main menu to open Menu 21 - Filter and Firewall Setup . 2 Enter 1 to open Menu 21.1 - Filter Set Configuration . 3 Enter [...]

  • Página 267

    Prestige 334 User’s Guide Chapter 27 Filter Configuration 266 Figure 142 Example Filter: Menu 21 .1.3.1 • Select Ye s from the Active field to activate this rule. • 6 is the TCP IP Pr otocol . •T h e Port # for the telnet service (TCP protocol) is 23. See RFC 1060 for port numbers of well-known services. • Select Equal from the Port # Com[...]

  • Página 268

    Prestige 334 User’s Guide 267 Chapter 27 Filter Configuration Figure 143 Example Filter Rules Summar y: Menu 21.1.3 This shows you that you have configured and activated ( A = Y ) a TCP/IP filter rule ( Ty p e = IP , Pr = 6 ) for destination telnet ports ( DP = 23 ). M = N means an action can be taken immediately . The action is to drop the packe[...]

  • Página 269

    Prestige 334 User’s Guide Chapter 27 Filter Configuration 268 Figure 144 Protocol and Device Filter Set s 27.5 Firewall V ersus Filters Firewall configuration is discussed in the fir ewall chapters of this manual. Further comparisons are also made between filtering, NA T and the firewall. 27.6 Applying a Filter This section shows you where to app[...]

  • Página 270

    Prestige 334 User’s Guide 269 Chapter 27 Filter Configuration Figure 145 Filtering LAN T raffic 27.6.2 Applying Re mote Node Filters Go to menu 1 1.5 (shown be low – note that call filter set s are only present for PPPoE encapsulation) and enter the numb er(s) of the filter set(s) as appropriate. Y ou can cascade up to four filter sets by enter[...]

  • Página 271

    Prestige 334 User’s Guide Chapter 28 SNMP Configuration 270 C HAPTER 28 SNMP Configuration This chapter explains SNMP Configuration menu 22. 28.1 About SNMP Simple Network Management Protocol is a protocol used for exchanging man agement information between network devices. SNMP is a member of the TCP/IP pro tocol suite. Y our Prestige supports S[...]

  • Página 272

    Prestige 334 User’s Guide 271 Chapter 28 SNMP Configuration The managed devices cont ain object variables/ managed objects that define each piece of information to be collected ab out a device. Examples of vari ables include the number of packets received, node port status etc. A Ma nagement Information Ba se (MIB) is a collection of managed obje[...]

  • Página 273

    Prestige 334 User’s Guide Chapter 28 SNMP Configuration 272 Figure 148 Menu 22 SNMP Configurat ion The following table describes the SNMP configuration parameters. 28.4 SNMP T rap s The Prestige will send traps to the SNMP mana ger when any one of t he following events occurs: Menu 22 - SNMP Configuration SNMP: Get Community= public Set Community[...]

  • Página 274

    Prestige 334 User’s Guide 273 Chapter 28 SNMP Configuration The port number is its interface index under the interface group. 4 linkUp ( defined in RFC-1215 ) A trap is sent with the port number . 5 authenticationFailure ( defined i n RFC-1215 ) A trap is sent to the manager when receiving any SNMP gets or sets requirements with wrong community ([...]

  • Página 275

    Prestige 334 User’s Guide Chapter 29 System Inform ation and Diagnosis 274 C HAPTER 29 System Information and Diagnosis This chapter covers the information and diag nostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status , port status, log and trace capabiliti es and upgrades for the system software. This chapte r des[...]

  • Página 276

    Prestige 334 User’s Guide 275 Chapter 29 System Information and Diagnosis Figure 150 Menu 24.1 System Maintenance : S tatus The following table describes the fields present in Menu 24.1 — System Maintenance — St a t u s . These fields are READ-ONL Y and meant fo r diagnostic pu rposes. The upper right corner of the screen shows the time and d[...]

  • Página 277

    Prestige 334 User’s Guide Chapter 29 System Inform ation and Diagnosis 276 29.2 System Information T o get to the System Information: 1 Enter 24 to display Menu 24 — System Information a nd Console Port Speed . 2 Enter 2 to display Menu 24.2 — System Information . 3 From this menu you have two choices as shown in th e next figure: Figure 151 [...]

  • Página 278

    Prestige 334 User’s Guide 277 Chapter 29 System Information and Diagnosis Figure 152 Menu 24.2.1 System Maintenance : Informatio n The following table describes the fields in this menu. 29.2.2 Console Port Speed Y ou can set up different port speeds for the console port through Menu 24.2.2 – System Maintenance – Console Port Speed . Y our Pre[...]

  • Página 279

    Prestige 334 User’s Guide Chapter 29 System Inform ation and Diagnosis 278 Figure 153 Menu 24.2.2 System Maintenance : Chang e Console Port Speed 29.3 Log and T race There are two logging faci lities in the Prestige. The first is the error logs and trace records that are stored locally . The second is th e syslog facility fo r message logging. 29[...]

  • Página 280

    Prestige 334 User’s Guide 279 Chapter 29 System Information and Diagnosis 29.3.1.1 CDR 29.3.1.2 Packet triggered CDR Message Format SdcmdSyslogSend ( SYSLOG_CDR, SYSLOG _INFO, String); String = board xx line xx channel xx , call xx, str board = the hardware board ID line = the WAN ID in a board Channel = channel ID within the WAN call = the call [...]

  • Página 281

    Prestige 334 User’s Guide Chapter 29 System Inform ation and Diagnosis 280 29.3.1.3 Filter log 29.3.1.4 PPP log Filter log Message Format SdcmdSyslogSend(SYSLOG_FILLOG, SYSLO G_NOTICE, String ); String = IP[Src=xx.xx.xx.xx Dst=xx.x x.xx.xx prot spo=xxxx dpo=xxxx] S04>R01mD IP[…] is the packet header and S04>R01mD means filter set 4 (S) an[...]

  • Página 282

    Prestige 334 User’s Guide 281 Chapter 29 System Information and Diagnosis 29.3.1.5 Firewall log 29.3.2 Call-T riggering Packet Call-T riggering Packet displays information about the packet tha t triggered a dial-out call in an easy readable format. Equiva lent information is available in menu 24.1 in hex format. An example is shown next. Firewall[...]

  • Página 283

    Prestige 334 User’s Guide Chapter 29 System Inform ation and Diagnosis 282 Figure 155 Call-T riggering Packet Example 29.4 Diagnostic The diagnostic facility allows you to test the di f ferent aspects of your Prestige to determine if it is working properly . Menu 24.4 allows you to choose among various ty pes of diagnostic tests to evaluate your [...]

  • Página 284

    Prestige 334 User’s Guide 283 Chapter 29 System Information and Diagnosis Figure 156 Menu 24.4 System Maintenance : Diagnostic 29.4.1 W AN DHCP DHCP functionality can be enabled on the L AN or W AN as shown in LAN & W AN DHCP. LAN DHCP has already been discussed. The Pres tige can act either as a W AN DHCP client ( IP Address Assignment field[...]

  • Página 285

    Prestige 334 User’s Guide Chapter 29 System Inform ation and Diagnosis 284 W AN D HCP Renewal Enter 3 to renew your W AN DHCP settings. Internet Setu p T est Enter 4 to test the Internet setup. Y o u can also test the Internet setup in Menu 4 - Internet Access . Please refer to the Internet Access chapter for more details. This feature is only av[...]

  • Página 286

    Prestige 334 User’s Guide 285 Chapter 29 System Information and Diagnosis[...]

  • Página 287

    Prestige 334 User’s Guide Chapter 30 Firmware and Confi guration File Maintenance 286 C HAPTER 30 Firmware and Configuration File Maintenance This chapter tells y ou how to backup and restor e your configuration file as well as upload new firmware and configuration files. 30.1 Filename Conventions The configuration file (often ca lled the romfile[...]

  • Página 288

    Prestige 334 User’s Guide 287 Chapter 30 Firmware and Con f iguration File Main tenance The following table is a summary . Please note that the internal filename refe rs to the filename on the Prestige and the external f ilename refers to the filename not on the Prestige, that is, on your computer , local network or FTP site and so the name (but [...]

  • Página 289

    Prestige 334 User’s Guide Chapter 30 Firmware and Confi guration File Maintenance 288 Figure 158 T elnet in Menu 24.5 30.2.2 Using the FTP Command from the Comman d Line 1 Launch the FTP client on your computer . 2 Enter “open”, followed by a space and the IP addres s of your Pres tige. 3 Press [ENTER] when prompted for a username. 4 Enter yo[...]

  • Página 290

    Prestige 334 User’s Guide 289 Chapter 30 Firmware and Con f iguration File Main tenance 30.2.3 Example of FTP Comm ands from the Command Line Figure 159 FTP Session Example 30.2.4 GUI-based FTP Clients The following table describes some of the commands that you may see in GUI-based FTP clients. 30.2.5 TFTP and FTP over W AN Management Limit ation[...]

  • Página 291

    Prestige 334 User’s Guide Chapter 30 Firmware and Confi guration File Maintenance 290 30.2.6 Backup Configuration Using TFTP The Prestige support s the up/downloading of the firmware and the configuration file using TFTP (T rivial File T ransfer Protocol) over LA N. Although TFTP should work over W AN as well, it is not recommended. T o use TFTP [...]

  • Página 292

    Prestige 334 User’s Guide 291 Chapter 30 Firmware and Con f iguration File Main tenance 30.2.8 GUI-based TFTP Client s The following table describes some of the fiel ds that you may see in GUI-based TFTP clients. 30.3 Restore Configuration This section shows you how to restore a previ ously saved configuration. Note that this function erases the [...]

  • Página 293

    Prestige 334 User’s Guide Chapter 30 Firmware and Confi guration File Maintenance 292 Figure 160 T elnet into Menu 24.6. 1 Launch the FTP client on your computer . 2 Enter “open”, followed by a space and the IP addres s of your Pres tige. 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default is “1234?[...]

  • Página 294

    Prestige 334 User’s Guide 293 Chapter 30 Firmware and Con f iguration File Main tenance 30.3.2 Restore Usin g FTP Session Example Figure 161 Restore Using FTP Session Example 30.4 Uploading Firmware and Configuration Files This section shows yo u how to upload firmware and co nfiguration files. Y ou can upload configuration files by following the[...]

  • Página 295

    Prestige 334 User’s Guide Chapter 30 Firmware and Confi guration File Maintenance 294 Figure 162 T elnet Into Menu 24.7.1 Upload System Firmware 30.4.2 Configuration File Upload Y ou see the following screen when you telnet into menu 24.7.2 Figure 163 T elnet Into Menu 24.7.2 System Maintenance . T o upload the firmware and the configuration file[...]

  • Página 296

    Prestige 334 User’s Guide 295 Chapter 30 Firmware and Con f iguration File Main tenance 4 Enter your password as requested (the default is “1234”). 5 Enter “bin” to set transfer mode to binary . 6 Use “put” to transfer files from the comp uter to the Pres tige, for exam ple, “put firmware.bin ras” transfers the firmware on your co[...]

  • Página 297

    Prestige 334 User’s Guide Chapter 30 Firmware and Confi guration File Maintenance 296 3 Enter the command “sys stdio 0” to disable th e console t imeout, so the TFTP transfer will not be interrupted. Enter “co mmand sys stdio 5” to restore the five-minute console timeout (default) when the f ile transfer is complete. 4 Launch the TFTP cli[...]

  • Página 298

    Prestige 334 User’s Guide 297 Chapter 30 Firmware and Con f iguration File Main tenance[...]

  • Página 299

    Prestige 334 User’s Guide Chapter 31 System Maintenance 298 C HAPTER 31 System Maintenance This chapter leads you through SM T menus 24.8 to 24.10. 31.1 Command Interpreter Mode The Command Interpreter (CI) is a part of the ma in system firmware. The CI provides much of the same functionality as the SMT , while a dding some low-level se tup and d[...]

  • Página 300

    Prestige 334 User’s Guide 299 Chapter 31 System M aintenance 31.1.2 Command Usage A list of commands can be found b y typing help or ? at the command prompt. Always type the full command. T ype exit to return to the SMT ma in menu when finished. Figure 166 V alid Commands 31.2 Call Control Support The Prestige provides t w o call control functio [...]

  • Página 301

    Prestige 334 User’s Guide Chapter 31 System Maintenance 300 Figure 168 Budget Manage ment The total budget is the time li mit on the accumulated time for ou tgoing calls to a remo te node. When this limit is reached, th e call will be dropped and further outgoing calls to that remote node will be blocked. After each period, the total budget is re[...]

  • Página 302

    Prestige 334 User’s Guide 301 Chapter 31 System M aintenance Figure 169 Menu 24.9.2 - Call History The following table describes the fields in this menu. 31.3 T ime and Date Setting The Real T ime Chip (R TC) keeps track of the time and date (not available on all models). There is also a software me chanism to se t the time manually or get th e c[...]

  • Página 303

    Prestige 334 User’s Guide Chapter 31 System Maintenance 302 Figure 170 Menu 24: System Maintenan ce Enter 10 to go to Menu 24.10 - System Maintena nce - Time and Date Setting to update the time and date settings of your Prestige as shown in the following screen. Menu 24 - System Maintenance 1. System Status 2. System Information and Console P ort[...]

  • Página 304

    Prestige 334 User’s Guide 303 Chapter 31 System M aintenance Figure 171 Menu 24.10 System Maintenance : T ime and Date Setting The following table describes the fields in this screen. Menu 24.10 - System Mainten ance - Time and Date Setting Time Protocol= NTP (RFC-1305) Time Server Address= time-b.ni st.gov Current Time: 08 : 07 : 14 New Time (hh[...]

  • Página 305

    Prestige 334 User’s Guide Chapter 31 System Maintenance 304 31.3.1 Resetting the T ime The Prestige resets the time in three instances: 1 On leaving menu 24.10 after making changes. 2 When the Prestige starts up, if there is a timeserver configured in menu 24.10. 3 24-hour intervals after starting. End Date Enter the month and day that your d ayl[...]

  • Página 306

    Prestige 334 User’s Guide 305 Chapter 31 System M aintenance[...]

  • Página 307

    Prestige 334 User’s Guide Chapter 32 Remo te Management 306 C HAPTER 32 Remote Management This chapter covers remote ma nagement (SMT menu 24.1 1). 32.1 Remote Management Remote management allows you to determ ine which services/protocols can access which Prestige interface (if any) from which computers. Y ou may manage your Prestige from a remot[...]

  • Página 308

    Prestige 334 User’s Guide 307 Chapter 32 Remote Manag ement Figure 172 Menu 24.1 1 – Remote Managem ent Control The following table describes the fields in this screen. 32.1.1 Remote Management Limit ations Remote management over LAN or W AN will not work when: 1 A filter in menu 3.1 (LAN) or in menu 1 1.5 (W AN) is applied to block a T elnet, [...]

  • Página 309

    Prestige 334 User’s Guide Chapter 32 Remo te Management 308 3 The IP address in the Secure Client IP field (menu 24.1 1) does not match the client IP address. If it does not match, the Prestig e will disconnect the session immediately . 4 There is an SMT console session running. 5 There is already another remote management session with an equal o[...]

  • Página 310

    [...]

  • Página 311

    Prestige 334 User’s Guide Chapter 33 Call Scheduling 310 C HAPTER 33 Call Scheduling Call scheduling (applicable for PPPoA or PPPoE encapsulati on only) allows you to dictate when a remote node sho uld be called and for how long. 33.1 Introduction to Call Scheduling The call scheduling feature allows the Prestige to manage a remote node and dicta[...]

  • Página 312

    Prestige 334 User’s Guide 311 Chapter 33 Call Scheduling Y ou can design up to 12 sched ule sets but you can only apply up to fo ur schedule sets for a remote node. T o setup a schedule set, select the schedule set you want to setup from menu 26 (1-12) and press [ENTER] to see Menu 26.1 — Schedule Set Setup as shown next. Figure 174 Menu 26.1 S[...]

  • Página 313

    Prestige 334 User’s Guide Chapter 33 Call Scheduling 312 Once your schedule sets are conf igured , you must then apply them to the desired remote node(s). Enter 1 1 from the Main Menu and then enter the tar get remote node index. Using [SP ACE BAR] , select PPPoE or PPPoA in the Encapsulation field and then press [ENTER] to make the schedule sets[...]

  • Página 314

    Prestige 334 User’s Guide 313 Chapter 33 Call Scheduling[...]

  • Página 315

    Prestige 334 User’s Guide Chapter 34 VPN/IPSec Setup 314 C HAPTER 34 VPN/IPSec Setup This chapter introduces the VPN SMT menus. 34.1 VPN/IPSec Overview The VPN/IPSec main SMT menu has these main submenus: 1 Define VPN policies in menu 27.1 su bmenus, including security po licies, endpoint IP addresses, peer IPSec router IP address and ke y manage[...]

  • Página 316

    Prestige 334 User’s Guide 315 Chapter 34 VPN/IPSec Setup Figure 177 Menu 27 VPN/IPSec Setup 34.2 IPSec Summary Screen T ype 1 in menu 27 and then press [ENTER] to display Menu 27.1 IPSec Summary . This is a summary read-only menu of your IPSec rules (t unnels). Edit or create an IPSec rule by selecting an index number and then co nfiguring the as[...]

  • Página 317

    Prestige 334 User’s Guide Chapter 34 VPN/IPSec Setup 316 Local Addr St a r t When the Addr T ype field i n Menu 27.1.1 IPSec Setup is configured to Single , this is a static IP address on the LAN behind your Prestige. When the Addr T ype field in Menu 27.1.1 IPSec Setup is configured to Range , this is the beginning (static) IP address, in a rang[...]

  • Página 318

    Prestige 334 User’s Guide 317 Chapter 34 VPN/IPSec Setup Remote Addr End When the Addr T ype field in Menu 27.1.1 IPSec Setup is configured to Single , this is the same (static) IP address as in the Remote Addr S t art field. When the Addr T ype field in Menu 27.1.1 IPSec Setup is configured to Range , this is the end (static) IP address, in a ra[...]

  • Página 319

    Prestige 334 User’s Guide Chapter 34 VPN/IPSec Setup 318 Figure 179 Menu 27.1.1 IPSec Setup The following table describes the fields in this menu. Menu 27.1.1 – IPSec Setup Index= 1 Name= Taiwan Active= Yes Keep Alive= No Nat Traversal= No Local ID type Content= My IP Addr= 0.0.0.0 Peer ID type= IP Content= Secure Gateway Address= zw50test.zyx [...]

  • Página 320

    Prestige 334 User’s Guide 319 Chapter 34 VPN/IPSec Setup Content When you select IP in the Local ID T ype fi eld, type the IP addre ss of your computer or leave the field blank to have the Pres tige automatically use its own IP address. When you select DNS in the Local ID T ype field, type a domain name (up to 31 char- acters) by which to identif[...]

  • Página 321

    Prestige 334 User’s Guide Chapter 34 VPN/IPSec Setup 320 Port S tart 0 is the default and signifies any port. T y pe a port number from 0 to 65535. Y ou cannot create a VPN tunnel if you try to connect using a port number that does no t match this port number or range of port numbers. Some of the most common IP ports are: 21, FTP; 53, DNS; 23, T [...]

  • Página 322

    Prestige 334 User’s Guide 321 Chapter 34 VPN/IPSec Setup 34.3 IKE Setup T o edit this menu, the Key Manageme nt field in Menu 27.1.1 – IPSec Setup must be set to IKE . Move the cursor to the Edit Key Management Setup field in Menu 27.1.1 – IPSec Setup ; press [SP ACE BAR] to select Ye s and then press [ENTER] to display Menu 27. 1.1.1 – IKE[...]

  • Página 323

    Prestige 334 User’s Guide Chapter 34 VPN/IPSec Setup 322 Figure 180 Menu 27.1.1.1 IKE Setup The following table describes the fields in this menu. Menu 27.1.1.1 - IKE Setup Phase 1 Negotiation Mode= Main Pre-Shared Key= ? Encryption Algorithm= DES Authentication Algorithm= MD 5 SA Life Time (Seconds)= 2880 0 Key Group= DH1 Phase 2 Active Protocol[...]

  • Página 324

    Prestige 334 User’s Guide 323 Chapter 34 VPN/IPSec Setup 34.4 Manual Setup Y ou only co nfigure Menu 27.1.1.2 – Manual Setup when you select Manual in the Key Management field in Menu 27.1.1 – IPSec Setup . Manual key mana gement is useful if you have problem s with IKE key management. Authentication Algorithm MD5 (Message Digest 5) and SHA1 [...]

  • Página 325

    Prestige 334 User’s Guide Chapter 34 VPN/IPSec Setup 324 34.4.0.1 Active Protocol This field is a combination of mode and secu rity protocols used for the VPN. See the W eb Configurator part on VPN for more information on these parameters. 34.4.0.2 Security Parameter Index (SPI) T o edit this menu, move the cursor to the Edit Manual Setup field i[...]

  • Página 326

    Prestige 334 User’s Guide 325 Chapter 34 VPN/IPSec Setup Encryption Algorithm Press [SP ACE BAR] to choose from NULL , 3DES or DES and then press [ENTER]. Fill in the Key1 field below wh en you choose DES and fill in fields Key1 to Key3 when you choose 3DES . Select NULL to set up a tunnel witho ut encryption. When you select NULL , you do not en[...]

  • Página 327

    Prestige 334 User’s Guide Chapter 35 SA Monitor 326 C HAPTER 35 SA Monitor This chapter teaches you h ow to manage your SAs by using the SA Monitor in SMT menu 27.2. 35.1 SA Monitor Overview A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel. This menu (shown next) disp lays active VPN connections. 35[...]

  • Página 328

    Prestige 334 User’s Guide 327 Chapter 35 SA Monitor Figure 182 Menu 27.2 SA Monitor The following table describes the fields in this menu. Me nu 27.2 - SA Monitor # --- 001 002 003 004 005 006 007 008 009 010 Name -------------------------------- Taiwan : 3.3.3.1 – 3.3.3.3.100 Encap. --------- Tunnel IPSec ALgorithm ---------------- ESP DES MD5[...]

  • Página 329

    Prestige 334 User’s Guide Appendix A Tro ubleshooting 330 Appendix A T roubleshooting This chapter covers potential pr oblems and possible remedies. After each problem descri ption, some instructions are provided to help you to diagnose and to solve the problem. Please see our included disk for further information. Table 110 Troubleshooting PROBL[...]

  • Página 330

    Prestige 334 User’s Guide 331 Appendix A Troubleshooting 35.3 Problems with the Password 35.4 Problems with Remote Management Access to a web page with a URL containing a forbidden keyword is not blocked. Make sure that you select the Keywor d Blocking check box in the Content Filtering screen. Make sure that the ke ywords that you type are liste[...]

  • Página 331

    Prestige 334 User’s Guide Appendix B PPPoE 332 Appendix B PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP ov er Ethernet, RFC 2516) from your computer to an A TM PVC (Permanent V irt ual Circuit) whic h connects to a DSL Access Concentrator where the PPP session terminates (see the next figure). One PVC can support an[...]

  • Página 332

    Prestige 334 User’s Guide 333 Appendix B PPPoE Figure 183 Single-Compute r per Router Hardwa re Configuration How PPPoE W orks The PPPoE driver makes the Ethernet appea r as a serial link to the computer and the computer runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC). Between the AC and an ISP , the [...]

  • Página 333

    Prestige 334 User’s Guide Appendix C PPTP 334 Appendix C PPTP What is PPTP? PP TP (Point-to-Point T unneling Protocol) is a Microsoft proprietary protocol (RFC 2637 for PP TP is informational only) to tunnel PPP frames. How can we transport PP P frames from a computer to a broadband modem over Ethernet? A solution is to build PP TP in to the ANT [...]

  • Página 334

    Prestige 334 User’s Guide 335 Appendix C PPTP PPTP Protocol Overview PP TP is very similar to L2TP , since L2TP is based on both PP TP and L2F (Cisco’ s Layer 2 Forwarding). Conceptually , there are three pa rties in PP TP , namely the PNS (PP TP Network Server), the P AC (PP TP Access Concentrator) a nd the PP TP user . The PNS is the box that[...]

  • Página 335

    Prestige 334 User’s Guide Appendix C PPTP 336 Figure 187 Example Message Exchange between Computer and an ANT PPP Dat a Connection The PPP frames are tunneled between the PN S and P AC over GRE (General Routing Encapsulation, RFC 1701, 17 02). The individual calls within a tunnel are distinguished using the Call ID field in the GRE header .[...]

  • Página 336

    Prestige 334 User’s Guide 337 Appendix C PPTP[...]

  • Página 337

    Prestige 334 User’s Guide Appendix D NetBIOS Filter Commands 338 Appendix D NetBIOS Filter Commands The following describes the Ne tBIOS packet filter commands. Introduction NetBIOS (Network Basic Input/Output System ) are TCP or UDP broadcast packets that enable a computer to connect to and communicate with a LAN. For some dial-up services such [...]

  • Página 338

    Prestige 334 User’s Guide 339 Appendix D NetBIOS Filter Commands The filter types and their defa ult settings are as follows. NetBIOS Filter Configuration Syntax:sys filter netbios config <ty pe> <on|off> where Table 113 NetBIOS Filter Default Settings NAME DESCRIPTION EXAMPLE Between LAN and WAN This field displays whether NetBIOS pa[...]

  • Página 339

    Prestige 334 User’s Guide Appendix E L og Descriptions 340 Appendix E Log Descriptions Configure centralized logs using the embedded web configurator; see online help for details. This appendix provides descrip tions of example log messages. Table 114 System Error logs LOG MESSAGE DESCRIPTION %s exceeds the max. numbe r of session per host! This [...]

  • Página 340

    Prestige 334 User’s Guide 341 Appendix E Log Descriptions Table 116 UPnP Logs LOG MESSAGE DESCRIPTION UPnP pass through Firewall UPnP pa ckets can pass through the firewall. Table 117 ICMP Type and Code Explanations TYPE CODE DESCRIPTION 0 Echo Reply 0 Echo reply message 3 Destination Unreachable 0 Net unreachable 1 Host unreachable 2 Protocol un[...]

  • Página 341

    Prestige 334 User’s Guide Appendix F S etting up Yo ur Compute r’s IP Addres s 342 Appendix F Setting up Y our Computer ’ s IP Address All computers must have a 10M or 100M Et hernet adapter card and TCP/IP installed. W indows 95/98/Me/NT/2000/XP , Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software [...]

  • Página 342

    Prestige 334 User’s Guide 343 Appendix F Setting up Your Compu t er’s IP Address Figure 188 WIndows 95/98 /Me: Networ k: Configura tion Inst alling Component s The Network window Configuration tab displays a list of installed components. Y ou need a network adapter , the TCP/IP protocol and Client for Microso ft Networks. If you need the adapte[...]

  • Página 343

    Prestige 334 User’s Guide Appendix F S etting up Yo ur Compute r’s IP Addres s 344 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click OK . 5 Restart your computer so the changes you made take ef fect. Configuring 1 In the Network window Configuration tab, sel[...]

  • Página 344

    Prestige 334 User’s Guide 345 Appendix F Setting up Your Compu t er’s IP Address Figure 190 Windows 95/98/Me : TCP/IP Pr operties: DNS Configuration 4 Click the Gateway tab. • If you do no t know your gateway’ s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click[...]

  • Página 345

    Prestige 334 User’s Guide Appendix F S etting up Yo ur Compute r’s IP Addres s 346 Figure 191 Windows XP: S tar t Menu 2 For W indows XP , click Network Connections . For W indows 2000/NT , click Network and Dial-up Connections . Figure 192 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Pr operties .[...]

  • Página 346

    Prestige 334 User’s Guide 347 Appendix F Setting up Your Compu t er’s IP Address Figure 193 Windows XP: Control Panel: Network Connections: Pro perties 4 Select Internet Protocol (TCP/IP) (under the Genera l tab in W in XP) and click Properties . Figure 194 Windows XP: Local Area Conne ction Properties 5 The Internet Pr otocol TCP/IP Properties[...]

  • Página 347

    Prestige 334 User’s Guide Appendix F S etting up Yo ur Compute r’s IP Addres s 348 • If you have a static IP address click Use the following IP Address and fill in the IP addr ess , Subnet mask , and Default gateway fields. Click Advanced . Figure 195 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address , r[...]

  • Página 348

    Prestige 334 User’s Guide 349 Appendix F Setting up Your Compu t er’s IP Address 7 In the Internet Protocol TCP/IP Pr operties window (the General tab in W indows XP): • Click Obtain D NS server address automatically if you do not know your DNS server IP addre ss(es). • If you know your DNS server IP address(es), click Use the following DNS[...]

  • Página 349

    Prestige 334 User’s Guide Appendix F S etting up Yo ur Compute r’s IP Addres s 350 Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel . Figure 197 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list.[...]

  • Página 350

    Prestige 334 User’s Guide 351 Appendix F Setting up Your Compu t er’s IP Address Figure 198 Macintosh O S 8/9: TC P/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configur e: list. 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the I[...]

  • Página 351

    Prestige 334 User’s Guide Appendix F S etting up Yo ur Compute r’s IP Addres s 352 • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list . Figure 200 Macintosh O S X: Netw ork 4 For statically assigned settings, do the following: •F r o m t h e[...]

  • Página 352

    Prestige 334 User’s Guide 353 Appendix F Setting up Your Compu t er’s IP Address[...]

  • Página 353

    Prestige 334 User’s Guide Appendix G Brute-Force Password Guessing Protection 354 Appendix G Brute-Force Password Guessing Protection The following describes the c ommands for enablin g, disabling and configuring the brute-force password guessing protect ion mechanism for the password. Example sys pwderrtm 5 This command sets the password protect[...]

  • Página 354

    Prestige 334 User’s Guide 355 A ppendix G Brute-Forc e Password G uessing Pr otection[...]

  • Página 355

    Prestige 334 User’s Guide Appendix H TM SS 356 Appendix H TMSS This appendix discusses T rend Micro Security Se rvices setup and access. Please see your TMSS user guide for more information. T o view the TMSS dash boar d, follow the steps below . 1 Click TMSS under ADV ANCED in the we b configurator . 2 Select the Service Settings tab. 3 Select t[...]

  • Página 356

    Prestige 334 User’s Guide 357 Appendix H TMSS Figure 202 TMSS Welcome Screen 7 Click Continue>> to proceed to down load ActiveX control. Figure 203 Download ActiveX Control 8 Select Y es to install and run ActiveX control. 9 Once the installation is complete the Ho me Network Security Services dashboard appears. From this screen you can tak[...]

  • Página 357

    Prestige 334 User’s Guide Appendix H TM SS 358 Figure 204 Home Network Security Services Dashboar d 10 See the T rend Micr o User ’ s Guide for information on TMSS.[...]

  • Página 358

    Prestige 334 User’s Guide 359 Appendix H TMSS[...]

  • Página 359

    Prestige 334 User’s Guide Appendix I Triangle Route 360 Appendix I T riangle Route The Ideal Setup When the firewall is on, your Prestige acts as a secure gateway between your LAN and the Internet. In an ideal network topology , a ll incoming and outgoing network traf fic passes through the Prestige to protect your LAN against attacks. Figure 205[...]

  • Página 360

    Prestige 334 User’s Guide 361 Appendix I Triangle Route Figure 206 “T riangle Route” Problem The “T riangle Route” Solutions This section presents you two solutions to the “triangle route” problem. IP Aliasing IP alias allows you to partition your network into logical sections over the same Ethernet interface. Y our Prestige supports [...]

  • Página 361

    Prestige 334 User’s Guide Appendix I Triangle Route 362 Figure 207 IP Alias Gateways on the W AN Side A second solution to the “triangle route” problem is to put all of your network gateways on the W AN side as the following figure shows. This en sures that all incoming netw ork traffic passes through your Prestige to your LAN. The refore you[...]

  • Página 362

    Prestige 334 User’s Guide 363 Appendix I Triangle Route[...]

  • Página 363

    Prestige 334 User’s Guide Index 364 Index A Active 225 ActiveX 135 Allocated Bu dget 227 A T command 287 Authen 227 Authenticat ion Protocol 226 B Backup 196 , 287 Budget Management 299 , 300 C Call Control 299 Call History 30 0 Call Scheduling 31 0 Maximum Number of Schedule Sets 310 PPPoE 312 Precedence 310 Precedence Example 310 Call-T rigerri[...]

  • Página 364

    Prestige 334 User’s Guide 365 Index FTP 58 , 64 , 90 , 91 , 92 , 138 , 142 , 307 FTP File T ransfer 293 FTP Restrictio ns 138 , 289 , 307 FTP Server 247 G Gateway 235 Gateway IP Addr 229 Gateway IP Address 220 General Setup 56 Global 86 H Hidden Menus 202 Hop Count 235 Host 60 HTTP 92 , 320 I Idle T imeout 227 IGMP 65 , 66 Inside 86 Inside Global[...]

  • Página 365

    Prestige 334 User’s Guide Index 366 O One to One 89 Outside 86 P Password 60 , 200 , 20 4 , 219 , 271 Period(hr) 227 Ping 283 Point-to-Point Tunneling Protocol 77 , 92 POP3 92 Port Numbers 92 PPPoE 332 PPPoE Encapsulation 222 , 224 , 227 PPTP 92 Private 104 , 230 , 235 R RAS 277 Related Documentation 30 Rem Node Name 225 Remote Management Firewal[...]

  • Página 366

    Prestige 334 User’s Guide 367 Index T race Record s 278 T raffic Redirect 82 , 83 T rigge r Port Forwarding 252 Process 98 U Universal Plug and Pl ay (UPnP) 106 UNIX Syslog 278 Upload Firmware 293 URL Keyword Blocking 135 Use Server Detected IP 209 User Name 59 , 208 User Specified IP Addr 209 V VPN 77 W W AN D HCP 283 , 284 WA N S e tu p 21 0 We[...]