ZyXEL Communications P-660HW-TX manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122

Ir a la página of

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones ZyXEL Communications P-660HW-TX. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica ZyXEL Communications P-660HW-TX o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual ZyXEL Communications P-660HW-TX se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales ZyXEL Communications P-660HW-TX, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones ZyXEL Communications P-660HW-TX debe contener:
- información acerca de las especificaciones técnicas del dispositivo ZyXEL Communications P-660HW-TX
- nombre de fabricante y año de fabricación del dispositivo ZyXEL Communications P-660HW-TX
- condiciones de uso, configuración y mantenimiento del dispositivo ZyXEL Communications P-660HW-TX
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de ZyXEL Communications P-660HW-TX no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de ZyXEL Communications P-660HW-TX y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico ZyXEL Communications en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de ZyXEL Communications P-660HW-TX, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo ZyXEL Communications P-660HW-TX, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual ZyXEL Communications P-660HW-TX. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    P-660HW-Tx v2 Series 802.11g Wireless ADSL2+ 4-port Gateway Support Notes Version3.40 Mar. 2006[...]

  • Página 2

    P-660HW-Tx v2 Series Support Notes FAQ ................................................................................................................. 6 ZyNOS FAQ ................................................................................................. 6 1. What is ZyNOS? ...................................................................[...]

  • Página 3

    P-660HW-Tx v2 Series Support Notes 17. What do the ATM QoS Types (C BR, UBR, VBR-nRT, VBR-RT) mean? ................................................................................................................ 16 18. What is content filter? ....................................................................... 17 ADSL FAQ ......................[...]

  • Página 4

    P-660HW-Tx v2 Series Support Notes Wireless FAQ ............................................................................................ 29 General FAQ ........................................................................................... 29 1. What is a Wireless LAN? ...................................................... 29 2. What are th[...]

  • Página 5

    P-660HW-Tx v2 Series Support Notes 4. What is the difference between 40-bit and 64-bit WEP?. ..... 35 5. What is a WEP key? ............................................................. 35 6. Will 128-bit WEP communicate with 64-bit WEP? ................ 35 7. Can the SSI D be encrypted? ................................................ 36 8. By tur[...]

  • Página 6

    P-660HW-Tx v2 Series Support Notes 3. Using FTP to Upload the Firmware and Configuration Files ............. 118 CI Command Reference ......................................................................... 121 5 All contents copyright © 2006 ZyXEL Communicati ons Cor poration.[...]

  • Página 7

    P-660HW-Tx v2 Series Support Notes FAQ ZyNOS FAQ 1. What is ZyNOS? ZyNOS is ZyXEL's proprietary Network O perating System. It is the platform on all Prestige routers that delivers network services and applications. It is designed in a modular fashion so it is easy for developers to add new features. New ZyNOS software upgrades can be easil y d[...]

  • Página 8

    P-660HW-Tx v2 Series Support Notes a. Use the TELNET client program in your PC to login to your P-660HW-Tx v2. b. Enter CI command 'sys stdio 0' to disable Stdio idle timeout c. To upgrade firmware, use TFTP client program to put firmware in file 'ras' in the Prestige. After data transfe r is finished, the P-660HW-Tx v2 will pro[...]

  • Página 9

    P-660HW-Tx v2 Series Support Notes 9. What is SUA? When should I use SUA? SUA (Single User Account) is a unique feature supported by Prestige router which allows multiple people to access Inte rnet concurrently for the cost of a single user account. When Prestige acting as SUA receives a packet from a local client destined for the outside Internet,[...]

  • Página 10

    P-660HW-Tx v2 Series Support Notes 11. Is it possible to access a server running behind SUA from the outside Internet? If possible, how? Yes, it is possible because P-660HW-Tx v2 delivers the packet to the local server by looking up to a SUA server tabl e. Therefore, to ma ke a local server accessible to the outside users, the por t number and the [...]

  • Página 11

    P-660HW-Tx v2 Series Support Notes • Many One-to-One: In Many One-to-One mode, the P-660HW-Tx v2 maps each ILA to unique IGA. • Server: In Server mode, the P-660HW-Tx v2 maps multiple inside servers to one global IP address. This allows us to specify multiple servers of different types behind the NAT for outside access. Note, if you want to map[...]

  • Página 12

    P-660HW-Tx v2 Series Support Notes 16. How can I protect against IP spoofing attacks? The P-660HW-Tx v2's filter sets provide a means to protect against IP spoofing attacks. The basic scheme is as follows: For the input data filter: • Deny packets from the outside that claim to be from the inside • Allow everything that is not spoofing us [...]

  • Página 13

    P-660HW-Tx v2 Series Support Notes Product FAQ 1. How can I manage P-660HW-Tx v2?  Multilingual Embedded Web GUI for Local and Remote management  CLI (Command-line interface)  Telnet support (Administrator Password Protected ) for remote configuration change and status monitoring  FTP/ TFTP sever, firmware upgr ade and configuration bac[...]

  • Página 14

    P-660HW-Tx v2 Series Support Notes 5. What is the micro filt er or splitter used for ? Generally, the voice band uses the lo wer frequency ranging from 0 to 4KHz, while ADSL data transmission uses the higher frequency. The micro filter acts as a low-pass filter for your telephone set to ensur e that ADSL transmissions do not interfere with your voi[...]

  • Página 15

    P-660HW-Tx v2 Series Support Notes locations on the Internet. To use the service, you must first apply an account from several free Web servers such as http://www.dyndns.org/. Without DDNS, we always tell the users to use the WAN IP of the P-660HW-Tx v2 to reach our internal server. It is in convenient for the us ers if this IP is dynamic. With DDN[...]

  • Página 16

    P-660HW-Tx v2 Series Support Notes managements. Because the remote gateway checks this source port during connections, the port thus is not allowed to be changed. 13. How do I setup my P-660HW-Tx v2 for routing IPSec packets over SUA? For outgoing IPSec tunnels, no extra setting is required. For forwarding the inbound IPSec ESP tunnel, A 'Defa[...]

  • Página 17

    P-660HW-Tx v2 Series Support Notes fluctuating natural bit rate. The P-660H W-Tx v2 is able to support variable traffic among different virtual connections . Certain traffic may be discarded if the virtual connection experiences congesti on. Traffic shaping defines a set of actions taken by the P-660HW-Tx v2 to avoid congestion; traffic shaping tak[...]

  • Página 18

    P-660HW-Tx v2 Series Support Notes 18. What is content filter? Internet Content filter a llows you to create and enfor ce Internet access policies tailored to your needs. Content filter give s you the ability to block web sites that contain key words (that you specify) in the URL. You can set a schedule for when the P-660HW-Tx v2 performs content f[...]

  • Página 19

    P-660HW-Tx v2 Series Support Notes ADSL FAQ 1. How does ADSL compare to Cable modems? ADSL provides a dedicated service over a single telephone line; cable modems offer a dedicated service over a shared media. While cable modems have greater downstream bandwidth capa bilities (up to 30 Mbps), that bandwidth is shared among all users on a line, and [...]

  • Página 20

    P-660HW-Tx v2 Series Support Notes 6. Does the VC-based multiplexing perform better than the LLC-based multiplexing? Though the LLC-based multiplexing can carr y multiple protocols over a single VC, it requires extra header information to identify the prot ocol being carried on the virtual circuit (VC). The VC-bas ed multiplexing needs a separate V[...]

  • Página 21

    P-660HW-Tx v2 Series Support Notes More and more Telco/ISPs are providing three kinds of services (VoIP, Video and Internet) over one existing ADSL connection. • The different services (such as vi deo, VoIP and Internet access) require different Qulity of Service. • The high priority is Voice (VoIP) data. • The Medium priority is Video (IPTV)[...]

  • Página 22

    P-660HW-Tx v2 Series Support Notes Firewall FAQ General 1. What is a network firewall? A firewall is a system or group of syst ems that enforces an access-control policy between two networks. It may also be defined as a mechanism used to protect a trusted network from an untrusted network. The firewall can be thought of two mechanisms: One to blo c[...]

  • Página 23

    P-660HW-Tx v2 Series Support Notes Stateful Inspection Firewalls restrict access by screening data packets against defined access rules. They make access control decisions based on IP address and protocol. They also 'ins pect' the session data to assure the integrity of the connection and to adapt to dynamic protocols. The flexible nature[...]

  • Página 24

    P-660HW-Tx v2 Series Support Notes There are four types of DoS attacks: 1. Those that exploits bugs in a TCP/IP implementation such as Ping of Death and Teardrop. 2. Those that exploits weaknesses in the TCP/IP specification such as SYN Flood and LAND Attacks. 3. Brute-force attacks that flood a network with useless data such as Smurf attack. 4. IP[...]

  • Página 25

    P-660HW-Tx v2 Series Support Notes 11 What is Brute-force attack? A Brute-force attack, such as 'Smurf' attack, targets a f eature in the IP specification known as directed or subnet broadcasting, to quickly flood the target network with useless data. A Smurf hacker flood a destination IP address of each packet is the broadcast addr ess o[...]

  • Página 26

    P-660HW-Tx v2 Series Support Notes 1. Change the default Administrator pa ssword since it is required when setting up the firewall. 2. Limit who can access to your P-660HW-Tx v2’s Web Configurator or CLI. You can enter the IP address of the secured LAN host in Web Configurator, Advanced Setup, Advanced -> Remote MGNT -> [Service] ->Secur[...]

  • Página 27

    P-660HW-Tx v2 Series Support Notes (2)You have disabled WWW/Telnet service in Web Configurator, Advanced setup, Advanced -> Remote MGNT: (3) WWW/Telnet service is enabled but your host IP is not the secured host entered in Web Configur ator, Advanced setup, Advanced -> Remote MGNT: (4)A filter set which blocks WWW/Telnet from WAN is applied t[...]

  • Página 28

    P-660HW-Tx v2 Series Support Notes Service= FTP TCP/21, TCP/20 Action=Forward (2) You have disabled FTP service in Web Configurator, Advanced setup, Advanced -> Remote MGNT. (3) FTP service is enabled but your host IP is not the secured host entered in Web Configurator , Advanced setup, Advanced -> Remote MGNT. (4) A filter set which blocks F[...]

  • Página 29

    P-660HW-Tx v2 Series Support Notes (1) Enable log function in Centralized l ogs setup via either one of the following methods, • Web configuration: Advanced Setup, Maintenance -> Logs -> Log Settings , check Access Control and Attacks options depending on your real situation. • CI command: sy s logs category [access | attack] (2) Enable l[...]

  • Página 30

    P-660HW-Tx v2 Series Support Notes Wireless FAQ General FAQ 1. What is a Wireless LAN? Wireless LANs provide all the functi onality of wired LANs, without the need for physical connections (wires). Data is modulated onto a radio frequency carrier and transmitted through the ether. Typical bit-rates are 11Mbps and 54Mbps, although in practice data t[...]

  • Página 31

    P-660HW-Tx v2 Series Support Notes 4. Where can you find 802.1 1 wireless networks? Airports, hotels, and even cof fee shop s like S tarbucks are deploying 802.1 1 networks so people can wirelessly browse the Internet with t heir laptops. As these types of networks increase, this will create additional security risk for the remote user if not prope[...]

  • Página 32

    P-660HW-Tx v2 Series Support Notes 10. What is 802.11g? 802.1 1g is an extens ion to 802.1 1b. 802.1 1g increases 8 02.1 1b's data rates to 54 Mbps and still utilise the 2.4 GHz ISM. Modulation is based upon OFDM (orthogonal frequency division multiplexing) technology . An 802.1 1b radio card will interface directly with an 802.1 1g access poi[...]

  • Página 33

    P-660HW-Tx v2 Series Support Notes attenuates radio waves. T he amount of attenuation suffered in p assing through concrete will be a function of its thick ness and amount of metal re-enforcement used. 16. What are potential factors that may causes interference among WLAN products? Factors of interference: (1) Obstacles: walls, ceilings, furniture?[...]

  • Página 34

    P-660HW-Tx v2 Series Support Notes 22. Does P-660HW-Tx v2 support auto rate adaption? Yes, it means that t he AP on P-660HW-Tx v2 will automatically decelerate when devices move beyond the optimal r ange, or other interference is present. If the device moves back within the r ange of a higher-speed transmission, the connection will automatically sp[...]

  • Página 35

    P-660HW-Tx v2 Series Support Notes WLAN NICs often include an internal antenna which may provide suf ficient reception. 7. Why the 2.4 Ghz Frequency range? This frequency range has been set aside by the FCC, and is generally labeled the ISM band. A few years ago Apple and s everal other large corporations requested that the FCC allow the developmen[...]

  • Página 36

    P-660HW-Tx v2 Series Support Notes S tring" passed through the WEP encryption algorithm. Access is denied by anyone who does not have an assigned key . WEP comes in 40/64-bit and 128-bit encryption key lengths. Note, WEP has shown to have fundament al flaws in its key generation processing. 3. What is WPA? Wi-Fi Protected Access (WPA) is a s u[...]

  • Página 37

    P-660HW-Tx v2 Series Support Notes 7. Can the SSID be encrypted? No, WEP only encrypts the data packets not the 802.11 management packets.The SSID is in the beac on and probe management messages and SSID goes over the air in clear text. This makes obtaining the SSID easy by sniffing 802.11 wireless traffic. 8. By turning off the broadcast of SSID, [...]

  • Página 38

    P-660HW-Tx v2 Series Support Notes Application Notes General Application Notes 1. Internet Access Using P-660H W-Tx v2 under Bridge mode • Setup your workstation • Setup your P-660HW-Tx v2 under bridge mode If the ISP limits some spec ific computers to access Internet, that means only the traffic to/from these computer s will be forwarded and t[...]

  • Página 39

    P-660HW-Tx v2 Series Support Notes Setup your P-660HW-Tx v2 under bridge mode The following procedure shows you how to configure your P-660HW-Tx v2 as bridge mode. We will use Web Configurator to guide you through the related menu. (1) Configure P-660HW-Tx v2 as bri dge mode and configure Internet setup parameters in Web Configur ator, Advanced Set[...]

  • Página 40

    P-660HW-Tx v2 Series Support Notes Internet Connection. Key Settings: Option Description Encapsulation Select the correct Encapsulation type that your ISP supports. For example, RFC 1483. Multiplexing Select the correct Multiplexing type that your ISP supports. For example, LLC. VPI & VCI number Specify a VPI (Virtual Path Ident ifier) and a VC[...]

  • Página 41

    P-660HW-Tx v2 Series Support Notes Set up your workstation (1) Ethernet connection Connect the LAN ports of all computers to the LAN Interface of P-660HW-Tx v2 using Ethernet cable. (2) TCP/IP configuration Since the P-660HW-Tx v2 is set to DHCP server as default, so you need only to configure the workstations as the DHCP clients in the networking [...]

  • Página 42

    P-660HW-Tx v2 Series Support Notes (1) Configure P-660HW-Tx v2 as rout ing mode and configure Internet setup parameters in Web Configur ator, Advanced Setup, Network -> WAN -> Internet Connection. Key Settings: Option Description Encapsulation Select the correct Encapsulation type that your ISP supports. For example, RFC 1483. Multiplexing Se[...]

  • Página 43

    P-660HW-Tx v2 Series Support Notes • Setup the P-660HW-Tx v2 as a DHCP Relay We could set the P-660HW-Tx v2 as a DHCP Relay by the following command in CLI : Ip dhcp enif0 mode relay Ip dhcp enif0 relay server [Server IP Address] 4. SUA Notes Tested SUA/NAT Applications (e.g ., Cu-SeeMe, ICQ, NetMeeting) Introduction Generally, SUA makes your LAN[...]

  • Página 44

    P-660HW-Tx v2 Series Support Notes TELNET None 23/client IP (and active Telnet service from WAN) POP3 None 110/client IP SMTP None 25/client IP mIRC None for Chat. For DCC, please set Default/Client IP . Windows PPTP None 1723/client IP ICQ 99a None for Chat. For DCC, please set: ICQ -> preference -> connections -> firewall and set the fir[...]

  • Página 45

    P-660HW-Tx v2 Series Support Notes 3.0 Microsoft Messenger Service 4.6/ 4.7/ 5.0/ … (none UPnP) 6 None for Chat, File transfer ,Video and Voice None for Chat, File transfer, Video and Voice Net2Phone None 6701/client IP Network Time Protocol (NTP) None 123 /server IP Win2k Terminal Server None 3389/server IP Remote Anything None 3996 - 4000/clien[...]

  • Página 46

    P-660HW-Tx v2 Series Support Notes For example, if the workstation operat ing Cu-SeeMe has an IP of 192.168.1.34, then the default SUA server must be se t to 192.168.1.34. The peer Cu-SeeMe user can reach this workstation by using P-660HW-Tx v2's WAN IP address which can be obtained fr om Web Configurator, Status -> WAN Information . Config[...]

  • Página 47

    P-660HW-Tx v2 Series Support Notes forwarded to the default server . If the default server is not defined, the service request is simply discarded. Configuration To make a server visible to the outsi de world, specify t he port number of the service and the inside address of the se rver in Web Configurator, Advanced Setup, Network -> NAT -> P[...]

  • Página 48

    P-660HW-Tx v2 Series Support Notes (3) If you want to change the port fo r Web Server, you could press button ‘Modify’ on corresponding rule, then modify and apply it. Default port numbers for some services Service Port Number FTP 21 Telnet 23 SMTP 25 DNS (Domain Name Server) 53 www-http (Web) 80 Configure a PPTP server behind SUA Introduction [...]

  • Página 49

    P-660HW-Tx v2 Series Support Notes IPX) can be run correctly. Windows NT Domain Login level security is preserved even across the Internet. Window98 PPTP Client / Internet / NT RAS Server Protocol Stack PPTP appears as new modem type (Virt ual Private Networking Adapter) that can be selected when setting up a connection in the Dial-Up Networking fo[...]

  • Página 50

    P-660HW-Tx v2 Series Support Notes Example The following example shows how to dial to an ISP via the P-660HW-Tx v2 and then establish a tunnel to a private network. There will be three items that you need to set up for PPTP application, these are PPTP server (WinNT), PPTP client (Win9x) and the P-660HW-Tx v2. (1) PPTP server setup (WinNT) • Add t[...]

  • Página 51

    P-660HW-Tx v2 Series Support Notes When you have finished the above settings, you can ping to the remote Win9x client from WinNT. This ping comm and is used to demonstrate that remote the Win9x can be reached across the In ternet. If the Internet connection between two LANs is achievable, you can place a VPN call from the remote Win9x client. For e[...]

  • Página 52

    P-660HW-Tx v2 Series Support Notes 5. Using Full Feature NAT When P-660HW-Tx v2 is in Routing mode, you can select NAT Option as Full Feature in Network -> Remote Node -> Edit: Key Settings: Field Options Description Full Feature When you select this option you can select Address Mapping Set Number 1~8 in the pull-down menu on the right. None[...]

  • Página 53

    P-660HW-Tx v2 Series Support Notes The P-660HW-Tx v2 has 8 remote nodes and so allows you to configure 8 NAT Address Mapping Sets, You must specify which NAT Address Mapping Set (1~8) to use in the remote node when you select Full Feature NAT. You can edit 10 rules for each Address Mapping Set. You can edit the rules for Address Mapping Sets #1 in [...]

  • Página 54

    P-660HW-Tx v2 Series Support Notes IP. Global End IP This is the ending global IP address (IGA). N/A Type This is the NAT mapping types. Many-to-One and Server Here we’ll guide you to confi gure Address Mapping Sets from Web Configurator and CLI . (Since in Web Configurator we can only edit the rules for Address Mapping Sets #1. The other Address[...]

  • Página 55

    P-660HW-Tx v2 Series Support Notes The following table describes the fields in this screen. Field Description Option/Example Type You can select one of the fi ve mapping types from the pull-down menu 1. One-to-One 2. Many-to-One 3. Many-to-Many Overload 4. Many-to-Many No Overload 5. Server Start This is the starting lo cal IP address (ILA) 0.0.0.0[...]

  • Página 56

    P-660HW-Tx v2 Series Support Notes Setp 3: Set NAT address mapping rule for t he Address Mapping Set you just configured (Set 2 in this example) by command ‘ ip nat addrmap rule [rule#] [insert | edit] [type] [local start IP] [l ocal end IP] [global start IP] [global end IP] [server set #] ’. Suppose we set a Many-to-One rule for set 2 by comma[...]

  • Página 57

    P-660HW-Tx v2 Series Support Notes server sets ip nat server save Save the NAT server set buffer into flash ip nat server clear [set#] Clear the server set [set#], must use “sav e” command to let it save into flash ip nat server edit [rule#] active Activate the rule [rule#], rule number is 1 to 24, the number 25-36 is for UP NP application ip n[...]

  • Página 58

    P-660HW-Tx v2 Series Support Notes Please note that a server can support more than one service, e.g., a server can provide both FTP and Mail service, while another provides only Web service. The following procedures show how to configure a server behind NAT. Step 1: Login Web Configur ator, Advanced Setup, Network -> NAT -> Port Forwarding. S[...]

  • Página 59

    P-660HW-Tx v2 Series Support Notes In our Internet Access example, we only need one rule where all our ILAs map to one IGA assigned by the ISP. You can just use the default SUA NAT , or you could select Full Feature NAT and select an Address Mapping Set with a Many-to-One Rule. See the following figure. (2) Internet Access with an Internal Server I[...]

  • Página 60

    P-660HW-Tx v2 Series Support Notes below: (3) Using Multiple Global IP addresses for clients and servers (One-to-One, Many-to-One, Server Set mapping types are used) In this case we have 3 IGAs from the I SP. We have two very busy internal FTP servers and also an internal general server for the web and mail. In this case, we want to assign the 3 IG[...]

  • Página 61

    P-660HW-Tx v2 Series Support Notes Step 1: In this case, we need to map ILA to more than one IGA, therefore we must choose the Full Feature option from the NAT field in currently active remote node, and assign IGA3 to P-660H W-Tx v2’s WAN IP Address. Step 2: Go to Web Confi gurator, Advanced Setup, Network -> NAT -> Address Mapping to begin[...]

  • Página 62

    P-660HW-Tx v2 Series Support Notes Rule 3 Setup: Select Many-to-One type to map the other clients to IGA3 (200.0.0.3). Rule 4 Setup: Select Server type to map our web server and mail server with ILA3 (192.168.1.20) to IGA3. Menu Network -> NAT -> Address Mapping should look as follows now: 61 All contents copyright © 2006 ZyXEL Communicati o[...]

  • Página 63

    P-660HW-Tx v2 Series Support Notes Step 3: Now we configure all other incoming traffic to go to our web server and mail server from Web Conf igurator, Advanced Setup, Netw ork -> NAT -> Port Forwarding: (4) Support Non NAT Friendly Applications Some servers providing Internet applic ations such as some mIRC servers do not allow users to login[...]

  • Página 64

    P-660HW-Tx v2 Series Support Notes One rule configured for using Many-to-Many No Overload mapping type is shown below. We can also do this by configure three One-to-One mapping type rules. 6. Using the Dynamic DNS (DDNS) • What is DDNS? The DDNS service, an IP Registry provides a public central database where information such as email addresses, [...]

  • Página 65

    P-660HW-Tx v2 Series Support Notes When the ISP assigns the P-660HW-Tx v2 a new IP, the P-660HW-Tx v2 must inform the DDNS server the change of this IP so that the se rver can update its IP-to-DNS entry. Once the IP-to-DNS t able in the DDNS serv er is updated, the DNS name for your web server (i.e., www.zyxel.com.tw) is still usable. The DDNS serv[...]

  • Página 66

    P-660HW-Tx v2 Series Support Notes For example, zyxel.com.tw. User Name Enter the user name that the DDNS server gives to you. Password Enter the password that the DDNS se rver gi ves to you. Enable Wildcard Enter the hostname for the w ildcard function that the WWW.DYNDNS.ORG supports. Note that Wildcard option is available only when the provider [...]

  • Página 67

    P-660HW-Tx v2 Series Support Notes When receiving any SNMP get or se t requirement with wrong community, this trap is sent to the manager. 6. whyReboot (defined in ZYXEL-MIB) : When the system is going to restart (wa rmstart), the trap will be sent with the reason of restart before rebooting. (1) For intentional reboot : In some cases (download new[...]

  • Página 68

    P-660HW-Tx v2 Series Support Notes The SNMP related settings in P-660HW-Tx v2 are configured in Web Configurator, Advanced Setup, Advanced -> Remote MGNT -> SNMP The following steps describe a simple set up procedure for configuring all SNMP settings. Key Settings: Option Descriptions Get Community Enter the correct Get Community. Th is Get C[...]

  • Página 69

    P-660HW-Tx v2 Series Support Notes 'public'. Trap Destination Enter the IP address of the NMS that you wish to send the traps to. If 0.0.0.0 is entered, the P-660HW-Tx v2 will not send trap any NMS manager. Note: You may need to edit a fire w a ll rule to permit SNMP Packets. 8. Using syslog You can configure it in Web Configurator, Advan[...]

  • Página 70

    P-660HW-Tx v2 Series Support Notes The P-660HW-Tx v2 supports three virt ual LAN interfaces via its single physical Ethernet interface. The firs t network can be configured in Web Configurator, Advanced Setup, Network -> LAN -> DHCP Setu p . The second and third networks that we call 'IP Alias 1' and 'IP Alias 2' can be co[...]

  • Página 71

    P-660HW-Tx v2 Series Support Notes You can edit filter rule to accept or deny LAN packets from/to the IP alias 1/2 go through the P-660HW-Tx v2 by command in CLI : lan index [index number] Usage: index number =1 main LAN 2 I P A l i a s # 1 3 I P A l i a s # 2 lan filter <incoming|outgoing> <tcpip|generic> [set#] Usage: set#= the corres[...]

  • Página 72

    P-660HW-Tx v2 Series Support Notes traffic among multiple paths. For example, if a network has both the Internet and remote node connections, we can rout e the Web packets to the Internet using one policy and route the FTP packets to the remote LAN using another policy. See the figure below. Use IPPR to distribute traf fic among multiple paths • [...]

  • Página 73

    P-660HW-Tx v2 Series Support Notes The actions that can be taken include rout ing the packet to a different gateway (and hence the outgoing interface) and t he TOS and precedence fields in the IP header. IPPR follows the existing packet filtering facility of ZyNOS in style and in implementation. The policies are divided into sets, where related pol[...]

  • Página 74

    P-660HW-Tx v2 Series Support Notes (Set the protocol ID as 6(TCP) for the rule) ip policyrouting set criteria serviceType 0 (Set the criteria type of servic e as don’t care for this rule) ip policyrouting set criteria precedence 8 (Set the precedence as don’t care for this rule) ip policyrouting set criteria packetlength 0 (Set the packet lengt[...]

  • Página 75

    P-660HW-Tx v2 Series Support Notes 11. Using Call Scheduling • What is Call Scheduling? Call scheduling enables the mechanism for the P-660HW-Tx v2 to run the remote node connection according to the pre-defined schedule. This feature is just like the scheduler ina video recorder which records the program according to the specified time. Users can[...]

  • Página 76

    P-660HW-Tx v2 Series Support Notes wan callsch oncedate 2005 12 27 (Set the schedule used just once, it works on 2005-12-27) wan callsch starttime 12 00 (Set the schedule start time as 12:00) wan callsch duration 16 00 (Set schedule duration time as 16 hours) wan callsch action 2 (Set action as dial-on-demand) wan callsch save (Save the current cal[...]

  • Página 77

    P-660HW-Tx v2 Series Support Notes • Time Service in P-660HW-Tx v2 There is no RTC (Real-Time Clock) chip so the P-660HW-Tx v2 should launch a mechanism to get current time and date from exter nal server in boot time. Time service is implemented by the Daytime protocol(RFC-867) , Time protocol(RFC-868) , and NTP protocol(RFC-1305) . You have to a[...]

  • Página 78

    P-660HW-Tx v2 Series Support Notes needs to be forwarded. At start up, the P-660HW-Tx v2 queries all directly connected networks to gather group membership. After that, the P-660HW-Tx v2 updates the information by periodic queries. The P-660HW-Tx v2 implementat ion of IGMP is also com patible with version 1. The multicast setting can be turned on o[...]

  • Página 79

    P-660HW-Tx v2 Series Support Notes Fairness-Based is chosen, then the bandwidth is allocated by ratio. Which means if A class needs 300 kbps, B cla ss needs 600 kbps, then the ratio of A and B's actual bandwidth is 1: 2. So if we get 450 kbps in total, then A would get 150 kbps, B would get 300 kbps. We select Priority-Based in this example. K[...]

  • Página 80

    P-660HW-Tx v2 Series Support Notes Step 3 : You can modify the rule by clicking the button ‘Edit’ on the rule: Key Settings: RuleName Give this rule a name, for example, 'WWW' BW Budget Configure the bandwidth you would like to allocate to this rule Priority Enter a number between 0 and 7 to set the priority of this class. The higher [...]

  • Página 81

    P-660HW-Tx v2 Series Support Notes Destination Subnet Mask Enter the destination subnet mask. Destination Port Enter the destination port number of the traffic. Source IP Address Enter the IP address of source that meat s this class. Note that for traffic from 'LAN to WAN' , since BWM is before NAT, you should use the IP address before NA[...]

  • Página 82

    P-660HW-Tx v2 Series Support Notes services of the line will be. After t hat, system will save back the correct VPI, VCI and also services (encapsulation) type into profile of WAN interface. • Configure the VC auto-hunt ing preconfigured table. (1) Display auto-haunting preconfigured table by using command from CLI : wan atm vchunt disp (2) Add i[...]

  • Página 83

    P-660HW-Tx v2 Series Support Notes (3) Delete items from the auto-haunting preconfigur ed table by useing command: wan atm vchunt remove <remote node> <vpi> <vci> • Using Zero configuration. You can enable/disable Zero Configuration in Netw ork -> WAN -> Advanced Setup: (1) After configure the auto-haunting pr econfigured [...]

  • Página 84

    P-660HW-Tx v2 Series Support Notes (4) Basically the zero conf iguration only work on the VC that was preconigured in the auto-haunting preconfigured table. 15. How could I configure tr iple play on P-660HW-Tx v2? The common triple play scenario is as follows: 0/32 Triple Play is a port-based policy to fo rward packets from different LAN port to di[...]

  • Página 85

    P-660HW-Tx v2 Series Support Notes The packet filter function on P-660HW-Tx v2 is the same as before, just that you could only configure the filt er set and apply them by command in CLI. It’s very complex for common users to do it. So here’s the recommendation: (1) Usually if you want to block special packets, you could edit a firewall rule in [...]

  • Página 86

    P-660HW-Tx v2 Series Support Notes • Apply to LAN Interface: lan index [index#] Usage: index#=1 main LAN 2 I P A l i a s # 1 3 I P A l i a s # 2 lan filter <incoming|outgoing> <tcpip |generic> <set1#> <set2#> <set3#> <set4#> Usage: You can apply at mo st four filter sets to LAN Interface. lan save (3) If you ar[...]

  • Página 87

    P-660HW-Tx v2 Series Support Notes mask] the rule sys filter set destport [port#] [compare type = none|equal|notequal|less|greate r] Set the destination port and compare type (co mpare type could be 0(none)|1(eq ual)|2(not equal)|3(less)|4(greater) ) sys filter set srcip [address] [subnet mask] Set the source IP address and subnet mask sys filter s[...]

  • Página 88

    P-660HW-Tx v2 Series Support Notes Wireless Application Notes 1. Configure a Wireless Client to Ad hoc mode Ad hoc Introduction What is Ad Hoc mode? Ad hoc mode is a wireless network cons ists of a number of stations without access points. Without using an access point or any connection to a wired network, a client unit in Ad hoc operat ion mode ca[...]

  • Página 89

    P-660HW-Tx v2 Series Support Notes Step 3: Select Ad hoc from the oper ation mode pull down menu, fill you an SSID and select a channel you want to use than press OK to apply. Step 4: Since there is no DHCP server to give the host IP you must first designate a static IP for your stati on. From Windows St art select Control Panel >Network Connect[...]

  • Página 90

    P-660HW-Tx v2 Series Support Notes Step 5: From general tab select TCP/IP and click property Step 6: Fill in your network IP addre ss and subnet mask and click OK to finish. Configuration for Wi reless Station B To configure Ad hoc mode on your ZyAIR B-100/B-200/B- 300 wireless NIC card please follow the following step. Step1: Double click on the u[...]

  • Página 91

    P-660HW-Tx v2 Series Support Notes Step 3: Select Ad hoc from the oper ation mode pull down menu, fill you an SSID and select a channel you want to use than press OK to apply. Step 4: Since there is no DHCP server to give the host IP you must first designate a static IP for your stati on. From Windows St art select Control Panel >Network Connect[...]

  • Página 92

    P-660HW-Tx v2 Series Support Notes Step 5: From general tab select TCP/IP and click property Step 6: Fill in your network IP addre ss and subnet mask and click OK to finish. Step 7: Station A now are abl e to connect to Station B. 2. Configuring Infrastructure mode Infrastructure Introduction For Infrastructure WLANs, multiple Access Points(APs) li[...]

  • Página 93

    P-660HW-Tx v2 Series Support Notes Configure Wireless Access Point to Infrastructure mode using Web configurator. To configure Infrastructure mode of your P-660HW-Tx v2 wireless AP please follow the steps below. Step 1 : Login Web Configurat or, Advanced Setup, Network -> Wireless LAN -> General . Configure the basic param eters for Wireless [...]

  • Página 94

    P-660HW-Tx v2 Series Support Notes Configuration Wireless Stati on to Infrastructure mode To configure Infrastructu re mode on your ZyAIR G-200 Wireless Network Adapter please follow the following steps. Step 1: Double click on the utility icon in your windows task bar the utility will pop up on your windows screen. Step 2: Select configuration tab[...]

  • Página 95

    P-660HW-Tx v2 Series Support Notes Step 3: Select Infrastructure from t he operation mode pull down menu, fill in an SSID or leave it as any if you wish to connect to any AP than press Apply Change to take effect. Step 4: Click on Site Survey tab, and pre ss search all the available AP will be listed. Step 5: Double click on the AP y ou want to ass[...]

  • Página 96

    P-660HW-Tx v2 Series Support Notes Step 6: After the client have associat ed with the selected AP. The linked AP's channel, current linkup rate, SSID, link quality, and signal strength will show on the Link Info page. You now successfu lly associate with the selected AP with Infrastructure Mode. 3. MAC Filter MAC Filter Overview Users can use [...]

  • Página 97

    P-660HW-Tx v2 Series Support Notes • ZyXEL MAC Filter Implementation ZyXEL's MAC Filter Implementation allows users to define a list to allow or block association from STAs. The filter set allows users to input 12 entries in the list. If Allow Association is selected, all other STAs which are not on the list will be denied. Otherwise, if D e[...]

  • Página 98

    P-660HW-Tx v2 Series Support Notes MAC Address This field specifies those MAC Addresse s th at you want to add in the list. 4. Setup WEP (Wired Equivalent Privacy) Introduction The 802.11 standard describes the comm unication that occurs in wireless LANs. The Wired Equivalent Privacy (WEP) al gorithm is used to protect wireless communication from e[...]

  • Página 99

    P-660HW-Tx v2 Series Support Notes Step 2: Set up WEP Key in the Web Conf igurator. You need to set the one of the following parameters: o 64-bit WEP key (secret key) with 5 characters o 64-bit WEP key (secret key) with 10 hexadecimal digits o 128-bit WEP key (secret key) with 13 characters o 128-bit WEP key (secret key) with 26 hexadecimal digits [...]

  • Página 100

    P-660HW-Tx v2 Series Support Notes (2) You can also put in an arbitrary sequence of characters in the ‘ Passphrase ’ and then press button ‘ Generate ’ to let the P-660HW-Tx v2 generate WEP Key for you: • Setting up the Station Step 1: Double click on the utility icon in your windows task bar or right click the utility icon then select &a[...]

  • Página 101

    P-660HW-Tx v2 Series Support Notes The utility will pop up on your windows screen: Note: If the utility icon doesn't exist in your task bar, click Start -> Programs -> …… to start the utility. Step 2: Select the 'C onfiguration' tab. Select ‘Set Security’ to configure encryption type and parameters correspond with acces[...]

  • Página 102

    P-660HW-Tx v2 Series Support Notes Note: You should select Key 1 as default Transmit Key, since the P-660HW-Tx v2 is supposed to use Key 1 by default. Key settings The WEP Encryption type of station has to equal to the access point. Check 'ASCII' field for characters WEP key or uncheck 'ASCII' field for Hexadecimal digits WEP ke[...]

  • Página 103

    P-660HW-Tx v2 Series Support Notes Hexadecimal digits don't need to preceded by '0x'. For example: 64-bits with characters WEP key : Key1= 2e3f4 64-bits with hexadecimal digits WEP key : Key1= 123456789A 5. Site Survey Introduction What is Site Survey? An RF site survey is a MAP to RF c ontour of RF coverage in a particular facility.[...]

  • Página 104

    P-660HW-Tx v2 Series Support Notes Step 2: Install an access point at the preliminary location. Step 3: Use a notebook with wireless client installed and run it's utility. An utility will provide information such as connection speed, current used channel, associated rate, link quality, signal st rength and etc information as shown in utility b[...]

  • Página 105

    P-660HW-Tx v2 Series Support Notes Step 5: When you reach the farthest point of connection mark the spot. Now you move the access point to this new spot as have already determine the farthest point of the access point installati on spot if wireless service is required from corner of the room. Step 6: Repeat step 1~5 and now you shou ld be able to m[...]

  • Página 106

    P-660HW-Tx v2 Series Support Notes Note: If there are more than one access point is needed be sure to make the adjacent access point service area over lap one another. So the wireless station is able to roam. For more in formation please refer to roaming at 6. Configure 802.1x and WPA • What is the WPA Functionality? • Configuration for Access [...]

  • Página 107

    P-660HW-Tx v2 Series Support Notes Protocol uses 128-bits keys that are dynamically generated and distributed by the authentication server. It includes a per-packet key mixing function, a Message Integrity Check (MIC) named Mic hael, an extend initialization vector (IV) with sequencing rules and a re-keying mechanism. If you do not have an external[...]

  • Página 108

    P-660HW-Tx v2 Series Support Notes Step 4: Click Appl y to finish. • Configuration for your PC Step 1: Double click on your wireless ut ility icon in your windows task bar, the utility will pop up on your windows screen. Step 2: Select the configur ation tab, type in the SSID (Service Set Identifier), select the operating Mode as Infrastructure, [...]

  • Página 109

    P-660HW-Tx v2 Series Support Notes Step 3: Click Set Security to configure the security parameters: Step 4: Click OK for finish, and begin to Site survey. Connect to the AP as you have configured. 108 All contents copyright © 2006 ZyXEL Communicati ons Cor poration.[...]

  • Página 110

    P-660HW-Tx v2 Series Support Notes Step 5: Click Link Info tab, if t he PC associated and authenticated with AP successfully, we will see the following information. 109 All contents copyright © 2006 ZyXEL Communicati ons Cor poration.[...]

  • Página 111

    P-660HW-Tx v2 Series Support Notes Support Tool 1. LAN/WAN Packet Trace The Prestige packet trace records and analyzes packets running on LAN and WAN interfaces. It is designed for us ers with technical backgrounds who are interested in the details of the packet fl ow on LAN or WAN end of Prestige. It is also very helpful for diagnostics if y ou ha[...]

  • Página 112

    P-660HW-Tx v2 Series Support Notes (2) Trace WAN packet • Disable the capture of t he LAN packet by entering: sys trcp channel enet0 none • Enable to capture the WAN packet by entering: sys trcp chann el mpoa00 bothway • Enable the trace log by entering: sys trcp s w on & sy s trcl s w on • Display the brief trac e online by entering: s[...]

  • Página 113

    P-660HW-Tx v2 Series Support Notes • Offline Trace • Disable the capture of t he WAN packet by entering: sys trcp channel mpoa00 none • Enable the capture of t he LAN packet by entering: sys trcp channel enet0 bothway • Enable the trace log by entering: sys trcp s w on & sy s trcl s w on • Wait for packet passing through the Prestige [...]

  • Página 114

    P-660HW-Tx v2 Series Support Notes • Capture the detailed l ogs by Hyper Terminal Step 1: Initiate a hyper terminal connection from your PC(suppose you connected to the LAN port of P-660HW-Tx v2) Step 2: Click the ‘properties’ to conf igure parameters to telnet to the P-660HW-Tx v2. 113 All contents copyright © 2006 ZyXEL Communicati ons Cor[...]

  • Página 115

    P-660HW-Tx v2 Series Support Notes Step 3: So that after you invoke the relevant commands, you could save the logs you’ve captured. 114 All contents copyright © 2006 ZyXEL Communicati ons Cor poration.[...]

  • Página 116

    P-660HW-Tx v2 Series Support Notes 2. Firmware/Configurations Upload ing and Downloading using TFTP • Using TFTP client software • Upload/download ZyNOS via LAN • Upload/download Prestige c onfigurations via LAN (1) Using TFTP to upload/dow nload ZyNOS via LAN Step 1: TELNET to your Prestige first before running the TFTP software Step 2: Type[...]

  • Página 117

    P-660HW-Tx v2 Series Support Notes The 192.168.1.1 is the IP addr ess of the Prestige. The lo cal file is the source file of the ZyNOS firmware that is availa ble in your hard disk. The remote file is the file name that will be saved in Pres tige. Check the port number 69 and 512-Octet blocks for TFTP. Check 'Binary' mode for fi le transf[...]

  • Página 118

    P-660HW-Tx v2 Series Support Notes  The 192.168.1.1 is the IP address of the Prestige.  The local file is the source file of y our configuration file that is available in your hard disk.  The remote file is the file name that will be saved in Prestige.  Check the port number 69 and 512-Octet blocks for TFTP.  Check 'Binary'[...]

  • Página 119

    P-660HW-Tx v2 Series Support Notes [cppwu@faelinux cppwu]$ tftp -I 192.168.1.1 put [local-ras] ras <- upload firmware 3. Using FTP to Upload the Firmware and Configuration Files In addition to upload the firmware and confi guration file via the console port and TFTP client, you can also upload t he firmware and configuration files to the Prestig[...]

  • Página 120

    P-660HW-Tx v2 Series Support Notes 'Binary' . Step 2: Press 'OK' to ignore the 'Username' prompt. Step 3: To upload the firmware file, we transfer the local 'ras' file to overwrite the remote 'ras' file. To upload the configurati on file, we transfer the local 'rom-0' to overwrite the remo[...]

  • Página 121

    P-660HW-Tx v2 Series Support Notes Step 4: The Prestige reboots automatica lly after the uploading is finished. Please do not power off the router at this moment. 120 All contents copyright © 2006 ZyXEL Communicati ons Cor poration.[...]

  • Página 122

    P-660HW-Tx v2 Series Support Notes CI Command Reference Command Syntax and General User Interface CI has the following command syntax: command < iface | device > subcommand [ param ] command subcommand [ param ] command ? | help command subcommand ? | help General user interface: 1. ? Shows the following commands and all major (sub)commands 2[...]