ZyXEL Communications Network Device P-2602 manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation ZyXEL Communications Network Device P-2602. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel ZyXEL Communications Network Device P-2602 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation ZyXEL Communications Network Device P-2602 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation ZyXEL Communications Network Device P-2602 devrait contenir:
- informations sur les caractéristiques techniques du dispositif ZyXEL Communications Network Device P-2602
- nom du fabricant et année de fabrication ZyXEL Communications Network Device P-2602
- instructions d'utilisation, de réglage et d’entretien de l'équipement ZyXEL Communications Network Device P-2602
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage ZyXEL Communications Network Device P-2602 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles ZyXEL Communications Network Device P-2602 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service ZyXEL Communications en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées ZyXEL Communications Network Device P-2602, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif ZyXEL Communications Network Device P-2602, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation ZyXEL Communications Network Device P-2602. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    P-2602HW(L) Series 802.1 1g Wireless ADSL2+ V oIP IAD P-2602H Series ADSL2+ V oIP IAD User ’ s Guide V ersion 3.40 7/2006 Edition 1[...]

  • Page 2

    [...]

  • Page 3

    P-2602H(W)(L)-DxA Ser ies User’s Guide Copyright 3 Copyright Copyright © 2006 by ZyXEL Communications Corpo ration. The contents of this publication may not be reprod uced in any part or as a wh ole, transcribed, stored in a retrieval system, tran slated into any language, or transmitted in any form or by any means, el ectronic, mech anical , ma[...]

  • Page 4

    P-2602H(W)(L)-DxA Series User’s Guide 4 Certifications Certifications Federal Communications Commissi on (FCC) Interference St atement This device complies with Part 15 of FCC rul es. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference rece ived, in[...]

  • Page 5

    P-2602H(W)(L)-DxA Ser ies User’s Guide Safety Warnings 5 Safety W arnings For your safety , be sure to read and fo llow all warning notices and instructions. • T o reduce the risk of fire, use only No. 26 A WG (American W ire Gauge) or larger telecommunication line cord. • Do NOT open the device or un it. Opening or removing covers can expose[...]

  • Page 6

    P-2602H(W)(L)-DxA Series User’s Guide 6 ZyXEL Limited Warranty ZyXEL Limited W arranty ZyXEL warrants to the original en d user (purchaser) that this product is free from any defects in materials or workmansh ip for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product ha[...]

  • Page 7

    P-2602H(W)(L)-DxA Ser ies User’s Guide Customer Support 7 Customer Support Please have the following information r eady when you contact customer support. • Product model and serial number . • W arranty Information. • Date that you received your de vice. • Brief description of the problem and the steps yo u took to solve i t. METHOD LOCAT[...]

  • Page 8

    P-2602H(W)(L)-DxA Series User’s Guide 8 Customer Suppo rt +” is the (prefix) number you enter to make an interna tional telephone call. NORWAY support@zyxel.no +47-22-80-61-80 www .zyxel.no ZyXEL Communications A/S Nils Hansens vei 13 0667 Oslo Norway sales@zyxel.no +47-22-80-61-81 POLAND info@pl.zyxel.com +48 (22) 333 8250 www .pl.zyxel.com Zy[...]

  • Page 9

    P-2602H(W)(L)-DxA Ser ies User’s Guide Table of Contents 9 T able of Content s Copyright .................................................. .......................................... ...................... 3 Certifications ............................................ .......................................... ...................... 4 Safety W arn[...]

  • Page 10

    P-2602H(W)(L)-DxA Series User’s Guide 10 Table of Contents 2.2.3 Main Window ...................... .................... ................... ................... ............ 55 2.2.4 S tatus Bar ..... ................ ................... ................... .................... .................. 55 Chapter 3 Internet and Wireles s Setup Wizard .[...]

  • Page 11

    P-2602H(W)(L)-DxA Ser ies User’s Guide Table of Contents 11 7.1.4 IP Address Assignment ............. ................... ................... ....................... ..95 7.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulatio n ............ .........95 7.1.4.2 IP Assignment with RFC 1483 Encapsulation ............... .................. 95 7.1.4.3[...]

  • Page 12

    P-2602H(W)(L)-DxA Series User’s Guide 12 Table of Contents 9.2 Wireless Security Overview ...................... ................... ....................... ............. 122 9.2.1 SSID ......... .................... ................... ................... .................... ................ 122 9.2.2 MAC Address Filt er ... ....... ...........[...]

  • Page 13

    P-2602H(W)(L)-DxA Ser ies User’s Guide Table of Contents 13 1 1.2.1 SIP Identities ........................ .................... ................... ....................... ...151 1 1.2.1.1 SIP Number .......... ................... .................... ...................... ..........151 1 1.2.1.2 SIP Service Domain ....... .....................[...]

  • Page 14

    P-2602H(W)(L)-DxA Series User’s Guide 14 Table of Contents 1 1.15.3 USA T ype Supplement ary Services .... ................... ................... ..........170 1 1.15.3.1 USA Call H old ............... ................... ................... ....................... 170 1 1.15.3.2 USA Call Waiting ............ ................... ................[...]

  • Page 15

    P-2602H(W)(L)-DxA Ser ies User’s Guide Table of Contents 15 13.7 Packet Filtering Vs Fi rewall .. ................... ................... .................... ................ 191 13.7.1 Packet Filtering: ................ .................... ................... ................... ..........191 13.7.1.1 When T o Use Filtering .......... ... ....[...]

  • Page 16

    P-2602H(W)(L)-DxA Series User’s Guide 16 Table of Contents 16.1.1 IPSec ................... .................... ................... ................... .................... ...215 16.1.2 Security Associatio n ...... ................... .................... ................... .............215 16.1.3 Other T erminology ...........................[...]

  • Page 17

    P-2602H(W)(L)-DxA Ser ies User’s Guide Table of Contents 17 17.18 T elecommuter VPN /IPSec Examples . ...................... .................... ................ 244 17.18.1 T elecommuters Shar ing One VPN Rule Example .............................. 244 17.18.2 T elecommuters Using Unique VPN Rules Example ................. ..........245 17.19 V[...]

  • Page 18

    P-2602H(W)(L)-DxA Series User’s Guide 18 Table of Contents 21.1.3 System Timeout ..... ....................... ................... .................... ................ 268 21.2 WWW ......... ...................... .................... ................... .................... ................... 268 21.3 T elnet ....... ................... ......[...]

  • Page 19

    P-2602H(W)(L)-DxA Ser ies User’s Guide Table of Contents 19 25.4 Firmware Upgrade Screen ....... ....... ............. ................... ................... ..........302 25.5 Backup and Restore ............ ............. ...... ....................... ................... ............. 304 25.5.1 Backup Config uration ..........................[...]

  • Page 20

    P-2602H(W)(L)-DxA Series User’s Guide 20 Table of Contents P-2602HWL Series Power Adaptor S pecificat ions .................. ................... ............ 336 Appendix B Splitters and Microfilters .............................................................................. ....... 339 Connecting a POTS S plit ter ....................... ...[...]

  • Page 21

    P-2602H(W)(L)-DxA Ser ies User’s Guide Table of Contents 21 RADIUS ............ ................... ................... .................... ...................... .................... .. 366 T ypes of RADIUS Messages ............................ ................... ................... ......... 366 T ypes of Authentication ....... .......... ...[...]

  • Page 22

    P-2602H(W)(L)-DxA Series User’s Guide 22 Table of Contents Internal SPTGEN Overview ............. ....................... ................... ...................... ...... 395 The Configuration T ext File Format ..... .................... ...................... ....................... .. 395 Internal SPTGEN File Modification - Impo rtant Point s [...]

  • Page 23

    P-2602H(W)(L)-DxA Ser ies User’s Guide List of Figure s 23 List of Figures Figure 1 Internet Access Applic ation ..... ....................... ................... .................... ................ 44 Figure 2 Internet T elephony Se rvic e Provider Application ........ ....................... ................... 45 Figure 3 Peer-to-peer Callin[...]

  • Page 24

    P-2602H(W)(L)-DxA Series User’s Guide 24 List of Figures Figure 39 Bandwidth Management Wizard: G eneral Information .................... ................... 80 Figure 40 Bandwidth Management Wizard: Serv ic e Configuration ..................... ................ 80 Figure 41 Bandwidth Management Wizard: Comp lete ........ ................... ....[...]

  • Page 25

    P-2602H(W)(L)-DxA Ser ies User’s Guide List of Figure s 25 Figure 82 Port Forwarding Rule Setup ............. .................... ................... ................... ....... 148 Figure 83 Network > NA T > ALG .................... ....................... ................... ................... ....... 149 Figure 84 SIP User Agent ......[...]

  • Page 26

    P-2602H(W)(L)-DxA Series User’s Guide 26 List of Figures Figure 125 T wo Phases to Set Up the IPSec SA ................ ................... ................... .......... 234 Figure 126 Advanced VPN Policies .......... ................... ....................... ...................... .......... 237 Figure 127 VPN: Manual Key ............. ......[...]

  • Page 27

    P-2602H(W)(L)-DxA Ser ies User’s Guide List of Figure s 27 Figure 168 E-mail Log Example ... ................... ....................... ...................... .................... ... 300 Figure 169 Firmware Upgrade ........... ....................... ................... ....................... ................ 303 Figure 170 Firmware Upload In [...]

  • Page 28

    P-2602H(W)(L)-DxA Series User’s Guide 28 List of Figures Figure 21 1 Mac intosh OS X: Apple Menu ........................... ................... ...................... ....... 350 Figure 212 Macintosh OS X: Network ....................... ................... ....................... ................ 351 Figure 213 Peer-to-Peer Communi cation in an[...]

  • Page 29

    P-2602H(W)(L)-DxA Ser ies User’s Guide List of Tables 29 List of T ables T able 1 Models Cov ered ............. ................... ....................... ................... ....................... ... 37 T able 2 ADSL S tandards ............. ...................... .................... ...................... .................... ... 38 T able [...]

  • Page 30

    P-2602H(W)(L)-DxA Series User’s Guide 30 List of Tables T able 39 Wireless: WP A(2)-PSK .............. ................ ................................................ .......... 129 T able 40 Wireless: WP A(2) ............ ................... ....................... ................... ....................... 130 T able 41 Wireless LAN : Advanc[...]

  • Page 31

    P-2602H(W)(L)-DxA Ser ies User’s Guide List of Tables 31 T able 82 VPN and NA T .................. ....................... ................... ....................... ................... 226 T able 83 Local ID T ype and Content Fields ... ................ .................... ................... ............. 228 T able 84 Peer ID T ype and Conte[...]

  • Page 32

    P-2602H(W)(L)-DxA Series User’s Guide 32 List of Tables T able 125 Troubleshooting S tarting Up Y our Devi ce ...... .................... ................... ............. 319 T able 126 Troubleshooting the LAN .................. ....................... ................... ....................... 319 T able 127 Troubleshooting the W AN ..........[...]

  • Page 33

    P-2602H(W)(L)-DxA Ser ies User’s Guide List of Tables 33 T able 168 RTP Logs ....... ................... .................... ................... ....................... ................... 38 9 T able 169 FSM Logs: Caller S ide ...... .................... ...................... .................... ................... 389 T able 170 FSM Logs: Ca[...]

  • Page 34

    P-2602H(W)(L)-DxA Series User’s Guide 34 List of Tables[...]

  • Page 35

    P-2602H(W)(L)-DxA Ser ies User’s Guide Preface 35 Preface Congratulations on your purchase of the P- 2602H(W)(L)-DxA 802.1 1g W ireless AD SL 2+ V oIP IAD (the “ZyXEL Device”). Y our ZyXEL Device is easy to install and configure. About This U ser's Guide This manual is designed to gu ide you through the configuratio n of your ZyXEL Devic[...]

  • Page 36

    P-2602H(W)(L)-DxA Series User’s Guide 36 Preface • Mouse action sequences are denoted using a ri ght angle bracket ( > ). For example , “In W indows, click St a r t > Settings > Control Panel ” means first click the St a r t button, then point yo ur mouse pointer to Settings and then click Contr ol Panel . • “e.g.,” is a shor[...]

  • Page 37

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 1 Getting To Know the ZyXEL Device 37 C HAPTER 1 Getting T o Know the ZyXEL Device This chapter describes the key features and applications of your device . 1.1 Introducing the P-2602H(W)(L)-Dx Series The P-2602H(W)(L)-DxA series are Integrated Ac cess Devices (IADs) that combine an ADSL2+ router wit[...]

  • Page 38

    P-2602H(W)(L)-DxA Series User’s Guide 38 Chapter 1 Getting To Know the ZyXEL Device Models with “3” as the next to the last char acter (like the P-2602HWL-D3A) denote a device that works over ISDN (Integrated Services Digita l Network). Models with “1” or “7” as the next to the last character (like the P-26 02HWL-D1A or the P-2602HWL-[...]

  • Page 39

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 1 Getting To Know the ZyXEL Device 39 PSTN Line (“L” models only) Y ou can connect a PSTN line to your device. Y ou can receive incoming PSTN phone calls even while someone else is making V oIP phone ca lls. Y ou can dial a (prefix) number to make an outgoing PSTN call. Y ou can still make P STN [...]

  • Page 40

    P-2602H(W)(L)-DxA Series User’s Guide 40 Chapter 1 Getting To Know the ZyXEL Device Network Address T ranslation (NA T) Network Address T ranslation (NA T) allows the tr anslation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another networ[...]

  • Page 41

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 1 Getting To Know the ZyXEL Device 41 Echo Cancellation Y ou device supports G .168, an ITU-T stan dard for eliminating the ec ho caused by the sound of your voice reverberating in th e telephone receiver while you talk. QoS (Quality of Servic e) Quality of Service (QoS) mechanis ms help to provide b[...]

  • Page 42

    P-2602H(W)(L)-DxA Series User’s Guide 42 Chapter 1 Getting To Know the ZyXEL Device Multiple P VC (Permanent Virtual Circuit s) Support Y our device supports up to 8 Permanen t V irtual Circuits (PVC’ s ). IP Alias IP alias allows you to partitio n a physical network into logi cal networks over the same Ethernet interface. Y o ur device support[...]

  • Page 43

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 1 Getting To Know the ZyXEL Device 43 Note: Y our device may be prone to RF (Radio Frequency) interference from other 2.4 GHz devices such as microwave ovens, wireless ph ones, Bluetooth enabled devices, and other wireless LANs. IEEE 802.1 1g+ Wireless LAN Y our device supports IEEE 80 2.1 1g+ to all[...]

  • Page 44

    P-2602H(W)(L)-DxA Series User’s Guide 44 Chapter 1 Getting To Know the ZyXEL Device 1.4 Applications for the ZyXEL Device Here are some example uses for wh ich the ZyXEL Device is well suited. 1.4.1 Internet Access Y our device is the ideal high-speed Internet ac cess solution. It supports the TCP/IP protocol, which the Internet uses exclusively [...]

  • Page 45

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 1 Getting To Know the ZyXEL Device 45 Figure 2 Internet T elephony Service Provider Application 1.4.3 Make Peer-to-peer Calls Y ou can call directly to someone’ s IP address without u sing a SIP proxy server . Peer-to-peer calls are also called “Point to Point” or “IP-to -IP” ca lls. Y ou m[...]

  • Page 46

    P-2602H(W)(L)-DxA Series User’s Guide 46 Chapter 1 Getting To Know the ZyXEL Device Figure 4 Firewall Application 1.4.5 LAN to LAN Application Y ou can use your device to connect two geogra phically dispersed networks over the ADSL line. A typical LAN-to-LAN app lication is shown as follows. Figure 5 LAN-to-LAN Applic ation[...]

  • Page 47

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 1 Getting To Know the ZyXEL Device 47 1.4.6 LEDs Figure 6 LEDs The following table describes your device’ s LEDs. Table 4 LEDs LED COLOR ST ATUS DESCRIPTION POWER Green On Y o ur device is receiving power and functioning properly . Blinking Y our device is reboot ing an d performing a self-test. Re[...]

  • Page 48

    P-2602H(W)(L)-DxA Series User’s Guide 48 Chapter 1 Getting To Know the ZyXEL Device Refer to the Quick S tart Guide for in formation on hard ware connections. DSL Green On Y our device ha s a DSL connection. Blinking Y our device is initializin g the DSL line. None Off The DSL link is do wn. INTERNET Green On Y our device has an IP connection but[...]

  • Page 49

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 2 Introducing the Web Configur ator 49 C HAPTER 2 Introducing the W eb Configurator This chapter describes how to access and navigate the web configurator . 2.1 W eb Configurator Overview The web configur ator is an HTML-based manageme nt interface that allows easy device setup and management via Int[...]

  • Page 50

    P-2602H(W)(L)-DxA Series User’s Guide 50 Chapter 2 Introducing the Web Configurator Figure 7 Password Screen 5 The following screen displays if you have no t yet changed your password. It is highly recommended you change the default passwo rd. Enter a new passwor d, retype it to confirm and click Apply ; alternatively click Ignor e to proceed to [...]

  • Page 51

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 2 Introducing the Web Configur ator 51 Note: For security reasons, the ZyXEL De vice automatically logs you out if you do not use the web configurator for five minutes. If this happens, log in again. Figure 9 Wizard or Advanced Screen 2.1.2 The RESET Button Y ou can use the RESET button at the back o[...]

  • Page 52

    P-2602H(W)(L)-DxA Series User’s Guide 52 Chapter 2 Introducing the Web Configurator 2.2 W eb Configurator Main Screen Figure 10 Main Screen As illustrated above, the main scr een is di vided into these parts: • A - title bar • B - navigation panel • C - main window • D - status bar 2.2.1 T itle Bar The title bar allows you to cha nge the [...]

  • Page 53

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 2 Introducing the Web Configur ator 53 The icons provide th e following functions. 2.2.2 Navigation Panel Use the men u items on the na vigation panel to open screens to conf igure ZyXEL Device features. The following tables describe each menu item. Table 5 Web Configurator Icon s in the Title Bar IC[...]

  • Page 54

    P-2602H(W)(L)-DxA Series User’s Guide 54 Chapter 2 Introducing the Web Configurator Phone Analog Phone Use this screen to set which ph one ports use which SIP accounts. Common Use this screen to configure general phone port settings. Region Use this screen to select your loca tion and call service mode. Phone Book Inco ming Call Policy Use this s[...]

  • Page 55

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 2 Introducing the Web Configur ator 55 2.2.3 Main Window The main window displays informa tion and configuration fields. It is discussed in the rest of this document. Right after you log in, the St a t u s screen is displayed. See Chapter 6 on page 83 for more information about the St a t u s screen.[...]

  • Page 56

    P-2602H(W)(L)-DxA Series User’s Guide 56 Chapter 2 Introducing the Web Configurator[...]

  • Page 57

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 3 Internet an d Wireless Setup Wizard 57 C HAPTER 3 Internet and Wireless Setup Wi za r d This chapter provides informatio n on the W izard Se tup screens for Internet access in the web configurator . 3.1 Introduction Use the wizard setup screens to configure your system for Internet access with the [...]

  • Page 58

    P-2602H(W)(L)-DxA Series User’s Guide 58 Chapter 3 Internet and Wireless Setup Wizar d Figure 12 Wizard Welcome 3 Y our ZyXEL device attempts to detect your DSL conn ection and your connection type. a The following screen appears if a connection is not detected. Check your hardware connections and click Restart the Internet/W ireless Setup Wizard[...]

  • Page 59

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 3 Internet an d Wireless Setup Wizard 59 Figure 14 Auto-Detection: PPPoE c The following screen appears if the ZyXEL device detects a connection but not the connectio n type. Click Next and refer to Section 3.2.1 on page 59 on how to manually configure the ZyXEL Device for Internet access. Figure 15 [...]

  • Page 60

    P-2602H(W)(L)-DxA Series User’s Guide 60 Chapter 3 Internet and Wireless Setup Wizar d SIP provider gave it to you. Le ave the defaults in any fields for which you were not given information. Figure 16 Internet Access Wizard Setup: ISP Parameters The following table describes the fields in this screen. T able 7 Internet Access Wizard Setup: ISP P[...]

  • Page 61

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 3 Internet an d Wireless Setup Wizard 61 2 The next wizard screen varies depending on wh at mode and encapsulation ty pe you use. All screens shown are with routing mode. Configure the fields and click Next to continue. See Section 3.3 on page 6 5 for wireless connection wizard setup Figure 17 Intern[...]

  • Page 62

    P-2602H(W)(L)-DxA Series User’s Guide 62 Chapter 3 Internet and Wireless Setup Wizar d Figure 18 Internet Connection with RFC 1483 The following table describes the fields in this screen. Figure 19 Internet Connection with ENET ENCAP Table 9 Internet Connection with RFC 1483 LABEL DESCRIPTION IP Address This field is available if you select Routi[...]

  • Page 63

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 3 Internet an d Wireless Setup Wizard 63 The following table describes the fields in this screen. Figure 20 Internet Connection with PPPoA The following table describes the fields in this screen. Table 10 Internet Connection with ENET ENCAP LABEL DESCRIPTION Obtain an IP Address Automatically A stati[...]

  • Page 64

    P-2602H(W)(L)-DxA Series User’s Guide 64 Chapter 3 Internet and Wireless Setup Wizar d • If the user name and/or password you ente red for PPPoE or PPPoA connection are not correct, the screen displays as shown next. Click Back to Username and Password setup to go back to the screen where you can modify them. Figure 21 Connection T est Failed-1[...]

  • Page 65

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 3 Internet an d Wireless Setup Wizard 65 3.3 Wireless Connection Wizard Setup After you configure the Internet access informatio n, use the following scr eens to set up your wireless LAN. 1 Select Ye s an d click Next to configure wireless settings. Otherwise, select No and skip to Ste p 6 . Figure 2[...]

  • Page 66

    P-2602H(W)(L)-DxA Series User’s Guide 66 Chapter 3 Internet and Wireless Setup Wizar d The following table describes the labels in this screen. 3 Configure your wireless settin gs in this screen. Click Next . Figure 25 Wireless LAN The following table describes the labels in this screen. T able 12 Wireless LAN Setup Wizard 1 LABEL DESCRIPTION Act[...]

  • Page 67

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 3 Internet an d Wireless Setup Wizard 67 Note: The wireless stations and ZyXEL Device must use the sa me SSID, channel ID and WEP encryption key (if WEP is enabled), WP A-PSK (if WP A-PSK is enabled) for wireless communicatio n. 4 This screen varies depending on the security mode you selected in the [...]

  • Page 68

    P-2602H(W)(L)-DxA Series User’s Guide 68 Chapter 3 Internet and Wireless Setup Wizar d The following table describes the labels in this screen. 3.3.2 Manually Assign a WEP key Choose Manually assign a WEP key to setup WEP Encryption parameters. Figure 27 Manually Assign a WEP key T able 14 Manually Assign a WP A key LABEL DESCRIPTION Pre-Shared K[...]

  • Page 69

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 3 Internet an d Wireless Setup Wizard 69 The following table describes the labels in this screen. 5 Click Apply to save your wireless LAN settings. Figure 28 Wireless LAN Setup 3 6 Use the read-only summary table to check whet her what you have configured is correct. Click Finish to complete and save[...]

  • Page 70

    P-2602H(W)(L)-DxA Series User’s Guide 70 Chapter 3 Internet and Wireless Setup Wizar d Figure 29 Internet Access and WLAN Wizard Se tup Complete 7 Launch your web browser and navigate to www .zyxel.com. Internet acces s is just the beginning. Refer to the rest of this guide for more detailed inform ation on the complete range of ZyXEL Device feat[...]

  • Page 71

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 4 VoIP Wizard And Example 71 C HAPTER 4 V oIP Wizard And Example This chapter shows you how to configure your SIP account(s) and make a V oIP phone call. 4.1 Introduction The ZyXEL Device has V oice over IP (V oIP) communication capabilities that allow you to use a traditional analog telephone to mak[...]

  • Page 72

    P-2602H(W)(L)-DxA Series User’s Guide 72 Chapter 4 VoIP Wizard And Example Figure 31 Select a Mode 2 Click V OICE OVER INTERNET SETUP to configure your SIP settings. Figure 32 Wizard: Welcome[...]

  • Page 73

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 4 VoIP Wizard And Example 73 3 Fill in the V OICE OVER INTERNET SETUP wizard screen with the information provided by your V oIP service provider . Y our V oIP service provider supplies you with the following information. Wh en you are finished, click Apply . Figure 33 V oIP Wizard Configuration The f[...]

  • Page 74

    P-2602H(W)(L)-DxA Series User’s Guide 74 Chapter 4 VoIP Wizard And Example 4 Y our ZyXEL Device will attempt to register your SIP account with your V oIP service provider . When y our account is registered your PHONE 1 light will come on and you are ready to make and receive V oIP phone calls. Figure 34 SIP Registration T est 5 This screen displa[...]

  • Page 75

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 4 VoIP Wizard And Example 75 Figure 35 V oIP Wizard Fail 6 This screen displays if your SIP ac count registration was successful. Click Return to Wiz ar d M a in Pa ge if you want to use another config uration wizard. Click Go to Advanced Setup page or Finish to close the wizard and go to the main we[...]

  • Page 76

    P-2602H(W)(L)-DxA Series User’s Guide 76 Chapter 4 VoIP Wizard And Example[...]

  • Page 77

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 5 Bandwidth Management Wiza rd 77 C HAPTER 5 Bandwid th Management Wizard This chapter shows you how to configure basic bandwidth management using th e wizard screens. 5.1 Introduction Bandwidth management allows y ou to control the amount of b andwidth going out through the ZyXEL Device’ s W AN po[...]

  • Page 78

    P-2602H(W)(L)-DxA Series User’s Guide 78 Chapter 5 Bandwidth Man agement Wizard 5.3 Bandwid th Management Wizard Setup 1 After you enter the password to access the web configurator , select Go to Wizard setup and click Apply . Otherwise, click the wiz ard icon ( ) in the top right corner of the web configurator to display the wiza rd main screen.[...]

  • Page 79

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 5 Bandwidth Management Wiza rd 79 Figure 37 Select a Mode 2 Click BANDWIDTH MANAGEMENT SETUP . Figure 38 Wizard: Welcome 3 Activate bandwidth management and select to allocate bandwidth to packets based on the packet size or services.[...]

  • Page 80

    P-2602H(W)(L)-DxA Series User’s Guide 80 Chapter 5 Bandwidth Man agement Wizard Figure 39 Bandwidt h Management Wizard: General In formation The following fields describe the label in this screen. 4 If you select Service Setup , use the second wiza rd screen to select the services that you want to apply bandwidth management and select the priorit[...]

  • Page 81

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 5 Bandwidth Management Wiza rd 81 The following table describes the labels in this screen. 5 Follow the on-screen instructions and click Finish to complete the wizard setup and save your configuratio n. Figure 41 Bandwid th Management Wizard: Complete T able 20 Bandwidth Management Wizard: Service Co[...]

  • Page 82

    P-2602H(W)(L)-DxA Series User’s Guide 82 Chapter 5 Bandwidth Man agement Wizard[...]

  • Page 83

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 6 Status Screens 83 C HAPTER 6 S t atus Screens Use the St a t u s screens to look at the current status of the device, sys tem resources, interfaces (LAN and W AN), and SIP accounts. Y ou can als o register and unregister SIP accounts. The St a t u s sc reen also provides detailed informatio n from [...]

  • Page 84

    P-2602H(W)(L)-DxA Series User’s Guide 84 Chapter 6 Sta tus Screens Each field is described in the following table. Table 21 Status Scree n LABEL DESCRIPTION Refresh Interval Enter how often you want the ZyXEL Device to update this screen. Apply Click this to update this screen immediately . Device Information Host Name This field displays the ZyX[...]

  • Page 85

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 6 Status Screens 85 Security Firewall This displays whether or not the ZyXEL Device’s firewall is activated. Click this to go to the screen where you can change it. Content Filter This displays whether or not the ZyXEL Device’s content filtering is activated. Click this to go to the screen where [...]

  • Page 86

    P-2602H(W)(L)-DxA Series User’s Guide 86 Chapter 6 Sta tus Screens 6.2 Any IP T able Click S tatus > AnyIP T able to access this screen. Use this screen to view the IP address and MAC address of each computer that is using the ZyXEL Device but is in a different subnet than the ZyXEL Device. Figure 43 Any IP T able Bandwidth S t atus Click this[...]

  • Page 87

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 6 Status Screens 87 Each field is described in the following table. 6.3 WLAN S t atus (“W” models only) Click St a t u s > W L A N St a t u s to access this screen. Use this screen to view the wireless stations that are currently ass ociated to the ZyXEL Device. Figure 44 WLAN S tatus The foll[...]

  • Page 88

    P-2602H(W)(L)-DxA Series User’s Guide 88 Chapter 6 Sta tus Screens Figure 45 Packet S t atistics The following table describes th e fields in this screen. Table 24 Packet S tatistics LABEL DESCRIPTION System Monitor System up T ime This is the elapsed time the system has been up. Current Date/T ime This field displays your ZyXEL Device’s presen[...]

  • Page 89

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 6 Status Screens 89 6.5 V oIP St atistics Click St a t u s > V o I P St a t i s t i c s to access this screen. Figure 46 V oIP S tatistics Up T ime Th is field displays the elapsed time this port has been up. LAN Port S t atistics Ethernet This field displays either Ethernet (LAN ports) or Wireles[...]

  • Page 90

    P-2602H(W)(L)-DxA Series User’s Guide 90 Chapter 6 Sta tus Screens Each field is described in the following table. Table 25 VoIP Statistics LABEL DESCRIPTION SIP S t atus Account This column disp lays each SIP account in the ZyXEL Device. Registration This field displays the current registrati on status of the SIP account. Y ou can change this in[...]

  • Page 91

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 6 Status Screens 91 Tx B/s This field displays how quickly the ZyXEL Device has transmitted p ackets in the current call. The rate is the average number of bytes transmitted per second. Rx B/s This field displays how quickly the Zy XEL Device has receiv ed pa ckets in the current call. The rate is th[...]

  • Page 92

    P-2602H(W)(L)-DxA Series User’s Guide 92 Chapter 6 Sta tus Screens[...]

  • Page 93

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 7 WAN Setup 93 C HAPTER 7 W AN Setup This chapter describes how to configure W A N settings. 7.1 W AN Overview A W AN (W ide Area Network) is an outside conn ection to another network or the Intern et. 7.1.1 Encap sulation Be sure to use the encapsulat ion method required by your ISP . The ZyXEL Devi[...]

  • Page 94

    P-2602H(W)(L)-DxA Series User’s Guide 94 Chapter 7 WAN Setup By implementing PPPoE directly on the ZyXEL Device (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the ZyXEL Device does that part of the task. Furthermore, with NA T , all of the LANs’ computers will have access. 7.1.1.3 PPPoA [...]

  • Page 95

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 7 WAN Setup 95 7.1.4 IP Address Assignment A static IP is a fixed IP that your ISP gives you. A dynamic IP is not fixed; the ISP assigns you a different one each time. The Si ngle User Account feature can be enabled or disabled if you have either a dynamic or static IP . Howeve r the encapsulation me[...]

  • Page 96

    P-2602H(W)(L)-DxA Series User’s Guide 96 Chapter 7 WAN Setup 7.2 Metric The metric represents the "cost of transmissi on". A router determines the best route for transmission by choosing a path with the lowest "cost". RI P routing u ses hop count as the measurement of cost, with a minimum of "1" for directly connecte[...]

  • Page 97

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 7 WAN Setup 97 Maximum Burst Size (MBS) is the maximum numb er of cells that can be sent at the PCR. After MBS is reached, cell rates fall below SCR until cell rate averages to the SCR again. At this time, more cells (up to the MBS) can be sent at the PCR again. If the PCR, SCR or MBS is set to the d[...]

  • Page 98

    P-2602H(W)(L)-DxA Series User’s Guide 98 Chapter 7 WAN Setup The VBR-nR T (non real-time V ariable Bit Rate) ty pe is used with bursty connections that do not require closely controlled delay and delay variation. It is commonly used for " bursty" traffic typical on LANs. PCR and MBS define the burst levels, SCR defines the minimum level[...]

  • Page 99

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 7 WAN Setup 99 Figure 48 Internet Access Setup (PPPoE) The following table describes the labels in this screen. Table 26 Internet Access Setup LABEL DESCRIPTION General Mode Select Routing (default) from the drop-down list box if your ISP allows multiple computers to share an Inter net account. Other[...]

  • Page 100

    P-2602H(W)(L)-DxA Series User’s Guide 100 Chapter 7 WAN Setup VCI The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local management of A TM traffic). Enter the VCI assigned to you. IP Address IP Address This optio n is avail able if yo u select Rout ing in the Mode field. A static IP address is a fixed IP that yo ur ISP gives y[...]

  • Page 101

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 7 WAN Setup 101 7.5.1 Advanced Internet Access Setup T o edit your ZyXEL Device's ad vanced W AN settings, click the Advanced Setup button in the Internet Access Setup screen. The screen appears as shown. Figure 49 Advanced Internet Access Setup The following table describes the labels in this s[...]

  • Page 102

    P-2602H(W)(L)-DxA Series User’s Guide 102 Chapter 7 WAN Setup 7.6 W AN More Connections The ZyXEL Device allows you to configure more than one Internet access connection. T o configure additional Internet access connections click Network > W AN > More Connections . The screen differs by the encapsulation. Peak Cell Rate Divide the DSL line [...]

  • Page 103

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 7 WAN Setup 103 Figure 50 W AN More Connections The following table describes the labels in this screen. 7.7 T raffic Redirect T raf fic redirect forwards traf fic to a backup gateway when the ZyXEL Device cannot connect to the Internet. An example is shown in the figure below . Table 28 Advanced Int[...]

  • Page 104

    P-2602H(W)(L)-DxA Series User’s Guide 104 Chapter 7 WAN Setup Figure 51 T raf fic Redirect Example The following network topology allows you to avoid triangle route security issues when the backup gateway is co nnected to the LAN. Use IP alias to configure the LAN into two or three logical networks with the ZyXEL Device itself as the gateway for [...]

  • Page 105

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 7 WAN Setup 105 7.8 W AN Backup Setup T o configur e your ZyXEL Device’ s W AN backup, click Network > W AN > W AN Backup Setup . The following table describes the labels in this screen. Table 29 W AN Backup Setup LABEL DESCRIPTION Backup T y pe Select the method that the ZyXEL Device uses to[...]

  • Page 106

    P-2602H(W)(L)-DxA Series User’s Guide 106 Chapter 7 WAN Setup T imeout T y pe the number of seconds (3 recommended) for your ZyXEL Device to wait for a ping response from one of the IP addresses in the Check W AN IP Address field before timing out the re quest. The W AN c onnection is considered "down" after the ZyXEL Device times out t[...]

  • Page 107

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 8 LAN Setup 107 C HAPTER 8 LAN Setup This chapter describes how to configure LAN settings. 8.1 LAN Overview A Local Area Network (LAN) is a shared comm unication system to which many computers are attached. A LAN is a computer network lim ited to the immediate area, usually the same building or floor[...]

  • Page 108

    P-2602H(W)(L)-DxA Series User’s Guide 108 Chapter 8 LAN Se tup 8.1.2 DHCP Setup DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows indiv idual clients to obtain TCP/IP configuration at start-up from a server . Y ou can configure the ZyXEL Device as a DHCP server or disable it. When configured as a server , the ZyXEL Device [...]

  • Page 109

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 8 LAN Setup 109 8.1.4 DNS Server Address Assignment Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because wit hout it, you must k now the IP address of a computer before you can access it. There are two ways tha[...]

  • Page 110

    P-2602H(W)(L)-DxA Series User’s Guide 110 Chapter 8 LAN Se tup 8.2.1.1 Private IP Addresses Every machine on the Internet must ha ve a unique address. If your network s are isolated from the Internet, for example, only between your two branch of fices, you can assign any IP addresses to the hosts without problems. However , the Internet Assigned [...]

  • Page 111

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 8 LAN Setup 111 8.2.3 Multicast T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of host s on the networ k - not everybody and not just 1. IGMP (Interne[...]

  • Page 112

    P-2602H(W)(L)-DxA Series User’s Guide 112 Chapter 8 LAN Se tup Figure 54 Any IP Example The Any IP fe ature does n ot apply to a computer u sing either a dynami c IP address or a static IP address tha t is in the sa me subnet as the ZyXEL Devi ce’ s IP address. Note: Y ou must enable NA T/SUA to use the Any IP feature on the ZyXEL Device. 8.2.4[...]

  • Page 113

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 8 LAN Setup 113 After all the routing information is updated, the computer can access the ZyXEL Device and the Internet as if it is in th e same subnet as the ZyXEL Device. 8.3 Configuring LAN IP Click Network > LAN to open the IP screen. See Section 8.1 on page 10 7 for background information. Fi[...]

  • Page 114

    P-2602H(W)(L)-DxA Series User’s Guide 114 Chapter 8 LAN Se tup Figure 56 Advanced LAN Setup The following table describes the labels in this screen. Table 31 Advanced LAN Setup LABEL DESCRIPTION RIP & Multicast Setup RIP Direction Se lect the RIP direction from None , Both , In Only and Out Only . RIP V ersion Select the RIP version from RIP-[...]

  • Page 115

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 8 LAN Setup 115 8.4 DHCP Setup Click Network > D HCP Setup to open this screen. Use this screen to configure the DNS server information that the ZyXEL Device sends to the DHCP client devi ces on the LAN. Figure 57 DHCP Setup The following table describes the labels in this screen. Table 32 DHCP Se[...]

  • Page 116

    P-2602H(W)(L)-DxA Series User’s Guide 116 Chapter 8 LAN Se tup 8.5 LAN Client List This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Med ia Access Control) addre ss. The MAC address is assigned at the factory and consists of six pairs of h[...]

  • Page 117

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 8 LAN Setup 117 The following table describes the labels in this screen. 8.6 LAN IP Alias IP alias allows you to partition a physical network into dif fer ent logical networks over the same Ethernet interface. The ZyXEL Device s upports three logical LA N interfaces via its single physical Ethernet i[...]

  • Page 118

    P-2602H(W)(L)-DxA Series User’s Guide 118 Chapter 8 LAN Se tup Figure 59 Physical Network & Partitioned Logical Networks Click Network > LAN > IP Alias to open the following screen. Use this screen to change your ZyXEL Device’ s IP alias settings. Figure 60 LAN IP Alias The following table describes the labels in this screen. T able 3[...]

  • Page 119

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 8 LAN Setup 119 RIP Direction RIP (Routing Information Protocol , RFC 1058 and RFC 1389) all ows a router to exchange routing informatio n with other routers. The RIP Direction field cont rols the sending and receiving of RIP packe ts. Select the RIP direction from Both / In Only / Out Only / None . [...]

  • Page 120

    P-2602H(W)(L)-DxA Series User’s Guide 120 Chapter 8 LAN Se tup[...]

  • Page 121

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 121 C HAPTER 9 W ireless LAN This chapter discusses how to configure the wire less network settings in your ZyXEL Device. See the appendices for more detailed informatio n about wireless networks.This chapter applies to the “W” models only . 9.1 Wireless Network Overview The follow[...]

  • Page 122

    P-2602H(W)(L)-DxA Series User’s Guide 122 Chapter 9 Wireless LAN Like radio stations or television channels, e ach wireless network uses a specific channel, or frequency , to send and receive information. • Every device in the same wireless networ k must use security compatible with the AP . Security stops unauthorized devices from using the wi[...]

  • Page 123

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 123 9.2.3 User Authentication Authentication is the process of verifying whet her a wireless device is allowed to use the wireless network. Y ou can make every user log in to the wireless network before they can use it. However , every device in the wireless network has to support IEEE[...]

  • Page 124

    P-2602H(W)(L)-DxA Series User’s Guide 124 Chapter 9 Wireless LAN When you select WP A2 or WP A2-PSK in your ZyXEL Device, you can a lso select an option ( WP A compatible ) to support WP A as well. In this case, if some of the devic es support WP A and some support WP A2, you should se t up WP A2-PSK or WP A2 (dependi ng on the type of wireless n[...]

  • Page 125

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 125 9.4 Additional Wireless T erms The following table describes wireless networ k terms and acronyms used in the ZyXEL Device. 9.5 General WLAN Screen Note: If you are configuring the ZyXEL Devi ce from a computer connected to the wireless LAN and you change the ZyXEL Device ’s SSI [...]

  • Page 126

    P-2602H(W)(L)-DxA Series User’s Guide 126 Chapter 9 Wireless LAN Figure 62 Wireless LAN: General The following table describes the general wireless LAN labels in this screen. 9.5.1 No Security Select No Security to allow wireless stations to commun icate with the access points without any data encryption. Table 36 Wireless LAN: General LABEL DESC[...]

  • Page 127

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 127 Note: If you do not enable an y wireless security on your ZyXEL Device, your network is accessible to any wireless network ing device tha t is within range. Figure 63 Wireless: No Security The following table describes the labels in this screen. 9.5.2 WEP Encryption Screen In order[...]

  • Page 128

    P-2602H(W)(L)-DxA Series User’s Guide 128 Chapter 9 Wireless LAN Figure 64 Wireless: S tatic WEP Encryption The following table describes the wireless LAN security labels in this screen. 9.5.3 WP A(2)-PSK In order to configure and enable WP A-PSK authentication; click Network > Wireless LAN to display the General screen. Select WP A-PSK or WP [...]

  • Page 129

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 129 Figure 65 Wireless: WP A(2)-PSK The following table describes the wireless LAN security labels in this screen. Table 39 Wireless: WPA(2)-PSK LABEL DESCRIPTION Security Mode Choose WP A-PSK or WP A2-PSK from the drop-down list box. WP A Compatible This field is only available for WP[...]

  • Page 130

    P-2602H(W)(L)-DxA Series User’s Guide 130 Chapter 9 Wireless LAN 9.5.4 WP A(2) Au thentication Screen In order to configure and enable WP A Authentication; click the Wireless LAN link under Network to display the Wir eless screen. Sele ct WP A or WP A2 from the Security list. Figure 66 Wirele ss: WP A(2) The following table describes the wireless[...]

  • Page 131

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 131 9.5.5 Wireless LAN Advanced Setup T o configure advanced wi reless settings, click the Advanced Setup button in the General screen. The screen appears as shown. Idle T imeout The ZyXEL Device automatically disconnects a wireless station from the wired network after a period of inac[...]

  • Page 132

    P-2602H(W)(L)-DxA Series User’s Guide 132 Chapter 9 Wireless LAN Figure 67 Advanced The following table describes the labels in this screen. Table 41 Wireless LAN: Advanced LABEL DESCRIPTION Wireless Advanced Setup RTS/CTS Threshold Enter a value between 0 and 2432. If you sele ct the G+ Enhanced checkbox a value of 4096 is di splayed. Fragmentat[...]

  • Page 133

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 133 9.6 OTIST Screen Use this screen to set up and start OTIST on the ZyXEL Device in yo ur wireless network.T o open this screen, click Network > Wir eless LAN > OTIST . Figure 68 Network > Wireless LAN > OTIST The following table describes the labels in this screen. Befor[...]

  • Page 134

    P-2602H(W)(L)-DxA Series User’s Guide 134 Chapter 9 Wireless LAN Figure 69 Example: Wireless Client OTIST Screen T o start OTIST in the device, click St a r t in this screen. Note: Y ou must click Star t in the ZyXEL Device and in the wireless device(s) within three minutes of each other . Y ou can start OTIST in the wireless device s and the ZyX[...]

  • Page 135

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 135 Figure 72 OTIST : In Progres s on the Wireless Device These screens close when the tra nsfer is complete. 9.6.1 Notes on OTIST 1 If you enable OTIST in a wireless device, you see this screen each time you start the utility . Click Ye s to search for an OTIST -enable d AP (in other [...]

  • Page 136

    P-2602H(W)(L)-DxA Series User’s Guide 136 Chapter 9 Wireless LAN 9.7 MAC Filter T o change your ZyXEL Device ’ s MAC filter settings, click Network > Wir eless LAN > MAC Filter . The screen appears as shown. Figure 74 MAC Addres s Filter The following table describes the labels in this menu. Table 43 MAC Address F ilter LABEL DESCRIPTION [...]

  • Page 137

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 137 9.8 QoS Screen The QoS screen by default allows you to au tomatically give a service a priority level. Click Network > Wi reless LAN > QoS . The following screen displays. Figure 75 Wireless LAN: QoS The following table describes the fields in this screen. MAC Address Enter t[...]

  • Page 138

    P-2602H(W)(L)-DxA Series User’s Guide 138 Chapter 9 Wireless LAN 9.8.1 Application Pr iority Configuration T o edit a WMM QoS application entry , click the edit icon under Modify . The following screen displays. Figure 76 Application Priority Configuration WMM QoS Policy Select Defa ult to have the ZyXEL Device aut omatically give a service a pri[...]

  • Page 139

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 9 Wireless LAN 139 See Appendix 31 on page 371 for a list of commonly-used se rv ices and destination ports. The following table describes th e fields in this screen. T able 45 Application Priori ty Configuration LABEL DESCRIPTION Application Priority Configuration Name T ype a description of the app[...]

  • Page 140

    P-2602H(W)(L)-DxA Series User’s Guide 140 Chapter 9 Wireless LAN[...]

  • Page 141

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 10 Network Address Translation (NAT) Scr eens 141 C HAPTER 10 Network Address T ranslation (NA T) Screens This chapter discusses how to configure NA T on the ZyXEL Device. 10.1 NA T Overview NA T (Network Address Translation - NA T , RFC 1631) is the tra nslation of the IP address of a host in a pack[...]

  • Page 142

    P-2602H(W)(L)-DxA Series User’s Guide 142 Chapter 10 Network Address Translation (NAT) Scree ns 10.1.2 What NA T Does In the simplest form, NA T changes the sour ce IP address in a packet received from a subscriber (the inside local address) to anothe r (the inside global address) before forwarding the packet to the W AN side. When the resp onse [...]

  • Page 143

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 10 Network Address Translation (NAT) Scr eens 143 10.1.4 NA T Application The following figure illustrates a possible NA T application, wher e three inside LANs (logical LANs using IP Alias) behind the ZyXEL Devi ce can communicate with three distinct W AN networks. Figure 78 NA T Application With IP[...]

  • Page 144

    P-2602H(W)(L)-DxA Series User’s Guide 144 Chapter 10 Network Address Translation (NAT) Scree ns Port numbers do NOT change for One-to-One and Many-to-Many No Overload NA T mapping types. The following table summarizes these types. 10.2 SUA (Single User Account) V ersus NA T SUA (Single User Account) is a ZyNOS implemen tation of a subset of NA T [...]

  • Page 145

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 10 Network Address Translation (NAT) Scr eens 145 Figure 79 NA T General The following table describes the labels in this screen. 10.4 Port Forwarding A port forwarding set is a list of inside (behind NA T on the LAN) servers, for example, web or FTP , that you can make visible to the outside world e[...]

  • Page 146

    P-2602H(W)(L)-DxA Series User’s Guide 146 Chapter 10 Network Address Translation (NAT) Scree ns Y ou may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server . The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for[...]

  • Page 147

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 10 Network Address Translation (NAT) Scr eens 147 10.5 Configuring Port Forwarding Note: If you do not assign a Default Serve r IP address, the ZyXEL Device discards all packet s received for port s that are not specified here o r in the remote management setup. Click Network > NA T > Port Forw[...]

  • Page 148

    P-2602H(W)(L)-DxA Series User’s Guide 148 Chapter 10 Network Address Translation (NAT) Scree ns 10.5.1 Port Forwarding Rule Edit T o edit a port forwarding rule, c lick the rule’ s edit icon in the Port Forwarding screen to display the screen shown next. Figure 82 Port Forwarding Rule Setup The following table describes th e fields in this scre[...]

  • Page 149

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 10 Network Address Translation (NAT) Scr eens 149 10.5.2 SIP ALG Some NA T routers may include a SIP Application La yer Gateway (ALG). A SIP ALG allows SIP calls to pass through NA T by examining an d translating IP addr esses embe dded in the data stream. When the ZyXEL Device register s with the SI[...]

  • Page 150

    P-2602H(W)(L)-DxA Series User’s Guide 150 Chapter 10 Network Address Translation (NAT) Scree ns[...]

  • Page 151

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 151 C HAPTER 11 Vo i c e This chapter provides background informatio n on V oIP and SIP and explains how to configure your device’ s voice settings. 1 1.1 Introduction to V oIP V oIP is the sendin g of voice signals over th e Internet Protocol. This allows you to make phone calls and send [...]

  • Page 152

    P-2602H(W)(L)-DxA Series User’s Guide 152 Chapter 11 Voice 1 1.2.1.2 SIP Service D omain The SIP service domain of the V oIP service provid er is the domain name in a SIP URI. For example, if the SIP address is 1 122334455@ V oIP-provider .com , then “V oIP-provider .com” is the SIP service domain. 1 1.2.2 SIP Call Progression The following f[...]

  • Page 153

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 153 1 1.2.3.1 SIP User Ag ent A SIP user agent can make and receive V oIP tele phone calls. This means that SIP can be used for peer-to-peer communications even though it is a client-server protocol. In the following figure, either A or B can act as a SIP user agent client to initiate a call[...]

  • Page 154

    P-2602H(W)(L)-DxA Series User’s Guide 154 Chapter 11 Voice 1 1.2.3.3 SIP Redirect Server A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends the translated IP address back to th e device that sent the request. Then the client device that originally sent the re quest can send requests to the IP[...]

  • Page 155

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 155 Figure 87 SIP > SIP Settings Each field is described in the following table. Table 53 SIP > SIP Settings LABEL DESCRIPTION SIP Account Select the SIP account you want to see in this screen. If you change this field, the screen automatica lly refreshes. SIP Settings Active SIP Accou[...]

  • Page 156

    P-2602H(W)(L)-DxA Series User’s Guide 156 Chapter 11 Voice 1 1.3.1 RTP When you make a V oIP call using SIP , the R TP (Real time T ransport Pr otocol) is used to handle voice data transfer . See RFC 1889 for details on R TP . 1 1.4 Pulse Code Modulation Pulse Code Modulation (PCM) me asures analog signal amplitudes at regular time int ervals and[...]

  • Page 157

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 157 1 1.6 PSTN Call Setup Signaling Dual-T one MultiFrequency (DTMF) signaling uses pairs of frequencies (one lower frequency and one higher frequency) to set up calls. It is also known as T ouch T one®. Each of the ke ys on a DTMF telephone corresponds to a different pair of frequencies. P[...]

  • Page 158

    P-2602H(W)(L)-DxA Series User’s Guide 158 Chapter 11 Voice 4 Y ou can continue to add, listen to, or delete tones, or yo u can hang up the receiv er when you are done. 1 1.8.0.2 Listening to Custom T ones Do the following to listen to a custom tone: 1 Pick up the phone and press “****” on yo ur phone’ s keypad and wait for the message that [...]

  • Page 159

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 159 Figure 88 V oIP > SIP Settings > Advanced[...]

  • Page 160

    P-2602H(W)(L)-DxA Series User’s Guide 160 Chapter 11 Voice Each field is described in the following table. Table 55 VoIP > SIP Settings > Advanc ed LABEL DESCRIPTION SIP Account This field displays the SIP account you see in this screen. SIP Server Set- tings URL T yp e Select whether or not to include th e SIP service domain name when the [...]

  • Page 161

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 161 DTMF Mode Control how the ZyXEL Device handles the tones that your telephone makes when you push its buttons. Y ou should use the same mode your V oIP service provider uses. RFC 2833 - send the DTMF tones in RTP packets. PCM - send the DTMF tones in the voic e data stream. This method wo[...]

  • Page 162

    P-2602H(W)(L)-DxA Series User’s Guide 162 Chapter 11 Voice 1 1.10 Quality of Service (QoS) Quality of Service (QoS) refers to both a networ k's ability to deliver data with minimum delay , and the networking methods used to provide ba ndwidth for real-time mu ltimedia applications. 1 1.10.1 T ype Of Service (T oS) Network traffic can be clas[...]

  • Page 163

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 163 The DSCP value determines the forwardi ng behavior , the PHB (Per -Hop Behavior), that each packet gets across the DiffServ network. Base d on the marking ru le, dif ferent kinds of traf fic can be marked for different priorities of fo rwarding. Resources can then be allocated according [...]

  • Page 164

    P-2602H(W)(L)-DxA Series User’s Guide 164 Chapter 11 Voice 1 1.1 1 Phone Y ou can configure the volume, ec ho cancellation and V AD settings for each individual phone port on the ZyXEL Device. Y ou can also select which SIP account to u se for making outgoing calls. 1 1.12 PSTN Line (“L” models only) W ith PSTN line you can make an d receive [...]

  • Page 165

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 165 1 1.13 Analog Phone Screen Use this screen to control which SIP accounts and PSTN line each phone uses. T o access this screen, click V oIP > Phone > Analog Phone . Figure 91 Phone > Analog Phone Each field is described in the following table. Table 57 Phone > Anal og Phone L[...]

  • Page 166

    P-2602H(W)(L)-DxA Series User’s Guide 166 Chapter 11 Voice 1 1.14 Advanced Analog Phone Setup Screen Use this screen to edit advanced settings for eac h phone port. T o access this screen, click Advanced Setup in V oIP > Phone > Analog Phone . Figure 92 Phone > Analog Phone > Advanced Each field is described in the following table. Ap[...]

  • Page 167

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 167 1 1.14.1 Common Phone Settings Screen Use this screen to activate and deactivate im mediate dialing. T o acces s this screen, click Vo I P > Phone > Common . Figure 93 Phone > Common Each field is described in the following table. Dialing Interval Select Dialing Interval Select [...]

  • Page 168

    P-2602H(W)(L)-DxA Series User’s Guide 168 Chapter 11 Voice 1 1.15 Supplement ary Phone Services Overview Supplementary services such as call hold, call waiting, call tran sfer , … are generally available from your V oIP service provider . The ZyX EL Device supports the following services: • Call Hold • Call W aiting • Making a Second Call[...]

  • Page 169

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 169 1 1.15.2.1 European Call Hold Call hold allows you to put a call ( A ) o n hold by pressing th e flash key . If you have anothe r call, press the flash key an d then “2” to switch back and forth between caller A and B by putting either one on hold. Press the flash key and then “0?[...]

  • Page 170

    P-2602H(W)(L)-DxA Series User’s Guide 170 Chapter 11 Voice 2 When you hear the dial tone, dial “* 98#” followed by the number to which you want to transfer the call. to operate the Intercom. 3 After you hear the ring signal or the sec ond party answers it, hang up the phone. 1 1.15.2.4 European Three-W ay Co nference Use the following steps t[...]

  • Page 171

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 171 1 1.15.3.2 USA Call W aiting This allows you to place a call on hold while you answer ano t her incoming call on the same telephone (directory) number . If there is a second call to your t elephon e number , you will hear a call waiting tone. Press the flash key to put the first call on [...]

  • Page 172

    P-2602H(W)(L)-DxA Series User’s Guide 172 Chapter 11 Voice Figure 94 V oIP > Phone > Region Each field is described in the following table. 1 1.17 Speed Dial Speed dial provides shortcuts for dialin g frequently used (V oIP) phone numbers. 1 1.17.1 Peer-to-Peer Calls Y ou can call another V oIP device directly with out going th rough a SIP [...]

  • Page 173

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 173 1 1.18 Speed Dial Screen Y ou have to create speed-dial entries if you want to make peer-to-peer calls or call SIP numbers that use letters. Y ou can also create speed-dial entries for frequently-used SIP phone numbers. Use this screen to add, edit, or remo ve speed-dial numbers for outg[...]

  • Page 174

    P-2602H(W)(L)-DxA Series User’s Guide 174 Chapter 11 Voice 1 1.19 Incoming Call Policy Screen Use this screen to maintain rules for handlin g inco ming calls. Y ou can block , redirect, or accept them. T o access this screen, click V oIP > Phone Book > Incoming Call Poli cy . S peed Dial Phone Book Use this section to look at all the speed-[...]

  • Page 175

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 175 Figure 96 Phone Book > Incoming Call Policy Y ou can create two sets of call-forwarding rules. Each one is stored in a call-forwarding table. Each field is described in the following table. Table 64 Phone Book > Incoming Call Policy LABEL DESCRIPTION T abl e Number Select the call-[...]

  • Page 176

    P-2602H(W)(L)-DxA Series User’s Guide 176 Chapter 11 Voice 1 1.20 PSTN Line Screen (“L” models only) Use this screen to set up the PSTN line you us e to make regular phone calls. T o access this screen, click V oIP > PST N Line > General . Advanced Setup The ZyXEL Devi ce checks these rules before it checks the rules in the Forward t o [...]

  • Page 177

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 11 Voice 177 Figure 97 PSTN Line > General Each field is described in the following table. Table 65 PSTN Line > General LABEL DESCRIPTION PSTN Line Pre-fix Number Enter 1 - 7 numbers you dial before you dial the phone number , if you want to make a regular phone call while one of your SIP accou[...]

  • Page 178

    P-2602H(W)(L)-DxA Series User’s Guide 178 Chapter 11 Voice[...]

  • Page 179

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 12 Phone Usage 179 C HAPTER 12 Phone Usage This chapter describes how to use a phone conn ected to your ZyXEL Device for basic tasks. 12.1 Dialing a T elephone Number The PHONE LED turns green when your SIP account is registered. Dial a SIP number like “12345” on your phone’ s keypad. Use speed[...]

  • Page 180

    P-2602H(W)(L)-DxA Series User’s Guide 180 Chapter 12 Phone Usage 12.5 Auto Firmware Upgrade During auto-provisioning, the ZyXEL Device checks to see if there is a newer firmware version. If newer firmware is available, the ZyXEL De vice play s a recording w hen you pi ck up your phone’ s handset. Press “*99#” to upgrade the ZyXEL Device’ [...]

  • Page 181

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 13 Firewalls 181 C HAPTER 13 Firewalls This chapter gives some back ground information on firewa lls and introduces the ZyXEL Device firewall. 13.1 Firewall Overview Originally , the term fir ewall referred to a construction techni que designed to prevent the spread of fire from one room to another .[...]

  • Page 182

    P-2602H(W)(L)-DxA Series User’s Guide 182 Chapter 13 Firewalls 13.2.2 Application-level Firewalls Application-level firewalls restrict access by serv ing as proxies for e xternal servers. Since they use programs written for specific Internet servic es, such as HTTP, FTP and tel net, they can evaluate network packets for valid application-sp ecifi[...]

  • Page 183

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 13 Firewalls 183 • The LAN (Local Area Network) port attache s to a network of computers, which ne eds security from the outside world. These computer s will have access to Internet services such as e-mail, FTP , and the W orld W ide W e b. However , “inbound access” will not be allowed unless [...]

  • Page 184

    P-2602H(W)(L)-DxA Series User’s Guide 184 Chapter 13 Firewalls 13.4.2 T ypes of DoS Atta cks There are four types of DoS attacks: 1 Those that exploit bugs in a TCP/IP implementation. 2 Those that exploit weaknesses in the TCP/IP specification. 3 Brute-force attacks that flood a network with useless data. 4 IP Spoofing. 5 " Ping of Death &qu[...]

  • Page 185

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 13 Firewalls 185 Under normal circumstances, the applica tion that initiates a session sends a SYN (synchronize) packet to the receiving server . The receiver sends back an ACK (acknowledgment) packet and its own SYN, and then the in itiator responds with an ACK (acknowledgment). After this handsh ak[...]

  • Page 186

    P-2602H(W)(L)-DxA Series User’s Guide 186 Chapter 13 Firewalls Figure 101 Smurf Attack 13.4.2.1 ICMP V ulnerability ICMP is an error -reporting protocol that works in concert with IP . The following ICMP types trigger an alert: 13.4.2.2 Illegal Commands (NetBIOS and SMTP) The only legal NetBIOS commands are the following - all others are illegal.[...]

  • Page 187

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 13 Firewalls 187 13.4.2.3 T raceroute T raceroute is a utility used to determine th e path a packet takes between two endpoints. Sometimes when a packet filter firewall is conf igured incorrectly an at tacker can traceroute the firewall gaining knowledge of the network topology inside the firewall. O[...]

  • Page 188

    P-2602H(W)(L)-DxA Series User’s Guide 188 Chapter 13 Firewalls The previous figure shows the ZyXEL Device’ s default firewall rules in action as well as demonstrates how stateful inspection works. User A can initiate a T elnet session from within the LAN and responses to this request are allowe d. However other T e lnet traffic initiated from t[...]

  • Page 189

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 13 Firewalls 189 • Allow certain types of traffic from the In ternet to specific hosts on the LAN. • Allow access to a W eb server to everyone but competitors. • Restrict use of certain protocols, such as T elnet, to authoriz ed users on the LAN. These custom rules work by evaluating the networ[...]

  • Page 190

    P-2602H(W)(L)-DxA Series User’s Guide 190 Chapter 13 Firewalls A similar situation exists for ICMP , except that the ZyXEL Device is even more restrictive. Specifically , only outgoing echoes will allow in coming echo replies, outgoing address mask requests will allow incoming address mask replies, and ou tgoing timestamp requests wi ll allow inc[...]

  • Page 191

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 13 Firewalls 191 • Encourage your co mpany or organization to develop a comprehen sive security plan. Good network administration takes into ac count what hackers can do and prepares against attacks. The best defense against hack ers and crackers is information. Educate all employees about the impo[...]

  • Page 192

    P-2602H(W)(L)-DxA Series User’s Guide 192 Chapter 13 Firewalls 13.7.1.1 When T o Use Filtering • T o block/allow LAN pa cket s by their MAC addresses. • T o block/allow special IP packets which are neither TCP nor UDP , nor ICMP packets. • T o bloc k/allow both inbound (W AN to LAN) and outb ound (LAN to W AN) traffic between the specific i[...]

  • Page 193

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 193 C HAPTER 14 Firewall Configuration This chapter shows you how to enable and configure t he ZyXEL Device firewall. 14.1 Access Methods The web configurator is, by far , the most co mprehensive firewall configuration tool your ZyXEL Device has to offer . For this reason, [...]

  • Page 194

    P-2602H(W)(L)-DxA Series User’s Guide 194 Chapter 14 Firewall Configuration Note: If you configure firewall rules wit hout a good underst anding of how they work, you might inadvertently introduce securi ty risks to the f irewall and to the protected network. Make sure you test your rules af ter you configure them. For example, you may create rul[...]

  • Page 195

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 195 4 Does a rule that allows Internet users acces s to resources on the LAN create a security vulnerability? For example, if FTP ports (TCP 20, 21) are al lowed from the Internet to t he LAN, Internet users may be able to connect to computers with running FTP servers. 5 Do[...]

  • Page 196

    P-2602H(W)(L)-DxA Series User’s Guide 196 Chapter 14 Firewall Configuration 14.4.1 LAN to W AN Rules The default rule for LAN to W AN traffic is that all users on the LAN are allowed non- restricted access to the W AN. When you config ure a LAN to W AN rule, you in essenc e want to limit some or all users from accessing cer tain services on the W[...]

  • Page 197

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 197 The following table describes the labels in this screen. 14.6 Firewall Rules Summary Note: The ordering of your rule s is very import ant as rules are applie d in turn. Refer to Section 13.1 on page 181 for more information. Click Security > Fire wall > Rules to b[...]

  • Page 198

    P-2602H(W)(L)-DxA Series User’s Guide 198 Chapter 14 Firewall Configuration Figure 104 Firewall Rules The following table describes the labels in this screen. Table 71 Firewall Rules LABEL DESCRIPTION Firewall Rules S torage S pace in Use This read-only bar shows how much of the ZyXEL De vice's memory for recording firewall rules it is curre[...]

  • Page 199

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 199 14.6.1 Configuring Firewall Rules Refer to Section 13.1 on page 181 for more information. In the Rules screen, select an index number and click Add or click a rule’ s Edit icon to display this screen and refe r to the following table for information on the l abels. Lo[...]

  • Page 200

    P-2602H(W)(L)-DxA Series User’s Guide 200 Chapter 14 Firewall Configuration Figure 105 Firewall: Edit Rule[...]

  • Page 201

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 201 The following table describes the labels in this screen. Table 72 Firewall: Edit Rule LABEL DESCRIPTION Active Select this option to ena ble this firewall rule. Action for Matched Packet Use the drop-down list box to select whether to discard ( Drop ), deny and send an [...]

  • Page 202

    P-2602H(W)(L)-DxA Series User’s Guide 202 Chapter 14 Firewall Configuration 14.6.2 Customized Services Configure customized services and port number s not predefined by the ZyXEL Device. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website. See Appendix F on page 371 for some examples.[...]

  • Page 203

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 203 Figure 107 Firewall: Configure Customized Services The following table describes the labels in this screen. 14.7 Example Firewall Rule The following Internet firewa ll rule example allows a hypot hetical “MyService” connection from the Internet. 1 Click Security >[...]

  • Page 204

    P-2602H(W)(L)-DxA Series User’s Guide 204 Chapter 14 Firewall Configuration Figure 108 Firewall Example: Rules 3 In the Rules screen, select the index number after that you want to add the rule. For example, if you select “6”, your new rule b ecomes number 7 and the previous rule 7 (if there is one) becomes rule 8. 4 Click Add to display the [...]

  • Page 205

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 205 Figure 1 10 Firewall Example: Edit Rule: Destination Address 9 Use the Add >> and Remove buttons between A vailable Services and Selected Services list boxes to configure it as follows. Click Apply when you are done. Note: Custom services show up with an “*” b[...]

  • Page 206

    P-2602H(W)(L)-DxA Series User’s Guide 206 Chapter 14 Firewall Configuration Figure 1 1 1 Firewall Example: Edit Rule: Select Customized Services On completing the configuration procedure for this Internet firewall rule, the Rules screen should look like the following. Rule 1 allows a “MyService” connection from the W AN to IP addresses 10.0.0[...]

  • Page 207

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 207 Figure 1 12 Firewall Example: Rules: MyService 14.8 DoS Thresholds For DoS attacks, the ZyXEL Device uses threshol ds to determine when to drop sessions that do not become fully established. These thresholds ap ply globally to all sessions. Y ou can use the default thre[...]

  • Page 208

    P-2602H(W)(L)-DxA Series User’s Guide 208 Chapter 14 Firewall Configuration Y ou should make any chan ges to the threshold values b efore you continue configu ring firewall rules. 14.8.2 Half-Open Sessions An unusually high number of half-open sessions (either an absolute number or measured as the arrival rate) could indicate that a Denial of Ser[...]

  • Page 209

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 14 Firewall Configurat ion 209 14.8.3 Configuring Firewall Thresholds The ZyXEL Device also sends alerts whenever TCP Maximum Incomplete is exceeded. The global values specified for the threshold an d timeout apply to all TCP connections. Click Fir ewall , and Threshold to bring up the next screen. F[...]

  • Page 210

    P-2602H(W)(L)-DxA Series User’s Guide 210 Chapter 14 Firewall Configuration Maximum Incomplete Low This is the number of existing half-open sessions that cau ses the firewall to stop deleting half-open sessions. Th e ZyXEL Device continues to delete half-open re quests as necessary , until the number of exist ing half-open sessions drops below th[...]

  • Page 211

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 15 Content Filtering 211 C HAPTER 15 Content Filtering This chapter covers how to configure content filtering. 15.1 Content Filtering Overview Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering gives you the ab ility to block[...]

  • Page 212

    P-2602H(W)(L)-DxA Series User’s Guide 212 Chapter 15 Content Filtering The following table describes the labels in this screen. 15.3 Configuring the Schedule T o set the days and times for the ZyXEL De vice to perform content filtering, click Security > Content Filter > Schedule . The screen appears as shown. Figure 1 15 Conten t Filter: Sc[...]

  • Page 213

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 15 Content Filtering 213 The following table describes the labels in this screen. 15.4 Configuring T rusted Computers T o exclude a range of users on the LAN fro m content filtering on your ZyXEL Device, click Security > Content Filter > Tr u s t e d . The screen appears as shown. Figure 1 16 C[...]

  • Page 214

    P-2602H(W)(L)-DxA Series User’s Guide 214 Chapter 15 Content Filtering[...]

  • Page 215

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 16 Introduction to IPSec 215 C HAPTER 16 Introduction to IPSec This chapter introduces the basics of IPSec VPNs. 16.1 VPN Overview A VPN (V irtual Private Network) provides sec ure communications between sites without the expense of leased site-to-site lines. A secure VP N is a combination of tunneli[...]

  • Page 216

    P-2602H(W)(L)-DxA Series User’s Guide 216 Chapter 1 6 Introduction t o IPSec Figure 1 17 Encryption and Decryption 16.1.3.2 Dat a Confidentiality The IPSec sender can encrypt packets befo re transmitting them across a network. 16.1.3.3 Dat a Integrity The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not[...]

  • Page 217

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 16 Introduction to IPSec 217 Figure 1 18 IPSec Architecture 16.2.1 IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406) an d AH (Authentication Header) protocol (RFC 2402 ) describe the packet formats and the default sta ndards for packet structure (including implemen tation [...]

  • Page 218

    P-2602H(W)(L)-DxA Series User’s Guide 218 Chapter 1 6 Introduction t o IPSec Figure 1 19 T ransport and T unnel Mode IPSec Encapsulation 16.3.1 T ransport Mode Tr a n s p o r t mode is used to protect upper layer p rot ocols and only af fects the data in the IP packet. In Tr a n s p o r t mode, the IP packet contains the security protoc ol ( AH o[...]

  • Page 219

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 16 Introduction to IPSec 219 NA T is incompatible with the AH protocol in both Tr a n s p o r t and T unnel mode. An IPSec VPN using the AH protocol digitally sig ns the outbound packet, both data payload and headers, with a hash value appe nded to the pack et. When using AH protoc ol, packet content[...]

  • Page 220

    P-2602H(W)(L)-DxA Series User’s Guide 220 Chapter 1 6 Introduction t o IPSec[...]

  • Page 221

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 221 C HAPTER 17 VPN Screens This chapter introduces the VPN screens. See Chapter 24 on page 295 for information on viewing logs and th e appendix for IPSec log descriptions. 17.1 VPN/IPSec Overview Use the screens documented in this chapter to configure rules for VPN connections and ma[...]

  • Page 222

    P-2602H(W)(L)-DxA Series User’s Guide 222 Chapter 17 VP N Screens 17.3 My IP Address My IP Address is the W AN IP address of th e ZyXEL Device. The ZyXEL Device has to rebuild the VPN tunnel if the My IP Address changes after setup. The following applies if this field is configured as 0.0.0.0 : • The ZyXEL Device us es the current ZyXEL Device [...]

  • Page 223

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 223 17.4 Secure Gateway Address Secure Gateway Address is the W AN IP address or domain name of the remote IPSec router (secure gateway). If the remote secure gateway has a static W AN IP address, enter it in the Secure Gateway Address field. Y ou may alternatively enter the remo te se[...]

  • Page 224

    P-2602H(W)(L)-DxA Series User’s Guide 224 Chapter 17 VP N Screens Figure 121 VPN Setup The following table describes the fields in this screen. T able 81 VPN Setup LABEL DESCRIPTION No. This is the VPN policy index number . Click a number to edit VPN policies. Active This field displays whether the VPN policy is active or not. A Ye s si gnifies t[...]

  • Page 225

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 225 17.6 Keep Alive When you initiate an IPSec tunnel with keep alive enabled, the ZyX EL Device automatically renegotiates the tunnel wh en the IPSec SA lifetime period expires (see Section 17.12 on page 234 for more on the IPSec SA lifetime). In ef fe ct, the IPSec tunnel becomes an [...]

  • Page 226

    P-2602H(W)(L)-DxA Series User’s Guide 226 Chapter 17 VP N Screens 17.7 VPN, NA T , and NA T T raversal NA T is incompatible with the AH protocol in both transport and tunnel mode. An IPSec VPN using the AH protocol dig itally signs the outbound packet, both data payload and headers, with a hash value appended to the packet, but a NA T device betw[...]

  • Page 227

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 227 Y* - This is supported in the ZyXEL Device if you enable NA T traversal. 17.8 Remote DNS Server In cases where you want to use domain names to access Intranet servers on a remote network that has a DNS server , you must identify that DNS server . Y ou cannot use DNS servers on the [...]

  • Page 228

    P-2602H(W)(L)-DxA Series User’s Guide 228 Chapter 17 VP N Screens Regardless of the ID type and content configur ation, the ZyXEL Device does not allow you to save multiple active rules with overlap ping local and remote IP addresses. W ith main mode (see Section 17.12.1 on page 235 ), the ID type and content are encrypted to provide identity pro[...]

  • Page 229

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 229 17.9.1 ID T ype and Content Examples T wo IPSec routers must have matching ID type and content configuration in order to set up a VPN tunnel. The two ZyXEL Devices in this example ca n complete negotiation and establish a VPN tunnel. The two ZyXEL Devices in this example cann ot co[...]

  • Page 230

    P-2602H(W)(L)-DxA Series User’s Guide 230 Chapter 17 VP N Screens Figure 124 Edit VPN Policies The following table describes the fields in this screen. T able 87 Edit VPN Policies LABEL DESCRIPTION IPSec Setup Active Select this check box to activate this VPN policy . This option determi nes whether a VPN rule is applied before a packet leaves th[...]

  • Page 231

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 231 NA T T raversal This function is availab le if the VPN protocol is ESP . Select this check box if you want to set up a VPN tunnel when there are NA T routers between the ZyXEL Devi ce and remo te IPSec router . The remote IPSec router must also enable NA T traversal , and the NA T [...]

  • Page 232

    P-2602H(W)(L)-DxA Series User’s Guide 232 Chapter 17 VP N Screens Remote Remote IP addresses must be static and correspond to the remote IPSec router's configured local IP addresses. The remote fields do not apply when th e Secure Gateway IP Address field is configured to 0.0.0.0 . In this case only the remote IPSec router can initiate the V[...]

  • Page 233

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 233 Peer ID T ype Select IP to identify the remote IPSec router by its IP address. Select DNS to identify the remote IPSec router by a domain name. Select E-mail to identify the remote IPSec router by an e-mail address. Content The configuration of the peer content depends on the peer [...]

  • Page 234

    P-2602H(W)(L)-DxA Series User’s Guide 234 Chapter 17 VP N Screens 17.12 IKE Phases There are two phases to every IKE (Internet Key Exchange) ne gotiation – phase 1 (Authentication) and ph ase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate SAs for IPSe c. Figure 125 T wo Phases to Set Up t[...]

  • Page 235

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 235 • Choose an encryption algorithm. • Choose an authentication algorithm. • Choose a Dif fie-Hellman public-key cry ptography key group ( DH1 or DH2 ) . • Set the IKE SA lifetime. This field allows you to determin e how l ong an IKE SA should stay up before it times out. An I[...]

  • Page 236

    P-2602H(W)(L)-DxA Series User’s Guide 236 Chapter 17 VP N Screens 17.12.2 Diffie-Hellman (DH) Key Groups Diffie-Hellman (DH) is a publi c -key cryptography protocol tha t allows two parties to establish a shared secret over an unsecured communications channel. Diff ie-Hellman is used within IKE SA setup to establish session keys. 768-bit (Group 1[...]

  • Page 237

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 237 Figure 126 Advanced VPN Policies The following table describes the fields in this screen. T able 88 Advanced VPN Policies LABEL DESCRIPTION VPN - IKE Protocol Enter 1 for ICMP , 6 for TCP , 1 7 for UDP , etc. 0 is the default and signifies any protocol. Enable Replay Detection As a[...]

  • Page 238

    P-2602H(W)(L)-DxA Series User’s Guide 238 Chapter 17 VP N Screens Negotiati on Mode Select Main or Aggressive from the drop-down list box. Multiple SAs connecting through a secure gateway must have the same negotiation mode . Pre-Shared Key T ype your pre-shared key in this field. A pre-shared key identifies a communicating party during a phase 1[...]

  • Page 239

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 239 17.14 Manual Key Setup Manual key managemen t is useful if you have problems with IKE key mana gement. 17.14.1 Security Parameter Index (SPI) An SPI is used to distinguish dif ferent SAs te rminating at the same de stination and using the same IPSec protocol. This data allows for t[...]

  • Page 240

    P-2602H(W)(L)-DxA Series User’s Guide 240 Chapter 17 VP N Screens Figure 127 VPN: Manual Key The following table describes the fields in this screen. Table 89 VPN: Manual Key LABEL DESCRIPTION IPSec Setup Active Select this check box to activate this VPN policy . Name T ype u p to 32 characters to identify this VPN policy . Y ou may use a ny char[...]

  • Page 241

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 241 DNS Server (for IPSec VPN) If there is a private DNS server that se rvices the VPN, type its IP address here. The ZyXEL Device a ssigns this additional DNS server to the Zy XEL Device 's DHCP clients that have IP addresses in this IPSec rule's range of lo cal addresses. A[...]

  • Page 242

    P-2602H(W)(L)-DxA Series User’s Guide 242 Chapter 17 VP N Screens 17.16 V iewing SA Monitor Click Security , VPN and Monitor to open the SA Mon itor screen as shown. Use this scree n to display and ma nage active VPN co nnections . A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel. This screen displa[...]

  • Page 243

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 243 When there is outbound traffic b ut no inbound tr affic, the SA times out automatically after two minutes. A tunnel with no outb ound or inbound traf fic is "idle" and does not timeout until the SA lifetime period expires. See Section 17.6 on page 2 25 on keep alive to ha[...]

  • Page 244

    P-2602H(W)(L)-DxA Series User’s Guide 244 Chapter 17 VP N Screens 17.17 Configuring Global Setting T o change your ZyXEL Devi ce’ s global settings, click VPN and then Global Setti ng . The screen appears as shown. Figure 129 VPN: Global Setting The following table describes the fields in this screen. 17.18 T elecommuter VPN/IPSec Examples The [...]

  • Page 245

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 245 Figure 130 T elecommuters Sharing One VPN Rule Example 17.18.2 T elecommuters Usin g Unique VPN Rules Example In this example the telecommuters (A, B and C in the figure) use IPSec routers with domain names that are mapped to their dynamic W AN IP addresses (use Dynamic DNS to do t[...]

  • Page 246

    P-2602H(W)(L)-DxA Series User’s Guide 246 Chapter 17 VP N Screens Figure 131 T elecommuters Using Uniq ue VPN Rules Example Table 93 T elecommuters Using Unique VPN Rules Example T ELECOMMUTERS HEADQUARTERS All T ele commuter Rules: All Headquarters Rules: My IP Address 0.0.0. 0 My IP Address: bigcompanyhq.com Secure Gateway Address: bigcompanyhq[...]

  • Page 247

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 17 VPN Screens 247 17.19 VPN and Remote Management If a VPN tunnel uses T elnet, FTP , WWW , then you shou ld configure remote management ( Remote Management ) to allow access for that service.[...]

  • Page 248

    P-2602H(W)(L)-DxA Series User’s Guide 248 Chapter 17 VP N Screens[...]

  • Page 249

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 18 Static Rout e 249 C HAPTER 18 S t atic Route This chapter shows you how to configure static routes for your ZyXEL Device. 18.1 S t atic Route Each remote node specifies only the network to which the gateway is di rectly connected, and the ZyXEL Device has no know ledge of the networks beyo nd. For[...]

  • Page 250

    P-2602H(W)(L)-DxA Series User’s Guide 250 Chapter 18 Static Route Figure 133 S tatic Route The following table describes the labels in this screen. 18.2.1 S t atic Route Edit Select a static route index numb er and click Edit . The screen shown next appears. Use this screen to configure the required information for a static route. T able 94 S tat[...]

  • Page 251

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 18 Static Rout e 251 Figure 134 S tatic Route Edit The following table describes the labels in this screen. T able 95 S tatic Route Edit LABEL DESCRIPTION Active This field allows you to activa te/deactivate this st atic route. Route Name Enter the name of the IP static route. Leave this field blank [...]

  • Page 252

    P-2602H(W)(L)-DxA Series User’s Guide 252 Chapter 18 Static Route[...]

  • Page 253

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 19 Bandwidth Managemen t 253 C HAPTER 19 Bandwid th Management This chapter contains information about configuri ng bandwidth management, editing rules and viewing the ZyXEL Device’ s bandwidth management logs. 19.1 Bandwid th Management Overview ZyXEL ’ s Bandwidth Management allows you to speci[...]

  • Page 254

    P-2602H(W)(L)-DxA Series User’s Guide 254 Chapter 19 Bandwidth Management The following figure shows LAN subnets. Y ou could configure one ban dwidth class for subnet A and another for subnet B . Figure 135 Subnet-based Ba ndwidt h Management Example 19.4 Application and Subnet-based Bandwid th Management Y ou could also create bandwidth clas ses[...]

  • Page 255

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 19 Bandwidth Managemen t 255 19.5.2 Fairness-based Scheduler The ZyXEL Device divides bandwidth equally among bandwidth classes when using the fairness-based scheduler; thus preventing one ba ndwidth class from using all of the interface’ s bandwidth. 19.6 Maximize Bandwid th Usage The maximize ban[...]

  • Page 256

    P-2602H(W)(L)-DxA Series User’s Guide 256 Chapter 19 Bandwidth Management 19.6.2 Maximize Ba ndwid th Usage Example Here is an example of a ZyXEL Device that has maximize bandwidth usage enabled on an interface. The following table shows each ba nd width class’ s bandwidth budget. The classes are set up based on subnets. The interface is set to[...]

  • Page 257

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 19 Bandwidth Managemen t 257 • Research requires more bandwidth but only gets its budgeted 2048 kbps because all of the unbudgeted and unu sed bandwidth goes to the higher priority sales and marketing classes. 19.6.2.2 Fairness-based Allotment of Unused and Unbudgeted Bandwid th The following table[...]

  • Page 258

    P-2602H(W)(L)-DxA Series User’s Guide 258 Chapter 19 Bandwidth Management Enable bandwidth manage ment on an interface and set the maximum allo wed bandwidth for that interface. Figure 136 Bandwidth Ma nagement: Summary The following table describes the labels in this screen. Table 101 Media Bandwid th Management: Su mmary LABEL DESCRIPTION Inter[...]

  • Page 259

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 19 Bandwidth Managemen t 259 19.8 Bandwid th Management Rule Setup Y ou must use the Bandwidth Management Summary screen to enable bandwidth management on an interface before yo u can configure rules for that interface. Click Advanced > Bandwidth MGMT > Rule Setup to open the following screen. [...]

  • Page 260

    P-2602H(W)(L)-DxA Series User’s Guide 260 Chapter 19 Bandwidth Management 19.8.1 Rule Configuration Click the Edit icon or User define in the Service field to configure a bandwidth mana gement rule. Use bandwidth rules to allocate specific amounts of bandwidth capacity (bandw idth budgets) to specific applications and/or subnets. Figure 138 Bandw[...]

  • Page 261

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 19 Bandwidth Managemen t 261 See Appendix F on page 3 71 for a list of commonly-used services. The following table describes the labels in this screen. Table 103 Bandwidth Management Rule Configuration LABEL DESCRIPTION Rule Configurati on Rule Name Use the auto-generated name or en ter a descriptive[...]

  • Page 262

    P-2602H(W)(L)-DxA Series User’s Guide 262 Chapter 19 Bandwidth Management 19.9 Bandwid th Monitor T o view the ZyXEL Device’ s bandwidth usage, click Advanced > Bandwidth MGMT > Monitor . The screen appears as shown. Select an interface from the drop-down list box to view the bandwidth usage of its bandwidt h rule s. The gray section of t[...]

  • Page 263

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 20 Dynamic DNS Setup 263 C HAPTER 20 Dynamic DNS Setup This chapter discusses how to configure your ZyXEL Device to use Dynamic DNS. 20.1 Dynamic DNS Overview Dynamic DNS allows you to update your curre nt dynamic IP address with one or many dynamic DNS services so that anyone can c ont act you (in N[...]

  • Page 264

    P-2602H(W)(L)-DxA Series User’s Guide 264 Chapter 2 0 Dynamic DNS Setup Figure 140 Dynamic DNS The following table describes th e fields in this screen. Table 104 Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Active Dynamic DNS Select this check box to use dynamic DNS. Service Provider This is the name of your Dyn amic DNS service provider . Dy[...]

  • Page 265

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 20 Dynamic DNS Setup 265 Dynamic DNS server auto detect IP Address Select this option only when there are one or more NA T routers betwe en the ZyXEL Device and the DDNS server . This feat ure has the DDNS server automatically detect and use the IP address of th e NA T router tha t has a public IP ad[...]

  • Page 266

    P-2602H(W)(L)-DxA Series User’s Guide 266 Chapter 2 0 Dynamic DNS Setup[...]

  • Page 267

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 21 Remote M anagement Configuratio n 267 C HAPTER 21 Remote Management Configuration This chapter provides information on config uring remote management. 21.1 Remote Management Overview Remote management allows you to determ ine which services/protocols can access which ZyXEL Device interface (if any[...]

  • Page 268

    P-2602H(W)(L)-DxA Series User’s Guide 268 Chapter 21 Remote Ma nagement Configuration • The IP address in the Secured Client IP field does not match th e client IP address. If it does not match, the ZyXEL Device will disconnect the session immediately . • There is already another rem ote management session with an equal or higher priority run[...]

  • Page 269

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 21 Remote M anagement Configuratio n 269 The following table describes the labels in this screen. 21.3 T elnet Y ou can configure your ZyXEL Device for remote T elnet access as shown next. The administrator uses T elnet from a compute r on a remote network to access the ZyXEL Device. Figure 142 T eln[...]

  • Page 270

    P-2602H(W)(L)-DxA Series User’s Guide 270 Chapter 21 Remote Ma nagement Configuration Figure 143 Remote Mana gement: T elnet The following table describes the labels in this screen. 21.5 Configuring FTP Y ou can upload and download the ZyXEL Devi ce’ s firmware and configuration files us ing FTP , please see Section 25.7 on page 308 for details[...]

  • Page 271

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 21 Remote M anagement Configuratio n 271 Figure 144 Remote Mana gement: FTP The following table describes the labels in this screen. 21.6 SNMP Simple Network Management Protocol (SNM P) i s a protocol u sed for exch anging management information b etween network devices. SNMP is a member of the TCP/I[...]

  • Page 272

    P-2602H(W)(L)-DxA Series User’s Guide 272 Chapter 21 Remote Ma nagement Configuration Figure 145 SNMP Managemen t Model An SNMP managed network consis ts of two main types of comp onent: agen ts and a man ager . An agent is a management software module that resi des in a managed device (the ZyXEL Device). An agent translates the local manageme nt[...]

  • Page 273

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 21 Remote M anagement Configuratio n 273 21.6.2 SNMP T raps The ZyXEL Device will send traps to the SNMP manager when any on e of the following events occurs: 21.6.3 Configuring SNMP T o chang e your ZyXEL Device’ s SNMP settings, click Advanced > Remote MGMT > SNMP . The screen appears as sh[...]

  • Page 274

    P-2602H(W)(L)-DxA Series User’s Guide 274 Chapter 21 Remote Ma nagement Configuration Figure 146 Remote Mana gement: SNMP The following table describes the labels in this screen. Table 109 Remote Mana gement: SNMP LABEL DESCRIPTION SNMP Port Y ou may change the server port number for a service if needed, however you must use the same port number [...]

  • Page 275

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 21 Remote M anagement Configuratio n 275 21.7 Configuring DNS Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Refer to Chapter 8 on page 107 for background information. T o change your ZyXEL Device’ s DNS settings, click Advanced > Remote MGMT &g[...]

  • Page 276

    P-2602H(W)(L)-DxA Series User’s Guide 276 Chapter 21 Remote Ma nagement Configuration If an outside user attempts to probe an unsupp orted port on your ZyXEL Device, an ICMP response packet is automatically returned. This allows the ou tside user to know the ZyXEL Device exists. Y our ZyXEL Device supports anti- probing, which prevents the ICMP r[...]

  • Page 277

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 22 Universa l Plug-and-Play (UPnP) 277 C HAPTER 22 Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configura tor . 22.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-[...]

  • Page 278

    P-2602H(W)(L)-DxA Series User’s Guide 278 Chapter 22 Univer sal Plug-and-Play (UPnP) 22.1.3 Cautions with UPnP The automated nature of NA T traversal applications in establishing their own services and opening firewall ports ma y present network security issues. Network information and configuration may also be obtained and modifi ed by users in [...]

  • Page 279

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 22 Universa l Plug-and-Play (UPnP) 279 The following table describes th e fields in this screen. 22.3 Inst alling UPnP in Windows Example This section shows ho w to install UPnP in W indows Me and W indows XP . Inst alling UPnP in Windows Me Follow the steps below to inst all the UPnP in W indows Me.[...]

  • Page 280

    P-2602H(W)(L)-DxA Series User’s Guide 280 Chapter 22 Univer sal Plug-and-Play (UPnP) Figure 150 Add/Remove Programs: Wind ows Setup: Communication 3 In the Communications window , select the Universal Plug and Play check box in the Components selection box. Figure 151 Add/Remove Programs: Wind ows Setup: Communication: Component s 4 Click OK to g[...]

  • Page 281

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 22 Universa l Plug-and-Play (UPnP) 281 Inst alling UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP . 1 Click St a r t and Control Panel . 2 Double-click Network Connections . 3 In the Network Connections window , click Advanced in the main menu and select Optional Networki[...]

  • Page 282

    P-2602H(W)(L)-DxA Series User’s Guide 282 Chapter 22 Univer sal Plug-and-Play (UPnP) Figure 154 Networking Services 6 Click OK to go back to the W indows Optional Networking Component Wizard window and click Next . 22.4 Using UPnP in Windows XP Example This section shows yo u how to use the UPnP feature in W indows XP . Y ou must already hav e UP[...]

  • Page 283

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 22 Universa l Plug-and-Play (UPnP) 283 Figure 155 Network Connections 3 In the Internet Connection Properties window , click Settings to see the port mappings there were automatically created. Figure 156 Internet Connection Properties[...]

  • Page 284

    P-2602H(W)(L)-DxA Series User’s Guide 284 Chapter 22 Univer sal Plug-and-Play (UPnP) 4 Y ou may edit or delete the port mappings o r click Add to manually add port mappings. Figure 157 Internet Connection Properties: Adva nced Settings Figure 158 Internet Connection Proper ties: Adva nced Settings: Add 5 When the UP nP-enabled device is disconn e[...]

  • Page 285

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 22 Universa l Plug-and-Play (UPnP) 285 Figure 159 System T ray Icon 7 Double-click on the icon to display yo ur curr ent Internet co nnection sta tus. Figure 160 Internet Connection S tatus Web Configurator Eas y Access W ith UPnP , you can access the web-based configurator on the ZyXEL Device withou[...]

  • Page 286

    P-2602H(W)(L)-DxA Series User’s Guide 286 Chapter 22 Univer sal Plug-and-Play (UPnP) Figure 161 Network Connections 4 An icon with the description for e ach UPnP-enabled device displays unde r Local Network . 5 Right-click on the icon for your ZyXEL Device an d select Invoke . The web configurator login screen displays.[...]

  • Page 287

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 22 Universa l Plug-and-Play (UPnP) 287 Figure 162 Network Connections: My Network Places 6 Right-click on the icon for your ZyXEL Device and select Pr operties . A properties window displays with basic info rmation about the ZyXEL Device. Figure 163 Network Connections: My Networ k Places: Properties[...]

  • Page 288

    P-2602H(W)(L)-DxA Series User’s Guide 288 Chapter 22 Univer sal Plug-and-Play (UPnP)[...]

  • Page 289

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 23 System 289 C HAPTER 23 System Use this screen to configure the ZyXEL Device’ s time and date settings. 23.1 General Setup and System Name General Setup contains administrative and system-related information. System Name is for identification purposes. However , because some ISPs check this name [...]

  • Page 290

    P-2602H(W)(L)-DxA Series User’s Guide 290 Chapter 23 Syst em Figure 164 System General Setu p The following table describes the labels in this screen. T able 1 13 System General Setup LABEL DESCRIPTION General Setup System Name Choose a descriptive name for identificatio n purposes. It is recommended you enter your computer’s “Compu ter name?[...]

  • Page 291

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 23 System 291 23.2 T ime Setting T o chang e your ZyXEL Device’ s time an d date, click Maintenance > System > T ime Setting . The screen appears as shown. Use this screen to configure the ZyXEL Device’ s time based on your local time zone. Figure 165 System T ime Setting The following tabl[...]

  • Page 292

    P-2602H(W)(L)-DxA Series User’s Guide 292 Chapter 23 Syst em New T ime (hh:mm:ss) This field displays the last updated ti me from the time server or t he last time configured manually . When you set Time and Date Setup to Manual , enter the new time in this field and then click Apply . New Date (yyyy/mm/dd) This field displays the last updated da[...]

  • Page 293

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 23 System 293 End Date Configure the day and time when Dayl ight Saving T ime ends if yo u selected Enable Daylight Saving . The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United S tates on the last Sunday of October . Each time zone in[...]

  • Page 294

    P-2602H(W)(L)-DxA Series User’s Guide 294 Chapter 23 Syst em[...]

  • Page 295

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 24 Logs 295 C HAPTER 24 Logs This chapter contains inform ation about configuring genera l log settings and viewing the ZyXEL Device’ s logs. Refer to the append ix for example log message explanations. 24.1 Logs Overview The web confi gurator allows you to choose which categories of events and/or [...]

  • Page 296

    P-2602H(W)(L)-DxA Series User’s Guide 296 Chapter 24 Logs Figure 166 V iew Log The following table describes the fields in this screen. 24.3 Configuring Log Settings Use the Log Settings screen to configure to where the Zy XEL Device is to send logs; the schedule for when the ZyXEL Device is to send the logs and which logs and/or immediate alerts[...]

  • Page 297

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 24 Logs 297 Alerts are e-mailed as soon as they happen. Logs may be e-ma iled as soon as the log is full. Selecting many alert and/or log categories (especially Access Control ) may result in many e- mails being sent. Figure 167 Log Settings The following table describes th e fields in this screen. T[...]

  • Page 298

    P-2602H(W)(L)-DxA Series User’s Guide 298 Chapter 24 Logs Mail Subject T ype a title that you want to be in the subject line of the log e-mail message that the ZyXEL Device sends. Not all ZyXEL Device models have this field. Send Log to The ZyXEL Device sen ds logs to the e-mail addre ss specified in this field. If this field is left blank, the Z[...]

  • Page 299

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 24 Logs 299 24.4 SMTP Error Messages If there are difficulties in sending e-mail the following error message appears. “SMTP action request failed. ret= ??". The “??"are described in the following table. 24.4.1 Example E-mail Log An "End of Log" message displays for each ma il [...]

  • Page 300

    P-2602H(W)(L)-DxA Series User’s Guide 300 Chapter 24 Logs Figure 168 E-mail Log Example Subject: Firewall Alert From Date: Fri, 07 Apr 2000 10:05:42 From: user@zyxel.com To: user@zyxel.com 1| Apr 7 00 |From:192.168.1.1 To:192.168.1.255 |default poli cy |forward | 09:54:03 |UDP src port:0052 0 dest port:00520 |<1,00> | 2|Apr 7 00 |From:192.1[...]

  • Page 301

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 25 Tools 301 C HAPTER 25 To o l s This chapter explains how to upload new firm ware, manage configuration files and restart your ZyXEL Device. Note: Do not interrupt the file transfer p rocess as this may PERMANENTL Y DAMAGE YOUR ZyXEL Device. 25.1 Introduction Use the instructions in this chapter to[...]

  • Page 302

    P-2602H(W)(L)-DxA Series User’s Guide 302 Chapter 25 Tools This is a sample FTP session saving the cu rrent configuration to the computer file “ config.cfg ”. If your (T)FTP client does not allow you to ha ve a destination filena me different than the source, you will need to rena me them as the ZyXEL Device only recognizes “rom-0” and ?[...]

  • Page 303

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 25 Tools 303 Figure 169 Firmware Upgr ade The following table describes the labels in this screen. Note: Do NOT turn off th e ZyXEL Device while firmware upload is in pro gress! After you see the Firmware Upload in Pr ogr ess screen, wait two minutes before logging into the ZyXEL Device again. Figure[...]

  • Page 304

    P-2602H(W)(L)-DxA Series User’s Guide 304 Chapter 25 Tools The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following ic on on your desktop. Figure 171 Network T emporarily Disconnected After two minutes, log in again an d check your new firmware version in the[...]

  • Page 305

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 25 Tools 305 Figure 173 Configuration 25.5.1 Backup Configuration Backup Configuration allows you to back up (save) the ZyXE L Device’ s current configuration to a file on your co mputer . Once your ZyXEL Device is config ured and functionin g properly , it is highly recommended that you b ack up y[...]

  • Page 306

    P-2602H(W)(L)-DxA Series User’s Guide 306 Chapter 25 Tools After you see a “restore configuration successf ul” scree n, you must then wait one minute before logging into th e ZyXEL Device again. Figure 174 Configuration Upload Successfu l The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some oper[...]

  • Page 307

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 25 Tools 307 25.5.3 Reset to Factory Default s Click the Reset button to clear all user-entered conf iguration information and return the ZyXEL Device to its factory defaults . The following warning screen appears. Figure 177 Reset W arning Message Figure 178 Reset In Process Message Y ou can also pr[...]

  • Page 308

    P-2602H(W)(L)-DxA Series User’s Guide 308 Chapter 25 Tools 25.7 Using FTP or TFTP to Back Up Configuration This section covers how to use FTP or TFTP to save your device’ s config uration file to your computer . 25.7.1 Using the FTP Comman ds to Back Up Configuration 1 Launch the FTP client on your computer . 2 Enter “ open ”, followed by a[...]

  • Page 309

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 25 Tools 309 25.7.3 Configuration Backup Using GUI-based FTP Client s The following table describes some of the commands that you may see in GUI-based FTP clients. 25.7.4 Backup Configuration Using TFTP The ZyXEL Device supports the up/downlo ading of the firmware and the configuratio n file using TF[...]

  • Page 310

    P-2602H(W)(L)-DxA Series User’s Guide 310 Chapter 25 Tools 25.7.5 TFTP Command Co nfiguration Backup Example The following is an example TFTP command: tftp [-i] host get rom-0 config.rom where “ i ” specifies binary image transfer mode (use this mode when transferring binary files), “ host ” is the ZyXEL Device IP address, “ get ” tra[...]

  • Page 311

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 25 Tools 311 Note: W ARNING! Do not interrupt the file transfer process as this may PERMANENTL Y DAMAGE YOUR device. When the Restore Configuration process is complete, the device will automatically rest art. 25.8.1 Restore Usin g FTP Session Example Figure 181 Restore Using FTP Session Example Refer[...]

  • Page 312

    P-2602H(W)(L)-DxA Series User’s Guide 312 Chapter 25 Tools 0 config.rom” transfers the configuration file on the device to your computer and renames it “config.rom.” See earlier in this chapter fo r more information on filename conventions. 7 Enter “quit” to exit the ftp prompt. 25.9.2 FTP Session Exampl e of Firmware File Upload Figure[...]

  • Page 313

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 25 Tools 313 Note that the telnet connection must be active an d the device in CI mode before and during the TFTP transfer . For details on TFTP commands (see following example), please consult the documentation of your TFTP client program. For UNIX, use “get” to transfer from the device to the c[...]

  • Page 314

    P-2602H(W)(L)-DxA Series User’s Guide 314 Chapter 25 Tools[...]

  • Page 315

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 26 Diagnostic 315 C HAPTER 26 Diagnostic These read-only screens display information to help you identify problems with the ZyXEL Device. 26.1 General Diagnostic Click Maintenance > Diagnostic to open the screen shown next. Figure 183 Diagnostic: General The following table describes th e fields i[...]

  • Page 316

    P-2602H(W)(L)-DxA Series User’s Guide 316 Chapter 26 Diagnostic Figure 184 Diagnostic: DSL Line The following table describes th e fields in this screen. Table 124 Diagnostic: DSL Line LABEL DESCRIPTION A TM S tatus Cli ck this button to view your DSL connection’s Asynchronous T ransfer Mode (A TM) statistics. A TM is a networking te chnology t[...]

  • Page 317

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 26 Diagnostic 317 DSL Line S tatus Cli ck this button to view stat istics about the DSL connections. noise margin downstream is th e signal to noise ratio for the downstre am part of the connection (coming into the ZyXEL Device from the ISP). It is meas ured in decibels. The highe r the number the mo[...]

  • Page 318

    P-2602H(W)(L)-DxA Series User’s Guide 318 Chapter 26 Diagnostic[...]

  • Page 319

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 27 Troubleshooting 319 C HAPTER 27 T roubleshooting This chapter covers potential proble ms and the corresponding remedies. 27.1 Problems St arting Up the ZyXEL Device 27.2 Problems with the LAN Table 125 Troubleshooting Starting Up Your Device PROBLEM CORRECTIVE ACTION None of the lights turn on whe[...]

  • Page 320

    P-2602H(W)(L)-DxA Series User’s Guide 320 Chapter 27 Troublesh ooting 27.3 Problems with the W AN Table 127 Troubleshooting the WAN PROBLEM CORRECTIVE ACTION The DSL light is off. Check the telephone wire and connection s between the ZyXEL Device DSL port and the wall jack. Make sure that the telephone company has checked your phone line and set [...]

  • Page 321

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 27 Troubleshooting 321 27.4 Problems Accessi ng the ZyXEL Device 27.4.1 Pop-up Windows, Ja vaScript s and Java Permissions In order to use the web configurator you need to allow: • W eb browser pop-up windows from y our device. • JavaScripts (enabled by default). Table 128 Troubleshooting Accessi[...]

  • Page 322

    P-2602H(W)(L)-DxA Series User’s Guide 322 Chapter 27 Troublesh ooting • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for o ther Internet Explorer versions may va ry . 27.4.1.1 Internet Explorer Pop-up Blockers Y ou may have to disable pop-up blocking to log into your device. Either disable pop-[...]

  • Page 323

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 27 Troubleshooting 323 Figure 186 Intern et Options 3 Click Apply to save this setting. 27.4.1.1.2 Enable pop-up Blockers with Exceptions Alternatively , if you only want to allow pop-up windows from yo ur device, see the following steps. 1 In Internet Explorer , select To o l s , Internet Options an[...]

  • Page 324

    P-2602H(W)(L)-DxA Series User’s Guide 324 Chapter 27 Troublesh ooting Figure 187 Internet Options 3 T ype the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites .[...]

  • Page 325

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 27 Troubleshooting 325 Figure 188 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 27.4.1.2 JavaScript s If pages of the web configura tor do not display properly in Intern et Explorer , check that JavaScripts are allowed. 1 In Internet Explor[...]

  • Page 326

    P-2602H(W)(L)-DxA Series User’s Guide 326 Chapter 27 Troublesh ooting Figure 189 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting . 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is sele cted (the default). 6 Click OK to clos e the wi[...]

  • Page 327

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 27 Troubleshooting 327 Figure 190 Security Settings - Java Scripting 27.4.1.3 Java Permissions 1 From Internet Explorer , click To o l s , Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM . 4 Under Java permissions make sure that a safety l[...]

  • Page 328

    P-2602H(W)(L)-DxA Series User’s Guide 328 Chapter 27 Troublesh ooting Figure 191 Security Settings - Java 27.4.1.3.1 JA V A (Sun) 1 From Internet Explorer , click To o l s , Internet Options and then the Advance d tab. 2 make sure that Use Java 2 for <applet> u nder Java (Sun) is selected. 3 Click OK to clos e the window .[...]

  • Page 329

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 27 Troubleshooting 329 Figure 192 Java (Sun) 27.5 T elephone Problems Table 129 Troubleshooting Telephone PROBLEM CORRECTIVE ACTION The telephone port won’t work or the telephone lacks a dial to ne. Check the telephone con nections and telephone wire. Make sure you have the V oIP SIP Settings scree[...]

  • Page 330

    P-2602H(W)(L)-DxA Series User’s Guide 330 Chapter 27 Troublesh ooting 27.6 Problems With Multiple SIP Account s Y ou can se t up two SIP accounts on yo ur ZyX EL Device and your ZyXEL Device is equipped with two phone ports. By default you r ZyXEL Device uses S IP account 1 with both ph one ports for outgoing calls, and it uses SIP accounts 1 and[...]

  • Page 331

    P-2602H(W)(L)-DxA Ser ies User’s Guide Chapter 27 Troubleshooting 331 27.6.2 Incoming Calls The following example shows the default behavior of your ZyXE L Device for incoming calls when two SIP accounts are configured and yo u are using two phones. When a call comes in from your SIP account 1, the phon es connected to both phone port 1 an d phon[...]

  • Page 332

    P-2602H(W)(L)-DxA Series User’s Guide 332 Chapter 27 Troublesh ooting[...]

  • Page 333

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix A Product Specifications 333 A PPENDIX A Product S pecifications See also Chapter 1 on pa ge 37 for a general overview of the key features. S pecification T ables Table 130 Device Specifications Default IP Address 192.168.1 .1 Default Subnet Mask 255.255 .255.0 (24 bits) Default Password 1 234 DHCP [...]

  • Page 334

    P-2602H(W)(L)-DxA Series User’s Guide 334 Appendix A Product Specifications Table 131 Firmware Specifications ADSL S tandards Support ITU G .992 .1 G .dmt (Annex B, U-R2) EOC specified in ITU-T G .992.1 ADSL2 G . dmt.bis (G .992 .3) ADSL2 G . lite.bis (G .992.4) ADSL 2/2+ AnnexM ADSL2+ (G .992.5) Reach-Extended ADSL (RE ADSL) SRA (Seamless Rate A[...]

  • Page 335

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix A Product Specifications 335 Wireless (“W” models only) IEEE 802.1 1g Compliance Frequency Range: 2.4 GHz ISM Band Advanced Orthogonal Frequency Divisio n Multiplexing (OFDM) Data Ra tes: 54Mbp s, 1 1Mbps, 5.5Mbp s, 2Mbps, and 1 Mbp s Auto Fallback T urn on-off WLAN by reset button (press 1s on [...]

  • Page 336

    P-2602H(W)(L)-DxA Series User’s Guide 336 Appendix A Product Specifications P-2602HWL Series Power Adaptor S pecifications V oice Fe atures SIP version 2 (Session Initiating Protocol RFC 3261) SDP (Session Description Protocol RFC 2327) RTP (RFC 1889) RTCP (RFC 1890) V oice code cs (coder/decoders) G .71 1, G .729 G .1 68 echo cancellation (8ms ~[...]

  • Page 337

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix A Product Specifications 337 Input Power AC 100~240V olts/50/60Hz/0.5A AC 100~240V olts/50/60Hz/0.6A Output Pow er DC 18V olts/1A DC 18V olts/1A Power Consumption 12 Wa tt max 12 W att max Safety S t andards TUV , CE(EN 60950 -1 ) TUV , CE(EN 60950-1) UNITED KINGDOM PLUG ST ANDARDS AC Power Adapter [...]

  • Page 338

    P-2602H(W)(L)-DxA Series User’s Guide 338 Appendix A Product Specifications[...]

  • Page 339

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix B Sp litters and Microf ilters 339 A PPENDIX B S plitters and Microfilters This appendix tells you how to install a POTS splitter or a telephone microfilter . Connecting a POTS S plitter When you use the Full Rate (G .dmt) ADSL standard, you can use a POTS (Plain Old T elephone Service) splitter to [...]

  • Page 340

    P-2602H(W)(L)-DxA Series User’s Guide 340 Appendix B Splitters and Microfilters 1 Connect a phone cable from the wall jack to the single jack end of the Y - Connector . 2 Connect a cable from the double jack end of the Y -Connector to th e “wa ll side” of the microfilter . 3 Connect another cable from the double jack end of the Y -Conn ector [...]

  • Page 341

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix C Setting up Your Computer’s IP Address 341 A PPENDIX C Setting up Y o ur Computer ’ s IP Address All computers must have a 10M or 100M Et hernet adapter card and TCP/IP installed. W indows 95/98/Me/NT/2000/XP , Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include th[...]

  • Page 342

    P-2602H(W)(L)-DxA Series User’s Guide 342 Appendix C Setting up Your Computer’s IP Address Figure 200 WIndows 95/98 /Me: Network: Co nfiguration Inst alling Component s The Network window Configuration tab displays a list of installed components. Y ou need a network adapter , the TCP/IP protocol and Client for Microso ft Networks. If you need t[...]

  • Page 343

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix C Setting up Your Computer’s IP Address 343 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click OK . 5 Restart your computer so the changes you made take ef fect. Configuring 1 In the Network window Configuration[...]

  • Page 344

    P-2602H(W)(L)-DxA Series User’s Guide 344 Appendix C Setting up Your Computer’s IP Address Figure 202 Windows 95/98/Me : TCP/IP Pr operties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’ s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field [...]

  • Page 345

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix C Setting up Your Computer’s IP Address 345 Figure 203 Windows XP: S tart Menu 2 For W indows XP , click Network Connections . For W indows 2000/NT , click Network and Dial-up Connections . Figure 204 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Pr operties .[...]

  • Page 346

    P-2602H(W)(L)-DxA Series User’s Guide 346 Appendix C Setting up Your Computer’s IP Address Figure 205 Windows XP: Control Panel: Network Connections: Pro perties 4 Select Internet Protocol (TCP/IP) (under the Genera l tab in W in XP) and click Properties . Figure 206 Windows XP: Local Area Conne ction Properties 5 The Internet Pr otocol TCP/IP [...]

  • Page 347

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix C Setting up Your Computer’s IP Address 347 • If you have a static IP address click Use the following IP Address and fill in the IP addr ess , Subnet mask , and Default gateway fields. Click Advanced . Figure 207 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP ad[...]

  • Page 348

    P-2602H(W)(L)-DxA Series User’s Guide 348 Appendix C Setting up Your Computer’s IP Address 7 In the Internet Protocol TCP/IP Pr operties window (the General tab in W indows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP addre ss(es). • If you know your DNS server IP address(es), click Use the foll[...]

  • Page 349

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix C Setting up Your Computer’s IP Address 349 Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel . Figure 209 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list.[...]

  • Page 350

    P-2602H(W)(L)-DxA Series User’s Guide 350 Appendix C Setting up Your Computer’s IP Address Figure 210 Macintosh O S 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configur e: list. 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address[...]

  • Page 351

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix C Setting up Your Computer’s IP Address 351 2 Click Network i n the icon bar . • Select Automatic from the Location list. • Select Built-in Ethe rnet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list . Figure 212 Macint[...]

  • Page 352

    P-2602H(W)(L)-DxA Series User’s Guide 352 Appendix C Setting up Your Computer’s IP Address[...]

  • Page 353

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix D IP Addresses and Subn etting 353 A PPENDIX D IP Addresses and Subnetting This appendix introduces IP addresses, IP address classes and subnet masks. Y ou use subnet masks to subdivid e a network in to smaller logical networks. Introduction to IP Addresses An IP address has two parts: the network n[...]

  • Page 354

    P-2602H(W)(L)-DxA Series User’s Guide 354 Appendix D IP Addresses a nd Subnetting The following table shows the network number and host ID arrangement for classes A, B and C. An IP address with host IDs of all zeros is the IP address of the n etwork (192.168. 1.0 for example). An IP address with host IDs of all ones is the broadcast address for t[...]

  • Page 355

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix D IP Addresses and Subn etting 355 Subnet Masks A subnet mask is used to dete rmine which bits are part of th e network number , and which bits are part of the host ID (using a logical AND operation). A subnet mask has 32 bits. If a b it in the subnet mask is a “1” then the corresponding bit in [...]

  • Page 356

    P-2602H(W)(L)-DxA Series User’s Guide 356 Appendix D IP Addresses a nd Subnetting The first mask shown is the class “C” natural m ask. Normally if no mask is specified it is understood that the natura l mask is being used. Example: T wo Subnet s As an example, you have a class “C” address 1 92.168.1.0 wi th subnet mask o f 255.255.255 .0.[...]

  • Page 357

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix D IP Addresses and Subn etting 357 Host IDs of all zeros represent the subnet itsel f and host IDs of all ones are the broadcast address for that subnet, so the actual number of hosts available on each subnet in the example above is 2 7 – 2 or 126 h osts for each subnet. 192.168.1.0 with mask 255.[...]

  • Page 358

    P-2602H(W)(L)-DxA Series User’s Guide 358 Appendix D IP Addresses a nd Subnetting Example Eight Subnet s Similarly use a 27-bit mask to create eight subnets (000, 001, 010 , 01 1, 100, 101, 1 10 and 111 ) . Subnet Address: 192.1 68.1.0 Lowest Host ID: 192 .168.1.1 Broadcast Address: 192.168.1.63 Highest Host ID: 192.168.1.62 Table 141 Subnet 2 IP[...]

  • Page 359

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix D IP Addresses and Subn etting 359 The following table shows class C IP ad dress last octet values for each subnet. The following table is a summary for class “C” subnet planning. Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet ma sk also de[...]

  • Page 360

    P-2602H(W)(L)-DxA Series User’s Guide 360 Appendix D IP Addresses a nd Subnetting The following table is a summary for class “B” subnet planning. Table 146 Class B Subnet Planning NO. “BORROWED” HOST BIT S SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.128.0 (/17) 2 32766 2 255.255.192.0 (/18) 4 16382 3 255.255.224.0 (/19) 8 8190 [...]

  • Page 361

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix E Wir eless LANs 361 A PPENDIX E Wireless LANs Wireless LAN T opologies This section discusses ad-hoc and in frastructure w ireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an inde pendent (Ad-hoc) WLAN that connects a set of computers with wireless statio[...]

  • Page 362

    P-2602H(W)(L)-DxA Series User’s Guide 362 Appendix E Wirele ss LANs Figure 214 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlappi ng BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This ty[...]

  • Page 363

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix E Wir eless LANs 363 Figure 215 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.1 1a/b/g wireless devices. Channels available depend on your ge ographical area. Y ou may have a choice o f channels (for your region) so you should use a dif ferent chan nel th an an a[...]

  • Page 364

    P-2602H(W)(L)-DxA Series User’s Guide 364 Appendix E Wirele ss LANs Figure 216 RTS/ CTS When station A sends data to the AP , it might no t know that the station B is already using the channel. If these two stations se nd data at the same time, collis ions may occur when both sets of data arrive at the AP at the same time, r esulting in a loss of[...]

  • Page 365

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix E Wir eless LANs 365 A large Fragmentation Thr eshold is recommended for networks not prone to interference while you should set a smaller thresh old for busy networks or networks tha t are prone to interference. If the Fragmentation Threshold value is smaller than the RT S /C T S value (see previou[...]

  • Page 366

    P-2602H(W)(L)-DxA Series User’s Guide 366 Appendix E Wirele ss LANs IEEE 802.1x In June 2001, the IEEE 802.1x st andard was designed to extend th e features of IEEE 802.1 1 to support extended authentication as well as providing additional accounting and control features. It is supported by W indows XP and a number of network devices. Some advant[...]

  • Page 367

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix E Wir eless LANs 367 • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access- Request message. The following types of RADIUS messages are exchanged between the acces s poin[...]

  • Page 368

    P-2602H(W)(L)-DxA Series User’s Guide 368 Appendix E Wirele ss LANs EAP-TLS (T ransport Layer Security) W ith EAP-TLS, digital certifications are needed by both the server and the wireless stations for mutual authentication. The server presents a certificate to the client. After validating the identity of the server , the client sends a differ en[...]

  • Page 369

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix E Wir eless LANs 369 For added security , certificate-based authen tications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are ofte n deployed in corp orate environments, but for public deployment, a simp le user name and p assword pair is more practical. The following tabl[...]

  • Page 370

    P-2602H(W)(L)-DxA Series User’s Guide 370 Appendix E Wirele ss LANs The Message Integrity Check (MIC ) is designed to prevent an attacker from capturing data packets, altering them and resending them. The MIC provides a strong mat hematical function in which the receiver and the transmitter each compute and then compare the MIC. If they do not ma[...]

  • Page 371

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix F Service s 371 A PPENDIX F Services The following table l ists some commonly-used se rvices and their associated protocols and port numbers. • Name : This is a short, descrip tive name for the service. Y ou can use this one or create a different one, if you like. • Pro tocol : This is the type [...]

  • Page 372

    P-2602H(W)(L)-DxA Series User’s Guide 372 Appendix F Services HTTP TCP 80 Hyper T ext T ransfer Protocol - a client/ server protocol for the world wide web. HTTPS TCP 443 HTTPS is a secured http session often used in e-commerce. ICMP User-Defined 1 Internet Control Message Protocol is often used for diagnostic purposes. ICQ UDP 4000 This is a pop[...]

  • Page 373

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix F Service s 373 RCMD TCP 512 Remote Command Se rvice. REAL_AUDIO TCP 7070 A streaming audio service that enab les real time sound over the we b. REXEC TCP 514 Remote Execution Daemon. RLOGIN TCP 513 Remote Login. ROADRUNNER TCP/UDP 1026 This is an ISP that provides services mainly for cable modems. [...]

  • Page 374

    P-2602H(W)(L)-DxA Series User’s Guide 374 Appendix F Services TFTP UDP 69 T rivial File Transfer Protocol is an Internet file transfer protocol similar to FTP , but uses the UDP (User Datagram Protocol) rather than TCP (T ransmission Control Protocol). VDOLIVE TCP UDP 7000 user- defined A videoconferencing solution. The UDP port number is spe cif[...]

  • Page 375

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix G Firewall Com mands 375 A PPENDIX G Firewall Commands Sys Firewall Commands The following describes the firewa ll commands. See the Command Interpreter appendix for inform ation on the command structure. Each of these commands must be preceded by sys firewall when you use them. For example, type sy[...]

  • Page 376

    P-2602H(W)(L)-DxA Series User’s Guide 376 Appendix G Firewall Co mmands[...]

  • Page 377

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix H Triangle Route 377 A PPENDIX H T riangle Route The Ideal Setup When the firewall is on, your ZyXEL Device acts as a secure gateway between your LAN and the Internet. In an ideal network topology , a ll incoming and outgoing network traf fic passes through the ZyXEL Device to pr otect your LAN agai[...]

  • Page 378

    P-2602H(W)(L)-DxA Series User’s Guide 378 Appendix H Triangle Route Figure 218 “T riangle Route” Problem The “T riangle Route” Solutions This section presents you two solutions to the “triangle route” problem. IP Aliasing IP alias allows you to partition your network into logical sections over the same Ethernet interface. Y our ZyXEL [...]

  • Page 379

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix H Triangle Route 379 Gateways on the W AN Side A second solution to the “triangle route” problem is to put all of your network gateways on the W AN side as the following figure shows. This en sures that all incoming network traffic passes through your ZyXEL Device to your LAN. Therefore your LAN[...]

  • Page 380

    P-2602H(W)(L)-DxA Series User’s Guide 380 Appendix H Triangle Route[...]

  • Page 381

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix I Log Descriptions 381 A PPENDIX I Log Descriptions This appendix provides descrip tions of example log messages. Table 152 System Maintenance Logs LOG MESSAGE DESCRIPTION Time calibration is successful The router has adjusted its time based on information from the time server . Time calibration fai[...]

  • Page 382

    P-2602H(W)(L)-DxA Series User’s Guide 382 Appendix I Log Descriptio ns Successful HTTPS login Someone has logged on to the router's web configurator interface using HTTPS protocol. HTTPS login failed Someone has faile d to log on to the router's web configurator interface using HTTPS protocol. Table 153 System Error Logs LOG MESSAGE DES[...]

  • Page 383

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix I Log Descriptions 383 For type and code details, see T able 165 o n page 387 . Table 155 TCP Reset Lo gs LOG MESSAGE DESCRIPTION Under SYN flood attack, sent TCP RST The router sent a TCP reset packet when a host was u nder a SYN flood attack (the TCP incomplete count is per destination h ost.) Exc[...]

  • Page 384

    P-2602H(W)(L)-DxA Series User’s Guide 384 Appendix I Log Descriptio ns Triangle route packet forwarded: ICMP The firewall allow ed a triangle route session to pass through. Packet without a NAT table entry blocked: ICMP The router blocked a packet that didn’t have a corresponding NA T table entry . Unsupported/out-of-order ICMP: ICMP The firewa[...]

  • Page 385

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix I Log Descriptions 385 For type and code details, see T able 165 o n page 387 . Table 160 UPnP Logs LOG MESSAGE DESCRIPTION UPnP pass through Firewall UPnP packets can p ass through the firewall. Table 161 Content Filterin g Logs LOG MESSAGE DESCRIPTION %s: block keyword The content of a requested w[...]

  • Page 386

    P-2602H(W)(L)-DxA Series User’s Guide 386 Appendix I Log Descriptio ns ip spoofing - no routing entry ICMP (type:%d, code:%d) The firewall classified an ICMP packet with no source routing entry as an IP spoofing attack. vulnerability ICMP (type:%d, code:%d) The firewall detecte d an ICMP vulnerability attack. traceroute ICMP (type:%d, code:%d) Th[...]

  • Page 387

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix I Log Descriptions 387 No Server to authenticate user. Th ere is no authentication serv er to authenticate a user . Local User Database does not find user`s credential. A user was not authenticated by the local user database because the user is not listed in th e local user database. Table 164 ACL S[...]

  • Page 388

    P-2602H(W)(L)-DxA Series User’s Guide 388 Appendix I Log Descriptio ns 11 T ime Exceeded 0 T ime to live exceeded in transit 1 Fragment reassembly time exceeded 12 Parameter Problem 0 Pointer indicates the error 13 T imestamp 0 T imestamp request message 14 T imestamp Reply 0 T imestamp reply message 15 Information Request 0 Information request m[...]

  • Page 389

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix I Log Descriptions 389 Table 168 RTP Logs LOG MESSAGE DESCRIPTION Error, RTP init fail The initialization of an RTP session failed. Error, Call fail: RTP connect fail A V oIP phone call fail ed because the RTP session could not be established. Error, RTP connection cannot close The termination of an[...]

  • Page 390

    P-2602H(W)(L)-DxA Series User’s Guide 390 Appendix I Log Descriptio ns The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to RFC 2408 for detail ed information on each type. Log Commands Go to the command interpreter interface ( Appendix J on page 393 explains how to access and use the commands). Configuri[...]

  • Page 391

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix I Log Descriptions 391 Figure 222 Displaying Log Para meters Example 4 Use sys logs category foll owed by a log category and a parameter to decide what to record. Use 0 to not record logs for that category , 1 to record only logs fo r that category , 2 to record only alerts for that category , and 3[...]

  • Page 392

    P-2602H(W)(L)-DxA Series User’s Guide 392 Appendix I Log Descriptio ns Log Command Example This example shows how to set the ZyXEL Devi ce to record the acc ess logs and alerts and then view the results. Figure 223 Log Command Example ras> sys logs load ras> sys logs category access 3 ras> sys logs save ras> sys logs display access # [...]

  • Page 393

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix J Com mand Interpreter 393 A PPENDIX J Command Interpreter The following describes how to us e the command interpreter . T eln et to the ZyXEL Device and enter the password to use the co mmands. See the includ ed disk or zyxel.com for more detailed information on these commands. Note: Use of undocum[...]

  • Page 394

    P-2602H(W)(L)-DxA Series User’s Guide 394 Appendix J Command Interpreter[...]

  • Page 395

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 395 A PPENDIX K Internal SPTGEN Internal SPTGEN Overview Internal SP TGEN (System Parame ter T able Generator) is a configuration text file useful for efficient configuration of multiple ZyXEL Devices. Internal SP TGEN lets you configure, save and upload multiple menus at the same [...]

  • Page 396

    P-2602H(W)(L)-DxA Series User’s Guide 396 Appendix K I nternal SPTGEN Some parameters are dependent on othe rs. For example, if you disable the Configur ed field in menu 1 (see Figure 224 on page 395 ), then you disable every field in this menu . If you enter a parameter that is invalid in the In put column, the ZyXEL Device will not save the con[...]

  • Page 397

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 397 Figure 227 Internal SP TGEN FTP Downl oad Example Note: Y ou can rename your “ rom-t ” file when you save it to your computer but it must be named “ rom-t ” when you uplo ad it to your ZyXEL De vice. Internal SPTGEN FTP Upload Example 1 Launch your FTP application. 2 En[...]

  • Page 398

    P-2602H(W)(L)-DxA Series User’s Guide 398 Appendix K I nternal SPTGEN This section covers ZyXEL De vice Internal SP TGEN screens. The following are the Internal SP TGEN menus. Table 173 Abbreviations Used in the Example Internal SPTGEN Screens Table ABBREVIA TION MEANING FIN Field Identification Number FN Field Name PV A Parameter V al ues Allowe[...]

  • Page 399

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 399 30100014 = Output device filters Set 2 = 256 30100015 = Output device filters Set 3 = 256 30100016 = Output device filters Set 4 = 256 / Menu 3.2 TCP/IP and DHCP Ethernet Setup FIN FN PVA INPUT 30200001 = DHCP <0(None) | 1(Server) | 2(Relay)> = 0 30200002 = Client IP Pool[...]

  • Page 400

    P-2602H(W)(L)-DxA Series User’s Guide 400 Appendix K I nternal SPTGEN 30201006 = IP Alias #1 Incoming protocol filters Set 1 = 256 30201007 = IP Alias #1 Incoming protocol filters Set 2 = 256 30201008 = IP Alias #1 Incoming protocol filters Set 3 = 256 30201009 = IP Alias #1 Incoming protocol filters Set 4 = 256 30201010 = IP Alias #1 Outgoing pr[...]

  • Page 401

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 401 30500002 = Hide ESSID <0(No) | 1(Yes)> = 0 30500003 = Channel ID <1|2|3|4|5|6|7 |8|9|10|11|12| 13> = 1 30500004 = RTS Threshold <0 ~ 2432> = 2432 30500005 = FRAG. Threshold <256 ~ 2432> = 2432 30500006 = WEP <0(DISABLE) | 1(64-bit WEP) | 2(128-bit WEP[...]

  • Page 402

    P-2602H(W)(L)-DxA Series User’s Guide 402 Appendix K I nternal SPTGEN 40000000 = Configured <0(No) | 1(Yes)> = 1 40000001 = ISP <0(No) | 1(Yes)> = 1 40000002 = Active <0(No) | 1(Yes)> = 1 40000003 = ISP's Name = ChangeMe 40000004 = Encapsulation <2(PPPOE) | 3(RFC 1483)| 4(PPPoA )| 5(ENET ENCAP)> = 2 40000005 = Multipl[...]

  • Page 403

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 403 40000031= RIP Direction <0(None) | 1(Both) | 2(In Only) | 3(Out Only)> = 0 40000032= RIP Version <0(Rip-1) | 1(Rip-2B) |2(Rip-2M)> = 0 40000033= Nailed-up Connection <0(No) |1(Yes)> = 0 Table 176 Menu 4 Internet Access Setup (con tinued) Table 177 Menu 12 / Me[...]

  • Page 404

    P-2602H(W)(L)-DxA Series User’s Guide 404 Appendix K I nternal SPTGEN 120103005 = IP Static Route set #3, Gat eway = 0.0.0.0 120103006 = IP Static Route set #3, Met ric = 0 120103007 = IP Static Route set #3, Pri vate <0(No) |1(Yes)> = 0 / Menu 12.1.4 IP Static Route Setup FIN FN PVA INPUT 120104001 = IP Static Route set #4, Nam e <Str&g[...]

  • Page 405

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 405 120107003 = IP Static Route set #7, Dest ination IP address = 0.0.0.0 120107004 = IP Static Route set #7, Dest ination IP subnetmask = 0 120107005 = IP Static Route set #7, Gate way = 0.0.0.0 120107006 = IP Static Route set #7, Metr ic = 0 120107007 = IP Static Route set #7, Pr[...]

  • Page 406

    P-2602H(W)(L)-DxA Series User’s Guide 406 Appendix K I nternal SPTGEN 120111001 = IP Static Route set #11, Na me <Str> = 120111002 = IP Static Route set #11, Ac tive <0(No) |1(Yes)> = 0 120111003 = IP Static Route set #11, Destination IP address = 0.0.0.0 120111004 = IP Static Route set #11, Destination IP subnetmask = 0 120111005 = I[...]

  • Page 407

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 407 */ Menu 12.1.15 IP Static Route Setu p FIN FN PVA INPUT 120115001 = IP Static Route set #15, Nam e <Str> = 120115002 = IP Static Route set #15, Act ive <0(No) |1(Yes)> = 0 120115003 = IP Static Route set #15, Destinati on IP address = 0.0.0.0 120115004 = IP Static R[...]

  • Page 408

    P-2602H(W)(L)-DxA Series User’s Guide 408 Appendix K I nternal SPTGEN 150000011 = SUA Server #3 Local IP address = 0.0.0.0 150000012 = SUA Server #4 Active <0(No) | 1(Yes)> = 0 150000013 = SUA Server #4 Protocol <0(All)|6(TCP)|1 7(U DP)> = 0 150000014 = SUA Server #4 Port Start = 0 150000015 = SUA Server #4 Port End = 0 150000016 = SU[...]

  • Page 409

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 409 150000045 = SUA Server #10 Port End = 0 150000046 = SUA Server #10 Local IP address = 0.0.0.0 150000047 = SUA Server #11 Active <0(No) | 1(Yes )> = 0 150000048 = SUA Server #11 Protocol <0(All)|6(TCP)|17(U DP)> = 0 150000049 = SUA Server #11 Port Start = 0 150000050[...]

  • Page 410

    P-2602H(W)(L)-DxA Series User’s Guide 410 Appendix K I nternal SPTGEN 210101013 = IP Filter Set 1,Rule 1 Act Match <1(check next)|2(forward)| 3(drop)> = 3 210101014 = IP Filter Set 1,Rule 1 Act Not Match <1(check next)|2(forward)| 3(drop)> = 1 / Menu 21.1.1.2 set #1, rule #2 FIN FN PVA INPUT 210102001 = IP Filter Set 1,Rule 2 Type <[...]

  • Page 411

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 411 210103009 = IP Filter Set 1,Rule 3 Src Subnet Mask = 0 210103010 = IP Filter Set 1,Rule 3 Src Port = 0 210103011 = IP Filter Set 1,Rule 3 Src Port Comp <0(none)|1(equal) |2(not equal)|3(less)|4( greater)> = 0 210103013 = IP Filter Set 1,Rule 3 Act Match <1(check next)|[...]

  • Page 412

    P-2602H(W)(L)-DxA Series User’s Guide 412 Appendix K I nternal SPTGEN 210105006 = IP Filter Set 1,Rule 5 Dest Port = 138 210105007 = IP Filter Set 1,Rule 5 Dest Port Comp <0(none)|1(equal) |2(not equal)|3(less)|4( greater)> = 1 210105008 = IP Filter Set 1,Rule 5 Src IP Address = 0.0.0.0 210105009 = IP Filter Set 1,Rule 5 Src Subnet Mask = 0[...]

  • Page 413

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 413 Table 180 Menu 21.1 Filer Set #2 , / Menu 21.1 filter set #2, FIN FN PVA INPUT 210200001 = Filter Set 2, Nam <Str> = NetBIOS_WAN / Menu 21.1.2.1 Filter set #2, rule #1 FIN FN PVA INPUT 210201001 = IP Filter Set 2, Rule 1 Type <0(none)|2(TCP/IP)> = 2 210201002 = IP F[...]

  • Page 414

    P-2602H(W)(L)-DxA Series User’s Guide 414 Appendix K I nternal SPTGEN 210202007 = IP Filter Set 2, Rule 2 Dest Port Comp <0(none)|1(equal)|2 (not equal)|3(less)|4(gr eater)> = 1 210202008 = IP Filter Set 2, Rule 2 Src IP address = 0.0.0.0 210202009 = IP Filter Se t 2, Rule 2 Src Subnet Mask = 0 210202010 = IP Filter Set 2,Rule 2 Src Port = [...]

  • Page 415

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 415 210203014 = IP Filter Set 2,Rule 3 Act Not Match <1(check next)|2(forward)|3( drop)> = 1 / Menu 21.1.2.4 Filter set #2, rule #4 FIN FN PVA INPUT 210204001 = IP Filter Set 2, Rule 4 Type <0(none)|2(TCP/IP)> = 2 210204002 = IP Filter Set 2, Rule 4 Active <0(N o)|1([...]

  • Page 416

    P-2602H(W)(L)-DxA Series User’s Guide 416 Appendix K I nternal SPTGEN 210205007 = IP Filter Set 2, Rule 5 Dest Port Comp <0(none)|1(equal)|2 (not equal)|3(less)|4(gr eater)> = 1 210205008 = IP Filter Set 2, Rule 5 Src IP address = 0.0.0.0 210205009 = IP Filter Se t 2, Rule 5 Src Subnet Mask = 0 210205010 = IP Filter Set 2, Rule 5 Src Port =[...]

  • Page 417

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 417 210206014 = IP Filter Set 2,Rule 6 Act Not Match <1(check next)|2(forward)|3( drop)> = 2 241100005 = FTP Server Access <0(all)|1(none)|2(L an)|3(Wan)> = 0 241100006 = FTP Server Secured IP address = 0. 0.0.0 241100007 = WEB Server Port = 80 241100008 = WEB Server Ac[...]

  • Page 418

    P-2602H(W)(L)-DxA Series User’s Guide 418 Appendix K I nternal SPTGEN 230400003 = Idle Timeout (in second) = 999 230400004 = Authentication Databases <0(Local Use r Database Only) |1(RADIUS Only) |2(Local,RADIUS) |3(RADIUS,Local)> = 1 230400005 = Key Management Protocol <0(8021x) |1 (WPA) |2(WPAPSK)> = 0 230400006 = Dynamic WEP Key Ex[...]

  • Page 419

    P-2602H(W)(L)-DxA Ser ies User’s Guide Appendix K Internal SPTGEN 419 Command Examples The following are example Internal SP TGEN screens associated with the ZyXEL Device’ s command interpreter commands. Table 183 Command Examples FIN FN PV A INPUT /ci command (for annex a): wan adsl opencmd FIN FN PVA INPUT 990000001 = ADSL OPMD <0(glite)|1[...]

  • Page 420

    P-2602H(W)(L)-DxA Series User’s Guide 420 Appendix K I nternal SPTGEN[...]

  • Page 421

    P-2602H(W)(L)-DxA Ser ies User’s Guide Index 421 Index A AAL5 334 AbS 156 ACK Message 152 Address Assignment 109 Address Resolution Protocol (ARP) 11 2 ADSL standards 38 ADSL2 334 AH 217 AH Protoc ol 221 ALG 41 , 149 alternative subnet mask notation 355 Analysis-by-Synthesis 156 Antenna 333 Any IP 39 , 111 How it works 11 2 note 11 2 Any IP Setup[...]

  • Page 422

    P-2602H(W)(L)-DxA Series User’s Guide 422 Index CoS 162 CTS (Clear to Send) 364 Custom Ports Creating/Editing 202 Customized Services 202 Customized services 202 D Data Confidentiality 216 Data Integrity 216 Data Origin Authentication 216 DBPSK 42 Default 307 Default LAN IP Address 49 Denial of Service 182 , 183 , 208 Destination Address 195 DH 2[...]

  • Page 423

    P-2602H(W)(L)-DxA Ser ies User’s Guide Index 423 Custom Ports 202 Enabling 196 Firewall Vs Filters 191 Guidelines For Enhancing Security 190 Introduction 182 LAN to W AN Rules 196 Policies 193 Rule Checklist 194 Rule Logic 194 Rule Security Ra mifications 194 Ty p e s 181 When T o Use 192 Firmware 301 firmware 301 upload 302 upload error 304 Flas[...]

  • Page 424

    P-2602H(W)(L)-DxA Series User’s Guide 424 Index IPSec 215 IPSec Algorithms 217 , 221 IPSec and NA T 218 IPSec Architecture 216 IPSec Passthrough 335 IPSec S tandard 39 IPSec VPN Capability 39 ISDN (Integrated Services Di gital Network) 38 ITSP 44 ITU-T 164 ITU-T G .992.1 317 J Jitter Buf fer 40 K Keep Alive 225 Key Fields For Configurin g Rules 1[...]

  • Page 425

    P-2602H(W)(L)-DxA Ser ies User’s Guide Index 425 P Packet Filtering 191 Packet filtering When to use 192 Packet Filtering Firewalls 181 Pairwise Master Key (PMK) 369 PCM 156 Peak Cell Rate (PCR) 96 , 102 Peer to Peer Calls 45 Peer-to-peer Calls 45 Perfect Forward Secrecy 236 Per-Hop Behavior 162 Permanent Virtual Circuits 334 PFS 236 PHB (Per-Hop[...]

  • Page 426

    P-2602H(W)(L)-DxA Series User’s Guide 426 Index S SA 215 Safety W arnings 5 Saving the S tate 187 Scheduler 254 SDP 336 Seamless Rate Adaptation 334 Secure Gateway Address 223 Security Association 215 Security In General 190 Security Parameter Index 239 Security Parameters 370 Security Ramifications 194 Server 143 , 144 , 292 Service 195 Service [...]

  • Page 427

    P-2602H(W)(L)-DxA Ser ies User’s Guide Index 427 TFTP and FTP over W AN 302 TFTP Restrictions 267 , 30 2 Three-Way Conference 170 , 171 Three-Way Handshake 184 Threshold V alues 207 TLS 335 To S 162 T raceroute 187 T raffic Redirect 103 , 104 T raffic redirect 103 , 106 T raffic shaping 96 T ransparent Bridging 334 T ransport Mode 218 T riangle 3[...]