ZyXEL Communications P-2602H manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465

Ir para a página of

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto ZyXEL Communications P-2602H. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoZyXEL Communications P-2602H vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual ZyXEL Communications P-2602H você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual ZyXEL Communications P-2602H, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual ZyXEL Communications P-2602H deve conte:
- dados técnicos do dispositivo ZyXEL Communications P-2602H
- nome do fabricante e ano de fabricação do dispositivo ZyXEL Communications P-2602H
- instruções de utilização, regulação e manutenção do dispositivo ZyXEL Communications P-2602H
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque ZyXEL Communications P-2602H não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos ZyXEL Communications P-2602H e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço ZyXEL Communications na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas ZyXEL Communications P-2602H, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo ZyXEL Communications P-2602H, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual ZyXEL Communications P-2602H. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    www .zyxel.com P-2602HW(L) Series 802.1 1g Wireless ADSL2+ V oIP IAD P-2602H Series ADSL2+ V oIP IAD User ’ s Guide V ersion 3.40 12/2006 Edition 2[...]

  • Página 2

    [...]

  • Página 3

    About This User's Guide P-2602H(W)(L)-DxA User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who want to configure the ZyXEL Device using the web configurator . Y ou should have at least a basic knowledge of TCP/IP network ing concepts and topology . Related Document ation • Quick Start Guide T[...]

  • Página 4

    Document Conventions P-2602H(W)(L)-DxA User’s Guide 4 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User ’ s Guide. 1 W arnings tell you about things that could harm you or your device. " Notes tell you other important informati on (for example, other things you may need to configure or helpful[...]

  • Página 5

    Document Conventions P-2602H(W)(L)-DxA User’s Guide 5 Icons Used in Figures Figures in this User ’ s Guide may use the followi ng generic icons. The ZyXEL Device icon is not an exact representation of your device. ZyXEL Device Computer Notebook computer Server DSLAM Firewall T elephon e Switch Router[...]

  • Página 6

    Safety Warnings P-2602H(W)(L)-DxA User’s Guide 6 Safety Warnings 1 For your safety , be sure to read and follow all warni ng notices and instructions. • Do NOT use this product near water , for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store thin gs on th[...]

  • Página 7

    Safety Warnings P-2602H(W)(L)-DxA User’s Guide 7[...]

  • Página 8

    Safety Warnings P-2602H(W)(L)-DxA User’s Guide 8[...]

  • Página 9

    Contents Overview P-2602H(W)(L)-DxA User’s Guide 9 Contents Overview Introduction .......................................... ........................................................................ .......... 37 Introducing the ZyXEL Device ............... ................ ................ ................ ................. ................ .. .3[...]

  • Página 10

    Contents Overview P-2602H(W)(L)-DxA User’s Guide 10[...]

  • Página 11

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 11 Table of Contents About This User's Guide ........................................................................... ............................... 3 Document Conventions.................................................................. ......................................... .4 Safety [...]

  • Página 12

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 12 2.2.4 S tatus Bar ............ ................ ............. ................ ................ ............. ................ ........ ..... 53 Part II: Wizard ......................... .................................... ............................ 55 Chapter 3 Internet and Wireles s Setup W[...]

  • Página 13

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 13 7.1.5 Nailed-Up Connection (PPP) .............. ................................................ ............. .......... 95 7.1.6 NA T .... ................. ............. ................ ................ ............. ................ ............. ......... ....... 95 7.2 Metric . ..........[...]

  • Página 14

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 14 9.5.2 WEP Encryption Screen ............ ................ ................. ................ ............. ................ . 123 9.5.3 WP A(2)-PSK ... ................. ................................................................................ ........ 12 4 9.5.4 WP A(2) Authentication Sc[...]

  • Página 15

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 15 1 1.3 Quality of Service (QoS) ... ................ ................ ................. ................ ............. ................ .1 5 4 1 1.3.1 T ype of Service (T oS) ................. ................. ................ ................ ................ ........... 154 1 1.3.2 DiffServ ..[...]

  • Página 16

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 16 12.8.4 Call Progression ................... ................ ............. ................ ................ ................ ..... 18 5 12.9 V oIP T runking Example: PSTN to PSTN vi a V o IP ...... ............. ................ ................ ........ 185 12.9.1 Background Information ......[...]

  • Página 17

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 17 15.1 Access Methods .. .......... ................ ............. ................ ................ ............. ................ ..... ... 207 15.2 General Firewall Po licy Overview ........... ................ ............. ................ ................ ........... 207 15.3 Rule Logic Over[...]

  • Página 18

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 18 Chapter 18 VPN Screens............................................................... ..................................................... ...... 237 18.1 VPN/IPSec Ov erview ..... ................ ................ ............. ................ ................ ................ ..... 237 18.2 [...]

  • Página 19

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 19 19.8 T rusted CA s .... ................ ................ ................ ................. ............ ................. .......... ....... 273 19.9 T rusted CA Import ............................. ................. ................ ................ ............. ........... ... 275 19.10 T r[...]

  • Página 20

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 20 23.3 T elnet ...... ................ ............. ................ ................. ............. ................ ................ .. ............ 305 23.4 Configuring T elnet ....... ............. ................ ............. ................ ............. ................ ......... ..... [...]

  • Página 21

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 21 27.1 Introduction ................. ................ ............. ................ ................ ................ ............... ......... 3 45 27.2 Filename Conventions ...... ... ................ ................. ............. ................ ................ ............. . 345 27.3 Fi[...]

  • Página 22

    Table of Contents P-2602H(W)(L)-DxA User’s Guide 22 Appendix B Setting up Y our Computer ’s IP Address................................. ........................... 381 Appendix C Pop-up Windows, JavaScript s and Java Permissions ...................................... 393 Appendix D IP Addresses and Subnetting .......................... ........[...]

  • Página 23

    List of Figures P-2602H(W)(L)-DxA User’s Guide 23 List of Figures Figure 1 Internet Access Applic ation ..... ................ ................ ............. ................ ................. ....... ............ 41 Figure 2 Internet T elephony Servic e Provider Application ............ ................ ................ ............. ...........[...]

  • Página 24

    List of Figure s P-2602H(W)(L)-DxA User’s Guide 24 Figure 39 Wizard: We lc ome ..... ............. ................ ............. ................ ................ ............. ......... .............. 78 Figure 40 Bandwidth Management Wizard: General Informat ion . ................ ................ ................ .......... 78 Figure 41 Bandw[...]

  • Página 25

    List of Figures P-2602H(W)(L)-DxA User’s Guide 25 Figure 82 Port Forwarding Rule Setup ... ....... ......... ............. ................. ................ ............. .......... ....... 144 Figure 83 Address Mapping Rules ..................... .......... ................ ............. ................ ................ ... ........ 145 Figure[...]

  • Página 26

    List of Figure s P-2602H(W)(L)-DxA User’s Guide 26 Figure 125 Firewall: Customized Services ......... .......... ............. ................ ................ ............. ......... ..... 216 Figure 126 Firewall: Configure Cu stomized Servic es ...... ................ ................ ................ ................ ..... 2 17 Figure 127 Fir[...]

  • Página 27

    List of Figures P-2602H(W)(L)-DxA User’s Guide 27 Figure 168 S tatic Route Edit ............... ............. ................ ................ ................ ................ ...... .............. . 289 Figure 169 Subnet-based Bandwidth Management Example ...... ................ ................ ................ ........ 292 Figure 170 Bandwid[...]

  • Página 28

    List of Figure s P-2602H(W)(L)-DxA User’s Guide 28 Figure 21 1 Configuration Upload Error ..... ............. ................ ................. ................ ............. ......... ........ 350 Figure 212 Reset W a rning Message ............ ................ ............. ................ ................ ............. ........ ...... 350 Fi[...]

  • Página 29

    List of Figures P-2602H(W)(L)-DxA User’s Guide 29 Figure 254 Configuration T ext File Format: Column Descriptions ...... .... ................ ................ ............. . 425 Figure 255 Invalid Parameter Ente red: Command Line Example .......................... ................ .............. 426 Figure 256 V alid Parameter Entere d: Command[...]

  • Página 30

    List of Figure s P-2602H(W)(L)-DxA User’s Guide 30[...]

  • Página 31

    List of Tables P-2602H(W)(L)-DxA User’s Guide 31 List of Tables T able 1 Models Covered ............. ................. ................ ................ ................ ................ ......... .............. ... 39 T able 2 LEDs ..................... ................ ............. ................ ................ ................ ..........[...]

  • Página 32

    List of Tables P-2602H(W)(L)-DxA User’s Guide 32 T able 39 Network > Wireless LAN > OTIST ................ ................ ................... ................ ................... .. 129 T able 40 MAC Address Filt er ... ................ ............. ................ ............. ................ ................. .... ............. 132 [...]

  • Página 33

    List of Tables P-2602H(W)(L)-DxA User’s Guide 33 T able 82 Firewall: Configure Cus tomized Services ..... ............. ................ ................ ............. .............. 217 T able 83 Firewall: Threshold . ................... .... ................ ............. ................ ................ ............ ....... ........ 223 T abl[...]

  • Página 34

    List of Tables P-2602H(W)(L)-DxA User’s Guide 34 T able 125 Remote Management: WWW .............. ................ ................. ................................ .............. 305 T able 126 Remote Management: T e lnet .. ................ ................. ................ ................ ................ ....... .... 306 T able 127 Remote [...]

  • Página 35

    List of Tables P-2602H(W)(L)-DxA User’s Guide 35 T able 168 V oice Features ........ ................ ................ ................. ................ ................ ............ .............. . 376 T able 169 Wireless Features ............. ................ ................ ................ ................ ............. ........ .........[...]

  • Página 36

    List of Tables P-2602H(W)(L)-DxA User’s Guide 36[...]

  • Página 37

    37 P ART I Introduction Introducing the ZyXEL Device (39) Introducing the W eb Configurator (4 7)[...]

  • Página 38

    38[...]

  • Página 39

    P-2602H(W)(L)-DxA User’s Guide 39 C HAPTER 1 Introducing the ZyXEL Device This chapter introduces the main applications and features of the ZyXEL Device. It also introduces the ways yo u can manage the ZyXEL Device. 1.1 Overview The P-2602H(W)(L)-DxA series are Integrated Ac cess Devices (IADs) that combine an ADSL2+ router with V oice over IP (V[...]

  • Página 40

    Chapter 1 Introducing the ZyXEL Device P-2602H(W)(L)-DxA User’s Guide 40 • Model names with “3” as the penultimate ch aracter (like the P -2602HWL-D3A) denote a device that works over ISDN (Integrated Se rvices Digital Network). Models with “1” as the penultimate character (like the P-2602HWL -D1A) denote a device that works over T - IS[...]

  • Página 41

    Chapter 1 Introducing the ZyXEL Device P-2602H(W)(L)-DxA User’s Guide 41 • Back up the co nfiguration (and make sure you know how to restore it). Restoring an earlier working co nfiguration may be useful if the device becomes un stable or even crashes. If you for get your password, you will have to reset the ZyXEL Device to its factory default [...]

  • Página 42

    Chapter 1 Introducing the ZyXEL Device P-2602H(W)(L)-DxA User’s Guide 42 Figure 2 Internet T elephony Service Provider Application 1.4.3 Make Peer-to-peer Calls Y ou can call directly to someone’ s IP address without using a SIP proxy server . Peer-to-peer calls are also called “Point to Point” or “IP-to -IP” ca lls. Y ou must know the [...]

  • Página 43

    Chapter 1 Introducing the ZyXEL Device P-2602H(W)(L)-DxA User’s Guide 43 Figure 4 Firewall Application 1.4.5 LAN to LAN Application Y ou can use your device to connect two geogra phically dispersed networks over the ADSL line. A typical LAN-to-LAN app lication is shown as follows. Figure 5 LAN-to-LAN Applic ation[...]

  • Página 44

    Chapter 1 Introducing the ZyXEL Device P-2602H(W)(L)-DxA User’s Guide 44 1.5 LEDs Figure 6 LEDs The following table describes your device’ s LEDs. T able 2 LEDs LED COLOR STATUS DESCRIPTION POWER Green On Y our device is receiving power and fun ctioning properly . Blinking Y our device is rebooting and performing a se lf-test. Red On Y our devi[...]

  • Página 45

    Chapter 1 Introducing the ZyXEL Device P-2602H(W)(L)-DxA User’s Guide 45 Refer to the Quick S tart Guide for in formation on hard ware connections. 1.6 The RESET Button Y ou can use the RESET button at the back of the device to turn the wireless LAN off or on. Y ou can also use it to activate OTIST in order to assign your wireless security settin[...]

  • Página 46

    Chapter 1 Introducing the ZyXEL Device P-2602H(W)(L)-DxA User’s Guide 46 T o set the device back to the factory default settings, press the RESET button for ten seconds or until the POWER LED begins to blink and then release it. When the POWER LED begins to blink, the defaults have been restored and the device restarts.[...]

  • Página 47

    P-2602H(W)(L)-DxA User’s Guide 47 C HAPTER 2 Introducing the Web Configurator This chapter describes how to access and navigate the web configurator . 2.1 W eb Configurator Overview The web configur ator is an HTML-based managem e nt interface that allows easy device setup and management via Interne t browser . Use In ternet Explorer 6.0 and late[...]

  • Página 48

    Chapter 2 Introducing the Web Configur ator P-2602H(W)(L)-DxA User’s Guide 48 Figure 7 Password Screen 5 The following screen displays if you have no t yet changed your password. It is strongly recommended you change the default passwo rd. Enter a new passwor d, retype it to confirm and click Apply ; alternatively click Ignor e to proceed to the [...]

  • Página 49

    Chapter 2 Introducing the Web Configurator P-2602H(W)(L)-DxA User’s Guide 49 Figure 9 Replace Certificate Screen 7 A screen displays to let you choose whether to go to the wizard or the advanced screens. • Click Go to W izard setup if you are logging in for the firs t time or if you want to make basic changes. The wizard selectio n screen appe [...]

  • Página 50

    Chapter 2 Introducing the Web Configur ator P-2602H(W)(L)-DxA User’s Guide 50 2.2 W eb Configurator Main Screen Figure 1 1 Main Screen As illustrated above, the main scr een is di vided into these parts: • A - title bar • B - navigation panel • C - main window • D - status bar 2.2.1 T i tle Bar The title bar allows you to cha nge the lang[...]

  • Página 51

    Chapter 2 Introducing the Web Configurator P-2602H(W)(L)-DxA User’s Guide 51 2.2.2 Navigation Panel Use the men u items on the na vig a tion panel to open screens t o configure ZyXEL Device features. The following tables describe each menu item. T able 4 Navigation Panel Summar y LINK TA B FUNCTION S tatus This screen contains administrative and [...]

  • Página 52

    Chapter 2 Introducing the Web Configur ator P-2602H(W)(L)-DxA User’s Guide 52 Phone Book S peed Dial Use this screen to configure speed dial for SIP phone numbers that you call often. Incoming Call Policy Use this screen to configure call-forwarding. Distinctive R ing Use this screen to configure ring t one behavior based on the orig in of incomi[...]

  • Página 53

    Chapter 2 Introducing the Web Configurator P-2602H(W)(L)-DxA User’s Guide 53 2.2.3 Main Window The main window displays informa tion and configuration fields. It is discussed in the rest of this document. Right after you log in, the St a t u s screen is displayed. See Ch apter 6 on page 83 for more information about the St a t u s screen. 2.2.4 S[...]

  • Página 54

    Chapter 2 Introducing the Web Configur ator P-2602H(W)(L)-DxA User’s Guide 54[...]

  • Página 55

    55 P ART II Wi z a r d Internet and W ireless Setup W izard (57) V oIP W izard And Example (71) Bandwidth Management W izard (77)[...]

  • Página 56

    56[...]

  • Página 57

    P-2602H(W)(L)-DxA User’s Guide 57 C HAPTER 3 Internet and Wireless Setup Wizard This chapter provides informatio n on the W izard Setup screens for Internet access in the web configurator . 3.1 Introduction Use the wizard setup sc reens to configure your system for Internet access with the information given to you by your ISP . " See the adv[...]

  • Página 58

    Chapter 3 Intern et and Wireless Setup Wizar d P-2602H(W)(L)-DxA User’s Guide 58 Figure 12 Select a Mode 2 Click INTERNET/WIRELESS SETUP to configure the system for Internet access and wireless connection. Figure 13 Wizard Welcome 3 Y our ZyXEL device attempts to detect your DSL co nnection and your connection type. 3a The following scree n appea[...]

  • Página 59

    Chapter 3 Internet and Wireless Setup Wizard P-2602H(W)(L)-DxA User’s Guide 59 Figure 14 Auto Detection: No DSL Connection 3b The following screen displays if a PPPoE or PPPoA connection is detect ed. Enter your Internet account information (user name, password and/or service name) exactly as provided by your ISP . Then click Next and see Section[...]

  • Página 60

    Chapter 3 Intern et and Wireless Setup Wizar d P-2602H(W)(L)-DxA User’s Guide 60 Figure 16 Auto Detection: Failed 3.2.1 Manual Configuration 1 If the ZyXEL Device fails to detect your DS L connection type but the physical line is connected, enter your Internet access informa tion in the wizard screen exactly as your service provider gave it to yo[...]

  • Página 61

    Chapter 3 Internet and Wireless Setup Wizard P-2602H(W)(L)-DxA User’s Guide 61 Figure 17 Internet Access Wizard Setup: ISP Parameters The following table describes the fields in this screen. 2 The next wizard screen varies depending on what mode and encapsulation type you use. All screens shown are with routing mo de. Configure the fields and cli[...]

  • Página 62

    Chapter 3 Intern et and Wireless Setup Wizar d P-2602H(W)(L)-DxA User’s Guide 62 Figure 18 Internet Connection with PPPoE The following table describes the fields in this screen. Figure 19 Internet Connection with RFC 1483 T able 6 Internet Connection with PPPoE LABEL DESCRIPTION User Name Enter the user na me exactly as your ISP assigned. If ass[...]

  • Página 63

    Chapter 3 Internet and Wireless Setup Wizard P-2602H(W)(L)-DxA User’s Guide 63 The following table describes the fields in this screen. Figure 20 Internet Connection with ENET ENCAP The following table describes the fields in this screen. T able 7 Internet Connect i on with RFC 1483 LABEL DESCRIPTION IP Address This field is available if you sele[...]

  • Página 64

    Chapter 3 Intern et and Wireless Setup Wizar d P-2602H(W)(L)-DxA User’s Guide 64 Figure 21 Internet Connection with PPPoA The following table describes the fields in this screen. • If the user name and/or password you ente red for PPPoE or PPPoA connection are not correct, the screen disp lays as shown next. Click Back to Username and Password [...]

  • Página 65

    Chapter 3 Internet and Wireless Setup Wizard P-2602H(W)(L)-DxA User’s Guide 65 Figure 22 Connection T est Failed-1 • If the following screen displays, check if your account is activated or click Restart the Internet/Wir eless Setup Wizard to verify your In ternet access settings. Figure 23 Connection T est Failed-2. 3.3 Wireless Connection Wiza[...]

  • Página 66

    Chapter 3 Intern et and Wireless Setup Wizar d P-2602H(W)(L)-DxA User’s Guide 66 Figure 24 Connection T est Successful 2 Use this screen to activate the wireless LAN and OTIST . Click Next to continue. Figure 25 Wireless LAN Setup Wizard 1 The following table describes the labels in this screen. T able 10 Wireless LAN Setup Wizard 1 LABEL DESCRIP[...]

  • Página 67

    Chapter 3 Internet and Wireless Setup Wizard P-2602H(W)(L)-DxA User’s Guide 67 3 Configure your wireless settin gs in this screen. Click Next . Figure 26 Wireless LAN The following table describes the labels in this screen. " The wireless stations and ZyXEL Device must use the same SSID, channel ID and WEP encryption key (if WEP is enabled),[...]

  • Página 68

    Chapter 3 Intern et and Wireless Setup Wizar d P-2602H(W)(L)-DxA User’s Guide 68 3.3.1 Manually Assign a WP A key Choose Manually assign a WP A key in the W ireless LAN setup screen to set up a Pre- Shar ed Key . Figure 27 Manually Assign a WP A key The following table describes the labels in this screen. 3.3.2 Manually Assign a WEP Key Choose Ma[...]

  • Página 69

    Chapter 3 Internet and Wireless Setup Wizard P-2602H(W)(L)-DxA User’s Guide 69 The following table describes the labels in this screen. 5 Click Apply to save your wireless LAN settings. Figure 29 Wireless LAN Setup 3 6 Use the read-only summary table to check whet her what you have confi gured is correct. Click Finish to complete and save the wiz[...]

  • Página 70

    Chapter 3 Intern et and Wireless Setup Wizar d P-2602H(W)(L)-DxA User’s Guide 70 Figure 30 Internet Access and WLAN Wizard Se tup Complete 7 Launch your web browser and navigate to www .zyxel.com. Internet access is just the beginning. Refer to the rest of this guide for more detailed inform ation on the complete range of ZyXEL Device features. I[...]

  • Página 71

    P-2602H(W)(L)-DxA User’s Guide 71 C HAPTER 4 VoIP Wizard And Example This chapter shows you how to configure your SIP account(s) and make a V oIP phone call. 4.1 Introduction The ZyXEL Device has V oice over IP (V oIP) communication capabili ties that allow you to use a traditional analog telephone to make In ternet ca lls. Y ou can configure the[...]

  • Página 72

    Chapter 4 VoIP Wizard And Example P-2602H(W)(L)-DxA User’s Guide 72 Figure 32 Select a Mode 2 Click V OICE OVE R INTERNET SETUP to configure your SIP settings. Figure 33 Wizard: Welcome 3 Fill in the V OICE OVER INTERNET SETUP wizard screen with the information provided by your V oIP service provider . Y our V oIP service provider supplies you wi[...]

  • Página 73

    Chapter 4 VoIP Wizard A nd Example P-2602H(W)(L)-DxA User’s Guide 73 Figure 34 V oIP Wizard Configurat ion The following table describes the labels in this screen. Username V oIPUser This is the us ername you use to lo gin to your SIP account. Password Password This is the password you use to login to your SIP account. T able 15 VoIP Wizard Confi[...]

  • Página 74

    Chapter 4 VoIP Wizard And Example P-2602H(W)(L)-DxA User’s Guide 74 4 Y our ZyXEL Device will attempt to register your SIP account with your V oIP service provider . When your a ccount is registered your PHONE 1 light will co me on and you are ready to make and receive V oIP phone calls . Figure 35 SIP Registration T est 5 This screen displays if[...]

  • Página 75

    Chapter 4 VoIP Wizard A nd Example P-2602H(W)(L)-DxA User’s Guide 75 Figure 37 V oIP Wizard Finish 7 T o call other V oIP users, you need to follow a similar proces s to ensure that their SIP account is registered and active. After it is re gistered, they need to provide you with their SIP number . Y ou can us e your V oIP service pr ovider ’ s[...]

  • Página 76

    Chapter 4 VoIP Wizard And Example P-2602H(W)(L)-DxA User’s Guide 76[...]

  • Página 77

    P-2602H(W)(L)-DxA User’s Guide 77 C HAPTER 5 Bandwidth Management Wizard This chapter shows you how to configure basic bandwidth management using the wizard screens. 5.1 Introduction Bandwidth management allows y o u to control the amount of bandwidth going out through the ZyXEL Device’ s W AN port and p rioritize the distribution of the bandwi[...]

  • Página 78

    Chapter 5 Bandwid th Management Wizard P-2602H(W)(L)-DxA User’s Guide 78 Figure 39 Wizard: Welcome 3 Select Active to allocate ba ndwidth to pa ckets based on the packet size. Figure 40 Bandwidt h Management Wizard: General Information The following fields describe the label in this screen. 4 Follow the on-screen in structions and click Finish to[...]

  • Página 79

    Chapter 5 Bandwidth Manage ment Wizard P-2602H(W)(L)-DxA User’s Guide 79 Figure 41 Bandwid th Management Wizard: Complete[...]

  • Página 80

    Chapter 5 Bandwid th Management Wizard P-2602H(W)(L)-DxA User’s Guide 80[...]

  • Página 81

    81 P ART III Advanced S tatus Screens (83) WA N S e t u p ( 9 3 ) LAN Setup (105) W ireless LAN (1 17) Network Address T ranslation (NA T) Screens (137) Vo i c e ( 1 4 9 ) V oIP Trun king (175) Phone Usage (191) Firewalls (195) Firewall Configuration (207) Content Filtering (227) Introduction to IPSec (231) VPN Screens (237) Certificates (263) S ta[...]

  • Página 82

    82[...]

  • Página 83

    P-2602H(W)(L)-DxA User’s Guide 83 C HAPTER 6 Status Screens Use the St a t u s screens to look at the current status of the device, system resources, interface s (LAN and W AN), and SIP ac counts. Y ou can also register and unregister SIP accounts. The St a t u s screen also provides detailed informatio n from Any IP and DHCP and statistics from [...]

  • Página 84

    Chapter 6 Sta tus Screens P-2602H(W)(L)-DxA User’s Guide 84 Each field is described in the following table. T able 17 Status Screen LABEL DESCRIPTION Refresh Interval Enter how often you want the ZyXEL Device to upda te this screen. Apply Click this to update this screen immediatel y . Device Information Host Name This field displays the ZyXEL De[...]

  • Página 85

    Chapter 6 Status Screens P-2602H(W)(L)-DxA User’s Guide 85 Secur ity Firewall This displays whether or not the ZyXEL Device’s firewall is activated. Click this to go to the screen w here you can change it. Content Filter This displays whether or not the Zy XEL Devi ce’s content filtering is activated. Click this to go to the screen where you [...]

  • Página 86

    Chapter 6 Sta tus Screens P-2602H(W)(L)-DxA User’s Guide 86 6.2 Any IP T able Click S tatus > AnyIP T able to access this screen. Use this screen to view the IP addres s and MAC address of each computer that is using the ZyXEL Device but is in a different subnet than the ZyXEL Device. Figure 43 Any IP T able VPN S tatus Click this link to view[...]

  • Página 87

    Chapter 6 Status Screens P-2602H(W)(L)-DxA User’s Guide 87 Each field is described in the following table. 6.3 WLAN S t atus (“W” models only) Click St a t u s > W L A N St a t u s to access this screen. Use this screen to view the wireless stations that are currently ass ociated to the ZyXEL Device. Figure 44 WLAN S t atus The following t[...]

  • Página 88

    Chapter 6 Sta tus Screens P-2602H(W)(L)-DxA User’s Guide 88 Figure 45 Packet S tatistics The following table describes th e fields in this screen. T able 20 Packet S tatistics LABEL DESCRIPTION System Monitor System up T ime Thi s is the elapsed time the system has been up. Current Date/T ime This field displays your Z yXEL Device’s present dat[...]

  • Página 89

    Chapter 6 Status Screens P-2602H(W)(L)-DxA User’s Guide 89 6.5 V oIP St atistics Click St a t u s > V o I P St a t i s t i c s to access this screen. Figure 46 V oIP S tatistics Each field is described in the following table. Interface This field displays either Et hernet (LAN ports) or Wireless (WLAN port). S tatus For the LAN ports, this fie[...]

  • Página 90

    Chapter 6 Sta tus Screens P-2602H(W)(L)-DxA User’s Guide 90 Registration This field displays the current regi stration status of the SIP account. Y ou ca n change thi s in the Stat us screen. Registered - The SIP account is registered with a SIP server . Register Fail - The last time the ZyXEL Device tried to register the SIP account with the SIP[...]

  • Página 91

    Chapter 6 Status Screens P-2602H(W)(L)-DxA User’s Guide 91 Poll Interval(s) Enter how often you want the Z yXEL Device to update this screen, and clic k Set Interval . Set Interval Click this to make the ZyXEL De vice update the screen ba sed on the amount of time you specified in Poll Interval . S top Click this to make the ZyXEL Device stop upd[...]

  • Página 92

    Chapter 6 Sta tus Screens P-2602H(W)(L)-DxA User’s Guide 92[...]

  • Página 93

    P-2602H(W)(L)-DxA User’s Guide 93 C HAPTER 7 WAN Setup This chapter describes how to configure W AN settings. 7.1 W AN Overview A W AN (Wide Area Network) is an outside conn ection to another network or the Internet. 7.1.1 Encap sulation Be sure to use the encapsulat ion method required by your ISP . The ZyXEL Device su pports the following metho[...]

  • Página 94

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 94 7.1.1.3 PPPoA PPPoA stands for Point to Point Protocol over A TM Adaptation Layer 5 (AAL5). A PPPoA connection functions like a dial -up Internet connection. The ZyXEL Device encapsulates the PPP session based on RF C1483 and sends it through an A TM PVC (Permanent V irtual Circuit) to the Int[...]

  • Página 95

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 95 7.1.4.1 IP Assignment with PPPoA or PPPoE Encap sulation If you have a dynamic IP , then the IP Address and ENET ENCAP Gateway fields are not applicable (N/A). If you have a static IP , then you only need to fill in the IP Addr e ss field and not the ENET ENCAP Gateway field. 7.1.4.2 IP Assign[...]

  • Página 96

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 96 For example, if the normal route has a metric of "1" and the traffic-redirect route has a metric of "2" and dial-backup route has a metric of "3", then the normal route acts as the primary default route. If the normal rout e fails to connect to the Intern et, the [...]

  • Página 97

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 97 7.3.1 A TM T raffic Classes These are the basic A TM traffic classes define d by the A TM Forum Traf fic Ma nagement 4.0 Specification. 7.3.1.1 Const ant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent. CBR traffic is gener[...]

  • Página 98

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 98 7.5 Internet Access Setup Use this screen to change your ZyXEL Device’ s W AN remote node settings. Click Network > W AN > Inter net Access Setup . The screen differs by the encapsulation you select. See Section 7.1 on page 9 3 for more information. Figure 48 Internet Access Setup (PPP[...]

  • Página 99

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 99 Multiplexing Select the method of multiplexin g used by your ISP from the drop-down list. Choices ar e VC or LL C . Virtual Circuit ID VPI (V irtual Path Identifier) and VCI (Virtual Channel Identifier) define a virtual circuit. Refer to the appendix for more information. VPI The valid range f[...]

  • Página 100

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 100 7.5.1 Advanced Internet Access Setup Use this screen to edit your ZyXEL Devi ce's advanced W AN settings. Click the Advanced Setup button in the Inter net Access Setup screen. The screen a ppears as shown. Figure 49 Advanced Internet Access Setup The following table describes the labels [...]

  • Página 101

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 101 7.6 W AN More Connections The ZyXEL Device allows you to configure more than one Internet access connection. T o configure additional Internet access connections click Network > W AN > More Connections . The screen differs by the encapsulation you select. Multicast Multicast packets ar [...]

  • Página 102

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 102 Figure 50 W AN More Connections The following table describes the labels in this screen. 7.7 T raffic Redirect T raffic redirect forwards traf fic to a backup gate way when the ZyXEL Device cannot connect to the Internet. An example is shown in the figure below . Figure 51 T raffic Redirect E[...]

  • Página 103

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 103 The following network topology allows you to avoid triangle route security issues when the backup gateway is co nnected to the LAN. Use IP alias to configure the LAN into two or three logical networks with the ZyXEL Device itself as the gateway for each LAN network. Put the protected LAN in o[...]

  • Página 104

    Chapter 7 WAN Setup P-2602H(W)(L)-DxA User’s Guide 104 The following table describes the labels in this screen. T able 25 W AN Backup Setup LABEL DESCRIPTION Backup T ype Select the method that the ZyXEL Device uses to check the DSL connection. Select DSL Link to have the ZyXEL Device check if the connection to the DSLAM is up. Select ICMP to hav[...]

  • Página 105

    P-2602H(W)(L)-DxA User’s Guide 105 C HAPTER 8 LAN Setup This chapter describes how to configure LAN settings. 8.1 LAN Overview A Local Area Network (LAN) is a shared comm unication system to which many computers are attached. A LAN is a computer network lim ited to the immediate area, usually the same building or floor of a building. The LAN scre[...]

  • Página 106

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 106 8.1.2 DHCP Setup DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server . Y ou ca n configure the ZyXEL Device as a DHCP server or disable it. When configured as a server , the ZyXEL Device provides[...]

  • Página 107

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 107 8.3.1 IP Address and Subnet Mask Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number . Where you obtain your netwo rk number depends on your particular situation. If the ISP or your network administrator assigns yo u a[...]

  • Página 108

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 108 8.3.2 RIP Setup RIP (Routing Information Protocol) allows a ro uter to e xchange rou ting information with other routers. The RIP Direction field controls the sending a nd receiving of RIP packets. When set to: • Both - the ZyXEL Device will broadcast its routin g table periodically an d in[...]

  • Página 109

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 109 8.3.4 Any IP T raditionally , you must set the IP addresses an d the subnet masks of a computer and the ZyXEL Device to be in the same subnet to allo w the computer to access the Internet (through the ZyXEL Device). In cases where your computer is required to use a static IP address in anothe[...]

  • Página 110

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 11 0 The following lists out the steps taken, when a co mputer tries to access the Internet for the first time through the ZyXEL Device. 1 When a computer (which is in a different su bnet) first attempts to access the Internet, it sends packets to its defa ult gateway (which is not the ZyXEL Devi[...]

  • Página 111

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 111 8.4.1 Configuring Advanced LAN Setup Use this screen to edit your ZyXEL Device's RIP , multicast, any IP and W indows Networking settings. Click the Advanced Setup button in the LAN IP scree n. The screen appears as shown. Figure 56 Advanced LAN Setup The following table describes the la[...]

  • Página 112

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 11 2 8.5 DHCP Setup Click Network > D HCP Setup to open this screen. Use this screen to configure the DNS server information that the ZyXEL Device sends to the DHCP client devi ces on the LAN. Figure 57 DHCP Setup The following table describes the labels in this screen. Allow between LAN and W[...]

  • Página 113

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 11 3 8.6 LAN Client List This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Med ia Access Control) addre ss. The MAC address is assigned at the factory and consists of six pairs of hexadec [...]

  • Página 114

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 11 4 Figure 58 LAN Client List The following table describes the labels in this screen. 8.7 LAN IP Alias IP alias allows you to partition a physical network into dif fer ent logical networks over the same Ethernet interface. The ZyXEL Device s upports three logical LA N interfaces via its single [...]

  • Página 115

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 11 5 When you use IP alias, you can also configur e firewall rules to control access between the LAN's logical networ ks (subnets ). " Make sure that the subnets of t he logical networ ks do not overlap. The following figure shows a LAN divided into subnets A, B, and C. Figure 59 Physic[...]

  • Página 116

    Chapter 8 LAN Setup P-2602H(W)(L)-DxA User’s Guide 11 6 The following table describes the labels in this screen. T able 30 LAN IP Alias LABEL DESCRIPTION IP Alias 1, 2 Sele ct the check box to confi gure another LAN network for the ZyXEL Devi ce. IP Address Enter the IP address of your ZyXEL Device in dotted decimal notation. Alternatively , clic[...]

  • Página 117

    P-2602H(W)(L)-DxA User’s Guide 11 7 C HAPTER 9 Wireless LAN This chapter discusses how to configure the wire less network settings in your ZyXEL Device. See the appendices for more de tailed information about wirele ss networks. This chap ter applies to the “W” models only . 9.1 Wireless Network Overview The following figure provides an examp[...]

  • Página 118

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 11 8 Like radio stations or television channels, e ach wireless network uses a s pecific channel, or frequency , to send and receive information. • Every device in the same wireless networ k must use security compatible with the AP . Security stops unauthorized devices from using the wireles[...]

  • Página 119

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 11 9 Unauthorized wireless devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and p assword. Then, they can use that user name and passwor[...]

  • Página 120

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 120 9.2.5 One-T ouch Intelligent S ecurity T echnology (OTIST) W ith ZyXEL ’ s OTIST , you set up the SSID an d th e encryption (WEP or WP A-PSK) on the ZyXEL Device. Then, the ZyXEL Device transfer s them to the devices in the wireless networks. As a result, you do not have to set up the SS[...]

  • Página 121

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 121 9.5 General WLAN Screen " If you are configuring t he ZyXEL Device from a co mputer connected to the wireless LAN and you change the ZyXEL Device’s SSID or WEP settings, you will lose your wireless connection when you press Apply to confirm. Y ou must then change the wireless sett i[...]

  • Página 122

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 122 The following table describes the labels in this screen. 9.5.1 No Security Select No Security to allow wireless stations to commun icate with the access points without any data encryption. " If you do not enable any wi reless security on your Zy XEL Device, your network is accessible [...]

  • Página 123

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 123 Figure 63 Wireless: No Security The following table describes the labels in this screen. 9.5.2 WEP Encryption Screen In order to configure and enable WEP encryption; click Network > Wir eles s LAN to display the General sc reen. Select S tatic WEP from the Security Mode list. Figure 64 [...]

  • Página 124

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 124 The following table describes the wireless LAN security labels in this screen. 9.5.3 WP A(2)-PSK In order to configure and enable WP A(2)-PSK authentication; click Network > Wir eless LAN to display the Ge neral screen. Select WP A-PSK or WP A2-PSK from the Security Mode list. Figure 65[...]

  • Página 125

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 125 9.5.4 WP A(2) Auth entication Screen In order to configure and enable WP A Authentication; click the Wir eless LAN link under Network to display the Wir e less screen. Select WP A or WP A2 from the Security list. Pre-Shared Key The en cryption mechanisms used for WP A(2) and WP A(2)-PSK ar[...]

  • Página 126

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 126 Figure 66 Wirele ss: WP A(2) The following table describes the wireless LAN security labels in this screen. T able 37 Wireless: WPA(2) LABEL DESCRIPTION Security Mode Choose WP A or WP A2 from the drop-d own list box. WP A Compatible This field is only available fo r WP A2. Se lect this if[...]

  • Página 127

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 127 9.5.5 Wireless LAN Advanced Setup T o configure advanced wi reless settings, click the Advanced Setup button in the General screen. The screen appears as shown. Figure 67 Advanced The following table describes the labels in this screen. Authentication Serve r IP Address Enter the IP addres[...]

  • Página 128

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 128 9.6 OTIST Screen Use this screen to set up and start OTIST on the ZyXEL Device in yo ur wirele ss network.T o open this screen, click Network > Wir eles s LAN > OTIST . " Ensure that your network’s SSID is fe wer than 23 characters in length before you start OTIST . Click WIRE[...]

  • Página 129

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 129 The following table describes the labels in this screen. Before you click St a r t , you should enable OTIST on all the OTIST -enabled devices in the wireless network. For most devices, follow these steps. 1 Start the ZyXEL utility 2 Click the Adapter tab. 3 Select the OTIST check box, and[...]

  • Página 130

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 130 Figure 70 OTIST : Settings Y ou can use the key in this screen to set up WP A-PSK encryptio n manually for non-OTIST devices in the wireless network. Review the settings, and click OK . The ZyXEL Device begins transferring OTIST settings. The following screens appear in the Zy XEL Device a[...]

  • Página 131

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 131 Figure 73 S tart OTIST? 2 If an OTIST -enabled wireless device loses its wireless connection for more than ten seconds, it will search for an OTIST -enabled AP for up to one minute. (If you manually have the wireless device searc h for an OT IST -enabled AP , there is no timeout; click Can[...]

  • Página 132

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 132 Figure 74 MAC Addres s Filter The following table describes the labels in this screen. T able 40 MAC Address Filter LABEL DESCRIPTION Active MAC Filter Select the check box to en able MAC address filtering. Filter Action Define the filter action for the list of MAC addresses in the MAC Add[...]

  • Página 133

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 133 9.8 QoS Screen The QoS screen allows you to au tomatically give a service (such as e-mail, V oIP or FTP) a priority level. Click Network > Wi reless LAN > QoS . The following screen displays. Figure 75 Wireless LAN: QoS The following table describes the fields in this screen. T able [...]

  • Página 134

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 134 9.8.1 Application Pr iority Configuration Use this screen to edit a WMM QoS appli cation entry . Click the edit icon under Modify . The following screen displays. Figure 76 Application Priority Configuration See Appendix F on page 4 17 for a list of commonly-used ser vices and destination [...]

  • Página 135

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 135 Service The following is a description of the applications you can pri oritize with WMM QoS. Select a service from the drop-down list box. • E-Mail Electronic mail consists of message s sent th rough a computer n etwork to specific groups or indivi duals. Here are so me default ports for[...]

  • Página 136

    Chapter 9 Wireless LAN P-2602H(W)(L)-DxA User’s Guide 136[...]

  • Página 137

    P-2602H(W)(L)-DxA User’s Guide 137 C HAPTER 10 Network Address Translation (NAT) Screens This chapter discusses how to configure NA T on the ZyXEL Device. 10.1 NA T General Overview NA T (Netw ork Address T ransl ation - NA T , RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing pac[...]

  • Página 138

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 138 10.1.2 What NA T Does In the simplest form, NA T changes the sour ce IP address in a packet received from a subscriber (the inside local address) to anothe r (the inside global address) before forwarding the packet to the W AN side. When the resp onse comes ba[...]

  • Página 139

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 139 Figure 78 NA T Application With IP Alias 10.1.5 NA T Mapping T ypes NA T suppo rts five types of IP/port mapping. They are: • One to One : In One-to-One mode, the ZyXEL Devi ce maps one local IP address to one global IP address. • Many to One : In Many-to-[...]

  • Página 140

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 140 The following table summarizes these types. 10.2 SUA (Single User Account) V ersus NA T SUA (Single User Account) is a ZyNOS implemen tation of a subset of NA T that supports two types of mapping, Many-to-One and Server . The ZyXEL Device also supports Full Fe[...]

  • Página 141

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 141 Figure 79 NA T General The following table describes the labels in this screen. 10.4 Port Forwarding A port forwarding set is a list of inside (behind NA T on the LAN) servers, for example, web or FTP , that you can make visible to the outsid e world even thou[...]

  • Página 142

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 142 Many residential broadband ISP accounts do no t allow you to run any server processes (such as a W eb or FTP server) from your location. Y our ISP may periodically check for servers and may suspend your account if it discovers any active services at yo ur loca[...]

  • Página 143

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 143 10.5 Configuring Port Forwarding " If you do not assign a Default Server IP address, the Zy XEL Device discards all packet s received for ports that are not specified here or in the remote management setup. Click Network > NA T > Port Forwarding to [...]

  • Página 144

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 144 10.5.1 Port Forwarding Rule Edit Use this screen to edit a port forwarding rule. Cl ick the rule’ s edit icon in the Port Forwarding screen to display the screen show n next. Figure 82 Port Forwarding Rule Setup The following table describes th e fields in t[...]

  • Página 145

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 145 10.6 Address Mapping Note: The Address Mapping screen is available only when you select Ful l Feature in the NA T > General screen. Ordering your rules is important because the Zy XEL Device applies the rules in the order that you specify . When a rule matc[...]

  • Página 146

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 146 10.6.1 Address Mapping Rule Edit T o edit an address mapping rule, click the rule’ s edit icon in the Address Mapping screen to display the screen shown next. Ty p e 1-1 : One-to-one mode maps one local IP address to one global IP address. Note that port num[...]

  • Página 147

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 147 Figure 84 Edit Address Mapping Rule The following table describes th e fields in this screen. T able 49 Edit Address Mapping Rule LABEL DESCRIPTION Ty p e Choose the port mapping typ e from one of the following. One-to-One : One-to-One mode maps one local IP a[...]

  • Página 148

    Chapter 10 Network Address Translation (NAT) Screens P-2602H(W)(L)-DxA User’s Guide 148 10.6.2 SIP ALG Some NA T routers may include a SIP Application Layer Gate way (ALG). A SIP ALG allows SIP calls to pass through NA T by examining an d translating IP addr esses embedded in the data stream. When the ZyXEL Device register s with the SIP register[...]

  • Página 149

    P-2602H(W)(L)-DxA User’s Guide 149 C HAPTER 11 Voice This chapter provides background informatio n on V oIP and SIP and explains how to configure your device’ s voice settings. 1 1 .1 Introduction to V oIP V o IP is the sending of voice signals over Inte rnet Protocol. This allows you to make phone calls and send faxes over the In ternet at a f[...]

  • Página 150

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 150 1 1.2.1.2 SIP Service Domain The SIP service domain of the V oIP service provid er is the domain name in a S IP URI. For example, if the SIP address is 1 122334455@V oIP-provider .com , then “V oIP-provider .com” is the SIP service domain. 1 1.2.2 SIP Call Progression The following figure di[...]

  • Página 151

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 151 Figure 86 SIP User Agent 1 1.2.3.2 SIP Proxy Server A SIP proxy server receives requests from clie nts and forward s them to another server . In the following example, you want to use client device A to call someone who is using client device C. 1 The client de vice (A in the figure) sends a cal[...]

  • Página 152

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 152 Figure 88 SIP Redirect Server 1 1.2.3.4 SIP Register Server A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your u ser name and password when you register . 1 1.2.4 RTP When you make a V oIP call using SIP , the R TP ([...]

  • Página 153

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 153 • G .729 is an Analysis-by-Synthe sis (AbS) hybrid waveform co dec that uses a filter based on information about how the human vocal tract produces sounds. G .729 provides good sound quality and reduces the re quired bandwidth to 8 kbps. 1 1.2.7 PSTN Call Setup Signaling Dual-T one MultiFreque[...]

  • Página 154

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 154 1 Pick up the phone and press “****” on yo ur phone’ s keypad and wait for the message that says you are in the configuration menu. 2 Press a number from 1201~1208 followed by the “#” key to listen to the tone. 3 Y ou can continue to add, listen to, or delete tones, or you can hang up [...]

  • Página 155

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 155 Figure 89 Diff Serv: Differentiated Service Field The DSCP value determines the forwardi ng behavior , the PHB (Per-Hop Behavior), that each packet gets across the DiffServ network. Base d on the marking ru le, different kinds of traf fic can be marked for different priorities of fo rwarding. Re[...]

  • Página 156

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 156 Each field is described in the following table. 1 1 .5 Advanced SIP Setup Screen Click V oIP > SIP > SIP Settings to open the SIP Settings screen. Select a SIP account and click Advanced Setup to open the Advanced SIP Setup screen. Use this screen to maintain advanced settings for each SIP[...]

  • Página 157

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 157 Figure 91 V oIP > SIP Settings > Advanced Each field is described in the following table. T able 54 VoIP > SIP Settings > Advanced LABEL DESCRIPTION SIP Account This field displ ays the SIP account you see in this screen. SIP Server Settings[...]

  • Página 158

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 158 URL T ype Select whether or not to include th e SIP service domain name when the ZyXEL Device sends the SIP number . SIP - include the SIP service domai n name. TEL - do not include the SIP service domain name. Expirat ion Duration Enter the number of seconds yo ur SIP acc ount is registered wit[...]

  • Página 159

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 159 Enable Select this if your V oIP service provi der has a SIP ou tbound server to hand le voice calls. This allows the ZyXEL Device to work with any type of NA T router and eliminates the need for STUN or a SIP ALG . T urn off any SIP ALG on a NA T router in front of the ZyXEL Device to keep it f[...]

  • Página 160

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 160 1 1 .6 SIP QoS Screen Use this screen to maintain T o S and VLAN se ttings for the ZyXEL De vice. T o access this screen, click V oIP > SIP > QoS . Figure 92 SIP > QoS Each field is described in the following table. 1 1 .7 Phone Y ou can configure the volume, ec ho cancellation and V AD[...]

  • Página 161

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 161 1 1.7.2 Comfort Noise Generation When using V AD, the ZyXEL Device generates comfort noise when the othe r party is not speaking. The comfort noise lets you know that th e line is still connected as total silence could easily be mistaken for a lost connection. 1 1.7.3 Echo Cancellation G .168 is[...]

  • Página 162

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 162 1 1 .9 Advanced Analog Phone Setup Screen Use this screen to edit advanced settings for eac h phone port. T o access this screen, click Advanced Setup in V oIP > Phone > Analog Phone . Figure 94 Phone > Analog Phone > Advanced PSTN Line (“L” models only) Select this if you want t[...]

  • Página 163

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 163 Each field is described in the following table. 1 1 .10 Common Phone Settings Screen Use this screen to activate and deactivate imme diate dialing and set up call fallback. T o acce ss this screen, click V oIP > Phone > Common . T able 57 Phone > Analog Phone > Advanced LABEL DESCRIP[...]

  • Página 164

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 164 Figure 95 Phone > Common Each field is described in the following table. 1 1 .1 1 Phone Services Overview Supplementary services such as call hold, call waiting, call transfer , etc. are generally available from your V oIP service provider . Th e ZyXEL Device supports the following services: [...]

  • Página 165

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 165 • Three-W ay Conference • Internal Calls • Call Park and Pickup • Do not Disturb " T o take full advant age of the supplem entary phone services available through the ZyXEL Device's phone ports, you may need to s ubscribe to the services from your V oIP service provider . 1 1.1[...]

  • Página 166

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 166 If you have anothe r call, press the flash key an d then “ 2” to switch back and forth between caller A and B by putting either one on hold. Press the flash key and then “0” to disconnect th e call presently on hold and keep the current call on line. Press the flash key and then “1” [...]

  • Página 167

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 167 After pressing the flash key , if you do not issue the sub-command before the default sub- command timeout (2 seconds) expires or issue an invalid sub-command, the current operation will be aborted. 1 1.1 1.3.1 USA Call Hold Call hold allows you to put a call ( A ) o n hold by pressing the flash[...]

  • Página 168

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 168 1 1 .12 Phone Region Screen Use this screen to maintain settings that de pend on which region of the world the ZyXEL Device is in. T o access this screen, click V oIP > Phone > Region . Figure 96 V oIP > Phone > Region Each field is described in the following table. 1 1 .13 S peed Di[...]

  • Página 169

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 169 Figure 97 Phone Book > S peed Dial Each field is described in the following table. T able 62 Phone Book > Speed Dial LABEL DESCRIPTION S peed Dial Use this sectio n to create or edit spee d-dial entries. # Select the speed-dial number you want to use for this p hone number . Number Enter t[...]

  • Página 170

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 170 1 1 .14 Incoming Call Policy Screen Use this screen to maintain rules for handlin g inco ming calls. Y ou can block, redirect, or accept them. T o a ccess this screen, click V oIP > Phone Book > In coming Call Policy . Figure 98 Phone Book > Incoming Call Policy Modify Use this field to[...]

  • Página 171

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 171 Y ou can create two sets of c all-forwarding rules. Each one is stored in a call-forwarding table. Each field is described in the following table. T able 63 Phone Book > Incoming Call Policy LABEL DESCRIPTION T able Number Select the call-forwardi ng table you want to see in this screen. If y[...]

  • Página 172

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 172 1 1 .15 Distinctive Ring Screen This screen lets you specify ring types for ca lls from particular numbers. The ring types vary by ring duration and stop rin g duration (the time gap b e tween the rings). Any standard phon e is compatible with this feature. When an incoming call comes in, the Zy[...]

  • Página 173

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 173 1 1 .16 PSTN Line (“L” models only) W ith PSTN line you can make an d receive regular PSTN phone call s. Use a prefix number to make a regular call. When the device d oes not have power , you can make regular calls without dialing a prefix number . 1 When the ZyXEL Device does not have power[...]

  • Página 174

    Chapter 11 Voice P-2602H(W)(L)-DxA User’s Guide 174 Y ou can also use the PSTN Line screen to specify phone number s that should always use the regular phone servi c e (without having to dial a prefix number). Do this for emer gency numbers (like those for co ntacting police, fire or emergency medical services). 1 1 .17 PSTN Line Screen (“L” [...]

  • Página 175

    P-2602H(W)(L)-DxA User’s Guide 175 C HAPTER 12 VoIP Trunking Use these screens to configure V oIP trun king on your ZyXEL Device. 12.1 V oIP T runking Overview V oIP trunking connects an IP network (like th e Internet) and the Pub lic Switched T elephone Network (PSTN). PSTN includes the world’ s ci rcuit-switched telephone network which is com[...]

  • Página 176

    Chapter 12 VoIP Tru nking P-2602H(W)(L)-DxA User’s Guide 176 Other settings controlled by the au to attendant include a time lim it to decide whether you want to forward a call from the ZyXEL Device or ca ll the phone directly connected to the ZyXE L Device. When you call into your ZyXEL Device you can request to forward a call to another phone n[...]

  • Página 177

    Chapter 12 VoIP Tr unking P-2602H(W)(L)-DxA User’s Guide 177 12.3 Call Rules Call rules automate the forwarding of calls, first to a remote peer device and then to PSTN phones. This is used when you make frequent calls to several PSTN numbers in the same geographic ar ea that start with the same numbers (for example an area code). If there is a r[...]

  • Página 178

    Chapter 12 VoIP Tru nking P-2602H(W)(L)-DxA User’s Guide 178 Figure 103 PSTN Phone T o V oIP Phone 12.4.3 PSTN Phone T o PSTN Phone via V o IP A PSTN phone A ma kes a call to the ZyXEL De vice B . B connects to a peer device C and C forwards the call to a PSTN phone D . Figure 104 PSTN Phone T o PSTN Phone via V oIP 12.5 T runking General Screen [...]

  • Página 179

    Chapter 12 VoIP Tr unking P-2602H(W)(L)-DxA User’s Guide 179 Each field is described in the following table. 12.6 T runking Peer Call Screen Use this screen to set up outgoing authentica tion accounts for forwardi ng calls through peer devices (without proxy) an d inco ming authentication accounts fo r forwarding calls from peer devices. T o acce[...]

  • Página 180

    Chapter 12 VoIP Tru nking P-2602H(W)(L)-DxA User’s Guide 180 Figure 106 V oIP > Trunki ng > Peer Call Each field is described in the following table. T able 69 VoIP > Trunking > Peer Call LABEL DESCRIPTION Outgoing Authentication Y ou need to set up accounts for the peer devic es you use in V oIP trunking. This is the IP address of th[...]

  • Página 181

    Chapter 12 VoIP Tr unking P-2602H(W)(L)-DxA User’s Guide 181 12.7 T runking Call Rule Screen Use this screen to set up rules that determ ine which peer V oIP de vice your call will be forwarded to. T o acce ss this screen, click V oIP > T runking > Call Rule . Password Enter the corresponding password for the username you entered. The remo [...]

  • Página 182

    Chapter 12 VoIP Tru nking P-2602H(W)(L)-DxA User’s Guide 182 Figure 107 V o IP > T runking > Call Rule Each field is described in the following table. T able 70 VoIP > Trunking > Call Rule LABEL DESCRIPTION # This is a read-only index number of the call rules. Pattern A Pattern is used w hen you call your ZyXEL Device fro m a PSTN pho[...]

  • Página 183

    Chapter 12 VoIP Tr unking P-2602H(W)(L)-DxA User’s Guide 183 12.8 V oIP T runking Example: V oIP to PSTN This example shows how to configure V o IP to PSTN trunking to save on long distance calls. 12.8.1 Background Information A company has its headquarters in city A and a br anch office in city B. The headquarters often needs to call salespeople[...]

  • Página 184

    Chapter 12 VoIP Tru nking P-2602H(W)(L)-DxA User’s Guide 184 Figure 109 V oIP to PSTN Example - S peed Dial Screen 2 An outgoing authentication acco unt needs to be configure d. Th is account consists of the IP address and port number of the branch office ZyXEL Device as well as the username and password for authentication. This userna me and pas[...]

  • Página 185

    Chapter 12 VoIP Tr unking P-2602H(W)(L)-DxA User’s Guide 185 Figure 1 1 1 V oIP to PSTN Example - Incoming Authentication 12.8.4 Call Progression The advantage of this kind of V oIP trunking is that once all the configur ation is completed, the caller just has to dial a speed dial entry from a phone connected to their ZyXEL Device and the peer de[...]

  • Página 186

    Chapter 12 VoIP Tru nking P-2602H(W)(L)-DxA User’s Guide 186 12.9.1 Background Information A company has its headquarters in two different cities. The sales manager ( A ) from headquarters often needs to call salespeople ( D ) employed at the branch office. The sales manager often works away from the headquarters office and the sales employees of[...]

  • Página 187

    Chapter 12 VoIP Tr unking P-2602H(W)(L)-DxA User’s Guide 187 Figure 1 13 PSTN to PSTN Example: General Configuration 2 An outgoing authentication acco unt needs to be configure d. Th is account consists of the IP address and port number of the branch office ZyXEL Device as well as the username and password for authentication. This userna me and p[...]

  • Página 188

    Chapter 12 VoIP Tru nking P-2602H(W)(L)-DxA User’s Guide 188 Figure 1 15 PSTN to PSTN Example - Call Rule 12.9.3 Configurati on Det ails: Incoming The branch office ZyXEL Device needs to have an incoming authentication account configured. This consists of a username and p ass word. This account must match the username and password of the outgoing[...]

  • Página 189

    Chapter 12 VoIP Tr unking P-2602H(W)(L)-DxA User’s Guide 189 T able 72 PSTN to PSTN: VoIP Trunking Call Progression MANAGER HEADQUARTERS BRANCH OFFICE SALES1 The manager dials the PSTN number of th e headquarters’ ZyXEL Device. ( 222-222-2222 ) The ZyXEL Device receives the call and sends a ringback alert tone to indicate to th e ca ller that V[...]

  • Página 190

    Chapter 12 VoIP Tru nking P-2602H(W)(L)-DxA User’s Guide 190[...]

  • Página 191

    P-2602H(W)(L)-DxA User’s Guide 191 C HAPTER 13 Phone Usage This chapter describes how to use a phone conn ected to your ZyXEL Device for basic tasks. " Not all service provider s support all features. 13.1 Dialing a T elephone Number The PHONE LED turns green when your SIP account is registered. Dial a SIP number like “12345” on your pho[...]

  • Página 192

    Chapter 13 Phone Usage P-2602H(W)(L)-DxA User’s Guide 192 13.5 Checking the ZyXEL Device’ s IP Address Do the following to listen to the ZyXEL Device’ s current IP address. 1 Pick up your phone’ s receiver . 2 Press “****” on your phone’ s keypad and wait for the message that says you are in the configuration menu. 3 Press “5” fol[...]

  • Página 193

    Chapter 13 Phone Usage P-2602H(W)(L)-DxA User’s Guide 193 *98# Call transfer T ransfe r a call to another phone. See Sectio n 1 1.1 1.2 on page 165 (Europe type) and Section 1 1.1 1.3 on page 166 (USA type). *97# Call park Use these to place a call o n hold on one phone a nd then continue it on another (i f supported by your service provider). Se[...]

  • Página 194

    Chapter 13 Phone Usage P-2602H(W)(L)-DxA User’s Guide 194[...]

  • Página 195

    P-2602H(W)(L)-DxA User’s Guide 195 C HAPTER 14 Firewalls This chapter gives some back ground information on firewa lls and introduces the ZyXEL Device firewall. 14.1 Firewall Overview Originally , the term “firewall” referred to a construction techni que designed to prevent the spread of fire from one room to another . The ne tworking term ?[...]

  • Página 196

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 196 14.2.2 Application-level Firewalls Application-level firewalls restrict access by serv ing as proxies for e xternal servers. Since they use programs written for specific Internet servic es, such as HTTP, FTP and tel net, they can evaluate network packets for valid applicatio n-sp ecific data[...]

  • Página 197

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 197 14.3.1 Denial of Service Att acks Figure 1 17 Firewall Application 14.4 Denial of Service Denials of Service (DoS) attacks are aimed at devices and networks w ith a connection to the Internet. Their goal is not to st eal in formation, but to disable a device or ne twork so users no longer ha[...]

  • Página 198

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 198 14.4.2 T ypes of DoS Att acks There are four types of DoS attacks: 1 Those that exploit bugs in a TCP/IP implementation. 2 Those that exploit weaknesses in the TCP/IP specification. 3 Brute-force attacks that flood a network with useless data. 4 IP Spoofing. 5 " Ping of Death " and[...]

  • Página 199

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 199 Figure 1 19 SYN Flood •I n a LAND Attack , hackers flood SYN packets into the network with a spoofed source IP address of the targeted system . This makes it appear as if the host computer sent the packets to itself, making the sy stem unavailable while the target system tries to respond t[...]

  • Página 200

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 200 14.4.2.1 ICMP V ulnerability ICMP is an error -reporting protocol that works in concert with IP . The following ICMP types trigger an alert: 14.4.2.2 Illegal Commands (NetBIOS and SMTP) The only legal NetBIOS commands are the following - all others are illegal. All SMTP commands are illegal [...]

  • Página 201

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 201 are allowed in. The ZyXEL Device uses stateful packet inspection to protect the private LAN from hackers and vandals on the Internet. By de fault, the ZyXEL Device’ s stateful inspection allows all communications to the Internet that or iginate from the LAN, and blocks all traffic to the L[...]

  • Página 202

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 202 6 Later , an inbound packet reac hes the interface . This packet is part of the connection previously established with the outbound packet. The inbound packet is ev aluated against the inbound access list, and is permitted because of the temporary access list entry previously crea ted. 7 The[...]

  • Página 203

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 203 If an initiation packet originates on the LAN, this means that someone is trying to make a connection from the LAN to the In ternet. Assuming that this is an acceptable part of the security policy (as is the case w ith the default policy), the connection will be allowed. A cache entry is add[...]

  • Página 204

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 204 14.6 Guidelines for Enhancing Security with Y our Firewall • Change the default pa ssword. • Limit who can telnet into your router . • Don't enable any local service (such as SN MP or NTP) that you don't use. An y enabled service could present a potential security risk. A det[...]

  • Página 205

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 205 • Always shred confidential inform ation, particularly about your computer , before throwing it away . Some hackers dig through the trash of companies or indivi duals for information that might help them in an attack. 14.7 Packet Filtering Vs Firewall Below are some comparisons be tween th[...]

  • Página 206

    Chapter 14 Firewalls P-2602H(W)(L)-DxA User’s Guide 206 • T o selectively bloc k/allow inbound or outbound traffic between inside host/networks and outside host/networks. Remember that filters can not distinguish traf fic originating from an inside host or an ou tside host by IP address. • The firewall performs better than filtering if you ne[...]

  • Página 207

    P-2602H(W)(L)-DxA User’s Guide 207 C HAPTER 15 Firewall Configuration This chapter shows you how to enable and configure t he ZyXEL Device firewall. 15.1 Access Methods The web configurator is, by far , the most co mprehensive firewall configuration tool your ZyXEL Device has to offer . For this rea son, it is recommended that you config ure your[...]

  • Página 208

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 208 Y ou may define additional rules and sets or modify existing ones but please exercise extreme caution in doing so. " If you configure firewall rules without a good underst anding of how they work, you might inadvertently introduce securi ty risks to the fire wall and to th[...]

  • Página 209

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 209 2 Does this rule stop LAN us ers from accessing critical reso urces on the Internet? For example, if IRC is blocke d, are th ere us ers that require this service? 3 Is it possible to modify the rule to be more specific? For ex ample, if IRC is blocked for all users, will a rule[...]

  • Página 210

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 210 15.4.1 LAN to W AN Rules The default rule for LAN to W AN traf fic is that all users on the LAN are allowed non- restricted access to the W AN. When you config ure a LAN to W AN rule, you in essence want to limit some or all users from accessing cer tain services on the W A N. [...]

  • Página 211

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 21 1 The following table describes the labels in this screen. 15.6 Firewall Rules Summary " The ordering of your rules is very important as rules are applied in turn. Refer to Section 14.1 on page 195 for more information. Click Security > Firewall > Rules to bring up th[...]

  • Página 212

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 212 Figure 123 Firewall Rules The following table describes the labels in this screen. T able 79 Firewall Rules LABEL DESCRIPTION Firewall Rules S torage S pace in Use This read-only bar shows how much of the ZyXEL Device's memory for recording firewall rules it is currently u[...]

  • Página 213

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 213 15.6.1 Configuring Firewall Rules Refer to Section 14.1 on page 195 for more information. In the Rules screen, select an index number and click Add or click a rule’ s Edit icon to display this screen and refe r to the following table for information on the l a bels. Modify Cl[...]

  • Página 214

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 214 Figure 124 Firewall: Edit Rule The following table describes the labels in this screen. T able 80 Firewall: Edit Rule LABEL DESCRIPTION Activ e Select this option to enable this firewall rule. Action for Matched Packet Use the drop-down list box to select whether to discard ( D[...]

  • Página 215

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 215 Source/Destination Address Address T ype Do you want your rule to apply to packets with a p a rticular (single) IP , a range of IP addresses (for instance, 192.168.1.10 to 192.169.1.50), a subnet or a ny IP address? Select an option from the d rop-down list box that incl udes: [...]

  • Página 216

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 216 15.6.2 Customized Services Configure customized services and port number s not predefined by the ZyXEL Device. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website. See Appendix F on page 417 for some examples. Click[...]

  • Página 217

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 217 Figure 126 Firewall: Configure Customized Services The following table describes the labels in this screen. 15.7 Example Firewall Rule The following Internet firewa ll rule example allows a hypot hetical “MyService” connection from the Internet. 1 Click Security > Fir ew[...]

  • Página 218

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 218 Figure 127 Firewall Example: Rules 3 In the Rules screen, select the index number after that you want to add the rule. For example, if you select “6”, your new rule b ecomes number 7 and the previous rule 7 (if there is one) becomes rule 8. 4 Click Add to display the firewa[...]

  • Página 219

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 219 Figure 129 Firewall Example: Edit Ru le: Destination Address 9 Use the Add >> and Remove buttons between A vailable Services and Selected Services list boxes to configure it as follows. Click Apply when you are done. " Custom services show up with an “*” before t[...]

  • Página 220

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 220 Figure 130 Firewall Example: Edit Rule : Select Customized Services On completing the configuration procedure for this Internet firewall rule, the Rules screen should look like the following. Rule 1 allows a “MyService” connection from the W AN to IP addresses 10.0.0.10 thr[...]

  • Página 221

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 221 Figure 131 Firewall Example: Rules: MyService 15.8 DoS Thresholds For DoS attacks, the ZyXEL Device uses threshol ds to determine when to drop sessions that do not become fully established. These thresholds ap ply globally to all sessions. Y ou can use the default threshold v a[...]

  • Página 222

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 222 15.8.2 Half-Open Sessions An unusually high number of half-open sessions (either an absolute number or measured as the arrival rate) could indicate that a Denial of Service a ttack is occurring. For TCP , "half- open" means that the session has not reached the establi[...]

  • Página 223

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 223 Figure 132 Firewall: Threshold The following table describes the labels in this screen. T able 83 Firewall: Threshold LABEL DESCRIPTION DEF AUL T V ALUES Denial of Service Thresholds One Minute Low This is the rate of new half-open sessions that causes the firewall to stop dele[...]

  • Página 224

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 224 15.9 Firewall Commands The following describes the fi rewall command s . See the Com m and Interpreter appendix for information on the command structure. Each of these commands mu st be preceded by sys firewall when you use them. For example, type sys firewall active yes to tur[...]

  • Página 225

    Chapter 15 Firewall Configu ration P-2602H(W)(L)-DxA User’s Guide 225 disp Displays the firewall log type and count. clear Clears the firewall log count. pktdump Dumps the last 64 bytes of p a ckets that the firewall has dropped. dynamicrule display Displays the firewall ’s dynamic rules. tcprst rst T urns TCP reset sending on/off. rst113 T urn[...]

  • Página 226

    Chapter 15 Firewa ll Configuration P-2602H(W)(L)-DxA User’s Guide 226[...]

  • Página 227

    P-2602H(W)(L)-DxA User’s Guide 227 C HAPTER 16 Content Filtering This chapter covers how to configure content filtering. 16.1 Content Filtering Overview Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering gives you the ab ility to block web sites that contain key words (th[...]

  • Página 228

    Chapter 16 Content Filtering P-2602H(W)(L)-DxA User’s Guide 228 The following table describes the labels in this screen. 16.3 Configuring the Schedule Use this screen to set the days and times for the ZyXEL Device to pe rform content filtering. Click Security > Content Filter > Schedule . The screen appears as shown. Figure 134 Content Filt[...]

  • Página 229

    Chapter 16 Con tent Filtering P-2602H(W)(L)-DxA User’s Guide 229 The following table describes the labels in this screen. 16.4 Configuring T rusted Computers Use this screen to exclude a range of users on the LAN from content f iltering on your ZyXEL Device. Click Security > Content Filter > Tr u s t e d . The sc reen appears as shown. Figu[...]

  • Página 230

    Chapter 16 Content Filtering P-2602H(W)(L)-DxA User’s Guide 230[...]

  • Página 231

    P-2602H(W)(L)-DxA User’s Guide 231 C HAPTER 17 Introduction to IPSec This chapter introduces the basics of IPSec VPNs. 17.1 VPN Overview A VPN (V irtual Private Network) provides sec ure communications between sites without the expense of leased site-to-site lines. A secure VP N is a combination of tunneling, encryption, authentication, access co[...]

  • Página 232

    Chapter 17 Introduction to IPSec P-2602H(W)(L)-DxA User’s Guide 232 Figure 136 Encryption an d Decryption 17.1.3.2 Dat a Confidentiality The IPSec sender can encrypt packets befo re transmitting them across a network. 17.1.3.3 Dat a Integrity The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not been alt[...]

  • Página 233

    Chapter 17 Introdu ction to IPSec P-2602H(W)(L)-DxA User’s Guide 233 Figure 137 IPSec Architecture 17.2.1 IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406 ) and AH (Authentication Header) protocol (RFC 2402 ) describe the packet format s and the default standards for packet structure (including implemen tation algorith[...]

  • Página 234

    Chapter 17 Introduction to IPSec P-2602H(W)(L)-DxA User’s Guide 234 Figure 138 T ransport and T unnel Mode IPSec Encap sulation 17.3.1 T ransport Mode Tr a n s p o r t mode is used to protect up per layer prot ocols and only affects the data in the IP packet. In Tr a n s p o r t mode, the IP packet conta ins the security protoc ol ( AH or ESP ) l[...]

  • Página 235

    Chapter 17 Introdu ction to IPSec P-2602H(W)(L)-DxA User’s Guide 235 A NA T device in between the IPSec endpoints w ill rewrite either the source or destination address with one of it s own choosing. The VPN device at the receiving end wil l verify the integrity of the incoming packet by computing its own hash value, and complain that the hash va[...]

  • Página 236

    Chapter 17 Introduction to IPSec P-2602H(W)(L)-DxA User’s Guide 236[...]

  • Página 237

    P-2602H(W)(L)-DxA User’s Guide 237 C HAPTER 18 VPN Screens This chapter introduces the VPN screens. See Chapter 26 on page 331 for information on viewing logs and th e appendix for IPSec log descriptions. 18.1 VPN/IPSec Overview Use the screens documented in this chapter to configure rules for VPN connections and manage VPN connections. 18.2 IPSe[...]

  • Página 238

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 238 18.3 My IP Address My IP Address is the W AN IP address of th e ZyX EL Device. The ZyXEL Device has to rebuild the VPN tunnel if My IP Address changes after setup. The following applies if this field is configured as 0.0.0.0 : • The ZyXEL Device uses the current ZyXEL Device W AN IP addr[...]

  • Página 239

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 239 If the remote secure gateway has a static W AN IP address, enter it in the Secure Gateway Address field. Y ou may alternatively enter the remo te secure gateway’ s domain name (if it has one) in the Secure Gateway Addr ess field. Y ou can also enter a remote secure gateway’ s domain n[...]

  • Página 240

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 240 Figure 140 VPN Setup The following table describes the fields in this screen. T able 90 VPN Setup LABEL DESCRIPTION No. This is the VPN policy index number . Click a number to edit VPN policies. Activ e This field displays whether the VPN policy is acti ve or not. A Ye s signifies that thi[...]

  • Página 241

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 241 18.6 Keep Alive When you initiate an IPSec tunnel with keep alive enabled, the ZyX EL Device automatically renegotiates the tunnel wh en the IPSec SA lifetime period expires (see Section 18.12 on page 250 for more on the IPSec SA lifetime). In ef fe ct, the IPSec tunnel becomes an “alwa[...]

  • Página 242

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 242 NA T is not normally compatible with ESP in transport mode either, but the ZyXEL Device’ s NA T T raversal feature provides a way to handle this. NA T traversa l allows you to set up an IKE SA when there are NA T routers between the tw o IPSec routers. Figure 141 NA T Router Between IPSe[...]

  • Página 243

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 243 The following figure depicts an example wh ere three VPN tunnels are created from ZyXEL Device A; one to branch office 2, one to branch of fice 3 and anoth er to headquarters. In orde r to access computers that use private domain names on the head quarters (HQ) netwo rk, the ZyXEL Device [...]

  • Página 244

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 244 18.9.1 ID T ype and Content Examples T wo IPSec routers must have matching ID type and content configuration in order to set up a VPN tunnel. The two ZyXEL Devices in this example ca n complete negotiation and establish a VPN tunnel. T able 92 Local ID Type and Content Fields LOCAL ID TYPE[...]

  • Página 245

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 245 The two ZyXEL Devices in this example cann ot complete their negotiation because ZyXEL Device B’ s Local ID type is IP , but ZyXEL Device A ’ s Peer ID type is set to E-mail . An “ID mismatched” message displays in the IPSEC LOG . 18.10 Pre-Shared Key A pre-shared key identifies a[...]

  • Página 246

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 246 Figure 143 Edit VPN Policies The following table describes the fields in this screen. T able 96 Edit VPN Policies LABEL DESCRIPTION IPSec Setup Activ e Select this check box to activate this VPN policy . This opti on determines whether a VPN rule is applied before a packet leaves the firew[...]

  • Página 247

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 247 IPSec Key Mode Select IKE or Manual from the drop-down list box. IKE provides more protection so it is generally recommended. Manual is a useful optio n for troubleshooting if you have problems usi ng IKE key mana gement. Negotiation Mode Select Main or Aggressive from the drop -down list[...]

  • Página 248

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 248 End / Subnet Mask When the Remote Address T ype field is configured to Single , this field is N/A. When the Remote Address T ype field is configured to Range , enter the end (static) IP address, in a range of co mputers on the network behind the remote IPSec router . When the Re mote Addre[...]

  • Página 249

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 249 Secure Gateway Address T ype the WAN IP address or the URL (up to 31 characters) of the IPSec router with which you're making the VPN connectio n. Set this field to 0 .0.0.0 if the remote IPSec router has a dyna mic WAN IP address (the Key Management field must be set to IKE ). In or[...]

  • Página 250

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 250 18.12 IKE Phases There are two phases to every IKE (Internet Key Exchange) ne gotiation – phase 1 (Authentication) and ph ase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA a nd the second one uses that SA to negotiate SAs for IPSe c. Figure 144 T wo Phases to Set Up the IPSe[...]

  • Página 251

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 251 • Set the IPSec SA lifetime. This field allows you to determine ho w long the IPSec SA should stay up before it times out. The ZyXEL Device automatically renegotiates the IPSec SA if there is traffic when the IPS e c SA lifetime period expires. The ZyXEL Device also automatically renego[...]

  • Página 252

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 252 Figure 145 Advanced VPN Policies The following table describes the fields in this screen. T able 97 Advanced VPN Policies LABEL DESCRIPTION VPN - IKE Protoc ol Ente r 1 for ICMP , 6 for TCP , 17 for UDP , etc. 0 is th e default and signifies any protocol. Enable Repla y Detection As a VPN [...]

  • Página 253

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 253 Pre-Shared Key T ype your pre-sha red key in this fi eld. A pre-shared key identi fies a communicating party during a phase 1 IKE negoti ation. It is called "pre-shared" because you have to share it with anot her party before you can communicate with them over a secure connectio[...]

  • Página 254

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 254 18.14 Manual Key Setup Manual key managemen t is useful if you have problem s with IKE key management . 18.14.1 Security Parameter Index (SPI) An SPI is used to distinguish dif ferent SAs te rminating at the same de stination and using the same IPSec protocol. This data allows for the mult[...]

  • Página 255

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 255 Figure 146 VPN: Manual Key The following table describes the fields in this screen. T able 98 VPN: Manual Key LABEL DESCRIPTION IPSec Setup Activ e Select this check box to activate this VPN policy . Name T ype up to 32 characters to identify this VPN policy . Y ou may use any character ,[...]

  • Página 256

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 256 DNS Server (for IPSec VPN) If there is a private D NS server that se rvices the VPN, type its IP address here. The ZyXEL Device assigns this additional DNS server to the ZyXEL Device 's DHCP clients that have IP addresses in this IPSec rule's range of local addresses. A DNS serve[...]

  • Página 257

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 257 18.16 V iewing SA Monitor Click Security , VPN and Monitor to open the SA Monito r screen as shown. Use this screen to display and ma nage active VPN conn ections. A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel. This screen displays active[...]

  • Página 258

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 258 When there is outbound traffic but no inbound tr affic, the SA times out automatically after two minutes. A tunnel with no outb ound or inbound traffic is "idle" and does not timeo ut until the SA lifetime period expires. See Section 18. 6 on page 241 on keep alive to have the Zy[...]

  • Página 259

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 259 18.17 Configuring Global Setting T o change your ZyXEL Devi ce’ s global settings, click VPN and then Global Setting . The screen appears as shown. Figure 148 VPN: Global Setting The following table describes the fields in this screen. 18.18 T elecommuter VPN/IPSec Examples The followin[...]

  • Página 260

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 260 Figure 149 T elecommuters Sharing One VPN Rule Example 18.18.2 T elecommuters Usin g Unique VPN Rules Example In this example the telecommuters (A, B and C in the figure) use IPSec routers with domain names that are mapped to their dynamic W AN IP addresse s (use Dynamic DNS to do this). W[...]

  • Página 261

    Chapter 18 VP N Screens P-2602H(W)(L)-DxA User’s Guide 261 Figure 150 T e lecommuters Using Uniq ue VPN Rules Example T able 102 T elecommuters Using Unique V PN Rules Example T ELECOMMUTERS HEADQUARTER S All T elecommuter Rule s: All Headquarters Rul es: My IP Address 0.0.0.0 My IP Address: bigcompanyhq.com Secure Gateway Ad dress: bigcompanyhq.[...]

  • Página 262

    Chapter 18 VPN Screens P-2602H(W)(L)-DxA User’s Guide 262 18.19 VPN and Remote Management If a VPN tunnel uses T elnet, FTP , WWW , then you should config ure remote management ( Remote Management ) to allow access for that service.[...]

  • Página 263

    P-2602H(W)(L)-DxA User’s Guide 263 C HAPTER 19 Certificates This chapter gives background in formation about public-key certificates and explains how to use them. 19.1 Certificates Overview The ZyXEL Device can use certificates (also ca lled digital IDs) to authenticate users. Certificates are based on public -private key pairs. A certificate con[...]

  • Página 264

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 264 Certification authorities maintain directory ser vers with databases of valid and revoked certificates. A directory of certificates that have been revoked before the scheduled exp iration is called a CRL (Certificate Revocation List ). The ZyXEL Device can check a peer ’ s certificate a[...]

  • Página 265

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 265 19.4 My Certificates Click Security > Certificates > My Certificates to open the My Certificates scree n. This is the ZyXEL Device’ s summary list of certificates and certification requests. Certificates display in black and certification requests display in gray . Figure 152 My C[...]

  • Página 266

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 266 19.5 My Certificate Import Click Security > Certificates > My Certificates and then Im port to open the My Certificate Import screen. Follow the instructions in this sc reen to save an exis ting certificate to the ZyXEL Device. " Y ou can only import a cert ificate that matches[...]

  • Página 267

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 267 " Y ou must remove any spaces from th e certificate’s filename before you can import it. 19.5.1 Certificate File Format s The certification authority certific ate that yo u want to import ha s to be in one of these file formats: • Binary X.509: This is an ITU-T recommen dation th[...]

  • Página 268

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 268 19.6 My Certificate Create Click Security > Certificates > My Certificates > Crea te to open the My Certificate Create screen. Use this screen to have the ZyXEL Device create a self-signed certificate, enroll a certificate with a certification authorit y or generate a certificati[...]

  • Página 269

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 269 Country T ype up to 127 characters to iden tify the nation where the ce rtificate owner is located. Y ou may use any character , including spaces, but the ZyXEL Device drops tra iling spaces. Key Length S elect a number from the drop-down list box to determi ne how many bits the key shoul[...]

  • Página 270

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 270 After you click Apply in the My Certificate Create screen, you see a screen that tells you the ZyXEL Device is generating the self-signe d certificate or certification request. After the ZyXEL Device successfully enrolls a ce rtificate or generates a certification request or a self-signed[...]

  • Página 271

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 271 Figure 155 My Certificate Details[...]

  • Página 272

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 272 The following table describes the labels in this screen. T able 106 My Certificate Details LABEL DESCRIPTION Name This field displays the ide ntifying name of this certificate. If you want to change the name, type up to 31 characters to ident ify this certificate. Y ou may use any charact[...]

  • Página 273

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 273 19.8 T rusted CAs Click Security > Certificates > T rusted CAs to open the T rusted CAs screen. This screen displays a summary list of certificates of the certification authorities that you ha ve set the ZyXEL Device to accept as trusted. The ZyXEL De vice accepts any valid certific[...]

  • Página 274

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 274 Figure 156 T rusted CAs The following table describes the labels in this screen. T able 107 T r usted CAs LABEL DESCRIPTION PKI S torage S pace in Use This bar displays the percentage of the ZyXEL Device’s PKI storage sp a ce that is currently in use. The bar turns from blue to red when[...]

  • Página 275

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 275 19.9 T rusted CA Import Click Security > Cer tificates > T rusted CAs to open the T rusted CAs screen and then click Import to open the T rusted CA Import screen. Follow the instructions in this screen to save a trusted certification authority’ s certificate to the ZyXEL Device. &[...]

  • Página 276

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 276 19.10 T rusted CA Det ails Click Security > Certificates > T rusted CAs to open the T r usted CAs screen. Click the details icon to open the T rusted CA Details screen. Use this screen to view in-depth information about the certification authority’ s certif icate, change the certi[...]

  • Página 277

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 277 The following table describes the labels in this screen. T able 109 T rus ted CA Details LABEL DESCRIPTION Name This field displays the identifying name of this certific ate. If you want to change the name, type up to 31 characters to i dentify this ke y cert ificate. Y ou may use any cha[...]

  • Página 278

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 278 19.1 1 T r usted Remote Host s Click Security > Certificates > T rusted Remote Hosts to open the T rusted Remote Hosts screen. This screen displays a list of the certificates of peers that you trust but which are not signed by one of the certification authorities on the T rusted CAs[...]

  • Página 279

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 279 Figure 159 T rusted Remote Hosts The following table describes the labels in this screen. T able 1 10 T rusted R emote Hosts LABEL DESCRIPTION PKI S torage S pace in Use This bar displays the percentage of the Zy XEL Device’s PKI storage space that is currently in use. The bar turns fro[...]

  • Página 280

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 280 19.12 V erifying a T rusted Remote Host’ s Certificate Certificates issued by certific ation authorities have the certificat ion authority’ s signature for you to check. Self-sig ned certificates only have th e signature of the host itself. This means that you must be very careful whe[...]

  • Página 281

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 281 19.13 T rusted Remote Host s Import Click Security > Certificates > T rusted Remote Hosts to open the T rusted Remote Hosts screen and then click Import to open the T rusted Remote Host Import screen. Follow the instructions in this screen to save a truste d host’ s certific ate t[...]

  • Página 282

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 282 Figure 163 T rusted Remote Host Details[...]

  • Página 283

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 283 The following table describes the labels in this screen. T able 1 12 T rusted R emote Host Details LABEL DESCRIPTION Name This field displays the identifying name of this certi ficate. If you want to change the name, ty pe up to 31 characters to id entify this key certificate. Y ou may us[...]

  • Página 284

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 284 19.15 Directory Servers Click Security > Certificates > Dir ec tory Servers to open the Directory Servers screen. This screen display s a summary list of dire ctory servers (that co ntain lists of valid and revoked certificates) that have been save d into the ZyXEL Device. If you de[...]

  • Página 285

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 285 Figure 164 Directory Servers The following table describes the labels in this screen. 19.16 Directory Server Add and Edit Click Security > Certificates > Dir ec tory Servers to open the Directory Servers screen. Click Add (or the details icon) to open the Direc tory Server Add scree[...]

  • Página 286

    Chapter 19 Certificates P-2602H(W)(L)-DxA User’s Guide 286 Figure 165 Directory Server Ad d and Edit The following table describes the labels in this screen. T able 1 14 Directory Server Add and Edit LABEL DESCRIPTION Directory Service Setting Name T ype up to 31 ASCII characters (spa ces are not permitted) to identify this directory server . Acc[...]

  • Página 287

    P-2602H(W)(L)-DxA User’s Guide 287 C HAPTER 20 Static Route This chapter shows you how to configure static routes for your ZyXEL Device. 20.1 S t atic Route Each remote node specifies only the network to which the gateway is di rectly connected, and the ZyXEL Device has no know ledge of the network s beyond. For instance , the ZyXEL Device knows [...]

  • Página 288

    Chapter 20 Static Rou te P-2602H(W)(L)-DxA User’s Guide 288 Figure 167 S tatic Route The following table describes the labels in this screen. 20.2.1 S tatic Route Edit Select a static route index numb er and click Edit . The screen shown next appears. Use this screen to configure the required information for a static route. T able 1 15 Static Rou[...]

  • Página 289

    Chapter 20 Static Route P-2602H(W)(L)-DxA User’s Guide 289 Figure 168 S tatic Route Edit The following table describes the labels in this screen. T able 1 16 Static Route Edit LABEL DESCRIPTION Activ e This field allows you to activa te/deactivate this static route. Route Name Enter the name of the IP static route. L eav e this field blank to del[...]

  • Página 290

    Chapter 20 Static Rou te P-2602H(W)(L)-DxA User’s Guide 290[...]

  • Página 291

    P-2602H(W)(L)-DxA User’s Guide 291 C HAPTER 21 Bandwidth Management This chapter contains information about configuri ng bandwidth management, editing rules and viewing the ZyXEL Device’ s bandwidth managem ent logs. 21.1 Bandwid th Management Overview ZyXEL ’ s Bandwidth Management allows you to specify bandwidth management rules based on ap[...]

  • Página 292

    Chapter 21 Bandwid th Manageme nt P-2602H(W)(L)-DxA User’s Guide 292 A TC assigns priority based on packet size, since time-sensitive applications such as Internet telephony (V oice over IP or V oIP) tend to have smaller packet sizes than non-time sens itive applications such as FTP (File T ransfer Protoc ol). The following tabl e shows some comm[...]

  • Página 293

    Chapter 21 Bandwidth Management P-2602H(W)(L)-DxA User’s Guide 293 21.5 Application and Subnet-based Bandwid th Management Y ou could also create bandwidth classes based on a combination of a subnet and an application. The following exam ple table shows bandwidth alloca tions for application specific traffic from separate LAN subnets. 21.5.1 Band[...]

  • Página 294

    Chapter 21 Bandwid th Manageme nt P-2602H(W)(L)-DxA User’s Guide 294 The following table describes the labels in this screen. 21.7 Bandwid th Management Rule Setup Y ou must use the Bandwidth Management General screen to enable bandwidth management before you can confi gure rules. Click Advanced > Bandwidth M G MT > Rule Setup to open the f[...]

  • Página 295

    Chapter 21 Bandwidth Management P-2602H(W)(L)-DxA User’s Guide 295 21.7.1 Rule Configuration Click the Edit icon or User defined in the Servic e field to configure a bandwidth management rule. Use bandwidth rules to allocate specific amounts of bandwidth capacity (ban dwidth budgets) to specific applications and/or subnets. Figure 172 Bandwidth M[...]

  • Página 296

    Chapter 21 Bandwid th Manageme nt P-2602H(W)(L)-DxA User’s Guide 296 See Appendix F on page 4 17 for a list of commonly-used services. The following table describes the labels in this screen. T able 123 Bandwidth Manage ment Rule Configuration LABEL DESCRIPTION Rule Configuration Rule Name Use the auto-generated name or ente r a descripti ve name[...]

  • Página 297

    Chapter 21 Bandwidth Management P-2602H(W)(L)-DxA User’s Guide 297 21.8 Bandwid th Monitor T o view the ZyXEL Device’ s bandwidth usage, click Advanced > Bandwidth MGMT > Monitor . The screen appears as shown. Select an interface from the drop-down list box to view the bandwidth usage of its bandwidt h rule s. The gray section of the bar [...]

  • Página 298

    Chapter 21 Bandwid th Manageme nt P-2602H(W)(L)-DxA User’s Guide 298[...]

  • Página 299

    P-2602H(W)(L)-DxA User’s Guide 299 C HAPTER 22 Dynamic DNS Setup This chapter discusses how to configure your ZyXEL Device to use Dynamic DNS. 22.1 Dynamic DNS Overview Dynamic DNS allows you to update your curre nt dynamic IP address with one or many dynamic DNS services so that anyone can c ont act you (in Ne tMeeting, CU-SeeMe, etc.). Y ou can[...]

  • Página 300

    Chapter 22 Dy namic DNS Se tup P-2602H(W)(L)-DxA User’s Guide 300 Figure 174 Dynamic DNS The following table describes th e fields in this screen. T able 124 Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Active Dynamic DNS Select this check box to use dy namic DNS. Service Prov ider This is the name of your Dynamic DNS service provider . Dynami[...]

  • Página 301

    Chapter 22 Dynamic DNS Setup P-2602H(W)(L)-DxA User’s Guide 301 Dynamic DNS server auto detect IP Address Select this option only when the re are one or more NA T routers between the ZyXEL Device and the DDNS server . This fea ture has the D DNS server auto matically detect and use the IP address of the NA T router that has a public IP address. N[...]

  • Página 302

    Chapter 22 Dy namic DNS Se tup P-2602H(W)(L)-DxA User’s Guide 302[...]

  • Página 303

    P-2602H(W)(L)-DxA User’s Guide 303 C HAPTER 23 Remote Management Configuration This chapter provides information on config uring remote management. 23.1 Remote Management Overview Remote management allows you to determ ine which services/protocols can access which ZyXEL Device interface (if any) from which computers. The following figure shows se[...]

  • Página 304

    Chapter 23 Remote Management Configuration P-2602H(W)(L)-DxA User’s Guide 304 " When you choose WA N only or LAN & W AN , you still need to configure a firewall rule to allow access. T o disable remote management of a service, select Disable in the corresponding Access St a t u s field. Y ou may only have one remote management session ru[...]

  • Página 305

    Chapter 23 Remote Ma nagement Configuration P-2602H(W)(L)-DxA User’s Guide 305 Figure 176 Remote Mana gement: WWW The following table describes the labels in this screen. 23.3 T elnet Y ou can configure your ZyXEL Device for remote T elnet access as shown next. The administrator uses T elnet from a computer on a remote netw ork to access the ZyXE[...]

  • Página 306

    Chapter 23 Remote Management Configuration P-2602H(W)(L)-DxA User’s Guide 306 23.4 Configuring T elnet Click Advanced > Remote MGMT > Te l n e t tab to display the screen as shown. Figure 178 Remote Mana gement: T elnet The following table describes the labels in this screen. 23.5 Configuring FTP Y ou can upload and download the ZyXEL Devi [...]

  • Página 307

    Chapter 23 Remote Ma nagement Configuration P-2602H(W)(L)-DxA User’s Guide 307 Figure 179 Remote Mana gement: FTP The following table describes the labels in this screen. 23.6 SNMP Simple Network Management Protocol (SNM P) i s a protocol used for ex changing management information b e tween network devices. SNMP is a member of the TCP/IP protoco[...]

  • Página 308

    Chapter 23 Remote Management Configuration P-2602H(W)(L)-DxA User’s Guide 308 Figure 180 SNMP Managemen t Model An SNMP managed network consis ts of two main types of comp onent: ag ents and a manager . An agent is a management software module that resi des in a managed device (the ZyXEL Device). An agent translates the local manageme nt informat[...]

  • Página 309

    Chapter 23 Remote Ma nagement Configuration P-2602H(W)(L)-DxA User’s Guide 309 23.6.2 SNMP T rap s The ZyXEL Device will send traps to the SNMP manager when any on e of the following events occurs: 23.6.3 Configuring SNMP T o change your ZyX EL Device’ s SNMP settings, c lick Advanced > Remote MGMT > SNMP . The screen appears as show n. F[...]

  • Página 310

    Chapter 23 Remote Management Configuration P-2602H(W)(L)-DxA User’s Guide 310 The following table describes the labels in this screen. 23.7 Configuring DNS Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Refer to Chapter 8 on page 105 for background information. T o change your ZyXEL Device’ s D[...]

  • Página 311

    Chapter 23 Remote Ma nagement Configuration P-2602H(W)(L)-DxA User’s Guide 31 1 Figure 182 Remote Mana gement: DNS The following table describes the labels in this screen. 23.8 Configuring ICMP T o change your ZyX EL Device’ s security setting s, click Advanced > Remote MGMT > ICMP . The scre en appears as shown. If an outside user attemp[...]

  • Página 312

    Chapter 23 Remote Management Configuration P-2602H(W)(L)-DxA User’s Guide 312 Figure 183 Remote Mana gement: ICMP The following table describes the labels in this screen. T able 131 Remote Management: ICMP LABEL DESCRIPTION ICMP Internet Control Message Protocol is a message control and error-reporting protocol between a host server and a gateway[...]

  • Página 313

    P-2602H(W)(L)-DxA User’s Guide 313 C HAPTER 24 Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configura tor . 24.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectiv ity between devices. A UPnP [...]

  • Página 314

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 314 When a UPnP device joins a network, it announ ces its presence with a multicast mess age. For security reasons, the ZyXEL Device allows multicast messages on the LAN only . All UPnP-enabled devices may communicate freely with eac h other without additional configuration.[...]

  • Página 315

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 315 24.3 Inst alling UPnP in Windows Example This section shows ho w to install UPnP in W indows Me and W indows XP . Inst alling UPnP in Windows Me Follow the steps below to inst all the UPnP in W indows Me. 1 Click St a r t and Control Panel . Double-click Add/Remove Pr og[...]

  • Página 316

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 316 Figure 186 Add/Remove Programs: Wind ows Setup: Communication: Component s 4 Click OK to go back to the Add/Re move Programs Pr operties window and click Next . 5 Restart the computer when prompted. Inst alling UPnP in Windows XP Follow the steps below to install the UPn[...]

  • Página 317

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 317 Figure 188 Windows Optiona l Networking Component s Wizard 5 In the Networking Services window , select the Universal Plug and Play check box. Figure 189 Networking Services 6 Click OK to go back to the W indows Optional Networking Component W izard window and click Next[...]

  • Página 318

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 318 24.4 Using UPnP in Windows XP Example This section shows yo u how to use the UPnP feature in W indows XP . Y ou must already have UPnP installed in W indows XP and UP nP activated on the ZyXEL Device. Make sure the computer is co nnected to a LAN port of the ZyXEL Device[...]

  • Página 319

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 319 Figure 191 Internet Connection Properties 4 Y ou may edit or delete the port map pings or click Add to manually add port mappings.[...]

  • Página 320

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 320 Figure 192 Internet Connection Properties: Adva nced Settings Figure 193 Internet Connection Proper ties: Adva nced Settings: Add 5 When the UP nP-enabled device is disconne cted from your computer , all port mappings will be deleted automatically . 6 Select Show icon in[...]

  • Página 321

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 321 Figure 194 System T ray Icon 7 Double-click on the icon to display yo ur curr ent Internet connection st atus. Figure 195 Internet Connection S tatus Web Configurator Eas y Access W ith UPnP , you can access the web-based configurator on the ZyXEL Device without finding [...]

  • Página 322

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 322 Figure 196 Network Connections 4 An icon with the description for e ach UPnP-enabled device disp lays under Local Network . 5 Right-click on the icon for y our ZyXEL Device and s elect Invoke . The web config urator login screen displays.[...]

  • Página 323

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 323 Figure 197 Network Connections: My Network Places 6 Right-click on the icon for your ZyXEL Device and select Pr operties . A properties window displays with basic info rmation about the ZyXEL Device. Figure 198 Network Connections: My Networ k Places: Properties: Example[...]

  • Página 324

    Chapter 24 Universal Plug-and-Play (UPnP) P-2602H(W)(L)-DxA User’s Guide 324[...]

  • Página 325

    325 P ART IV Maintenance and T roubleshooting System (327) Logs (331) T ools (345) Diagnostic (357) T roubleshooting (361)[...]

  • Página 326

    326[...]

  • Página 327

    P-2602H(W)(L)-DxA User’s Guide 327 C HAPTER 25 System Use this screen to configure the ZyXEL Device’ s time and date settings. 25.1 General Setup and System Name General Setup contains administrative and system-related information. System Name is for identification purposes. However , because some ISPs c heck this name you should e nter your co[...]

  • Página 328

    Chapter 25 System P-2602H(W)(L)-DxA User’s Guide 328 Figure 199 System General Setu p The following table describes the labels in this screen. T able 133 System Ge neral Setup LABEL DESCRIPTION General Setup System Name Choose a descriptive name for identificatio n pu rposes. It is recommended you enter your computer ’s “Computer name” in t[...]

  • Página 329

    Chapter 25 System P-2602H(W)(L)-DxA User’s Guide 329 25.2 T ime Setting T o change your ZyX EL Device’ s time and date, click Maintenance > System > Time Setting . The screen appears as shown. Use this screen to configure the ZyXEL Device’ s time based on your local time zone. Figure 200 System T ime Setting The following table describe[...]

  • Página 330

    Chapter 25 System P-2602H(W)(L)-DxA User’s Guide 330 New Date (yyyy/mm/dd) This field displays th e last updated date from the time server or the last date configured manually . When you set Time and Date Setup to Manual , enter the new date in this field and then click Apply . Get from T ime Serve r Select this radio button to have the ZyXEL Dev[...]

  • Página 331

    P-2602H(W)(L)-DxA User’s Guide 331 C HAPTER 26 Logs This chapter contains inform ation about configuring genera l log settings and viewing the ZyXEL Device’ s logs. 26.1 Logs Overview The web confi gurator allows you to choose which categories of events and/or alerts to have the ZyXEL Device log and then di splay the logs or have the Zy XEL Dev[...]

  • Página 332

    Chapter 26 Logs P-2602H(W)(L)-DxA User’s Guide 332 Figure 201 Vi ew Log The following table describes the fields in this screen. 26.3 Configuring Log Settings Use the Log Settings screen to configure to where the Zy XEL Device is to send logs; the schedule for when the ZyXEL Device is to send the logs and which logs and/or immediate alerts the Zy[...]

  • Página 333

    Chapter 26 Lo gs P-2602H(W)(L)-DxA User’s Guide 333 Figure 202 Log Settings The following table describes th e fields in this screen. T able 136 Log Settings LABEL DESCRIPTION E-mail Log Settings Mail Server Enter the server name or the IP address of the mail serve r for the e-mail ad dresses specified below . If this field is left blank, logs an[...]

  • Página 334

    Chapter 26 Logs P-2602H(W)(L)-DxA User’s Guide 334 26.4 SMTP Error Messages If there are difficulties in sending e-mail the following error message appears. Send Alerts to Alerts are real-time notificat ions that are sent as so on as an event, such as a DoS attack, system error , or forbidden web access attempt occurs . Enter the E-mail address w[...]

  • Página 335

    Chapter 26 Lo gs P-2602H(W)(L)-DxA User’s Guide 335 “SMTP action request failed. ret= ??". The “??"are described in the following table. 26.4.1 Example E-mail Log An "End of Log" message displays for each ma il in which a complete log has been sent. The following is an example of a log sent by e-mail. • Y ou may edit the[...]

  • Página 336

    Chapter 26 Logs P-2602H(W)(L)-DxA User’s Guide 336 26.5 Log Descriptions This section provides descriptio ns of example log messages. T able 138 System Maintenance Logs LOG MESSAGE DESCRIPTION Time calibration is successful The router h as adjusted its time based on info rmation from the time server . Time calibration failed The router failed to [...]

  • Página 337

    Chapter 26 Lo gs P-2602H(W)(L)-DxA User’s Guide 337 T able 139 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. number of session per host! This attempt to create a NA T session exceeds the maximum number of NA T session table entries allowed to be created per host. setNetBIOSFilter: calloc error The router fail ed to allocate memory[...]

  • Página 338

    Chapter 26 Logs P-2602H(W)(L)-DxA User’s Guide 338 For type and code details, see T ab le 151 on page 34 1 . Exceed MAX incomplete, sent TCP RST The router sent a TCP reset packet when the nu mber of incomplete connections (TCP and UDP) exceeded the user- configured threshold. (Incomplete count is for all TCP and UDP connections through the firew[...]

  • Página 339

    Chapter 26 Lo gs P-2602H(W)(L)-DxA User’s Guide 339 For type and code details, see T ab le 151 on page 34 1 . board %d line %d channel %d, call %d, %s C02 OutCall Connected %d %s The PPPoE, PPTP or dial -up call is connected. board %d line %d channel %d, call %d, %s C02 Call Terminated The PPPoE, PPTP or dial- up call was di sconnected. T able 14[...]

  • Página 340

    Chapter 26 Logs P-2602H(W)(L)-DxA User’s Guide 340 ip spoofing - WAN [ TCP | UDP | IGMP | ESP | GRE | OSPF ] The firewall detected an IP spoofing attack on the W A N port. ip spoofing - WAN ICMP (type:%d, code:%d) The firewall detected an ICMP IP spoofing attack on the W AN port. icmp echo : ICMP (type:%d, code:%d) The firewall dete cted an ICMP [...]

  • Página 341

    Chapter 26 Lo gs P-2602H(W)(L)-DxA User’s Guide 341 User logout because of no authentication response from user. The router logge d out a user from which there was no authentication response. User logout because of idle timeout expired. The router l ogged out a user w hose idle ti meout period expired. User logout because of user request. A user [...]

  • Página 342

    Chapter 26 Logs P-2602H(W)(L)-DxA User’s Guide 342 0 A gateway may discard internet datagrams if it does not have th e buffer sp ace needed to queue the datagrams for output to the next network on th e route to the destination network. 5 Redirect 0 Redirect datagrams for the Netw ork 1 Redirect datagrams for the Host 2 Redirect datagrams for the [...]

  • Página 343

    Chapter 26 Lo gs P-2602H(W)(L)-DxA User’s Guide 343 SIP UnRegistration Success by SIP:SIP Phone Number The listed SIP account’s registration was deleted from the SIP register server . SIP UnRegistration Fail by SIP:SIP Phone Number An attempt to delete the l isted SIP account’s registration from th e SIP register server failed. T able 154 RTP[...]

  • Página 344

    Chapter 26 Logs P-2602H(W)(L)-DxA User’s Guide 344 The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to RFC 2408 for detail ed information on each type. T able 158 RFC-2408 ISAKMP Payload Types LOG DISPLA Y P A YLOAD TYPE SA Security Association PROP Proposal TRANS T ransform KE Key Exchange ID Identifica[...]

  • Página 345

    P-2602H(W)(L)-DxA User’s Guide 345 C HAPTER 27 Tools This chapter explains how to upload new firm ware, manage configuration files and restart your ZyXEL Device. 1 Do not interrupt the fi le transfer process as this may PERMANENTL Y DAMAGE your ZyXEL Device. 27.1 Introduction Use the instructions in this chapter to change the device’ s configur[...]

  • Página 346

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 346 ZyNOS (ZyXEL Network Operating System someti mes referred to as the “ras” file) is the system firmware and has a “bin” filena me extension. Find this firmware at www .zyxel.com.W ith many FTP and TFTP clients, the filenames are similar to those seen next. ftp> put firmware.bin ras Thi[...]

  • Página 347

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 347 27.4 Firmware Upgrade Screen Click Maintenance > T ools to open the Firmwar e screen. Follow the in structions in this screen to upload firmware to your ZyXEL Devi ce. The upload process uses HTTP (Hypertext T ransfer Protocol) and may take up to two minu tes. After a successful upload, the s[...]

  • Página 348

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 348 Figure 205 Firmware Uplo ad In Progres s The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following ic on on your desktop. Figure 206 Network T e mporarily Disconnected After two minutes, log in again an d che[...]

  • Página 349

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 349 Figure 208 Configuration 27.5.1 Backup Configuration Backup Configuration allows you to back up (save) the ZyXE L Device’ s current configuration to a file on your co mputer . Once your ZyXEL Dev ice is configured and functionin g properly , it is highly recommended that you b ack up your conf[...]

  • Página 350

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 350 Figure 209 Configuration Upload Successfu l The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following ic on on your desktop. Figure 210 Network T e mporarily Disconnected If you uploaded the default co nfigur[...]

  • Página 351

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 351 Figure 213 Reset In Process Message Y ou can also press the RESET button on the rear panel to reset the factory defaults of your ZyXEL Device. Refer to Section 1.6 on p age 48 for more information on the RESET button. 27.6 Rest art System restart allows you t o reboot the Zy XEL Device without t[...]

  • Página 352

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 352 computer and renames it “ config.rom ”. See earlier in this chapter for more information on filename con ventions. 7 Enter “ quit ” to exit the ftp prompt. 27.7.2 FTP Command Conf iguration Backup Example This figure gives an example of using FTP co mmands from the DOS comm and prompt to[...]

  • Página 353

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 353 1 Use telnet from your computer to connect to the ZyXEL Device and log in. B ecause TFTP does not have any security checks, th e ZyXEL Device records the IP address of the telnet client and accepts TFTP requests only from this address. 2 Enter command “ sys stdio 0 ” to disable the managemen[...]

  • Página 354

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 354 27.8 Using FTP or TFTP to Restore Configuration This section shows you how to restore a previ ously saved configuration. Note that this function erases the current configuration before restoring a previous back up configuration; please do not attempt to restore unless you have a backup configura[...]

  • Página 355

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 355 27.9.1 FTP File Upload Comman d from the DOS Prompt Example 1 Launch the FTP client on your computer . 2 Enter “open”, followed by a space and the IP address of your device. 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default is “1234”). 5 Enter [...]

  • Página 356

    Chapter 27 Tools P-2602H(W)(L)-DxA User’s Guide 356 2 Enter the command “sys stdio 0” to disable the management idle timeout, so the TFTP transfer will not be interrupted . Enter “command sys stdio 5” to restore the five-minute management idle timeout (default) when the file transfer is complete. 3 Launch the TFTP client on your computer [...]

  • Página 357

    P-2602H(W)(L)-DxA User’s Guide 357 C HAPTER 28 Diagnostic These read-only screens display information to help you identify problems with the ZyXEL Device. 28.1 General Diagnostic Click Maintenance > Diagnostic to open the screen shown next. Figure 218 Diagnostic: General The following table describes th e fields in this screen. 28.2 DSL Line D[...]

  • Página 358

    Chapter 28 Diagnostic P-2602H(W)(L)-DxA User’s Guide 358 Figure 219 Diagnostic: DSL Line The following table describes th e fields in this screen. T able 165 Diagnostic: DSL Line LABEL DESCRIPTION AT M S t a t u s Click this button to view your DSL connection’s Asynchronous T ransfer Mode (A TM) statistics. A TM is a networking technology that [...]

  • Página 359

    Chapter 28 Diagnostic P-2602H(W)(L)-DxA User’s Guide 359 DSL Line S tatus Click this button to view statistics about the D SL connections. noise margin downstrea m is the signal to noise ratio for the downstream part of the connection (coming into the ZyXEL Devi ce from the ISP). It is measured in decibels. The higher the number the more signal a[...]

  • Página 360

    Chapter 28 Diagnostic P-2602H(W)(L)-DxA User’s Guide 360[...]

  • Página 361

    P-2602H(W)(L)-DxA User’s Guide 361 C HAPTER 29 Troubleshooting This chapter offers some sugg estions to solve problems you might encounter . The potential problems are divided into the following categories. • Power , Hardware Connections, and LEDs • ZyXEL Device Access and Login • Internet Access • Phone Calls and V oIP 29.1 Power , Hardw[...]

  • Página 362

    Chapter 29 Trou bleshooting P-2602H(W)(L)-DxA User’s Guide 362 29.2 ZyXEL Device Access and Login V I forgot the IP address for the ZyXEL Device. 1 The default IP address is 192.168.1.1 . 2 If you changed the IP addre ss and have forgotten it, you might get the IP address o f the ZyXEL Device by looking up th e IP address of the default gate way [...]

  • Página 363

    Chapter 29 Trou bleshooting P-2602H(W)(L)-DxA User’s Guide 363 5 Reset the device to its factory defaults, an d try to access the ZyXEL Device with the default IP address. See Section 1.6 on page 48 . 6 If the problem continues, contact the network administrator or vendor , or try one of the advanced suggestio ns. Advanced Suggestions • T ry to[...]

  • Página 364

    Chapter 29 Trou bleshooting P-2602H(W)(L)-DxA User’s Guide 364 29.3 Internet Access V I cannot access the Internet. 1 Check the hardware connections , and make su re the LEDs are be having as expected. Se e the Quick S tart Guide and Section 1.5 on page 47 . 2 Make sure you entered your ISP account information correctly in the wizard. These field[...]

  • Página 365

    Chapter 29 Trou bleshooting P-2602H(W)(L)-DxA User’s Guide 365 • Check the settings for QoS. If it is disabled, you might consider activating it. If it is enabled, you might consider raising or lowe ring the priority fo r some applications. 29.4 Phone Calls and V o IP V The telephone port won’t work or the telephone la cks a dial tone. Check [...]

  • Página 366

    Chapter 29 Trou bleshooting P-2602H(W)(L)-DxA User’s Guide 366 29.5 Problems With Multiple SIP Account s Y ou can set up two SIP accounts on yo ur ZyX EL Device and your ZyXEL Device is equipped with two phone ports. By default you r ZyXEL Device uses SIP account 1 with both phone ports for outgoing calls, and it uses SIP accounts 1 and 2 for inc[...]

  • Página 367

    Chapter 29 Trou bleshooting P-2602H(W)(L)-DxA User’s Guide 367 29.5.2 Incoming Calls The following example shows the default behavior of yo ur ZyXEL Device for incom ing calls when two SIP accounts are configured and yo u are using two phones. When a call comes in from your SIP account 1, the phon es connected to both phon e port 1 and phone port[...]

  • Página 368

    Chapter 29 Trou bleshooting P-2602H(W)(L)-DxA User’s Guide 368[...]

  • Página 369

    369 P ART V Appendices and Index Product Specification s (371) Setting up Y our Computer ’ s IP Address (381) Pop-up W indows, JavaScripts and Java Permissions (393) IP Addresses and Subnetting (399) W ireless LANs (407) Services (417) Command Interpreter (421) Internal SP TGEN (425) Legal Information (449) Customer Support (453) Index (457)[...]

  • Página 370

    370[...]

  • Página 371

    P-2602H(W)(L)-DxA User’s Guide 371 A PPENDIX A Product S pecifications The following tables summarize the ZyXEL De vice’ s hardware and firmware features. Hardware Specifications Firmware S pecifications T able 166 Hardware Specifications Dimensions (168 W) x (37 D) x (248 H) mm Weight 390g Power S pecification 18 V AC 1A Built-in Switch Four a[...]

  • Página 372

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 372 Wireless Functionality (wireless devices only) Allow the IEEE 802.1 1b and/or IEEE 802.1 1g wireless clien ts to connect to the ZyXEL Device wirelessly . Enabl e wireless security (WEP , WP A(2), WP A(2)-PSK) and/or MAC filtering to protect your wireless network. Firmware Upgrad[...]

  • Página 373

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 373 Zero Configuration Internet Access Once you connect and turn on the devic e, it automatically detects the Internet connection setting s (suc h as the VCI/VPI nu mbers and the encapsulation method) from the ISP and makes the necessary configuration changes. In cases where additi [...]

  • Página 374

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 374 DHCP DHCP (Dynamic Host Configurati on Pr otocol) allows the individual clients (computers) to obtain the TCP/IP configuration at start-up from a centralized DHCP se rver . Y our device h as built-in DHCP se rver capability enabled by default. It can assign IP addresses, an IP d[...]

  • Página 375

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 375 V oice Specifications " T o take full advant age of the supplem entary phone services available through the ZyXEL Device's phone ports, you may need to s ubscribe to the services from your V oIP service provider . Management Embedded Web Configurator CLI (Command Li ne[...]

  • Página 376

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 376 " Not all features are suppor ted by all service provider s. Consult your service provider for more information. T able 168 Voice Features Call Fallback Call fallback all ows you to set t he ZyXEL Device to automatically use th e PSTN connection for outgoing calls if the SI[...]

  • Página 377

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 377 Firmware update enable / disable If your service provide r uses this feature, yo u hear a recorded message when you pick up the phone when new firmw are is available for your ZyXEL Device. Enter *99# in your phone’s keypad to have the ZyXEL De vice upgrade the firmware, or ent[...]

  • Página 378

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 378 Wireless Features (Wireless Devices Only) SIP ALG Y our device is a SIP App lication Laye r Gateway (ALG). It allows V oIP calls to pass through NA T for devices behind it (such as a SIP-based V oIP software application on a co mputer). Other V oice Featur es SIP version 2 (Sess[...]

  • Página 379

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 379 IEEE 802.1 1g Wireless LAN IEEE 802.1 1g is fully compa tible wit h the IEEE 802.1 1b standard. This means an IEEE 802.1 1b radio card can interface directly with an IEEE 802.1 1g access point (and vice versa) at 1 1 Mbps or lower depe nding on range. IEEE 802.1 1g has se veral [...]

  • Página 380

    Appendix A Product Specifications P-2602H(W)(L)-DxA User’s Guide 380 Power Adaptor Specifications T able 171 P-2602HWL Series Power Adaptor Specifications North Americ an PLUG standards OEM (Original Equipment Manufacturer) LEI (LEADER ELECTRONICS INC.) AC Power Adapter Mo del ADS18B-W 180100 MU18-2180100-A1 Input Power AC 100~240V olts/50/60Hz/0[...]

  • Página 381

    P-2602H(W)(L)-DxA User’s Guide 381 A PPENDIX B Setting up Y our Computer ’ s IP Address All computers must have a 10M or 100M Et hernet adapter card and TCP/IP installed. W indows 95/98/Me/NT/2000/XP , Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on[...]

  • Página 382

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 382 Figure 224 WIndows 95/98 /Me: Networ k: Configuratio n Inst alling Component s The Network window Configuration tab displays a list of installed components. Y ou need a network adapter , the TCP/IP protocol and Client for Microsoft Netwo rks. If you need the ada[...]

  • Página 383

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 383 Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • If your IP address is dynamic, select Obtain an IP address automatically . • If you have a static IP add[...]

  • Página 384

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 384 Figure 226 Windows 95/98/Me : TCP/IP Pr operties: DNS Configuration 4 Click the Gateway tab. • If you do not know you r gateway’ s IP addr ess, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and c[...]

  • Página 385

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 385 Figure 227 Windows XP: S tart Menu 2 For W indows XP , click Network Connections . For W indows 2000/NT , click Network and Dial-up Connections . Figure 228 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Pr operties .[...]

  • Página 386

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 386 Figure 229 Windows XP: Control Panel: Network Connections: Pro perties 4 Select Internet Protocol (TCP/IP) (under the Genera l tab in W in XP) and click Properties . Figure 230 Windows XP: Local Area Conne ction Properties 5 The Internet Protocol TCP/IP Pr opert[...]

  • Página 387

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 387 Figure 231 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address, remove any previously installe d gateways in the IP Settin gs tab and click OK . Do one or more of the fo llowing if you want to configure additi onal IP address[...]

  • Página 388

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 388 If you have previously co nfigured DNS servers, click Advanced and then the DNS tab to order them. Figure 232 Windows XP: Internet Protocol (TCP/IP) Propert ies 8 Click OK to close the Internet Protocol (TCP/IP) Properties window . 9 Click OK to close the Local [...]

  • Página 389

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 389 Figure 233 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 234 Macintosh O S 8/9: TC P/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list.[...]

  • Página 390

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 390 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address box. • T ype your subnet mask in the Subnet mask box. • T ype the IP address of your ZyXEL Device in the Route[...]

  • Página 391

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 391 Figure 236 Macintosh O S X: Netw ork 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address box. • T ype your subnet mask in the Subnet mask box. • T ype the IP addr[...]

  • Página 392

    Appendix B Setting up Your Computer’s IP Address P-2602H(W)(L)-DxA User’s Guide 392[...]

  • Página 393

    P-2602H(W)(L)-DxA User’s Guide 393 A PPENDIX C Pop-up Windows, JavaScript s and Java Permissions In order to use the web configurator you need to allow: • W eb browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). " Internet Explorer 6 screens are u sed here. Screens for o[...]

  • Página 394

    Appendix C Pop-up Windows, JavaScripts and Java Perm issions P-2602H(W)(L)-DxA User’s Guide 394 2 Clear the Block pop-ups check box in the Pop-up Block e r section of the screen. This disables any web po p-up blockers you may have enabled . Figure 238 Internet Options: Privacy 3 Click Apply to save this setting. Enable pop-up Blockers with Except[...]

  • Página 395

    Appendix C Pop-up Windows, JavaScripts and Java Per m issions P-2602H(W)(L)-DxA User’s Guide 395 Figure 239 Internet Options: Privacy 3 T ype the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed [...]

  • Página 396

    Appendix C Pop-up Windows, JavaScripts and Java Perm issions P-2602H(W)(L)-DxA User’s Guide 396 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScript s If pages of the web configura tor do not display properly in Internet Explorer , ch eck that JavaScripts are allowed. 1 In Internet Explorer , click T ools [...]

  • Página 397

    Appendix C Pop-up Windows, JavaScripts and Java Per m issions P-2602H(W)(L)-DxA User’s Guide 397 Figure 242 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer , click To o l s , Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM . 4 Under Java permissions make su[...]

  • Página 398

    Appendix C Pop-up Windows, JavaScripts and Java Perm issions P-2602H(W)(L)-DxA User’s Guide 398 JA V A (Sun) 1 From Internet Explorer , click To o l s , Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is sele cted. 3 Click OK to clos e the window . Figure 244 Java (Sun)[...]

  • Página 399

    P-2602H(W)(L)-DxA User’s Guide 399 A PPENDIX D IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify ind ividual devices on a network. Every networking device (includin g computers, servers, routers, printe rs, etc.) ne eds an IP address to communicate across the network. These networking device[...]

  • Página 400

    Appendix D IP Addresses a nd Subnetting P-2602H(W)(L)-DxA User’s Guide 400 Figure 245 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the s ubnet mask. Subnet Masks A subnet mask is used to dete rmine which bits are part of th e network number , and which bits are part of[...]

  • Página 401

    Appendix D IP Addresses and Subnetting P-2602H(W)(L)-DxA User’s Guide 401 Subnet masks are expressed in dotted decimal no tation just like IP addresses. The follow ing examples show the binary and decimal not ation for 8-bit, 16-bit, 24-bit an d 29-bit subnet masks. Network Size The size of the network number determines the maximum number of po s[...]

  • Página 402

    Appendix D IP Addresses a nd Subnetting P-2602H(W)(L)-DxA User’s Guide 402 Subnetting Y ou can use subnetting to divide one network into multiple sub-networks. In the foll owing example a network administrator creates two sub-networks to isolate a group of servers from the rest of the c ompany network for security reasons. In this example, the co[...]

  • Página 403

    Appendix D IP Addresses and Subnetting P-2602H(W)(L)-DxA User’s Guide 403 Figure 247 Subnetting Example: Af ter Subnetting In a 25-bit subnet the host ID has 7 bits , so each sub-network has a maximum of 2 7 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’ s address itself, all ones is the subnet’ s broadcast address). 192.[...]

  • Página 404

    Appendix D IP Addresses a nd Subnetting P-2602H(W)(L)-DxA User’s Guide 404 Example: Eight Subnet s Similarly , use a 27-bit mask to create eight subnets (000, 00 1, 010, 01 1, 100, 101, 1 10 and 111 ) . The following table shows IP address last octet values for each subnet. T able 177 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST O CTET BIT VA L U [...]

  • Página 405

    Appendix D IP Addresses and Subnetting P-2602H(W)(L)-DxA User’s Guide 405 Subnet Planning The following table is a summary for su bnet planning on a network with a 24-bit network number . The following table is a summary for su bnet planning on a network with a 16-bit network number . 5 128 129 158 15 9 6 160 161 190 19 1 7 192 193 222 22 3 8 224[...]

  • Página 406

    Appendix D IP Addresses a nd Subnetting P-2602H(W)(L)-DxA User’s Guide 406 Configuring IP Addresses Where you obtain your netwo rk number depends on your particular situation. If the ISP or your network administrator assigns yo u a bloc k of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If t[...]

  • Página 407

    P-2602H(W)(L)-DxA User’s Guide 407 A PPENDIX E W ireless LANs Wireless LAN T opologies This section discusses ad-hoc and in frastructure w ireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an inde pendent (Ad-hoc) WLAN that connects a se t of computers with wireless stations (A, B, C). Any time two or mo[...]

  • Página 408

    Appendix E Wireless LANs P-2602H(W)(L)-DxA User’s Guide 408 Figure 249 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlappi ng BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wi[...]

  • Página 409

    Appendix E Wir eless LANs P-2602H(W)(L)-DxA User’s Guide 409 Figure 250 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.1 1a/b/g wireless devices. Channels available depend on your ge ographical area. Y ou may have a choice of channels (for your region) so you should use a dif ferent channel th an an adjacent AP[...]

  • Página 410

    Appendix E Wireless LANs P-2602H(W)(L)-DxA User’s Guide 410 Figure 251 RTS /C T S When station A sends data to the AP , it might no t know that the station B is already using the channel. If these two stations se nd data at the same time, collis ions may occur when both sets of data arrive at the AP at the same time, r esulting in a loss of me ss[...]

  • Página 411

    Appendix E Wir eless LANs P-2602H(W)(L)-DxA User’s Guide 41 1 If the Fragmentation Threshold value is smaller than the RT S / C T S value (see previously) you set then the R TS (Request T o Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmen ted before they reach R TS/CTS size. Preamble T ype A preamble is used to [...]

  • Página 412

    Appendix E Wireless LANs P-2602H(W)(L)-DxA User’s Guide 412 • User based identification that allows for roaming. • Support for RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile and accounting management on a netw ork RADIUS server . • Support for EAP (Extensible Authentication Protocol, RFC 248[...]

  • Página 413

    Appendix E Wir eless LANs P-2602H(W)(L)-DxA User’s Guide 413 In order to ensure network security , the access point and the RADIUS server us e a shared secret key, which is a password, they both know . The key is not sent over the network. In addition to the shared key , pass word information exchanged is also encrypted to protect the network fro[...]

  • Página 414

    Appendix E Wireless LANs P-2602H(W)(L)-DxA User’s Guide 414 PEAP (Protected EAP) Like EAP-TTLS, server-side certific ate authentication is used to establish a secure connection, then use simple username and p assword methods through the secured connection to authenticate the clients, thus hiding client identity . However , PEAP only supports EAP [...]

  • Página 415

    Appendix E Wir eless LANs P-2602H(W)(L)-DxA User’s Guide 415 Encryption WP A improves d ata encryption by using T e mporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard (AES), Messag e Integrity Check (MIC) and IEEE 802.1x. TKIP uses 128-bit keys that are dyna mically generated a nd distributed by the authentica tion server . It i[...]

  • Página 416

    Appendix E Wireless LANs P-2602H(W)(L)-DxA User’s Guide 416 Shared WEP No Enable with Dynamic WEP Key Y es Enable without Dynami c WEP Key Y es Disable WP A WEP No Y es WP A TKIP No Y es WP A-PSK WEP Y es Y es WP A-PSK TKIP Y es Y es T able 185 Wireless Security Relati onal Matrix (continued) AUTHENTICATION METHOD/ KEY MANAGEMENT PROTOCOL ENCRYPT[...]

  • Página 417

    P-2602H(W)(L)-DxA User’s Guide 417 A PPENDIX F Services The following table l ists some commonly-used se rvices and their associated protocols and port numbers. • Name : This is a short, descrip tive name for the service. Y ou can use this one or create a different one, if you like. • Pro tocol : This is the type of IP protoc ol used by the s[...]

  • Página 418

    Appendix F Services P-2602H(W)(L)-DxA User’s Guide 418 H.323 TCP 1720 NetMeeting uses this protocol. HTTP TCP 80 Hyper T ext T ransfer Protoco l - a client/ server protocol for the world wide web. HTTPS TCP 443 HTTPS is a secure d http session often used in e-commerce. ICMP User-Defined 1 Internet Control Message Protocol is often used for diagno[...]

  • Página 419

    Appendix F Services P-2602H(W)(L)-DxA User’s Guide 419 PPTP_TUNNEL (GRE) User-Defined 47 PPTP (Point-to-Point T unnel ing Protocol) enables secure tran sfer of data over public networks. This is the data channel. RCMD TCP 512 Remote Comman d Service. REAL_AUDIO TCP 7070 A streami ng audio service that enables real time sound over the we b. REXEC [...]

  • Página 420

    Appendix F Services P-2602H(W)(L)-DxA User’s Guide 420 TFTP UDP 69 T r ivial File T r ansfer Protocol is an Internet file transfer protocol similar to FTP , but uses the UDP (User Datagram Protocol) rather than TCP (T ransmi ssion Control Protocol). VDOLIVE TCP UDP 7000 user- defined A videoconferencing solution. The UDP port number is spe cified[...]

  • Página 421

    P-2602H(W)(L)-DxA User’s Guide 421 A PPENDIX G Command Interpreter The following describes how to us e the command interpreter . T eln et to the ZyXEL Device and enter the password to use the co mmands. See the includ ed disk or zyxel.com for more detailed information on these commands. 1 Use of undocumented co mmands or misconfigurat ion can dam[...]

  • Página 422

    Appendix G Comm and Interprete r P-2602H(W)(L)-DxA User’s Guide 422 Configuring What Y ou W ant the ZyXEL Device to Log 1 Use the sys logs load command to load the log settin g buffer that allows you to configure which logs the Zy XEL Device is to record. 2 Use sys logs category to view a list of the log categories. Figure 252 Displaying Log Cate[...]

  • Página 423

    Appendix G Command Interpreter P-2602H(W)(L)-DxA User’s Guide 423 Log Command Example This example shows how to set the ZyXEL Devi ce to record the acc ess logs and alerts and then view the results. ras> sys logs load ras> sys logs category access 3 ras> sys logs save ras> sys logs display access # .time source destination notes messa[...]

  • Página 424

    Appendix G Comm and Interprete r P-2602H(W)(L)-DxA User’s Guide 424[...]

  • Página 425

    P-2602H(W)(L)-DxA User’s Guide 425 A PPENDIX H Internal SPTGEN Internal SPTGEN Overview Internal SP TGEN (System Parame ter T able Generator) is a configuration text file useful for efficient configuration of multiple ZyXEL Devices. Internal SP TGEN lets you configure, save and upload multiple menus at the same time using just one configuration t[...]

  • Página 426

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 426 Internal SPTGEN File Modification - Importa nt Points to Remember Each paramete r you enter must be pr ece ded by one “=”sign and one space. Some parameters are dependent on othe rs. For example, if you disable the Configur ed field in menu 1 (see Figure 254 on page 425 ), then yo[...]

  • Página 427

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 427 Figure 257 Internal SPTGEN FTP Download Example " Y ou can rename your “ rom-t ” file when you save it to your computer but it must be named “ rom-t ” when you upload it to your ZyXEL Device. Internal SPTGEN FTP Upload Example 1 Launch your FTP application. 2 Enter "[...]

  • Página 428

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 428 The following are the Internal SP TGEN menus. PV A Par ameter V alues Allowed INPUT An example of what you may enter * A p plies to the ZyXEL Device. T able 187 Abbreviations Used in the Example Inte rnal SPTGEN Screens Table ABBREVIA TION MEAN ING T able 188 Menu 1 General Setup / Me[...]

  • Página 429

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 429 30200002 = Client IP Pool Starting Address = 192.168.1.33 30200003 = Size of Client IP Pool = 32 30200004 = Primary DNS Server = 0.0.0.0 30200005 = Secondary DNS Server = 0.0.0.0 30200006 = Remote DHCP Server = 0.0.0.0 30200008 = IP Address = 172.21.2.200 30200009 = IP Subnet Mask = [...]

  • Página 430

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 430 30201011 = IP Alias #1 Outgoing protocol filters Set 2 = 256 30201012 = IP Alias #1 Outgoing protocol filters Set 3 = 256 30201013 = IP Alias #1 Outgoing protocol filters Set 4 = 256 30201014 = IP Alias 2 <0(No) | 1(Yes)> = 0 30201015 = IP Address = 0.0.0.0 30201016 = IP Subnet [...]

  • Página 431

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 431 30500007 = Default Key <1|2|3|4> = 0 30500008 = WEP Key1 = 30500009 = WEP Key2 = 30500010 = WEP Key3 = 30500011 = WEP Key4 = 30500012 = Wlan Active <0(Disable) | 1(Enable)> = 0 */ MENU 3.5.1 WLAN MAC ADDRESS FI LTER FIN FN PVA INPUT 30501001 = Mac Filter Active <0(No) [...]

  • Página 432

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 432 40000006 = VPI # = 0 40000007 = VCI # = 35 40000008 = Service Name <Str> = any 40000009 = My Login <Str> = test@pqa 40000010 = My Password <Str> = 1234 40000011 = Single User Account <0(No) | 1(Yes)> = 1 40000012 = IP Address Assignment <0(Static)|1( Dynamic[...]

  • Página 433

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 433 T able 191 Menu 12 / Menu 12.1.1 IP Static Route Setup FIN FN PVA INPUT 120101001 = IP Static Route set #1, Name <Str> = 120101002 = IP Static Route set #1, Active <0(No) |1(Yes)> = 0 120101003 = IP Static Route set #1, Destination IP address = 0.0.0.0 120101004 = IP Stat[...]

  • Página 434

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 434 120104005 = IP Static Route set #4, Gateway = 0.0.0.0 120104006 = IP Static Route set #4, Metric = 0 120104007 = IP Static Route set #4, Private <0(No) |1(Yes)> = 0 / Menu 12.1.5 IP Static Route Setup FIN FN PVA INPUT 120105001 = IP Static Route set #5, Name <Str> = 120105[...]

  • Página 435

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 435 120108004 = IP Static Route set #8, Destination IP subnetmask = 0 120108005 = IP Static Route set #8, Gateway = 0.0.0.0 120108006 = IP Static Route set #8, Metric = 0 120108007 = IP Static Route set #8, Private <0(No) |1(Yes)> = 0 */ Menu 12.1.9 IP Static Route Setup FIN FN PVA[...]

  • Página 436

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 436 120112003 = IP Static Route set #12, Destination IP address = 0.0.0.0 120112004 = IP Static Route set #12, Destination IP subnetmask = 0 120112005 = IP Static Route set #12, Gateway = 0.0.0.0 120112006 = IP Static Route set #12, Metric = 0 120112007 = IP Static Route set #12, Private [...]

  • Página 437

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 437 120116001 = IP Static Route set #16, Name <Str> = 120116002 = IP Static Route set #16, Active <0(No) |1(Yes)> = 0 120116003 = IP Static Route set #16, Destination IP address = 0.0.0.0 120116004 = IP Static Route set #16, Destination IP subnetmask = 0 120116005 = IP Static[...]

  • Página 438

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 438 150000023 = SUA Server #6 Pro tocol <0(All)|6(TCP)|17(U DP)> = 0 150000024 = SUA Server #6 Por t Start = 0 150000025 = SUA Server #6 Por t End = 0 150000026 = SUA Server #6 Loc al IP address = 0.0.0.0 150000027 = SUA Server #7 Act ive <0(No) | 1(Yes)> = 0 150000028 = SUA S[...]

  • Página 439

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 439 T able 193 Menu 21.1 Filter Set #1 / Menu 21 Filter set #1 FIN FN PVA INPUT 210100001 = Filter Set 1, Name <Str> = / Menu 21.1.1.1 set #1, rule #1 FIN FN PVA INPUT 210101001 = IP Filter Set 1,Rule 1 Type <2(TCP/IP)> = 2 210101002 = IP Filter Set 1,Rule 1 Active <0(No )[...]

  • Página 440

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 440 210102009 = IP Filter Set 1,Rule 2 Src Subnet Mask = 0 210102010 = IP Filter Set 1,Rule 2 Src Port = 0 210102011 = IP Filter Set 1,Rule 2 Src Port Comp <0(none)|1(equal) |2(not equal)|3(less)|4( greater)> = 0 210102013 = IP Filter Set 1,Rule 2 Act Match <1(check next)|2(forwa[...]

  • Página 441

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 441 210104005 = IP Filter Set 1,Rule 4 Dest Subnet Mask = 0 210104006 = IP Filter Set 1,Rule 4 Dest Port = 137 210104007 = IP Filter Set 1,Rule 4 Dest Port Comp <0(none)|1(equal) |2(not equal)|3(less)|4( greater)> = 1 210104008 = IP Filter Set 1,Rule 4 Src IP address = 0.0.0.0 2101[...]

  • Página 442

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 442 / Menu 21.1.1.6 set #1, rule #6 FIN FN PVA INPUT 210106001 = IP Filter Set 1,Rule 6 Type <2(TCP/IP)> = 2 210106002 = IP Filter Set 1,Rule 6 Active <0(No )|1(Yes)> = 1 210106003 = IP Filter Set 1,Rule 6 Protocol = 17 210106004 = IP Filter Set 1,Rule 6 Dest IP address = 0.0.[...]

  • Página 443

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 443 210201007 = IP Filter Set 2, Rule 1 Dest Port Comp <0(none)|1(equal)| 2(not equal)|3(less)|4(g reater)> = 1 210201008 = IP Filter Set 2, Rule 1 Src IP address = 0.0.0.0 210201009 = IP Filter Set 2, Rule 1 Src Subnet Mask = 0 210201010 = IP Filter Set 2, Rule 1 Src Port = 0 2102[...]

  • Página 444

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 444 210202014 = IP Filter Set 2, Rule 2 Act Not Match <1(check next)|2(forward)|3 (drop)> = 1 / Menu 21.1.2.3 Filter set #2, rule #3 FIN FN PVA INPUT 210203001 = IP Filter Set 2, Rule 3 Type <0(none)|2(TCP/ IP)> = 2 210203002 = IP Filter Set 2, Rule 3 Active <0(No)|1(Yes)&g[...]

  • Página 445

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 445 210204007 = IP Filter Set 2, Rule 4 Dest Port Comp <0(none)|1(equal)| 2(not equal)|3(less)|4(g reater)> = 1 210204008 = IP Filter Set 2, Rule 4 Src IP address = 0.0.0.0 210204009 = IP Filter Set 2, Rule 4 Src Subnet Mask = 0 210204010 = IP Filter Set 2, Rule 4 Src Port = 0 2102[...]

  • Página 446

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 446 210205014 = IP Filter Set 2, Rule 5 Act Not Match <1(check next)|2(forward)|3 (drop)> = 1 / Menu 21.1.2.6 Filter set #2, rule #6 FIN FN PVA INPUT 210206001 = IP Filter Set 2, Rule 6 Type <0(none)|2(TCP/ IP)> = 2 210206002 = IP Filter Set 2, Rule 6 Active <0(No)|1(Yes)&g[...]

  • Página 447

    Appendix H I nternal SPTGE N P-2602H(W)(L)-DxA User’s Guide 447 230000000 = System Password = 1234 */ Menu 23.2 System security: radius server FIN FN PVA INPUT 230200001 = Authentication Server Configured <0(No) | 1(Yes)> = 1 230200002 = Authentication Server Active <0(No) | 1(Yes)> = 1 230200003 = Authentication Server IP Address = 1[...]

  • Página 448

    Appendix H Internal SPTG EN P-2602H(W)(L)-DxA User’s Guide 448 Command Examples The following are example Internal SP TGEN screens associated with the ZyXEL Device’ s command interpreter commands. T able 196 Menu 24.1 1 Remote Mana gement Contro l / Menu 24.11 Remote Management Control FIN FN PVA INPUT 241100001 = TELNET Server Port = 23 241100[...]

  • Página 449

    P-2602H(W)(L)-DxA User’s Guide 449 A PPENDIX I Legal Information Copyright Copyright © 2006 by ZyXEL Communications Corporation. The contents of this publication may not be reprod uced in any part or as a whole, transcribed, stored in a retrieval system, tran slated into any language, or transmitted in any form or by any means, el ectronic, mech[...]

  • Página 450

    Appendix I Legal Info rmation P-2602H(W)(L)-DxA User’s Guide 450 If this device does cause harmful inte rference to radio/television reception, which can be determined by turning th e device off and on, the user is enc ouraged to try to correct the interference by one or more of the following measures: 1 Reorient or relocate the receiving antenna[...]

  • Página 451

    Appendix I Legal Information P-2602H(W)(L)-DxA User’s Guide 451 2 Select your product on the ZyXEL home pag e to go to that product's page. 3 Select the certification you wish to view from this page. ZyXEL Limited W arranty ZyXEL warrants to the original en d user (purchaser) that this product is free from any defects in materials or workman[...]

  • Página 452

    Appendix I Legal Info rmation P-2602H(W)(L)-DxA User’s Guide 452[...]

  • Página 453

    P-2602H(W)(L)-DxA User’s Guide 453 A PPENDIX J Customer Support Please have the following information r eady when you contact customer support. Required Information • Product model and serial number . • W arranty Information. • Date that you received your de vice. • Brief description of the problem and the steps you took to solv e it. Cor[...]

  • Página 454

    Appendix J Custo mer Support P-2602H(W)(L)-DxA User’s Guide 454 Denmark • Support E-mail: support@zyxel.dk • Sales E-mail: sales@zyxel.dk • T elephone: +45-39-55-07-00 • Fax: +45-39-55-07-07 • W eb Site: www .zyxel.dk • Re g u la r M ai l : ZyXEL Communications A/ S, Columbusvej, 28 60 Soeborg, Denmark Finland • Support E-mail: supp[...]

  • Página 455

    Appendix J Customer Support P-2602H(W)(L)-DxA User’s Guide 455 • T elephone: +7-3272-590-698 • Fax: +7-327 2-590-689 • W eb Site: www .zyxel.kz • Re g u l ar M a il : ZyXEL Kazakhstan, 43, Dostyk ave.,Office 414, Dost yk Business Centre, 050010, Almaty , Republic of Kazakhstan North America • Support E-mail: support@zyxel.com • Sales [...]

  • Página 456

    Appendix J Custo mer Support P-2602H(W)(L)-DxA User’s Guide 456 • W eb Site: www .zyxel.es • Re g ul a r M a i l: ZyXEL Communications, Art e, 21 5ª planta, 28033 Madrid, Spain Sweden • Support E-mail: support@zyxel.se • Sales E-mail: sales@zyxel.se • T elephone: +46-31-744-7700 • Fax: +46-31-744-7701 • W eb Site: www .zyxel.se •[...]

  • Página 457

    Index P-2602H(W)(L)-DxA User’s Guide 457 Index A AAL5 374 ACK message 150 Address Resolution Protocol (ARP) 109 ADSL2 374 AH 233 AH protocol 237 ALG 148 , 378 alternative subnet mask notation 401 antenna 371 any IP 109 , 373 how it works 109 note 109 any IP setup 111 AP (Access Point) 409 Application Layer Gateway 148 , 378 application-level fire[...]

  • Página 458

    Index P-2602H(W)(L)-DxA User’s Guide 458 certifications 449 notices 450 viewing 450 channel 409 interference 409 channel ID 122 Class of Service 154 client-server protocol 150 codecs 378 comfort noise generati on 161 , 377 command interface 421 Complementary Code Keying Modulation 379 configuration 106 configuration file 345 contact information 4[...]

  • Página 459

    Index P-2602H(W)(L)-DxA User’s Guide 459 encap sulation 93 , 233 ENET ENCAP 93 PPP over Ethernet 93 PPPoA 94 RFC 1483 94 encapsulation security p ayload 237 encryption 231 , 415 ESP 233 ESP protocol 237 ESS 408 Europe type call servi ce mode 165 Extended Service Se t 408 Extended Service Se t IDentification 122 extended wireless security 68 exter[...]

  • Página 460

    Index P-2602H(W)(L)-DxA User’s Guide 460 Independent Basi c Service Set 407 Initialization V ector (IV) 415 inside header 234 install UPnP 315 Windows Me 315 Windows XP 316 Integrated Access Device 39 internal calls 191 , 376 internal SPTGEN 425 FTP upload exampl e 427 points to remember 426 text file 425 Internet ac cess 57 internet access 41 In[...]

  • Página 461

    Index P-2602H(W)(L)-DxA User’s Guide 461 N nailed-up connectio n 95 NA T 107 , 142 , 373 , 406 address mapping rule 146 application 138 definitions 137 how it works 138 mapping types 139 what it does 138 NA T (Network Address Translation) 137 NA T mode 141 NA T sessions 375 NA T traversal 242 , 313 negotiation mode 251 NetBIOS commands 200 Networ[...]

  • Página 462

    Index P-2602H(W)(L)-DxA User’s Guide 462 RADIUS message types 412 RADIUS messages 412 Reach-Extended ADSL 374 Real time T ransport Protocol 152 real-time e-mail alerts 375 recurity ramifications 208 region 376 registration product 451 reinitialize the ADSL line 359 related documentation 3 remote hosts, and certificates 278 remote management and N[...]

  • Página 463

    Index P-2602H(W)(L)-DxA User’s Guide 463 SNMP 307 , 37 4 manager 308 MIBs 308 SOHO (Small Of fice/Home Office) 41 source address 209 speed dial 168 , 191 SPI 254 SRA 374 stateful inspection 195 , 196 , 200 , 201 , 373 on your ZyXEL device 202 process 201 stateful packet inspection 375 static route 287 storage humidity 371 storage temperature 371 [...]

  • Página 464

    Index P-2602H(W)(L)-DxA User’s Guide 464 voice coding 152 Vo I P 149 ring selection 172 testing rings 172 V oIP links 175 V oIP standards compliance 377 V oIP trunking 175 and security 17 5 call rules 177 detailed example 183 , 184 , 185 , 186 , 188 examples 177 , 178 how it works 175 overview 175 peer authentication 180 peer calls 179 scenarios [...]

  • Página 465

    Index P-2602H(W)(L)-DxA User’s Guide 465[...]