ZyXEL Communications 2602HW Series manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519

Ir a la página of

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones ZyXEL Communications 2602HW Series. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica ZyXEL Communications 2602HW Series o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual ZyXEL Communications 2602HW Series se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales ZyXEL Communications 2602HW Series, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones ZyXEL Communications 2602HW Series debe contener:
- información acerca de las especificaciones técnicas del dispositivo ZyXEL Communications 2602HW Series
- nombre de fabricante y año de fabricación del dispositivo ZyXEL Communications 2602HW Series
- condiciones de uso, configuración y mantenimiento del dispositivo ZyXEL Communications 2602HW Series
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de ZyXEL Communications 2602HW Series no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de ZyXEL Communications 2602HW Series y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico ZyXEL Communications en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de ZyXEL Communications 2602HW Series, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo ZyXEL Communications 2602HW Series, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual ZyXEL Communications 2602HW Series. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    Prestige 2602HW Series ADSL V oIP IAD with 802.1 1g Wireless User ’ s Guide V ersion 3.4 0 1/2005[...]

  • Página 2

    [...]

  • Página 3

    Prestige 2602HW Series User’s Guide Copyright 3 Copyright Copyright © 2005 by ZyXEL Communications Corpo ration. The contents of this publication may not be reprod uced in any part or as a wh ole, transcribed, stored in a retrieval system, tran slated into any language, or transmitted in any form or by any means, el ectronic, mec hanical , magne[...]

  • Página 4

    Prestige 2602HW Series User’ s Guide 4 Federal Communications Commission (FCC) Interference Statement Federal Communications Commission (FCC) Interference S t atement This device complies with Part 15 of FCC rul es. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accep[...]

  • Página 5

    Prestige 2602HW Series User’s Guide Safety Warnings 5 Safety W arnings For your safety , be sure to read and fo llow all warning notices and instructions. • T o reduce the risk of fire, use only No. 26 A WG (American W ire Ga uge) or lar ger telecommunication line cord. • Do NOT open the device or un it. Opening or removing covers can expose [...]

  • Página 6

    Prestige 2602HW Series User’ s Guide 6 ZyXEL Limited Warranty ZyXEL Limited W arranty ZyXEL warrants to the original en d user (purchaser) that this product is free from any defects in materials or workmansh ip for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product hav[...]

  • Página 7

    Prestige 2602HW Series User’s Guide Customer Support 7 Customer Support Please have the following information r eady when you contact customer support. • Product model and serial number . • W arranty Information. • Date that you received your de vice. • Brief description of the problem and the step s you took to solv e it. METHOD LOCATION[...]

  • Página 8

    Prestige 2602HW Series User’ s Guide 8 Customer Suppo rt[...]

  • Página 9

    Prestige 2602HW Series User’s Guide Table of Contents 9 T able of Content s Copyright .................................................. .......................................... ...................... 3 Federal Communications Commissi on (FCC) Interference S t atement ............... 4 Safety W arnings ....................................... ..[...]

  • Página 10

    Prestige 2602HW Series User’ s Guide 10 Table of Contents Chapter 3 Wizard Setup .. .......................................... .......................................... .................... 63 3.1 Wizard Setup Introduction .. .................... ................... .................... ................... ..63 3.1.1 Encapsulation ........... ..[...]

  • Página 11

    Prestige 2602HW Series User’s Guide Table of Contents 11 5.4 LAN TCP/IP ............... ................... .................... ................... ................... ............ 81 5.4.1 Factory LAN Defaults .... ................... ................... .................... .................. 81 5.4.2 IP Address and Subnet Mask .... ..........[...]

  • Página 12

    Prestige 2602HW Series User’ s Guide 12 Table of Contents Chapter 7 W AN Setup ................................................ ..................................................... ....... 109 7.1 W AN Overview .......... ................... .................... ................... ................... ..........109 7.2 Metric ... ...............[...]

  • Página 13

    Prestige 2602HW Series User’s Guide Table of Contents 13 9.3 SIP ALG ....... ................... .................... ................... ................... .................... ...135 9.4 Pulse Code Modulation ... .................... ...................... .................... ................... 135 9.5 V oice Coding ................ ........[...]

  • Página 14

    Prestige 2602HW Series User’ s Guide 14 Table of Contents Chapter 13 Firewalls .................................................... .......................................... .................. 155 13.1 Firewall Overview ....... ....................... ................... ................... ....................... 155 13.2 T ypes of Firewalls ..[...]

  • Página 15

    Prestige 2602HW Series User’s Guide Table of Contents 15 14.4.2 W AN to LAN Rules . ................. ................... ................... .................... ...172 14.4.3 Alerts ....... .................... ................... ................... ....................... ............. 173 14.5 Configuring Basic Fire wall Settings ......... .[...]

  • Página 16

    Prestige 2602HW Series User’ s Guide 16 Table of Contents Chapter 17 VPN Screens ....................................................... ........................................... ....... 201 17.1 VPN/IPSec Ov erview ........... ...................... .................... ................... ............. 201 17.2 IPSec Algorithms ........... ..[...]

  • Página 17

    Prestige 2602HW Series User’s Guide Table of Contents 17 Chapter 19 Universal Plug-and-Play (UPnP) ............................................. ............................ 233 19.1 Introducing Universal Plug and Play . ................... ................... .................... ...233 19.1.1 How do I know if I'm using UPnP ? ........ ....[...]

  • Página 18

    Prestige 2602HW Series User’ s Guide 18 Table of Contents 22.3.1 System Management T erminal Interf ace Summary .............. ................ 268 22.3.2 SMT Menus Overview ...... .................... ................... ................... ..........269 22.4 Changing the System Passw ord .................... ................... ................[...]

  • Página 19

    Prestige 2602HW Series User’s Guide Table of Contents 19 28.2.2 Encapsulation and Multiplexing Scenarios . ............. ................... ..........296 28.2.2.1 Scenario 1: One VC, Multiple P rotocols ................... ................... 296 28.2.2.2 Scenario 2: One VC, One Prot ocol (IP) ............ ................... .......296 28.2.2.3[...]

  • Página 20

    Prestige 2602HW Series User’ s Guide 20 Table of Contents Chapter 32 Enabling the Firewall .................................................................................... ....... 329 32.1 Remote Management and the Firewall .......................... ...................... ..........329 32.2 Access Methods ... ............ ...................[...]

  • Página 21

    Prestige 2602HW Series User’s Guide Table of Contents 21 36.4 Log and T rac e ......... ...................... .................... ................... ................... .......359 36.4.1 Viewing Error Log .................... ... ................ ................... .................... ...359 36.4.2 Syslog and Accounti ng ........ ...........[...]

  • Página 22

    Prestige 2602HW Series User’ s Guide 22 Table of Contents Chapter 39 Remote Management .................................................... ....................................... 387 39.1 Remote Management Overview .... ....................... ................... ....................... 387 39.2 Remote Management .............. .................[...]

  • Página 23

    Prestige 2602HW Series User’s Guide Table of Contents 23 44.4 Problems with the LAN Interface ....................... ................... ................... .......420 44.5 Problems with the WAN Interface .............. ....................... ................... ..........420 44.6 Problems with Internet Access ................... ..............[...]

  • Página 24

    Prestige 2602HW Series User’ s Guide 24 Table of Contents Appendix E Wireless LAN and IEEE 802.11 .... ........................................... ............................ 451 Benefits of a Wireless LAN .............. ................... ....................... ................... ......... 451 IEEE 802.1 1 ........ ................... ......[...]

  • Página 25

    Prestige 2602HW Series User’s Guide Table of Contents 25 Command Syntax .......... ...................... .................... ................... ...................... ...... 489 Command Usage ... ................... .................... ................... ....................... ............... 489 Appendix K Firewall Commands ...............[...]

  • Página 26

    Prestige 2602HW Series User’ s Guide 26 Table of Contents[...]

  • Página 27

    Prestige 2602HW Series User’s Guide List of Figure s 27 List of Figures Figure 1 Prestige Internet Access Applic ation ................... .................... ................ 54 Figure 2 Internet T elephony Service Provid er Application ..................... ................ 55 Figure 3 Firewall Application . ................ ....... ..........[...]

  • Página 28

    Prestige 2602HW Series User’ s Guide 28 List of Figures Figure 39 W A N Backup ................ ................... ................... ....................... ............. 1 1 6 Figure 40 How NA T Works ........... ................... ....................... ...................... .......... 121 Figure 41 NA T Application Wit h IP Alias .......[...]

  • Página 29

    Prestige 2602HW Series User’s Guide List of Figure s 29 Figure 82 Encryption and Decr yption ........... ................... .................... ................... 196 Figure 83 IPSec Architecture .......................... ................... ....................... ............. 197 Figure 84 T ransport and T unnel Mode IPSe c Encapsulation .[...]

  • Página 30

    Prestige 2602HW Series User’ s Guide 30 List of Figures Figure 124 Firmware Upgrade . ....................... ................... ....................... ............. 262 Figure 125 Network T e mporarily Disconnected ........................... ....................... ... 263 Figure 126 Error Message .................... .................... ...[...]

  • Página 31

    Prestige 2602HW Series User’s Guide List of Figure s 31 Figure 167 Menu 15.1.1 First Set .............. ................ ................... ................... ....... 317 Figure 168 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ........... 319 Figure 169 Menu 15.2 NA T Server Setup . ......... .................... ..............[...]

  • Página 32

    Prestige 2602HW Series User’ s Guide 32 List of Figures Figure 210 Menu 24.1 System Maintenance : S tatus ............................ ................ 356 Figure 21 1 Menu 24.2 System I nformation and Console Port S peed .......... .......... 357 Figure 212 Menu 24.2.1 System Maintenance : Information .. ...................... .......... 358 Fig[...]

  • Página 33

    Prestige 2602HW Series User’s Guide List of Figure s 33 Figure 253 Applying IP Policies Example .............. ...................... ....................... ... 398 Figure 254 Menu 26 Schedule Setup .............. ....................... ...................... .......... 399 Figure 255 Menu 26.1 Sche dule Set Setup ................ .............[...]

  • Página 34

    Prestige 2602HW Series User’ s Guide 34 List of Figures Figure 296 Displaying Log Parameters Exam ple ... ................... ................... .......... 505 Figure 297 Log Command Example ............ ... ................... .................... ................ 506[...]

  • Página 35

    Prestige 2602HW Series User’s Guide List of Tables 35 List of T ables T able 1 ADSL St andards ...... ....................... ................... ....................... ................ 45 T able 2 IEEE 802.1 1g ........ ................................................ .......................... .......... 49 T able 3 Web Configurator Screens Su[...]

  • Página 36

    Prestige 2602HW Series User’ s Guide 36 List of Tables T able 39 Phone Port Common ............. .................... ...................... .................... ... 148 T able 40 Dynamic DNS ........ .................... ...................... .................... ................... 150 T able 41 Pre-defined NTP T ime Servers .. ...... ........[...]

  • Página 37

    Prestige 2602HW Series User’s Guide List of Tables 37 T able 82 Diagnostic: General ............ ....................... ................... ....................... ... 260 T able 83 Diagnostic: DSL Line ............. .................... ...................... ....................... 261 T able 84 Firmware Upgrade ................. .............[...]

  • Página 38

    Prestige 2602HW Series User’ s Guide 38 List of Tables T able 125 General Commands for GU I-based FTP Clients ........ ....................... ... 368 T able 126 General Commands for GU I-based TFTP Clients ................ ................ 370 T able 127 Menu 24.9.1 System Maintenance : Budget Management .... ................ 383 T able 128 Menu[...]

  • Página 39

    Prestige 2602HW Series User’s Guide List of Tables 39 T able 168 Menu 4 Internet Access Setup (SMT Menu 4) .............. ....................... 469 T able 169 Menu 12 (SMT Menu 12) ......... ................ ................... ................... ....... 471 T able 170 Menu 15 SUA Server Setup (SMT Menu 15) ... ....................... ........[...]

  • Página 40

    Prestige 2602HW Series User’ s Guide 40 List of Tables[...]

  • Página 41

    Prestige 2602HW Series User’s Guide Preface 41 Preface Congratulations on your p urchase of the Prestige 2602 HW Series ADSL V oIP IAD with 802.1 1g Wireless. Note: Register your product online to receive e-mail notices of firmwa re upgrades and information at www .zyxel.com for global products , or at www .us.zyxel.com for North American product[...]

  • Página 42

    Prestige 2602HW Series User’ s Guide 42 Preface Synt ax Conventions • “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choices. • The SMT menu titles and labels are in Bold T imes New Roman font. Predefined field choices are in Bold Arial font. Command and arrow keys ar[...]

  • Página 43

    Prestige 2602HW Series User’s Guide Introduction to DSL 43 Graphics Icons Key Introduction to DSL DSL (Digital Subscriber Line) te chnology enhances the data ca pacity of the existing twisted- pair wire that runs betwee n the local telephone co mpany switching of fi ces and most homes and offices. While the wire itself can handle higher frequenci[...]

  • Página 44

    Prestige 2602HW Series User’ s Guide 44 Introduction to DSL As data rates increase, the carrying distance d ecreases. That means that users who are beyond a certain distance from the telephone company’ s ce ntral office may not be able to obtain the higher spee ds. A DSL connection is a poin t-to-point dedicated circuit, meanin g that the link [...]

  • Página 45

    Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 45 C HAPTER 1 Getting T o Know Y our Prestige This chapter describes the key features and applications of your Prestige. 1.1 Introducing the Prestige The Prestige P2602HW ADSL V oIP IAD (Integr ated Access Device ) combines high-speed ADSL Internet access, a 4-port Ether[...]

  • Página 46

    Prestige 2602HW Series User’ s Guide 46 Chapter 1 G etting To Know Yo ur Prestige Note: Models ending in “1”, for example Pr estige 2602HW -61, denote a device that works over the analog tele phone system , POTS (Plain Old T elephone Service). Models ending in “3” denote a device that works o ver ISDN (Integrated Synchronous Digit al Syst[...]

  • Página 47

    Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 47 Multiple SIP Account s The Prestige allows you to simultaneously use multiple voice (SIP) accounts and assign them to one or both telephone ports. Multiple V oice Channels The Prestige can simu ltaneously handle mu ltiple voice channels (telephone calls). Additionally[...]

  • Página 48

    Prestige 2602HW Series User’ s Guide 48 Chapter 1 G etting To Know Yo ur Prestige High Speed Internet Access Y our Prestige ADSL/ADSL2/ADSL2+ router can support downstream transmission rates of up to 24Mbps and upst ream tran smission rates of 3 .5Mbps. Actu al speeds attained depend on ISP DSLAM environment. Zero Configuration Internet Access On[...]

  • Página 49

    Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 49 IEEE 802.1 1g Wireless LAN IEEE 802.1 1g is fully compa tible with the IEEE 802.1 1b standard. This means an IEEE 802.1 1b radio card can interface directly with an IEEE 802.1 1g access point (and vice versa) at 1 1 Mbps or lo wer depending on range. IEEE 802.1 1g has[...]

  • Página 50

    Prestige 2602HW Series User’ s Guide 50 Chapter 1 G etting To Know Yo ur Prestige T raffic Redirect T raffic redirect forwards W AN traffic to a ba ckup gateway when the Pr estige cannot connect to the Internet, thus acting as an auxilia ry if your regular W AN connection fails. Universal Plug and Play (UPnP) Using the standard TCP/IP protocol, t[...]

  • Página 51

    Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 51 ADSL S t andards • Full-Rate (ANSI T1.413, Issue 2; G .dmt (G .992 .1) with line rate support of up to 8 Mbps downstream and 832 Kb ps upstream. • G .lite (G .992.2) with line rate support of up to 1.5Mbps down stream and 512Kbps upstream. • Supports Multi-Mode [...]

  • Página 52

    Prestige 2602HW Series User’ s Guide 52 Chapter 1 G etting To Know Yo ur Prestige IP Policy Routing (IPPR) T raditionally , routing is based on the destination addre ss only and the router takes the shortest path to forward a packet. IP Policy Routin g (IPPR) provides a mechanism to override the default routing behavio r and alter the packet forw[...]

  • Página 53

    Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 53 • ADSL circuitry •R A M • LAN port Packet Filters The Prestige's packet filtering functions a llows added network security and management. Ease of Inst allation Y our Prestige is designed for quick, intuitive and easy installation. Housing Y our Prestige&ap[...]

  • Página 54

    Prestige 2602HW Series User’ s Guide 54 Chapter 1 G etting To Know Yo ur Prestige Figure 1 Prestige Internet Access Application Internet Single User Account For a SOHO (Small Office/Home Of fice) environmen t, your Prestige offers the Single User Account (SUA) feature that allows multiple u sers on the LAN (Local Area Network) to access the Inter[...]

  • Página 55

    Prestige 2602HW Series User’s Guide Chapter 1 Getting To Kn ow Your Prestige 55 Figure 2 Internet T elephony Service Provider Application 1.4.3 Firewall for Secure Broadband Internet Access The Prestige provides protection from attacks by Internet hackers. By default, the firewall blocks all incoming traffic from the W AN. Th e firewall supports [...]

  • Página 56

    Prestige 2602HW Series User’ s Guide 56 Chapter 1 G etting To Know Yo ur Prestige Figure 4 Prestige LAN-to-LAN Application 1.5 Prestige Hardware Inst allation and Connection Refer to the Quick S tart Guide for information on hardware in stallation an d connections and LED descriptions.[...]

  • Página 57

    Prestige 2602HW Series User’s Guide Chapter 2 Introducing the Web Configur ator 57 C HAPTER 2 Introducing the W eb Configurator This chapter describes how to access and navigate the web configurator . 2.1 W eb Configurator Overview The embedded web configurator allows you to manage the Prestige fro m anywhere through a browser such as Microsoft I[...]

  • Página 58

    Prestige 2602HW Series User’ s Guide 58 Chapter 2 Introducing the Web Configurator Figure 6 Change Password at Login 7 Y ou should now see the SITE MAP screen. Note: The Prestige automatically times out af ter five minutes of inactivit y . Simply log back into the Prestige if this happens to you. 2.1.2 Resetting the Prestige If you forget your pa[...]

  • Página 59

    Prestige 2602HW Series User’s Guide Chapter 2 Introducing the Web Configur ator 59 • Click Logout in the navigation panel when you have finished a Prestige mana gement session. Figure 7 Web Configurator SITE MAP Screen Note: Click the icon (located in the top right corner o f most screens) to view embedded help. T able 3 Web Config urator Scree[...]

  • Página 60

    Prestige 2602HW Series User’ s Guide 60 Chapter 2 Introducing the Web Configurator V oice SIP Settings Use this screen to configure your Prestige’s Session Initiation Protocol settings. QoS Use this screen to configure your Prestige’s Quality of Service settings. Phone Use this screen to configure your Prestige’s phone settings. S peed Dial[...]

  • Página 61

    Prestige 2602HW Series User’s Guide Chapter 2 Introducing the Web Configur ator 61 Diagnostic General These screens displa y information to help you identify problems with the Prestige general connection. DSL Lin e These screens display information to help you identify problems with the DSL line. Firmware Use this screen to upload firmware to you[...]

  • Página 62

    Prestige 2602HW Series User’ s Guide 62 Chapter 2 Introducing the Web Configurator[...]

  • Página 63

    Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 63 C HAPTER 3 W izard Setup This chapter provides information on the W izard Setup screens for Internet access and V oIP in the web configurat or . 3.1 Wizard Setup Introduction Use the W izard Setup scree ns to configure your system for Internet access and V oice with the information pro[...]

  • Página 64

    Prestige 2602HW Series User’ s Guide 64 Chapter 3 Wizard Setup 3.1.1.4 RFC 1483 RFC 1483 describes two methods for Multipro tocol Encapsulation over A TM Adaptation Layer 5 (AAL5). The first method allows mult iplexing of multiple protocols over a single A TM virtual circuit (LLC-based multiplexing ) and the second method assumes that each protoc[...]

  • Página 65

    Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 65 Figure 8 Internet Access Wizard Setup: First Screen The following table describes the fields in this screen. 3.2 IP Address and Subnet Mask Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number . Where you obtain [...]

  • Página 66

    Prestige 2602HW Series User’ s Guide 66 Chapter 3 Wizard Setup If the ISP did not expl icitly give you an IP ne twork number , then most likely you have a sin gle user account and the ISP will assign you a d ynamic IP address when the connection is established. If this is the case, it is recomm ended that you select a netw ork number from 192.168[...]

  • Página 67

    Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 67 3.2.1.4 Private IP Addresses Every machine on the Internet must ha ve a unique address. If your network s are isolated from the Internet, for example, only between your two branch of fices, you can assign any IP addresses to the hosts without problems. However , the Internet Assigned N[...]

  • Página 68

    Prestige 2602HW Series User’ s Guide 68 Chapter 3 Wizard Setup Figure 9 Internet Connection with PPPoE The following table describes the fields in this screen. Table 5 Internet Connection with PPPoE LABEL DESCRIPTION Service Name T ype the name of your PPPoE service here. User Name Ente r the user name exactly as your ISP assig ned. If assigned a[...]

  • Página 69

    Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 69 Figure 10 Internet Connection with RFC 1483 The following table describes the fields in this screen. Figure 1 1 Internet Connection with ENET ENCAP The following table describes the fields in this screen. Table 6 Internet Connection with RFC 1483 LABEL DESCRIPTION IP Address This field[...]

  • Página 70

    Prestige 2602HW Series User’ s Guide 70 Chapter 3 Wizard Setup Figure 12 Internet Connection with PPPoA The following table describes the fields in this screen. Table 7 Internet Connection with ENET ENCAP LABEL DESCRIPTION IP Address A static IP address is a fixed IP that your ISP gives you. A dynamic IP addre ss is not fixed; the ISP assigns you[...]

  • Página 71

    Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 71 3.2.5 SIP Identities A SIP account's Uniform Resource Identifier (URI) identifies the SIP account in a way similar to the way an e-mail address iden tifies an e-mail account. It is also known as a SIP identity or address. The format of a SIP identity is SIP-Number@SIP-Servi ce-Dom[...]

  • Página 72

    Prestige 2602HW Series User’ s Guide 72 Chapter 3 Wizard Setup Figure 13 Internet Access Wizard Setup: Third Screen Table 9 Internet Access Wizard Se tup: V oice Configuration LABEL DESCRIPTION Active Select this check box to have the Prestige use this SIP account. Clear the check box to have the Prestige not use this SIP account. SIP Number Ente[...]

  • Página 73

    Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 73 3.2.7 DHCP Setup DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows in dividual clients to obtain TCP/IP configuration from a server . Y ou can configure the Prestige as a DHCP server or disable it. When configured as a server , the Prestige provides the TCP/IP c[...]

  • Página 74

    Prestige 2602HW Series User’ s Guide 74 Chapter 3 Wizard Setup Figure 14 Internet Access Wizard Setup: Fourth Screen If you want to change your Prestige LAN settings, click Change LAN Configuration to display the screen as shown next.[...]

  • Página 75

    Prestige 2602HW Series User’s Guide Chapter 3 Wizard Setup 75 Figure 15 Internet Access Wizard Setup: LAN Configuration The following table describes the fields in this screen. 3.2.9 Internet Access Wizard Setup: Connection T est The Prestige automatically tests the connectio n to the computer(s) connected to the LAN ports. T o test the connectio[...]

  • Página 76

    Prestige 2602HW Series User’ s Guide 76 Chapter 3 Wizard Setup Figure 16 Internet Access Wizard Setup: Connection T ests 3.2.9.1 T est Y our Internet Connection Launch your web brows er and navigate to www .zyxel.com . Interne t access is just the beginning. Refer to the res t of this User ’ s Guide for more detailed information on the complete[...]

  • Página 77

    Prestige 2602HW Series User’s Guide Chapter 4 Password Setup 77 C HAPTER 4 Password Setup This chapter provides information on the Password screen. 4.1 Password Overview It is highly recommended that you ch ange the password for accessing the Prestige. 4.1.1 Configuring Password T o change your Prestige’ s password (recommended), click Password[...]

  • Página 78

    Prestige 2602HW Series User’ s Guide 78 Chapter 4 Password Setup[...]

  • Página 79

    Prestige 2602HW Series User’s Guide Chapter 5 LAN Setup 79 C HAPTER 5 LAN Setup This chapter describes how to configure LAN settings. 5.1 LAN Overview A Local Area Network (LAN) is a shared comm unication system to which many computers are attached. A LAN is a computer network lim ited to the immediate area, usually the same building or floor of [...]

  • Página 80

    Prestige 2602HW Series User’ s Guide 80 Chapter 5 LAN Setup 5.2 DNS Server Address DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely impo rtant because without it, you must know the IP address of a machine before you can access it. The DNS server addre sses that you e[...]

  • Página 81

    Prestige 2602HW Series User’s Guide Chapter 5 LAN Setup 81 5.4 LAN TCP/IP The Prestige has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability . 5.4.1 Factory LAN Default s The LAN parameters of the Prestige are preset in the factory with the following values: • IP address of [...]

  • Página 82

    Prestige 2602HW Series User’ s Guide 82 Chapter 5 LAN Setup 5.4.4 Multicast T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of host s on the netwo rk - not everybody and not just 1. IGMP (Internet G[...]

  • Página 83

    Prestige 2602HW Series User’s Guide Chapter 5 LAN Setup 83 Figure 19 Any IP Example The Any IP fe ature does n ot apply to a computer using eit her a dynamic IP addr ess or a static IP address that is in the same subnet as the Prestige’ s IP address. Note: Y ou must enable NA T/SUA to use the Any IP feature on th e Prestige. 5.5.1 How Any IP Wo[...]

  • Página 84

    Prestige 2602HW Series User’ s Guide 84 Chapter 5 LAN Setup 5.6 Configuring LAN Click LAN and LAN Setup to open the following screen. Figure 20 LAN Setup The following table describes the fields in this screen. Table 12 LAN Setup LABEL DESCRIPTION DHCP DHCP If set to Server , your Prestige can assign IP addresses, an IP default gate way and DNS s[...]

  • Página 85

    Prestige 2602HW Series User’s Guide Chapter 5 LAN Setup 85 5.7 Configuring S t atic DHCP This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Med ia Access Control) addre ss. The MAC address is assigned at the factory and consists of six pair[...]

  • Página 86

    Prestige 2602HW Series User’ s Guide 86 Chapter 5 LAN Setup Figure 21 LAN: S tatic DHCP The following table describes the labels in this screen. Table 13 LAN: S tatic DHCP LABEL DESCRIPTION # This is the index number of the S tatic IP table entry (row). MAC Address T ype the MAC address (with colons) of a computer on your LAN. IP Address This fie[...]

  • Página 87

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 87 C HAPTER 6 W ireless LAN Setup This chapter discusses how to configure W ireless LAN on the Prestige. 6.1 Wireless LAN Introduction This section introduces the wireless LAN and some basic configurations. W ireless LANs can be as simple as two computers with wireless LAN cards com[...]

  • Página 88

    Prestige 2602HW Series User’ s Guide 88 Chapter 6 Wireless LAN Setup 6.1.4 RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other . The following figure illustrates a hidden node. Both stations (ST A) are within range of the access point (AP) or wi reless gateway , but out-[...]

  • Página 89

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 89 6.1.5 Fragment ation Threshold A Fragmentation Threshold is the maximum data fragment s ize (between 256 and 2432 bytes) that can be sent in the wireless networ k befor e the Prestige will fragment the packet into smaller data frames. A large Fragmentation Thr eshold is recommend[...]

  • Página 90

    Prestige 2602HW Series User’ s Guide 90 Chapter 6 Wireless LAN Setup 6.3 Dat a Encryption with WEP WEP encryption scrambles the da ta transmitted between the wireless stations and the access points to keep network communications pr ivate. It encrypts unicast and multicast communications in a network. Both the wirel ess stations and the access poi[...]

  • Página 91

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 91 Figure 24 Wirele ss LAN The following table describes the fields in this screen. Table 14 Wirel ess LAN LABEL DESCRIPTION Enable Wireless LAN The wireless LAN is turned off by default, before you enable the wireless LA N you should configure some security by sett ing MAC filters [...]

  • Página 92

    Prestige 2602HW Series User’ s Guide 92 Chapter 6 Wireless LAN Setup 6.5 Configuring MAC Filter The MAC filter screen allows you to configure the Prestige to give exclusive access to up to 32 devices (Allow Association) or exclude up to 32 devices from ac cessing the Prestige (Deny Association). Every Ethernet device has a uniq ue MAC (Media Acce[...]

  • Página 93

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 93 Figure 25 MAC Addres s Filter The following table describes the fields in this menu. Table 15 MAC Address F ilter LABEL DESCRIPTION Active Select Ye s from the drop down list box to enable MAC address filtering. Action Define the filter action for the list of MAC addresses in the[...]

  • Página 94

    Prestige 2602HW Series User’ s Guide 94 Chapter 6 Wireless LAN Setup 6.6 Network Authentication Y ou can set the Prestige and your ne twork to authenticate a wirele ss station before the wireless station can communicate with th e Prestige and the wired network to which the Prestige is connected. 6.6.1 EAP EAP (Extensible Authentication Protocol) [...]

  • Página 95

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 95 • Access-Reject Sent by a RADIUS server rejecting access. • Access-Accept Sent by a RADIUS server allowing access. • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and the[...]

  • Página 96

    Prestige 2602HW Series User’ s Guide 96 Chapter 6 Wireless LAN Setup 3 The wireless station replies with identity info rmation, including username and password. 4 The RADIUS server checks the user informa tion against its user profile database and determines whether or not to au thenticate the wireless station. 6.7 Introduction to WP A W i-Fi Pro[...]

  • Página 97

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 97 By generating unique data encryption keys for ev ery data packet and by creating an integrity checking mechanism (MIC), TKIP makes it much more dif ficult to decode data on a W i-Fi network than WEP , making it dif ficult for an intruder to break into the network. The encryption [...]

  • Página 98

    Prestige 2602HW Series User’ s Guide 98 Chapter 6 Wireless LAN Setup 2 The RADIUS server then checks the user's iden tification against its database and grants or denies network access accordingly . 3 The RADIUS server distributes a Pairwise Mast er Key (PMK) key to th e AP that then sets up a key hierarch y and management system, u sing the[...]

  • Página 99

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 99 6.1 1 Wireless Client WP A Supplicants A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WP A. At the time of writing, the most widely available supplicant is the WP A patch for W indows XP , Funk Software &ap[...]

  • Página 100

    Prestige 2602HW Series User’ s Guide 100 Chapter 6 Wireless LAN Setup 6.12.1 Authenticatio n Required: 802.1x Select Authentication Required in t he Wir eless Port Control field and 802.1x in the Key Management Protocol field to display the next screen. Figure 30 Wireless LAN: 802.1x/WP A for 802.1x Protocol The following table describes the labe[...]

  • Página 101

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 101 T able 18 Wireless LAN: 802.1x/WP A for 802.1x Protocol LABEL DESCRIPTION Wireless Port Control T o control wireless stations access to the wired netwo rk, sele ct a control method from the drop-down list box. Choose from No Authentication R equired , Authenticati on Requir ed a[...]

  • Página 102

    Prestige 2602HW Series User’ s Guide 102 Chapter 6 Wireless LAN Setup Note: Once you enable user auth entication, y ou need to specify an external RADIUS server or create local user account s on the Prestige for authentication. 6.12.2 Authenticat ion Required: WP A Select Authentication Required in the Wir eless Port Contro l field and WP A in th[...]

  • Página 103

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 103 6.12.3 Authenticatio n Required: WP A-PSK Select Authentication Required in the Wireless Port Contr ol field and WP A-PSK in the Key Management Protocol field to display the next screen. Table 19 Wireless LAN: 802.1x /WP A for WP A Protocol LABEL DESCRIPTION Key Management Proto[...]

  • Página 104

    Prestige 2602HW Series User’ s Guide 104 Chapter 6 Wireless LAN Setup Figure 32 Wireless LAN: 802.1x/WP A for WP A-PSK Protocol The following table describes the labels not previously discussed. Table 20 Wireless LAN: 802.1x/WP A for W P A-PSK Protocol LABEL DESCRIPTION Key Management Protocol Choose WP A-PSK in this field. Pre-Shared Key T he en[...]

  • Página 105

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 105 6.13 Configuring Local User Authentication By storing user profiles locally , your Prestige is able to authenticate wireless users without interacting with a network RADIUS server . However , there is a limit on the number of users you may authentica te in this way . T o change [...]

  • Página 106

    Prestige 2602HW Series User’ s Guide 106 Chapter 6 Wireless LAN Setup 6.14 Configuring RADIUS Once you enable the EAP authentication, you need to specify th e external sever for remote user authenticatio n and accounting. T o set up your Prestige’ s RADIUS server settings, c lick WIRELESS LAN , RADIUS . The screen appears as shown. Figure 34 RA[...]

  • Página 107

    Prestige 2602HW Series User’s Guide Chapter 6 Wireless LAN Setup 107 Table 22 RADIUS LABEL DESCRIPTION Authentication Server Active Select Ye s fro m the drop-down list box to enable user authentication through an external authentication server . Server IP Address Enter the IP address of the external authenticat ion serve r in dotted decimal nota[...]

  • Página 108

    Prestige 2602HW Series User’ s Guide 108 Chapter 6 Wireless LAN Setup[...]

  • Página 109

    Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 109 C HAPTER 7 W AN Setup This chapter describes how to configure W A N settings. 7.1 W AN Overview A W AN (W ide Area Network) connection is a conn ection to another network or the Internet. See Chapter 3 on pa ge 63 for more information on th e fields in the W AN screens. 7.2 Metric The me[...]

  • Página 110

    Prestige 2602HW Series User’ s Guide 110 Chapter 7 WAN Setup 7.3 PPPoE Encap sulation The Prestige supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF Draft standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.) connection. The PP PoE option is for a dial-up c[...]

  • Página 111

    Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 111 Figure 35 Example of T raffic Shaping 7.5 Zero Configuration Internet Access Once you turn on and connect the Prestige to a telephone jack, it automatically detects the Internet connection settings (s uch as the VCI/VPI numbers an d the encapsulation method) from the ISP and makes the ne[...]

  • Página 112

    Prestige 2602HW Series User’ s Guide 112 Chapter 7 WAN Setup Figure 36 W A N Setup (PPPoE) The following table describes the fields in this screen. Table 23 WAN S e t u p LABEL DESCRIPTION Name Enter the name of your Internet Service Provider , e.g., MyISP . T his information is for identification purposes only . Mode Select Routing (default) fro[...]

  • Página 113

    Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 113 Encapsulation Select th e method of encapsulatio n used by your ISP from the drop-down list box. Choices vary depending on the mode you select in th e Mode field. If you select Bridge in the Mode field, select either PPPoA or RFC 1483 . If you select Routing in the Mode field, select PPP[...]

  • Página 114

    Prestige 2602HW Series User’ s Guide 114 Chapter 7 WAN Setup 7.7 T raffic Redirect T raffic redirect forwards traffic to a backup gateway when the Prestige cannot connect to the Internet. An exampl e is shown in th e figure below . Connect on Demand Select Connect on Demand when you don't want th e connection up all the time and specify an i[...]

  • Página 115

    Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 115 Figure 37 T raffic Redirect Example The following network topology allows you to avoid triangle route security issues when the backup gateway is co nnected to the LAN. Use IP alias to configure the LAN into two or three logical networks with the Prestige itself as the gateway for each LA[...]

  • Página 116

    Prestige 2602HW Series User’ s Guide 116 Chapter 7 WAN Setup Figure 39 W A N Backup The following table describes the fields in this screen. Table 24 WAN B a c k up LABEL DESCRIPTION Backup T ype Se lect the method that the Pr esti ge uses to check the DSL connection . Select DSL Link to have the Prestige check if the connection to the DSLAM is u[...]

  • Página 117

    Prestige 2602HW Series User’s Guide Chapter 7 WAN Setup 117 T imeout T ype the number of seconds (3 recommended) for your Prestige to wait for a ping response from one of the IP addresses in the Check W AN IP Address field before timing out the request. The WAN connection is considered "down" after the Prestige times out the number of t[...]

  • Página 118

    Prestige 2602HW Series User’ s Guide 118 Chapter 7 WAN Setup[...]

  • Página 119

    Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 119 C HAPTER 8 Network Address T ranslation (NA T) Screens This chapter discusses how to configure NA T on the Prestige. 8.1 NA T Overview NA T (Network Address T ranslation - NA T , RFC 1631) is the translation of the IP address of a host in a packet, for ex[...]

  • Página 120

    Prestige 2602HW Series User’ s Guide 120 Chapt er 8 Network Addre ss Translation (NA T) Screens 8.1.2 What NA T Do es In the simplest form, NA T changes the sour ce IP address in a packet received from a subscriber (the inside local address) to anothe r (the inside global address) before forwarding the packet to the W AN side. When the resp onse [...]

  • Página 121

    Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 121 Figure 40 How NA T Works 8.1.4 NA T Application The following figure illustrates a possible NA T application, wher e three inside LANs (logical LANs using IP Alias) behind the Prestige can communicate with three distinct W AN networks. More examples follo[...]

  • Página 122

    Prestige 2602HW Series User’ s Guide 122 Chapt er 8 Network Addre ss Translation (NA T) Screens • One to One : In One-to-One mode, the Prestige maps one local IP address to one global IP address. • Many to One : In Many-to-One mode, the Prestige maps multiple local IP addresses to one global IP address. This is equivalent to SUA (for instance[...]

  • Página 123

    Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 123 • Choose Full Featur e if you have multiple public W AN IP addresses for your Prestige. 8.3 SUA Server A SUA server set is a list of inside (behind NA T on the LAN) servers, for example, web or FTP, that you can make visible to t he outs ide world even [...]

  • Página 124

    Prestige 2602HW Series User’ s Guide 124 Chapt er 8 Network Addre ss Translation (NA T) Screens 8.3.3 Configuring Ser vers Behind SUA (Example) Let's say you want to assign po rts 21-25 to one FTP , T elnet and SMTP server (A in the example), port 80 to another (B in the exam ple) and assign a default server IP address of 192.168.1.35 to a t[...]

  • Página 125

    Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 125 Figure 43 NA T Mode The following table describes the labels in this screen. 8.5 Configuring SUA Server If you do not assign an IP address in Server Set 1 (default server) the Prestige discards all packets received for ports that are not specif ied here o[...]

  • Página 126

    Prestige 2602HW Series User’ s Guide 126 Chapt er 8 Network Addre ss Translation (NA T) Screens Figure 44 Edit SUA/NA T Server Set The following table describes the fields in this screen. T able 29 Edit SUA/NA T Server Set LABEL DESCRIPTION S tart Port No. En ter a port number in this field. T o forward only one port, enter the port numb er again[...]

  • Página 127

    Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 127 8.6 Configuring Address Mapping Ordering your rules is important because the Pr estige applies the rules in the order that you specify . When a rule matches the current pa ck et, the Prestige takes the corresponding action and the remaining rules are igno[...]

  • Página 128

    Prestige 2602HW Series User’ s Guide 128 Chapt er 8 Network Addre ss Translation (NA T) Screens 8.7 Editing an Address Mapping Rule T o edit an address mapping rule, click the rule’ s link in the NA T Address Mapping Rules screen to display the screen sh own next. Figure 46 Address Mapping Rule Edit The following table describes the fields in t[...]

  • Página 129

    Prestige 2602HW Series User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 129 Table 31 Address Mapping Rule Edit LABEL DESCRIPTION Ty p e Choose the port mapping type from one of the fo llowing. • One-to-One : One-to-One mode maps one local IP address to o ne global IP address. Note that port numbers do not change for One-to-one [...]

  • Página 130

    Prestige 2602HW Series User’ s Guide 130 Chapt er 8 Network Addre ss Translation (NA T) Screens[...]

  • Página 131

    Prestige 2602HW Series User’s Guide Chapter 9 Introdu ction to VoIP 131 C HAPTER 9 Introduction to V oIP This chapter provides backgro und information on V oIP and SIP . 9.1 Introduction to V oIP V oIP is the sendin g of voice signals over th e Internet Protocol. This allows you to make phone calls and send faxes over the In ternet at a fraction [...]

  • Página 132

    Prestige 2602HW Series User’ s Guide 132 Chapter 9 Intr oduction to VoIP 9.2.1.2 SIP Service Domain The SIP service domain of the V oIP service provid er is the domain name in a SIP URI. For example, if the SIP address is 1 122334455@ V oIP-provider .com , then “V oIP-provider .com” is the SIP service domain. 9.2.2 SIP Call Progression The fo[...]

  • Página 133

    Prestige 2602HW Series User’s Guide Chapter 9 Introdu ction to VoIP 133 9.2.3.1 SIP User Agent Server A SIP user agent server can make and receive V o IP telephone ca lls. This means that SIP can be used for peer-to-peer comm unications even though it is a client-server p rotocol. In the following figure, either A or B can act as a SIP us er agen[...]

  • Página 134

    Prestige 2602HW Series User’ s Guide 134 Chapter 9 Intr oduction to VoIP Figure 48 SIP Proxy Server 9.2.3.3 SIP Re direct Server A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends the translated IP address back to th e device that sent the request. Then the client device that originally sent [...]

  • Página 135

    Prestige 2602HW Series User’s Guide Chapter 9 Introdu ction to VoIP 135 Figure 49 SIP Redirect Server 9.2.3.4 SIP Re gister Server A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your u ser name and password when you register . 9.2.4 RTP When you make a V oIP call using[...]

  • Página 136

    Prestige 2602HW Series User’ s Guide 136 Chapter 9 Intr oduction to VoIP 9.5 V oice Coding A codec (coder/decoder) codes anal og voice signals into digital signals and decodes the digital signals back into voice signals. The Prestige supports the following c odecs. 9.5.1 G .71 1 G .71 1 is a Pulse Code Mod ulation (PCM) waveform codec. G .71 1 pr[...]

  • Página 137

    Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 137 C HAPTER 10 V oice Screens This chapter describes how to configure advanced V oIP , QoS, phone and phone book setting s. 10.1 V oice Screens Introduction This chapter covers th e configuration of the Vo I P screens. 10.2 SIP Settings Configuration Click Vo i c e in the navigation p[...]

  • Página 138

    Prestige 2602HW Series User’ s Guide 138 Chapter 10 Voice Screens 10.3 Advanced V oice Settings Configuration Click Vo i c e in the navigation panel and then SIP Settings to open the SIP Settings screen. Select a SIP account and then click Settings to display the following screen. Table 33 SIP Settings LABEL DESCRIPTION SIP Account Y ou can confi[...]

  • Página 139

    Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 139 Figure 51 V oice Advanc ed Setup The following table describes the labels in this screen. Table 34 Voice Advanced Setup LABEL DESCRIPTION Advanced V oIP Settings This read-only field displays th e num ber of the SIP account that you a re configuring. The changes that you save in th[...]

  • Página 140

    Prestige 2602HW Series User’ s Guide 140 Chapter 10 Voice Screens 10.4 Quality of Service (QoS) Quality of Service (QoS) refers to both a networ k's ability to deliver data with minimum delay , and the networking methods used to provide ba ndwidth for real-time mu ltimedia applications. 10.4.1 T ype Of Service (T oS) Network traffic can be c[...]

  • Página 141

    Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 141 10.4.2 DiffServ DiffServ is a class of service (CoS) mode l that ma rks pac kets so that they receive specific per - hop treatment at DiffServ-compliant network de vices along the route based on the application types and traf fic flow . Packets are marke d with Di ffServ Code Point[...]

  • Página 142

    Prestige 2602HW Series User’ s Guide 142 Chapter 10 Voice Screens Figure 53 QoS The following table describes the labels in this screen. 10.6 Phone Y ou can configure the volume, ec ho cancellation and V AD settings for each individual phone port on the Prestige. Y ou can also select whic h SIP account to use fo r making outgoing calls. Table 35 [...]

  • Página 143

    Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 143 10.6.1 V oice Activity D etection/Silence Suppression V oice Activity Detection (V AD) detects whether or not speech is present. This lets the Prestige reduce the bandwidth that a call uses by not transmitting “sile nt packets” when you are not speaking. 10.6.2 Comfort Noise Ge[...]

  • Página 144

    Prestige 2602HW Series User’ s Guide 144 Chapter 10 Voice Screens The following table describes the labels in this screen. 10.8 S peed Dial Speed dial provides shortcuts for dialin g frequently used (V oIP) phone numbers. 10.8.1 Peer-to-Peer Calls Y ou can call another V oIP device directly with out going throug h a SIP server . Y ou must set up [...]

  • Página 145

    Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 145 10.9 S peed Dial Configuration Click Vo i c e in the navigati on panel and then Speed Dial to display the following screen. Figure 55 S peed Dial The following table describes the labels in this screen. Table 37 Speed Dia l LABEL DESCRIPTION Add New Entry Use this section of the sc[...]

  • Página 146

    Prestige 2602HW Series User’ s Guide 146 Chapter 10 Voice Screens 10.10 Lifeline (Prestige 2602HW -L) W ith lifeline you can make and receive regula r phone calls. Use a prefix number to make a regular call. When the Prestige 2602HW -L does not have power , you can make regular call s without dialing a prefix n umber . Y ou can also specify phone[...]

  • Página 147

    Prestige 2602HW Series User’s Guide Chapter 10 Vo ice Screens 147 Figure 56 Lifeline The following table describes the labels in this screen. 10.12 Common Phone Port Configuration Click PHONE in the navigation panel an d then Common to display the following screen. Use this screen to configure ge neral phon e port setting s. Table 38 Lifeline LAB[...]

  • Página 148

    Prestige 2602HW Series User’ s Guide 148 Chapter 10 Voice Screens Figure 57 Phone Port Common The following table describes the labels in this screen. Table 39 Phone Port Common LABEL DESCRIPTION Country Settings Use the drop-down list box to sele ct the country wh ere your P restige is located. Immediate Dial Use immediate dial to have the Pr es[...]

  • Página 149

    Prestige 2602HW Series User’s Guide Chapter 11 Dynamic DNS Setup 149 C HAPTER 11 Dynamic DNS Setup This chapter discusses how to configure your Prestige to use Dynamic DNS. 1 1 .1 Dynamic DNS Dynamic DNS allows you to update your curre nt dynamic IP address with one or many dynamic DNS services so that anyone can c ont act you (in NetMe eting, CU[...]

  • Página 150

    Prestige 2602HW Series User’ s Guide 150 Chapter 1 1 Dynamic DNS Setup Figure 58 Dynamic DNS The following table describes the fields in this screen. Table 40 Dynamic DNS LABEL DESCRIPTION Active Select this check box to use dynamic DNS. Service Provider This is the name of your Dynami c DNS service provi der . Host Names T ype the domain name as[...]

  • Página 151

    Prestige 2602HW Series User’s Guide Chapter 12 Time and Date 151 C HAPTER 12 T ime and Date Use this screen to configure the Prestige’ s time and date settings. 12.1 Pre-defined NTP T ime Servers List The Prestige uses the following pre-defined list of NTP time servers if you do not specify a time server or it cannot synch ronize with the time [...]

  • Página 152

    Prestige 2602HW Series User’ s Guide 152 Chapter 12 Time and Da te Figure 59 T ime and Date The following table describes the fields in this screen. Table 42 T ime and Date LABEL DESCRIPTION T ime Server Use Protocol when Bootup Select the time service protocol that your time server sends when you turn on the Prestige. Not all time servers suppor[...]

  • Página 153

    Prestige 2602HW Series User’s Guide Chapter 12 Time and Date 153 S tart Date Enter the month and day that your daylight -savings time start s on if yo u selected Daylight Savings . End Date Ente r the month and day that your daylig ht-savings time ends on if you selected Daylight Savings . Synchronize system clock with T ime Server now . Select t[...]

  • Página 154

    Prestige 2602HW Series User’ s Guide 154 Chapter 12 Time and Da te[...]

  • Página 155

    Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 155 C HAPTER 13 Firewalls This chapter gives some backgr ound information on firewalls and introduces the Prestige firewall. 13.1 Firewall Overview Originally , the term firewall referred to a construction techni que designed to prevent the spread of fire from one room to another . The ne t[...]

  • Página 156

    Prestige 2602HW Series User’ s Guide 156 Chapter 13 Firewalls Information hiding prevents the names of in ternal systems from being made known via DNS to outside systems, since the ap plication gateway is the only ho st whose name must be m ade known to outside systems. Robust authentication and logging pre-authenticates application traffic befor[...]

  • Página 157

    Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 157 13.3.1 Denial of Service Att acks Figure 60 Prestige Firewall Application 13.4 Denial of Service Denials of Service (DoS) attacks are aimed at devices and networks w ith a connection to the Internet. Their goal is not to st eal in formation, but to disabl e a device or ne twork so users[...]

  • Página 158

    Prestige 2602HW Series User’ s Guide 158 Chapter 13 Firewalls 13.4.2 T ypes of DoS Att acks There are four types of DoS attacks: 1 Those that exploit bugs in a TCP/IP implementation. 2 Those that exploit weaknesses in the TCP/IP specification. 3 Brute-force attacks that flood a network with useless data. 4 IP Spoofing. 5 " Ping of Death &quo[...]

  • Página 159

    Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 159 Figure 61 Three-W ay Handshake Under normal circumstances, the applica tion that initiates a session sends a SYN (synchronize) packet to the receiving server . The receiver sends back an ACK (acknowledgment) packet and its own SYN, and then the in itiator responds with an ACK (acknowled[...]

  • Página 160

    Prestige 2602HW Series User’ s Guide 160 Chapter 13 Firewalls amount of ICMP echo request and response traffic. If a hacker chooses to spoof the source IP address of the ICMP echo request packet, the resulting ICMP traffic will not only clog up the "intermedi ary" network, b ut will also congest the network of the spoofed source IP addr[...]

  • Página 161

    Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 161 13.4.2.3 T raceroute T raceroute is a utility used to determine th e path a packet takes between two endpoints. Sometimes when a packet filter firewall is conf igured incorrectly an at tacker can traceroute the firewall gaining knowledge of the network topology inside the firewall. Ofte[...]

  • Página 162

    Prestige 2602HW Series User’ s Guide 162 Chapter 13 Firewalls Figure 64 S tateful Inspection The previous figure shows the Prestige’ s default firewall rules in action as well as demonstrates how stateful inspection works. User A can initiate a T elnet session from within the LAN and responses to this request are allowe d. However other T elnet[...]

  • Página 163

    Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 163 temporary entries might be modified, in order to permit only packets that are valid for the current state o f the conn ection. 8 Any additional inbound or outb ound packets that belong to the connection are inspected to update the state table entry and to modify the temporary inbound ac[...]

  • Página 164

    Prestige 2602HW Series User’ s Guide 164 Chapter 13 Firewalls When the Prestige receives any subsequent packet (from the In ternet or from the LAN), its connection information is extracted and checked against the cache. A packet is only allowed to pass through if it corresponds to a valid connection (that is, if i t is a response to a connection [...]

  • Página 165

    Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 165 • Limit who can telnet into your router . • Don't enable any local service (such as SN MP or NTP) that you don't use. Any enab led service could present a potential sec urity risk. A determined hacker might be able to find creative ways to misuse the enabled services to ac[...]

  • Página 166

    Prestige 2602HW Series User’ s Guide 166 Chapter 13 Firewalls • Always shred confidential in formation, particularly about your computer , before throwing it away . Some hackers dig through the trash of companies or individuals for information that might he lp them in an attack. 13.7 Packet Filtering Vs Firewall Below are some comparisons betwe[...]

  • Página 167

    Prestige 2602HW Series User’s Guide Chapter 13 Firewalls 167 • A range of source an d destination IP address es as well as port numbers can be specified within one firewall rule making the fire wall a better choice when complex rules are required. • T o selectively block/allow inbound or out bound traf fic between inside host/networks and out[...]

  • Página 168

    Prestige 2602HW Series User’ s Guide 168 Chapter 13 Firewalls[...]

  • Página 169

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 169 C HAPTER 14 Firewall Configuration This chapter shows you how to enable and configure the Prestige firewall. 14.1 Access Methods The web configurator is, by far , the most co mprehensive firewall configuration tool yo ur Prestige has to offer . For this reason, it is reco [...]

  • Página 170

    Prestige 2602HW Series User’ s Guide 170 Chapter 14 Firewall Configuration Note: If you configure firewall rules wit hout a good underst anding of how they work, you might inadvertently introduce securi ty risks to the f irewall and to the protected network. Make sure you test your rules af ter you configure them. For example, you may create rule[...]

  • Página 171

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 171 4 Does a rule that allows Internet users acces s to resources on the LAN create a security vulnerability? For example, if FTP ports (TCP 20, 21) are al lowed from the Internet to t he LAN, Internet users may be able to connect to computers with running FTP servers. 5 Does [...]

  • Página 172

    Prestige 2602HW Series User’ s Guide 172 Chapter 14 Firewall Configuration 14.4.1 LAN to W AN Rules The default rule for LAN to W AN traffic is that all use rs on the LAN are allowed non- restricted access to the W AN. When you config ure a LAN to W AN rule, you in essence want to limit some or all users from accessing cer tain services on the W [...]

  • Página 173

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 173 14.4.3 Alert s Alerts are reports on events, such as attacks, that you may want to know about right away . Y ou can choose to generate an alert when an attack is detected in the Edit Rule screen ( select the Send Alert Message to Administrator When Matched check box) or wh[...]

  • Página 174

    Prestige 2602HW Series User’ s Guide 174 Chapter 14 Firewall Configuration 14.6 Rule Summary Note: The ordering of your rule s is very import ant as rules are app lied in turn. Click on Fire wall , then Rule Summary to bring up the following screen. This screen is a summary of the existing rules. Note the order in which the rules are listed. Defa[...]

  • Página 175

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 175 Figure 68 Firewall: Rule Summary Table 48 Rule Summary LABEL DESCRIPTION Firewall Rules S torage Sp ace in Use This read-only bar shows how much of the Prestige' s memory for recording firewall rules it is currently using. When you are using 80% or less of the storage[...]

  • Página 176

    Prestige 2602HW Series User’ s Guide 176 Chapter 14 Firewall Configuration 14.6.1 Configuring Firewall Rules Follow these directions to create a new rule. 1 In the Rule Summary screen, type the index number for where you want to put the rule. For example, if you type “6”, your new rule becomes number 6 and the previous rule 6 (i f there is on[...]

  • Página 177

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 177 Figure 69 Firewall: Edit Rule The following table describes the labels in this screen.[...]

  • Página 178

    Prestige 2602HW Series User’ s Guide 178 Chapter 14 Firewall Configuration Table 49 Firewall: Edit Rule LABEL DESCRIPTION Active Select this option to ena ble this firewall rule. Action for Matched Packet Use the radio button to select whether to disca rd ( Block ) or allow th e passage of ( Forward ) packets that match this rule. Source/Destinat[...]

  • Página 179

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 179 14.7 Customized Services Configure customized services and port numb ers not predefined by the Prestige. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website. For further inform ation on these services, please r[...]

  • Página 180

    Prestige 2602HW Series User’ s Guide 180 Chapter 14 Firewall Configuration Figure 71 Firewall: Configure Customized Services The following table describes the labels in this screen. 14.9 Example Firewall Rule The following Internet firewa ll rule example allows a hypot hetical “My Service” connection from the Internet. 1 Click Fir ewall in th[...]

  • Página 181

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 181 Figure 72 Firewall Example: Rule Summary 3 In the Rule Summary screen, type the index number for where you want to put the rule. For example, if you type “6”, your new rule becomes number 6 and the previous rule 6 (i f there is one) becomes rule 7. 4 Click Inser t to d[...]

  • Página 182

    Prestige 2602HW Series User’ s Guide 182 Chapter 14 Firewall Configuration Figure 73 Firewall Example: Edit Ru le: Des tination Address 7 In the Edit Rule screen, click the Edit Customized Services link to open the Customized Services screen. 8 Click the number of a customized service to open the configuratio n screen. Configure it as follows and[...]

  • Página 183

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 183 Figure 75 Firewall Example: Edit Rule: Select Customized Services Note: Custom ports show up with an “*” before their names in the Services list b ox and the Rule Summary list box. Click Apply after you’ve created your custom port. On completing the configuration pro[...]

  • Página 184

    Prestige 2602HW Series User’ s Guide 184 Chapter 14 Firewall Configuration Figure 76 Firewall Example: Rule Summary: My Service 14.10 Predefined Services The A vailable Services list box in the Edit Rule screen (see Section 1 4.6.1 on page 176 ) displays all predefined services that the Prestig e already supports. Next to the name of th e service[...]

  • Página 185

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 185 HTTP(TCP:80) Hyper T ext Transfer Protocol - a cl ient/server protocol for the world wide web. HTTPS HTTPS is a secured ht tp session of ten used in e-commerce. ICQ(UDP:4000) This is a popular Internet chat program. IPSEC_TRANSPORT/ TUNNEL(AH:0) The IPSEC AH (Authentica ti[...]

  • Página 186

    Prestige 2602HW Series User’ s Guide 186 Chapter 14 Firewall Configuration 14.1 1 Anti-Probing If an outside user attempts to probe an unsupp orted port on your Prestige, an ICMP respon se packet is automatically returned. This allows the outside user to know the Prestige exists. The Prestige supports anti-probing, which prevents the ICMP respons[...]

  • Página 187

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 187 Figure 77 Firewall: Anti Probing The following table describes the labels in this screen. 14.12 DOS Thresholds For DoS attacks, the Prestige uses thresholds to determine when to drop s essions that do not become fully established. These threshol ds apply globally to all se[...]

  • Página 188

    Prestige 2602HW Series User’ s Guide 188 Chapter 14 Firewall Configuration 14.12.1 Threshold V alues T une these parameters when some thing is not working an d after you have checked the firewall counters. These default values sh ould work fine for most small offices. Factors influencing choices for threshold values are: • The maximum number of[...]

  • Página 189

    Prestige 2602HW Series User’s Guide Chapter 14 Firewall Configurat ion 189 Whenever the number of half-o pen sessions with the same destin ation host address rises above a threshold ( TCP Maximum Incomplete ), the Prestige starts deleting half-open sessions according to one of the following methods: • If the Blocking Time timeout is 0 (the defa[...]

  • Página 190

    Prestige 2602HW Series User’ s Guide 190 Chapter 14 Firewall Configuration One Minute High This is the rate of new half-ope n sessions that causes the firewall to start deleting half-open sessions. When the rate of new connection attempts rises above this number , the Prestige deletes half-open sessions as required to accommodate new connection a[...]

  • Página 191

    Prestige 2602HW Series User’s Guide Chapter 15 Content Filtering 191 C HAPTER 15 Content Filtering This chapter covers how to configure content filtering. 15.1 Content Filtering Overview Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering gives you the ab ility to block we[...]

  • Página 192

    Prestige 2602HW Series User’ s Guide 192 Chapter 15 Content Filtering Figure 79 Content Filter: Keyword The following table describes the labels in this screen. 15.3 Configuring the Schedule T o set the days and times for the Prestige to perform content filtering, click Con tent Filter and Schedule . The screen appears as shown. Table 55 Content [...]

  • Página 193

    Prestige 2602HW Series User’s Guide Chapter 15 Content Filtering 193 Figure 80 Content Filter: Schedule The following table describes the labels in this screen. 15.4 Configuring T rusted Computers T o exclude a range of users on the LAN from content filtering on your Prestige, click Content Filter and Tr u s t e d . The screen appears as shown. T[...]

  • Página 194

    Prestige 2602HW Series User’ s Guide 194 Chapter 15 Content Filtering Figure 81 Content Filter: T rusted The following table describes the labels in this screen. Table 57 Content Filter: T rusted LABEL DESCRIPTION T rusted User IP Range From T ype the IP address of a computer (or the beginning IP address of a specific range of computers) on the L[...]

  • Página 195

    Prestige 2602HW Series User’s Guide Chapter 16 Introduction to IPSec 195 C HAPTER 16 Introduction to IPSec This chapter introduces the basics of IPSec VPNs. 16.1 VPN Overview A VPN (V irtual Private Network) provides sec ure communications betw een sites without the expense of leased site-to-site lines. A secure VP N is a combination of tunneling[...]

  • Página 196

    Prestige 2602HW Series User’ s Guide 196 Chapter 1 6 Introduction t o IPSec Figure 82 Encryption and Decryption 16.1.3.2 Dat a Confidentiality The IPSec sender can encrypt packets befo re transmitting them across a network. 16.1.3.3 Dat a Integrity The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not be[...]

  • Página 197

    Prestige 2602HW Series User’s Guide Chapter 16 Introduction to IPSec 197 16.2 IPSec Architecture The overall IPSec architect ure is shown as follows. Figure 83 IPSec Architecture 16.2.1 IPSec Algorithms The ESP (Encapsulating Security Payload) Pro tocol (RFC 2406 ) and AH (Authentication Header) protocol (RFC 2402 ) describe the packet formats an[...]

  • Página 198

    Prestige 2602HW Series User’ s Guide 198 Chapter 1 6 Introduction t o IPSec Figure 84 T ransport and T unnel Mode IPSec Encap sulation 16.3.1 T ransport Mode Tr a n s p o r t mode is used to protect up per layer prot ocols and only af fects the data in the IP packet. In Tr a n s p o r t mode, the IP packet conta ins the security protocol ( AH or [...]

  • Página 199

    Prestige 2602HW Series User’s Guide Chapter 16 Introduction to IPSec 199 NA T is incompatible with the AH protocol in both Tr a n s p o r t and T unnel mode. An IPSec VPN using the AH protocol digitally sig ns the outbound packet, both data payload and headers, with a hash value appe nded to the pack et. When using AH protoc ol, packet contents ([...]

  • Página 200

    Prestige 2602HW Series User’ s Guide 200 Chapter 1 6 Introduction t o IPSec[...]

  • Página 201

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 201 C HAPTER 17 VPN Screens This chapter introduces the VPN screens. See th e chapter on logs for information on viewing logs and the appendix on l ogs for IPSec log descriptions. 17.1 VPN/IPSec Overview Use the screens documented in this chapter to configure rules for VPN connections and[...]

  • Página 202

    Prestige 2602HW Series User’ s Guide 202 Chapter 17 VP N Screens 17.2.2 ESP (Encap sulating Security Payload) Protocol The ESP protocol (RF C 2406) provides encryptio n as well as the services offered by AH . ESP authenticating properties are limited compared to the AH due to the non-inclusion of the IP header information during the au thenticati[...]

  • Página 203

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 203 • If the W AN connection goes down, the Prestige uses the dial backup IP address for the VPN tunnel when usin g dial backup or the LAN IP address when using traf fic redirect. See the chapter on W AN for details on dial backup and traf fic redirect. 17.4 Secure Gateway Address Secur[...]

  • Página 204

    Prestige 2602HW Series User’ s Guide 204 Chapter 17 VP N Screens Click VPN and Setup to open the VPN Summary screen. This is a re ad-only menu of your IPSec rules (tunnels). The IPSec summa ry menu is read-only . Edit a VPN by selecting an index number and then con figuring its associated su bmenus. Figure 86 VPN Summary The following table descr[...]

  • Página 205

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 205 17.6 Keep Alive When you initiate an IPSec tunnel with keep alive enabled, the Prestige automatically renegotiates the tunnel wh en the IPSec SA lifetime period expires (see Section 17.12 on page 214 for more on the IPSec SA lifetime). In ef fe ct, the IPSec tunnel becomes an “alway[...]

  • Página 206

    Prestige 2602HW Series User’ s Guide 206 Chapter 17 VP N Screens The following figure depicts an example wher e three VPN tunnels are created from Prestige A; one to branch of fice 2, one to branch office 3 and another to headqu arters. In order to access computers that use private domain na mes on the headquarters (HQ) network, the Prestige at b[...]

  • Página 207

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 207 17.8.1 NA T T raversal Configuration For NA T traversal to work you must: • Use ESP security protocol (in either transport or tunnel mode). • Use IKE keying mode. • Enable NA T traversal on both IPSec endpoints. In order for IPSec router A (see Figure 88 on page 206 ) to receive[...]

  • Página 208

    Prestige 2602HW Series User’ s Guide 208 Chapter 17 VP N Screens 17.9.1 ID T ype and Content Examples T wo IPSec routers must have matching ID type and content configuration in order to set up a VPN tunnel. The two Prestiges in this ex ample can complete negotiation and establish a VPN tunnel. T able 61 Local ID T ype and Content Fields LOCAL ID [...]

  • Página 209

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 209 The two Prestiges in this ex ample cannot complete their negotiation because Prestige B’ s Local ID type is IP , but Prestige A ’ s Peer ID type is set to E-mail . An “ID mismatche d” message displays in the IPSEC LOG . 17.10 Pre-Shared Key A pre-shared key identifies a commun[...]

  • Página 210

    Prestige 2602HW Series User’ s Guide 210 Chapter 17 VP N Screens Figure 89 VPN IKE The following table describes the fields in this screen.[...]

  • Página 211

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 211 Table 65 VPN IKE LABEL DESCRIPTION IPSec Setup Active Select this check box to activate this VPN policy . This option determines whether a VPN rule is applied before a packet leaves the firewall. Keep Alive Select either Ye s or No from the drop-down list box. Select Ye s to have the [...]

  • Página 212

    Prestige 2602HW Series User’ s Guide 212 Chapter 17 VP N Screens IP Address S tart When the Lo cal Address T yp e field is configured to Singl e , enter a (static) IP address on the LAN behind your Prestige. When the Lo cal Address T ype field is configured to Range , enter the beginning (static) IP address, in a range of computers on your LAN be[...]

  • Página 213

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 213 My IP Address Enter the WAN IP address of your Prestige. The VPN tunnel has to be rebuilt if this IP address changes. The following applies if this field is configured as 0.0.0.0 : The Prestige uses the current Prestige WAN IP address (static or dynamic) to set up the VPN tunnel. If t[...]

  • Página 214

    Prestige 2602HW Series User’ s Guide 214 Chapter 17 VP N Screens 17.12 IKE Phases There are two phases to every IKE (Internet Key Exchange) ne gotiation – phase 1 (Authentication) and ph ase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate SAs for IPSe c. Pre-Shared Key T ype your pre-share[...]

  • Página 215

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 215 Figure 90 T wo Phases to Set Up the IPSec S A In phase 1 you must: • Choose a negotiation mode. • Authenticate the connection by entering a pre-shared key . • Choose an encryption algorithm. • Choose an authentication algorithm. • Choose a Dif fie-Hellman public-key cryptogr[...]

  • Página 216

    Prestige 2602HW Series User’ s Guide 216 Chapter 17 VP N Screens 17.12.1 Negotiation Mode The phase 1 Negotiation Mode you select determines how the Security Association (SA) will be established for each conn ection through IKE negotiations. • Main Mode ensures the highest level of security when the communi cating parties are negotiating authen[...]

  • Página 217

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 217 Figure 91 VPN IKE: Advanced Setup The following table describes the fields in this screen. Table 66 VPN IKE: Advanced Setup LABEL DESCRIPTION VPN - IKE Protocol Enter 1 for ICMP , 6 for TCP , 17 for UDP , etc. 0 is the default and signi fies any protocol. Enable Replay Protec tion As [...]

  • Página 218

    Prestige 2602HW Series User’ s Guide 218 Chapter 17 VP N Screens Remote S tart Port 0 is the default and signifies any port. T y pe a port number from 0 to 65535. Some of the mo st common I P port s are: 2 1, FTP; 53, DNS; 23, T elnet; 80, HTTP; 25, SMTP; 1 10, POP3. End Enter a port number in this field to defin e a port range. This port number [...]

  • Página 219

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 219 17.14 Manual Key Setup Manual key managemen t is useful if you have problems with IKE key mana gement. 17.14.1 Security Parameter Index (SPI) An SPI is used to distinguish dif ferent SAs te rminating at the same de stination and using the same IPSec protocol. This data allows for the [...]

  • Página 220

    Prestige 2602HW Series User’ s Guide 220 Chapter 17 VP N Screens 17.15 Configuring Manual Key Y ou only configure VPN Man ual Key when you select Manual in the IPSec Key Mode field on the VPN IKE screen. This is the VPN Manual Key screen as shown next. Figure 92 VPN: Manual Key The following table describes the fields in this screen.[...]

  • Página 221

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 221 Table 67 VPN: Manual Key LABEL DESCRIPTION IPSec Setup Active Select this check box to activate this VPN policy . Name T ype up to 32 characters to identify this VPN policy . Y ou may use any character , including spaces, but the Prestige drops trailing spaces. IPSec Key Mode Select I[...]

  • Página 222

    Prestige 2602HW Series User’ s Guide 222 Chapter 17 VP N Screens End / Subnet Mask When the Remote Address T ype field is configured to Single , this field is N/A. When the Remote Ad dress T ype field is configured to Range , enter the end (static) IP address, in a range of computers on the network behind the remote IPSec router . When the Remote[...]

  • Página 223

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 223 17.16 V iewing SA Monitor Click VPN and Monitor to open the SA Monitor screen as shown. Use this screen to display and manage activ e VPN conn ections. A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel. This screen displays active VPN con[...]

  • Página 224

    Prestige 2602HW Series User’ s Guide 224 Chapter 17 VP N Screens Figure 93 VPN: SA Monitor The following table describes the fields in this screen. Table 68 VPN: SA Monitor LABEL DESCRIPTION No This is the security association index nu mber . Name This field displays the identifi cation name for this VPN policy . Encapsulation This field displays[...]

  • Página 225

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 225 17.17 Configuring Global Setting T o change your Prestige’ s global settings, click VPN and the n Global Setting . The screen appears as shown. Figure 94 VPN: Global Setting The following table describes the fields in this screen. 17.18 T elecommuter VPN/IPSec Examples The following[...]

  • Página 226

    Prestige 2602HW Series User’ s Guide 226 Chapter 17 VP N Screens Figure 95 T elecommuters Sharing One VPN Rule Example 17.18.2 T elecommuters Usin g Unique VPN Rules Example In this example the telecommuters (A, B and C in the figure) use IPSec routers with domain names that are mapped to their dynamic W AN IP addresses (use Dynamic DNS to do thi[...]

  • Página 227

    Prestige 2602HW Series User’s Guide Chapter 17 VPN Screens 227 Figure 96 T elecommuters Using Unique VPN Rules Example Table 71 T elecommuters Using Unique VPN Rules Example T ELECOMMUTERS HEADQUARTERS All T elecommu ter Rules: All Headquarters Rules: My IP Address 0.0.0. 0 My IP Address: bigcompanyhq.com Secure Gateway Address: bigcompanyhq.com [...]

  • Página 228

    Prestige 2602HW Series User’ s Guide 228 Chapter 17 VP N Screens 17.19 VPN and Remote Management If a VPN tunnel uses T elnet, FTP , WWW , then you should configure remo te management ( Remote Management ) to allow access for that service.[...]

  • Página 229

    Prestige 2602HW Series User’s Guide Chapter 18 Remote M anagement Configura tion 229 C HAPTER 18 Remote Management Configuration This chapter provides information on config uring remote management. 18.1 Remote Management Overview Remote management allows you to determ ine which services/protocols can access which Prestige interface (if any) from [...]

  • Página 230

    Prestige 2602HW Series User’ s Guide 230 Chapter 18 Remote Manag ement Configuration • A filter in SMT menu 3.1 (LAN) or in menu 1 1 .5 (W AN) is applied to block a T elnet, FTP or W eb service. • Y ou have disabled that service in one of the remote management screens. • The IP address in the Secured Client IP field does not match th e clie[...]

  • Página 231

    Prestige 2602HW Series User’s Guide Chapter 18 Remote M anagement Configura tion 231 18.4 W eb Y ou can use the Prestige’ s embedded web configurator for co nfiguration and file management. See the online help for details. 18.5 Configuring Remote Management Click Remote Management to open the following screen. Figure 98 Remote Manageme nt The f[...]

  • Página 232

    Prestige 2602HW Series User’ s Guide 232 Chapter 18 Remote Manag ement Configuration[...]

  • Página 233

    Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 233 C HAPTER 19 Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configura tor . 19.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-pee[...]

  • Página 234

    Prestige 2602HW Series User’ s Guide 234 Chapter 19 Universa l Plug-and-Play (UPnP) All UPnP-enabled devices may communicate freely with eac h other without additional configuration. Disable UPnP if this is not your intention. 19.2 UPnP and ZyXEL ZyXEL has achieved UPnP certification from th e Universal Plug and Play Forum Creates UPnP™ Impleme[...]

  • Página 235

    Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 235 19.3 Inst alling UPnP in Windows Example This section shows ho w to install UPnP in W indows Me and W indows XP . Inst alling UPnP in Windows Me Follow the steps below to inst all the UPnP in W indows Me. 1 Click St a r t and Control Panel . Double-click Add/Remove[...]

  • Página 236

    Prestige 2602HW Series User’ s Guide 236 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 100 Add/Remove Programs: Wind ows Setup: Communication 3 In the Communications window , select the Universal Plug and Play check box in the Components selection box. Figure 101 Add/Remove Programs: Wind ows Setup: Communicat ion: Component s 4 Click OK to g[...]

  • Página 237

    Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 237 Inst alling UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP . 1 Click St a r t and Control Panel . 2 Double-click Network Connections . 3 In the Network Connections window , click Advanced in the main menu and select Optional Networking [...]

  • Página 238

    Prestige 2602HW Series User’ s Guide 238 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 103 Windows Optiona l Networking Component s Wizard 5 In the Networking Services window , select the Universal Plug and Play check box.[...]

  • Página 239

    Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 239 Figure 104 Networking Services 6 Click OK to go back to the W indows Optional Networking Component W izard window and click Next . 19.4 Using UPnP in Windows XP Example This section shows yo u how to use the UPn P feature in W indows XP . Y ou must already have UPn[...]

  • Página 240

    Prestige 2602HW Series User’ s Guide 240 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 105 Network Connections 3 In the Internet Connection Properties window , click Se ttings to see the port mappings there were automatically created.[...]

  • Página 241

    Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 241 Figure 106 Internet Connection Properties 4 Y ou may edit or delete the port map pings or click Add to manually add port mappings.[...]

  • Página 242

    Prestige 2602HW Series User’ s Guide 242 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 107 Internet Connection Properties: Adva nced Settings Figure 108 Internet Connection Proper ties: Adva nced Settings: Add 5 When the UP nP-enabled device is disco nnected from your computer , all port mappings will be deleted automatically . 6 Select Show [...]

  • Página 243

    Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 243 Figure 109 System T ray Icon 7 Double-click on the icon to display yo ur curr ent Internet connection st atus. Figure 1 10 Internet Connection S tatus Web Configurator Eas y Access W ith UPnP , you can access the web-bas ed configur ator on the Prestige w ithout fi[...]

  • Página 244

    Prestige 2602HW Series User’ s Guide 244 Chapter 19 Universa l Plug-and-Play (UPnP) Figure 1 1 1 Network Connections 4 An icon with the description for e ach UPnP-enabled device displays unde r Local Network . 5 Right-click on the icon for your Prestige and select Invoke . The web configurator login screen displays.[...]

  • Página 245

    Prestige 2602HW Series User’s Guide Chapter 19 Universa l Plug-and-Play (UPnP) 245 Figure 1 12 Network Connections: My Network Places 6 Right-click on the icon for your Prestige and select Pr operties . A properties window displays with basic information about the Prestige. Figure 1 13 Network Connections: My Network Places: Properties: Exa mple[...]

  • Página 246

    Prestige 2602HW Series User’ s Guide 246 Chapter 19 Universa l Plug-and-Play (UPnP)[...]

  • Página 247

    Prestige 2602HW Series User’s Guide Chapter 20 Logs Scree ns 247 C HAPTER 20 Logs Screens This chapter contains inform ation about configuring genera l log settings and viewing the Prestige’ s logs. Refer to the appendix for example log message explanations. 20.1 Logs Overview The web confi gurator allows you to choose which c ategories of even[...]

  • Página 248

    Prestige 2602HW Series User’ s Guide 248 Chapter 20 Log s Screens Figure 1 14 Log Settings[...]

  • Página 249

    Prestige 2602HW Series User’s Guide Chapter 20 Logs Scree ns 249 The following table describes the fields in this screen. Table 74 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e -mail addresses specified below . If this field is left blank, logs and alert messages wil l[...]

  • Página 250

    Prestige 2602HW Series User’ s Guide 250 Chapter 20 Log s Screens 20.3 Displaying the Logs Click Logs and then Vi e w L o g to open the Vie w L o g s sc reen. Use the Vi e w L o g s screen to see the logs for the categorie s that you selected in the Log Settings screen (see Section 20.2 on page 247 ). Log entries in red indicate alerts . The log [...]

  • Página 251

    Prestige 2602HW Series User’s Guide Chapter 20 Logs Scree ns 251 E-mail error messages appear in SMT menu 24.3.1 as "SMTP action request failed. ret= ??". The “??"are described in the following table. 20.4.1 Example E-mail Log An "End of Log" message displays for each ma il in which a complete log has been sent. The fol[...]

  • Página 252

    Prestige 2602HW Series User’ s Guide 252 Chapter 20 Log s Screens Figure 1 16 E-mail Log Example Subject: Firewall Alert From Prestige Date: Fri, 07 Apr 2000 10:05:42 From: user@zyxel.com To: user@zyxel.com 1| Apr 7 00 |From:192.168.1.1 To:192.168.1.255 |default polic y |forward | 09:54:03 |UDP src port:00520 dest port:00520 |<1,00> | 2|Apr[...]

  • Página 253

    Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 253 C HAPTER 21 Maintenance This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics. 21.1 Maintenance Overview The maintenanc e screens can help you view system informa tion, upload new firmware, manage configuratio n and restart your[...]

  • Página 254

    Prestige 2602HW Series User’ s Guide 254 Chapter 21 Maintenance Figure 1 17 System S tatus[...]

  • Página 255

    Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 255 The following table describes the fields in this screen. Table 77 System S tatus LABEL DESCRIPTION System S tatus System Name This is the name of your Pre stige. It is for identification purposes. ZyNOS Firmware Ve r s i o n This is the ZyNOS firmware version and the date created. ZyN[...]

  • Página 256

    Prestige 2602HW Series User’ s Guide 256 Chapter 21 Maintenance 21.2.1 System St atistics Click Show S tatistics in the System S tatus screen to open the following screen. Read-only information here includes port status and packet specific statistics. Also provided are "system up time" and "poll interval(s)". The Poll Interval[...]

  • Página 257

    Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 257 21.3 DHCP T able Screen DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows in dividual clients to obtain TCP/IP configuration at star t-up from a server . Y ou can configure the Prestige as a DHCP server or disable it. When configured as a server, the Prestige p[...]

  • Página 258

    Prestige 2602HW Series User’ s Guide 258 Chapter 21 Maintenance Figure 1 19 DHCP T able The following table describes the fields in this screen. 21.4 Any IP T able Screen Click Maintenance , Any IP . The Any IP table shows cu rrent read-only information (including the IP address and the MAC address) of all network devices th at use the Any IP fea[...]

  • Página 259

    Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 259 21.5 Wireless Screen The read-only screen displays informa tion about the Prestige’ s wireless LAN. 21.5.1 Association List This screen displays the MAC address(es) of the wireless stations that are currently logged in to the network. Click Wir eless LAN and then Association List to[...]

  • Página 260

    Prestige 2602HW Series User’ s Guide 260 Chapter 21 Maintenance 21.6 Diagnostic Screens These read-only screens display information to help you identify proble ms with the Prestige. 21.6.1 Diagnostic General Screen Click Diagnostic and then General to open the screen sho wn next. Figure 122 Diagnostic: General The following table describes the fi[...]

  • Página 261

    Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 261 Figure 123 Diagnostic: DSL Line The following table describes the fields in this screen. Table 83 Diagnostic: DSL Line LABEL DESCRIPTION Reset ADSL Line Click this button to reinitialize the ADSL line. The large text box above then displays the progress and results of this operation, [...]

  • Página 262

    Prestige 2602HW Series User’ s Guide 262 Chapter 21 Maintenance 21.7 Firmware Screen Find firmware at www .zyxel.com in a file that (usually) uses the system model name with a "*.bin" extension, e.g., "Prestige.bin". The upload process uses HTTP (Hypertext T ransfer Protocol) and may take up to two minutes. Afte r a successful[...]

  • Página 263

    Prestige 2602HW Series User’s Guide Chapter 21 Maintenance 263 The Prestige automatically restarts in this time causing a temporary networ k disconnect. In some operating systems, you may see the following icon on your desktop. Figure 125 Network T emporarily Disconnected After two minutes, log in again an d check your new firmware version in the[...]

  • Página 264

    Prestige 2602HW Series User’ s Guide 264 Chapter 21 Maintenance[...]

  • Página 265

    Prestige 2602HW Series User’s Guide Chapter 22 Intro ducing the SMT 265 C HAPTER 22 Introducing the SMT This chapter explains how to access and na viga te the System Management T erminal and gives an overview of its menus. 22.1 Introduction to the SMT T he Prestige’ s SMT (System Ma nagement T erminal) is a menu-driven interface that you c an a[...]

  • Página 266

    Prestige 2602HW Series User’ s Guide 266 Cha pter 22 Introd ucing the SMT Figure 127 Initial Screen 22.2.2 Entering the Password The login screen appears after you press [ENTER] , prompting you to enter the password, as shown below . For your first login, en ter the default password “ 1234 ”. As you type the password, the screen displays an ?[...]

  • Página 267

    Prestige 2602HW Series User’s Guide Chapter 22 Intro ducing the SMT 267 22.2.4 Entering Password The login screen appears after you press [ENTER] , prompting you to enter the password, as shown next. For your first login, en ter the default password " 1234 ". As you type the password, the screen displays an asterisk " * " for [...]

  • Página 268

    Prestige 2602HW Series User’ s Guide 268 Cha pter 22 Introd ucing the SMT After you enter the password, the SMT di splays the main menu, as shown next. 22.3.1 System Manage ment T erminal Interface Summary Save your configuration [ENTER] S ave your configuration by pressing [ENTER] at the message "Press ENTER to confirm or ESC to cancel"[...]

  • Página 269

    Prestige 2602HW Series User’s Guide Chapter 22 Intro ducing the SMT 269 22.3.2 SMT Menus Overview The following table gi ves you an overview o f your Prestige’ s various SMT menus. 24 System Maintenance This menu provides syst em status, diagnostics, software upload, etc. 25 IP Routing Policy Setup Use this me nu to configure your IP routing po[...]

  • Página 270

    Prestige 2602HW Series User’ s Guide 270 Cha pter 22 Introd ucing the SMT 22.4 Changing the System Password Change the P restige defa u lt password by following the steps show n next. 21 Filter an d Firewall Rule Setup 21.1 Filter Setup 21.1 Filter Rules Summary 21.1.x.1 Generic Filter Rule 21.1.x.1 TCP/ IP Filter Rule 21.1 Firewall Setup 22 SNMP[...]

  • Página 271

    Prestige 2602HW Series User’s Guide Chapter 22 Intro ducing the SMT 271 1 Enter 23 in the main menu to display Menu 23 - System Securi ty . 2 Enter 1 to display Menu 23.1 - System Security - Change Password as shown next. 3 T ype your existing system password in the Old Password field, for example “ 1234 ", and press [ENTER] . Figure 130 M[...]

  • Página 272

    Prestige 2602HW Series User’ s Guide 272 Cha pter 22 Introd ucing the SMT[...]

  • Página 273

    Prestige 2602HW Series User’s Guide Chapter 23 Menu 1 General Setup 273 C HAPTER 23 Menu 1 General Setup Menu 1 - General Setup contains administra tive an d system-related information. 23.1 General Setup Menu 1 — General Setup contains administrative and system-related information (shown next). The System Name field is for identification purpo[...]

  • Página 274

    Prestige 2602HW Series User’ s Guide 274 Chapter 23 Menu 1 General Setup Figure 131 Menu 1 General Setu p Fill in the required fields. Refer to the tabl e shown next for more information about these fields. 23.2.1 Procedure to Configure Dynamic DNS Note: If you have a private W AN IP address, then you cannot use dynamic DNS. T o configu re dynami[...]

  • Página 275

    Prestige 2602HW Series User’s Guide Chapter 23 Menu 1 General Setup 275 Figure 132 Menu 1.1 Configure Dyn amic DNS Follow the instructions in the next tabl e to configure dynamic DNS parameters. Menu 1.1 - Configure Dynamic DNS Service Provider= WWW.DynDNS.ORG Active= No Host= EMAIL= USER= Password= ******** Enable Wildcard= No Press ENTER to Con[...]

  • Página 276

    Prestige 2602HW Series User’ s Guide 276 Chapter 23 Menu 1 General Setup[...]

  • Página 277

    Prestige 2602HW Series User’s Guide Chapter 24 Menu 2 WAN Backup Setup 277 C HAPTER 24 Menu 2 W AN Backup Setup This chapter describes how to co nfigure traffic redirect and dial-backup using me nu 2 and 2.1. 24.1 Introduction to W AN Backup Setup This chapter explains how to configure the Prestige for traf fic redirect connections. 24.2 Configur[...]

  • Página 278

    Prestige 2602HW Series User’ s Guide 278 Chapter 24 Menu 2 WAN Backup Setup 24.2.1 T raffic Redirect Setup Configure parameters that determine when th e Prestige will forward W AN traffic to the backup gateway using Menu 2.1 — T raffic Redir ect Setup . Figure 134 Menu 2.1 T raffic Redirect Setup The following table describes the fields in this[...]

  • Página 279

    Prestige 2602HW Series User’s Guide Chapter 24 Menu 2 WAN Backup Setup 279 Metric Th is field sets this route's prio rity among the routes the Prestige uses. The metric represents the "cost of transm ission". A router determine s the best route for transmission by choosing a path with th e lowest "cost". RIP routing uses [...]

  • Página 280

    Prestige 2602HW Series User’ s Guide 280 Chapter 24 Menu 2 WAN Backup Setup[...]

  • Página 281

    Prestige 2602HW Series User’s Guide Chapter 25 Menu 3 LAN Setup 281 C HAPTER 25 Menu 3 LAN Setup This chapter covers how to configure your wired Local Area Network (LAN) settings. 25.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 — LAN Setup . From the main menu, enter 3 to display menu 3. Figure 135 Menu 3 LAN Se[...]

  • Página 282

    Prestige 2602HW Series User’ s Guide 282 C hapter 25 Menu 3 LAN Setup • For TCP/IP Ethernet setup refer to Section 27. 6 on page 292 . • For bridging Ethernet setup refer to Chapter 30 on page 3 09 . 25.3 TCP/IP Ethernet Setup and DHCP Use menu 3.2 to con figure your Prestige fo r TCP/IP . T o edit menu 3.2, enter 3 fro m the main menu to dis[...]

  • Página 283

    Prestige 2602HW Series User’s Guide Chapter 25 Menu 3 LAN Setup 283 Follow the instructions in the following tabl e to configure TCP/IP parameters for the Ethernet port. Size of Client IP Pool This field specifies the size or count of the IP address pool. Primary DNS Server Secondary DNS Server Enter the IP addresses of the DNS serv ers. T he DNS[...]

  • Página 284

    Prestige 2602HW Series User’ s Guide 284 C hapter 25 Menu 3 LAN Setup[...]

  • Página 285

    Prestige 2602HW Series User’s Guide Chapter 26 Wireless LAN Setup 285 C HAPTER 26 W ireless LAN Setup This chapter covers how to configure wireless LAN settings in SMT menu 3.5. 26.1 Wireless LAN Overview Refer to the chapter on the wireless LAN scr eens for wireless LAN background information. 26.2 Wireless LAN Setup Use menu 3.5 to set up your [...]

  • Página 286

    Prestige 2602HW Series User’ s Guide 286 C hapter 26 Wireless LAN Setup 26.2.1 Wireless LAN MAC Address Filter The next layer of security is MAC address filter . T o allow a wireless st ation to associate with the Prestige, enter the MAC address of the wireless LAN adapter on that wireless st ation in the MAC address table. Channel ID Press [SP A[...]

  • Página 287

    Prestige 2602HW Series User’s Guide Chapter 26 Wireless LAN Setup 287 Figure 139 Menu 3.5.1 WLAN MAC Address Filtering The following table describes the fields in this menu. Menu 3.5.1 - W LAN MAC Address Filter Active= No Filter Action= A llowed Association ----------------------------------- --------------------------------- ------ 1= 00:00:00:[...]

  • Página 288

    Prestige 2602HW Series User’ s Guide 288 C hapter 26 Wireless LAN Setup[...]

  • Página 289

    Prestige 2602HW Series User’s Guide Chapter 27 Internet Access 289 C HAPTER 27 Internet Access This chapter shows you how to configure the LAN and W AN of your Prestige for Internet access . 27.1 Internet Access Overview Refer to the chapters on the web configurat or’ s wiz ard, LAN and W AN screens for more background information on fields in [...]

  • Página 290

    Prestige 2602HW Series User’ s Guide 290 Chapter 27 Internet Access Figure 140 IP Alias Network Example Use menu 3.2.1 to co nfigure IP Alias on your Prestige. 27.4 IP Alias Setup Use menu 3.2 to configure the first netw ork. Move the cursor to Edit IP Alias field and press [ SP ACEBAR] to choose Ye s and press [ENTER] to configure the secon d an[...]

  • Página 291

    Prestige 2602HW Series User’s Guide Chapter 27 Internet Access 291 Figure 142 Menu 3.2.1 IP Alias Setup Follow the instructions in the following table to configure IP Alias parameters. 27.5 Route IP Setup The first step is to en able the IP routing in Menu 1 — General Setup . T o edit menu 1, type 1 in the main menu and press [ ENTER ]. Set the[...]

  • Página 292

    Prestige 2602HW Series User’ s Guide 292 Chapter 27 Internet Access Figure 143 Menu 1 General Setu p 27.6 Internet Access Configuration Menu 4 allows you to enter the Internet Access information in one screen. Menu 4 is actually a simplified setup for one of t he remote nodes that you c an access in menu 1 1. Before you configure your Prestige fo[...]

  • Página 293

    Prestige 2602HW Series User’s Guide Chapter 27 Internet Access 293 . If all your settings are correct your Prestige shou ld connect automatically to the Internet. If the connection fails, note the error message that you receive on the screen and take the appropriate troubleshooting steps. Table 98 Menu 4 Internet Access Setup FIELD DESCRIPTION IS[...]

  • Página 294

    Prestige 2602HW Series User’ s Guide 294 Chapter 27 Internet Access[...]

  • Página 295

    Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 295 C HAPTER 28 Remote Node Configuration This chapter covers remo te node configuration. 28.1 Remote Node Setup Overview This section describes the protocol-independent parameters for a remote node. A remote node is required for placing calls to a remote gateway . A remot[...]

  • Página 296

    Prestige 2602HW Series User’ s Guide 296 Chapter 28 Remote Node Configu ration Figure 145 Menu 1 1 Remote Node Setup 28.2.2 Encap sulation and Multiplexing Scenarios For Internet access you should use the encapsulation and multiple xing methods used by your ISP . Consult your telephone company for information on en capsulation and multiplexing me[...]

  • Página 297

    Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 297 Figure 146 Menu 1 1.1 Remote Node Profile In Menu 1 1.1 – Remote Node Pr ofile , fill in the fields as describ ed in the following table. Menu 11.1 - Remote Node Profile Rem Node Name= MyISP Route= IP Active= Yes Bridge= No Encapsulation= RFC 1483 Edit IP/Bridge= No [...]

  • Página 298

    Prestige 2602HW Series User’ s Guide 298 Chapter 28 Remote Node Configu ration 28.2.3 Outgoing Au thentication Protocol For obvious reasons, you sho uld employ the strongest authentication protocol possible. However , some vendors’ implementation includes specific authentication protocol in the user profile. It will disconnect if the negotiated[...]

  • Página 299

    Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 299 28.3 Remote Node Network Layer Options For the TCP/IP parameters, perf orm the following steps to edit Menu 1 1.3 – Remote Node Network Layer Options as shown next. 1 In menu 1 1.1, make sure IP is among the protocols in the Route field. 2 Move the cu rs or to the Ed[...]

  • Página 300

    Prestige 2602HW Series User’ s Guide 300 Chapter 28 Remote Node Configu ration 28.3.1 My W AN Addr Sample IP Addresses The following figure uses sample IP addresses to help yo u understand the field of My W AN Addr in menu 1 1.3. Refer to the previous Figure 18 on page 79 in the web configurator chapter on LAN setup for a brief review of what a W[...]

  • Página 301

    Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 301 Figure 148 Sample IP Addresses for a TC P/IP LAN-to-LAN Connection 28.4 Remote Node Filter Move the cu rs or to the Edit Filter Sets field in menu 1 1.1, then press [SP ACE BAR] to select Ye s . Press [ENTER] to di splay Menu 1 1.5 – Remote Node Filter . Use Menu 1 1[...]

  • Página 302

    Prestige 2602HW Series User’ s Guide 302 Chapter 28 Remote Node Configu ration Figure 149 Menu 1 1.5 Remote Node Filter (RFC 1483 or ENET Encapsu lation) Figure 150 Menu 1 1.5 Remote Node Filter (PPPoA or PPPoE Encapsulation) 28.5 Editing A TM Layer Options Follow the steps shown next to edit Menu 1 1.6 – Remote Node A TM Layer Options . In men[...]

  • Página 303

    Prestige 2602HW Series User’s Guide Chapter 28 Remot e Node Configurat ion 303 Figure 151 Menu 1 1.6 for VC-based Multiplexing 28.5.2 LLC-based Multiplexing or PPP Encap sulation For LLC-based multiplexing or PPP encapsulation, one VC ca rries multiple protocols with protocol identifyi ng information bein g contained in each p acket header . Figu[...]

  • Página 304

    Prestige 2602HW Series User’ s Guide 304 Chapter 28 Remote Node Configu ration Figure 153 Menu 1 1.1 Remote Node Profile Move the cursor to the Edit Advance Options field, press [SP ACE BAR] to select Ye s , then press [ENTER] to display Menu 1 1.8 – Advance Setup Options . Figure 154 Menu 1 1.8 Advance Setup Op tions The following table descri[...]

  • Página 305

    Prestige 2602HW Series User’s Guide Chapter 29 Static Route Setup 305 C HAPTER 29 S t atic Route Setup This chapter shows how to setup IP static routes. 29.1 IP S t atic Route Overview Stat ic routes tell the Prestige ro uting information that i t cann ot learn automatically through other means. This can arise in cases where RIP is disabled on th[...]

  • Página 306

    Prestige 2602HW Series User’ s Guide 306 Chapter 29 Static Route Setup Figure 156 Menu 12 S tatic Route Setu p From menu 12, select 1 to open Menu 12.1 — IP S tatic Route Setup (shown next). Figure 157 Menu 12.1 IP S tatic Route Setup Now , type the route number of a st atic route you want to co nfigure. Figure 158 Menu12.1.1 Edit IP S tatic Ro[...]

  • Página 307

    Prestige 2602HW Series User’s Guide Chapter 29 Static Route Setup 307 T able 102 Menu12.1.1 Edit IP S tatic Ro ute FIELD DESCRIPTION Route # This is the index number of the stat ic route that you chose in menu 12.1. Route Name T ype a descriptive name for this route . This is for identification purpose only . Active This field allows you to acti [...]

  • Página 308

    Prestige 2602HW Series User’ s Guide 308 Chapter 29 Static Route Setup[...]

  • Página 309

    Prestige 2602HW Series User’s Guide Chapter 30 Bridgin g Setup 309 C HAPTER 30 Bridging Setup This chapter shows you how to configure the bridgin g parameters of your Prestig e. 30.1 Bridging in General Bridging bases the forwarding decision on th e MAC (Media Access Control), or ha rdware address, while routing does it on the network layer (IP) [...]

  • Página 310

    Prestige 2602HW Series User’ s Guide 310 Chapter 30 Bridging Setup Figure 159 Menu 1 1.1 Remote Node Profile 3 Move the cursor to the Edit IP/Bridge field, then press [ SP ACE BAR ] to set the value to Ye s and pres s [ENTER] to edit Menu 1 1.3 – Remote Node Network Layer Options . Figure 160 Menu 1 1.3 Remote Node Network Layer Op tions Menu 1[...]

  • Página 311

    Prestige 2602HW Series User’s Guide Chapter 30 Bridgin g Setup 311 30.2.2 Bridge St atic Route Setup Similar to network layer static routes, a bridging static route tells the Prestige the route to a node before a conn ection is established. Y ou c onfigure bridge static routes in menu 12.3.1 (go to menu 12, choose option 3, then choose a static r[...]

  • Página 312

    Prestige 2602HW Series User’ s Guide 312 Chapter 30 Bridging Setup[...]

  • Página 313

    Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 313 C HAPTER 31 Network Address T ranslation (NA T) This chapter discusses how to configure NA T on the Prestige. 31.1 Using NA T Y ou must create a firewall rule in addition to setting up SUA/NA T , to allow traffic from the W AN to be forwarded through the Prestige[...]

  • Página 314

    Prestige 2602HW Series User’ s Guide 314 Chapter 31 Network Address Transla tion (NAT) Figure 162 Menu 4 Applying NA T for Internet Access The following figure shows how you ap ply NA T to the remote node in menu 1 1.1. 1 Enter 1 1 from the main menu. 2 When menu 1 1 appears, as shown in the follo wing figure, type the number of the remote node t[...]

  • Página 315

    Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 315 31.3 NA T Setup Use the address mapping sets me nus and submenus to create the mapping table used to assign global addresses to computers on the LAN. Set 255 is used for SUA. When you select Full Feature in menu 4 or 1 1.3, the SMT will use Set 1 . When you selec[...]

  • Página 316

    Prestige 2602HW Series User’ s Guide 316 Chapter 31 Network Address Transla tion (NAT) Figure 165 Menu 15.1 Addr ess Mapping Sets 31.3.1.1 SUA Address Mapping Set Enter 255 to display the next screen (see also secti on 27.1.1). The fields in t his menu cannot be changed. Figure 166 Menu 15.1.255 SUA Address Mapping Rule s The following table expl[...]

  • Página 317

    Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 317 31.3.1.2 User-Defined Address Mapping Set s Now let’ s look at option 1 in menu 15.1. Enter 1 to bring up this menu. W e’ll just look at the differences from the previous menu. Note the extra Action and Select Rule fields mean you can configure rules in this [...]

  • Página 318

    Prestige 2602HW Series User’ s Guide 318 Chapter 31 Network Address Transla tion (NAT) 31.3.1.3 Ordering Y our Rules Ordering your rules is important because the Pr estige applies the rules in the order that you specify . When a rule matches the current pa ck et, the Prestige takes the corresponding action and the remaining rules are ignored. If [...]

  • Página 319

    Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 319 Figure 168 Menu 15.1.1.1 Editing/Configuring a n Individual Rule in a Set The following table explains the fields in t his menu. 31.4 Configuring a Server behind NA T Follow these steps to config ure a server behind NA T : 1 Enter 15 in the main menu to go to Men[...]

  • Página 320

    Prestige 2602HW Series User’ s Guide 320 Chapter 31 Network Address Transla tion (NAT) Figure 169 Menu 15.2 NA T Server Se tup 3 Enter 1 to go to Menu 15.2 NA T Server Setup as follows. Figure 170 Menu 15.2 NA T Server Se tup 4 Enter a port number in an unused St a r t P o r t N o field. T o forward only one port, enter it again in the End Port N[...]

  • Página 321

    Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 321 Figure 171 Multiple Servers Behind NA T Example 31.5 General NA T Examples The following are some exam ples of NA T configuration. 31.5.1 Example 1: Internet Access Only In the following Internet access example, you only need one rule where your ILAs (Inside Loca[...]

  • Página 322

    Prestige 2602HW Series User’ s Guide 322 Chapter 31 Network Address Transla tion (NAT) Figure 173 Menu 4 Internet Access & NA T Example From menu 4, choose the SUA Only option from the Network Addr ess T ranslation field. This is the Many-to-One mapping discus sed in Section 31.5 on page 321 . The SUA Only read-only option from the Network Ad[...]

  • Página 323

    Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 323 Figure 175 Menu 15.2.1 S pecifying an Inside Server 31.5.3 Example 3: Multiple Public IP Addresses With Inside Servers In this example, there are 3 IGAs from our IS P . There are many departments but two have their own FTP server . All departments share th e same[...]

  • Página 324

    Prestige 2602HW Series User’ s Guide 324 Chapter 31 Network Address Transla tion (NAT) Figure 176 NA T Exam ple 3 In this case you need to configure Address Mapping Set 1 from Menu 15.1 - Addr ess Mapping Sets. Therefore you must choose the Full Feature option from the Network Address T ranslation field (in menu 4 or menu 1 1.3) in Figure 177 o n[...]

  • Página 325

    Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 325 Figure 178 Example 3: Menu 15.1.1.1 Figure 179 Example 3: Final Menu 15.1.1 Now configure the IGA3 to map to our web server and mail server on the LAN. 1 Enter 15 from the main menu. 2 Enter 2 in Menu 15 - NA T Setup . 3 Enter 1 in Menu 15.2 - NA T Server Sets to[...]

  • Página 326

    Prestige 2602HW Series User’ s Guide 326 Chapter 31 Network Address Transla tion (NAT) Figure 180 Example 3: Menu 15.2 31.5.4 Example 4: NA T Unfr iendly Application Programs Some applications do not support NA T Mapping using TCP or UDP port address translation. In this case it is better to use Many-to-Many No Overload mapping as port numbers do[...]

  • Página 327

    Prestige 2602HW Series User’s Guide Chapter 31 Network Address Translation (NAT) 327 Figure 182 Example 4: Menu 15.1.1.1 Address Mappin g Rule After you’ve configured your rule , you should be able to check the settings in menu 15.1.1 as shown next. Figure 183 Example 4: Menu 15.1.1 Address Map ping Rules Menu 15.1.1.1 Address Mapping Rule Type[...]

  • Página 328

    Prestige 2602HW Series User’ s Guide 328 Chapter 31 Network Address Transla tion (NAT)[...]

  • Página 329

    Prestige 2602HW Series User’s Guide Chapter 32 Enabling the Firewall 329 C HAPTER 32 Enabling the Firewall This chapter shows you how to get started with the Prestige firewall. 32.1 Remote Management and the Firewall When SMT menu 24.1 1 is configured to allow management (see the Remote Management chapter) and the firewall is enabled: • The fir[...]

  • Página 330

    Prestige 2602HW Series User’ s Guide 330 Chapter 32 Enablin g the Firewall Figure 184 Menu 21.2 Firewa ll Setup Use the we b configura tor or the co mmand in terpreter to confi gure the firewall rules Menu 21.2 - Firewall Setup The firewall protects against Denial of Service (DOS) attacks w hen it is active. The default Poli cy sets 1. allow all [...]

  • Página 331

    Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 331 C HAPTER 33 Filter Configuration This chapter shows you how to create and apply filters. 33.1 About Filtering Y our Prestige uses filters to deci de whether or not to allow passage of a data packet and/or to make a call. There are two types of filter appli cations: data filte[...]

  • Página 332

    Prestige 2602HW Series User’ s Guide 332 Chapter 33 Filter Configuration Figure 186 Filter Rule Process Y ou can apply up to four filter sets to a partic ular port to block various types of packets. Because each filter set can have up to six rules, you can have a maximum of 24 rules active for a single port. For incoming packets, yo ur Prestige a[...]

  • Página 333

    Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 333 33.2 Configuring a Filter Set for the Prestige T o configure a filter set, follow the steps shown ne xt. 1 Enter 21 in the main menu to display Menu 21 – Filter and Fir ewall Setup . 2 Enter 1 to display Menu 21.1 – Filter Set Configu ration as shown next. Figure 187 Menu[...]

  • Página 334

    Prestige 2602HW Series User’ s Guide 334 Chapter 33 Filter Configuration Figure 189 NetBIOS_LAN Filter Rules Summary Figure 190 IGMP Filter Rules Summary 33.3 Filter Rules Summary Menus The following tables briefly descri be the abbreviations used in menus 21. 1.1 and 21.1.2. Menu 21.1.3 - Filter Rules Summary # A Type Filter Rules M m n - - ----[...]

  • Página 335

    Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 335 The protocol dependent filter rules abbreviation are listed as follows: 33.4 Configuring a Filter Rule T o configure a filter rule , type its number in Menu 21.1.x – Filter Rules Summary and press [ENTER] to open menu 21.1 .x.1 for the rule. There are two types of filter ru[...]

  • Página 336

    Prestige 2602HW Series User’ s Guide 336 Chapter 33 Filter Configuration 33.4.1 TCP/IP Filter Rule This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on the fiel ds in the IP and the up per layer protocol, for example, UDP and TCP headers. T o configure TCP/IP rules, select TCP/IP Filter Rule fro[...]

  • Página 337

    Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 337 The following figure illustrates th e logic flow of an IP filter. Port # T ype the de stination port of the packets you want to fi lter . The field rang e is 0 to 65535. A 0 field i s ignored. Port # Comp Select the comp arison to apply to the dest ination port in the packet [...]

  • Página 338

    Prestige 2602HW Series User’ s Guide 338 Chapter 33 Filter Configuration Figure 192 Executing an IP Filter 33.4.2 Generic Filter Rule This section shows you how to co nfigure a generic filter rule. The purpose of generic rules is to allow you to filter non-IP packets. For IP , it is generally easier to us e the IP rules directly . For generic rul[...]

  • Página 339

    Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 339 T o configure a generic rule select an empty filter set in menu 21, for example 5. Select Generic Filter Rule in the Filter T ype field and press [ENTER] to open Menu 21.1.5.1 – Generic Filter Rule , as shown in th e following figure. Figure 193 Menu 21.1.5.1 Generic Filter[...]

  • Página 340

    Prestige 2602HW Series User’ s Guide 340 Chapter 33 Filter Configuration 33.5 Filter T ypes and NA T There are two classes of filter rules, Generic Filter Device rules and Protocol Filter ( TCP/IP ) rules. Generic Filter rules act on the raw data from/ to LAN and W AN. Protocol Filter rules act on IP packets. When NA T (Network Address T ranslati[...]

  • Página 341

    Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 341 Figure 195 Sample T elnet Filter 1 Enter 1 in the menu 21 to display Menu 21. 1 — Filter Set Configuration . 2 Enter the index number of th e filter set you want to configure (in this case 6) . 3 T ype a descriptive name or comment in the Edit Comments field (for example, T[...]

  • Página 342

    Prestige 2602HW Series User’ s Guide 342 Chapter 33 Filter Configuration 2 Go to the Edit Filter Sets field, press [SP ACE BAR] to choose Ye s and press [ENTER]. This brings you to menu 1 1.5. Apply the example filter set (for example, fi lter set 3) in this menu as shown in the next section. This shows you that you have configured and activated [...]

  • Página 343

    Prestige 2602HW Series User’s Guide Chapter 33 Filter Configuration 343 33.7.1 Ethernet T raffic Y ou seldom need to filter Ethernet traffic; ho wever , the filter sets may be useful to block certain packets, reduce traffic and prevent secur ity breaches. Go to me nu 3.1 (shown next) and type the number(s) of the filter set (s) that you want to a[...]

  • Página 344

    Prestige 2602HW Series User’ s Guide 344 Chapter 33 Filter Configuration[...]

  • Página 345

    Prestige 2602HW Series User’s Guide Chapter 34 SNMP Configuration 345 C HAPTER 34 SNMP Configuration This chapter explains SNMP Configuration menu 22. 34.1 About SNMP Simple Network Management Protocol (SNM P) i s a protoc ol used for ex changing management information b etween network devices. SNMP is a member of the TCP/IP protocol suite. Y our[...]

  • Página 346

    Prestige 2602HW Series User’ s Guide 346 Chapter 34 SNMP Configuration The managed devices cont ain object variables/ managed objects that define each piece of information to be collected ab out a device. Examples of vari ables include the number of packets received, node port status etc. A Ma nagement Information Ba se (MIB) is a collection of m[...]

  • Página 347

    Prestige 2602HW Series User’s Guide Chapter 34 SNMP Configuration 347 Figure 201 Menu 22 SNMP Configurat ion The following table describes the SNMP configuration parameters. 34.4 SNMP T rap s The Prestige will send traps to the SNMP mana ger when any one of t he following events occurs: Menu 22 - SNMP Configuration SNMP: Get Community= public Set[...]

  • Página 348

    Prestige 2602HW Series User’ s Guide 348 Chapter 34 SNMP Configuration The port number is its interface index under the interface group. 5 authenticationFailure ( defined in RFC-1215 ) A trap is sent to the manager when receiving any SNMP gets or set s requirements with wrong community (password). 6 whyReboot (defin ed in ZYXEL-MIB) A trap is sen[...]

  • Página 349

    Prestige 2602HW Series User’s Guide Chapter 35 System Security 349 C HAPTER 35 System Security This chapter describes how to configur e the system security on the Prestige. 35.1 System Security Y ou can configure the system password.. 35.1.1 System Password Enter 23 in the main menu to display Menu 23 – System Security . Y ou should change the [...]

  • Página 350

    Prestige 2602HW Series User’ s Guide 350 Chapter 35 Syst em Security Figure 204 Menu 23.2 System Security: RADIUS Server The following table describes the fields in this menu. Menu 23.2 - System Security - RADIUS Server Authentication Server: Active= No Server Address= 10.1 1.12.13 Port #= 1812 Shared Secret= ***** *** Accounting Server: Active= [...]

  • Página 351

    Prestige 2602HW Series User’s Guide Chapter 35 System Security 351 35.1.3 IEEE802.1x The IEEE802.1x standards outline enhanced secur ity methods for both the authentication of wireless stations and en cryption key managemen t. Follow the steps below to enable EA P authentication on your Prestige. 1 From the main menu, enter 23 to display Menu23 ?[...]

  • Página 352

    Prestige 2602HW Series User’ s Guide 352 Chapter 35 Syst em Security T able 1 18 Menu 23.4 System Security: IEEE802.1x FIELD DESCRIPTION Wireless Port Control Press [SP ACE BAR] and select a securi ty mode for the wireless LAN access. Select No Authentication Required to allow any wi reless st ations access to your wired network without entering [...]

  • Página 353

    Prestige 2602HW Series User’s Guide Chapter 35 System Security 353 Once you enable user authenticatio n, you need to specify an exte rnal RADIUS server or create local user accounts on the Prestige for authentication. 35.2 Creating User Account s on the Prestige By storing user profiles locally , your Prestige is able to authenticate wireless use[...]

  • Página 354

    Prestige 2602HW Series User’ s Guide 354 Chapter 35 Syst em Security Figure 207 Menu 14 Dial-in User Setup 2 T ype a number and press [ENTER] to edit the user profile. Figure 208 Menu 14.1 Edit Dial-in User The following table describes the fields in this menu. Menu 14 - Dial-in U ser Setup 1. ________ 9. ________ 17. ________ 25. _____ ___ 2. __[...]

  • Página 355

    Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 355 C HAPTER 36 System Information and Diagnosis This chapter covers the information and diag nostic tools in SMT menus 24.1 to 24.4. 36.1 Overview These tools include updates on system status , port status, log and trace capabiliti es and upgrades for the system sof[...]

  • Página 356

    Prestige 2602HW Series User’ s Guide 356 Chapter 36 System Information and Diagnosis The following table describes the fields present in Menu 24.1 — System Maintenance — St a t u s which are read-only and meant for diag nostic purposes. Figure 210 Menu 24.1 System Maintenance : S tatus The following table describes the fields present in Menu [...]

  • Página 357

    Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 357 36.3 System Information T o get to the System Information: 1 Enter 24 to display Menu 24 — System Maintenance . 2 Enter 2 to display Menu 24.2 — System Information and Console Port Speed. From this menu you have two choices as shown in the next figu re: Figur[...]

  • Página 358

    Prestige 2602HW Series User’ s Guide 358 Chapter 36 System Information and Diagnosis Figure 212 Menu 24.2.1 System Maintenance: In formation The following table describes the fields in this menu. 36.3.2 Console Port Speed Y ou can set up different port speeds for the console port through Menu 24.2. 2 – System Maintenance – Console Port Speed [...]

  • Página 359

    Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 359 Figure 213 Menu 24.2.2 System Maintenance : Chang e Console Port S peed Once you change the Prestige console po rt speed , you must also set the speed parameter for the communication software you are using to connect to the Prestige. 36.4 Log and T race There are[...]

  • Página 360

    Prestige 2602HW Series User’ s Guide 360 Chapter 36 System Information and Diagnosis Figure 215 Sample Error an d Information M essages 36.4.2 Syslog and Accounting The Prestige uses the syslog fa cility to log the CDR (Call Deta il Record) and system messages to a syslog server. Syslog and accounting can be configured in Menu 24.3.2 — System M[...]

  • Página 361

    Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 361 Figure 217 Syslog Example 1 - CDR SdcmdSyslogSend ( SYSLOG_CDR, SYSLOG _INFO, String); String = board xx line xx channel xx , call xx, str board = the hardware board ID line = the WAN ID in a board Channel = channel ID within the WAN call = the call reference nu [...]

  • Página 362

    Prestige 2602HW Series User’ s Guide 362 Chapter 36 System Information and Diagnosis 36.5 Diagnostic The diagnostic facility allows you to test the di f ferent aspects of your Prestige to determine if it is working properly . Menu 24.4 allows you to choose among various ty pes of diagnostic tests to evaluate your system, as shown in the following[...]

  • Página 363

    Prestige 2602HW Series User’s Guide Chapter 36 System Inform ation and Diagnosis 363 The following table describes the diagnostic tests available in menu 24.4 for and the connections. T able 123 Menu 24.4 System Maintenance Menu: Diagnostic FIELD DESCRIPTION Reset xDSL Re-initia lize the xDSL link to the telephone company . Ping Host Ping th e ho[...]

  • Página 364

    Prestige 2602HW Series User’ s Guide 364 Chapter 36 System Information and Diagnosis[...]

  • Página 365

    Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 365 C HAPTER 37 Firmware and Configuration File Maintenance This chapter tells y ou how to backup and re stor e your configuration file as well as upload new firmware and configuration files. 37.1 Filename Conventions The configuration file (often ca lled [...]

  • Página 366

    Prestige 2602HW Series User’ s Guide 366 Chapter 37 Firmware and Con figuration File Maintenance The following table is a summary . Please note that the internal filename refe rs to the filename on the Prestige and the external f ilename refers to the filename not on the Prestige, that is, on your computer , local network or FTP site and so the n[...]

  • Página 367

    Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 367 Figure 219 T elnet in Menu 24.5 37.2.2 Using the FTP Command from the Command Line 1 Launch the FTP client on your computer . 2 Enter “ open ”, followed by a space and the IP address of your Prestige. 3 Press [ENTER] when prompted for a username. 4[...]

  • Página 368

    Prestige 2602HW Series User’ s Guide 368 Chapter 37 Firmware and Con figuration File Maintenance Figure 220 FTP Session Example 37.2.4 GUI-based FTP Clients The following table describes some of the commands that you may see in GUI-based FTP clients. 37.2.5 TFTP and FTP over W AN Management Limit ations TFTP , FTP and T elnet over W AN will not w[...]

  • Página 369

    Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 369 37.2.6 Backup Configuration Using TFTP The Prestige support s the up/downloading of the firmware and the configuration file using TFTP (T rivial File T ransfer Protocol) over LA N. Although TFTP should work over W AN as well, it is not recommended. T o[...]

  • Página 370

    Prestige 2602HW Series User’ s Guide 370 Chapter 37 Firmware and Con figuration File Maintenance Refer to Section 37.2.5 on page 368 to read about configurations that disallow TFTP and FTP over W AN. 37.2.9 Backup V ia Console Port Back up configuration vi a console port by following the Hype rT erminal procedure shown next. Procedures using othe[...]

  • Página 371

    Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 371 Figure 223 Backup Configuration Example T ype a location for storing the configuration file or click Br owse to look for one. Choose the Xmodem protocol. Then click Receive . 4 After a successful backup you will see the following screen. Pr ess any key[...]

  • Página 372

    Prestige 2602HW Series User’ s Guide 372 Chapter 37 Firmware and Con figuration File Maintenance Figure 225 T elnet into Menu 24.6 1 Launch the FTP client on your computer . 2 Enter “ open ”, followed by a space and the IP address of your Prestige. 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default i[...]

  • Página 373

    Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 373 37.3.3 Restore V ia Console Port Restore configuration via console port by fol lowing the HyperT erminal procedure shown next. Procedures using other serial communicat i ons programs should be similar . 1 Display menu 24.6 and enter “y” at the foll[...]

  • Página 374

    Prestige 2602HW Series User’ s Guide 374 Chapter 37 Firmware and Con figuration File Maintenance Figure 230 Successful Restoration Confirmati on Screen 37.4 Uploading Firmware and Configuration Files This section shows yo u how to upload firmware and co nfiguration files. Y o u can upload configuration files by following the procedure in Section [...]

  • Página 375

    Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 375 Figure 232 T elnet Into Menu 24.7.2 System Maintenance T o upload the firmware and the configuration file, follow these examples 37.4.3 FTP File Upload Comman d from the DOS Prompt Example 1 Launch the FTP client on your computer . 2 Enter “ open ”[...]

  • Página 376

    Prestige 2602HW Series User’ s Guide 376 Chapter 37 Firmware and Con figuration File Maintenance 37.4.4 FTP Session Exampl e of Firmware File Upload Figure 233 FTP Session Example of Firmware File Upload More commands (found in GUI-based FTP clie nts) are listed earlier in this chapter . Refer to Section 37.2.5 o n page 368 to read about configur[...]

  • Página 377

    Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 377 37.4.6 TFTP Upload Command Example The following is an example TFTP command: tftp [-i] host put firmware.bin ras where “ i ” specifies binary image transfer mode (use this mode when transferring binary files), “ host ” is the Prestige’ s IP a[...]

  • Página 378

    Prestige 2602HW Series User’ s Guide 378 Chapter 37 Firmware and Con figuration File Maintenance 37.4.9 Example Xmodem Firmwa re Upload Using HyperT erminal Click T ransfer , then Send File to display the following screen. Figure 235 Example Xmodem Upload After the firmware upload process has comple t ed, the Prestige will automatically restart. [...]

  • Página 379

    Prestige 2602HW Series User’s Guide Chapter 37 Firmware and Confi guration File Maintenance 379 3 Enter “atgo” to restart the Prestige. 37.4.1 1 Example Xmodem Configur ation Upload Using HyperT erminal Click T ransfer , then Send File to display the following screen. Figure 237 Example Xmodem Upload After the configuration upload process has[...]

  • Página 380

    Prestige 2602HW Series User’ s Guide 380 Chapter 37 Firmware and Con figuration File Maintenance[...]

  • Página 381

    Prestige 2602HW Series User’s Guide Chapter 38 System Maintenance 381 C HAPTER 38 System Maintenance This chapter leads you through SM T menus 24.8 to 24. 10. 38.1 Command Interpreter Mode The Command Interpreter (CI) is a part of the ma in system firmware. The CI provides much of the same functionality as the SMT , while a dding some low-level s[...]

  • Página 382

    Prestige 2602HW Series User’ s Guide 382 Chapter 38 Syst em Maintena nce 38.2 Call Control Support Call Control Support is only applicable when Encapsulation is set to PPPoE in menu 4 or menu 1 1.1. The budget management func tion allows you to set a limit on the total outgoing call time of the Prestige within certain times. When the to tal outgo[...]

  • Página 383

    Prestige 2602HW Series User’s Guide Chapter 38 System Maintenance 383 The total budget is the time li mit on the accumulated time for ou tgoing calls to a remo te node. When this limit is reached, th e call will be dropped and further outgoing calls to that remote node will be blocked. After each period, the total budget is re set. The default fo[...]

  • Página 384

    Prestige 2602HW Series User’ s Guide 384 Chapter 38 Syst em Maintena nce Figure 243 Menu 24.10 System Maintenance : T ime and Date Setting 38.3.1 Resetting the T ime • The Prestige resets the time in three instances: • On leaving menu 24.10 after making changes. • When the Prestige starts up, if there is a timeserver co nfigured in menu 24.[...]

  • Página 385

    Prestige 2602HW Series User’s Guide Chapter 38 System Maintenance 385 • 24-hour intervals after starting.[...]

  • Página 386

    Prestige 2602HW Series User’ s Guide 386 Chapter 38 Syst em Maintena nce[...]

  • Página 387

    Prestige 2602HW Series User’s Guide Chapter 39 Remo te Management 387 C HAPTER 39 Remote Management This chapter covers remote ma nagement (SMT menu 24.1 1). 39.1 Remote Management Overview Remote management allows you to determ ine which services/protocols can access which Prestige interface (if any) from which computers. When you configure remo[...]

  • Página 388

    Prestige 2602HW Series User’ s Guide 388 Chapter 39 Remote Manageme nt Figure 244 Menu 24.1 1 Remote Management Control The following table describes the fields in this menu. 39.2.2 Remote Management Limit ations Remote management over LAN or W AN will not work when: • A filter in menu 3.1 (LAN) or in menu 1 1.5 (W AN) is applied to block a T e[...]

  • Página 389

    Prestige 2602HW Series User’s Guide Chapter 39 Remo te Management 389 39.3 Remote Management and NA T When NA T is enabled: • Use the Prestige’ s W A N IP address when configuring from the W AN. • Use the Prestige’ s LAN IP address when configurin g from the LAN. 39.4 System T imeout There is a default system management idle tim eout of f[...]

  • Página 390

    Prestige 2602HW Series User’ s Guide 390 Chapter 39 Remote Manageme nt[...]

  • Página 391

    Prestige 2602HW Series User’s Guide Chapter 40 IP Policy Routing 391 C HAPTER 40 IP Policy Routing This chapter covers setting and appl ying policies used for IP routing. 40.1 IP Policy Routing Overview T raditionally , routing is based on the destinatio n address only and the IAD takes the shortest path to forward a packet. IP Routing Polic y (I[...]

  • Página 392

    Prestige 2602HW Series User’ s Guide 392 Chapter 40 IP Policy Routing • routing the packet to a different gate way (and hence the outgoing interface). • setting the TO S and precedence fields in the IP header . IPPR follows the existing packet filtering facility of RAS in st yle and in impl ementation. The policies are divided into sets, wher[...]

  • Página 393

    Prestige 2602HW Series User’s Guide Chapter 40 IP Policy Routing 393 Figure 246 Menu 25.1 IP Routing Po licy Setup T ype a number from 1 to 6 to d isplay Menu 25.1.1 – IP Rou ting Policy (see the next figure). This menu allows you to configure a policy rule. Menu 25.1 - IP Routing Policy Setup # A Criteri a/Action - - --------------------------[...]

  • Página 394

    Prestige 2602HW Series User’ s Guide 394 Chapter 40 IP Policy Routing Figure 247 Menu 25.1.1 IP Routing Policy The following table describes the fields in this menu. Menu 25.1.1 - IP Routing Policy Policy Set Name= test Active= No Criteria: IP Protocol = 0 Type of Service= Don't Care Packet length= 0 Precedence = Don't Care Len Comp= N/[...]

  • Página 395

    Prestige 2602HW Series User’s Guide Chapter 40 IP Policy Routing 395 40.5 Applying an IP Policy This section shows yo u where to apply the IP policies after you design them. 40.5.1 Ethernet IP Policies From Menu 3 — Ethernet Setup , type 2 to go to Menu 3.2 — TCP/IP and DHCP Ethernet Setup . Y ou can choose up to four IP policy sets (from 12)[...]

  • Página 396

    Prestige 2602HW Series User’ s Guide 396 Chapter 40 IP Policy Routing Figure 248 Menu 3.2 TCP/IP and DHCP Ethernet Se tup Go to menu 1 1 .3 (shown next) and type the number(s) of the IP Routing Policy set (s) as appropriate. Y ou can cascade up to four polic y sets by typing the ir numbers separated by commas. Figure 249 Menu 1 1.3 Remote Node Ne[...]

  • Página 397

    Prestige 2602HW Series User’s Guide Chapter 40 IP Policy Routing 397 Figure 250 Example of IP Policy Routing T o force packets coming from clients with IP addresses of 192.16 8.1.33 to 192.16 8.1.64 to be routed to the Internet via the W AN port of the Prestige, follow the steps as shown next. 1 Create a routing pol icy set in menu 25 . 2 Create [...]

  • Página 398

    Prestige 2602HW Series User’ s Guide 398 Chapter 40 IP Policy Routing 3 Create a rule in menu 25.1 for this set to route packets from any host ( IP=0.0.0.0 means any host) with protocol TCP and port FTP access through another gateway (192.168.1.100). Figure 252 IP Routing Policy Example 4 Check Menu 25.1 — IP Routing Policy S etup to see if the[...]

  • Página 399

    Prestige 2602HW Series User’s Guide Chapter 41 Call Scheduling 399 C HAPTER 41 Call Scheduling Call scheduling (applicable for PPPoA or PPPoE encapsulati on only) allows you to dictate when a remote node sho uld be called and for h ow long. 41.1 Introduction The call scheduling feature allows the Prestige to manage a remote node and dictate when [...]

  • Página 400

    Prestige 2602HW Series User’ s Guide 400 Chapter 41 Call Scheduling T o setup a schedule set, select the schedule set you want to setup from menu 26 (1-12) and press [ENTER] to see Menu 26.1 — Schedule Set Setup as shown next. Figure 255 Menu 26.1 Schedule Set Setup If a connection has been already established, your Prestige wil l not drop it. [...]

  • Página 401

    Prestige 2602HW Series User’s Guide Chapter 41 Call Scheduling 401 Once your schedule sets are conf igured , you must then apply them to the desired remote node(s). Enter 1 1 from the Main Menu and then enter the tar get remote node index. Using [SP ACE BAR] , select PPPoE or PPPoA in the Encapsulation field and then press [ENTER] to make the sch[...]

  • Página 402

    Prestige 2602HW Series User’ s Guide 402 Chapter 41 Call Scheduling[...]

  • Página 403

    Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 403 C HAPTER 42 VPN/IPSec Setup This chapter introduces the VPN SMT menus. 42.1 VPN/IPSec Overview The VPN/IPSec main SMT menu has these main submenus: Define VPN policies in menu 27.1 su bmenus, including security po licies, endpoint IP addresses, peer IPSec router IP address and ke [...]

  • Página 404

    Prestige 2602HW Series User’ s Guide 404 Chapter 42 VPN/IPSec Setup Figure 258 Menu 27 VPN/IPSec Setup 42.2 IPSec Summary Screen T ype 1 in me nu 27 and then press [ENTER] to display Menu 27.1 IPSec Summary . This is a summary read-only menu of your IPSec rules (t unnels). Edit or create an IPSec rule by selecting an index number and then co nfig[...]

  • Página 405

    Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 405 A Y signifies that this VPN rule is active. Local Addr St a r t When the Addr T ype field in Menu 27.1 .1 IPSec Setup is configured to Single , this is a static IP address on the LAN behind your Prestige. When the Addr T ype field in Menu 27.1.1 IPSec Setu p is configured to Range[...]

  • Página 406

    Prestige 2602HW Series User’ s Guide 406 Chapter 42 VPN/IPSec Setup 42.3 IPSec Setup Select Edit in the Select Command field; type the index number of a rule in the Select Rule field and press [ENTER] to edit the VPN using the menu shown next. Note: Y ou must also configure menu 27.1.1.1 or menu 27. 1.1.2 to fully configure and use a VPN. Secure [...]

  • Página 407

    Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 407 Figure 260 Menu 27.1.1 IPSec Setup The following table describes the fields in this menu. Menu 27.1.1 – IPSec Setup Index= 1 Name= Taiwan Active= Yes Keep Alive= No Nat Traversal= No Local ID type= IP Conten t: My IP Addr= 0.0.0.0 Peer ID type= IP Conten t: Secure Gateway Addres[...]

  • Página 408

    Prestige 2602HW Series User’ s Guide 408 Chapter 42 VPN/IPSec Setup Nat T raversal Press [SP ACE BAR] to choose either Ye s or No . Choose Ye s and press [ENTER] to enable NA T traversal. NA T traversal allows you to set up a VPN connection when there are NA T routers betwee n the two IPSec rout ers. The remote IPSec router must also have NA T tr[...]

  • Página 409

    Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 409 DNS Server If there is a private DNS server that serv ices the VPN, type its IP address here. The Prestige assigns this additional DNS server to the Prestige's DHCP clients that have IP addresses in this IPSec ru le's range of local addresses. A DNS server allows clie nt[...]

  • Página 410

    Prestige 2602HW Series User’ s Guide 410 Chapter 42 VPN/IPSec Setup 42.4 IKE Setup T o edit this menu, the Key Manageme nt field in Menu 27.1.1 – IPSec Setup must be set to IKE . Move the cursor to the Edit Key Management Setup field in Menu 27.1.1 – IPSec Setup ; press [SP ACE BAR] to select Ye s and then press [ENTER] to display Menu 27.1.1[...]

  • Página 411

    Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 411 Figure 261 Menu 27.1.1.1 KE Setup The following table describes the fields in this menu. Menu 27.1.1.1 - IKE Setup Phase 1 Negotiation Mode= Main PSK= Encryption Algorithm = A ES Authentication Algorithm = SHA1 SA Life Time (Seconds)= 28800 Key Group= DH1 Phase 2 Active Protocol =[...]

  • Página 412

    Prestige 2602HW Series User’ s Guide 412 Chapter 42 VPN/IPSec Setup 42.5 Manual Setup Y ou only configure Menu 27.1.1.2 – Man ual Setup when you select Manual in the Key Management field in Menu 27.1.1 – IPSec Setup . Manual key mana gement is useful if you have problem s with IKE key management. 42.5.1 Active Protocol This field is a combina[...]

  • Página 413

    Prestige 2602HW Series User’s Guide Chapter 42 VPN/IPSec Setup 413 Figure 262 Menu 27.1.1.2 Manual Setup The following table describes the fields in this menu. Menu 27.1.1.2 – Manual Setup Active Protocol= ESP Tunnel ESP Setup SPI (Decimal)= 0 Encryption Algorithm= DES Key1= ? Key2= N/A Key3= N/A Authentication Algorithm= MD5 Key= ? AH Setup SP[...]

  • Página 414

    Prestige 2602HW Series User’ s Guide 414 Chapter 42 VPN/IPSec Setup Authentication Algorithm Press [SP ACE BAR] to choose from MD5 or SHA1 and then press [ENTER]. Key Enter the authentication key to be used by IPSec if applicable. The key must be unique. Ente r 16 characters for MD5 authentication and 20 characters for SHA-1 authentication. Any c[...]

  • Página 415

    Prestige 2602HW Series User’s Guide Chapter 43 SA Monitor 415 C HAPTER 43 SA Monitor This chapter teaches you h ow to manage your SAs by using the SA Monitor in SMT menu 27.2. 43.1 SA Monitor Overview A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel. This menu (shown next) disp lays active VPN conne[...]

  • Página 416

    Prestige 2602HW Series User’ s Guide 416 Chapter 43 SA Monitor Figure 263 Menu 27.2 SA Monitor The following table describes the fields in this menu. Menu 27.2 - SA Monitor # Name Encap. IPSec ALgorithm --- -------------------------------- --------- ---------------- 001 Taiwan : 3.3.3.1 – 3.3.3.3.100 Tunne l ESP DES MD5 002 003 004 005 006 007 [...]

  • Página 417

    Prestige 2602HW Series User’s Guide Chapter 43 SA Monitor 417 Select Command Press [SP ACE BAR] to choose from Refresh , Disco nnect , None , Next Page , or Previous Page and then press [ENTER]. Y ou must select a connection in the ne xt field when you choose the Disconnect command. Refresh displays current active VPN connections. None allows you[...]

  • Página 418

    Prestige 2602HW Series User’ s Guide 418 Chapter 43 SA Monitor[...]

  • Página 419

    Prestige 2602HW Series User’s Guide Chapter 44 Troubleshooting 419 C HAPTER 44 T r oubleshooting This chapter covers potential proble ms and the corresponding remed ies. 44.1 Problems St arting Up the Prestige 44.2 Problems with the LAN LED Table 139 Troubleshooting the Start-Up of Your Prestige PROBLEM CORRECTIVE ACTION None of the LEDs turn on [...]

  • Página 420

    Prestige 2602HW Series User’ s Guide 420 Chapter 44 Troublesh ooting 44.3 Problems with the DSL LED 44.4 Problems with the LAN Interface 44.5 Problems with the W AN Interface Table 141 Troubleshooting the DSL LED PROBLEM CORRECTIVE ACTION The DSL LED is off. Check the telepho ne wire and connecti ons between the Prestige DSL p ort and the wall ja[...]

  • Página 421

    Prestige 2602HW Series User’s Guide Chapter 44 Troubleshooting 421 44.6 Problems with Internet Access 44.7 Problems with the Password Table 144 Troubleshooting Internet Access PROBLEM CORRECTIVE ACTION I cannot access the Intern et. Make sure the Prestige is turned on and connected to the network. If the DSL LED is off, refer to . V erify your W [...]

  • Página 422

    Prestige 2602HW Series User’ s Guide 422 Chapter 44 Troublesh ooting 44.8 Problems with the W eb Configurator 44.9 Problems with Remote Management Table 146 Troubleshooting the Web Configu rator PROBLEM CORRECTIVE ACTION I cannot access the web configurator . Refer to . Make sure that there is not an SMT console session running. Check that you ha[...]

  • Página 423

    Prestige 2602HW Series User’s Guide Chapter 44 Troubleshooting 423 44.10 T elephone Problems Table 148 Troubleshooting Telephone PROBLEM CORRECTIVE ACTION The telephone port won’t work or the telephone lacks a dial to ne. Check the telephone con nections and telephone wire. Make sure you have the V oice SIP Settings screen properly configured. [...]

  • Página 424

    Prestige 2602HW Series User’ s Guide 424 Chapter 44 Troublesh ooting[...]

  • Página 425

    Prestige 2602HW Series User’s Guide 425 A PPENDIX A Hardware S pecifications Ethernet Cable Pin Assignment s Figure 264 Ethernet Cable Pin Assignment s Prestige 2602HW -L DSL Port Pin Assignment s The following figure describ es the pin assignments for the DSL port on the Prestige 2602HW - L[...]

  • Página 426

    Prestige 2602HW Series User’ s Guide 426 Figure 265 Prestige 2602HW -L DSL Port Pin Assignments[...]

  • Página 427

    Prestige 2602HW Series User’s Guide 427 Prestige 2602HW Series Power Adaptor Specifications Table 149 Prestige 2602HW Ser ies Po wer Adaptor Specifications NORTH AMERICAN PLUG STANDARDS AC Power Adapter Model ADS68 18-1818-W 1810 Input Power AC 100~240V olts/50/60Hz/0.5A Output Power DC 18V olts/1A Power Consumption 15W Safety S tandards UL,CUL(U[...]

  • Página 428

    Prestige 2602HW Series User’ s Guide 428[...]

  • Página 429

    Prestige 2602HW Series User’s Guide 429 A PPENDIX B Setting up Y our Computer ’ s IP Address All computers must have a 10M or 100M Et hernet adapter card and TCP/IP installed. W indows 95/98/Me/NT/2000/XP , Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ [...]

  • Página 430

    Prestige 2602HW Series User’ s Guide 430 Figure 266 WIndows 95/98 /Me: Network: Co nfiguration Inst alling Components The Network window Configuration tab displays a list of installed components. Y ou need a network adapter , the TCP/IP protocol and Client for Microso ft Networks. If you need the adapter: 1 In the Network window , click Add . 2 S[...]

  • Página 431

    Prestige 2602HW Series User’s Guide 431 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click OK . 5 Restart your computer so the changes you made take ef fect. Configuring 1 In the Network window Configuration tab, select your network adapter's T CP/IP entry[...]

  • Página 432

    Prestige 2602HW Series User’ s Guide 432 Figure 268 Windows 95/98/Me : TCP/IP Pr operties: DNS Configuration 4 Click the Gateway tab. • If you do no t know your gateway’ s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add . 5 Click OK to save and close the TC[...]

  • Página 433

    Prestige 2602HW Series User’s Guide 433 Figure 269 Windows XP: S tart Menu 2 For W indows XP , click Network Connections . For W indows 2000/NT , click Network and Dial-up Connections . Figure 270 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Pr operties .[...]

  • Página 434

    Prestige 2602HW Series User’ s Guide 434 Figure 271 Windows XP: Control Panel: Network Connections: Pro perties 4 Select Internet Protocol (TCP/IP) (under the Genera l tab in W in XP) and cli ck Properties . Figure 272 Windows XP: Local Area Conne ction Properties 5 The Internet Pr otoc ol TCP/IP Properties window opens (the General tab in W indo[...]

  • Página 435

    Prestige 2602HW Series User’s Guide 435 • If you have a static IP address click Use the following IP Address and fill in the IP addr ess , Subnet mask , and Default gateway fields. Click Advanced . Figure 273 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address , remove any previously installed gateways in th[...]

  • Página 436

    Prestige 2602HW Series User’ s Guide 436 7 In the Internet Protocol TCP/IP Pr operties window (the General tab in W indows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP addre ss(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses , and type them in the Pr[...]

  • Página 437

    Prestige 2602HW Series User’s Guide 437 Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel . Figure 275 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list.[...]

  • Página 438

    Prestige 2602HW Series User’ s Guide 438 Figure 276 Macintosh O S 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configur e: list. 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address bo x. • T ype your subnet mask [...]

  • Página 439

    Prestige 2602HW Series User’s Guide 439 Figure 277 Macintosh O S X: Apple M enu 2 Click Network i n the icon bar . • Select Automatic from the Location list. • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list . Figure 278 Macintosh O S X: Netw[...]

  • Página 440

    Prestige 2602HW Series User’ s Guide 440 5 Click Apply Now and clo se the w indow . 6 T urn on your Prestige and restart y our computer (if pro mpted). V erifying Settings Check your TCP/IP properties in the Network window .[...]

  • Página 441

    Prestige 2602HW Series User’s Guide 441 A PPENDIX C IP Subnetting IP Addressing Routers “route” based on the network number . The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (ei ght bits), wri tten in dotted decimal notation, for example, 192.168.1.1[...]

  • Página 442

    Prestige 2602HW Series User’ s Guide 442 Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a valu e of 0 to 127. Similarly the first octet of a class “B” must begi n with “10”, therefore the first octet of a class “B” address has a valid range of 128 to 191.[...]

  • Página 443

    Prestige 2602HW Series User’s Guide 443 Since the mask is always a continuous number of ones begin ning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/” followed by the n[...]

  • Página 444

    Prestige 2602HW Series User’ s Guide 444 Note: In the following chart s , shaded/bold last oc tet bit values indi cate host ID bit s “borrowed” to form network ID bit s. The number of “borrowed” host ID bits determines the number of sub nets y ou can have. Th e remaining number of host ID bits (af ter “borrowing”) det ermines the numb[...]

  • Página 445

    Prestige 2602HW Series User’s Guide 445 Example: Four Subnet s The above exampl e illustrated using a 25-bit subne t mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00 , 01, 10 and 1 1. The [...]

  • Página 446

    Prestige 2602HW Series User’ s Guide 446 Example Eight Subnet s Similarly use a 27-bit mask to create 8 subnets (001, 010, 01 1, 100, 101, 1 10). The following table shows class C IP ad dress last octet values for each subnet. The following table is a summary for class “C” subnet planning. Table 160 Subnet 4 NETWORK NUMBER LAST OCTET BIT V AL[...]

  • Página 447

    Prestige 2602HW Series User’s Guide 447 Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet ma sk also determines which bits are part of the network number and which are part of the h ost ID. A class “B” address has two host ID octets ava ilable for subnetting and a class “A” address has [...]

  • Página 448

    Prestige 2602HW Series User’ s Guide 448[...]

  • Página 449

    Prestige 2602HW Series User’s Guide 449 A PPENDIX D PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP ov er Ethernet, RFC 2516) from your computer to an A TM PVC (Permanent V irt ual Circuit) which connec ts to a DSL Access Concentrator where th e PPP session terminates ( Figure 279 on page 450 ). One PVC can support an[...]

  • Página 450

    Prestige 2602HW Series User’ s Guide 450 Figure 279 Single-Compute r per Router Hard ware Configuration How PPPoE W orks The PPPoE driver makes the Ethernet appea r as a serial link to the computer and the c omputer runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC). Between the AC and an ISP , the AC is[...]

  • Página 451

    Prestige 2602HW Series User’s Guide 451 A PPENDIX E W ireless LAN and IEEE 802.1 1 A wireless LAN (WLAN) provides a fle xible data communications system that you can use to access various services (navigating the Internet, E-mail, printer services , etc.) without the use of a cabled connection. In effect a wireless LAN environmen t provides yo u [...]

  • Página 452

    Prestige 2602HW Series User’ s Guide 452 Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an inde pendent (Ad-hoc) WLAN that connects a set of computers with wireless nodes or stations (ST A), which is called a Basic Service Set (BSS). In the most basic form, a wireless LAN connects a set of computers with wireless adapters. A[...]

  • Página 453

    Prestige 2602HW Series User’s Guide 453 Figure 282 ESS Provides Camp us-Wide Coverage[...]

  • Página 454

    Prestige 2602HW Series User’ s Guide 454[...]

  • Página 455

    Prestige 2602HW Series User’s Guide 455 A PPENDIX F Wireless LAN W ith IEEE 802.1x As wireless networks become po pular for both portable comp uting and corporate networks , security is now a priority . Security Flaws with IEEE 802.1 1 W ireless networks based on the original IEEE 802.1 1 have a poor reputation for safety . The IEEE 802.1 1b wire[...]

  • Página 456

    Prestige 2602HW Series User’ s Guide 456 RADIUS Server Authen tication Sequence The following figure depicts a typical wireless ne twork with a remote R ADIUS server for user authentication using EAPOL (EAP Over LAN). Figure 283 Sequences for EAP MD5–Ch allenge Authentication[...]

  • Página 457

    Prestige 2602HW Series User’s Guide 457 A PPENDIX G T ypes of EAP Authentication This appendix discusses three pop ular EAP authentication types: EAP-MD5 , EAP-TLS and EAP-TTLS . The type of authentication yo u use depends on the RADIUS server or the AP . Consult your netwo rk administ rator for more information. EAP-MD5 (Message-Digest Algorithm[...]

  • Página 458

    Prestige 2602HW Series User’ s Guide 458 LEAP LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE802.1x. Table 164 Comparison of EAP Authentication Types EAP-MD5 EAP-TLS EAP-TTLS PEAP LEAP Mutual Authentication No Ye s Ye s Ye s Ye s Certificate – Client No Ye s Optional Optional No Certificate – Server No [...]

  • Página 459

    Prestige 2602HW Series User’s Guide 459 A PPENDIX H T riangle Route The Ideal Setup When the firewall is on, your Prestige acts as a secure gateway between your LAN and the Internet. In an ideal network topology , all incoming and outgoing network traf fic passes through the Prestige to protect your LAN against attacks. Figure 284 Ideal Setup The[...]

  • Página 460

    Prestige 2602HW Series User’ s Guide 460 Figure 285 “T riangle Route” Problem The “T riangle Route” Solutions This section presents you two solutions to the “triangle route” problem. IP Aliasing IP alias allows you to partition your network into logical sections over the same Ethernet interface. Y our Prestige supports up to three log[...]

  • Página 461

    Prestige 2602HW Series User’s Guide 461 Gateways on the W AN Side A second solution to the “triangle route” problem is to put all of your network gateways on the W AN side as the following figure shows. This en sures that all incoming network traffic passes through your Prestige to your LAN. The refore your LAN is protected. Figure 287 Gatewa[...]

  • Página 462

    Prestige 2602HW Series User’ s Guide 462[...]

  • Página 463

    Prestige 2602HW Series User’s Guide 463 A PPENDIX I Internal SPTGEN Internal SPTGEN Overview Internal SP TGEN (System Parame ter T able Generator) is a configuration text file useful for efficient configuration of multiple Prestiges. Internal SP TGEN lets you configure, save and upload multiple menus at the same time using just one configuratio n[...]

  • Página 464

    Prestige 2602HW Series User’ s Guide 464 Some parameters are dependent on othe rs. For example, if you disable the Configur e d field in menu 1 (see Figure 288 on page 463 ), then you disable every field in this menu . If you enter a parameter that is invalid in the In put column, the Prestige will not save the configuration and the command line [...]

  • Página 465

    Prestige 2602HW Series User’s Guide 465 Figure 291 Internal SP TGEN FTP Download Example Note: Y ou can rename your “ rom-t ” file wh en you save it to your computer but it must be named “ rom-t ” when you uplo ad it to your Prestige. Internal SPTGEN FTP Upload Example 1 Launch your FTP application. 2 Enter " bin ". The command [...]

  • Página 466

    Prestige 2602HW Series User’ s Guide 466 The following ar e Internal SP TGEN screens a sso ciated with the SMT screens of your Pres tige. PV A Parameter V alues Allowed INPUT An example of what you may enter * Applies to the Prestige. Table 165 Abbreviations Used in the Example Internal SPTGEN Screens Table ABBREVIA TION MEANING Table 166 Menu 1 [...]

  • Página 467

    Prestige 2602HW Series User’s Guide 467 FIN FN PVA INPUT 30200001 = DHCP <0(None) | 1(Server) | 2(Relay)> = 0 30200002 = Client IP Pool Starting Address = 192.168.1.33 30200003 = Size of Client IP Pool = 32 30200004 = Primary DNS Server = 0.0.0.0 30200005 = Secondary DNS Server = 0.0.0.0 30200006 = Remote DHCP Server = 0.0.0.0 30200008 = IP[...]

  • Página 468

    Prestige 2602HW Series User’ s Guide 468 30201008 = IP Alias #1 Incoming protocol filters Set 3 = 256 30201009 = IP Alias #1 Incoming protocol filters Set 4 = 256 30201010 = IP Alias #1 Outgoing protocol filters Set 1 = 256 30201011 = IP Alias #1 Outgoing protocol filters Set 2 = 256 30201012 = IP Alias #1 Outgoing protocol filters Set 3 = 256 30[...]

  • Página 469

    Prestige 2602HW Series User’s Guide 469 30500004 = RTS Threshold <0 ~ 2432> = 2432 30500005 = FRAG. Threshold <256 ~ 2432> = 2432 30500006 = WEP <0(DISABLE) | 1(64-bit WEP) | 2(128-bit WEP)> = 0 30500007 = Default Key <1|2|3|4> = 0 30500008 = WEP Key1 = 30500009 = WEP Key2 = 30500010 = WEP Key3 = 30500011 = WEP Key4 = 3050[...]

  • Página 470

    Prestige 2602HW Series User’ s Guide 470 40000002 = Active <0(No) | 1(Yes)> = 1 40000003 = ISP's Name = ChangeMe 40000004 = Encapsulation <2(PPPOE) | 3(RFC 1483)| 4(PPPoA )| 5(ENET ENCAP)> = 2 40000005 = Multiplexing <1(LLC-based) | 2(VC-based) = 1 40000006 = VPI # = 0 40000007 = VCI # = 35 40000008 = Service Name <Str> [...]

  • Página 471

    Prestige 2602HW Series User’s Guide 471 40000032= RIP Version <0(Rip-1) | 1(Rip-2B) |2(Rip-2M)> = 0 40000033= Nailed-up Connection <0(No) |1(Yes)> = 0 Table 168 Menu 4 Internet Access Setup ( SMT Menu 4) (continued) Table 169 Menu 12 (SMT Menu 1 2) / Menu 12.1.1 IP Static Route Setup (SMT Menu 12.1.1) FIN FN PVA INPUT 120101001 = IP S[...]

  • Página 472

    Prestige 2602HW Series User’ s Guide 472 / Menu 12.1.4 IP Static Route Setup (SMT Menu 12.1.4) FIN FN PVA INPUT 120104001 = IP Static Route set #4, Name <Str> = 120104002 = IP Static Route set #4, Active <0(No) |1(Yes)> = 0 120104003 = IP Static Route set #4, Destination IP address = 0.0.0.0 120104004 = IP Static Route set #4, Destina[...]

  • Página 473

    Prestige 2602HW Series User’s Guide 473 120107006 = IP Static Route set #7, Metric = 0 120107007 = IP Static Route set #7, Private <0(No) |1(Yes)> = 0 / Menu 12.1.8 IP Static Route Setup (SMT Menu 12.1.8) FIN FN PVA INPUT 120108001 = IP Static Route set #8, Name <Str> = 120108002 = IP Static Route set #8, Active <0(No) |1(Yes)> [...]

  • Página 474

    Prestige 2602HW Series User’ s Guide 474 120111004 = IP Static Route set #11, Destination IP subnetmask = 0 120111005 = IP Static Route set #11, Gateway = 0.0.0.0 120111006 = IP Static Route set #11, Metric = 0 120111007 = IP Static Route set #11, Private <0(No) |1(Yes)> = 0 */ Menu 12.1.12 IP Static Route Set up (SMT Menu 12.1.12) FIN FN P[...]

  • Página 475

    Prestige 2602HW Series User’s Guide 475 120115002 = IP Static Route set #15, Active <0(No) |1(Yes)> = 0 120115003 = IP Static Route set # 15, Destination IP address = 0.0.0.0 120115004 = IP Static Route set # 15, Destination IP subnetmask = 0 120115005 = IP Static Route set #15, Gateway = 0.0.0.0 120115006 = IP Static Route set #15, Metric [...]

  • Página 476

    Prestige 2602HW Series User’ s Guide 476 150000014 = SUA Server #4 Port Start = 0 150000015 = SUA Server #4 Port End = 0 150000016 = SUA Server #4 Local IP address = 0.0.0.0 150000017 = SUA Server #5 Active <0(No) | 1(Yes)> = 0 150000018 = SUA Server #5 Protocol <0(All)|6(TCP)|17(U DP)> = 0 150000019 = SUA Server #5 Port Start = 0 150[...]

  • Página 477

    Prestige 2602HW Series User’s Guide 477 150000048 = SUA Server #11 Protocol <0(All)|6(TCP)|17(U DP)> = 0 150000049 = SUA Server #11 Port Start = 0 150000050 = SUA Server #11 Port End = 0 150000051 = SUA Server #11 Local IP addr ess = 0.0.0.0 150000052 = SUA Server #12 Active <0(No) | 1(Yes)> = 0 150000053 = SUA Server #12 Protocol <[...]

  • Página 478

    Prestige 2602HW Series User’ s Guide 478 / Menu 21.1.1.2 set #1, rule #2 (SMT Menu 21.1.1.2) FIN FN PVA INPUT 210102001 = IP Filter Set 1,Rule 2 Type <2(TCP/IP)> = 2 210102002 = IP Filter Set 1,Rule 2 Active <0(No)|1(Yes)> = 1 210102003 = IP Filter Set 1,Rule 2 Protocol = 6 210102004 = IP Filter Set 1,Rule 2 Dest IP address = 0.0.0.0 [...]

  • Página 479

    Prestige 2602HW Series User’s Guide 479 210103013 = IP Filter Set 1,Rule 3 Act Match <1(check next)|2(forward)| 3(drop) = 3 210103014 = IP Filter Set 1,Rule 3 Act Not Match <1(check next)|2(forward)| 3(drop) = 1 / Menu 21.1.1.4 set #1, rule #4 (SMT Menu 21.1.1.4) FIN FN PVA INPUT 210104001 = IP Filter Set 1,Rule 4 Type <2(TCP/IP)> = 2[...]

  • Página 480

    Prestige 2602HW Series User’ s Guide 480 210105009 = IP Filter Set 1,Rule 5 Src Subnet Mask = 0 210105010 = IP Filter Set 1,Rule 5 Src Port = 0 210105011 = IP Filter Set 1,Rule 5 Src Port Comp <0(none)|1(equal) |2(not equal)|3(less)|4( greater)> = 0 210105013 = IP Filter Set 1,Rule 5 Act Match <1(check next)|2(forward)| 3(drop)> = 3 2[...]

  • Página 481

    Prestige 2602HW Series User’s Guide 481 / Menu 21.1.2.1 Filter set #2, rule #1 (SMT Menu 21.1.2.1) FIN FN PVA INPUT 210201001 = IP Filter Set 2, Rule 1 Type <0(none)|2(TCP/IP)> = 2 210201002 = IP Filter Set 2, Rule 1 Active <0(No)|1(Yes)> = 1 210201003 = IP Filter Set 2, Rule 1 Protocol = 6 210201004 = IP Filter Set 2, Rule 1 Dest IP [...]

  • Página 482

    Prestige 2602HW Series User’ s Guide 482 210202009 = IP Filter Set 2, Rule 2 Src Subne t Mask = 0 210202010 = IP Filter Set 2,Rule 2 Src Port = 0 210202011 = IP Filter Set 2, Rule 2 Src Port Comp <0(none)|1(equal)|2 (not equal)|3(less)|4(gr eater)> = 0 210202013 = IP Filter Set 2, Rule 2 Act Match <1(check next)|2(forward)|3( drop)> =[...]

  • Página 483

    Prestige 2602HW Series User’s Guide 483 210204002 = IP Filter Set 2, Rule 4 Active <0(No)|1(Yes )> = 1 210204003 = IP Filter Set 2, Rule 4 Protocol = 17 210204004 = IP Filter Set 2, Rule 4 Dest IP address = 0.0.0.0 210204005 = IP Filter Set 2, Rule 4 Dest Subnet Mask = 0 210204006 = IP Filter Set 2, Rule 4 Dest Port = 137 210204007 = IP Fil[...]

  • Página 484

    Prestige 2602HW Series User’ s Guide 484 210205011 = IP Filter Set 2, Rule 5 Src Port Comp <0(none)|1(equal)|2 (not equal)|3(less)|4(gr eater)> = 0 210205013 = IP Filter Set 2, Rule 5 Act Match <1(check next)|2(forward)|3( drop)> = 3 210205014 = IP Filter Set 2, Rule 5 Act Not Match <1(check next)|2(forward)|3( drop)> = 1 / Menu[...]

  • Página 485

    Prestige 2602HW Series User’s Guide 485 Table 173 Menu 23 System Menus (SMT Me nu 23) */ Menu 23.1 System Password Setup ( SMT Menu 23.1) FIN FN PVA INPUT 230000000 = System Password = 1234 */ Menu 23.2 System security: radius server (SMT Menu 23.2) FIN FN PVA INPUT 230200001 = Authentication Server Configured <0(No) | 1(Yes)> = 1 230200002[...]

  • Página 486

    Prestige 2602HW Series User’ s Guide 486 Command Examples The following are example Internal SP TGEN scr eens associated with the Prestige’ s command interpreter commands. 230400008 = WPA Mixed Mode <0(Disable) |1(Enable)> = 0 230400009 = Data Privacy for Broadcast/ Multicast packets <0(TKIP) |1(WEP)> = 0 230400010 = WPA Broadcast/M[...]

  • Página 487

    Prestige 2602HW Series User’s Guide 487 FIN FN PVA INPUT 990000001 = ADSL OPMD <0(etsi)|1(normal) |2(gdmt)|3(multimo de)> = 3 Table 175 Command Examples (continued) FIN FN PV A INPUT[...]

  • Página 488

    Prestige 2602HW Series User’ s Guide 488[...]

  • Página 489

    Prestige 2602HW Series User’s Guide 489 A PPENDIX J Command Interpreter The following describes how to use the comman d interpreter . Enter 24 in the main menu to bring up the system maintena nce menu. Enter 8 to go to Menu 24.8 - Command Interpr eter Mode . See the included disk or zyxel.com for more detailed information on these commands. Note:[...]

  • Página 490

    Prestige 2602HW Series User’ s Guide 490[...]

  • Página 491

    Prestige 2602HW Series User’s Guide 491 A PPENDIX K Firewall Commands Sys Firewall Commands The following describes the firewa ll commands. See the Command Interpreter appendix for inform ation on the command structure. Each of these commands must be preceded by sys firewall when you use them. For example, type sys firewall active yes to turn on [...]

  • Página 492

    Prestige 2602HW Series User’ s Guide 492[...]

  • Página 493

    Prestige 2602HW Series User’s Guide 493 A PPENDIX L Boot Commands The BootModule A T comm ands execute from wi thin the router’ s bootup software, when debug mode is selected before the main router firmware is start ed. When you start up your Prestige, you are given a choice to go into deb ug mode by pressing a key at the prompt shown in the fo[...]

  • Página 494

    Prestige 2602HW Series User’ s Guide 494 Figure 294 Boot Module Commands AT just answer OK ATHE print help ATBAx change baud rate. 1:38.4k, 2:19.2k, 3:9.6k 4:57.6k 5:115.2k ATENx,(y) set BootExtension Debu g Flag (y=password) ATSE show the seed of passw ord generator ATTI(h,m,s) change system time to hour:min:sec or show current time ATDA(y,m,d) [...]

  • Página 495

    Prestige 2602HW Series User’s Guide 495 A PPENDIX M Log Descriptions This appendix provides descrip tions of example log messages. Table 177 System Maintenance Logs LOG MESSAGE DESCRIPTION Time calibration is successful The router has adjusted its time based on information from the time server . Time calibration failed The router failed to get in[...]

  • Página 496

    Prestige 2602HW Series User’ s Guide 496 Configuration Change: PC = 0x%x, Task ID = 0x%x The router is saving configuration changes. Successful SSH login Someone has logged on to the router ’s SSH server . SSH login failed Someone has failed to log on to the router ’s SSH server . Successful HTTPS login Someone has logged on to the router&apo[...]

  • Página 497

    Prestige 2602HW Series User’s Guide 497 For type and code details, see T able 190 on page 501 . Table 180 TCP Reset Lo gs LOG MESSAGE DESCRIPTION Under SYN flood attack, sent TCP RST The router sent a TCP reset packet when a host was u nder a SYN flood attack (the TCP incomplete count is per destination h ost.) Exceed TCP MAX incomplete, sent TCP[...]

  • Página 498

    Prestige 2602HW Series User’ s Guide 498 Triangle route packet forwarded: ICMP The firewall allow ed a triangle route session to pass through. Packet without a NAT table entry blocked: ICMP The router blocked a packet that didn’t have a corresponding NA T table entry . Unsupported/out-of-order ICMP: ICMP The firewall does not support this kind [...]

  • Página 499

    Prestige 2602HW Series User’s Guide 499 For type and code details, see T able 190 on page 501 . Table 185 UPnP Logs LOG MESSAGE DESCRIPTION UPnP pass through Firewall UPnP p ackets can pass through the firewall. Table 186 Content Filterin g Logs LOG MESSAGE DESCRIPTION %s: block keyword Th e content of a requested web p age matched a user defined[...]

  • Página 500

    Prestige 2602HW Series User’ s Guide 500 ip spoofing - no routing entry ICMP (type:%d, code:%d) The firewall classified an ICMP packet with no source routing entry as an IP spoofing attack. vulnerability ICMP (type:%d, code:%d) The firewall detecte d an ICMP vulnerability attack. traceroute ICMP (type:%d, code:%d) The firewall detecte d an ICMP t[...]

  • Página 501

    Prestige 2602HW Series User’s Guide 501 No Server to authenticate user. Th ere is no authentication serv er to authenticate a user . Local User Database does not find user`s credential. A user was not authenticated by the local user database because the user is not listed in th e local user database. Table 189 ACL Setting Notes P ACKET DIRECTION [...]

  • Página 502

    Prestige 2602HW Series User’ s Guide 502 11 T ime Exceeded 0 T ime to live exceeded in transit 1 Fragment reassembly time exceeded 12 Parameter Problem 0 Pointer indicates the error 13 T imestamp 0 T imestamp request message 14 T imestamp Reply 0 T imestamp reply message 15 Information Request 0 Information request message 16 Informat ion Reply 0[...]

  • Página 503

    Prestige 2602HW Series User’s Guide 503 Table 193 RTP Logs LOG MESSAGE DESCRIPTION Error, RTP init fail The initialization of an RTP session failed. Error, Call fail: RTP connect fail A V oIP phone call failed because th e R TP session could not be established. Error, RTP connection cannot close The termination of an RTP session failed. Table 194[...]

  • Página 504

    Prestige 2602HW Series User’ s Guide 504 The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to the RFC for detailed information on each type. Log Commands Go to the command interpreter interface ( Appendix J on page 489 explains how to access and use the commands). Configuring What Y ou W ant the Prestige [...]

  • Página 505

    Prestige 2602HW Series User’s Guide 505 Figure 296 Displaying Log Para meters Example 4 Use sys logs category foll owed by a log category and a parameter to decide what to record. Use 0 to not record logs for that category , 1 to record only logs fo r that category , 2 to record only alerts for that category , and 3 to record both logs and alerts[...]

  • Página 506

    Prestige 2602HW Series User’ s Guide 506 Log Command Example This example shows how to set the Prestige to re cord the access logs and alerts and then view the results. Figure 297 Log Command Example ras> sys logs load ras> sys logs category access 3 ras> sys logs save ras> sys logs display access # .time source destination notes mess[...]

  • Página 507

    Prestige 2602HW Series User’s Guide Index 507 Index Numerics 11 0 V A C 5 230V AC 5 64kbps 140 8kbps 140 A Abnormal Working Conditions 6 AbS 136 AC 5 Access methods 329 Accessories 5 ACK Message 132 Acts of God 6 Address mapping 127 Address Resolution Protocol (ARP) 83 Ad-hoc Configuration 452 ADSL S tandards 45 , 51 ADSL, what is it? 44 AH 197 A[...]

  • Página 508

    Prestige 2602HW Series User’ s Guide 508 Index Call filtering 331 Call filters Built-in 331 User-defined 331 Call Scheduling 39 9 Maximum Number of Schedule Sets 399 PPPoE 401 Precedence 399 Precedence Example 399 Caller ID 73 , 138 CBR 293 CBR (Continuous Bit Rate) 11 3 CCK 49 CDR 361 CDR (Call Detail Record) 360 CE regulations 49 Certificate Au[...]

  • Página 509

    Prestige 2602HW Series User’s Guide Index 509 Destination Address 171 Device Filter rules 340 Device rule 340 DH 216 DHCP 51 , 73 , 80 , 81 , 149 , 257 , 358 DHCP client 51 DHCP relay 51 DHCP server 51 DHCP T able 257 Diagnostic Screens 260 Diagnostic T ools 35 5 Dialing Interval 144 Differential Binary Phase Shift Keyed Modulation 49 Differentia[...]

  • Página 510

    Prestige 2602HW Series User’ s Guide 510 Index Europe 5 Exiting the SMT 268 Expiration Duration 139 Exposure 5 Extended Service Se t 452 Extended Service Se t (ESS) 87 Extensible Authentication Protoco l 89 External Antenna 49 F Factory LAN Defaults 81 Failure 6 FCC 4 Compliance 4 Rules, Part 15 4 FCC Rules 4 Federal Communication s Commission 4 [...]

  • Página 511

    Prestige 2602HW Series User’s Guide Index 511 H Half-Open Sessions 188 Harmful Interfere nce 4 Hidden Menus 267 Hidden node 88 High V oltage Points 5 Hop Count 300 , 307 Host 77 Host IDs 441 HTTP 123 , 155 , 157 , 15 8 , 409 , 410 HyperT erminal 378 , 379 HyperT erminal program 370 , 373 I IANA 66 , 67 IANA (Internet Assigned Number Authority) 17[...]

  • Página 512

    Prestige 2602HW Series User’ s Guide 512 Index IP S tatic Route 305 IP S tatic Route Se tup 306 IPSec 195 IPSec Algorithm 405 IPSec algorithm 416 IPSec Algorithms 197 , 201 IPSec and NA T 198 IPSec Architecture 197 IPSec rule 404 IPSec standard 48 IPSec VPN Capability 48 ISDN (Integrated Synchronous Di gital System) 46 ITSP 54 ITU-T 143 J Jitter [...]

  • Página 513

    Prestige 2602HW Series User’s Guide Index 513 Modem 43 Modifications 4 Moving the Cursor 267 MSDU (MAC Service Data Unit) 286 Multicast 82 , 300 Multimedia 131 Multiple SIP Accounts 47 Multiple V oice Channels 47 Multiplexing 52 , 64 , 65 , 293 , 296 multiplexing 52 , 64 LLC-based 64 VC-based 64 Multiprotocol Encapsulation 64 My IP Address 202 My[...]

  • Página 514

    Prestige 2602HW Series User’ s Guide 514 Index PHONE 1 and 2 Ports 138 Phone Port Screen 143 , 148 Phone Port Settings 144 , 148 Photocopying 3 Ping 260 , 363 Ping of Death 158 Pipes 5 Point to Point Protocol over A TM Adaptation Layer 5 (AAL5) 63 Point-to-Point 44 Point-to-Point Tunneling Protocol 124 policy-based routing 391 Pool 5 POP3 123 , 1[...]

  • Página 515

    Prestige 2602HW Series User’s Guide Index 515 REGISTER Server Port 72 , 138 Register ed 3 Registered Trademark 3 Regular Mail 7 Related Documentation 41 Relay to PSTN 147 Relocate 4 Re-manufact ured 6 Remote Authentication Dial-In User Service 89 Remote DHCP Server 283 Remote Management 229 Firewall 329 Remote Management and NA T 230 Remote Manag[...]

  • Página 516

    Prestige 2602HW Series User’ s Guide 516 Index Security Parame ter Index (SPI) 412 Security Parameters 98 security protocols 405 Security Ramifications 170 Separation Between Equipment and Receiver 4 Serial Number 7 Server 43 , 122 , 315 , 317 , 319 , 320 , 322 , 323 , 384 Server behind NA T 319 Service 5 , 6 , 171 Service Personnel 5 Service T y[...]

  • Página 517

    Prestige 2602HW Series User’s Guide Index 517 System Information 357 System S tatus 355 System Information 357 System Information & Diagnosis 355 System Maintenance 250 , 355 , 357 , 366 , 369 , 376 , 377 , 381 , 382 , 38 4 System Management T erminal 265 , 267 System Parameter T able Generator 463 System password 349 System Security 349 Syst[...]

  • Página 518

    Prestige 2602HW Series User’ s Guide 518 Index User Authentication 96 User Name 150 User Profiles 105 user profiles 353 V VA D 47 , 143 V AD Su pport 144 Va l u e 6 V ariab le Bit Rate 293 VBR 293 VBR (V ari able Bit Rate) 11 3 VC-based Multiplexing 296 VCI 65 V endor 5 V entilation Slots 5 VID 142 Viewing Certifications 4 Virtual Channel Identif[...]

  • Página 519

    Prestige 2602HW Series User’s Guide Index 519 X Xmodem File Upload 378 XMODEM protocol 366 Z Zero Configu ration 11 4 Zero Configurati on Internet Access 48 Zero configuratio n Internet access 111 ZyNOS 3 , 366 ZyNOS (ZyXEL Network Operating System) 365 ZyNOS F/W V e rsion 366 ZyXEL Communications Corporation 3 ZyXEL Home Page 4 ZyXEL Limi ted W [...]