ZyXEL Communications 100IH manual Configuring a Filter Rule, 1 TCP/IP Filter Rule

Page 103

Prestige 100 and 100IH ISDN Router and Router/Hub

8.3Configuring a Filter Rule

To configure a filter rule, enter its number in Menu 21.1 - Filter Rules Summary and press Enter to open Menu 21.1.1 for the rule.

There are two types of filter rules: TCP/IP and Generic. Depending on the type of rule, the parameters below the type will be different. Use the space bar to select the type of rule that you wish to create in the Filter Type field and press Enter to open the respective menu.

The network layer filters are collectively called protocol filters. When NAT/SUA (Network Address Translation/Single User Account) is enabled, the inside IP address and port number are replaced on a connection-by-connection basis, which makes it impossible to know the exact address and port on the wire. Therefore, the Prestige applies the protocol filters to the “native” IP address and port number before NAT/SUA for outgoing packets and after NAT/SUA for incoming packets. On the other hand, the generic, or device, filters are applied to the raw packets that appear on the wire.

To speed up filtering, all rules in a filter set must be of the same class, i.e., protocol filters or generic filters. The class of a filter set is determined by the first rule that you create. When applying the filter sets to a port, separate menu fields are provided for protocol and device filter sets. If you include a protocol filter set in a device filters field or vice versa, the Prestige will warn you and will not allow you to save.

8.3.1 TCP/IP Filter Rule

This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on the fields in the IP and the upper layer protocol, e.g., UDP and TCP, headers.

To configure a TCP/IP rules, select TCP/IP Filter Rule from the Filter Type field and press Enter to open Menu 21.1.1 - TCP/IP Filter Rule, as shown below.

Filter Configuration

8-7

Page 102 Page 104
Image 103
Page 102 Page 104
Contents ZyXEL Prestige 100 and 100IH ECC Interference Statement Iii ZyXEL Limited Warranty Customer Support Page Table of Contents Chapter Advanced Phone Services Chapter Remote Node ConfigurationChapter Remote Node TCP/IP Configuration Chapter Dial-in Server Configuration11-1 10-1Index Table of Contents List of Figures Internet Access ApplicationXii List of Figures/Tables Xiii List of Tables Generic Filter Rule Menu Fields About Your Prestige PrefaceStructure of this Manual Page Getting to Know Your Isdn Router Features of the PrestigeAUI Interface P100 only Upgrade P100IH Firmware via LAN Applications for Prestige 100 and 100IH Internet AccessLAN-to-LAN Connection LAN-to-LAN Connection Application Remote Access ServerTelecommuting/Remote Access Server Application Front Panel Leds of P100 Hardware Installation & Initial SetupFront Panel Of P100IH LED functions Front Panel LEDs of P100IHPrestige 100IH Rear Panel and Connections Prestige 100IH Rear Panel and ConnectionsPrestige 100 Rear Panel and Connections UTP Interface Additional Installation Requirements Power-On Display Power On Your PrestigeNavigating the SMT Interface Main Menu CommandsOperation Press/read Description Main Menu Summary System Management Terminal Interface SummaryMenu Title Description Menu 23.1 System Password Changing the System PasswordMenu 1 General Setup General SetupSwitch Type Geography No of Phone #s No of SPIDs Isdn Setup MenusGeneral Setup Menu Fields SPIDs, Phone #’s, Switch Types10 North American Isdn Setup North American Isdn Setup MenusNorth American Isdn Menu Setup Fields Menu 2.1 fields NI-1 Default Feature Key SettingsNone MSN and Subaddress European DSS1 & German 1TR6 Isdn Setup MenusOutgoing Calling Party Number Outgoing Calling Party Number otherwise, leave it blank 10 Menu 2 Isdn SetupIgnore Incoming Phone Number Matching is Don’t Care15 Loopback test Ethernet SetupGeneral Ethernet Setup Protocol Dependent Ethernet SetupPage IP Address and Subnet Mask Chapter Internet AccessFactory Ethernet Defaults TCP/IP ParametersDhcp Configuration RIP SetupIP Pool Setup Menu 3.2 TCP/IP and Dhcp Ethernet Setup TCP/IP Ethernet Setup and DhcpDhcp Ethernet Setup Menu Fields Only/Out Only TCP/IP Ethernet Setup Menu Fields2B/RIP-2M Both Internet Account Information Internet Access ConfigurationMenu 4 Internet Access Setup Field Internet Access Setup Menu FieldsSingle User Account Topology Single User AccountAdvantages of SUA Single User Account Menu Fields Single User Account ConfigurationField Description Configure a Backup ISP Configuring Backup ISP AccountsTo Switch ISP Page Remote Node Setup Chapter Remote Node ConfigurationRemote Node Profile Menu 11 Remote Node Setup Outgoing Remote Node Profile Menu FieldsField Description Options Yes/NoYes then EnableAllocated Budget and Period do not apply Outgoing Authentication Protocol64k LeasedBandwidth on Demand PPP MultilinkBTR v MTR for BOD Menu 11.2 Remote Node PPP Options Editing PPP OptionsRemote Node PPP Options Menu Fields Menu 11.5 Remote Node Filter Remote Node FilterPage LAN-to-LAN Application Remote Node TCP/IP ConfigurationMenu 11.3- Remote Node TCP/IP Options Remote Node SetupYes TCP/IP related fields in Remote Node ProfileOnly /Out Only TCP/IP Remote Node Configuration2B/RIP-2M Example of Static Routing Topology Static Route SetupMenu 12.1 IP Static Route Setup Edit IP Static Route Menu Fields Page Remote Dial-in Users/Remote Nodes Comparison Chart Chapter Dial-in Server ConfigurationRemote Dial-in Users Remote Nodes Telecommuting Remote User Remote Access ServerExample of a LAN-to-LAN Server Application LAN-to-LAN Server ApplicationMenu 13 Default Dial-in Setup Default Dial-In SetupRequired Default Dial-in Setup FieldsPreferred Dial-In IP Address Supplied By Dial-in User is set to Default Dial-in Filter Dial-In Users SetupMenu 14 Dial-in User Setup Optional Edit Dial-in User Menu FieldsMandatory Callback Clid AuthenticationMultiple Servers behind SUA Configuring a Server behind SUAServices vs. Port number Multiple Server ConfigurationSupplemental Services by region Chapter Advanced Phone ServicesSupplemental Services by switch type Setting Up Supplemental Phone ServiceGetting Started Three Way Calling How to use call waitingFlash Key Call WaitingHow To Use Call Transfer How To Use Three Way CallingCall Transfer To Do a Blind Transfer Phone Flash CommandsCall Forwarding Reminder RingPage About Filtering Chapter Filter ConfigurationFilter Structure of the Prestige Menu 21 Filter Set Configuration Configuring a Filter Set Abbreviations Used in the Filter Rules Summary Menu Filter Rules Summary Menu Abbreviations Description Display Abbreviation Description Abbreviations Used If Filter Type Is IPAbbreviations Used If Filter Type Is GEN 1 TCP/IP Filter Rule Configuring a Filter RuleMenu 21.1.1 TCP/IP Filter Rule Yes / N/A TCP/IP Filter Rule Menu FieldsNone/Less/Greater Equal/Not EqualForward Action MatchedAction Not Matched Check Next RuleMenu 21.1.2 Generic Filter Rule Generic Filter RuleGeneric Filter Rule Menu Fields Ethernet traffic Applying a Filter and Factory DefaultsCheck Next Rule Forward Drop Filtering Remote Node traffic Remote Node FiltersAbout Telnet Configuration Telnet Configuration and CapabilitiesTelnet Under SUA System Timeout Single AdministratorTelnet Capabilities Menu 24 System Maintenance Chapter System MaintenanceSystem Status Menu 24.1 System Maintenance StatusALU System Maintenance Status Menu FieldsLAN Packet That Triggered Last Call System Information System Maintenance InformationModified in Menu 1 General Setup Fields in System MaintenanceConsole Port Speed Log and Trace Viewing Error LogExamples of Error and Information Messages Syslog And Accounting System Maintenance Menu Syslog ParametersParameter Description Error Information Messages Menu 24.4 System Maintenance Diagnostic DiagnosticSystem Maintenance Menu Diagnostic This figure shows an example where authentication failed Restore Configuration Backup ConfigurationSoftware Update 11 Menu 24.7 Software Update Boot module commandsCall Control Command Interpreter ModeCall Control Parameters 14 Menu 24.9 System Maintenance Call ControlCall Control Parameters Fields BlacklistCall History Budget ManagementCall History Fields 18 Call HistoryProblem Corrective Action Chapter TroubleshootingProblems Starting Up the Prestige Troubleshooting the Start-Up of your PrestigeTroubleshooting the Isdn Line Problems With the Isdn LineProblems Connecting to a Remote Node or ISP Problems with the LAN InterfaceProblems for Remote User to Dial-in Page Acronyms and Abbreviations AppendixPAP Index IndexSubnet mask, 3-2, 3-6, 5-4
Related manuals
Manual 140 pages 54.37 Kb Manual 67 pages 10.23 Kb Manual 5 pages 9.28 Kb
Top Page Image Contents