ZyXEL Communications IES-5005, IES-6000 Limiting Internet access to users on specific DSL ports

Page 85
Limiting Internet access to users on specific DSL ports

IES-5000/5005/6000 Support Notes

Limiting Internet access to users on specific DSL ports

Some ISPs may want to limit the number of computers behind certain DSL ports to access the Internet or allow computers with specific MAC addresses to access the Internet. These tasks can be easily done with the port security and MAC address filtering features on the IES-5000.

Internet

IES-5000(ALC/SLC)

Port 3

Setting up MAC Filter/Port SecurityADSL/SHDSL CPE

PC 1

PC 2

PC 3

Setting up MAC Filter/Port Security

In this section, we will show you how to configure the IES-5000 to allow only computers with the specified MAC addresses to access the Internet through port 3.

1. IES-5000 settings

1.1 Configuring MAC filter

On the IES-5000, enable MAC filtering on port 3 and specify the MAC addresses allowed. This sets the IES-5000 to allow only computers with the specified MAC addresses on port 3 to access the Internet. A computer with any other MAC addresses

84

All contents copyright (c) 2008 ZyXEL Communications Corporation.

Page 84 Page 86
Image 85
Page 84 Page 86
Contents IES-5000/5005/6000 Integrated Ethernet SwitchSupport Notes INDEX IES-5000/5005/6000 Support NotesApplication Notes Triple play Application with VLC Line CardTriple Play Triple Play scenario topology P-870H-51 Hardware connectionsIES-5000M Main Chassis MSC1000GIES-5000 Firmware versionsHow to set the P-870H-51 to factory-default? Configure the P-870H-511. System login Configure the IES-50002. Configure the VLC1348G-51 a. Click Port VDSL Sub-step 1 Open VLAN setup page Sub-step 2 Join VLAN 100 to VDSL port Sub-step 3 Join VLAN 500 to VDSL port IES-5000/5005/6000 Support Notes 3. Configure the MSC1000G a. Click VLAN VLAN d. Check the final VLAN setup status of the MSC1000G 4. Use ACL rule to replace the VID / Priority for the PPPoE packets a. Loginb. ACL-rule profile CLI syntax 1 Create ACL profiles 5. Use MVR to configure the IPTV setting on MSC1000G a. Login 6. Configure the IGMP-Proxy and Static Query VLAN a. Login d. Check the Query VLAN status 2. If setting is successful, result is as below 7. Save configuration for the IPDSLAMConfigure the ES-2024A 2. Configure VLANs 2. VLAN 500 for VoIP 3. VLAN 700 for IPTV 4. Check final status of the VLAN settings 1. Click Advance Application VLAN, then choose the VLAN Port Setting c. Set the default PVID for the relative ports in this scenarioDon’t forget to click Apply to save the settings 2.Set port 1 / 5 / 7’s PVID as 100 / 500 / 700 as below2. Click Apply at bottom to save the settings 1. Click Basic Setting Port Setup to call the page belowe. Save all the settings for the ES-2024A Triple play Application with ALC/SLC Line Card Setting up Multiple PVCsIES-5000 SLC-1248G or ALC-1248G 1. IES-5000 Settings 2. Prestige 660R-61P791 Settings 3.1 VALN 3. ES-2024 settingsIES-5000/5005/6000 Support Notes Set the PVIDs on port 1 and 2 to 10 and 20 respectively 3.2 PVID setupIES-5000/5005/6000 Support Notes IES‐5000 Slot VLC1348G‐51 IES-5000/5005/6000 Support Notes VDSL2 to ADSL2+ FallbackP‐660H‐61 ADSL2+ CPE1. Telnet into the P-660H-61 Configure the P-660H-61a. Enter 1 in the Main Menu to open Menu 1 - General Setup 2. General Setupb. Type a name in the System Name field c. Select No in the Route IP field d. Select Yes in the Bridge fielda. Enter 11 in the Main Menu to open Menu 11 - Remote Node Setup 3. Remote Node Setupb. Enter 1 to configure the remote node of MyISP ISP, SUA e. Select RFC 1483 in the Encapsulation field c. Menu 11.1 - Remote Node Profile appearsf. Select LLC-based in the Multiplexing field l. Press ENTER to confirm your changes j. Menu 11.6 - Remote Node ATM Layer Options appears1. Login Configure the VLC1348G-51IES-5000/5005/6000 Support Notes c. Select Enable 2. VDSL Port Setupa. Click Port VDSL e. Click Apply3. PVC Setup a. Click Config Save on the navigation panel 4. Config save5. Check status a. Click Statistics Port Statistics c. Click Diagnostic Loopbackd. Select port e. Type 8 in VPI and 35 in VCI f. Click the Test button to perform an OAM F5 loopback test on portIES-5000/5005/6000 Support Notes IES-5000/5005/6000 Support Notes Impulse Noise Protection INP What is UPBO? IES-5000/5005/6000 Support Notes Upstream Power Back-Off UPBOPSD f PSD f Non-FEXT dominated environment Do not apply UPBO Modes of UPBOFEXT-dominated environment 1. Protection of the long loopMethods of UPBO 4. Spectral mask compatibility with other services3. Improved performance of short loops What is CFM? IES-5000/5005/6000 Support Notes 802.1ag CFMMA--Maintenance Association MD--Maintenance DomainMEP--Maintenance End point CFM TermsMIP--Maintenance Intermediate Point 1. CFM MD Screen WEB GUI Introduction2. CFM MA Screen 3. CFM MEP Screen 4. Loopback Diagnosis Enable CFM CLI Command IntroductionDisable CFM MSC1000Gswtichcfm disable Create a MD Create a MEP MSC1000G switch cfmmep setIES-5000/5005/6000 Support Notes Configuring and applying the profiles to subscriber ports Setting up different DSL port speeds to different subscribersInternet IES-5000 ALC-1248G2. Prestige 660R-61 2.2 Menu 4 Internet Access Setup 2.1 Menu 1 General Setup2.3 Menu11.1 Remote Node Profile 2.4 Menu11.6 Remote Node ATM Layer Options Setting up a VLAN IES-5000/5005/6000 Support Notes Configuring 802.1Q VLAN1.1 VLAN settings 1.2 PVID settingsTGE1 switch port pvid up1 TGE1 switch port pvid up2 802.1x ApplicationAuthenticator Authorized Authentication Server RADIUSSetting up 1. Authenticator Setup IES-50002.1 RADIUS server setup 2. RADIUS Setup Vantage2.2 Create a User Account 3. Supplicant Setup Windows XP IES-5000/5005/6000 Support Notes Syslog Server Application 4. Prestige 660R-61 SettingsPlease refer to the procedures described in the previous application 1. Installing and Running Kiwi’s Syslog Server Setting up a Syslog serverNetwork 2. IES-5000 settings 1. IES-5000 settings Setting up a Ring EnvironmentIES-5000/5005/6000 Support Notes Ring Topology Application 1.1 Activating Spanning Tree protocol on Ethernet Ports2.2 Activating Spanning Tree protocol on Ethernet ports 2. Setup IES-2000 2.1 Activating Spanning Tree protocolports 1 and 2. The following shows the CLI commands CI command TGE1 sys sw rstp enable TGE1 sys sw rstp port enableSelect Rapid Spanning Tree Protocol to enable it on the port Click Uplink2 to configure this portIES-5000/5005/6000 Support Notes 3. ES-4024 Settings 3.1 Activating Spanning Tree protocol 4. Status Results IGMP IGMP Snooping/IGMP Filtering ApplicationEthernet Port Router1. IES-5000 settings 1.1 Activating IGMP Snooping Setting up IGMP snooping/IGMP filtering1.2 Setting up IGMP Filtering Setting up MAC Filter/Port Security Limiting Internet access to users on specific DSL ports1. IES-5000 settings 1.1 Configuring MAC filter DHCP Relay Option 82 Application 1.2 Configuring Port SecurityNetwork DHCP Server Setting up DHCP Relay OptionADSL/SHDSL CPE DHCP Client 3. IP Commander settings 2. CPE settingsIES-5000/5005/6000 Support Notes Enter a name and description for the new rule IES-5000/5005/6000 Support Notes Select DHCP Option in the Keywords field IES-5000/5005/6000 Support Notes In the next wizard screen, click Next to continue IES-5000/5005/6000 Support Notes Click Finish to complete the wizard setup After the configuration, your computer should obtain an IP address of 192.168.1.201 from the DHCP server once the computer is connected to the network Packet Filtering1. IES-5000 settings ALC-1248G/SLC 1248G Setting up Packet FilteringNetwork Client Client7- 4 accept-all 7- 5 accept-all 7- 6 accept-all 7- 7 accept-all 7-46 accept-all 7-47 accept-all 7-48 accept-all TGE1 7-42 accept-all 7-43 accept-all 7-44 accept-all 7-45 accept-all
Top Page Image Contents