Manuals / ZyXEL Communications / Computer Equipment / Network Router

ZyXEL Communications 1001H manual Configuring a Filter Rule, Filter Types and NAT

Models: 1001H

1 160

Download 160 pages 37.84 Kb

Page 111

P100IH ISDN Router

Abbreviation

Description

SP

Source Port number

DA

Destination Address

DP

Destination Port number

zIf the filter type is GEN (generic), the following abbreviations listed in the following table will be used.

Table 9-3 Abbreviations Used If Filter Type Is GEN

Abbreviation

Description

Off

Offset

Len

Length

Refer to the next section for information on configuring the filter rules.

9.3Configuring a Filter Rule

To configure a filter rule, enter its number in Menu 21.1 - Filter Rules Summary and press [Enter] to open Menu 21.1.1 for the rule.

There are two types of filter rules: TCP/IP and Generic. Depending on the type of rule, the parameters below the type will be different. Use the space bar to select the type of rule that you wish to create in the Filter Type field and press [Enter] to open the respective menu.

9.3.1Filter Types and NAT

The network layer filters are collectively called protocol filters. When NAT (Network Address Translation) is enabled, the inside IP address and port number are replaced on a connection-by-connection basis, which makes it impossible to know the exact address and port on the wire. Therefore, the Prestige applies the protocol filters to the “native” IP address and port number before NAT for outgoing packets and after NAT for incoming packets. On the other hand, the generic, or device, filters are applied to the raw packets that appear on the wire. They are applied at the point when the Prestige is receiving and sending the packets; i.e. the interface. The interface can be an Ethernet port or any other hardware port. The following diagram illustrates this.

Filter Configuration

9-7

Image 111

ZyXEL Communications 1001H manual Configuring a Filter Rule, Filter Types and NAT, Abbreviations Used If Filter Type Is GEN

Contents

ZyXEL Page Trademarks ZyXEL Limited WarrantyCopyright DisclaimerDeclarations Customer Support Iii Customer SupportPage Table of Contents 10-1 10.1 Table Of Contents Vii List Of Figures List of Figures10 Editing The First Rule in a Set 11-4 15 HyperTerminal Screen 11-13 Successful Restoration 11-14 List Of Tables List of TablesList Of Tables Xiii Page Ethernet Setup Information PrefacePreface Internet Chapter Management & Maintenance ChaptersTroubleshooting Chapter Getting Started ChaptersGetting to Know Your Isdn Router Features of the PrestigeClid Callback Support For Dial-In Users Extensive Analog Phone SupportIncoming Call Support Outgoing Data Call Bumping SupportPAP and Chap Security Prestige Network Commander PNCFull Network Management Logging and TracingApplications for Prestige 100IH Internet AccessUpgrade P100IH Firmware via LAN Supplementary Voice FeaturesRemote Access Server LAN-to-LAN ConnectionInternet Single User Account Telecommuting/Remote Access Server Application LED functions Hardware Installation & Initial SetupHardware Installation and Setup Front Panel LEDs of P100IHPrestige 100IH Rear Panel and Connections Prestige 100IH Rear Panel and ConnectionsConnecting a Workstation to the Prestige Additional Installation RequirementsInitial Screen Power On Your PrestigeMain Menu Commands Navigating the SMT InterfaceOperation Press/read Description System Management Terminal Interface Summary Main Menu SummaryMenu Title Description Filename conventions Changing the System PasswordResetting the Prestige General SetupGeneral Setup Menu Fields Isdn Setup MenusSupplementary Voice Services Setup MenusPabx Outside Line Prefix MSN and SubaddressIncoming Call Routing Global CallsThis field is fixed as DSS1or 1TR6 Menu 2 Isdn SetupCalling Line Indication Advanced SetupHow to use call waiting Isdn Call WaitingIsdn Advanced Setup Ethernet Setup12 Menu 3.1 General Ethernet Setup General Ethernet SetupTCP/IP Parameters Internet AccessFactory Ethernet Defaults Internet AccessPrivate IP Addresses RIP SetupDhcp Configuration IP Pool SetupDNS Server Address Menu 3.2 TCP/IP and Dhcp Ethernet Setup TCP/IP Ethernet Setup and DhcpDhcp Ethernet Setup Menu Fields NoneRelay TCP/IP Ethernet Setup Menu Fields Internet Account Information Internet Access ConfigurationField Description Internet Access Setup Menu FieldsUsed foe SUA only Page Introduction Advantages of NATHow NAT works How NAT Works NAT Mapping TypesNAT Mapping Types NAT ApplicationNAT Application SUA Single User Account Versus NATNAT Setup In The Main Menu SMT MenusApplying NAT in the SMT Menus Translation Field Options Description Network Full FeatureApplying NAT in Menus 4 AddressAddress Mapping Sets and NAT Server Sets Configuring NATMenu 15.1 Address Mapping Sets Server Field Description Options/ExampleMenu Ordering Your Rules10 Editing The First Rule in a Set Menu 15.1.1.1 configuring an individual rule Multiple Servers Behind NAT NAT Server Sets13 Menu 15.2 NAT Server Sets Configuring a Server behind NATExample 1 Internet Access Only Services & Port numbersExamples 16 Internet Access & NAT Example Example 2 Internet Access with an Inside Server18 Specifying an Inside Sever Example 3 General Case19 NAT Example 20 Example 3 Menu 22 Example 3 Menu Example 4 Non NAT Friendly Application Programs24 Example 4- Menu Page Minimum Toll Period Remote Node ConfigurationRemote Node Setup Remote Node ConfigurationMenu 11 Remote Node Setup Remote Node Profile Menu Fields Enable DisableYes then 64k Leased Outgoing Authentication ProtocolPPP Multilink Bandwidth on DemandBTR v MTR for BOD Menu 11.2 Remote Node PPP Options Editing PPP OptionsRemote Node PPP Options Menu Fields Menu 11.5 Remote Node Filter Remote Node FilterPage Remote Node TCP/IP Configuration Remote Node TCP/IP ConfigurationLAN-to-LAN Application Menu 11.3- Remote Node TCP/IP Options Remote Node SetupTCP/IP related fields in Remote Node Profile YesMenu 11.3 Remote Node Network Layer Options menu Yes/No TCP/IP Remote Node Configuration Example of Static Routing Topology Static Route SetupMenu 12.1 IP Static Route Setup Edit IP Static Route Menu Fields Page Remote Dial-in Users Remote Nodes Dial-in Server ConfigurationRemote Dial-in Users/Remote Nodes Comparison Chart Dial-In Server ConfigurationExample of Telecommuting LAN-to-LAN Server Application Remote Access ServerClid Callback Support For Dial-In Users Default Dial-In SetupRequired Default Dial-in Setup Fields64/128 Dial-In IP Address Supplied By Dial-in User is set to Default Dial-in FilterDefault Dial-in Filter Dial-In Users SetupMenu 14 Dial-in User Setup Optional Edit Dial-in User Menu FieldsActive InactiveCallback Clid AuthenticationAdvanced Phone Services Supplemental Services by regionAdvanced Phone Services Flash Key Setting Up Supplemental Phone ServiceSupplemental Services by switch type Getting StartedThree Way Calling How to use call waitingHow To Use Three Way Calling Call WaitingTo Do a Blind Transfer How To Use Call TransferCall Transfer Call ForwardingReminder Ring Phone Flash CommandsPage Filter Configuration Filter ConfigurationAbout Filtering Filter Set Filter Structure of the Prestige Menu 21 Filter Set Configuration Configuring a Filter SetFilter Rules Summary Menu Abbreviations Used in the Filter Rules Summary MenuAbbreviations Description Display Abbreviation Description Abbreviations Used If Filter Type Is IPAction Not Matched will be N/A Refers to Action Matched Refers to Action Not MatchedConfiguring a Filter Rule Filter Types and NATAbbreviations Used If Filter Type Is GEN Protocol and Device Filter Sets 2 TCP/IP Filter RuleTCP/IP Filter Rule Menu Fields Menu 21.1.1 TCP/IP Filter RuleAction Matched None/Less/GreaterEqual/Not Equal Yes / N/AField Description Option Forward Drop Executing an IP Filter Menu 21.1.2 Generic Filter Rule Generic Filter RuleGeneric Filter Rule Menu Fields Ethernet traffic Applying a Filter and Factory Defaults11 Filtering Remote Node traffic Remote Node FiltersTelnet 10-1 Telnet Configuration and CapabilitiesAbout Telnet Configuration Telnet Under NATTelnet Single AdministratorSystem Timeout Telnet CapabilitiesSystem Maintenance 11-1 System MaintenanceSystem Maintenance Status Menu Fields System MaintenanceSystem Status ALU System Maintenance 11-3LAN Packet That Triggered Last Call System InformationModified in Menu 1 General Setup System Maintenance 11-5Viewing Error Log Log and TraceConsole Port Speed Syslog And Accounting System Maintenance 11-7Parameter Description System Maintenance Menu Syslog ParametersSystem Maintenance 11-9 DiagnosticSystem Maintenance Menu Diagnostic Display for a Successful Manual Call 10 Display for a Failed Authentication11 Backup Configuration Backup ConfigurationSystem Maintenance 11-13 Restore ConfigurationUpload Router Firmware Firmware UploadSystem Maintenance 11-15 Uploading Router Configuration FileTftp Transfer Boot module commands Example Using the Walusoft Tftp clientSystem Maintenance 11-17 21 Boot module commands Command Interpreter Mode System Maintenance 11-19Call Control Call Control Parameters 23 Menu 24.9 System Maintenance Call ControlBlacklist System Maintenance 11-2126 Menu 24.9.3 Budget Management Budget ManagementTime and Date Setting System Maintenance 11-23Call History 28 System Maintenance Time and Date Setting System Maintenance 11-25 Time and Date Setting FieldsPage Call Scheduling Call SchedulingSchedule Set Setup Applying a Schedule Set Schedule Set Setup FieldsApplying Schedule Sets to a Remote Node Troubleshooting TroubleshootingProblems Starting Up the Prestige Troubleshooting the Start-Up of your PrestigeTroubleshooting the Isdn Line Problems With the Isdn LineProblems with the LAN Interface Problems Connecting to a Remote Node or ISPProblems for Remote User to Dial-in Page Appendix Acronyms and AbbreviationsAcronyms and Abbreviations Trivial File Transfer Protocol Index IndexNAT