Manuals / Brands / Computer Equipment / Network Card / ZyXEL Communications / Computer Equipment / Network Card

ZyXEL Communications 650 Series manual 488

1 513
Download 513 pages, 12.93 Mb
Contents
ADSL Router User's Guide Copyright Federal Communications Commission (FCC) Interference Statement ZyXEL Limited Warranty Customer Support Table of Contents Page Chapter 11 Firewall Configuration Chapter 12 Creating Custom Rules Chapter 13 Customized Services VPN/IPSec Chapter 16 VPN Screens Page Chapter 21 Maintenance Chapter 26 Internet Access Chapter 27 Remote Node Configuration Chapter 33 SNMP Configuration Chapter 34 System Security Chapter 39 IP Policy Routing Chapter 40 Call Scheduling Chapter 42 SA Monitor Chapter 43 Internal SPTGEN Appendices and Index B-1 Appendix C Wireless LAN and IEEE C-1 Appendix D PPPoE D-1 List of Figures Page Page Page Page Page Page List of Tables Page Page Page List of Charts Preface Control Panels Modem The following section offers some background information on DSL. Skip to Chapter 1 if you wish to begin working with your router right away User Guide Feedback Introduction to DSL Part I: Getting Started Page 1.1Introducing the Prestige 650 Series 1.2Features of the Prestige Four-PortSwitch High Speed Internet Access IEEE 802.11b 11Mbps Wireless LAN PPPoE Support (RFC2516) IEEE 802.1x Network Security IPSec VPN Capability Bandwidth Management Universal Plug and Play (UPnP) 10/100M Auto-negotiationEthernet/Fast Ethernet Interface Dynamic DNS Support DHCP Support IP Alias IP Policy Routing (IPPR) Protocol Support Networking Compatibility Multiplexing Encapsulation Diagnostics Capabilities Filters 1.3Applications for the Prestige 1.3.1 Internet Access 1.3.2 LAN to LAN Application 2.1Web Configurator Overview 2.2Accessing the Prestige Web Configurator 2.3Navigating the Prestige Web Configurator 2.4Configuring Password 2.5Resetting the Prestige 2.5.1 Using The Reset Button 2.5.2 Uploading a Configuration File Via Console Port Figure 2-4Example Xmodem Upload Page 3.1Wizard Setup Introduction 3.2Encapsulation 3.2.1 ENET ENCAP 3.2.2 PPP over Ethernet 3.2.3 PPPoA 3.3Multiplexing 3.3.1 VC-basedMultiplexing 3.3.2 LLC-basedMultiplexing 3.4VPI and VCI 3.5Wizard Setup Configuration: First Screen Figure 3-1Wizard Screen Table 3-1Wizard Screen 3.6IP Address and Subnet Mask 3.7IP Address Assignment 3.7.1 IP Assignment with PPPoA or PPPoE Encapsulation 3.7.2 IP Assignment with RFC 1483 Encapsulation 3.7.3 IP Assignment with ENET ENCAP Encapsulation 3.7.4 Private IP Addresses 3.8Nailed-UpConnection (PPP) 3.9NAT 3.10 Wizard Setup Configuration: Second Screen 3.10.1 PPPoA Figure 3-2Internet Connection with PPPoA Table 3-2Internet Connection with PPPoA Page 3.10.2 RFC 3.10.3 ENET ENCAP Figure 3-4Internet Connection with ENET ENCAP Table 3-4Internet Connection with ENET ENCAP 3.10.4 PPPoE 3.11 DHCP Setup 3.11.1 IP Pool Setup 3.12 Wizard Setup Configuration: Third Screen Figure 3-7Wizard : LAN Configuration Table 3-6Wizard : LAN Configuration If you changed the Prestige's LAN IP address, you must use configurator again 3.13 Wizard Setup Configuration: Connection Tests 3.14 Test Your Internet Connection Part II: LAN, Wireless LAN and WAN Page 4.1LAN Overview 4.1.1 LANs, WANs and the Prestige 4.2DNS Server Address 4.3DNS Server Address Assignment 4.4LAN TCP/IP 4.4.1 Factory LAN Defaults 4.4.2 IP Address and Subnet Mask 4.4.3 RIP Setup 4.4.4 Multicast 4.5Configuring LAN Page Page 5.1Wireless LAN Overview 5.1.1 Additional Installation Requirements for Using 5.1.2 Channel 5.1.3 ESS ID 5.1.4 RTS/CTS 5.1.5 Fragmentation Threshold 5.2Levels of Security 5.3Data Encryption with WEP 5.4Inserting a PCMCIA Wireless LAN Card 5.5Configuring Wireless LAN Figure 5-3Wireless Table 5-1Wireless Page 5.6Configuring MAC Filter Figure 5-4MAC Address Filter 5.7802.1x Overview 5.8Introduction to RADIUS •Authentication •Accounting Types of RADIUS Messages 5.8.1 EAP Authentication Overview 5.9Configuring If wireless station authentication is done using a RADIUS server, the reauthentication timer on the RADIUS server has priority 5.10 Configuring Local User Authentication Figure 5-7Local User Database 5.11 Configuring RADIUS Figure 5-8RADIUS Table 5-5RADIUS Page Page 6.1WAN Overview 6.2PPPoE Encapsulation 6.3PPTP Encapsulation 6.4Traffic Shaping 6.5Configuring WAN Setup Table 6-1Internet Access Setup For remote node setup, enter the IP address in the same subnet Page Part III: NAT, Dynamic DNS and Time Zone Page 7.1NAT Overview 7.1.1 NAT Definitions 7.1.2 What NAT Does 7.1.3 How NAT Works 7.1.4 NAT Application 7.1.5 NAT Mapping Types 7.2SUA (Single User Account) Versus NAT 7.3SUA Server Default Server IP Address 7.3.1 Port Forwarding: Services and Port Numbers 7.3.2 Configuring Servers Behind SUA (Example) 7.4Selecting the NAT Mode 7.5Configuring SUA Server Figure 7-5Edit SUA/NAT Server Set Table 7-5Edit SUA/NAT Server Set 7.6Configuring Address Mapping Figure 7-6Address Mapping Rules Table 7-6Address Mapping Rules 7.7Editing an Address Mapping Rule Table 7-7Address Mapping Rule Edit Page 8.1Dynamic DNS 8.1.1 DYNDNS Wildcard 8.2Configuring Dynamic DNS Figure 8-1DDNS Table 8-1DDNS 9.1Configuring Time Zone Table 9-1Time and Date Page Part IV: Firewall and Content Filter 10.1 Firewall Overview 10.2 Types of Firewalls 10.2.1 Packet Filtering Firewalls 10.2.2 Application-levelFirewalls 10.2.3 Stateful Inspection Firewalls 10.3 Introduction to ZyXEL’s Firewall 10.4 Denial of Service 10.4.1 Basics 10.4.2 Types of DoS Attacks Figure 10-2 Three-WayHandshake SYN Attack Figure 10-3SYN Flood LAND Attack brute-force Figure 10-4Smurf Attack Table 10-2ICMP Commands That Trigger Alerts 10.5 Stateful Inspection 10.5.1 Stateful Inspection Process 10.5.2 Stateful Inspection and the Prestige 10.5.3 TCP Security 10.5.4 UDP/ICMP Security 10.5.5 Upper Layer Protocols 10.6 Guidelines for Enhancing Security with Your Firewall 10.6.1 Security In General 10.7 Packet Filtering Vs Firewall 10.7.1 Packet Filtering: When To Use Filtering 10.7.2 Firewall When To Use The Firewall Page 11.1 Remote Management and the Firewall 11.2 Enabling the Firewall 11.3 Configuring E-mailAlerts 11.4 Attack Alert 11.4.1 Alerts 11.4.2 Threshold Values 11.4.3 Half-OpenSessions TCP Maximum Incomplete and Blocking Time Figure 11-3Alert Table 11-2Alert Page Page 12.1 Rules Overview 12.2 Rule Logic Overview 12.2.1 Rule Checklist 12.2.2 Security Ramifications 12.2.3Key Fields For Configuring Rules Action Service Source Address 12.3 Connection Direction 12.3.1 LAN to WAN Rules 12.3.2 WAN to LAN Rules 12.4 Logs Figure 12-3Firewall Logs Table 12-1Firewall Logs 12.5 Rule Summary Rule Summary The ordering of your rules is very important as rules are applied in turn Figure 12-4Firewall Rules Summary: First Screen 12.6 Predefined Services DNS Custom Ports Table 12-3Predefined Services Page 12.7 Creating/Editing Firewall Rules Figure 12-5Creating/Editing A Firewall Rule Table 12-4Creating/Editing A Firewall Rule 12.7.1 Source and Destination Addresses 12.8 Timeout 12.8.1 Factors Influencing Choices for Timeout Values Page 13.1 Introduction to Customized Services 13.2 Creating/Editing A Customized Service 13.3 Example Custom Service Firewall Rule ScrAdd Rule IP Config Figure 13-4Configure Source IP Example Edit rule Firewall Customized Services Config Figure 13-6Syslog Rule Configuration Example Figure 13-7Rule Summary Example 14.1 Content Filtering Overview 14.2 Configuring Keyword Blocking Figure 14-1Content Filter: Keyword Table 14-1Content Filter: Keyword 14.3 Configuring the Schedule 14.4 Configuring Trusted Computers 14.5 Configuring Logs Table 14-4Content Filter Logs Part V: VPN/IPSec Page 15.1 VPN Overview 15.1.1 IPSec 15.1.2 Security Association 15.1.3 Other Terminology 15.1.4 VPN Applications 15.2 IPSec Architecture 15.2.1 IPSec Algorithms 15.2.2 Key Management 15.3 Encapsulation 15.3.1 Transport Mode 15.3.2 Tunnel Mode 15.4 IPSec and NAT Table 15-1VPN and NAT 16.1 VPN/IPSec Overview 16.2 IPSec Algorithms 16.2.1 AH (Authentication Header) Protocol 16.2.2 ESP (Encapsulating Security Payload) Protocol 16.3 My IP Address 16.4 Secure Gateway Address 16.4.1 Dynamic Secure Gateway Address 16.5 VPN Summary Screen Figure 16-2VPN Summary Table 16-2VPN Summary 16.6 Keep Alive 16.7 ID Type and Content 16.7.1 ID Type and Content Examples 16.8 Pre-SharedKey 16.9 Editing VPN Policies Figure 16-3VPN IKE Table 16-7VPN IKE Page Page Page 16.10 IKE Phases 16.10.1Negotiation Mode 16.10.2Diffie-Hellman(DH) Key Groups 16.10.3Perfect Forward Secrecy (PFS) 16.11Configuring Advanced IKE Settings Figure 16-5VPN IKE: Advanced Table 16-8VPN IKE: Advanced Page Page 16.12Manual Key Setup 16.12.1Security Parameter Index (SPI) 16.13Configuring Manual Key Table 16-9VPN Manual Key Page Page 16.14Viewing SA Monitor Figure 16-7SA Monitor Table 16-10SA Monitor 16.15Configuring Global Setting 16.16Configuring IPSec Logs Double exclamation marks (!!) denote an error or warning message Table 16-13Sample IKE Key Exchange Logs Table 16-14Sample IPSec Logs During Packet Transmission Table 16-15 RFC-2408ISAKMP Payload Types 16.17Telecommuter VPN/IPSec Examples 16.17.1Telecommuters Sharing One VPN Rule Example 16.17.2Telecommuters Using Unique VPN Rules Example 16.18VPN and Remote Management Part VI: Remote Management, UPnP and Logs 17.1 Remote Management Overview 17.1.1 Remote Management Limitations 17.1.2 Remote Management and NAT 17.1.3 System Timeout 17.2 Telnet 17.3 FTP 17.4 Web 17.5 Configuring Remote Management Page 18.1 Universal Plug and Play Overview 18.1.1 How do I know if I'm using UPnP 18.1.2 NAT Traversal 18.1.3 Cautions with UPnP 18.2 UPnP and ZyXEL 18.2.1 Configuring UPnP 18.3 Installing UPnP in Windows Example 18.3.1 Installing UPnP in Windows Me 18.3.2 Installing UPnP in Windows XP 18.4 Using UPnP in Windows XP Example 18.4.1 Auto-discoverYour UPnP-enabledNetwork Device Step 3. In the Internet Connection Properties When the UPnP-enableddevice is disconnected from your computer, all port mappings will be deleted automatically 18.4.2 Web Configurator Easy Access Invoke 19.1 Logs Overview 19.1.1 Alerts and Logs 19.2 Configuring Log Settings Figure 19-1Log Settings Table 19-1Log Settings 19.3 Displaying the Logs 19.4 SMTP Error Messages 19.4.1 Example E-mailLog Part VII: Bandwidth Management Page 20.1 Bandwidth Management Overview 20.2 Bandwidth Classes and Filters 20.3 Proportional Bandwidth Allocation 20.4 Bandwidth Management Usage Examples 20.4.1 Application-basedBandwidth Management Example 20.4.2 Subnet-basedBandwidth Management Example 20.4.3 Application and Subnet-basedBandwidth Management Example 20.5 Scheduler 20.5.1 Priority-basedScheduler 20.5.2 Fairness-basedScheduler 20.6 Maximize Bandwidth Usage 20.6.1 Reserving Bandwidth for Non-BandwidthClass Traffic 20.6.2 Maximize Bandwidth Usage Example Figure 20-5Maximize Bandwidth Usage Example 20.7 Bandwidth Borrowing 20.7.1 Bandwidth Borrowing Example Figure 20-6Bandwidth Borrowing Example 20.7.2 Maximize Bandwidth Usage With Bandwidth Borrowing 20.8Configuring Summary Figure 20-7Bandwidth Manager: Summary Table 20-2Bandwidth Manager: Summary 20.9 Configuring Class Setup Figure 20-8Bandwidth Manager: Class Setup Table 20-3Bandwidth Manager: Class Setup 20.9.1 Bandwidth Manager Class Configuration Table 20-4Bandwidth Manager: Class Configuration Table 20-5Services and Port Numbers 20.9.2 Bandwidth Management Statistics 20.10 Configuring Monitor Page Part VIII: Maintenance Page 21.1 Maintenance Overview 21.2 System Status Screen Figure 21-1System Status Table 21-1System Status 21.2.1 System Statistics Table 21-2System Status: Show Statistics 21.3 DHCP Table Screen 21.4 Wireless Screens 21.4.1 Association List 21.4.2 Channel Usage Table 21.5 Diagnostic Screens 21.5.1 Diagnostic General Screen Figure 21-7Diagnostic General Table 21-6Diagnostic General 21.5.2 Diagnostic DSL Line Screen 21.6 Firmware Screen Figure 21-9Firmware Upgrade Table 21-8Firmware Upgrade Do not turn off the Prestige while firmware upload is in progress Firmware Upload in Process 21.7 Configuration Screen 21.7.1 Backup Configuration 21.7.2 Restore Configuration Table 21-9Restore Configuration Do not turn off the device while configuration file upload is in progress Figure 21-14Configuration Upload Successful Figure 21-15Network Temporarily Disconnected 21.7.3 Back to Factory Defaults Figure 21-18Reset Warning Message Part IX: SMT General Configuration Page 22.1 SMT Introduction 22.1.1 Procedure for SMT Configuration via Console Port 22.1.2 Procedure for SMT Configuration via Telnet 22.1.3 Entering Password 22.1.4 Prestige SMT Menu Overview Figure 22-2Prestige P650H/HW-31SMTMenu Overview 22.2 Navigating the SMT Interface 22.2.1 System Management Terminal Interface Summary 22.3 Changing the System Password 23.1 General Setup 23.2 Configuring Menu Figure 23-1Menu 1 General Setup Table 23-1Menu 1 General Setup 23.2.1 Configuring Dynamic DNS Page 24.1 LAN Setup 24.1.1 General Ethernet Setup 24.2 Protocol Dependent Ethernet Setup 24.3 TCP/IP Ethernet Setup and DHCP Table 24-1DHCP Ethernet Setup Menu Fields Table 24-2TCP/IP Ethernet Setup Menu Fields Page 25.1 Wireless LAN Overview 25.2 Inserting a PCMCIA Wireless LAN Card 25.3 Wireless LAN Setup Figure 25-1Menu 3.5 - Wireless LAN Setup Table 25-1Wireless LAN Setup Field Description 25.3.1 Wireless LAN MAC Address Filter Figure 25-2Menu 3.5.1 WLAN MAC Address Filtering Table 25-2Menu 3.5.1 WLAN MAC Address Filtering 26.1 Internet Access Overview 26.2 IP Policies 26.3 IP Alias 26.4 IP Alias Setup Figure 26-3Menu 3.2 TCP/IP and DHCP Setup Menu 3.2.1 — IP Alias Setup Figure 26-4Menu 3.2.1 IP Alias Setup 26.5 Route IP Setup 26.6 Internet Access Configuration Page Page Page 27.1 Remote Node Setup Overview 27.2 Remote Node Setup 27.2.1 Remote Node Profile 27.2.2 Encapsulation and Multiplexing Scenarios Figure 27-2Menu 11.1 Remote Node Profile Menu 11.1 – Remote Node Profile Table 27-1Menu 11.1 Remote Node Profile Page 27.2.3 Outgoing Authentication Protocol 27.3 Metric 27.4 Remote Node Network Layer Options Figure 27-3Menu 11.3 Remote Node Network Layer Options Table 27-2Menu 11.3 Remote Node Network Layer Options 27.4.1 My WAN Addr Sample IP Addresses 27.5 Remote Node Filter 27.5.1 Web Configurator Internet Security Filter Rules 27.5.2 Web Configurator Filter Sets Figure 27-8Menu 21- Filer Set Configuration (P650R and P650R-E) Figure 27-9Menu 21.11- WebSet Figure 27-10Menu 21.12- WebSet 27.6 Editing ATM Layer Options 27.6.1 VC-basedMultiplexing (non-PPPEncapsulation) 27.6.2 LLC-basedMultiplexing or PPP Encapsulation 27.7 Traffic Redirect Figure 27-14Traffic Redirect LAN Setup Menu 11.1– Remote Node Profile 27.7.1 Traffic Redirect Setup Figure 27-16Menu 11.7 Traffic Redirect Setup Table 27-4Menu 11.7 Traffic Redirect Setup Page 28.1 IP Static Route Overview 28.2 Configuring an IP static route Figure 28-4Menu12.1.1 Edit IP Static Route Menu 12.1.1 – Edit IP Static Route Setup Table 28-1Menu12.1.1 Edit IP Static Route Page 29.1 Bridging Overview 29.2 Bridge Ethernet Setup 29.2.1 Remote Node Bridging Setup Figure 29-1Menu 11.1 Remote Node Profile and press [ENTER] to edit Menu 11.3 – Remote Node Network Layer Options Figure 29-2Menu 11.3 Remote Node Network Layer Options 29.2.2 Bridge Static Route Setup Edit Bridge Static Route Table 29-2Menu 12.3.1 Edit Bridge Static Route 30.1 NAT Overview 30.1.1 SUA (Single User Account) Versus NAT 30.2 Applying NAT Figure 30-1Menu 4 Applying NAT for Internet Access Menu 11.3 - Remote Node Network Layer Options 30.3 NAT Setup 30.3.1 Address Mapping Sets Figure 30-5Menu 15.1.255 SUA Address Mapping Rules Menu 15.1.255 is read-only Table 30-2SUA Address Mapping Rules User-DefinedAddress Mapping Sets Set Name Figure 30-6Menu 15.1.1 ACL Default Set If the Set Name field is left blank, the entire set will be deleted The Type, Local and Global Start/End IPs are configured in menu Table 30-3Menu 15.1.1 First Set No changes to the set take place until this action is taken Menu 15.1.1.1 - Address Mapping Rule Local Global Start/End IPs Figure 30-7Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set Table 30-4Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set 30.4 Configuring a Server behind NAT Figure 30-9Menu 15.2.1 NAT Server Setup Start Port No End Port No 30.5 General NAT Examples 30.5.1 Example 1: Internet Access Only Figure 30-11NAT Example Figure 30-12Menu 4 Internet Access & NAT Example Network Address Translation 30.5.2 Example 2: Internet Access with an Inside Server 30.5.3 Example 3: Multiple Public IP Addresses With Inside Servers Start IP Figure 30-16Example 3: Menu Figure 30-17Example 3: Menu Figure 30-18Example 3: Final Menu Step 9. Enter 2 in Menu 15 - NAT Setup Example 3: Menu 30.5.4 Example 4: NAT Unfriendly Application Programs Figure 30-20Example 4: Menu 15.1.1.1 Address Mapping Rule Figure 30-21Example 4: Menu 15.1.1 Address Mapping Rules Part X: SMT Advanced Management Page 31.1 About Filtering Figure 31-1Outgoing Packet Filtering Process Execute Filter Rule The Filter Structure of the Prestige Figure 31-3Menu 21.1 Filter Set Configuration (P650H/HW) Edit Comments Menu 21.1.2 – Filter Rules Summary Figure 31-4NetBIOS_WAN Filter Rules Summary Figure 31-5NetBIOS_LAN Filter Rules Summary Figure 31-6IGMP Filter Rules Summary Menu 21 – Filter Set Configuration Figure 31-7Menu 21 Filter Set Configuration (P650R and P650R-E) Menu 21.4 – Filter Rules Summary Figure 31-8TELNET_WAN Filter Rules Summary Figure 31-9PPPoE Filter Rules Summary Figure 31-10FTP_WAN Filter Rules Summary 31.3.1 Filter Rules Summary Menus 31.4 Configuring a Filter Rule 31.4.1 TCP/IP Filter Rule Figure 31-11Menu 21.1.x.1 TCP/IP Filter Rule Table 31-3Menu 21.1.x.1 TCP/IP Filter Rule Page Page Figure 31-12Executing an IP Filter 31.4.2 Generic Filter Rule Table 31-4Menu 21.1.6.1 Generic Filter Rule 31.5 Filter Types and NAT 31.6 Example Filter Figure 31-15Sample Telnet Filter Step 1. Enter 1 in menu 21 to display Menu 21.1 — Filter Set Configuration Filter Rules Summary Figure 31-16Menu 21.1.6.1 Sample Filter 31.7 Applying Filters and Factory Defaults 31.7.1 Ethernet Traffic 31.7.2 Remote Node Filters Figure 31-19Filtering Remote Node Traffic Page 32.1 Remote Management and the Firewall 32.2 Access Methods 32.3 Enabling the Firewall 32.4 Viewing Firewall Log Table 32-1Firewall Logs Page 33.1 SNMP Overview 33.2 Supported MIBs 33.3 SNMP Configuration Figure 33-2Menu 22 SNMP Configuration Table 33-1Menu 22 SNMP Configuration 33.4 SNMP Traps 34.1 System Security Overview 34.1.1 System Password 34.1.2 Configuring External RADIUS Server Figure 34-3Menu 23.2 System Security : RADIUS Server Table 34-1Menu 23.2 System Security : RADIUS Server 34.1.3 IEEE802.1x Figure 34-5Menu 23.4 System Security : IEEE802.1x Table 34-2Menu 23.4 System Security : IEEE802.1x 34.2 Creating User Accounts on the Prestige Figure 34-6Menu 14 Dial-inUser Setup Figure 34-7Menu 14.1 Edit Dial-inUser Table 34-3Menu 14.1 Edit Dial-inUser 35.1 System Maintenance Overview 35.2 System Status Figure 35-2Menu 24.1 System Maintenance : Status Table 35-1Menu 24.1 System Maintenance : Status 35.3 System Information 35.3.1 System Information Figure 35-4Menu 24.2.1 System Maintenance : Information Table 35-2Menu 24.2.1 System Maintenance : Information 35.3.2 Console Port Speed 35.4 Log and Trace 35.4.1 Viewing Error Log 35.4.2 Syslog and Accounting Table 35-3Menu 24.3.2 System Maintenance : Syslog and Accounting 35.5 Diagnostic Figure 35-9Menu 24.4 System Maintenance : Diagnostic Table 35-4Menu 24.4 System Maintenance Menu : Diagnostic Page 36.1 Filename Conventions 36.2 Backup Configuration 36.2.1 Backup Configuration 36.2.2 Using the FTP Command from the Command Line 36.2.3 Example of FTP Commands from the Command Line 36.2.4 GUI-basedFTP Clients 36.2.5 TFTP and FTP over WAN Will Not Work When 36.2.6 Backup Configuration Using TFTP 36.2.7 TFTP Command Example 36.2.8 GUI-basedTFTP Clients 36.2.9 Backup Via Console Port (only for the Prestige 650H/HW) 36.3 Restore Configuration 36.3.1 Restore Using FTP 36.3.2 Restore Using FTP Session Example 36.3.3 Restore Via Console Port (only for the Prestige 650H/HW) 36.4 Uploading Firmware and Configuration Files 36.4.1 Firmware File Upload 36.4.2 Configuration File Upload 36.4.3 FTP File Upload Command from the DOS Prompt Example 36.4.4 FTP Session Example of Firmware File Upload 36.4.5 TFTP File Upload 36.4.6 TFTP Upload Command Example 36.4.7 Uploading Via Console Port (only for the Prestige 650H/HW) 36.4.9 Example Xmodem Firmware Upload Using HyperTerminal 36.4.10Uploading Configuration File Via Console Port 36.4.11Example Xmodem Configuration Upload Using HyperTerminal Figure 36-19Example Xmodem Upload 37.1 Command Interpreter Mode Overview 37.2 Call Control Support 37.2.1 Budget Management Figure 37-4Menu 24.9.1 Budget Management Table 37-1Menu 24.9.1 Budget Management 37.3 Time and Date Setting 37.3.1 Resetting the Time Page 38.1 Remote Management Overview 38.2 Configuring Remote Management 38.2.1 Remote Management Setup 38.2.2 Remote Management Limitations 38.3 Remote Management and NAT 38.4 System Timeout Page 39.1 IP Policy Routing Overview 39.2 Benefits of IP Policy Routing 39.3 Routing Policy 39.4 IP Routing Policy Setup Figure 39-2Menu 25.1 IP Routing Policy Setup Table 39-1Menu 25.1 IP Routing Policy Setup Menu 25.1.1 – IP Routing Policy Figure 39-3Menu 25.1.1 IP Routing Policy Table 39-2Menu 25.1.1 IP Routing Policy 39.5 Applying an IP Policy 39.5.1 Ethernet IP Policies Figure 39-4Menu 3.2 TCP/IP and DHCP Ethernet Setup Figure 39-5Menu 11.3 Remote Node Network Layer Options 39.6 IP Policy Routing Example Menu 25.1.1 — IP Routing Policy Figure 39-7IP Routing Policy Example Figure 39-8IP Routing Policy Example Figure 39-9Applying IP Policies Example Page 40.1 Call Scheduling Overview To delete a schedule set, enter the set number and press [SPACE BAR] and then [ENTER] (or delete) in the Edit Name field Menu 26.1 — Schedule Set Setup Figure 40-2Menu 26.1 Schedule Set Setup Duration Main Menu PPPoA Figure 40-3Applying Schedule Set(s) to a Remote Node (PPPoE) Part XI: SMT VPN/IPSec and Internal SPTGEN Page 41.1 VPN/IPSec Overview 41.2 IPSec Summary Screen Page Page 41.3 IPSec Setup Figure 41-4Menu 27.1.1 IPSec Setup Table 41-2Menu 27.1.1 IPSec Setup Page Page Page Page 41.4 IKE Setup Page 41.5 Manual Setup 41.5.1 Active Protocol 41.5.2 Security Parameter Index (SPI) Figure 41-6Menu 27.1.1.2 Manual Setup Table 41-5Menu 27.1.1.2 Manual Setup Page Page 42.1 SA Monitor Overview 42.2Using SA Monitor Table 42-1Menu 27.2 SA Monitor 42.3 Viewing IPSec Log 42.3.1 VPN Responder IPSec Log Page 43.1 Internal SPTGEN Overview 43.2 The Configuration Text File Format 43.2.1 Internal SPTGEN File Modification - Important Points to Remember 43.3 Internal SPTGEN FTP Download Example 43.4 Internal SPTGEN FTP Upload Example Part XII: Appendices and Index Page A.1 Using LEDs to Diagnose Problems A.1.1 Power LED A.1.2 LAN LED A.1.3 DSL LED A.2 Console Port A.3 Telnet A.4 Web Configurator A.5 Login Username and Password A.6 LAN Interface A.7 WAN Interface A.8 Internet Access A.9 Remote Management A.10 Remote Node Connection Page Appendix B IP Subnetting IP Addressing IP Classes Chart B-1Classes of IP Addresses Chart B-2Allowed IP Address Range By Class Subnet Masks Chart B-3“Natural” Masks Subnetting Chart B-4Alternative Subnet Mask Notation Example: Two Subnets Chart B-5Subnet Chart B-6Subnet Example: Four Subnets Chart B-7Subnet Chart B-8Subnet Chart B-9Subnet Chart B-10Subnet Example Eight Subnets Chart B-11Eight Subnets Chart B-12Class C Subnet Planning Subnetting With Class A and Class B Networks Chart B-13Class B Subnet Planning Page Appendix C Wireless LAN and IEEE Benefits of a Wireless LAN IEEE Ad-hocWireless LAN Configuration Diagram C-1 Peer-to-PeerCommunication in an Ad-hocNetwork Infrastructure Wireless LAN Configuration Diagram C-2ESS Provides Campus-WideCoverage Page Appendix D PPPoE PPPoE in Action Benefits of PPPoE Traditional Dial-upScenario How PPPoE Works Prestige as a PPPoE Client Diagram D-2Prestige as a PPPoE Client Appendix E Virtual Circuit Topology Diagram E-1Virtual Circuit Topology Page Appendix F Setting up Your Computer’s IP Address Windows 95/98/Me Page Page Page Windows 2000/NT/XP Page Page Page Macintosh OS 8/9 TCP/IP Control Panel Macintosh OS Page Page Appendix G Splitters and Microfilters Connecting a POTS Splitter Diagram G-1Connecting a POTS Splitter Telephone Microfilters Diagram G-2Connecting a Microfilter Prestige With ISDN Diagram G-3Prestige with ISDN Appendix H Log Descriptions Chart H-1System Maintenance Logs Chart H-2UPnP Logs Chart H-3Attack Logs Chart H-4Access Logs Chart H-5TCP Reset Logs Chart H-6ICMP Notes Page Page Appendix Power Adaptor Specifications Prestige 650R-E1/-E3/-E7ADSL Router I.2 Prestige 650R-11ADSL Router Prestige 650R-13/-17ADSL Ethernet Router Prestige 650R-31/-33ADSL over ISDN Router Page Page Page Prestige 650H-E1/3/7ADSL Router with 4-portSwitch Page Page Appendix J Index