Manuals
/
Brands
/
Computer Equipment
/
Network Router
/
ZyXEL Communications
/
Computer Equipment
/
Network Router
ZyXEL Communications
HW-D Series, P-662H manual
304
1
304
496
496
Download
496 pages, 13.69 Mb
P-662H/HW-D
Series User’s Guide
304
Chapter 19 Bandwidth Management
Contents
User’s Guide
Page
Copyright
Disclaimer
Trademarks
Certifications
Federal Communications Commission (FCC) Interference Statement
FCC Caution
IMPORTANT NOTE: FCC Radiation Exposure Statement
Viewing Certifications
Safety Warnings
ZyXEL Limited Warranty
Note
Customer Support
Page
Page
Table of Contents
Bandwidth Management Wizard
Wireless LAN
DMZ
Network Address Translation (NAT) Screens
Firewall Configuration
Content Filtering
Content Access Control
Introduction to IPSec
Page
Static Route
Bandwidth Management
Remote Management Configuration
Universal Plug-and-Play(UPnP)
System
Logs
Troubleshooting
Appendix A
Product Specifications
Appendix B
About ADSL
Appendix E
IP Addresses and Subnetting
Appendix F
Wireless LANs
Appendix G
Appendix J
Appendix K
Appendix L
Appendix M
Appendix N
Page
List of Figures
Page
Page
Page
Page
Figure 232 Red Hat 9.0: KDE: Network Configuration: Activate
Page
Page
List of Tables
Page
Page
Page
Page
Page
Preface
About This User's Guide
Syntax Conventions
Related Documentation
User Guide Feedback
Graphics Icons Key
Getting To Know Your ZyXEL Device
1.1 Introducing the ZyXEL Device
High Speed Internet Access
Zero Configuration Internet Access
Any IP
Firewall
Content Filtering
LAN/DMZ Interface
IPSec VPN Capability
Traffic Redirect
Media Bandwidth Management
Universal Plug and Play (UPnP)
Dynamic DNS Support
DHCP
IP Alias
IP Policy Routing (IPPR)
Packet Filters
1.1.1.1P-662HWWireless Features Wireless LAN
Wi-FiProtected Access
Wireless g+
Antenna
Wireless LAN MAC Address Filtering
1.1.2.1 Internet Access
1.1.2.2 LAN to LAN Application
1.1.4 Front Panel LEDs
Page
Introducing the Web
Configurator
2.1 Web Configurator Overview
2.2 Accessing the Web Configurator
Login
Ignore
2.3 Resetting the ZyXEL Device
2.4Navigating the Web Configurator
Page
Page
2.4.2 Status Screen
Page
Page
2.4.3 Status: Any IP Table
Any IP Table
2.4.4 Status: WLAN Status
WLAN Status
2.4.5 Status: Bandwidth Status
Bandwidth Status
2.4.6 Status: VPN Status
VPN Status
2.4.7 Status: Packet Statistics
Packet Statistics
Poll Interval(s)
Page
2.4.8 Changing Login Password
Maintenance > System
Page
Page
Wizard Setup for Internet Access
3.1 Introduction
3.2Internet Access Wizard Setup
Restart the Internet/ Wireless Setup Wizard
3.2.1Automatic Detection
3.2.2Manual Configuration
Page
Page
Page
Back to Username and Password setup
3.3 Wireless Connection Wizard Setup
Page
RESET
3.3.1Automatically assign a WPA key
Manually assign a WPA key
3.3.2 Manually assign a WPA-PSKkey
Manually assign a
key
3.3.3 Manually assign a WEP key
Manually assign a WEP key
Finish
Page
Bandwidth Management Wizard
4.1 Introduction
4.2 Predefined Media Bandwidth Management Services
4.3 Bandwidth Management Wizard Setup
Page
Page
Page
Page
WAN Setup
5.1 WAN Overview
5.1.1.1 ENET ENCAP
5.1.1.2 PPP over Ethernet
5.1.1.3 PPPoA
5.1.1.4RFC
5.1.2.1 VC-basedMultiplexing
5.1.2.2 LLC-basedMultiplexing
5.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulation
5.1.4.2 IP Assignment with RFC 1483 Encapsulation
5.1.4.3 IP Assignment with ENET ENCAP Encapsulation
5.2 Metric
5.3 Traffic Shaping
5.3.1.1 Constant Bit Rate (CBR)
5.3.1.2 Variable Bit Rate (VBR)
5.3.1.3 Unspecified Bit Rate (UBR)
5.4 Zero Configuration Internet Access
5.5Internet Connection
Page
5.5.1 Configuring Advanced Internet Connection
Internet Connection
Page
5.6 Configuring More Connections
5.6.1 More Connections Edit
More Connections
Page
Page
5.6.2 Configuring More Connections Advanced Setup
More Connections Edit
5.7 Traffic Redirect
5.8 Configuring WAN Backup
Page
5.9 WAN Backup Advanced Screen
Page
Page
5.10 Dial Backup Modem Setup
Page
Page
Page
LAN Setup
6.1 LAN Overview
6.1.1LANs, WANs and the ZyXEL Device
6.1.2.1 IP Pool Setup
6.2LAN TCP/IP
6.2.1.1 Private IP Addresses
6.2.3 Multicast
IGMP-v1
IGMP
6.2.4 Any IP
6.2.4.1 How Any IP Works
6.3 Configuring LAN IP
Page
6.4 DHCP Setup
6.5 LAN Client List
6.6 LAN IP Alias
IP Alias
Page
Page
Wireless LAN
7.1 Wireless Network Overview
7.2Wireless Security Overview
7.2.4 Encryption
IEEE
IEEE 802.1x + Static WEP
IEEE 802.1x + Dynamic WEP
WPA
7.3 Wireless Performance Overview
7.4 Additional Wireless Terms
7.5 General Wireless LAN Screen
Page
7.5.1 No Security
No Security
7.5.2 WEP Encryption Screen
Network > Wireless LAN
7.5.3 WPA(2)-PSK
Page
7.5.4 WPA(2) Authentication Screen
Wireless LAN
Network
Wireless
WPA
Page
7.5.5 Wireless LAN Advanced Setup
Figure 67 Advanced
7.6 OTIST
7.6.1.1 AP
7.6.1.2 Wireless Client
7.6.2 Starting OTIST
Start
OTIST
Adapter
Setup key
7.7MAC Filter
Page
7.8 WMM QoS
7.8.3 Services
Page
7.9 QoS Screen
QoS
7.9.2 Application Priority Configuration
Modify
7.10 Multiple SSID (P-662HW-DModels only)
7.10.1 Multiple SSID Commands
Page
7.10.2 Multiple SSID Example
DMZ
8.1 Introduction
8.2 Configuring DMZ
Figure 79 DMZ
Table 51 DMZ
8.3 DMZ Public IP Address Example
8.4 DMZ Private and Public IP Address Example
Page
Page
Network Address Translation
(NAT) Screens
9.1 NAT Overview
9.1.2 What NAT Does
9.1.3 How NAT Works
9.1.4 NAT Application
9.1.5 NAT Mapping Types
One to One
Many to One
SUA Only
9.2 SUA (Single User Account) Versus NAT
9.3NAT General Setup
9.4 Port Forwarding
9.4.1 Default Server IP Address
9.4.2 Port Forwarding: Services and Port Numbers
9.5 Configuring Port Forwarding
9.5.1 Port Forwarding Rule Edit
9.6 Address Mapping
Page
9.6.1 Address Mapping Rule Edit
Address Mapping
Page
Firewalls
10.1 Firewall Overview
10.2 Types of Firewalls
10.3 Introduction to ZyXEL’s Firewall
10.4 Denial of Service
10.4.2 Types of DoS Attacks
Ping of Death
Teardrop
SYN Flood
LAND
SYN Attack
LAND Attack
brute-force
10.4.2.1 ICMP Vulnerability
10.4.2.2 Illegal Commands (NetBIOS and SMTP)
10.4.2.3 Traceroute
10.5 Stateful Inspection
10.5.1 Stateful Inspection Process
Firewall General
10.5.2Stateful Inspection and the ZyXEL Device
10.5.3 TCP Security
10.5.4 UDP/ICMP Security
10.6Guidelines for Enhancing Security with Your Firewall
10.7Packet Filtering Vs Firewall
10.7.1.1When To Use Filtering
10.7.2.1When To Use The Firewall
Firewall Configuration
11.1 Access Methods
11.2 Firewall Policies Overview
11.3 Rule Logic Overview
11.3.3.1 Action
11.3.3.2 Service
11.3.3.3 Source Address
11.3.3.4 Destination Address
11.4 Connection Direction
11.5 General Firewall Policy
11.6 Firewall Rules Summary
Page
11.6.1 Configuring Firewall Rules
Page
Page
11.6.2 Customized Services
Edit Customized Services
11.7 Example Firewall Rule
Customized Service
Customized Services Config
Any
Destination Address
Delete
Services
Rules
Page
11.8 Predefined Services
Page
11.9 Anti-Probing
11.10 DoS Thresholds
11.10.2.1 TCP Maximum Incomplete and Blocking Time
11.10.3 Configuring Firewall Thresholds
Firewall
Threshold
Page
Page
Anti-VirusPacket Scan
12.1 Overview
12.2 Signature-BasedVirus Scan
12.3Introduction to the ZyXEL Device Anti-virusPacket Scan
12.4Anti-VirusPacket Scan Configuration
AntiVirus
12.5 Registration and Online Update
Page
12.5.1 Updating the Anti-VirusPacket Scan
Page
Content Filtering
13.1 Content Filtering Overview
13.2 Configuring Keyword Blocking
13.3 Configuring the Schedule
13.4 Configuring Trusted Computers
Page
Content Access Control
14.1 Content Access Control Overview
14.2 Activating CAC and Creating User Groups
14.2.1 Configuring Time Schedule
Time
Content Access
Control-General
Unlimited
End Time
14.2.2 Configuring Services
Content Access Control: General
14.2.2.1 Available Services
Page
14.2.3 Configuring Web Site Filters
Web Browsing
Page
Page
Page
Page
14.2.4 Testing Web Site Access Privileges
Diagnose
14.3 User Account Setup
14.4 User Online Status
14.5 Content Access Control Logins
14.5.2 Administrator Login
Page
Introduction to IPSec
15.1 VPN Overview
15.1.3.1 Encryption
15.1.3.2 Data Confidentiality
15.1.3.3 Data Integrity
15.1.3.4 Data Origin Authentication
15.2 IPSec Architecture
15.3 Encapsulation
15.4IPSec and NAT
Page
Page
VPN Screens
16.1 VPN/IPSec Overview
16.2 IPSec Algorithms
16.3 My IP Address
16.4 Secure Gateway Address
16.5 VPN Setup Screen
Figure 129 VPN Setup
Table 88 VPN Setup
16.6 Keep Alive
16.7 VPN, NAT, and NAT Traversal
16.8 Remote DNS Server
16.9 ID Type and Content
16.9.1 ID Type and Content Examples
16.10 Pre-SharedKey
16.11 Editing VPN Policies
Page
Page
Page
Page
16.12 IKE Phases
16.12.1Negotiation Mode
Negotiation Mode
Main Mode
Aggressive Mode
Main Mode
16.13 Configuring Advanced IKE Settings
Page
Page
16.14 Manual Key Setup
16.15 Configuring Manual Key
Page
Page
16.16 Viewing SA Monitor
16.17 Configuring Global Setting
16.18 Telecommuter VPN/IPSec Examples
16.18.2 Telecommuters Using Unique VPN Rules Example
16.19 VPN and Remote Management
Certificates
17.1 Certificates Overview
17.2Self-signedCertificates
17.3 Configuration Summary
17.4 My Certificates
Page
17.5 My Certificate Import
17.6 My Certificate Create
Page
17.7 My Certificate Details
Page
Page
17.8 Trusted CAs
Figure 145 Trusted CAs
17.9 Trusted CA Import
17.10 Trusted CA Details
Page
17.11 Trusted Remote Hosts
Page
17.12 Verifying a Trusted Remote Host’s Certificate
17.13 Trusted Remote Hosts Import
17.14 Trusted Remote Host Certificate Details
Page
Page
17.15 Directory Servers
17.16 Directory Server Add or Edit
Page
Static Route
18.1 Static Route
18.2 Configuring Static Route
18.2.1 Static Route Edit
Page
Page
Bandwidth Management
19.1 Bandwidth Management Overview
19.2 Application-basedBandwidth Management
19.3 Subnet-basedBandwidth Management
19.4 Application and Subnet-basedBandwidth Management
19.5 Scheduler
19.6 Maximize Bandwidth Usage
19.6.2.1 Priority-basedAllotment of Unused and Unbudgeted Bandwidth
19.6.2.2Fairness-basedAllotment of Unused and Unbudgeted Bandwidth
19.7 Configuring Summary
Page
19.8 Bandwidth Management Rule Setup
19.8.1 Rule Configuration
User Defined
Service
Rule Setup
Page
19.9 Bandwidth Monitor
Page
Page
Dynamic DNS Setup
20.1 Dynamic DNS Overview
20.2 Configuring Dynamic DNS
Figure 163 Dynamic DNS
Page
Page
Remote Management
Configuration
21.1 Remote Management Overview
21.2 WWW
21.3 Telnet
21.4 Configuring Telnet
21.5 Configuring FTP
21.6 SNMP
21.6.1Supported MIBs
21.6.2 SNMP Traps
21.6.3 Configuring SNMP
SNMP
Page
21.7 Configuring DNS
21.8 Configuring ICMP
Page
21.9 TR-069
Page
Universal Plug-and-Play(UPnP)
22.1 Introducing Universal Plug and Play
22.2 UPnP and ZyXEL
22.3 Installing UPnP in Windows Example
Communications
Universal Plug and Play
Add/Remove Programs Properties
Installing UPnP in Windows XP
1Click Start and Control Panel
2Double-click Network Connections
Network Connections
Optional Networking Components …
22.4Using UPnP in Windows XP Example
Page
Page
Web Configurator Easy Access
1Click Start and then Control Panel
3Select My Network Places under Other Places
Local Network
Invoke
Page
Page
System
23.1 General Setup
Page
23.2 Time Setting
Page
Page
Page
Logs
24.1 Logs Overview
24.2 Viewing the Logs
24.3 Configuring Log Settings
Access Control
Page
24.4 SMTP Error Messages
Page
Tools
25.1 Firmware Upgrade
Firmware Upload in Progress
25.2 Configuration Screen
25.2.2 Restore Configuration
25.3 Restart
Page
Diagnostic
26.1 General Diagnostic
26.2 DSL Line Diagnostic
Troubleshooting
27.1 Problems Starting Up the ZyXEL Device
27.2 Problems with the LAN
27.3 Problems with the WAN
27.4 Problems Accessing the ZyXEL Device
27.4.1.1 Internet Explorer Pop-upBlockers
Privacy
Internet Options
Block
pop-ups
2Select Settings…to open the Pop-upBlocker Settings screen
Allowed sites
27.4.1.2JavaScripts
Custom Level
Scripting
Active scripting
Scripting of Java applets
27.4.1.3 Java Permissions
2make sure that Use Java 2 for <applet> under Java (Sun) is selected
27.4.2 ActiveX Controls in Internet Explorer
2In the Internet Options window, click Custom Level
3Scroll down to ActiveX controls and plug-ins
4Under Download signed ActiveX controls select the Prompt radio button
Page
Page
Specification Tables
Table 148 Firmware
Page
Page
Introduction to DSL
ADSL Overview
Advantages of ADSL
Page
Page
Page
Windows 95/98/Me
Installing Components
Protocol
Microsoft
manufacturers
Client
Configuring
Obtain an IP address automatically
Specify an IP address
Subnet Mask
Disable DNS
Windows 2000/NT/XP
3Right-click Local Area Connection and then click Properties
Internet Protocol (TCP/IP)
•Click Advanced
IP Settings
TCP/IP Address
IP address
Subnet mask
Use the following DNS server addresses
Preferred DNS server
Alternate DNS server
Macintosh OS 8/9
2Select Ethernet built-in from the Connect via list
Using DHCP Server
Configure:
Macintosh OS
Linux
Using the K Desktop Environment (KDE)
System Setting
Ethernet Device General
Automatically obtain IP address settings with
dhcp
Using Configuration Files
Page
Page
Introduction to IP Addresses
IP Address Classes and Network ID
Subnet Masks
Subnetting
Example: Two Subnets
Example: Four Subnets
Example Eight Subnets
Subnetting With Class A and Class B Networks
Page
Wireless LAN Topologies
ESS
Channel
RTS/CTS
Fragmentation Threshold
Preamble Type
IEEE 802.11g Wireless LAN
IEEE
RADIUS
Types of Authentication
EAP-TLS(Transport Layer Security)
EAP-TTLS(Tunneled Transport Layer Service)
PEAP (Protected EAP)
LEAP
Dynamic WEP Key Exchange
WPA(2)
User Authentication
Security Parameters Summary
Page
Import ZyXEL Device Certificates into Netscape Navigator
2Click Install Certificate to open the Install Certificate wizard
Install Certificate
Import Certificate
Page
Enrolling and Importing SSL Client Certificates
Installing the CA’s Certificate
Installing Your Personal Certificate(s)
File name
Browse
Place all certificates in the following store
Page
Page
Command Syntax
Access via Telnet
Command Usage
Page
Page
Page
Page
Page
Firmware and Configuration File Maintenance
Page
Page
Page
Page
Page
Page
Page
Introduction
Display NetBIOS Filter Settings
NetBIOS Filter Configuration
Page
Page
Internal SPTGEN Overview
The Configuration Text File Format
Internal SPTGEN FTP Download Example
Internal SPTGEN FTP Upload Example
Example Internal SPTGEN Screens
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Command Examples
Page
Page
Connecting a POTS Splitter
Telephone Microfilters
ZyXEL Device With ISDN
Page
Page
Page
Table 185 ICMP Logs
Table 186 CDR Logs
Table 187 PPP Logs
Table 188 UPnP Logs
Page
Table 191 IPSec Logs
Table 192 IKE Logs
Page
Page
Table 193 PKI Logs
Page
Page
Page
Page
Log Commands
Log Command Example
The Ideal Setup
The “Triangle Route” Problem
The “Triangle Route” Solutions
IP Aliasing
Gateways on the WAN Side
Page
Index