Configuring a Filter Rule | ZyXEL Communications P-1100 specs

Prestige 1100 Internet Access Router

Table 8-3 Abbreviations Used If Filter Type Is IPX

Abbreviation	Description

PT	IPX Packet Type

SS	Source Socket

DS	Destination Socket

•If the filter type is Dev (device), the following abbreviations listed in the following table will be used.

Table 8-4 Abbreviations Used If Filter Type Is Dev

Abbreviation	Description

Off	Offset

Len	Length

Refer to the next section for information on configuring the filter rules.

8.4Configuring a Filter Rule

To configure a filter rule, enter its number in Menu 21.1 - Filter Rules Summary and press [ENTER] to open Menu 21.1.1 for the rule.

8.4.1 Filter Types and SUA

There are two types of filter rules, Device Filter rules and Protocol Filter (TCP/IP and IPX) rules. Device Filter rules act on the raw data from/to LAN and WAN. Protocol Filter rules act on the IP and IPX packets. Device and TCP/IP filter rules are discussed in more detail in the next section.

When NAT/SUA (Network Address Translation/Single User Account) is enabled, the inside IP address and port number are replaced on a connection-by-connection basis, which makes it impossible to know the exact address and port on the wire. Therefore, the Prestige applies the protocol filters to the “native” IP address and port number before NAT/SUA for outgoing packets and after NAT/SUA for incoming packets. On the other hand, the device filters are applied to the raw packets that appear on the wire. They are applied at the point where the Prestige is receiving and sending the packets; i.e. the interface. The interface can be an Ethernet, or any other hardware port. The following diagram illustrates this.

8-6	Filter Configuration

Image 78

ZyXEL Communications P-1100 Configuring a Filter Rule, Filter Types and SUA, Abbreviations Used If Filter Type Is IPX

Contents

ZyXEL Copyright DisclaimerTrademarks ZyXEL Limited Warranty Customer Support Table of Contents Remote Node Configuration for LAN to LAN 10-1 System Maintenance 12-1 14-1 Page List of Figures Xii List of Tables Related Documentation About Your Bridge/RouterAbout This Users Guide Syntax Conventions One WAN port for various WAN Solutions Quick Feature Overview of the PrestigeDetailed Features of the Prestige Chapter Getting to Know Your Bridge/Router Most Complete NAT Support Remote ConfigurationTwo 10/100 Ethernet LANs Multiple Protocol Support Dhcp Support Front Panel LEDs and Back Panel PortsFront Panel LEDs Data Compression Internet Access Applications for PrestigePrestige 1100 Back Panel Internet Access Application Internet Single User Account Multi-protocol/Multilink LAN-to-LAN Connection LAN-to-LAN Application Chapter Hardware Installation & Initial Setup Additional Installation RequirementsUnpacking your Bridge/Router Connecting the Console Port Prestige 1100 Connections Initial Screen Power On Your PrestigeConnect the Power Cord to your Prestige Connect your Prestige 1100 to Ethernet Login Screen Main Menu Commands Navigating the SMT InterfaceOperation Press/read Description Main Menu Summary Menu Title Description Changing the System Password Menu 23 System Security Menu 23.1 System Security Change Password General Setup Menu 1 General Setup General Setup Menu Fields Field Description Example WAN Setup Prestige 1100 WAN Port Setup Ethernet Setup Menu 3 Ethernet Setup Select LAN General Ethernet Setup Protocol Dependent Ethernet SetupPage Chapter Internet Access Route IP Setup RIP Setup TCP/IP ParametersIP Address and Subnet Mask IP Pool Setup TCP/IP and Dhcp Ethernet SetupDhcp Configuration DNS Server Addresses DHCP= TCP/IP Ethernet Setup Menu Fields IP Multicast Internet Access Configuration Internet Account Information Internet Access Setup Menu Fields Field Description Observation Single User Account Single User Account Topology Single User Account Configuration Advantages of SUA Ethernet SUA Single User Account Menu FieldsField Description LANs & WANs LANs, WANs and the PrestigePage Leased Line Remote Node Profile Menu 11.1 Remote Node Profile for Leased Lines Remote Node Profile Menu Fields for Leased Lines Field Description Options Outgoing Authentication Protocol Editing PPP Options Remote Node PPP Options Menu Fields Field Description Option Chapter Remote Node TCP/IP Configuration LAN-to-LAN Application Remote Node Setup Menu 11.3- Remote Node TCP/IP Options Sample IP Addresses for a TCP/IP LAN-to-LAN Connection TCP/IP related fields in Remote Node Profile Remote Node TCP/IP Configuration Igmp Static Route Setup Example of Static Routing Topology Menu 12 Static Route Setup Edit IP Static Route Menu Fields Network and Node Number Chapter IPX ConfigurationIPX Network Environment Frame Types Prestige 1100 in an IPX Environment External Network NumberInternal Network Number Prestige 1100 on LAN with Server Prestige 1100 on LAN without Server IPX Ethernet Setup Novell IPX Ethernet Setup Fields LAN-to-LAN Application with Novell IPX LAN-to-LAN Application with Novell IPX IPX Remote Node Setup Menu 11.3 Remote Node Novell IPX Options Remote Node Novell IPX Options IPX Static Route Setup Menu 12.2.1 Edit IPX Static Route Edit IPX Static Route Menu Fields Page Chapter Bridging Setup Bridge Ethernet SetupBridging in General Remote Node Bridging Setup Menu 3.5 Bridge Ethernet Setup Menu 11.3 Remote Node Bridging Options Remote Node Bridge Options Bridge Static Route Setup Bridge Static Route Menu Fields Chapter Filter Configuration About FilteringFilter Structure of the Prestige Filter Set Configuring a Filter Set Menu 21 Filter Set Configuration Filter Rules Summary Menu Abbreviations Used in the Filter Rules Summary MenuAbbreviations Description Display Abbreviations Used If Filter Type Is IP Abbreviation Description Abbreviations Used If Filter Type Is IPX Configuring a Filter RuleFilter Types and SUA Abbreviations Used If Filter Type Is Dev 2 TCP/IP Filter Rule Protocol and Device Filter Sets Menu 21.1.1 TCP/IP Filter Rule TCP/IP Filter Rule Menu Fields 65535 Executing an IP Filter Novell IPX Filter Rule Menu 21.1.1 IPX Filter Rule IPX Filter Rule Menu Fields Device Filter Rule SAP Menu 21.1.2 Device Filter Rule Device Filter Rule Menu Fields Applying a Filter Ethernet traffic Remote Node Filters 10 Filtering Remote Node traffic Chapter Snmp Configuration Snmp ConfigurationAbout Snmp Snmp Configuration Menu Fields Field Description Default Chapter System Security System Security About Telnet Configuration Telnet Configuration on a TCP/IP Network Telnet Under SUA Single AdministratorSystem Timeout Telnet Capabilities Chapter System Maintenance Menu 24 System Maintenance Menu 24.1 System Maintenance Status System Status System Maintenance Status Menu Fields Modified in Menu 1 General Setup System Information Viewing Error Log Log and TraceConsole Port Speed Examples of Error and Information Messages Syslog And Accounting Diagnostic System Maintenance Menu Syslog ParametersParameter Description System Maintenance Menu Diagnostic Filename conventions Filename Conventions Back up ConfigurationBackup using the Console Port File Back up using FTP Back up using Tftp Restore Configuration Restore using the Console PortRestore using FTP Restore using Tftp Upload Firmware Dual Firmware Block Structure Upload Router Firmware via the Console Port Upload Router Firmware using FTP 13 Menu 24.7.1 -Upload ZyNOS Code using the Console Port Upload Router Configuration File Upload Router Firmware using TftpUpload Router Configuration File using the Console Port Upload Router Configuration File using FTP 15 Menu 24.7.2 -Upload Router Configuration File Upload Router Configuration File using Tftp Boot Module Commands 17 Boot module commands 12.10Command Interpreter Mode 18 Command modePage Benefits Chapter IP Policy RoutingIntroduction Routing Policy IP Policy Routing Setup IP Routing Policy Setup Menu 25 IP Routing Policy Summary IP Routing Policy Summary Abbreviation Meaning IP Policy Routing 13-5 Applying an IP Policy Ethernet IP PoliciesRemote Node IP Routing Policies Menu 11.3 Remote Node Network Layer Options Page Troubleshooting the Start-Up of your Prestige Chapter TroubleshootingProblems Starting Up the Prestige Troubleshooting Corrective Action Problems With the WAN Port Problems with the LAN InterfaceProblems Connecting to a Remote Node or ISP Acronyms and Abbreviations SAP Index Gateway Tick Count, 6-7,6-9 Watchdog