Manuals / ZyXEL Communications / Power Tools / Router

ZyXEL Communications P-1100 manual Configuring a Filter Rule, Filter Types and SUA

Models: P-1100

1 130

Download 130 pages 13.68 Kb

Page 78

Prestige 1100 Internet Access Router

Table 8-3 Abbreviations Used If Filter Type Is IPX

Abbreviation	Description

PT	IPX Packet Type

SS	Source Socket

DS	Destination Socket

•If the filter type is Dev (device), the following abbreviations listed in the following table will be used.

Table 8-4 Abbreviations Used If Filter Type Is Dev

Abbreviation	Description

Off	Offset

Len	Length

Refer to the next section for information on configuring the filter rules.

8.4Configuring a Filter Rule

To configure a filter rule, enter its number in Menu 21.1 - Filter Rules Summary and press [ENTER] to open Menu 21.1.1 for the rule.

8.4.1 Filter Types and SUA

There are two types of filter rules, Device Filter rules and Protocol Filter (TCP/IP and IPX) rules. Device Filter rules act on the raw data from/to LAN and WAN. Protocol Filter rules act on the IP and IPX packets. Device and TCP/IP filter rules are discussed in more detail in the next section.

When NAT/SUA (Network Address Translation/Single User Account) is enabled, the inside IP address and port number are replaced on a connection-by-connection basis, which makes it impossible to know the exact address and port on the wire. Therefore, the Prestige applies the protocol filters to the “native” IP address and port number before NAT/SUA for outgoing packets and after NAT/SUA for incoming packets. On the other hand, the device filters are applied to the raw packets that appear on the wire. They are applied at the point where the Prestige is receiving and sending the packets; i.e. the interface. The interface can be an Ethernet, or any other hardware port. The following diagram illustrates this.

8-6	Filter Configuration

Image 78

ZyXEL Communications P-1100 Configuring a Filter Rule, Filter Types and SUA, Abbreviations Used If Filter Type Is IPX

Contents

ZyXEL Copyright DisclaimerTrademarks ZyXEL Limited Warranty Customer Support Table of Contents Remote Node Configuration for LAN to LAN 10-1 System Maintenance 12-1 14-1 Page List of Figures Xii List of Tables Related Documentation About Your Bridge/RouterAbout This Users Guide Syntax ConventionsOne WAN port for various WAN Solutions Quick Feature Overview of the PrestigeDetailed Features of the Prestige Chapter Getting to Know Your Bridge/RouterMost Complete NAT Support Remote ConfigurationTwo 10/100 Ethernet LANs Multiple Protocol SupportDhcp Support Front Panel LEDs and Back Panel PortsFront Panel LEDs Data CompressionInternet Access Applications for PrestigePrestige 1100 Back Panel Internet Access Application Internet Single User Account Multi-protocol/Multilink LAN-to-LAN Connection LAN-to-LAN ApplicationChapter Hardware Installation & Initial Setup Additional Installation RequirementsUnpacking your Bridge/Router Connecting the Console Port Prestige 1100 ConnectionsInitial Screen Power On Your PrestigeConnect the Power Cord to your Prestige Connect your Prestige 1100 to EthernetLogin Screen Main Menu Commands Navigating the SMT InterfaceOperation Press/read Description Main Menu Summary Menu Title DescriptionChanging the System Password Menu 23 System SecurityMenu 23.1 System Security Change Password General Setup Menu 1 General SetupGeneral Setup Menu Fields Field Description ExampleWAN Setup Prestige 1100 WAN Port SetupEthernet Setup Menu 3 Ethernet Setup Select LANGeneral Ethernet Setup Protocol Dependent Ethernet SetupPage Chapter Internet Access Route IP SetupRIP Setup TCP/IP ParametersIP Address and Subnet Mask IP Pool Setup TCP/IP and Dhcp Ethernet SetupDhcp Configuration DNS Server AddressesDHCP= TCP/IP Ethernet Setup Menu Fields IP MulticastInternet Access Configuration Internet Account InformationInternet Access Setup Menu Fields Field Description ObservationSingle User Account Single User Account TopologySingle User Account Configuration Advantages of SUAEthernet SUA Single User Account Menu FieldsField Description LANs & WANs LANs, WANs and the PrestigePage Leased Line Remote Node Profile Menu 11.1 Remote Node Profile for Leased LinesRemote Node Profile Menu Fields for Leased Lines Field Description OptionsOutgoing Authentication Protocol Editing PPP OptionsRemote Node PPP Options Menu Fields Field Description OptionChapter Remote Node TCP/IP Configuration LAN-to-LAN ApplicationRemote Node Setup Menu 11.3- Remote Node TCP/IP OptionsSample IP Addresses for a TCP/IP LAN-to-LAN Connection TCP/IP related fields in Remote Node ProfileRemote Node TCP/IP Configuration Igmp Static Route Setup Example of Static Routing TopologyMenu 12 Static Route Setup Edit IP Static Route Menu Fields Network and Node Number Chapter IPX ConfigurationIPX Network Environment Frame TypesPrestige 1100 in an IPX Environment External Network NumberInternal Network Number Prestige 1100 on LAN with Server Prestige 1100 on LAN without ServerIPX Ethernet Setup Novell IPX Ethernet Setup FieldsLAN-to-LAN Application with Novell IPX LAN-to-LAN Application with Novell IPXIPX Remote Node Setup Menu 11.3 Remote Node Novell IPX OptionsRemote Node Novell IPX Options IPX Static Route Setup Menu 12.2.1 Edit IPX Static RouteEdit IPX Static Route Menu Fields Page Chapter Bridging Setup Bridge Ethernet SetupBridging in General Remote Node Bridging Setup Menu 3.5 Bridge Ethernet SetupMenu 11.3 Remote Node Bridging Options Remote Node Bridge OptionsBridge Static Route Setup Bridge Static Route Menu FieldsChapter Filter Configuration About FilteringFilter Structure of the Prestige Filter Set Configuring a Filter Set Menu 21 Filter Set ConfigurationFilter Rules Summary Menu Abbreviations Used in the Filter Rules Summary MenuAbbreviations Description Display Abbreviations Used If Filter Type Is IP Abbreviation DescriptionAbbreviations Used If Filter Type Is IPX Configuring a Filter RuleFilter Types and SUA Abbreviations Used If Filter Type Is Dev2 TCP/IP Filter Rule Protocol and Device Filter SetsMenu 21.1.1 TCP/IP Filter Rule TCP/IP Filter Rule Menu Fields65535 Executing an IP Filter Novell IPX Filter Rule Menu 21.1.1 IPX Filter RuleIPX Filter Rule Menu Fields Device Filter Rule SAPMenu 21.1.2 Device Filter Rule Device Filter Rule Menu FieldsApplying a Filter Ethernet trafficRemote Node Filters 10 Filtering Remote Node trafficChapter Snmp Configuration Snmp ConfigurationAbout Snmp Snmp Configuration Menu Fields Field Description DefaultChapter System Security System Security About Telnet Configuration Telnet Configuration on a TCP/IP NetworkTelnet Under SUA Single AdministratorSystem Timeout Telnet CapabilitiesChapter System Maintenance Menu 24 System MaintenanceMenu 24.1 System Maintenance Status System StatusSystem Maintenance Status Menu Fields Modified in Menu 1 General Setup System InformationViewing Error Log Log and TraceConsole Port Speed Examples of Error and Information Messages Syslog And AccountingDiagnostic System Maintenance Menu Syslog ParametersParameter Description System Maintenance Menu Diagnostic Filename conventionsFilename Conventions Back up ConfigurationBackup using the Console Port FileBack up using FTP Back up using TftpRestore Configuration Restore using the Console PortRestore using FTP Restore using Tftp Upload FirmwareDual Firmware Block Structure Upload Router Firmware via the Console PortUpload Router Firmware using FTP 13 Menu 24.7.1 -Upload ZyNOS Code using the Console PortUpload Router Configuration File Upload Router Firmware using TftpUpload Router Configuration File using the Console Port Upload Router Configuration File using FTP 15 Menu 24.7.2 -Upload Router Configuration FileUpload Router Configuration File using Tftp Boot Module Commands 17 Boot module commands12.10Command Interpreter Mode 18 Command modePage Benefits Chapter IP Policy RoutingIntroduction Routing PolicyIP Policy Routing Setup IP Routing Policy SetupMenu 25 IP Routing Policy Summary IP Routing Policy Summary Abbreviation MeaningIP Policy Routing 13-5 Applying an IP Policy Ethernet IP PoliciesRemote Node IP Routing Policies Menu 11.3 Remote Node Network Layer Options Page Troubleshooting the Start-Up of your Prestige Chapter TroubleshootingProblems Starting Up the Prestige Troubleshooting Corrective ActionProblems With the WAN Port Problems with the LAN InterfaceProblems Connecting to a Remote Node or ISP Acronyms and Abbreviations SAP Index Gateway Tick Count, 6-7,6-9 Watchdog