Outgoing Packet Filtering Process | ZyXEL Communications P-202

Prestige 201 ISDN Access Router

Outgoing

Packet

Data Filtering

Match

No match

			Call Filtering
	Built-in		No	User-defined		No



			match			match
	default			Call Filters
	Call Filters			(if applicable)
		Match			Match

Active Data

Initiate call if line not up

Send packet and reset Idle Timer

Drop packet

Drop packet						Drop packet
if line not up						if line not up

	Or								Or
					Send packet						Send packet
					Send packet						Send packet
				but do not reset						but do not reset
					Idle Timer						Idle Timer

Figure 6-1 Outgoing Packet Filtering Process

For incoming packets, your Prestige applies data filters only. Packets are processed depending upon whether a match is found. The following sections describe how to configure filter sets.

The Filter Structure of the Prestige

A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the rules for NetBIOS, into a single set and give it a descriptive name. The Prestige allows you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system.

You can apply up to four filter sets to a particular port to block multiple types of packets. With each filter set having up to six rules, you can have a maximum of 24 rules active for a single port. The following diagram illustrates the logic flow when executing a filter rule.

6-2	Filter Configuration

Image 68

ZyXEL Communications P-202 manual Outgoing Packet Filtering Process, Filter Structure of the Prestige

Contents

Prestige Page Page Trademarks Isdn Access Router CopyrightDisclaimer ZyXEL Limited Warranty ZyXEL Limited Warranty Customer Support Customer Support Table of Contents Chapter Telnet Configuration and Capabilities System Maintenance Chapter 10-1 Chapter 11-1 List of Figures List of Figures/Tables Menu 21.2 Filter Rules Summary Menu 24.7 System Maintenance Upload Firmware 10-7 List of Tables Xii List of Figures/Tables Xiii Setup Information Ethernet Setup InformationPreface About Your Prestige Syntax Conventions SMT Scenarios Prestige ScenariosPrestige Scenarios General Structure of this Manual Page Features of the Prestige Getting to Know Your Isdn Router Bandwidth-On-Demand NetCAPI SupportIsdn PtP Support Call Scheduling Prestige Network Commander PNC Upgrade Firmware via LANData Compression Networking Compatibility Internet Access with the Prestige Internet Access Hardware Installation & Initial Setup Hardware Installation & Initial SetupFront Panel Leds of P201 LED functions Additional Installation Requirements Prestige 201 Rear Panel and Connections Initial Screen HousingPower On Your Prestige Login Screen Operation Press/read Description Main Menu CommandsNavigating the SMT Interface Menu Title Description System Management Terminal Interface SummaryMain Menu Summary Changing the System Password Resetting the Prestige Booting Up the Prestige Filename conventions Field Description Example General SetupGeneral Setup Menu Fields Isdn Setup Menus Isdn Setup MenuField Description Switch Type Channel Usage Field Description Isdn Advanced SetupIsdn Advanced Setup Fields 11 Prestige behind a Pabx NetCAPI Setup 12 Loopback test Data Link Connection PtMP and PtP Configuring the P201 as a NetCAPI Server RVS-COM Installing the Capi driver and Communication Software Configuring NetCAPI 14 Menu 2.2 NetCAPI Setup NetCAPI Setup Fields Operation field Ethernet SetupGeneral Ethernet Setup 16 Menu 3.1 General Ethernet Setup Chapter Internet Access Factory Ethernet DefaultsInternet Access TCP/IP Parameters IP Pool Setup RIP SetupDhcp Configuration DNS Server Address TCP/IP Ethernet Setup and Dhcp Menu 3.2 TCP/IP and Dhcp Ethernet Setup Dhcp Ethernet Setup Menu Fields FieldNone Relay TCP/IP Ethernet Setup Menu Fields BothOnly/Out Only RIP Internet Access Configuration Internet Account Information Example Internet Access Configuration Menu 4 Internet Access Setup Internet Access Setup Menu Fields Single User Account Single User Account Topology Single User Account Configuration Advantages of SUA Single User Account Menu Fields Configuring a Server behind SUAMultiple Servers behind SUA Services vs. Port number Services Port NumberPage Chapter Remote Node Configuration Remote Node SetupRemote Node Configuration Remote Node Profile Menu 11 Remote Node Profile Off / BOD Remote Node Profile Menu FieldsField Description Options Outgoing Authentication Protocol Remote Node Filter Menu 11.1 Remote Node FilterPage Chapter Static Route Setup Static Route Setup Menu 12 IP Static Route Setup Practice, 2 or 3 is usually a good number Page About Filtering Chapter Filter ConfigurationFilter Configuration Outgoing Packet Filtering Process Filter Structure of the Prestige Execute Filter Configuring a Filter Set Step Filter Rules Summary Menus Menu 21.1 Filter Rules Summary Action Not Matched will be N/A Abbreviations Used in the Filter Rules Summary MenuAbbreviations Description Display Configuring a Filter Rule Filter Types and SUAAbbreviations Used If Filter Type Is IP Abbreviations Used If Filter Type Is GEN 2 TCP/IP Filter Rule Protocol and Device Filter Sets TCP/IP Filter Rule Menu Fields Field Description OptionNone/Less/Greater Equal/Not Equal Yes / No Action MatchedAction Not Matched Check Next Rule Executing an IP Filter Generic Filter Rule Menu 21.1.2 Generic Filter Rule Generic Filter Rule Menu Fields Remote Node Filters Applying Filters and Factory DefaultsEthernet Traffic 11 Filtering Remote Node traffic Page Telnet Configuration and Capabilities Telnet ConfigurationTelnet Under SUA System Management Telnet Capabilities Single AdministratorSystem Timeout Chapter System Maintenance System Maintenance Menu 24.1 System Maintenance Status System Status System Maintenance Status Menu Fields Calling or Answering LAN Packet That Triggered Last Call System Maintenance Information System Information Console Port Speed Fields in System MaintenanceModified in Menu 1 General Setup Viewing Error Log Log and Trace System Maintenance Menu Syslog Parameters Syslog And AccountingCall-Triggering Packet Parameter Description Call-Triggering Packet Example Diagnostic System Maintenance Menu Diagnostic 10 Display for a Successful Manual Call 11 Display for a Failed Authentication Boot module commands Command Interpreter Mode 14 Menu 24.9 System Maintenance Call Control Call Control Call Control Parameters 15 Call Control Parameters Call Control Parameters Fields Blacklist 16 Menu 24.9.2 Blacklist Budget Management Call History Time and Date Setting 18 Call History Call History Fields 19 System Maintenance Time and Date Setting Time and Date Setting Fields Menu Chapter Schedule Setup Schedule Setup Schedule Set Setup Fields Disable Dial-On-Demand Disable Dial-on- demand Page Chapter Backup, Restore and Upload Backup ConfigurationBackup using the Console Port Backup, Restore and Upload 10-1 Backup, Restore and Upload Back up using FTPBack up using Tftp Backup, Restore and Upload 10-3 Example Using Walusoft Tftp Client Restore ConfigurationRestore using the Console Port Menu 24.6 -Restore Configuration using the Console Port Send File Restore using FTP Restore using Tftp Firmware Update Backup, Restore and Upload 10-7Upload through the Console Port Upload Firmware File 10-8 Backup, Restore and Upload 10-9 Upload using FTPUsing FTP command in terminal Using FTP client software 11 FTP Example Upload using Tftp Backup, Restore and Upload 10-11 10-12 Chapter Troubleshooting Problems Starting Up the PrestigeTroubleshooting the Start-Up of your Prestige Troubleshooting Problems With the Isdn Line Troubleshooting the Isdn Line Problems with the LAN Interface Problems Connecting to a Remote Node or ISPTroubleshooting the LAN Interface Troubleshooting a Connection to a Remote Node or ISPPage Acronyms and Abbreviations Acronyms and Abbreviations RFC Index Index Index