Firewall Rules Summary | ZyXEL Communications P-2602 specification

P-2602H(W)(L)-DxA Series User’s Guide

The following table describes the labels in this screen.

Table 70 Firewall: General

LABEL	DESCRIPTION

Active Firewall	Select this check box to activate the firewall. The ZyXEL Device performs access
	control and protects against Denial of Service (DoS) attacks when the firewall is
	activated.
Bypass Triangle	Select this check box to have the ZyXEL Device firewall permit the use of triangle
Route	route topology on the network. See the appendix for more on triangle route
	topology.

	Note: Allowing asymmetrical routes may let traffic from the WAN go
	directly to a LAN computer without passing through the
	router. See Appendix H on page 377 for more on triangle
	route topology and how to deal with this problem.

Packet Direction	This is the direction of travel of packets (LAN to LAN / Router, LAN to WAN,
	WAN to WAN / Router, WAN to LAN).
	Firewall rules are grouped based on the direction of travel of packets to which they
	apply. For example, LAN to LAN / Router means packets traveling from a
	computer/subnet on the LAN to either another computer/subnet on the LAN
	interface of the ZyXEL Device or the ZyXEL Device itself.
Default Action	Use the drop-down list boxes to select the default action that the firewall is take on
	packets that are traveling in the selected direction and do not match any of the
	firewall rules.
	Select Drop to silently discard the packets without sending a TCP reset packet or
	an ICMP destination-unreachable message to the sender.
	Select Reject to deny the packets and send a TCP reset packet (for a TCP packet)
	or an ICMP destination-unreachable message (for a UDP packet) to the sender.
	Select Permit to allow the passage of the packets.

Log	Select the check box to create a log (when the above action is taken) for packets
	that are traveling in the selected direction and do not match any of your customized
	rules.
Expand...	Click this button to display more information.

Basic...	Click this button to display less information.

Apply	Click Apply to save your changes back to the ZyXEL Device.

Cancel	Click Cancel to begin configuring this screen afresh.

14.6 Firewall Rules Summary

Note: The ordering of your rules is very important as rules are applied in turn.

Refer to Section 13.1 on page 181 for more information.

Click Security > Firewall > Rules to bring up the following screen. This screen displays a list of the configured firewall rules. Note the order in which the rules are listed.

Chapter 14 Firewall Configuration

197

Image 197

ZyXEL Communications P-2602 manual Firewall Rules Summary, Firewall General, Firewall Configuration 197

Contents

2602HWL Series Page Disclaimer CopyrightTrademarks 2602HWL-DxA Series User’s Guide Certifications CertificationsViewing Certifications Safety Warnings Safety Warnings ZyXEL Limited Warranty ZyXEL Limited Warranty Customer Support Customer Support Norway Table of Contents Chapter VoIP Wizard And Example Chapter LAN Setup 107 141 156 Chapter Phone Usage 179 Chapter Firewall Configuration 193 Chapter VPN Screens 221 Chapter Static Route 249 Chapter System 289 Chapter Diagnostic 315 Appendix B Splitters and Microfilters 339 Appendix F Services 371 Appendix G Firewall Commands 375 Index 421 List of Figures List of Figures Bandwidth Management Wizard General Information Firewall Example Edit Rule Destination Address 205 Telecommuters Using Unique VPN Rules Example 246 FTP Session Example of Firmware File Upload 312 Peer-to-Peer Communication in an Ad-hoc Network 361 List of Tables List of Tables 139 228 333 389 2602HWL-DxA Series User’s Guide List of Tables About This Users Guide PrefaceRelated Documentation User Guide Feedback Dslam Graphics Icons Key Introducing the P-2602HWL-Dx Series Getting To Know the ZyXEL DeviceModels Covered Getting To Know the ZyXEL Device Built-in Switch FeaturesHigh Speed Internet Access Adsl Standards Auto Firmware Upgrade Zero Configuration Internet AccessAny IP Auto Provisioning Network Address Translation NAT Content FilteringMedia Bandwidth Management Dynamic Jitter Buffer QoS Quality of Service Echo CancellationOther PPPoE Features Universal Plug and Play UPnP Wireless Features W models only Wireless LAN MAC Address Filtering Ieee 802.11g+ Wireless LANWi-Fi Protected Access External Antenna Making Calls via Internet Telephony Service Provider Internet AccessApplications for the ZyXEL Device Internet Single User Account Make Peer-to-peer Calls Firewall for Secure Broadband Internet Access Firewall Application LAN to LAN Application LEDs LED Color Status Description PowerEthernet Wlan LED Color Status Description DSL 2602HWL-DxA Series User’s Guide LEDsInternet Phone 1 Web Configurator Overview Introducing the Web ConfiguratorAccessing the Web Configurator Introducing the Web Configurator Password Screen Using The Reset Button Reset Button Title Bar Web Configurator Main Screen Navigation Panel Web Configurator Icons in the Title BarNavigation Panel Summary Icon Description Mgmt 2602HWL-DxA Series User’s Guide Navigation Panel SummaryVPN Status Bar Main WindowPage Internet Access Wizard Setup Internet and Wireless Setup WizardInternet and Wireless Setup Wizard Introduction Wizard Welcome Auto-Detection PPPoE Manual Configuration PPPoE Label DescriptionVPI VCI Internet Connection with PPPoE Internet Connection with RFC Internet Connection with PPPoA Internet Connection with Enet Encap Connection Test Failed-1 Connection Test Successful Wireless Connection Wizard Setup Wireless LAN Wireless LAN Setup Wizard Manually Assign a WPA key Manually Assign a WPA key Internet and Wireless Setup Wizard Manually Assign a WPA key Manually Assign a WEP key Manually Assign a WEP key Wireless LAN Setup 2602HWL-DxA Series User’s Guide VoIP Wizard And Example VoIP Wizard SetupVoIP Wizard And Example Wizard Welcome VoIP Wizard And Example Sample SIP Account Information VoIP Wizard Configuration SIP Registration Test 2602HWL-DxA Series User’s Guide VoIP Wizard Configuration VoIP Wizard Fail 2602HWL-DxA Series User’s Guide VoIP Wizard And Example Media Bandwidth Management Setup Services Predefined Media Bandwidth Management ServicesService Description Bandwidth Management Wizard Tftp Bandwidth Management Wizard Setup Click Bandwidth Management Setup Following fields describe the label in this screen Bandwidth Management Wizard Complete 2602HWL-DxA Series User’s Guide Bandwidth Management Wizard Status Screen Status Screens VPI/VCI Status ScreenDhcp Ssid 253 This in Maintenance System Time Setting Can change these in VoIP SIP SIP Settings SettingsAny IP Table 2602HWL-DxA Series User’s Guide Status Screen Any IP Table Wlan Status W models onlyPacket Statistics Packet Statistics VoIP Statistics Status Screens VoIP Statistics VoIP Statistics Interval 2602HWL-DxA Series User’s Guide Status Screens WAN Overview WAN SetupEncapsulation Enet Encap VPI and VCI Multiplexing 6 NAT IP Address AssignmentNailed-Up Connection PPP Traffic Shaping Metric Variable Bit Rate VBR ATM Traffic ClassesConstant Bit Rate CBR Unspecified Bit Rate UBR Zero Configuration Internet AccessInternet Access Setup Encap or PPPoE Internet Access Setup 100 WAN Setup 2602HWL-DxA Series User’s Guide Internet Access SetupEnet Encap Enet Encap in the Encapsulation field WAN Setup 101 Advanced Internet Access Setup WAN More Connections 102 WAN Setup Traffic Redirect WAN Setup 103 Traffic Redirect Example WAN Setup 105 WAN Backup SetupWAN Backup Setup 106 WAN Setup 2602HWL-DxA Series User’s Guide WAN Backup Setup LANs, WANs and the ZyXEL Device LAN SetupLAN Overview IP Pool Setup Dhcp Setup108 LAN Setup DNS Server Address IP Address and Subnet Mask LAN Setup 109DNS Server Address Assignment Private IP Addresses RIP Setup110 LAN Setup Any IP LAN Setup 111Multicast How Any IP Works 112 LAN Setup Configuring Advanced LAN Setup Configuring LAN IPLAN Setup 113 LAN TCP/IP TCP/IP 114 LAN Setup LAN Setup 115 Dhcp SetupDhcp Setup LAN Client List 2602HWL-DxA Series User’s Guide Dhcp Setup LAN Client List LAN Setup 117LAN IP Alias LAN IP Alias Physical Network & Partitioned Logical Networks LAN Setup 119 2602HWL-DxA Series User’s Guide 120 LAN Setup Wireless LAN 121 Wireless LANWireless Network Overview 122 Wireless LAN Wireless Security OverviewSsid MAC Address Filter Types of Encryption for Each Type of Authentication User AuthenticationWireless LAN 123 Weakest Strongest No Authentication Radius Server Quality of Service QoS Wireless Performance Overview124 Wireless LAN One-Touch Intelligent Security Technology Otist Wireless LAN 125 Additional Wireless TermsGeneral Wlan Screen Term Description No Security 126 Wireless LAN WEP Encryption Screen Wireless LAN 127 3 WPA2-PSK 128 Wireless LAN Wireless LAN 129 Wireless WPA2-PSK 130 Wireless LAN 4 WPA2 Authentication Screen Wireless LAN 131 Wireless LAN Advanced Setup 132 Wireless LAN Wireless LAN Advanced802.11g Only mode RTS/CTS Setup Key Type a key password 8 Ascii characters long Wireless LAN 133Security Mode to WPA-PSK , and enter the Pre-Shared Key Otist Screen Example Wireless Client Otist Screen Start OTIST? Otist In Progress on the Wireless Device MAC Filter 136 Wireless LAN QoS Screen Wireless LAN 137 2602HWL-DxA Series User’s Guide Wireless LAN QoS Application Priority ConfigurationApplication Priority Configuration screen Policy Wireless LAN 139 Application Priority ConfigurationFTP WWW 2602HWL-DxA Series User’s Guide 140 Wireless LAN NAT Overview Network Address Translation NAT ScreensNAT Definitions NAT Definitions How NAT Works What NAT Does Network Address Translation NAT Screens 143 NAT ApplicationNAT Mapping Types SUA Single User Account Versus NAT NAT General SetupNAT Mapping Types 144 Network Address Translation NAT Screens Network Address Translation NAT Screens 145 Port Forwarding Configuring Servers Behind Port Forwarding Example Default Server IP AddressPort Forwarding Services and Port Numbers Network Address Translation NAT Screens 147 Configuring Port Forwarding 148 Network Address Translation NAT Screens Port Forwarding Rule Edit2602HWL-DxA Series User’s Guide Port Forwarding Network Address Translation NAT Screens 149 2602HWL-DxA Series User’s Guide Port Forwarding Rule SetupSIP ALG Page Introduction to VoIP Voice11.2 SIP SIP Identities SIP Call Progression SIP Service DomainSIP Servers SIP Call Progression SIP Proxy Server SIP User Agent SIP Redirect Server SIP Settings ScreenSIP Register Server 154 Voice Server Port field Voice 155 Voice Coding Pulse Code Modulation11.3.1 RTP 11.5.1 G.711 MWI Message Waiting Indication Pstn Call Setup SignalingCustom Tones IVR Recording Custom Tones Listening to Custom Tones Advanced SIP Setup ScreenDeleting Custom Tones 158 Voice VoIP SIP Settings Advanced Voice 159 160 Voice VoIP SIP Settings Advanced Voice 161 Type Of Service ToS Quality of Service QoSDiffServ Dscp and Per-Hop Behavior Voice 163 VlanSIP QoS Screen Phone Echo CancellationPstn Line L models only Voice Activity Detection/Silence Suppression Voice 165 Analog Phone ScreenSIP1 SIP2 166 Voice Advanced Analog Phone Setup Screen2602HWL-DxA Series User’s Guide Phone Analog Phone Dialing Interval Select in VoIP Phone Analog Phone Common Phone Settings ScreenVoice 167 Europe Type Supplementary Phone Services Supplementary Phone Services OverviewEuropean Flash Key Commands Flash Key European Call Waiting European Call HoldEuropean Call Transfer Voice 169 USA Flash Key Commands USA Type Supplementary ServicesEuropean Three-Way Conference USA Call Hold USA Call Waiting Phone Region ScreenUSA Call Transfer USA Three-Way Conference 172 Voice Speed DialPeer-to-Peer Calls Dial Phone Book section Speed Dial ScreenVoice 173 174 Voice Incoming Call Policy Screen2602HWL-DxA Series User’s Guide Phone Book Speed Dial Voice 175 Phone Book Incoming Call Policy 176 Voice Pstn Line Screen L models onlyCondition Incoming Call Number to the Forward to Number Voice 177 Pstn Line General 2602HWL-DxA Series User’s Guide 178 Voice Phone Usage Using Speed Dial to Dial a Telephone NumberDialing a Telephone Number Internal Calls 180 Phone Usage Auto Firmware Upgrade Firewall Overview FirewallsTypes of Firewalls Packet Filtering Firewalls Application-level Firewalls Introduction to ZyXEL’s FirewallStateful Inspection Firewalls 182 Firewalls Denial of Service Attacks Denial of ServiceBasics Firewalls 183 2602HWL-DxA Series User’s Guide Common IP Ports Types of DoS Attacks Firewalls 185 SYN Flood Icmp Vulnerability Illegal Commands NetBIOS and Smtp Traceroute Stateful Inspection 188 Firewalls Stateful Inspection ProcessStateful Inspection on Your ZyXEL Device Firewalls 189 TCP Security13.5.4 UDP/ICMP Security Upper Layer Protocols Guidelines for Enhancing Security with Your FirewallSecurity In General 190 Firewalls Firewalls 191 Packet Filtering Vs FirewallPacket Filtering When To Use The Firewall When To Use FilteringFirewall 192 Firewalls Access Methods Firewall ConfigurationFirewall Configuration 193 Firewall Policies Overview 194 Firewall Configuration Rule ChecklistRule Logic Overview Security Ramifications Connection Direction Key Fields For Configuring Rules Alerts General Firewall PolicyLAN to WAN Rules Firewall Rules Summary Firewall Configuration 197Firewall General WAN to WAN / Router , WAN to LAN General screen 198 Firewall Configuration Firewall Configuration 199 Configuring Firewall Rules Firewall Edit Rule 200 Firewall Configuration Firewall Edit Rule Firewall Configuration 201Range Address , Subnet Address and Any Address Edit Configuring a Customized Service Customized ServicesCustomized Services 202 Firewall Configuration Example Firewall Rule Firewall Configuration 203 Edit Custom Port Example Firewall Example Rules Firewall Example Edit Rule Destination Address Firewall Configuration 205 206 Firewall Configuration Firewall Example Edit Rule Select Customized Services Threshold Values Firewall Configuration 207DoS Thresholds TCP Maximum Incomplete and Blocking Time 208 Firewall ConfigurationHalf-Open Sessions Label Description Default Values Configuring Firewall ThresholdsFirewall Configuration 209 2602HWL-DxA Series User’s Guide Firewall Threshold 210 Firewall ConfigurationNot set Maximum Incomplete High to lower Than the current Maximum Incomplete Low Configuring Keyword Blocking Content FilteringContent Filtering Overview Content Filter Keyword Configuring the Schedule Content Filtering 213 Configuring Trusted ComputersContent Filter Schedule 2602HWL-DxA Series User’s Guide 214 Content Filtering VPN Overview Introduction to IPSecIPSec Security Association IPSec Architecture Data Origin AuthenticationVPN Applications Data Confidentiality IPSec Algorithms EncapsulationKey Management Introduction to IPSec 217 Tunnel Mode Transport ModeIPSec and NAT 218 Introduction to IPSec VPN and NAT Security Protocol Mode NATIntroduction to IPSec 219 ESP 2602HWL-DxA Series User’s Guide 220 Introduction to IPSec VPN Screens AH Authentication Header Protocol17.1 VPN/IPSec Overview IPSec Algorithms 222 VPN Screens My IP Address2602HWL-DxA Series User’s Guide AH and ESP Secure Gateway Address VPN Setup ScreenDynamic Secure Gateway Address VPN Screens 223 224 VPN Screens VPN Setup IKE screen to Keep AliveVPN Screens 225 226 VPN Screens 17.7 VPN, NAT, and NAT Traversal VPN Screens 227 ID Type and ContentRemote DNS Server Peer ID Type and Content Fields Local ID Type and Content FieldsLocal ID TYPE= CONTENT= Peer ID TYPE= CONTENT= Editing VPN Policies ID Type and Content ExamplesPre-Shared Key 230 VPN Screens Edit VPN Policies 0.0 VPN Screens 231 232 VPN Screens 2602HWL-DxA Series User’s Guide Edit VPN Policies Secure Gateway Address field description VPN Screens 233 234 VPN Screens IKE Phases VPN Screens 235 Negotiation Mode Diffie-Hellman DH Key Groups Configuring Advanced IKE SettingsPerfect Forward Secrecy PFS 236 VPN Screens VPN IKE VPN Screens 237 238 VPN Screens 2602HWL-DxA Series User’s Guide Advanced VPN Policies Configuring Manual Key Manual Key SetupSecurity Parameter Index SPI VPN Screens 239 SPI 240 VPN Screens VPN Screens 241 2602HWL-DxA Series User’s Guide VPN Manual Key 242 VPN Screens Viewing SA Monitor VPN Screens 243 VPN SA Monitor Telecommuter VPN/IPSec Examples Configuring Global SettingTelecommuters Sharing One VPN Rule Example 244 VPN Screens Fields Telecommuters Headquarters Telecommuters Using Unique VPN Rules ExampleVPN Screens 245 Telecommuters Headquarters 246 VPN Screens VPN Screens 247 VPN and Remote Management 2602HWL-DxA Series User’s Guide 248 VPN Screens Static Route Configuring Static RouteStatic Route Static Route 249 250 Static Route Static Route Edit Static Route 251 Static Route Edit 2602HWL-DxA Series User’s Guide 252 Static Route Bandwidth Management Overview Bandwidth ManagementApplication-based Bandwidth Management Subnet-based Bandwidth Management Scheduler Application and Subnet-based Bandwidth ManagementPriority-based Scheduler Application and Subnet-based Bandwidth Management Example Fairness-based Scheduler Maximize Bandwidth UsageReserving Bandwidth for Non-Bandwidth Class Traffic Bandwidth Management 255 Priority-based Allotment of Unused and Unbudgeted Bandwidth Maximize Bandwidth Usage ExampleMaximize Bandwidth Usage Example 256 Bandwidth Management Bandwidth Management Priorities Configuring SummaryFairness-based Allotment of Unused and Unbudgeted Bandwidth Bandwidth Management Priorities 258 Bandwidth Management Media Bandwidth Management Summary Bandwidth Management 259 Bandwidth Management Rule Setup Bandwidth Management Rule Configuration 260 Rule Configuration Bandwidth Management 261 Bandwidth Management Rule Configuration Bandwidth Management Monitor 262 Bandwidth Monitor Configuring Dynamic DNS Dynamic DNS SetupDynamic DNS Setup 263 Dynamic DNS Overview Dynamic DNS 264 Dynamic DNS Setup Dynamic DNS Setup 265 2602HWL-DxA Series User’s Guide 266 Dynamic DNS Setup Remote Management Configuration 267 Remote Management ConfigurationRemote Management Overview Remote Management Limitations Remote Management and NAT System Timeout21.2 WWW Remote Management Configuration 269 Configuring TelnetTelnet Remote Management WWW 270 Remote Management Configuration Configuring FTP Snmp Remote Management Configuration 271 Supported MIBs 272 Remote Management Configuration Remote Management Configuration 273 Configuring SnmpSnmp Traps Snmp Traps Remote Management Snmp 274 Remote Management Configuration Remote Management Configuration 275 Configuring DNSConfiguring Icmp Remote Management Icmp 276 Remote Management Configuration Universal Plug-and-Play UPnP How do I know if Im using UPnP?Introducing Universal Plug and Play NAT Traversal UPnP and ZyXEL Configuring UPnP Universal Plug-and-Play UPnP 279 Installing UPnP in Windows ExampleConfiguring UPnP Add/Remove Programs Windows Setup Communication Components Add/Remove Programs Windows Setup Communication Windows Optional Networking Components Wizard Network Connections 282 Universal Plug-and-Play UPnP Using UPnP in Windows XP Example Network Connections Internet Connection Properties Advanced Settings Add Internet Connection Properties Advanced Settings Internet Connection Status System Tray Icon 286 Universal Plug-and-Play UPnP Network Connections My Network Places Page General Setup General Setup and System NameSystem System 289 290 System System General Setup System 291 Time Setting 292 System 2602HWL-DxA Series User’s Guide System Time Setting System 293 2602HWL-DxA Series User’s Guide 294 System Logs Overview LogsViewing the Logs Alerts and Logs 296 Logs Configuring Log Settings Logs 297 Log Settings 298 Logs 2602HWL-DxA Series User’s Guide Log Settings Smtp Error Messages Smtp Error MessagesExample E-mail Log Logs 299 300 Logs Mail Log Example Tools 301 ToolsIntroduction Filename Conventions Firmware Upgrade Screen File Maintenance Over WANFilename Conventions 302 Tools Firmware Upgrade 304 Tools Backup and Restore Restore Configuration Backup ConfigurationRestore Configuration Tools 305 Configuration Upload Successful Restart Reset to Factory Defaults Using the FTP Commands to Back Up Configuration Using FTP or Tftp to Back Up ConfigurationFTP Command Configuration Backup Example 308 Tools Backup Configuration Using Tftp Configuration Backup Using GUI-based FTP ClientsGeneral Commands for GUI-based FTP Clients Command Description Tftp Command Configuration Backup Example Using FTP or Tftp to Restore ConfigurationConfiguration Backup Using GUI-based Tftp Clients General Commands for GUI-based Tftp Clients Restore Using FTP Session Example FTP and Tftp Firmware and Configuration File UploadsFTP File Upload Command from the DOS Prompt Example Tools 311 312 Tools FTP Session Example of Firmware File UploadTftp File Upload Tools 313 Tftp Upload Command Example 2602HWL-DxA Series User’s Guide 314 Tools General Diagnostic DiagnosticDSL Line Diagnostic Diagnostic 315 316 Diagnostic Diagnostic DSL Line Signal coming into the ZyXEL Device from the ISP Diagnostic 317 2602HWL-DxA Series User’s Guide 318 Diagnostic Problems with the LAN TroubleshootingProblems Starting Up the ZyXEL Device Troubleshooting the WAN Problems with the WAN320 Troubleshooting Internet light is Troubleshooting Accessing Your Device Problems Accessing the ZyXEL DeviceTroubleshooting 321 Pop-up Windows, JavaScripts and Java Permissions Internet Explorer Pop-up Blockers 322 Troubleshooting Internet Options Troubleshooting 323 324 Troubleshooting JavaScripts Troubleshooting 325 326 Troubleshooting Java Permissions Troubleshooting 327 328 Troubleshooting Security Settings Java Troubleshooting 329 Telephone ProblemsTroubleshooting Telephone Outgoing Calls Problems With Multiple SIP Accounts Incoming Calls Incoming Calls Default 2602HWL-DxA Series User’s Guide 332 Troubleshooting Appendix a Product Specifications 333 Specification TablesDevice Specifications RIP I/RIP 2602HWL-DxA Series User’s Guide Firmware Specifications334 Appendix a Product Specifications WPA2 Appendix a Product Specifications 335WMM NAT/SUA 336 Appendix a Product Specifications 2602HWL Series Power Adaptor Specifications2602HWL Series Power Adaptor Specifications United Kingdom Plug Standards Appendix a Product Specifications 337Page Appendix B Splitters and Microfilters 339 Connecting a Pots SplitterTelephone Microfilters ZyXEL Device With Isdn Connecting a Microfilter Windows 95/98/Me Appendix C Setting up Your Computer’s IP Address 341 342 Appendix C Setting up Your Computer’s IP Address Installing Components Appendix C Setting up Your Computer’s IP Address 343 Configuring Windows 2000/NT/XP Verifying Settings344 Appendix C Setting up Your Computer’s IP Address Windows XP Control Panel Windows XP Start Menu Windows XP Local Area Connection Properties Windows XP Control Panel Network Connections Properties Appendix C Setting up Your Computer’s IP Address 347 Windows XP Advanced TCP/IP Settings Windows XP Internet Protocol TCP/IP Properties 348 Appendix C Setting up Your Computer’s IP Address Macintosh OS 8/9 Appendix C Setting up Your Computer’s IP Address 349 Macintosh OS 8/9 TCP/IP Macintosh OS Macintosh OS X Network Appendix C Setting up Your Computer’s IP Address 351Page Appendix D IP Addresses and Subnetting 353 Introduction to IP AddressesIP Address Classes and Hosts Classes of IP Addresses IP Address Classes and Network IDAllowed IP Address Range By Class 354 Appendix D IP Addresses and Subnetting Subnetting Subnet MasksNatural Masks Alternative Subnet Mask Notation Two Subnets Example Example Two Subnets356 Appendix D IP Addresses and Subnetting IP/SUBNET Mask Network Number Host ID Appendix D IP Addresses and Subnetting 357 Example Four SubnetsSubnet 358 Appendix D IP Addresses and Subnetting Example Eight Subnets2602HWL-DxA Series User’s Guide Subnet Eight Subnets Subnetting With Class a and Class B NetworksClass C Subnet Planning Appendix D IP Addresses and Subnetting 359 360 Appendix D IP Addresses and Subnetting Class B Subnet Planning Appendix E Wireless LANs 361 Wireless LAN TopologiesAd-hoc Wireless LAN Configuration 362 Appendix E Wireless LANs Basic Service Set Channel Appendix E Wireless LANs 363 Fragmentation Threshold 364 Appendix E Wireless LANs Preamble Type Appendix E Wireless LANs 365 Types of Radius Messages 366 Appendix E Wireless LANsIeee EAP-MD5 Message-Digest Algorithm Types of AuthenticationAppendix E Wireless LANs 367 368 Appendix E Wireless LANs EAP-TTLS Tunneled Transport Layer ServiceEAP-TLS Transport Layer Security Peap Protected EAP EAP-MD5 EAP-TLS EAP-TTLS Peap Leap Comparison of EAP Authentication TypesAppendix E Wireless LANs 369 Security Parameters Summary Wireless Security Relational Matrix370 Appendix E Wireless LANs Name Protocol Ports Description Examples of ServicesAppendix F Services 371 372 Appendix F Services 2602HWL-DxA Series User’s Guide Examples of Services Appendix F Services 373 Vdolive TCP 374 Appendix F ServicesTftp UDP Sys Firewall Commands Sys Firewall CommandsAppendix G Firewall Commands 375 Command DescriptionPage Appendix H Triangle Route 377 Ideal SetupTriangle Route Problem 378 Appendix H Triangle Route Triangle Route SolutionsIP Aliasing Gateways on the WAN Side Appendix H Triangle Route 379 Gateways on the WAN SidePage LOG Message Description System Maintenance LogsAppendix I Log Descriptions 381 System Error Logs 2602HWL-DxA Series User’s Guide System Maintenance LogsAccess Control Logs 382 Appendix I Log Descriptions Packet Filter Logs 2602HWL-DxA Series User’s Guide TCP Reset LogsAppendix I Log Descriptions 383 TCP Maximum Incomplete in the Firewall Attack Alerts screen 384 Appendix I Log Descriptions 2602HWL-DxA Series User’s Guide Icmp Logs System forwarded web content Content Filtering LogsAttack Logs Appendix I Log Descriptions 385 386 Appendix I Log Descriptions 2602HWL-DxA Series User’s Guide Attack Logs802.1X Logs Icmp Notes ACL Setting NotesAppendix I Log Descriptions 387 Packet Direction Description 388 Appendix I Log Descriptions 2602HWL-DxA Series User’s Guide Icmp NotesSyslog Logs FSM Logs Callee Side FSM Logs Caller SidePstn Logs Appendix I Log Descriptions 389 Configuring What You Want the ZyXEL Device to Log Log CommandsRFC-2408 Isakmp Payload Types 390 Appendix I Log Descriptions Appendix I Log Descriptions 391 Displaying Logs 392 Appendix I Log Descriptions Log Command Example Appendix J Command Interpreter 393 Command SyntaxCommand Usage Page Appendix K Internal Sptgen 395 Configuration Text File FormatInternal Sptgen Overview 396 Appendix K Internal Sptgen Internal Sptgen FTP Download Example Appendix K Internal Sptgen 397 Internal Sptgen FTP Upload ExampleExample Internal Sptgen Screens Abbreviation Meaning Menu 1 General Setup398 Appendix K Internal Sptgen Dhcp Appendix K Internal Sptgen 399 400 Appendix K Internal Sptgen Appendix K Internal Sptgen 401 Menu 4 Internet Access Setup 402 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu 4 Internet Access Setup Appendix K Internal Sptgen 403 404 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu Appendix K Internal Sptgen 405 406 Appendix K Internal Sptgen Appendix K Internal Sptgen 407 Menu 15 SUA Server Setup 408 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu 15 SUA Server Setup Appendix K Internal Sptgen 409 Menu 21.1 Filter Set #1 410 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu 21.1 Filter Set #1 Appendix K Internal Sptgen 411 412 Appendix K Internal Sptgen Appendix K Internal Sptgen 413 2602HWL-DxA Series User’s Guide Menu 21.1 Filer Set #2 414 Appendix K Internal Sptgen Appendix K Internal Sptgen 415 416 Appendix K Internal Sptgen Appendix K Internal Sptgen 417 Menu 23 System Menus 418 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu 23 System MenusMenu 24.11 Remote Management Control Command Examples Command ExamplesAppendix K Internal Sptgen 419 FIN PVA InputPage Index 421 Index FCC 422 IndexDbpsk Http 182, 183 Index 423 Ofdm 424 IndexItsp QoS 41 Index 425 SIP URI 426 Index Vlan ID Index 427