Introduction to IPSec, VPN Overview | ZyXEL Communications P-2602

P-2602H(W)(L)-DxA Series User’s Guide

CH A P T E R 16

Introduction to IPSec

This chapter introduces the basics of IPSec VPNs.

16.1 VPN Overview

A VPN (Virtual Private Network) provides secure communications between sites without the expense of leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, authentication, access control and auditing technologies/services used to transport traffic over the Internet or any insecure network that uses the TCP/IP protocol suite for communication.

16.1.1 IPSec

Internet Protocol Security (IPSec) is a standards-based VPN that offers flexible solutions for secure data communications across a public network like the Internet. IPSec is built around a number of standardized cryptographic techniques to provide confidentiality, data integrity and authentication at the IP layer.

16.1.2 Security Association

A Security Association (SA) is a contract between two parties indicating what security parameters, such as keys and algorithms they will use.

16.1.3 Other Terminology

16.1.3.1 Encryption

Encryption is a mathematical operation that transforms data from "plaintext" (readable) to "ciphertext" (scrambled text) using a "key". The key and clear text are processed by the encryption operation, which leads to the data scrambling that makes encryption secure. Decryption is the opposite of encryption: it is a mathematical operation that transforms “ciphertext” to plaintext. Decryption also requires a key.

Chapter 16 Introduction to IPSec

215

Image 215

ZyXEL Communications P-2602 manual Introduction to IPSec, VPN Overview, Security Association, Other Terminology

Contents

2602HWL Series Page 2602HWL-DxA Series User’s Guide CopyrightDisclaimer Trademarks Certifications CertificationsViewing Certifications Safety Warnings Safety Warnings ZyXEL Limited Warranty ZyXEL Limited Warranty Customer Support Customer Support Norway Table of Contents Chapter VoIP Wizard And Example Chapter LAN Setup 107 141 156 Chapter Phone Usage 179 Chapter Firewall Configuration 193 Chapter VPN Screens 221 Chapter Static Route 249 Chapter System 289 Chapter Diagnostic 315 Appendix B Splitters and Microfilters 339 Appendix F Services 371 Appendix G Firewall Commands 375 Index 421 List of Figures List of Figures Bandwidth Management Wizard General Information Firewall Example Edit Rule Destination Address 205 Telecommuters Using Unique VPN Rules Example 246 FTP Session Example of Firmware File Upload 312 Peer-to-Peer Communication in an Ad-hoc Network 361 List of Tables List of Tables 139 228 333 389 2602HWL-DxA Series User’s Guide List of Tables User Guide Feedback PrefaceAbout This Users Guide Related Documentation Dslam Graphics Icons Key Getting To Know the ZyXEL Device Getting To Know the ZyXEL DeviceIntroducing the P-2602HWL-Dx Series Models Covered Adsl Standards FeaturesBuilt-in Switch High Speed Internet Access Auto Provisioning Zero Configuration Internet AccessAuto Firmware Upgrade Any IP Dynamic Jitter Buffer Content FilteringNetwork Address Translation NAT Media Bandwidth Management Universal Plug and Play UPnP Echo CancellationQoS Quality of Service Other PPPoE Features Wireless Features W models only External Antenna Ieee 802.11g+ Wireless LANWireless LAN MAC Address Filtering Wi-Fi Protected Access Internet Single User Account Internet AccessMaking Calls via Internet Telephony Service Provider Applications for the ZyXEL Device Make Peer-to-peer Calls Firewall for Secure Broadband Internet Access Firewall Application LAN to LAN Application Wlan LED Color Status Description PowerLEDs Ethernet Phone 1 2602HWL-DxA Series User’s Guide LEDsLED Color Status Description DSL Internet Introducing the Web Configurator Introducing the Web ConfiguratorWeb Configurator Overview Accessing the Web Configurator Password Screen Using The Reset Button Reset Button Title Bar Web Configurator Main Screen Icon Description Web Configurator Icons in the Title BarNavigation Panel Navigation Panel Summary Mgmt 2602HWL-DxA Series User’s Guide Navigation Panel SummaryVPN Status Bar Main WindowPage Introduction Internet and Wireless Setup WizardInternet Access Wizard Setup Internet and Wireless Setup Wizard Wizard Welcome Auto-Detection PPPoE Manual Configuration VCI Label DescriptionPPPoE VPI Internet Connection with PPPoE Internet Connection with RFC Internet Connection with PPPoA Internet Connection with Enet Encap Connection Test Failed-1 Connection Test Successful Wireless Connection Wizard Setup Wireless LAN Wireless LAN Setup Wizard Manually Assign a WPA key Manually Assign a WPA key Internet and Wireless Setup Wizard Manually Assign a WPA key Manually Assign a WEP key Manually Assign a WEP key Wireless LAN Setup 2602HWL-DxA Series User’s Guide VoIP Wizard And Example VoIP Wizard SetupVoIP Wizard And Example Wizard Welcome VoIP Wizard And Example Sample SIP Account Information VoIP Wizard Configuration SIP Registration Test 2602HWL-DxA Series User’s Guide VoIP Wizard Configuration VoIP Wizard Fail 2602HWL-DxA Series User’s Guide VoIP Wizard And Example Bandwidth Management Wizard Predefined Media Bandwidth Management ServicesMedia Bandwidth Management Setup Services Service Description Tftp Bandwidth Management Wizard Setup Click Bandwidth Management Setup Following fields describe the label in this screen Bandwidth Management Wizard Complete 2602HWL-DxA Series User’s Guide Bandwidth Management Wizard Status Screen Status Screens Ssid Status ScreenVPI/VCI Dhcp 253 This in Maintenance System Time Setting 2602HWL-DxA Series User’s Guide Status Screen SettingsCan change these in VoIP SIP SIP Settings Any IP Table Any IP Table Wlan Status W models onlyPacket Statistics Packet Statistics VoIP Statistics Status Screens VoIP Statistics VoIP Statistics Interval 2602HWL-DxA Series User’s Guide Status Screens Enet Encap WAN SetupWAN Overview Encapsulation VPI and VCI Multiplexing 6 NAT IP Address AssignmentNailed-Up Connection PPP Traffic Shaping Metric Variable Bit Rate VBR ATM Traffic ClassesConstant Bit Rate CBR Unspecified Bit Rate UBR Zero Configuration Internet AccessInternet Access Setup Encap or PPPoE Internet Access Setup Enet Encap in the Encapsulation field 2602HWL-DxA Series User’s Guide Internet Access Setup100 WAN Setup Enet Encap WAN Setup 101 Advanced Internet Access Setup WAN More Connections 102 WAN Setup Traffic Redirect WAN Setup 103 Traffic Redirect Example WAN Setup 105 WAN Backup SetupWAN Backup Setup 106 WAN Setup 2602HWL-DxA Series User’s Guide WAN Backup Setup LANs, WANs and the ZyXEL Device LAN SetupLAN Overview DNS Server Address Dhcp SetupIP Pool Setup 108 LAN Setup IP Address and Subnet Mask LAN Setup 109DNS Server Address Assignment Private IP Addresses RIP Setup110 LAN Setup Any IP LAN Setup 111Multicast How Any IP Works 112 LAN Setup LAN TCP/IP Configuring LAN IPConfiguring Advanced LAN Setup LAN Setup 113 TCP/IP 114 LAN Setup LAN Setup 115 Dhcp SetupDhcp Setup LAN Client List 2602HWL-DxA Series User’s Guide Dhcp Setup LAN Client List LAN Setup 117LAN IP Alias LAN IP Alias Physical Network & Partitioned Logical Networks LAN Setup 119 2602HWL-DxA Series User’s Guide 120 LAN Setup Wireless LAN 121 Wireless LANWireless Network Overview MAC Address Filter Wireless Security Overview122 Wireless LAN Ssid Weakest Strongest No Authentication Radius Server User AuthenticationTypes of Encryption for Each Type of Authentication Wireless LAN 123 One-Touch Intelligent Security Technology Otist Wireless Performance OverviewQuality of Service QoS 124 Wireless LAN Term Description Additional Wireless TermsWireless LAN 125 General Wlan Screen No Security 126 Wireless LAN WEP Encryption Screen Wireless LAN 127 3 WPA2-PSK 128 Wireless LAN Wireless LAN 129 Wireless WPA2-PSK 130 Wireless LAN 4 WPA2 Authentication Screen Wireless LAN 131 Wireless LAN Advanced Setup RTS/CTS Wireless LAN Advanced132 Wireless LAN 802.11g Only mode Otist Screen Wireless LAN 133Setup Key Type a key password 8 Ascii characters long Security Mode to WPA-PSK , and enter the Pre-Shared Key Example Wireless Client Otist Screen Start OTIST? Otist In Progress on the Wireless Device MAC Filter 136 Wireless LAN QoS Screen Wireless LAN 137 Policy Application Priority Configuration2602HWL-DxA Series User’s Guide Wireless LAN QoS Application Priority Configuration screen WWW Application Priority ConfigurationWireless LAN 139 FTP 2602HWL-DxA Series User’s Guide 140 Wireless LAN NAT Definitions Network Address Translation NAT ScreensNAT Overview NAT Definitions How NAT Works What NAT Does Network Address Translation NAT Screens 143 NAT ApplicationNAT Mapping Types 144 Network Address Translation NAT Screens NAT General SetupSUA Single User Account Versus NAT NAT Mapping Types Network Address Translation NAT Screens 145 Port Forwarding Configuring Servers Behind Port Forwarding Example Default Server IP AddressPort Forwarding Services and Port Numbers Network Address Translation NAT Screens 147 Configuring Port Forwarding 148 Network Address Translation NAT Screens Port Forwarding Rule Edit2602HWL-DxA Series User’s Guide Port Forwarding Network Address Translation NAT Screens 149 2602HWL-DxA Series User’s Guide Port Forwarding Rule SetupSIP ALG Page SIP Identities VoiceIntroduction to VoIP 11.2 SIP SIP Call Progression SIP Service DomainSIP Call Progression SIP Servers SIP Proxy Server SIP User Agent 154 Voice SIP Settings ScreenSIP Redirect Server SIP Register Server Server Port field Voice 155 11.5.1 G.711 Pulse Code ModulationVoice Coding 11.3.1 RTP Recording Custom Tones Pstn Call Setup SignalingMWI Message Waiting Indication Custom Tones IVR 158 Voice Advanced SIP Setup ScreenListening to Custom Tones Deleting Custom Tones VoIP SIP Settings Advanced Voice 159 160 Voice VoIP SIP Settings Advanced Voice 161 Dscp and Per-Hop Behavior Quality of Service QoSType Of Service ToS DiffServ Voice 163 VlanSIP QoS Screen Voice Activity Detection/Silence Suppression Echo CancellationPhone Pstn Line L models only SIP2 Analog Phone ScreenVoice 165 SIP1 166 Voice Advanced Analog Phone Setup Screen2602HWL-DxA Series User’s Guide Phone Analog Phone Dialing Interval Select in VoIP Phone Analog Phone Common Phone Settings ScreenVoice 167 Flash Key Supplementary Phone Services OverviewEurope Type Supplementary Phone Services European Flash Key Commands Voice 169 European Call HoldEuropean Call Waiting European Call Transfer USA Call Hold USA Type Supplementary ServicesUSA Flash Key Commands European Three-Way Conference USA Three-Way Conference Phone Region ScreenUSA Call Waiting USA Call Transfer 172 Voice Speed DialPeer-to-Peer Calls Dial Phone Book section Speed Dial ScreenVoice 173 174 Voice Incoming Call Policy Screen2602HWL-DxA Series User’s Guide Phone Book Speed Dial Voice 175 Phone Book Incoming Call Policy Incoming Call Number to the Forward to Number Pstn Line Screen L models only176 Voice Condition Voice 177 Pstn Line General 2602HWL-DxA Series User’s Guide 178 Voice Internal Calls Using Speed Dial to Dial a Telephone NumberPhone Usage Dialing a Telephone Number 180 Phone Usage Auto Firmware Upgrade Packet Filtering Firewalls FirewallsFirewall Overview Types of Firewalls 182 Firewalls Introduction to ZyXEL’s FirewallApplication-level Firewalls Stateful Inspection Firewalls Firewalls 183 Denial of ServiceDenial of Service Attacks Basics 2602HWL-DxA Series User’s Guide Common IP Ports Types of DoS Attacks Firewalls 185 SYN Flood Icmp Vulnerability Illegal Commands NetBIOS and Smtp Traceroute Stateful Inspection 188 Firewalls Stateful Inspection ProcessStateful Inspection on Your ZyXEL Device Firewalls 189 TCP Security13.5.4 UDP/ICMP Security 190 Firewalls Guidelines for Enhancing Security with Your FirewallUpper Layer Protocols Security In General Firewalls 191 Packet Filtering Vs FirewallPacket Filtering 192 Firewalls When To Use FilteringWhen To Use The Firewall Firewall Firewall Policies Overview Firewall ConfigurationAccess Methods Firewall Configuration 193 Security Ramifications Rule Checklist194 Firewall Configuration Rule Logic Overview Connection Direction Key Fields For Configuring Rules Alerts General Firewall PolicyLAN to WAN Rules WAN to WAN / Router , WAN to LAN Firewall Configuration 197Firewall Rules Summary Firewall General General screen 198 Firewall Configuration Firewall Configuration 199 Configuring Firewall Rules Firewall Edit Rule 200 Firewall Configuration Edit Firewall Configuration 201Firewall Edit Rule Range Address , Subnet Address and Any Address 202 Firewall Configuration Customized ServicesConfiguring a Customized Service Customized Services Example Firewall Rule Firewall Configuration 203 Edit Custom Port Example Firewall Example Rules Firewall Example Edit Rule Destination Address Firewall Configuration 205 206 Firewall Configuration Firewall Example Edit Rule Select Customized Services Threshold Values Firewall Configuration 207DoS Thresholds TCP Maximum Incomplete and Blocking Time 208 Firewall ConfigurationHalf-Open Sessions Label Description Default Values Configuring Firewall ThresholdsFirewall Configuration 209 Than the current Maximum Incomplete Low 210 Firewall Configuration2602HWL-DxA Series User’s Guide Firewall Threshold Not set Maximum Incomplete High to lower Configuring Keyword Blocking Content FilteringContent Filtering Overview Content Filter Keyword Configuring the Schedule Content Filtering 213 Configuring Trusted ComputersContent Filter Schedule 2602HWL-DxA Series User’s Guide 214 Content Filtering Security Association Introduction to IPSecVPN Overview IPSec Data Confidentiality Data Origin AuthenticationIPSec Architecture VPN Applications Introduction to IPSec 217 EncapsulationIPSec Algorithms Key Management 218 Introduction to IPSec Transport ModeTunnel Mode IPSec and NAT ESP Security Protocol Mode NATVPN and NAT Introduction to IPSec 219 2602HWL-DxA Series User’s Guide 220 Introduction to IPSec IPSec Algorithms AH Authentication Header ProtocolVPN Screens 17.1 VPN/IPSec Overview 222 VPN Screens My IP Address2602HWL-DxA Series User’s Guide AH and ESP VPN Screens 223 VPN Setup ScreenSecure Gateway Address Dynamic Secure Gateway Address 224 VPN Screens VPN Setup IKE screen to Keep AliveVPN Screens 225 226 VPN Screens 17.7 VPN, NAT, and NAT Traversal VPN Screens 227 ID Type and ContentRemote DNS Server Peer ID TYPE= CONTENT= Local ID Type and Content FieldsPeer ID Type and Content Fields Local ID TYPE= CONTENT= Editing VPN Policies ID Type and Content ExamplesPre-Shared Key 230 VPN Screens Edit VPN Policies 0.0 VPN Screens 231 232 VPN Screens 2602HWL-DxA Series User’s Guide Edit VPN Policies Secure Gateway Address field description VPN Screens 233 234 VPN Screens IKE Phases VPN Screens 235 Negotiation Mode 236 VPN Screens Configuring Advanced IKE SettingsDiffie-Hellman DH Key Groups Perfect Forward Secrecy PFS VPN IKE VPN Screens 237 238 VPN Screens 2602HWL-DxA Series User’s Guide Advanced VPN Policies VPN Screens 239 Manual Key SetupConfiguring Manual Key Security Parameter Index SPI SPI 240 VPN Screens VPN Screens 241 2602HWL-DxA Series User’s Guide VPN Manual Key 242 VPN Screens Viewing SA Monitor VPN Screens 243 VPN SA Monitor 244 VPN Screens Configuring Global SettingTelecommuter VPN/IPSec Examples Telecommuters Sharing One VPN Rule Example Fields Telecommuters Headquarters Telecommuters Using Unique VPN Rules ExampleVPN Screens 245 Telecommuters Headquarters 246 VPN Screens VPN Screens 247 VPN and Remote Management 2602HWL-DxA Series User’s Guide 248 VPN Screens Static Route 249 Configuring Static RouteStatic Route Static Route 250 Static Route Static Route Edit Static Route 251 Static Route Edit 2602HWL-DxA Series User’s Guide 252 Static Route Subnet-based Bandwidth Management Bandwidth ManagementBandwidth Management Overview Application-based Bandwidth Management Application and Subnet-based Bandwidth Management Example Application and Subnet-based Bandwidth ManagementScheduler Priority-based Scheduler Bandwidth Management 255 Maximize Bandwidth UsageFairness-based Scheduler Reserving Bandwidth for Non-Bandwidth Class Traffic 256 Bandwidth Management Maximize Bandwidth Usage ExamplePriority-based Allotment of Unused and Unbudgeted Bandwidth Maximize Bandwidth Usage Example Bandwidth Management Priorities Configuring SummaryBandwidth Management Priorities Fairness-based Allotment of Unused and Unbudgeted Bandwidth 258 Bandwidth Management Media Bandwidth Management Summary Bandwidth Management 259 Bandwidth Management Rule Setup Bandwidth Management Rule Configuration 260 Rule Configuration Bandwidth Management 261 Bandwidth Management Rule Configuration Bandwidth Management Monitor 262 Bandwidth Monitor Dynamic DNS Overview Dynamic DNS SetupConfiguring Dynamic DNS Dynamic DNS Setup 263 Dynamic DNS 264 Dynamic DNS Setup Dynamic DNS Setup 265 2602HWL-DxA Series User’s Guide 266 Dynamic DNS Setup Remote Management Limitations Remote Management ConfigurationRemote Management Configuration 267 Remote Management Overview Remote Management and NAT System Timeout21.2 WWW Remote Management WWW Configuring TelnetRemote Management Configuration 269 Telnet 270 Remote Management Configuration Configuring FTP Snmp Remote Management Configuration 271 Supported MIBs 272 Remote Management Configuration Snmp Traps Configuring SnmpRemote Management Configuration 273 Snmp Traps Remote Management Snmp 274 Remote Management Configuration Remote Management Configuration 275 Configuring DNSConfiguring Icmp Remote Management Icmp 276 Remote Management Configuration NAT Traversal How do I know if Im using UPnP?Universal Plug-and-Play UPnP Introducing Universal Plug and Play UPnP and ZyXEL Configuring UPnP Universal Plug-and-Play UPnP 279 Installing UPnP in Windows ExampleConfiguring UPnP Add/Remove Programs Windows Setup Communication Components Add/Remove Programs Windows Setup Communication Windows Optional Networking Components Wizard Network Connections 282 Universal Plug-and-Play UPnP Using UPnP in Windows XP Example Network Connections Internet Connection Properties Advanced Settings Add Internet Connection Properties Advanced Settings Internet Connection Status System Tray Icon 286 Universal Plug-and-Play UPnP Network Connections My Network Places Page System 289 General Setup and System NameGeneral Setup System 290 System System General Setup System 291 Time Setting 292 System 2602HWL-DxA Series User’s Guide System Time Setting System 293 2602HWL-DxA Series User’s Guide 294 System Alerts and Logs LogsLogs Overview Viewing the Logs 296 Logs Configuring Log Settings Logs 297 Log Settings 298 Logs 2602HWL-DxA Series User’s Guide Log Settings Logs 299 Smtp Error MessagesSmtp Error Messages Example E-mail Log 300 Logs Mail Log Example Tools 301 ToolsIntroduction Filename Conventions 302 Tools File Maintenance Over WANFirmware Upgrade Screen Filename Conventions Firmware Upgrade 304 Tools Backup and Restore Tools 305 Backup ConfigurationRestore Configuration Restore Configuration Configuration Upload Successful Restart Reset to Factory Defaults 308 Tools Using FTP or Tftp to Back Up ConfigurationUsing the FTP Commands to Back Up Configuration FTP Command Configuration Backup Example Command Description Configuration Backup Using GUI-based FTP ClientsBackup Configuration Using Tftp General Commands for GUI-based FTP Clients General Commands for GUI-based Tftp Clients Using FTP or Tftp to Restore ConfigurationTftp Command Configuration Backup Example Configuration Backup Using GUI-based Tftp Clients Tools 311 FTP and Tftp Firmware and Configuration File UploadsRestore Using FTP Session Example FTP File Upload Command from the DOS Prompt Example 312 Tools FTP Session Example of Firmware File UploadTftp File Upload Tools 313 Tftp Upload Command Example 2602HWL-DxA Series User’s Guide 314 Tools Diagnostic 315 DiagnosticGeneral Diagnostic DSL Line Diagnostic 316 Diagnostic Diagnostic DSL Line Signal coming into the ZyXEL Device from the ISP Diagnostic 317 2602HWL-DxA Series User’s Guide 318 Diagnostic Problems with the LAN TroubleshootingProblems Starting Up the ZyXEL Device Internet light is Problems with the WANTroubleshooting the WAN 320 Troubleshooting Pop-up Windows, JavaScripts and Java Permissions Problems Accessing the ZyXEL DeviceTroubleshooting Accessing Your Device Troubleshooting 321 Internet Explorer Pop-up Blockers 322 Troubleshooting Internet Options Troubleshooting 323 324 Troubleshooting JavaScripts Troubleshooting 325 326 Troubleshooting Java Permissions Troubleshooting 327 328 Troubleshooting Security Settings Java Troubleshooting 329 Telephone ProblemsTroubleshooting Telephone Outgoing Calls Problems With Multiple SIP Accounts Incoming Calls Incoming Calls Default 2602HWL-DxA Series User’s Guide 332 Troubleshooting Appendix a Product Specifications 333 Specification TablesDevice Specifications RIP I/RIP 2602HWL-DxA Series User’s Guide Firmware Specifications334 Appendix a Product Specifications NAT/SUA Appendix a Product Specifications 335WPA2 WMM 336 Appendix a Product Specifications 2602HWL Series Power Adaptor Specifications2602HWL Series Power Adaptor Specifications United Kingdom Plug Standards Appendix a Product Specifications 337Page Appendix B Splitters and Microfilters 339 Connecting a Pots SplitterTelephone Microfilters ZyXEL Device With Isdn Connecting a Microfilter Windows 95/98/Me Appendix C Setting up Your Computer’s IP Address 341 342 Appendix C Setting up Your Computer’s IP Address Installing Components Appendix C Setting up Your Computer’s IP Address 343 Configuring Windows 2000/NT/XP Verifying Settings344 Appendix C Setting up Your Computer’s IP Address Windows XP Control Panel Windows XP Start Menu Windows XP Local Area Connection Properties Windows XP Control Panel Network Connections Properties Appendix C Setting up Your Computer’s IP Address 347 Windows XP Advanced TCP/IP Settings Windows XP Internet Protocol TCP/IP Properties 348 Appendix C Setting up Your Computer’s IP Address Macintosh OS 8/9 Appendix C Setting up Your Computer’s IP Address 349 Macintosh OS 8/9 TCP/IP Macintosh OS Macintosh OS X Network Appendix C Setting up Your Computer’s IP Address 351Page Appendix D IP Addresses and Subnetting 353 Introduction to IP AddressesIP Address Classes and Hosts 354 Appendix D IP Addresses and Subnetting IP Address Classes and Network IDClasses of IP Addresses Allowed IP Address Range By Class Alternative Subnet Mask Notation Subnet MasksSubnetting Natural Masks IP/SUBNET Mask Network Number Host ID Example Two SubnetsTwo Subnets Example 356 Appendix D IP Addresses and Subnetting Appendix D IP Addresses and Subnetting 357 Example Four SubnetsSubnet 358 Appendix D IP Addresses and Subnetting Example Eight Subnets2602HWL-DxA Series User’s Guide Subnet Appendix D IP Addresses and Subnetting 359 Subnetting With Class a and Class B NetworksEight Subnets Class C Subnet Planning 360 Appendix D IP Addresses and Subnetting Class B Subnet Planning Appendix E Wireless LANs 361 Wireless LAN TopologiesAd-hoc Wireless LAN Configuration 362 Appendix E Wireless LANs Basic Service Set Channel Appendix E Wireless LANs 363 Fragmentation Threshold 364 Appendix E Wireless LANs Preamble Type Appendix E Wireless LANs 365 Types of Radius Messages 366 Appendix E Wireless LANsIeee EAP-MD5 Message-Digest Algorithm Types of AuthenticationAppendix E Wireless LANs 367 Peap Protected EAP EAP-TTLS Tunneled Transport Layer Service368 Appendix E Wireless LANs EAP-TLS Transport Layer Security EAP-MD5 EAP-TLS EAP-TTLS Peap Leap Comparison of EAP Authentication TypesAppendix E Wireless LANs 369 Security Parameters Summary Wireless Security Relational Matrix370 Appendix E Wireless LANs Name Protocol Ports Description Examples of ServicesAppendix F Services 371 372 Appendix F Services 2602HWL-DxA Series User’s Guide Examples of Services Appendix F Services 373 Vdolive TCP 374 Appendix F ServicesTftp UDP Command Description Sys Firewall CommandsSys Firewall Commands Appendix G Firewall Commands 375Page Appendix H Triangle Route 377 Ideal SetupTriangle Route Problem 378 Appendix H Triangle Route Triangle Route SolutionsIP Aliasing Gateways on the WAN Side Appendix H Triangle Route 379 Gateways on the WAN SidePage LOG Message Description System Maintenance LogsAppendix I Log Descriptions 381 382 Appendix I Log Descriptions 2602HWL-DxA Series User’s Guide System Maintenance LogsSystem Error Logs Access Control Logs TCP Maximum Incomplete in the Firewall Attack Alerts screen 2602HWL-DxA Series User’s Guide TCP Reset LogsPacket Filter Logs Appendix I Log Descriptions 383 384 Appendix I Log Descriptions 2602HWL-DxA Series User’s Guide Icmp Logs Appendix I Log Descriptions 385 Content Filtering LogsSystem forwarded web content Attack Logs 386 Appendix I Log Descriptions 2602HWL-DxA Series User’s Guide Attack Logs802.1X Logs Packet Direction Description ACL Setting NotesIcmp Notes Appendix I Log Descriptions 387 388 Appendix I Log Descriptions 2602HWL-DxA Series User’s Guide Icmp NotesSyslog Logs Appendix I Log Descriptions 389 FSM Logs Caller SideFSM Logs Callee Side Pstn Logs 390 Appendix I Log Descriptions Log CommandsConfiguring What You Want the ZyXEL Device to Log RFC-2408 Isakmp Payload Types Appendix I Log Descriptions 391 Displaying Logs 392 Appendix I Log Descriptions Log Command Example Appendix J Command Interpreter 393 Command SyntaxCommand Usage Page Appendix K Internal Sptgen 395 Configuration Text File FormatInternal Sptgen Overview 396 Appendix K Internal Sptgen Internal Sptgen FTP Download Example Appendix K Internal Sptgen 397 Internal Sptgen FTP Upload ExampleExample Internal Sptgen Screens Abbreviation Meaning Menu 1 General Setup398 Appendix K Internal Sptgen Dhcp Appendix K Internal Sptgen 399 400 Appendix K Internal Sptgen Appendix K Internal Sptgen 401 Menu 4 Internet Access Setup 402 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu 4 Internet Access Setup Appendix K Internal Sptgen 403 404 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu Appendix K Internal Sptgen 405 406 Appendix K Internal Sptgen Appendix K Internal Sptgen 407 Menu 15 SUA Server Setup 408 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu 15 SUA Server Setup Appendix K Internal Sptgen 409 Menu 21.1 Filter Set #1 410 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu 21.1 Filter Set #1 Appendix K Internal Sptgen 411 412 Appendix K Internal Sptgen Appendix K Internal Sptgen 413 2602HWL-DxA Series User’s Guide Menu 21.1 Filer Set #2 414 Appendix K Internal Sptgen Appendix K Internal Sptgen 415 416 Appendix K Internal Sptgen Appendix K Internal Sptgen 417 Menu 23 System Menus 418 Appendix K Internal Sptgen 2602HWL-DxA Series User’s Guide Menu 23 System MenusMenu 24.11 Remote Management Control FIN PVA Input Command ExamplesCommand Examples Appendix K Internal Sptgen 419Page Index 421 Index FCC 422 IndexDbpsk Http 182, 183 Index 423 Ofdm 424 IndexItsp QoS 41 Index 425 SIP URI 426 Index Vlan ID Index 427