ZyXEL Communications P-334W Table 16-9Rule Setup: Manual

Prestige 334W User’s Guide

	Table 16-9 Rule Setup: Manual

LABEL	DESCRIPTION

Active	Select this check box to activate this VPN policy.

IPSec Keying Mode	Select IKE or Manual from the drop-down list box. Manual is a useful option for
	troubleshooting if you have problems using IKE key management.
Protocol Number	Enter 1 for ICMP, 6 for TCP, 17 for UDP, etc. 0 is the default and signifies any
	protocol.

Local Address	The Local IP address must be static and correspond to the remote IPSec
	router's configured remote IP addresses.
	Two active SAs can have the same local or remote IP address, but not both.
	You can configure multiple SAs between the same local and remote IP
	addresses, as long as only one is active at any time.
Local Port Start	"0" is the default and signifies any port. Type a port number from 0 to 65535.
	Some of the most common IP ports are: 21, FTP; 53, DNS; 23, Telnet; 80,
	HTTP; 25, SMTP; 110, POP3.
Local Port End	Type a port number in this field to define a port range. This port number must
	be greater than that specified in the previous field. If Local Port Start is left at 0,
	Local Port End will also remain at 0.
Remote Address Start	Remote IP addresses must be static and correspond to the remote IPSec
	router's configured local IP addresses. The remote address fields do not apply
	when the Secure Gateway IP Address field is configured to 0.0.0.0. In this
	case only the remote IPSec router can initiate the VPN.
	Two active SAs cannot have the local and remote IP address(es) both the
	same. Two active SAs can have the same local or remote IP address, but not
	both. You can configure multiple SAs between the same local and remote IP
	addresses, as long as only one is active at any time.
	Enter a (static) IP address on the network behind the remote IPSec router.

Remote Address	When the remote IP address is a single address, type it a second time here.
End/Mask	When the remote IP address is a range, enter the end (static) IP address, in a

	range of computers on the network behind the remote IPSec router.
	When the remote IP address is a subnet address, enter a subnet mask on the
	network behind the remote IPSec router.

Remote Port Start	"0" is the default and signifies any port. Type a port number from 0 to 65535.
	Some of the most common IP ports are: 21, FTP; 53, DNS; 23, Telnet; 80,
	HTTP; 25, SMTP; 110, POP3.

16-28

VPN Screens

Contents

User’s Guide Copyright Copyright © 2004 by ZyXEL Communications Corporation Disclaimer Trademarks Notice Certifications Information for Canadian Users Caution Note ZyXEL Limited Warranty NOTE Page Customer Support Page Table of Contents Basic Setup Complete Media Bandwidth Management Setup Overview Media Bandwidth Management Setup Media Bandwidth Management Setup 3: Media Bandwidth Management Setup Complete Page Using NAT SUA Server Configuring Trigger Port Forwarding Static Route Overview Configuring IP Static Route Page Summary Screen NAT Traversal Pre-SharedKey Editing VPN Rules Configuring Advanced IKE Settings Page Configuring the PPTP Client Chapter 25 Remote Node Configuration Remote Node Profile Setup IP Static Route Setup General NAT Examples Page Uploading Firmware and Configuration Files Call Control Support Time and Date Setting Chapter 37 Call Scheduling IPSec Summary Screen G-1 H-1 J-1 K-1 L-1 Page List of Figures Page Page Page Page Page List of Tables Page Page Page Preface About This User's Manual Related Documentation User’s Guide Feedback Syntax Conventions Graphics Icons Key Part I: Getting Started Page Getting to Know Your Prestige 1.1Prestige Internet Security Gateway Overview 1.2Prestige Features 1.2.1Physical Features 10/100M Auto-negotiatingEthernet/Fast Ethernet Interface(s) 1.2.2Non-PhysicalFeatures Media Bandwidth Management IPSec VPN Capability Firewall IEEE 802.1x Network Security 802.11g Wireless LAN Standard Packet Filtering Universal Plug and Play (UPnP) Call Scheduling PPPoE Dynamic DNS Support IP Multicast IP Alias SNMP Network Address Translation (NAT) 1.3Applications for the Prestige 1.3.1Secure Broadband Internet Access via Cable or DSL Modem 1.3.2VPN Application 1.3.3Internet Access Application Page Introducing the Web Configurator 2.1Web Configurator Overview 2.2Accessing the Prestige Web Configurator 2.3Resetting the Prestige 2.3.1Procedure To Use The Reset Button 2.3.2Navigation Panel Page Page Page Wizard Setup 3.1Wizard Setup Overview 3.2Wizard Setup: General Setup and System Name 3.2.1Domain Name 3.3Wizard Setup: Screen 3.4Wizard Setup: Screen Figure 3-3Wizard 3: Wireless LAN Setup: Basic Security Table 3-2Wizard 3: Wireless LAN Setup: Basic Security 3.5Wizard Setup: Screen 3.5.1Ethernet Figure 3-5Wizard 4: Ethernet Encapsulation Table 3-4Wizard 4: Ethernet Encapsulation 3.5.2PPPoE Encapsulation Figure 3-6Wizard 4: PPPoE Encapsulation Table 3-5Wizard 4: PPPoE Encapsulation 3.5.3PPTP Encapsulation 3.6Wizard Setup: Screen 3.6.1WAN IP Address Assignment 3.6.2IP Address and Subnet Mask 3.6.3DNS Server Address Assignment 3.6.4WAN MAC Address Figure 3-8Wizard 5: WAN Setup Table 3-9Wizard 5: WAN Setup 3.7Basic Setup Complete Figure 3-9Wizard Finish Page Media Bandwidth Management Setup 4.1Media Bandwidth Management Setup Overview 4.2Media Bandwidth Management Setup 4.3Media Bandwidth Management Setup 4.4Media Bandwidth Management Setup 3: 4.5Media Bandwidth Management Setup Complete Part II: System, LAN, WLAN and WAN Page System Screens 5.1System Overview 5.2Configuring General Setup Table 5-1System General Setup 5.3Dynamic DNS 5.3.1 DynDNS Wildcard 5.4Configuring Dynamic DNS Figure 5-2DDNS Table 5-2DDNS 5.5Configuring Password 5.6Configuring Time Zone Figure 5-4Time Setting Table 5-4Time Setting Page LAN Screens 6.1LAN Overview 6.2DHCP Setup 6.2.1 IP Pool Setup 6.2.2 System DNS Servers 6.3.2 IP Address and Subnet Mask 6.3.3 RIP Setup 6.3.4 Multicast 6.4Any IP 6.4.1 How Any IP Works 6.5Configuring IP Figure 6-2IP Table 6-1IP Page Page 6.6Configuring Static DHCP 6.7Configuring IP Alias Table 6-3IP Alias Wireless Configuration and Roaming 7.1Wireless LAN Overview 7.1.1 IBSS 7.1.2 BSS 7.1.3 ESS 7.2Wireless LAN Basics 7.2.1 RTS/CTS 7.2.2 Fragmentation Threshold 7.3Configuring Wireless 7.4Configuring Roaming Figure 7-6Roaming Example 7.4.1 Requirements for Roaming Page Page Wireless Security 8.1Wireless Security Overview Figure 8-2Wireless: No Security Table 8-1Wireless: No Security 8.2Security Parameters Summary 8.3WEP Overview 8.3.1 Data Encryption 8.3.2 Authentication Figure 8-3WEP Authentication Steps 8.3.3 Preamble Type 8.4Configuring WEP Encryption Figure 8-4Wireless: Static WEP Encryption Table 8-3Wireless: Static WEP Encryption 8.5Introduction to WPA 8.5.1 User Authentication 8.5.2 Encryption 8.5.3 WPA-PSKApplication Example 8.6Configuring WPA-PSKAuthentication Figure 8-6Wireless: WPA-PSK Table 8-4Wireless: WPA-PSK If wireless station authentication is done using a RADIUS server, the reauthentication timer on the RADIUS server has 8.7Wireless Client WPA Supplicants 8.7.1 WPA with RADIUS Application Example 8.8Configuring WPA Authentication Figure 8-8Wireless: WPA Table 8-5Wireless: WPA 8.9802.1x Overview 8.10 Dynamic WEP Key Exchange 8.11 Configuring 802.1x and Dynamic WEP Key Exchange Figure 8-9Wireless: 802.1x and Dynamic WEP Table 8-6Wireless: 802.1x and Dynamic WEP 8.12 Configuring 802.1x and Static WEP Key Exchange Figure 8-10Wireless: 802.1x and Static WEP Table 8-7Wireless: 802.1x and Static WEP Page Page 8.13 Configuring Table 8-8Wireless: 802.1x and No WEP 8.14 MAC Filter Figure 8-12MAC Address Filter Table 8-9MAC Address Filter 8.15 Introduction to Local User Database 8.16 Configuring Local User Database 8.17 Introduction to RADIUS •Authentication •Accounting Types of RADIUS Messages •Access-Request 8.17.1 EAP Authentication Overview 8.18 Configuring RADIUS Page WAN Screens 9.1WAN Overview 9.2TCP/IP Priority (Metric) 9.3Configuring Route 9.4Configuring WAN ISP 9.4.1 Ethernet Encapsulation Figure 9-2Ethernet Encapsulation Table 9-2Ethernet Encapsulation 9.4.2 PPPoE Encapsulation Figure 9-3PPPoE Encapsulation Table 9-3PPPoE Encapsulation 9.4.3 PPTP Encapsulation 9.5Configuring WAN IP Figure 9-5WAN: IP Table 9-5WAN: IP Page Page 9.6Configuring WAN MAC 9.7Traffic Redirect 9.8Configuring Traffic Redirect Page Part III: SUA/NAT and Static Route Page Network Address Translation (NAT) Screens 10.1 NAT Overview 10.1.1 NAT Definitions 10.1.2 What NAT Does 10.1.3 How NAT Works 10.1.4 NAT Application 10.1.5 NAT Mapping Types Many Port numbers do not change for One-to-One and Many One-to-One NAT mapping types Table 10-2NAT Mapping Types 10.2 Using NAT 10.2.1 SUA (Single User Account) Versus NAT 10.3 SUA Server Default Server IP Address 10.3.1 Port Forwarding: Services and Port Numbers 10.3.2 Configuring Servers Behind SUA (Example) 10.4 Configuring SUA Server Figure 10-4SUA/NAT Setup Table 10-4SUA/NAT Setup 10.5 Configuring Address Mapping Figure 10-5Address Mapping Table 10-5Address Mapping Configuring Address Mapping 10.6 Trigger Port Forwarding 10.6.1 Trigger Port Forwarding Example 10.6.2 Two Points To Remember About Trigger Ports 10.7 Configuring Trigger Port Forwarding Page Page Static Route Screens 11.1 Static Route Overview 11.2 Configuring IP Static Route 11.2.1 Configuring Route Entry Figure 11-3Static Route: Edit Table 11-2Static Route: Edit Page Part IV: UPnP and Firewall Page UPnP 12.1 Universal Plug and Play Overview 12.1.1 How Do I Know If I'm Using UPnP 12.1.2 NAT Traversal 12.1.3 Cautions with UPnP 12.2 UPnP and ZyXEL 12.3 Configuring UPnP Figure 12-1Configuring UPnP Table 12-1Configuring UPnP 12.4 Installing UPnP in Windows Example 12.4.1 Installing UPnP in Windows Me 12.4.2 Installing UPnP in Windows XP Page 12.5 Using UPnP in Windows XP Example 12.5.1 Auto-discoverYour UPnP-enabledNetwork Device Step 3. In the Internet Connection Properties Add 12.5.2 Web Configurator Easy Access Step 1. Click Start and then Control Panel Step 2. Double-click Network Connections Step 3. Select My Network Places under Other Places Local Network Page Firewall 13.1 Introduction What is a Firewall Stateful Inspection Firewall About the Prestige Firewall 13.1.1 Guidelines For Enhancing Security With Your Firewall 13.2 Firewall Settings Screen Page 13.3 The Firewall, NAT and Remote Management 13.3.1 LAN-to-WANrules 13.3.2 WAN-to-LANrules 13.4 Configuring Content Filtering Figure 13-3Firewall: Filter Table 13-2Firewall: Filter 13.5 Services Figure 13-4Firewall: Service Table 13-3Firewall: Service Page Part V: Remote Management and VPN/IPSec Page Remote Management Screens 14.1 Remote Management Overview 14.1.1 Remote Management Limitations 14.1.2 Remote Management and NAT 14.1.3 System Timeout 14.2 Configuring WWW Figure 14-1Remote Management: WWW Table 14-1Remote Management: WWW 14.3 Configuring Telnet 14.4 Configuring TELNET Figure 14-3Remote Management: Telnet Table 14-2Remote Management: Telnet 14.5 Configuring FTP 14.6 SNMP SNMP is only available if TCP/IP is configured Figure 14-5SNMP Management Model 14.6.1 Supported MIBs 14.6.2 SNMP Traps 14.6.3 Configuring SNMP 14.7 Configuring DNS Figure 14-7Remote Management: DNS Table 14-6Remote Management: DNS 14.8 Configuring Security Page Introduction to IPSec 15.1 VPN Overview 15.1.1 IPSec 15.1.2 Security Association 15.1.3 Other Terminology 15.1.4 VPN Applications 15.2 IPSec Architecture 15.2.1 IPSec Algorithms 15.2.2 Key Management 15.3 Encapsulation 15.3.1 Transport Mode 15.3.2 Tunnel Mode 15.4 IPSec and NAT Page VPN Screens 16.1 VPN/IPSec Overview 16.2 IPSec Algorithms 16.2.1 AH (Authentication Header) Protocol 16.2.2 ESP (Encapsulating Security Payload) Protocol 16.3 My IP Address 16.4 Secure Gateway Address 16.4.1 Dynamic Secure Gateway Address 16.5 Summary Screen VPN Summary Figure 16-2VPN: Summary Table 16-2VPN: Summary 16.6 Keep Alive 16.7 NAT Traversal 16.7.1 NAT Traversal Configuration 16.7.2 Remote DNS Server 16.8 ID Type and Content 16.8.1 ID Type and Content Examples 16.9 Pre-SharedKey 16.10Editing VPN Rules Figure 16-5VPN: Rule Setup (Basic) Table 16-7VPN: Rule Setup (Basic) Page Page 16.11 IKE Phases Figure 16-6Two Phases to Set Up the IPSec SA 16.11.1Negotiation Mode 16.11.2Diffie-Hellman(DH) Key Groups 16.11.3Perfect Forward Secrecy (PFS) 16.12Configuring Advanced IKE Settings Figure 16-7VPN IKE: Advanced Table 16-8VPN IKE: Advanced Page Page Page Page 16.13Manual Key Setup 16.13.1Security Parameter Index (SPI) 16.14Configuring Manual Key Figure 16-8Rule Setup: Manual Table 16-9Rule Setup: Manual Page 16.15Viewing SA Monitor Page 16.16Configuring Global Setting 16.17Telecommuter VPN/IPSec Examples 16.17.1Telecommuters Sharing One VPN Rule Example 16.17.2Telecommuters Using Unique VPN Rules Example Figure 16-12Telecommuters Using Unique VPN Rules Example 16.18VPN and Remote Management Part VI: Logs, Media Bandwidth Management and Maintenance Page Centralized Logs 17.1 View Log 17.2 Log Settings Figure 17-2Log Settings Table 17-2log Settings Page Page Media Bandwidth Management 18.1 Bandwidth Management Overview 18.1.1 Application-basedBandwidth Management Example 18.1.2 Subnet-basedBandwidth Management Example 18.1.3 Application and Subnet-basedBandwidth Management Example 18.1.4 Bandwidth Usage Example 18.1.5 Bandwidth Management Priorities 18.1.6 Bandwidth Management Services 18.1.7 Services Page 18.2 Configuration Screen Figure 18-6Bandwidth Management Configuration Table 18-4Bandwidth Management Configuration 18.3 Editing Bandwidth Management Rules 18.3.1 Bandwidth Borrowing 18.4 Configuring Bandwidth Management Rules and Services Table 18-5Bandwidth Management Edit 18.5 Monitor Screen Figure 18-8Bandwidth Management Monitor Maintenance 19.1 Maintenance Overview 19.2 Status Screen 19.2.1 System Statistics Figure 19-2Maintenance System Statistics Table 19-2Maintenance System Statistics 19.3 DHCP Table Screen 19.4 Any IP Table 19.5 Association List 19.6 F/W Upload Screen Table 19-6Maintenance Firmware Upload Do not turn off the Prestige while firmware upload is in progress Firmware Upload in Process Figure 19-7Upload Warning Figure 19-8Network Temporarily Disconnected 19.7 Configuration Screen 19.7.1 Backup Configuration 19.7.2 Restore Configuration Table 19-7Maintenance Restore Configuration Do not turn off the Prestige while configuration file upload is in progress Figure 19-11Configuration Restore Successful Figure 19-12Temporarily Disconnected 19.7.3 Back to Factory Defaults 19.8 Restart Screen Figure 19-15System Restart Part VII: SMT General Configuration Page Introducing the SMT 20.1 SMT Introduction 20.1.1 Procedure for SMT Configuration via Console Port 20.1.2 Procedure for SMT Configuration via Telnet 20.1.3 Entering Password 20.1.4 Prestige SMT Menu Overview 20.2 Navigating the SMT Interface Table 20-1Main Menu Commands 20.2.1 System Management Terminal Interface Summary 20.3 Changing the System Password Menu 1 General Setup 21.1 General Setup 21.2 Procedure To Configure Menu Figure 21-1Menu 1 General Setup Table 21-1Menu 1 General Setup 21.2.1 Procedure to Configure Dynamic DNS Figure 21-2Menu 1.1 Configure Dynamic DNS Table 21-2Menu 1.1 Configure Dynamic DNS Page Page Menu 2 WAN Setup 22.1 Introduction to WAN 22.2 WAN Setup Page Menu 3 LAN Setup 23.1 LAN Setup 23.1.1 General Ethernet Setup 23.2 Protocol Dependent Ethernet Setup 23.3 TCP/IP Ethernet Setup and DHCP Page 23.3.1 IP Alias Setup Figure 23-4Physical Network & Partitioned Logical Networks Edit IP Alias Menu 3.2.1 - IP Alias Setup Figure 23-5Menu 3.2.1: IP Alias Setup 23.4 Wireless LAN Setup Figure 23-6Menu 3.5 Wireless LAN Setup Table 23-4Menu 3.5 Wireless LAN Setup to denote an ASCII key 23.4.1 Configuring MAC Address Filter Figure 23-8Menu 3.5.1 WLAN MAC Address Filter Table 23-5Menu 3.5.1 WLAN MAC Address Filter 23.4.2 Configuring Roaming on the Prestige Figure 23-10Menu 3.5.2 Roaming Configuration Table 23-6Menu 3.5.2 Roaming Configuration Internet Access 24.1 Introduction to Internet Access Setup 24.2 Ethernet Encapsulation Table 24-1Menu 4: Internet Access Setup (Ethernet) 24.3 Configuring the PPTP Client 24.4 Configuring the PPPoE Client 24.5 Basic Setup Complete Page Remote Node Configuration 25.1 Introduction to Remote Node Setup 25.2 Remote Node Profile Setup 25.2.1 Ethernet Encapsulation Figure 25-1Menu 11.1 Remote Node Profile for Ethernet Encapsulation Table 25-1Menu 11.1 Remote Node Profile for Ethernet Encapsulation Page 25.2.2 PPPoE Encapsulation Table 25-2Fields in Menu 11.1 (PPPoE Encapsulation Specific) 25.2.3 PPTP Encapsulation 25.3 Edit IP Page 25.4 Remote Node Filter 25.4.1 Traffic Redirect Setup Page Page Static Route Setup 26.1 IP Static Route Setup Figure 26-2Menu12.1 Edit IP Static Route Menu 12.1 – Edit IP Static Route Setup Table 26-1Menu12.1 Edit IP Static Route Page Page Dial-inUser Setup 27.1 Dial-inUser Setup Table 27-1Menu 14.1- Edit Dial-inUser Network Address Translation (NAT) 28.1 Using NAT 28.1.1 SUA (Single User Account) Versus NAT Choose Full Feature if you have multiple public WAN IP addresses for your Prestige Figure 28-1Menu 4 Applying NAT for Internet Access Menu 11.3 - Remote Node Network Layer Options 28.3 NAT Setup 28.3.1 Address Mapping Sets Figure 28-5Menu 15.1.255 SUA Address Mapping Rules Menu 15.1.255 is read-only Table 28-2SUA Address Mapping Rules User-DefinedAddress Mapping Sets Set Name Figure 28-6Menu 15.1.1 First Set If the Set Name field is left blank, the entire set will be deleted The Type, Local and Global Start/End IPs are configured in menu Table 28-3Menu 15.1.1 First Set No changes to the set take place until this action is taken Menu 15.1.1.1 - Address Mapping Rule Local Global Start/End IPs Figure 28-7Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set Table 28-4Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set 28.4 Configuring a Server behind NAT 28.5 General NAT Examples 28.5.1 Example 1: Internet Access Only 28.5.2 Example 2: Internet Access with an Inside Server 28.5.3 Example 3: Multiple Public IP Addresses With Inside Servers Figure 28-14NAT Example Menu 15.1 - Address Mapping Sets Edit Action Start IP Figure 28-15Example 3: Menu Figure 28-16Example 3: Menu Figure 28-17Example 3: Final Menu Step 9. Enter 2 in Menu 15 - NAT Setup 28.5.4 Example 4: NAT Unfriendly Application Programs Figure 28-19Example 4: Menu 15.1.1.1 Address Mapping Rule Figure 28-20Example 4: Menu 15.1.1 Address Mapping Rules 28.6 Configuring Trigger Port Forwarding Page Page Enabling the Firewall 29.1 Remote Management and the Firewall 29.2 Access Methods 29.3 Enabling the Firewall Figure 29-1Menu 21.2 Firewall Setup Use the web configurator or the command interpreter to configure the firewall rules Part VIII: SMT Advanced Management Page Filter Configuration 30.1 Introduction to Filters 30.1.1The Filter Structure of the Prestige Figure 30-2Filter Rule Process 30.2 Configuring a Filter Set Edit Comments Table 30-1Abbreviations Used in the Filter Rules Summary Menu 30.2.1 Configuring a Filter Rule 30.2.2 Configuring a TCP/IP Filter Rule TCP/IP Filter Rule Filter Type open Menu 21.1.1.1 - TCP/IP Filter Rule, as shown next Figure 30-6Menu 21.1.1.1 TCP/IP Filter Rule Table 30-3TCP/IP Filter Rule Page Page Figure 30-7Executing an IP Filter 30.2.3 Configuring a Generic Filter Rule Page 30.3 Example Filter Figure 30-10Example Filter: Menu 30.4 Filter Types and NAT 30.5 Firewall Versus Filters 30.6 Applying a Filter 30.6.1 Applying LAN Filters 30.6.2 Applying Remote Node Filters Figure 30-14Filtering Remote Node Traffic SNMP Configuration 31.1 About SNMP 31.2 Supported MIBs 31.3 SNMP Configuration Figure 31-2Menu 22 SNMP Configuration Table 31-1Menu 22 SNMP Configuration 31.4 SNMP Traps System Security 32.1 System Security 32.1.1 System Password 32.1.2 Configuring External RADIUS Server Figure 32-3Menu 23.2 System Security : RADIUS Server Table 32-1Menu 23.2 System Security : RADIUS Server Menu23 – System Security Figure 32-4Menu 23 System Security Step 2. Enter 4 to display Menu 23.4 – System Security – IEEE802.1x Figure 32-5Menu 23.4 System Security : IEEE802.1x Table 32-2Menu 23.4 System Security : IEEE802.1x Group Data Privacy TKIP WPA WPA Mixed Mode When you configure Key Management Protocol to WPA, the Authentication Databases must be RADIUS Only. You can only use the Local User Database with 802.1x Key Management Protocol Local User Database Only RADIUS Only System Information and Diagnosis 33.1 System Status Figure 33-2Menu 24.1 System Maintenance : Status Table 33-1System Maintenance: Status Menu Fields 33.2 System Information 33.2.1 System Information 33.2.2 Console Port Speed 33.3 Log and Trace 33.3.1 Syslog Logging Page Page 33.3.2 Call-TriggeringPacket 33.4 Diagnostic 33.4.1 WAN DHCP Table 33-4System Maintenance Menu Diagnostic Page Firmware and Configuration File Maintenance 34.1 Filename Conventions 34.2 Backup Configuration 34.2.1 Backup Configuration 34.2.2 Using the FTP Command from the Command Line 34.2.3 Example of FTP Commands from the Command Line 34.2.4 GUI-basedFTP Clients 34.2.5 TFTP and FTP over WAN Management Limitations 34.2.6 Backup Configuration Using TFTP 34.2.7 TFTP Command Example 34.2.8 GUI-basedTFTP Clients 34.3 Restore Configuration 34.3.1 Restore Using FTP 34.3.2 Restore Using FTP Session Example 34.4 Uploading Firmware and Configuration Files 34.4.1 Firmware File Upload 34.4.2 Configuration File Upload 34.4.3 FTP File Upload Command from the DOS Prompt Example 34.4.4 FTP Session Example of Firmware File Upload 34.4.5 TFTP File Upload 34.4.6 TFTP Upload Command Example Page System Maintenance 35.1 Command Interpreter Mode 35.1.1 Command Syntax 35.1.2 Command Usage 35.2 Call Control Support 35.2.1 Budget Management 35.2.2 Call History 35.3 Time and Date Setting Menu 24 - System Maintenance Figure 35-6Menu 24: System Maintenance Figure 35-7Menu 24.10 System Maintenance: Time and Date Setting 35.3.1 Resetting the Time Page Page Remote Management 36.1 Remote Management 36.1.1 Remote Management Limitations Call Scheduling 37.1 Introduction to Call Scheduling Menu 26.1 — Schedule Set Setup Figure 37-2Menu 26.1 Schedule Set Setup Duration Table 37-1Menu 26.1 Schedule Set Setup Main Menu PPPoA Figure 37-3Applying Schedule Set(s) to a Remote Node (PPPoE) Part IX: SMT VPN/IPSec Page VPN/IPSec Setup 38.1 VPN/IPSec Overview 38.2 IPSec Summary Screen Page Page 38.3 IPSec Setup Figure 38-4Menu 27.1.1 IPSec Setup Table 38-2Menu 27.1.1 IPSec Setup Page Page Page 38.4 IKE Setup Figure Page 38.5 Manual Setup 38.5.1 Active Protocol 38.5.2 Security Parameter Index (SPI) Figure 38-6Menu 27.1.1.2 Manual Setup Table 38-5Menu 27.1.1.2 Manual Setup Page Page SA Monitor 39.1 SA Monitor Overview 39.2Using SA Monitor Table 39-1Menu 27.2 SA Monitor Part X: Appendices and Index Page PPPoE Diagram A-1 Single-PCper Modem Hardware Configuration How PPPoE Works The Prestige as a PPPoE Client Diagram A-2The Prestige as a PPPoE Client Page PPTP Menu 15.2 - Server Set Setup PPTP Protocol Overview Diagram B-2PPTP Protocol Overview Control & PPP connections Diagram B-3Example Message Exchange between PC and an ANT Page NetBIOS Filter Commands Table C-1NetBIOS Filter Default Settings NetBIOS Filter Configuration Page Page Log Descriptions Chart 3 UPnP Logs Chart 4 Content Filtering Logs Chart 5 ICMP Type and Code Explanations Page Setting up Your Computer’s IP Address Page Properties Page Page Windows 2000/NT/XP Page Page Page Page Macintosh OS 8/9 TCP/IP Control Panel Macintosh OS Page Page Wireless LAN and IEEE Ad-hocWireless LAN Configuration Diagram F-1 Peer-to-PeerCommunication in an Ad-hocNetwork Infrastructure Wireless LAN Configuration Diagram F-2ESS Provides Campus-WideCoverage Page Wireless LAN With IEEE Diagram G-1Sequences for EAP MD5–ChallengeAuthentication Types of EAP Authentication Comparison of EAP Authentication Types Frequency Radiation Pattern Antenna Gain Types of Antennas For WLAN Positioning Antennas Appendix J Chart 6 Brute-ForcePassword Guessing Protection Commands Example Page Triangle Route Diagram K-2“Triangle Route” Problem The “Triangle Route” Solutions IP Aliasing Diagram K-3IP Alias Gateways on the WAN Side Diagram K-4Gateways on the WAN Side How To Configure Triangle Route: Page Index