ZyXEL Communications 645R Network Router User Manual
Contents
1. 13 2 13 4 Applying Schedule Sets to Remote Nodes esseroeseseseroesesesesoesosoesesececoesosesecoesororsesecoseesoroesee 13 3 Chapter 14 Troubles BoDlllig us ui eese ee vta eU dix pXk S Rx XXX ierse oti aaa Sa coke 14 1 14 1 Problems Starting Up the Prestige eee sees eres ee esee ee seen enean neta aetas tn stans ease ease tasto 14 1 14 2 Problems Telnetting into the Prestige eee esee esee eee einen aeneo sten tn setas essen sens enses tnn 14 1 14 3 Problems With the WAN Interface eese esee eee eee eese ee ene ta tns tn stata sees tn seta sensns tns en status 14 2 14 4 Problems With the LAN Interface e eeeeeee eese eese eese ene neta sns tn stata stesso seta sensn senatu sen tns 14 2 14 5 Problems Connecting to a Remote Node or ISP eere eee eee entes tenens tenens tatu nen 14 3 Appendix A VPI and RAO A Appendix B Power Adapter Specifications 4 Leere eee ettet eee eese tn atn tn seta tns en seta tuse ta sensa senatu an B On clu EE C MING OX sevice M K Table of Contents xi P645 ADSL Internet Access Router Figure 1 1 Internet Access Application List of Figures 1 4 1 5 Figure 1 2 LAN to LAN Application Figure 2 1 Prestige 645R Front Panel 2 1 Figure 2 2 Prest2. 5 6 Remote Node TCP IP Configuration Prestige P645 ADSL Internet Access Router FIELD DESCRIPTION EXAMPLE Multicast IGMP Internet Group Multicast Protocol is a session layer None protocol used to establish membership in a Multicast group The P645R supports both IGMP version 1 IGMP v1 and version 2 default IGMP v2 Press the SPACE BAR to enable IP Multicasting or select None default to disable it IP Policies You can apply up to four IP Policy sets from twelve by entering 3 4 5 6 their numbers separated by commas VPI VC based Enter the Virtual Path Identifier VPI number that your telephone 0 ENET ENCAP company supplies and RFC 1483 VCI VC based Enter the Virtual Channel Identifier VCI number that your 35 ENET ENCAP telephone company supplies and RFC 1483 Once you have completed filling in the Network Layer Options Menu press ENTER to return to menu 11 Press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC at any time to cancel 5 1 2 Static Route Setup Static routes tell the Prestige routing information that it cannot learn automatically through other means This can arise in cases where RIP is disabled on the LAN or a remote network is beyond the one that is directly connected to a remote node Each remote node specifies only the network to which the gateway is directly connected and the Prestige has no knowle
3. Appendix A VPI and VCI A Prestige 645 ADSL Internet Access Router Appendix B Power Adapter Specifications NORTH AMERICAN PLUG STANDARDS AC Power Adapter Model DV 121AACS Input Power AC120Volts 60Hz 23W Output Power AC12Volts 1 0A Power Consumption 10W Safety Standards UL CUL UL 1310 CSA C22 2 No 223 EUROPEAN PLUG STANDARDS AC Power Adapter Model DV 121AACUP 5716 Input Power AC230Volts 50Hz 19W Output Power AC12Volts 1 0A Power Consumption 10 W Safety Standards TUV CE EN 61558 CHINESE PLUG STANDARDS AC Power Adapter Model DV 121AACCP 5720 Input Power AC220Volts 50Hz 18W Output Power AC12Volts 1 0A Power Consumption 10 W Safety Standards CCEE GB8898 Appendix B Power Specifications Prestige 645 ADSL Internet Access Router 10BaseT ADSL ATM Backbone Bandwidth Bit Byte CDR CHAP Client crossover Ethernet cable CSU DSU Glossary The 10 Mbps baseband Ethernet specification that uses two pairs of twisted pair cabling Category 3 or 5 one pair for transmitting data and the other for receiving data Asymmetrical Digital Subscriber Line is an asymmetrical technology meaning that the downstream data rate is much higher than the upstream data rate ADSL operates in a frequency range that is above the frequency range of voice services so the two systems can operate over the same cable
4. Figure 8 18 Filtering Remote Node Traffic PPPoE Encapsulation 8 20 Filter Configuration Prestige 645 ADSL Internet Access Router Chapter 9 SNMP Configuration This chapter discusses SNMP Simple Network Management Protocol for network management and monitoring SNMP is only available if TCP IP is configured 9 1 About SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network devices SNMP is a member of TCP IP protocol suite Your Prestige supports SNMP agent functionality which allows a manager station to manage and monitor the Prestige through the network The Prestige supports SNMP version one SNMPv1 The next figure illustrates an SNMP management operation SNMP is only available if TCP IP is configured MANAGER AGENT Managed Device Managed Device Managed Device Figure 9 1 SNMP Management Model SNMP Configuration 9 1 Prestige 645 ADSL Internet Access Router An SNMP managed network consists of two main components agents and a manager An agent is a management software module that resides in a managed device the Prestige An agent translates the local management information from the managed device into a form compatible with SNMP The manager is the console through which network administrators perform network management functions It executes applications that control and monitor man
5. scssccssscsscssscscscsssssssssssscssscssscsscsssesesenecssecssessscssecsseesscssscsssessseeees 3 11 3 9 1 Using PPP Encapsulation 5 e noD mne pem De ED DIE ea 3 11 3 9 2 Using RFC 1483 Encapsulation 5 onere other epo reer tre 3 11 3 9 3 Using ENET ENCAP Encapsulation s cesscesscssetesseesdesssasosessensnsnssnasoevcsesceessdesenasesessenss 3 11 3 10 Internet Access Configuration 4 eeeeeee eese esee esee eese ee ette seines esses etos etas e tps e ease ease taste soo 3 11 3 11 Single User ACCOUM m 3 14 BAVA Advantages of SUA uestem e sale UR ertet a ee biel oe eren 3 15 3 11 2 Single User Account Configuration seseeeeeeeeeeeeeeeee nennen nennen eene enne 3 16 3 12 Multiple Servers behind SUA eese eee eee esee eee ente tn tasse tata sint tn tassa taste tasse en en suntun 3 17 3 12 1 Configuring a Server behind SUA sessssssessseseeeeeeeeee eene enne nennen nennen 3 17 Chapter 4 Remote Node Configuration e eee ee e eee eee ee ee eese eene tente netten 4 1 4 1 Remote Node Setup er 4 1 4 1 1 Remote Node Profile Re RR RE Ie rete EM ee ck ERR Eee chee 4 1 4 1 2 Encapsulation amp Multiplexing Scenarios sees 4 2 4 1 3 Outgoing Authentication Protocol sese 4 4 4 1 4 Editing guo 4 5 4 1 5 Remote Node Filter a oer rete thasst tuned ni PER ciere tutes e
6. Edit IP IPX Bridge menu 11 1 Press the SPACE BAR to change it to Yes and press ENTER to go to Menu 11 3 Remote Node Network Layer Options Dial On Broadcast This field is necessary for your Prestige on the caller side LAN When set to Yes Timeout min menu 11 3 menu 11 3 any broadcasts coming from the LAN will trigger your Presige to make a call to this remote node If it is set to No your Prestige will not make the outgoing call Ethernet Addr In this field enter the time number of minutes that you wish your Prestige 645R to retain the Ethernet Addr information in its internal tables while the line is down If this information is retained your Prestige 645R will not have to recompile the tables when the line is brought back up Bridging Setup 7 3 Prestige P645 ADSL Internet Access Router Once you have completed filling in the Network Layer Options Menu press ENTER to return to menu 11 1 Then press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC to cancel 7 3 Bridge Static Route Setup Similar to network layer static routes a bridging static route tells the Prestige 645R about the route to a node before a connection is established You configure bridge static routes in menu 12 3 1 by pressing 3 in menu 12 and then selecting one of the bridge static routes as shown below Menu 12 3 Bridge Static Route Setup Enter
7. Figure 11 8 FTP Session Example Xiv List of Figures P645 ADSL Internet Access Router Figure 12 1 IP Routing Policy Setup 12 2 Figure 12 2 Menu 25 1 Sample IP Routing Policy Setup 12 3 Figure 12 3 IP Routing Policy 12 4 Figure 12 4 Menu 3 2 TCP IP and DHCP Ethernet Setup 12 6 Figure 12 5 Menu 11 3 Remote Node Network Layer Options 12 6 Figure 12 6 Example of IP Policy Routing 12 7 Figure 12 7 IP Routing Policy Example 12 8 Figure 12 8 IP Routing Policy 12 9 Figure 12 9 Applying IP Policies 12 9 Figure 13 1 Schedule Setup 13 1 Figure 13 2 Schedule Set Setup 13 2 Figure 13 3 Applying Schedule Sets to a Remote Node Example PPPoE Encapsulation 13 4 Diagram 1 VBES amp MCLS eed eie Rete re Hee REI ee ne tore Rer ee eres I List of Figures XV P645 ADSL Internet Access Router Table 2 1 Front Panel LED Description List of Tables 2 1 Table 2 2 Main Menu Commands 2 6 2 8 Table 2 3 Main Menu Summary Table 2 4 General Setup Menu Fields 2 10 Table 3 1 DHCP Ethernet Setup Menu Fields 3 6 Table 3 2 TCP IP Ethernet Setup Menu Fields 3 6 Table 3 3 IP Alias Setup Menu Fields 3 8 Table 3 4 Internet Account Information 3 12 Table 3 5 Internet Access Setup Menu Fields 3 13 Table 3 6 Single User Account Menu Fields 3 16 Table 3 7 Services vs Port number 3 18 Table 4 1 Remote Node Profile Menu Fields 4 3
8. Prestige 645 ADSL Internet Access Router Chapter 10 System Maintenance This chapter covers the diagnostic tools that help you to maintain your Prestige The diagnostic tools include updates on system status port status log and trace capabilities and upgrades for the system software This chapter describes how to use these tools in detail Select menu 24 in the main menu to open Menu 24 System Maintenance as shown below Menu 24 System Maintenance System Status System Information and Console Port Speed Log and Trace Diagnostic Backup Configuration Restore Configuration Upload Firmware Command Interpreter Mode 0 Time and Date Setting rH o0 JoU 40 ND Enter Menu Selection Number Figure 10 1 Menu 24 System Maintenance 10 1 System Status The first selection System Status gives you information on the status and statistics of the ports as shown below System Status is a tool that can be used to monitor your Prestige Specifically it gives you information on your ADSL line status number of packets sent and received To get to the System Status enter number 24 to go to Menu 24 System Maintenance From this menu select number 1 System Status There are two commands in Menu 24 1 System Maintenance Status Entering 1 resets the counters and ESC takes you back to the previous screen The table below describes the fields present in Menu 24 1 System Maintenance Status It should b
9. 4 eeeeeee eese esee eee ee seen ette seta attese teens seas etas e tas etas etas e ease taste sea 8 9 8 3 1 TCP IP Filter Rule atti tuii ede e E e PNE 8 9 8 3 2 Generics Filter Rule nn eee eere ee efte o ect esent 8 13 8 3 3 Novell IPX Filter Rule 5 node eee endete ees 8 15 84 Example Filter i sees cesasessessesseusesescsonssasdeucbsassdvasseussccsctasenssasesteapssveasescasstectiiece 8 16 8 5 Filter Types and SUA H 8 18 8 6 Applying a Filter and Factory Defaults ccscscsccsscssscscssscscssscssscssssscssecssessscsseessesssees 8 19 8 6 1 Ethernet tr tfic eec chat enm E ken ee 8 19 8 6 2 Remote Node Filters itr eese tee PR PI 8 20 Chapter 9 SNMP Configuration iiis ss ern preeh sn ee arde erae eaa oak eee Y Va quedar ana Yonne PERSA 9 1 LS ME niei isties cosest ES oase e ES S PEE OVEST SECESE 9 1 9 2 Supported MIBS siscsssssssscsisssscnasevensvessessseasecssonssoassoascossoasesassessaddecesdussbusooasaevesass nsesessoveaseasssssusoos 9 2 9 3 Config rmg SNMP wississccssassccsccescesssoesiessosvassessgedscuscasssnseshedes seed soossussdasscescesseoeshooss TUR sias PEN Sb dein sS 9 2 Table of Contents ix P645 ADSL Internet Access Router DAL SSNMBPSPPADpS Mee 9 4 Chapter 10 System Maintenance ccccsccccsssccsssscssssscesensccssnsccssccessncccsssscssssceesssceesseees 10 1 101 System St UC 10 1 10 2 System Information and Console Port s
10. Type a number from 1 to 6 to display Menu 25 1 1 IP Routing Policy see the next figure This menu allows you to configure a policy rule Policy Set Name test Active Yes Criteria IP Protocol 6 Type of Service Normal Precedence 0 Source addr start 1 1 1 1 port start 20 Destination addr start 2 2 2 2 port start 20 Action Matched Menu 25 1 1 IP Routing Policy Packet length 40 Len Comp N A end 1 1 1 1 end 20 end 2 2 2 2 end 20 Gateway addr 192 168 1 1 Log No Type of Service Max Thruput Precedence 0 Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 12 3 IP Routing Policy Table 12 2 IP Routing Policy FIELD DESCRIPTION Policy Set Name This is the policy set name assigned in Menu 25 IP Routing Policy Setup Active Press SPACE BAR to select Yes to activate the policy Criteria IP Protocol IP layer 4 protocol e g UDP TCP ICMP etc Type of Service Prioritize incoming network traffic by choosing from Don t Care Normal Min Delay Max Thruput or Max Reliable Precedence Precedence value of the incoming packet Values are 0 to 7 or Don t Care Packet Length Type the length of incoming packets in bytes The operators in the Len Comp next field apply to packets of this length Len Comp Press SPACE BAR to choose from Equal Not Equal Less Greater Less or Equal or Greater or Equal Sou
11. 11 3 Restore Configuration Menu 24 6 System Maintenance Restore Configuration allows you to restore the configuration via FTP or TFTP to your Prestige The preferred method is FTP Note that this function erases the current configuration before restoring the previous backup configuration please do not attempt to restore unless you have a backup configuration stored on disk To restore configuration using FTP or TFTP is the same as Configuration and Firmware File Maintenance 11 5 Prestige 645 ADSL Internet Access Router uploading the configuration file please refer to the following sections on FTP and TFTP file transfer for more details The Prestige restarts automatically after the file transfer is complete Menu 24 6 Restore Configuration To transfer the firmware and the configuration file follow the procedure below Launch the FTP client on your workstation Type open and the IP address of your router Then type root and SMT password as requested Type put backupfilename rom 0 where backupfilename is the name of your backup configuration file on your workstation and rom spt is the Remote file name on the router This restores the configuration to your router 4 The system reboots automatically after a successful file transfer For details on FTP commands please consult the documentation of your FTP client program For details on restoring using TFTP note that you must remain in the menu to back
12. Filter Configuration 8 19 Prestige 645 ADSL Internet Access Router 8 6 2 Remote Node Filters Go to Menu 11 5 shown below note that call filter sets are only present for PPPoE encapsulation and enter the number s of the filter set s as appropriate You can cascade up to four filter sets by entering their numbers separated by commas The factory default filter set NetBIOS WAN can be applied in Menu 11 5 to block local NetBIOS traffic from triggering calls to the ISP when you are using PPPoE encapsulation only Enter 1 in the protocol filters field under Call Filter Sets when using PPPoE encapsulation and in protocol filters under Output Filter Sets protocol filters when using Ethernet encapsulation The factory default filter set 6 FTP TELNET WEB is inserted in the protocol filters field under Input Filter Sets in menu 11 5 to block FTP Telnet HTTP and TFTP traffic from coming into the WAN port Filter set 4 PPPoE blocks PPP connections from the WAN Port Apply them as shown in the following figure Default filter 6 is already applied Menu 11 5 Remote Node Filter Input Filter Sets protocol filters 6 device filters Output Filter Sets protocol filters 4 device filters Call Filter Sets Apply Default Filters 1 and 4 here Enter 1 in protocol filters under Output Filter Sets when using Ethernet encapsulation protocol filters 1 device filters Enter here to CONFIRM or ESC to CANCEL
13. Table 4 2 Remote Node PPP Options Menu Fields 4 5 Table 5 1 TCP IP related fields in Remote Node Profile 5 5 5 6 Table 5 2 TCP IP Remote Node Configuration Table 5 3 Edit IP Static Route Menu Fields 5 9 Table 6 1 Novell IPX Ethernet Setup Fields 6 4 Table 6 2 Remote Node Novell IPX Options 6 6 Table 6 3 Edit IPX Static Route Menu Fields 6 8 Table 7 1 Bridge Ethernet Setup Menu Handle IPX Field Configuration Table 7 2 P645R Remote Node Network Layers Menu Bridge Options 7 2 7 3 Table 7 3 Bridge Static Route Menu Fields 7 5 Table 8 1 Abbreviations Used in the Filter Rules Summary Menu 8 7 Table 8 2 Abbreviations Used If Filter Type Is IP 8 8 Table 8 3 Abbreviations Used If Filter Type Is IPX 8 9 Table 8 4 Abbreviations Used If Filter Type Is GEN 8 9 xvi List of Tables P645 ADSL Internet Access Router Table 8 5 TCP IP Filter Rule Menu Fields 8 10 Table 8 6 Generic Filter Rule Menu Fields 8 14 Table 8 7 IPX Filter Rule Menu Fields 8 15 Table 9 1 SNMP Configuration Menu Fields 9 3 Table 9 2 SNMP Traps 9 4 Table 10 1 System Maintenance Status Menu Fields 10 2 Table 10 2 Fields in System Maintenance Information 10 4 Table 10 3 System Maintenance Menu Syslog Parameters 10 6 Table 10 4 System Maintenance Menu Diagnostic 10 9 Table 11 1 Filename Conventions 11 2 Table 1
14. v Table 0f Contents vi List of QI EU M x List of Tables xiii PLefACE T xv Witat IS ADSES eise E D Ree ONE IR NES ET EH e loh e ved aue xvi Chapter 1 Getting to Know Your Prestige eres ee eese eee eese eene eene ee en ener tn ster tn setae sena 1 1 11 Prestige 645R ADSL Internet Access Router eee eese ee sees eee seen seen setate stats toss to ss enae 1 1 12 Features of the Prestige 645R eeeeee sees sees sees etes eite enean setas etas ta seta seta setas eas eo setas sense ena 1 1 Base ot InstallatiOn redire ette ipe reet ee erede tip ete oe eode pede eene etn 1 1 High Speed Internet ACCESS ne 560 5 eueteo eco HR AP RECE ETSE o DINI Per et PR 1 1 10 100Mbps Fast Ethernet LAN Interface sese een rene nennen 1 1 Protocols Supported noe pest oet e EDDIE eee EI 1 1 TPPO CY ROUTE eere ERE UR ERG A E ST 1 2 Call Scheduling det PRO Io HRUSO T DEED pO EREE E ER EE E ESEESE e SSE 1 2 Networking Compatibility sees neen eene tene trennen treten eene enne 1 2 M altplexing ien er ip HEU PER OE ER peru Ge Seon pit EM Ep 1 2 Encapsulation der Ret EPERERROPOB E UE EE Hp Ed 1 2 NAT SUA for single IP address Internet Access sese nennen nene 1
15. Address Resolution Protocol is a protocol for mapping an Internet Protocol address IP address to a physical machine address that is recognized in the local network Asynchronous Transfer Mode is a LAN and WAN networking technology that provides high speed transfer ATM uses fixed size packets of information called cells These cells can be switched more quickly and efficiently than variable length packets because they are all regular and predictable with no need for dealing with different sizes of packets A high speed line or series of connections that forms a major pathway within a network This is the capacity on a link usually measured in bits per second bps Binary Digit A single digit number in base 2 in other words either a or a zero The smallest unit of computerized data A set of bits that represent a single character There are 8 bits in a Byte Call Detail Record This is a name used by telephone companies for call related information Challenge Handshake Authentication Protocol is an alternative protocol that avoids sending passwords over the wire by using a challenge response technique A software program that is used to contact and obtain data from a Server software program on another computer Each Client program is designed to work with one or more specific kinds of Server programs and each Server requires a specific kind of Client A Web Browser is a specific kind of Client A cable that wires a pin to its opposi
16. General Ethernet Setup If you need to define filters please read the chapter on configuring filters first then return to this menu to define the filter sets The factory configured filters in SMT menu 21 3 are designed to block incoming telnet from the WAN DSL port Do not configure SMT menu 3 1 filter rules to block all telnet from the Ethernet This would block the telnet connection from your computer to the Prestige 2 11 Protocol Dependent Ethernet Setup Depending on the protocols for your applications you need to configure the respective Ethernet Setup as outlined below For TCP IP Ethernet setup refer to the Internet Access chapter For Novell IPX Ethernet setup refer to the IPX Configuration chapter For bridging Ethernet setup refer to the Bridging Setup Chapter Hardware Installation amp Setup 2 11 Prestige 645 ADSL Internet Access Router Chapter 3 Internet Access This chapter shows you how to configure the LAN as well as the WAN of your Prestige for Internet access 3 1 Factory Ethernet Defaults The Ethernet parameters of the Prestige are preset in the factory with the following values 1 IP address of 192 168 1 1 with subnet mask of 255 255 255 0 24 bits 2 DHCP server enabled with 32 client IP addresses starting from 192 168 1 33 These parameters should work for the majority of installations If the parameters are satisfactory you can skip to3 4 TCP IP Ethernet Setup and DHCP to ente
17. Step 3 Re type your new system password for confirmation and press ENTER Note that as you type a password the screen displays a for each character you type If you forget your password use the reset button to restore the default password of 1234 This will allow you to enter the SMT Then use the above instructions to set a new password 2 9 General Setup Menu 1 General Setup contains administrative and system related information To enter menu 1 and fill in the required information follow these steps Step 1 Enter in the main menu to open Menu 1 General Setup Step 2 The Menu 1 General Setup screen appears as shown below Fill in the required fields marked and turn on the individual protocols for your applications as explained in the following table Hardware Installation amp Setup 2 9 Prestige P645 ADSL Internet Access Router Menu 1 General Setup System Name HAL Location branch Contact Person s Name JohnDoe Route IP Yes Route IPX No Bridge No Press ENTER to Confirm or ESC to Cancel Figure 2 9 Menu 1 General Setup Table 2 4 General Setup Menu Fields FIELD DESCRIPTION EXAMPLE System Name Choose a descriptive name for identification purposes This name can be HAL up to 30 alphanumeric characters long Spaces are not allowed but dashes and underscores are accepted Location optional Enter the geographic location up to 31 cha
18. minutes that you want your Prestige 645R to spoof the watchdog response 6 6 IPX Configuration Prestige P645 ADSL Internet Access Router FIELD DESCRIPTION EXAMPLE SAP RIP Timeout min This field indicates the amount of time that you want your Prestige to maintain the SAP and RIP entries learned from this remote node in its internal tables after the connection has been dropped If this information is retained then your Prestige will not have to get the SAP information when the line is brought back up Enter the time number of minutes in this field Dial On Query This field is necessary for your Prestige on the client side When set to Yes any Get Service SAP or RIP broadcasts will trigger your Prestige to make a call to that remote mode No Once you have completed filling in the Network Layer Options Menu press ENTER to return to menu 11 1 Then press ENTER at the message Press ENTER to Confirm to save your configuration press ESC to cancel 6 4 2 IPX Static Route Setup Similar to IP IPX static routes tell the Prestige 645R how to reach servers beyond a remote node before a connection to that remote node is established From menu 12 select 2 to bring up Menu 12 2 IPX Static Route Setup then select one of the IPX Static Routes to open Menu 12 2 1 Edit IPX Static Route as shown next Menu 12 2 1 Edit IPX Static Route Route 3 Server
19. ADSL is asymmetric in the sense that it provides a higher downstream data rate transfer up to 8Mbps than in the upstream transfer up to 832 Kbps Asymmetric operation is ideal for typical home and small office use where files and information are downloaded more frequently than uploaded Advantages of ADSL 1 ADSL provides a private unlike cable telephone and modem services where the line is shared dedicated and secure channel of communications between you and your service provider 2 Because your line is dedicated not shared transmission speeds are not affected by other users With cable modems transmission speeds drop significantly as more users go on line because the line is shared 3 ADSL is always on connected This means that there is no time wasted dialing up the service several times a day and waiting to be connected ADSL is on standby ready for use whenever you need it What Is ADSL xix Getting Started Part Getting Started This part covers Getting to Know Your Prestige Hardware Indtallation and Setup and Internet Access Prestige 645 ADSL Internet Access Router Chapter 1 Getting to Know Your Prestige This chapter describes the key features and applications of your ADSL Internet Access Router 1 1 Prestige 645R ADSL Internet Access Router Your Prestige integrates a high speed 10 100Mbps auto negotiating LAN interface and a high speed ADSL port into a single package
20. Destination IP Address IP Subnet Mask Gateway IP Address Metric 2 Private No Press ENTER to Confirm or ESC to Cancel Figure 5 10 Menu 12 1 1 Edit IP Static Route The following table describes the fields for Menu 12 1 1 Edit IP Static Route Setup Table 5 3 Edit IP Static Route Menu Fields FIELD DESCRIPTION Route Name Enter a descriptive name for this route This is for identification purposes only Active Use the SPACE BAR to select Yes to activate or No to deactivate this static route Destination IP Address This parameter specifies the IP network address of the final destination Routing is always based on network number If you need to specify a route to a single host use a subnet mask of 255 255 255 255 in the subnet mask field to force the network number to be identical to the host ID IP Subnet Mask Enter the subnet mask for this destination Gateway IP Address Enter the IP address of the gateway The gateway is an immediate neighbor of your Prestige that will forward the packet to the destination On the LAN the gateway must be a router on the same segment as your Prestige over WAN the gateway must be the IP address of one of the remote nodes Remote Node TCP IP Configuration 5 9 Prestige P645 ADSL Internet Access Router FIELD DESCRIPTION Metric The metric represents the cost of transmission for routing purposes IP routing uses hop
21. Menu 21 1 1 IPX Filter Rule Filter 4 1 1 Filter Type IPX Filter Rule Active No IPX Packet Type Destination Network Node Socket Socket 4 Comp None Source Network Node Socket Socket 4 Comp None Operation N A More No Log None Action Matched Check Next Rule Action Not Matched Check Next Rule Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 8 13 Menu 21 1 1 IPX Filter Rule The following table describes the IPX Filter Rule Table 8 7 IPX Filter Rule Menu Fields FIELD DESCRIPTION IPX Packet Type Enter the IPX packet type 1 byte in hexadecimal you wish to filter The popular types are in hexadecimal 01 RIP 04 SAP 05 SPX Sequenced Packet eXchange 11 NCP NetWare Core Protocol 14 Novell NetBIOS Destination Source Enter the destination source network numbers 4 byte in Network hexadecimal of the packet that you wish to filter Filter Configuration 8 15 Prestige 645 ADSL Internet Access Router FIELD DESCRIPTION Destination Source Node Enter the destination source node number 6 byte in hexadecimal of the packet you wish to filter Destination Source Enter the destination source socket number 2 byte in Socket hexadecimal of the packets that you wish to filter Destination Source Select the comparison you wish to apply to the Socket Comp destination source socket in the pack
22. The Prestige is ideal for high speed Internet browsing and making LAN to LAN connections to remote networks 1 2 Features of the Prestige 645R Your Prestige is packed with a number of features that give it the flexibility to provide a complete networking solution for almost any user Ease of Installation Your Prestige is designed for quick intuitive and easy installation Physically its compact size and lightness make it easy to position anywhere in your busy office High Speed Internet Access The P645R ADSL router can support downstream transmission rates of up to 8Mbps and upstream transmission rates of 800 Kbps 10 100Mbps Fast Ethernet LAN Interface The P645R s 10 100M LAN interface enables fast data transfers of 10Mbps or 100Mbps in either half duplex or full duplex mode depending on your Ethernet network Protocols Supported TCP IP Transmission Control Protocol Internet Protocol network layer protocol PPP Point to Point Protocol link layer protocol Novel IPX Internetwork Packet eXchange network layer protocol Getting to Know Your Prestige 1 1 Prestige P645 ADSL Internet Access Router Transparent bridging for unsupported network layer protocols DHCP Client Server and Relay RIPIand RIP II IP Policy Routing IP Policy Routing IPPR provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator C
23. config rom See earlier in this chapter for more information on filename conventions Step 7 Enter quit to exit the ftp prompt 331 Enter PASS command Password 230 Logged in ftp bin 200 Type I OK ftp get rom 0 zyxel rom 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp 327680 bytes sent in 1 10Seconds 297 89Kbytes sec ftp quit Figure 11 2 FTP Session Example Configuration and Firmware File Maintenance 11 3 Prestige 645 ADSL Internet Access Router The following table describes some of the commands that you may see in third party FTP clients Table 11 2 General Commands for Third Party FTP Clients COMMAND DESCRIPTION Host Address Enter the address of the host server Login Type Anonymous This is when a user I D and password is automatically supplied to the server for anonymous access Anonymous logins will work only if your ISP or service administrator has enabled this option Normal The server requires a unique User ID and Password to login Transfer Type Transfer files in either ASCII plain text format or in binary mode Initial Remote Specify the default remote directory path Directory Initial Local Specify the default local directory path Directory FTP over WAN will not work if you have applied a filter in menu 11 5 WAN to block Telnet service 11 2 3 Backup Configuration Using TFTP The Presti
24. ftp gt bin 200 Type I OK ftp gt put firmware bin ras 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp 327680 bytes sent in 1 10Seconds 297 89Kbytes sec ftp gt quit Figure 11 8 FTP Session Example More commands that you may find in third party FTP clients are listed earlier in this chapter FTP over WAN will not work if you have applied a filter in menu 11 5 WAN to block Telnet service 11 4 4 TFTP File Upload The Prestige also supports the up downloading of the firmware and the configuration file using TFTP Trivial File Transfer Protocol over LAN Although TFTP should work over WAN as well it is not recommended To use TFTP your computer must have both telnet and TFTP clients To transfer the firmware and the configuration file follow the procedure shown next Step 1 Use telnet from your computer to connect to the Prestige and log in Because TFTP does not have any security checks the Prestige records the IP address of the telnet client and accepts TFTP requests only from this address Step 2 Put the SMT in command interpreter CI mode by entering 8 in Menu 24 System Maintenance Step 3 Enter the command sys stdio 0 to disable the SMT timeout so the TFTP transfer will not be interrupted Enter command sys stdio 5 to restore the five minute SMT timeout default when the file transfer is complete Step 4 Launch the TFTP client on your computer and connec
25. 0 0 Destination default Once you have completed filling in Menu 22 SNMP Configuration press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC to cancel SNMP Configuration 9 3 Prestige 645 ADSL Internet Access Router 9 4 SNMP Traps The Prestige will send traps to the SNMP manager when any one of the following events occurs Table 9 2 SNMP Traps TRAP TRAP NAME DESCRIPTION 1 coldStart defined in RFC 1215 A trap is sent after booting power on 2 warmStart defined in RFC 1215 Atrap is sent after booting software reboot 3 linkUp defined in RFC 1215 A trap is sent with the port number 4 authenticationFailure defined in A trap is sent to the manager when receiving any SNMP RFC 1215 get or set requirements with wrong community password 5 whyReboot defined in ZYXEL A trap is sent with the reason of restart before rebooting MIB when the system is going to restart warmstart 5a For intentional reboot A trap is sent with the message System reboot by user if reboot is done intentionally e g download new files Cl command sys reboot etc 5b For fatal error A trap is sent with the message of the fatal code if the system reboots because of fatal errors 6 linkDown defined in RFC 1215 A trap is sent with the port number when any of the links are down See the following table 9 4 SNMP Configuration
26. 2 Full Network Management ccccssssscsesssssssccesssrescoentsensccosssssnssseneessascoonesesnsceonseenssesensesnsesossenesns 1 2 PAP and CHAP Securnty inepte eene er pU IP 1 3 Filters nente PEE appear neegem pta a 1 3 Reset Button urere nem Eee PP EE EH n eia ben Ep EP 1 3 13 Applications for the Prestige 645R eere eese eee eee ee seen tn sten tn aetas n etas tn senses tastes notan 1 3 vi Table of Contents P645 ADSL Internet Access Router 1 3 1 Internet ACCESS iore eet e DK Siac temer e et ee Mae ee ae eee 1 3 Internet Single User ACCOUNT eec o et eee et tete Die sheet t Ee Us 1 4 1 3 2 LAN to LAN Application iere Die tern teste re or De Rceei meee 1 4 Chapter 2 Hardware Installation amp Initial Setup eee eee eee eee ener 2 1 2 Front Panel LEDs of the P645R eee esee ee seen eee eene een seta seta seta seta sete ste esse setas etas e ense enata 2 1 2 2 Prestige 645R Rear Panel and Connections eee eee e eee eee enses tn sten tn setas n sts en sena 2 2 2 2 1 Using the Reset BUON eire ener etre he peer e eet espe 2 2 2 2 2 Malkang the Connections ded eine ie meto OPE Dh ree teer ee iake 2 2 2 3 Additional Installation Requirements 4 eee ee esee esee ee eene enean etos etna e ense ta seta seta sense ta seta 2 3 2 4 Connecting the POTS Splitter crece e esee eee ee ee esee ee sete seine esto setas
27. 21 1 1 Generic Filter Rule as shown next Menu 21 1 1 Generic Filter Rule Filter 4 1 1 Filter Type Generic Filter Rule Active No Offset 0 Length 0 Mask N A Value N A More No Log None Action Matched Check Next Rule Action Not Matched Check Next Rule Press ENTER to Confirm or ESC to Cancel Figure 8 12 Menu 21 1 1 Generic Filter Rule The following table describes the fields in the generic filter rule menu Filter Configuration 8 13 Prestige 645 ADSL Internet Access Router Table 8 6 Generic Filter Rule Menu Fields FIELD DESCRIPTION EXAMPLE Filter This is the filter set filter rule co ordinates i e 1 1 refers to the first filter 1 1 set and the first filter rule of that set Filter Type Use the SPACE BAR to select a rule type from Generic Filter Rule Generic Filter TCP IP Filter Rule and IPX Filter Rule Parameters displayed below each Rule type will be different Active Select Yes to turn on the filter rule or No to turn the filter rule off Yes Offset Enter the starting byte of the data portion in the packet that you wish to 0 compare The range for this field is from 0 to 255 default Length Enter the byte count of the data portion in the packet that you wish to 0 compare The range for this field is 0 to 8 default Mask Enter the mask in Hexadecimal to apply to the data portion before comparison Value Enter the value in
28. 4 6 4 LAN to LAN Application with Novell IPX 4 eee eese eese eese eese ee nennen seta setas te sts eonato 6 5 6 4 1 IPX Remote Node Setup epist err ter e eet tpe eet r 6 5 6 4 2 IPX Static Route Set p i casse epe era eer ds loved Ege ede Eee este esa to gen ee eee dee 6 7 Chapter 7 Bridging Setitp sssccsissscsisessisvasassives n tario Dass ERU PIN I SUNSET EE TIRE ER FERRE ioia 7 1 7 1 Bridging in General ic csssssccssssssccsessscseassossossovassesedecosassenscessoascossssasenssendbonsessedseaesessessovessenseessve 7 1 7 2 Bridge Ethernet Sctup scc scsicssesscsecsrsesssvosocsessssvesasvassosnsessoasosocscososenssosesocsacesseesecsocessessossseasenssos 7 1 7 2 1 Remote Node Bridging Setup eeecessecsseceencecsseceseeeceaccssneeceaeceeneecsaeceseeesenaeceeeeeenaeeeees 7 2 7 3 Bridge Static Route Setup eee eee e eee eee ee seen ense en testas neta stata stesso seta sos eu seta sse tasa sena 7 4 Chapter 8 Filter Configuration siccssssscssnssssensvvssancsevssscsavavsenvessestasavasescagnssessaatoosdnsensenssansss 8 1 8 1 About Filtering cscsscssccscsscssssessscnsscsncscescsssnsssssnessesnesseseessessessssessessnessssnescessesssssnessesess 8 1 8 2 Configuring a Filter Set eee eee eee esses eese en ense teneas sasoie aeaeo erias sustenta sens enae 8 4 Filter Rules Summary Meni 6 nete e REEL ER OTROS E PD ERE ele Depas etie 8 7 8 3 Configuring a Filter Rule
29. 7 LAN 10 2 LAN to LAN 5 1 LED Indicators 2 1 Log and Trace 10 5 View Error Log 10 5 Log Facility 10 6 M MAC 7 1 Main Menu 2 8 Management Information Base MIB 9 2 Media Access Control See MAC Metric 5 6 5 10 Multiplexing LLC based 3 10 VC based 3 10 Multiplexing 1 2 3 9 3 12 3 13 4 3 5 1 LLC based 5 2 VC based 5 2 Multiprotocol Encapsulation 3 10 Index Prestige 645 ADSL Internet Access Router N NetWare Clients 6 3 NIC 2 3 Novell 6 1 O Online Registration iii P Packet triggered 10 6 10 7 PAP 4 3 Password 2 5 2 9 Password Default 2 2 Ping 10 9 policy based routing 12 1 Power Adapter 2 3 PPP 4 4 4 5 PPP log 10 6 10 8 Precedence 12 1 12 4 Private 5 6 5 10 private secure channel xix Protocols 2 10 Q Quality of Service 12 1 R RAS 12 2 Rear Panel 2 2 Remote DHCP Server 3 6 Remote Node 4 1 10 2 Profile 4 1 Setup 4 1 Restore Configuration 11 5 RIP 3 6 5 6 Route 4 3 Routing Information Protocol 3 2 Routing Policy Criteria 12 1 Routing Policy 12 1 S Schedule Set Setup 13 2 Schedule Sets Duration 13 2 Schedule Setup 13 1 Security 1 3 Seed Router 6 3 6 4 Service iii setup a schedule 13 2 Single User Account 3 13 See SUA SNMP 9 1 Configuring 9 2 Community 9 2 Trap 9 3 Trusted Host 9 3 Get 9 2 Manager 9 2 MIBs 9 2 Trap 9 2 Socket 6 8 Source Based Routing 12 1 Splitters 2
30. 8 1 Applying 8 19 Ethernet 8 19 Remote Node 8 20 Configuring a Filter Set 8 4 Filter log 10 6 Generic Rule 8 13 IPX Packet Types 8 15 IPX Rule 8 15 Remote Node 4 5 Rules 8 7 Structure 8 2 SUA 8 18 Index Prestige 645 ADSL Internet Access Router TCP IP 8 9 Filter log 10 8 Filters Executing a Filter Rule 8 2 Logic Flow of an IP Filter 8 12 Frame Relay 1 3 Frame Types 6 1 6 4 FTP File Transfer 11 7 Full Rate 2 3 G Gateway 5 9 6 8 7 5 General Setup 2 9 H Hop Count 6 6 6 8 I IANA 3 1 3 2 IGMP Internet Group Multicast Protocol 3 3 Interactive Applications 12 1 Internet Access xviii 1 1 1 2 1 3 1 4 2 8 2 11 3 1 3 11 3 12 3 13 3 16 5 6 Internet Assigned Numbers Authority See IANA IP Address 3 6 4 4 5 5 5 6 5 9 7 5 12 3 IP Address Assignment 3 11 ENET ENCAP 3 11 PPP 3 11 RFC 1483 3 11 IP Address Default 2 2 IP Alias 3 3 IP Alias Setup 3 7 IP Multicast 3 3 IP network number 3 1 IP Policies 12 5 IP Policy Routing IPPR 1 2 12 1 Applying an IP Policy 12 5 Benefits 12 1 Cost Savings 12 1 Ethernet IP Policies 12 5 Gateway 12 5 Load Sharing 12 1 IP Pool 3 4 IP Protocol 12 4 IP Routing Policy Setup 12 2 IP Routing Policy 12 4 IP Routing Policy Setup 12 3 IP static route 5 7 IPX 6 1 Ethernet Setup 6 4 LAN to LAN 6 5 Network Number 6 1 Node Number 6 1 Novell 6 5 Prestige 6 2 Remote Node Setup 6 5 Static Route 6
31. If this is the case enter the IP address assigned to the WAN port of your Prestige Note that this is the address assigned to your local Prestige WAN not the remote router If the remote router is a Prestige then this entry determines the local Prestige Rem IP Address in menu 11 1 see Table 5 1 Single User Account Use the SPACE BAR to select either Yes or No Set this field to Yes to enable the Single User Account feature for your Prestige See the section on Internet access for more information on the Single User Account feature No Metric The metric represents the cost of transmission for routing purposes IP routing uses hop count as the measurement of cost with a minimum of 1 for directly connected networks Enter a number that approximates the cost for this link The number need not be precise but it must be between 1 and 15 In practice 2 or 3 is usually a good number Private This parameter determines if the Prestige will include the route to this remote node in its RIP broadcasts If set to Yes this route is kept private and not included in RIP broadcast If No the route to this remote node will be propagated to other hosts through RIP broadcasts No RIP Direction Version Press the SPACE BAR to select the RIP direction from Both In Only Out Only or None Press the SPACE BAR to select the RIP version from RIP 1 RIP 2B RIP 2M Both default RIP 1 default
32. LLC based multiplexing In this case one VC carries multiple protocols with protocol identifying information being contained in each packet header Despite the extra bandwidth and processing overhead this method may be advantageous if it is not practical to have a separate VC for each carried protocol for example if charging heavily depends on the number of simultaneous VCs 3 8 Encapsulation Be sure to use the encapsulation method required by your ISP The Prestige supports the following methods 3 8 1 ENET ENCAP The MAC Encapsulated Routing Link Protocol ENET ENCAP is only implemented with the IP network protocol IP packets are routed between the Ethernet interface and the WAN interface and then formatted so that they can be understood in a bridged environment i e it encapsulates routed Ethernet frames into bridged ATM cells ENET ENCAP requires that you specify a gateway IP address in the Ethernet Encapsulation Gateway field in menu 4 and in the Rem IP Addr field in menu 11 1 You can get this information from your ISP 3 8 2 PPP Please refer to RFC 2364 for more information on PPP over ATM Adaptation Layer 5 AALS Refer to RFC 1661 for more information on PPP 3 8 3 RFC 1483 RFC 1483 describes two methods for Multiprotocol Encapsulation over ATM Adaptation Layer 5 AALS The first method allows multiplexing of multiple protocols over a single ATM virtual circuit LLC based multiplexing and the second method assumes that ea
33. Maintenance Upload System Upload System Firmware Upload Firmware Diagnostic Configuration File Menu 24 6 System Maintenance Restore Configuration Backup Configuration Figure 2 6 SMT Menu Overview Hardware Installation amp Setup 2 7 Prestige P645 ADSL Internet Access Router After you enter the password the SMT displays the Main Menu as shown next Getting Started 1 General Setup 3 Ethernet Setup Advanced Applications 11 Remote Node Setup 15 SUA Server Setup 4 Internet Access Setup 23i Copyright c 1994 2001 ZyXEL Communications Corp Prestige 645R Main Menu Advanced Management 21 Filter Set Configuration 22 SNMP Configuration System Password 24 System Maintenance 25 IP Routing Policy Setup 26 Schedule Setup 12 Static Routing Setup 99 Exit Enter Menu Selection Number Figure 2 7 SMT Main Menu 2 7 2 System Management Terminal Interface Summary Table 2 3 Main Menu Summary MENU TITLE DESCRIPTION 1 General Setup Use this menu to set up general information Ethernet Setup Use this menu to set up your LAN connection 4 Internet Access Setup This menu provides convenient set up for an Internet connection 11 Remote Node Setup Use this menu to configure the Remote Node s for LAN to LAN connection s including the Internet 12 Static Routing Setup Use this menu to set up static routes 15 SUA Server Setup Use th
34. Name Active Yes Network Node 000000000001 Socket 0451 Type 0004 Hop Count 2 Tick Count 3 Gateway Node 1 Press ENTER to CONFIRM or ESC to CANCEL Figure 6 6 Menu 12 2 1 Edit IPX Static Route IPX Configuration 6 7 Prestige P645 ADSL Internet Access Router The following table contains the instructions on how to configure the Edit IP Static Route Menu Table 6 3 Edit IPX Static Route Menu Fields FIELD DESCRIPTION Route The number of this static route that you chose in menu 12 2 Server Name In this field enter the name of the server This must be the exact name configured in the NetWare server Active Use the SPACE BAR to select Yes to activate or No to deactivate this IPX static route Network This field contains the internal network number of the remote server that you wish to access 00000000 or FFFFFFFF are reserved Node This field contains the address of the node on which the server resides If you are using a Novell IPX implementation this value is 000000000001 Socket This field contains the socket number on which the server will receive service requests The default for this field is hex 0451 Type This field identifies the type of service the server provides The default for this field is hex 0004 Gateway In this field enter the number of the remote node that is the gateway for this static Node route Hop Coun
35. System Maintenance Step 2 From this menu enter 4 to open Menu 24 4 System Maintenance Diagnostic The following table describes the diagnostic tests available in menu 24 4 for your Prestige and the connections Table 10 4 System Maintenance Menu Diagnostic FIELD DESCRIPTION Reset ADSL This command re initializes the ADSL link to the telephone company Ping Host This diagnostic test pings the host which determines the functionality of the TCP IP protocol on both systems and the links in between Reboot System This option reboots the Prestige Command Mode This option allows you to enter the command mode This mode allows you to diagnose and test your Prestige using a specified set of commands 10 5 Command Interpreter Mode The Command Interpreter CI is a part of the main system firmware The CI provides much of the same functionality as the SMT while adding some low level setup and diagnostic functions The CI can be entered from the SMT by selecting menu 24 8 Access is by Telnet For more detailed information on CI commands see the Support Notes on the Supporting CD Enter 8 from Menu 24 System Maintenance A list of valid commands can be found by typing help or at the command prompt Type exit to return to the SMT main menu when finished System Maintenance 10 9 Prestige 645 ADSL Internet Access Router Enter Menu Selection Number 8 Copyright c 1994 2001 ZyXEL Communic
36. Timer Idle Timer Figure 8 1 Outgoing Packet Filtering Process For incoming packets your Prestige applies data filters only Packets are processed depending upon whether a match is found The following sections describe how to configure filter sets The following sections describe how to configure filter sets Filter Configuration 8 1 Prestige 645 ADSL Internet Access Router The Filter Structure of the Prestige A filter set consists of one or more filter rules Usually you would group related rules e g all the rules for NetBIOS into a single set and give it a descriptive name The Prestige allows you to configure up to twelve filter sets with six rules in each set for a total of 72 filter rules in the system You cannot mix device filter rules and protocol filter rules within the same set Six sets of factory default filter rules have been configured in menu 21 to prevent NetBIOS traffic from triggering calls and to prevent incoming telnetting A summary of their filter rules is shown in the figures that follow and section 6 4 also has example The factory configured filters in SMT menu 21 3 are designed to block incoming telnet from the WAN DSL port Do not configure SMT menu 3 1 filter rules to block all telnet from the Ethernet This would block the telnet connection from your computer to the Prestige The following diagram illustrates the logic flow when executing a filter rule 8 2 Filter Configura
37. a period of up to two years from the date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials ZyXEL will at its discretion repair or replace the defective products or components without charge for either parts or labor and to whatever extent it shall deem necessary to restore the product or components to proper operating condition Any replacement will consist of a new or re manufactured functionally equivalent product of equal value and will be solely at the discretion of ZyXEL This warranty shall not apply if the product is modified misused tampered with damaged by an act of God or subjected to abnormal working conditions NOTE Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fitness for a particular use or purpose ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser To obtain the services of this warranty contact ZyXEL s Service Center for your Return Material Authorization number RMA Products must be returned Postage Prepaid It is recommended that the unit be insured when shipped Any returned products without proof of purchase or those with an out dated warranty will be repaired or replaced a
38. an action is taken else the packet is disposed of according to the action fields If More is Yes then Action Matched and Action Not Matched will be N A Log Select the logging option from the following None No packets will be logged None Action Matched Only packets that match the rule parameters will be logged Action Not Matched Only packets that do not match the rule parameters will be logged Both All packets will be logged Action Matched Select the action for a matching packet Choices are Check Next Rule Check Next Rule Forward and Drop Action Not Matched Select the action for a packet not matching the rule Drop Choices are Check Next Rule Forward and Drop Once you have completed filling in Menu 21 1 1 TCP IP Filter Rule press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC to cancel This data will now be displayed in Menu 21 1 Filter Rules Summary Filter Configuration 8 11 Prestige 645 ADSL Internet Access Router The following figure illustrates the logic flow of an IP filter Packet intolPFiler y Filter Active No Yes Y Apply SrcAddrMask to Src Addr 7 Check Sr Not Matched IP Addr Matched Y Apply DestAddrMask to Dest Addr 7 Check Dest IPAddr Not Matched an r Matched Qu S DEN Not Matched
39. computers are attached A LAN as its name implies is limited to a local area This has to do more with the electrical characteristics of the medium than the fact that many early LANs were designed for departments although the latter accurately describes a LAN as well LANs have different topologies the most common being the linear bus and the star configuration MAC On a local area network LAN or other network the MAC Media Access Control address is your computer s unique hardware number On an Ethernet LAN it s the same as your Ethernet address The MAC layer frames data for transmission over the network then passes the frame to the physical layer interface where it is transmitted as a stream of bits Multi A method that combines information from multiple connections into one connection for plexing transfer over an ATM circuit NAT Network Address Translation is the translation of an Internet Protocol address used within one network to a different IP address known within another network Network Any time you connect 2 or more computers together so that they can share resources you have a computer network Connect 2 or more networks together and you have an internet NIC Network Interface Card A board that provides network communication capabilities to and from a computer system Also called an adapter Node Any single computer connected to a network F Glossary Prestige 645 ADSL Internet Access Router PAP Port POTS
40. count as the measurement of cost with a minimum of 1 for directly connected networks Enter a number that approximates the cost for this link The number need not be precise but it must be between 1 and 15 In practice 2 or 3 is usually a good number Private This parameter determines if the Prestige will include the route to this remote node in its RIP broadcasts If set to Yes this route is kept private and not included in RIP broadcasts If No the route to this remote node will be propagated to other hosts through RIP broadcasts Once you have completed filling in the Edit IP Static Route press ENTER to return to menu 12 1 Press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC at any time to cancel 5 10 Remote Node TCP IP Configuration Prestige P645 ADSL Internet Access Router Chapter 6 IPX Configuration This chapter shows you how to configure the IPX parameters of the Prestige 6 1 IPX Network Environment Novell bundles the protocol stack the server software and routing functionality in their NetWare server products so a NetWare server is not only a file or print server it is also a router 6 1 1 Network and Node Number Every IPX machine has a network number and a node number together they form the complete address of the machine The IPX network number is a 32 bit quantity and is usually expressed in 8 hexadecimal digits e g 0893A8CF The host
41. drafting and subsequent review by interested parties Some RFCs are Glossary Prestige 645 ADSL Internet Access Router informational in nature Of those that are intended to become Internet standards the final version of the RFC becomes the standard and no further comments or changes are permitted Change can occur however through subsequent RFCs RIP Routing Information Protocol is an interior or intra domain routing protocol that uses distance vector routing algorithms RIP is used on the Internet and is common in the NetWare environment as a method for exchanging routing information between routers SAP In NetWare the SAP Service Advertising Protocol broadcasts information about available services on the network that other network devices can listen to A server sends out SAP messages every 60 seconds A server also sends out SAP messages to inform other devices that it is closing down Workstations use SAP to find services they need on the network Server A computer or a software package that provides a specific kind of service to client software running on other computers SNMP Simple Network Management Protocol is a popular management protocol defined by the Internet community for TCP IP networks It is a communication protocol for collecting information from devices on the network STP Twisted pair cable consists of copper core wires surrounded by an insulator Two wires are twisted together to form a pair and the pair f
42. headquarters as depicted in the following diagram 5 1 LAN to LAN Application Branch Office Corporate LAN LAN Prestige Prestige Figure 5 1 TCP IP LAN to LAN Application For the branch office you need to configure a remote node in order to dial out to the headquarters Additionally you may also need to define static routes if some services reside beyond the immediate remote LAN 5 1 1 Editing TCP IP Options Follow the steps below to edit Menu 11 3 Remote Node Network Layer Options shown next In menu 11 1 move the cursor to the Edit IP IPX Bridge then press the SPACE BAR to select Yes Press ENTER to open Menu 11 3 Network Layer Options There are two versions of menu 11 3 for the Prestige depending on whether you chose VC based or LLC based multiplexing in menu 11 1 Remote Node TCP IP Configuration 5 1 Prestige P645 ADSL Internet Access Router VC Based Multiplexing Remember that for VC based multiplexing by prior mutual agreement a protocol is assigned a specific virtual circuit e g VC1 will carry IP VC2 will carry IPX etc Menu 11 3 Remote Node Network Layer Options IPX Options Rem LAN Net N A My WAN Net N A IP Options Hop Count N A Rem IP Addr 0 0 0 0 Tick Count N A Rem Subnet Mask 0 0 0 0 W D Spoofing min N A IP Address Assignment Dynamic SAP RIP Timeout min N A My WAN Addr 0 0 0 0 Dial On Query N A Single User Account No VPI N A Metric
43. later use The following table is a summary Please note that the internal filename refers to the filename on the Prestige and the external filename refers to the filename not on the Prestige that is on your computer local network or ftp site and so the name but not the extension will vary After uploading new firmware see the ZyNOS F W Version field in Menu 24 2 1 System Maintenance Information to confirm that you have uploaded the correct firmware version Configuration and Firmware File Maintenance 11 1 Prestige 645 ADSL Internet Access Router Table 11 1 Filename Conventions FILE TYPE INTERNAL EXTERNAL DESCRIPTION NAME NAME Configuration Rom 0 rom This is the configuration filename on File the Prestige Uploading the rom 0 file replaces the entire ROM file system including your Prestige configurations system related data including the default password the error log and the trace log Firmware This is the generic name for the ZyNOS firmware on the Prestige 11 2 Backup Configuration Option 5 from Menu 24 System Maintenance allows you to backup the current Prestige configuration to your computer Backup is highly recommended once your Prestige is functioning properly FTP is the preferred method although TFTP can also be used Please note that the terms download and upload are relative to the computer Download means to transfer from the Prestige to the computer while upload mean
44. methods to use depends on how many VCs you have and how many different network protocols you need The extra overhead that PPPoE and ENET ENCAP encapsulation entails makes it a poor choice in a LAN to LAN application Here are some examples of more suitable combinations in such an application Scene 1 One VC Multiple Protocols PPP RFC 2364 encapsulation with VC based multiplexing is the best combination because the extra protocol identifying headers that LLC based multiplexing uses are unneeded The PPP protocol already contains this information Scene 2 One VC One Protocol IP Selecting RFC 1483 encapsulation with VC based multiplexing requires the least amount of overhead 0 octets However if there is a potential need for multiple protocol support in the future it may be safer to select PPP encapsulation instead of RFC 1483 so you don t need to reconfigure when the time comes Scene 3 Multiple VCs If you have an equal number or more of VCs than the number of protocols then select RFC 1483 encapsulation and VC based multiplexing Menu 11 1 Remote Node Profile ee Enter a unique Rem Node Name ChangeMe oute IP Active Yes Bridge No name up to eight l l characters for the Encapsulation PPP Edit PPP Options No Multiplexing VC based Rem IP Addr 0 0 0 0 remote node Incoming Edit IP IPX Bridge No Rem Login Rem Password x Session Options Outgoing Edit Filter Sets No Use 0 0 0 0 to My L
45. only when the ISP uses the IPCP DNS server extensions It does not mean you can leave the DNS servers out of the DHCP setup under all circumstances If your ISP gives you explicit DNS servers make sure that you enter their IP addresses in the DHCP Setup menu This way the Prestige can pass the DNS servers to the computers and the computers can query the DNS server directly without the Prestige s intervention 3 4 Internet Access Prestige 645 ADSL Internet Access Router 3 3 Route IP Setup The first step is to enable IP routing in Menu 1 General Setup To edit menu 1 enter 1 in the main menu to select General Setup and press ENTER Set the Route IP field to Yes by pressing the SPACE BAR Menu 1 General Setup System Name P645 Location location Contact Person s Name name Route IP Yes Route IPX No Bridge No Press ENTER to Confirm or ESC to Cancel Figure 3 3 Menu 1 General Setup 3 4 TCP IP Ethernet Setup and DHCP You will now use menu 3 2 to configure your Prestige for TCP IP To edit menu 3 2 enter 3 in the main menu to open Menu 3 Ethernet Setup In menu 3 select 2 and press ENTER The screen now displays Menu 3 2 TCP IP and DHCP Ethernet Setup as shown next Menu 3 2 TCP IP and DHCP Ethernet Setup First add irSt address 1n DHCP Setup DHCP Server the IP Pool Client IP Pool Starting Address 192 168 1 33 Size of Client IP Pool 32 Primary DNS Serv
46. port start 80 Action Matched Gateway addr Type of Service Precedence No Change No Change 192 168 1 1 Packet length 10 Len Comp N A end 192 168 1 64 end N A end N A end 80 Log No Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 12 7 IP Routing Policy Example Step 3 Check Menu 25 1 IP Routing Policy Setup to see if the rule is added correctly Step 4 Create another policy set in menu 25 Step 5 Create a rule in menu 25 1 1 for this set to route packets from any host IP 0 0 0 0 means any host with protocol TCP and port FTP access through another gateway 192 168 1 100 12 8 IP Policy Routing Prestige 645 ADSL Internet Access Router Menu 25 1 1 IP Routing Policy Policy Set Name set2 Active Yes Criteria IP Protocol 6 Type of Service Don t Care Packet length 10 Precedence Don t Care Len Comp N A Source addr start 0 0 0 0 end N A port start 0 end N A Destination addr start 0 0 0 0 end N A port start 20 end 21 on a ca Gateway addr 192 168 1 100 Log No Type o No Change Precedence No Change Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 12 8 IP Routing Policy Step 6 Check Menu 25 1 IP Routing Policy Setup to see if the rule is added correctly Step 7 Apply both policy sets in menu 3 2 as shown next Menu 3 2 TCP IP and DHCP Ethernet Setup DHCP Setup DHCP Server Client IP Pool Sta
47. selection number Figure 7 3 Menu 12 3 Bridge Static Route Setup Menu 12 3 1 Edit Bridge Static Route Route 4 21 Route Name Active No Ether Address IP Address Gateway Node 1 Press ENTER to CONFIRM or ESC to CANCEL Figure 7 4 Menu 12 3 1 Edit Bridge Static Route 7 4 Bridging Setup Prestige P645 ADSL Internet Access Router The following table describes the Bridge Static Route Menu Table 7 3 Bridge Static Route Menu Fields FIELD DESCRIPTION Route Name Enter a name for the bridge static route for identification purposes Active Use the SPACE BAR to select Yes to activate or No to deactivate the static route Ether Address Enter the MAC address of the destination machine that you wish to bridge the packets to IP Address If available enter the IP address of the destination machine that you wish to bridge the packets to Gateway Node Enter the number of the remote node that is the gateway of this static route Once you have completed filling in this menu press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC to cancel Bridging Setup 7 5 Advanced Management Part IIl Advanced Management Advanced Management provides information on Filter Configuration SNMP Configuration i System Maintenance Firmware and Configuration and Firmware File Maintenance IP Policy t Routing Call S
48. to configure to open Menu 25 1 IP Routing Policy Setup Menu 25 1 shows the summary of a policy set including the criteria and the action of a single policy and whether a policy is active or not Each policy contains two lines The former part is the criteria of the incoming packet and the latter is the action Between these two parts separator I means the action is taken on criteria matched and separator means the action is taken on criteria not matched 12 2 IP Policy Routing Prestige 645 ADSL Internet Access Router Menu 25 1 IP Routing Policy Setup Criteria Action SA 1 1 1 1 1 1 1 1 DA 2 2 2 2 2 2 2 5 SP 20 25 DP 20 25 P 6 T NM PR 0 GW 192 168 1 1 T MT PR 0 Enter Policy Rule Number 1 6 to Configure Figure 12 2 Menu 25 1 Sample IP Routing Policy Setup Table 12 1 IP Routing Policy Setup ABBREVIATION MEANING Criterion SA Source IP Address SP Source Port DA Destination IP Address DP Destination Port IP layer 4 protocol number TCP 6 UDP 17 Type of service of incoming packet PR Precedence of incoming packet Action GW Gateway IP address Outgoing Type of service P Outgoing Precedence Service NM Normal MD Minimum Delay MT Maximum Throughput MR Maximum Reliability MC Minimum Cost IP Policy Routing 12 3 Prestige 645 ADSL Internet Access Router
49. 1 2 General Commands for Third Party FTP Clients 11 4 Table 11 3 General Commands for Third Party TFTP Clients 11 5 Table 12 1 IP Routing Policy Setup 12 3 Table 12 2 IP Routing Policy 12 4 Table 13 1 Schedule Set Setup Fields 13 2 Table 14 1 Troubleshooting the Start Up of your Prestige 14 1 Table 14 2 Troubleshooting Telnet 14 1 Table 14 3 Troubleshooting the ADSL connection 14 2 Table 14 4 Troubleshooting the LAN Interface 14 2 Table 14 5 Troubleshooting a Connection to a Remote Node or ISP 14 3 List of Tables xvii P645 ADSL Internet Access Router Preface About Your ADSL Internet Access Router Congratulations on your purchase of the Prestige 645R ADSL Internet Access Router The Prestige 645R is an ADSL router used for Internet LAN access via an ADSL line We will refer to the Prestige 645R router as the P645R or simply the Prestige from now on The P645R can run upstream maximum transmission rates of 800 Kbps and downstream maximum transmission rates of 8Mbps The actual rate depends on the type of ADSL service subscribed to the copper category of your telephone wire and the distance from the central office See the following sections for more background information on DSL and ADSL The P645R s 10 100M LAN interface enables fast data transfer of 10Mbps or 100Mbps in either half duplex or full duplex mode depending on your Ethernet network Your Prestige is easy to install and to configure All functions of the Prestige are softwar
50. 1 to 255 and for the VCI is 32 to 65535 1 to 32 is reserved for local management of ATM traffic The following diagram explains the Sample IP Addresses to help you understand the My Wan Addr field in menu 11 3 Refer to the section on Internet access for a brief review of what a WAN IP is My WAN Addr indicates the local Prestige WAN IP while Rem IP Address indicates the peer WAN IP Remote Node TCP IP Configuration 5 3 Prestige P645 ADSL Internet Access Router Remote Network Local Network 192 168 1 0 10 0 0 0 ZR f 1721602 172 16 0 1 ay EH To configure the TCP IP parameters of a remote node first configure the fields in Menu 11 1 Remote Node Profile as shown in the next table For more details on the IP Option fields refer to the section on Internet access Prestige Prestige D E 192 168 1 1 10 0 0 1 Figure 5 4 Sample IP Addresses for a TCPI IP LAN to LAN Connection s Menu 11 1 Remote Node Profile Rem Node Name ChangeMe Route IP Active Yes Bridger No Encapsulation PPP Eg PPP Options Na Multiplexing VC based Rem IP Addr 0 0 0 0 Incoming Edit IP IPX Bridge No Rem Login Rem Password e x Session Options Outgoing Edit Filter Sets No My Login oscar PPPoE Idle Timeout sec N A My Password PPPoE Service Name N A Authen CHAP PAP Schedule Sets N A Press ENTER to CONF
51. 2 168 1 35 192 168 1 36 IP ADDRESS ASSIGNED BY ISP The SUA network appears as a single host on the Internet Figure 3 8 Single User Account Topology The IP address for the SUA can be either fixed or dynamically assigned by the ISP In addition you can designate servers for example a web server and a telnet server on your local network and make them accessible to the outside world If you do not define any server SUA offers the additional benefit of firewall protection If no server is defined all incoming inquiries will be filtered out by your Prestige thus preventing intruders from probing your network Your Prestige accomplishes this address sharing by translating the internal LAN IP addresses to a single address that is globally unique on the Internet For more information on IP address translation refer to RFC 1631 The IP Network Address Translator NAT 3 11 1 Advantages of SUA In summary SUA is a cost effective solution for small offices to access the Internet or other remote TCP IP networks SUA supports servers to be accessible to the outside world SUA can provide firewall protection if you do not specify a server All incoming inquiries will be filtered out by your Prestige Internet Access 3 15 Prestige P645 ADSL Internet Access Router UDP and TCP packets can be routed In addition partial ICMP including echo and traceroute is supported 3 11 2 Single User Account Configuration The steps
52. 2 VCI N A Private No RIP Direction Both Bridge Options Version RIP 2B Dial On Broadcast N A Multicast None Ethernet Addr Timeout min N A IP Policies VPI N A VPI 0 VCI N A VCI 35 Enter here to Confirm Or ESC to Cancel Press Space Bar to Toggle Figure 5 2 Menu 11 3 for VC based multiplexing with RFC 1483 and ENET ENCAP In this case separate VPI and VCI numbers must be specified for each protocol LLC based multiplexing For LLC based multiplexing one VC carries multiple protocols with protocol identifying information being contained in each packet header 5 2 Remote Node TCP IP Configuration Prestige P645 ADSL Internet Access Router Menu 11 3 Remote Node Network Layer Options VPI VCI LLC mux or PPP PPPoE Encap IPX Options VPI 0 Rem LAN Net 00000000 VCI 35 My WAN Net 00000000 IP Options Hop Count 1 Rem IP Addr 0 0 0 0 Tick Count 2 Rem Subnet Mask 0 0 0 0 W D Spoofing min N A IP Address Assignment Dynamic SAP RIP Timeout min N A My WAN Addr 0 0 0 0 Dial On Query N A Single User Account Yes Metric 2 Private No RIP Direction None Bridge Options Version RIP 1 Dial On Broadcast N A Multicast None Ethernet Addr Timeout min 0 IP Policies Enter here to CONFIRM or ESC to CANCEL Figure 5 3 Menu 11 3 for LLC based multiplexing In this case only one set of VPI and VCI numbers need be specified for all protocols The valid range for the VPI is
53. 3 Static Route Setup 5 7 STP 2 3 SUA 1 4 3 14 5 6 Advantages 3 15 Configuration 3 16 Multiple Servers 3 17 Submenus 2 6 Subnet Mask 3 2 3 6 5 6 5 9 Subnet Mask Default 2 2 Syntax Conventions xviii Syslog IP Address 10 6 System Syslog 10 5 System Maintenance 10 9 11 2 11 4 11 5 11 6 11 9 System Management Terminal 2 6 System Status 10 1 Index Prestige 645 ADSL Internet Access Router TCP IP 5 1 8 7 10 9 TCP IP Parameters 3 1 Telephone Microfilters 2 4 telephone service coexistance with DSL xix TFTP File Transfer 11 9 Tick Count 6 7 6 8 TOS Type of Service 12 1 TOS t 12 1 Transmission Rates xviii 1 1 Troubleshooting 14 1 ADSL 14 2 LAN 14 1 14 2 Remote Node 14 3 Type of Service 12 1 12 3 12 4 12 5 U Unicast 3 3 UNIX Syslog 10 5 10 6 Upload Firmware 11 6 V VPI amp VCI 3 9 W WAN Address 5 6 www zyxel com iii Z ZyNOS 11 1 11 2 ZyNOS F W Version 11 1 ZyXEL contact information v ZyXEL Limited Warranty Note iii ZyXEL website iii Index
54. 3 3 Applying Schedule Sets to a Remote Node Example PPPoE Encapsulation 13 4 Call Scheduling Prestige 645 ADSL Internet Access Router Chapter 14 Troubleshooting This chapter covers problems you may run into and possible remedies After each problem description some instructions are provided to help you diagnose and solve the problem 14 1 Problems Starting Up the Prestige Table 14 1 Troubleshooting the Start Up of your Prestige PROBLEM CORRECTIVE ACTION None of the LEDs are on when you turn on the Prestige Make sure that you have the correct AC adapter and that is plugged in and connected to the Prestige If the error persists you may have a hardware problem In this case you should contact your vendor 14 2 Problems Telnetting into the Prestige Table 14 2 Troubleshooting Telnet PROBLEM CORRECTIVE ACTION Can t access the Prestige through telnet Check the LAN port and the other Ethernet connections Check your computer s IP address it should be in the same subnet as the Prestige Use the reset button as follows to restore the IP address to 192 168 1 1 subnet mask to 255 255 255 0 DHCP server to active with addresses starting at 192 168 1 33 and the password to 1234 Turn the Prestige off Use a pointed object to push the RESET button while you turn the Prestige back on Keep the RESET button pressed for one minute Make sure your computer is set to get a dyn
55. A remote node is required for placing calls to a remote gateway A remote node represents both the remote gateway and the network behind it across a WAN connection Note that when you use menu 4 to set up Internet access you are actually configuring one of the remote nodes 4 1 Remote Node Setup This section describes the protocol independent parameters for a remote node 4 1 1 Remote Node Profile To configure a remote node follow these steps Step 1 In the main menu enter 11 to open menu 11 Remote Node Setup Step 2 When menu 11 appears as shown below enter the number of the remote node that you wish to configure Menu 11 Remote Node Setup ChangeMe ISP SUA 0 1o 014 Q lH Enter Node to Edit Figure 4 1 Menu 11 Remote Node Setup When Menu 11 1 Remote Node Profile appears fill in the fields to define this remote profile Descriptions and information about configuring the fields is given in the table that follows Remote Node Configuration 4 1 Prestige P645 ADSL Internet Access Router 4 1 2 Encapsulation amp Multiplexing Scenarios For Internet Access you should use the encapsulation and multiplexing methods used by your ISP For a LAN to LAN application e g branch office and corporate headquarters prior mutual agreement on methods used is necessary because there is no mechanism to automatically determine encapsulation multiplexing Selection of which encapsulation and multiplexing
56. CP leases addresses for a period of time which means that addresses are made available to assign to other systems Domain Name System links names to IP addresses When you access Web sites on the Internet you can type the IP address of the site or the DNS name When you type a domain name in a Web browser a query is sent to the primary DNS server defined in your Web browser s configuration dialog box The DNS server converts the name you specified to an IP address and returns this address to your system From then on the IP address is used in all subsequent communications The unique name that identifies an Internet site Domain Names always have 2 or more parts separated by dots The part on the left is the most specific and the part on the right is the most general Dynamic RAM that stores information in capacitors that must be refreshed periodically Digital Subscriber Line technologies enhances the data capacity of the existing twisted pair wire that runs between the local telephone company switching offices and most homes and offices There are actually seven types of DSL service ranging in speeds from 16 Kbits sec to 52 Mbits sec The services are either symmetrical traffic flows at the same speed in both directions or asymmetrical the downstream capacity is higher than the upstream capacity DSL connections are point to point dedicated circuits meaning that they are always connected There is no dial up There is also no switchin
57. Dynami My WAN Addr 0 0 0 0 Single User Account Yes IPX Options Rem LAN Net 00000000 My WAN Net 00000000 Hop Count 1 Tick Count 2 W D Spoofing min N A SAP RIP Timeout min N A Dial On Query N A IP Policies Press ENTER to CONFIRM or ESC to CANCEL Figure 6 5 Menu 11 3 Remote Node Novell IPX Options The table below describes the IPX specific parameters of the remote node setup Table 6 2 Remote Node Novell IPX Options Metric 2 Private No RIP Direction None Bridge Options Version RIP 1 Dial On Broadcast N A Multicast None Ethernet Addr Timeout min 0 FIELD DESCRIPTION EXAMPLE Rem LAN Net In this field enter the internal network number of the NetWare 00000000 server on the remote LAN My WAN Net In this field enter the network number of the WAN link If you leave 00000000 this field as 00000000 your Prestige will determine automatically default the network number through negotiation with the PPP peer default Hop Count This field indicates the number of intermediate networks that must 1 be passed through to reach the remote node default Tick Count This field indicates the time ticks required to reach the remote node 2 default W D This field is for the P645R on the server side Your Prestige 645R Spoofing min can spoof a response to a server s watchdog request after the connection is dropped In this field type in the time number of
58. ENCAP 5 2 Figure 5 3 Menu 11 3 for LLC based multiplexing 5 3 Figure 5 4 Sample IP Addresses for a TCPI IP LAN to LAN Connection 5 4 Figure 5 5 Menu 11 1 Remote Node Profile 5 4 Figure 5 6 Menu 11 3 for VC based multiplexing with RFC 1483 and ENET ENCAP 5 5 Figure 5 7 Example of Static Routing Topology 5 8 Figure 5 8 Menu 12 Static Route Setup 5 8 Figure 5 9 Menu 12 1 IP Static Route Setup 5 9 Figure 5 10 Menu 12 1 1 Edit IP Static Route 5 9 Figure 6 1 NetWare Server 6 2 Figure 6 2 Prestige 645R in an IPX Environment 6 3 Figure 6 3 Menu 3 3 Novell IPX Ethernet Setup 6 4 Figure 6 4 LAN to LAN Application with Novell IPX 6 5 Figure 6 5 Menu 11 3 Remote Node Novell IPX Options 6 6 Figure 6 6 Menu 12 2 1 Edit IPX Static Route 6 7 Figure 7 1 Menu 3 4 Bridge Ethernet Setup 7 1 Figure 7 2 Menu 11 3 Remote Node Bridging Options 7 3 Figure 7 3 Menu 12 3 Bridge Static Route Setup 7 4 Figure 7 4 Menu 12 3 1 Edit Bridge Static Route 7 4 Figure 8 1 Outgoing Packet Filtering Process 8 1 Figure 8 2 Filter Rule Process 8 3 Figure 8 3 Menu 21 Filter Set Configuration 8 4 Figure 8 4 NetBIOS WAN Filter Rules Summary 8 4 Figure 8 5 NetBIOS LAN Filter Rules Summary 8 5 Figure 8 6 Telnet Filter Rules Summary 8 5 Figure 8 7 PPPoE Filter Rules Summary 8 6 List of Figures xiii P645 ADSL Internet Access Router Figure 8 8 FTP _WAN Filter Rules Summary 8 6 Figure 8 9 FTP_TELNET_WEB Filter Rules Summary 8 7 8 10 Figure 8 10 Me
59. Hexadecimal to compare with the data portion More If Yes a matching packet is passed to the next filter rule before an action is Yes taken otherwise the packet is disposed of according to the action fields If More is Yes then Action Matched and Action Not Matched will be N A Log Select the logging option from the following None No packets will be logged None Action Matched Only packets that match the rule parameters will be logged Action Not Matched Only packets that do not match the rule parameters will be logged Both All packets will be logged Action Select the action for a matching packet Check Next Rule Forward or Forward Matched Drop Action Not Select the action for a packet not matching the rule Check Next Rule Drop Matched Forward or Drop Once you have completed filling in Menu 21 1 1 Generic Filter Rule press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC to cancel This data will now be displayed on Menu 21 1 Filter Rules Summary 8 14 Filter Configuration Prestige 645 ADSL Internet Access Router 8 3 3 Novell IPX Filter Rule This section shows you how to configure an IPX filter rule IPX filters allow you to base the rules on the fields in the IPX headers To configure an IPX rule select IPX Filter Rule from the Filter Type field and press ENTER to open Menu 21 1 1 IPX Filter Rule as shown in the figure below
60. IRM or ESC to CANCEL Figure 5 5 Menu 11 1 Remote Node Profile 5 4 Remote Node TCP IP Configuration Prestige P645 ADSL Internet Access Router Table 5 1 TCP IP related fields in Remote Node Profile FIELD DESCRIPTION EXAMPLE Route Make sure IP is among the protocols in the Route field in IP Menu 11 1 Remote Node Profile Options are IP IPX IP IPX and None although with ENET ENCAP the only available protocol is IP Rem IP Address Enter the IP address of the remote gateway in Menu 11 1 0 0 0 0 Remote Node Profile You must fill in either the remote Prestige WAN IP address or the remote Prestige LAN IP address This depends on the remote router s WAN IP i e for the remote Prestige the My WAN Addr settings in Menu 11 3 Remote Node Network Layer Options For example see Figure 5 4 if the remote WAN IP is set to 172 16 0 2 the remote router s WAN IP then you should enter 172 16 0 2 in the Rem IP Address field If the remote WAN IP is 0 0 0 0 then enter 192 168 1 1 the remote router s LAN IP in the Rem IP Address field Edit IP IPX Bridge Press the SPACE BAR to select Yes in this field and then No press ENTER to go to Menu 11 3 Remote Node Network Layer Options The following table shows the TCP IP related fields in Menu 11 3 Remote Node Network Layer Options Menu 11 3 Remote Node Network Layer Options IPX Options Rem LAN Net N A My WAN Ne
61. LAN to LAN application for your Prestige is shown as follows 1 4 Getting to Know Your Prestige Prestige 645 ADSL Internet Access Router Branch Office LAN Corporate LAN Prestige Prestige Figure 1 2 LAN to LAN Application Getting to Know Your Prestige Prestige 645 ADSL Internet Access Router Chapter 2 Hardware Installation amp Initial Setup This chapter describes the physical features and cable connections of the Prestige and how to access and use the SMT interface for configuration 2 4 Front Panel LEDs of the P645R The LED indicators on the front panel indicate the operational status of the Prestige 645R The table below the diagram describes the LED functions T OC Maece EL H IL UL eee y PWR sys 104 100M DSL ACT PRESTIGE ZyXEL oM Qaa RESTIGE Lf L Figure 2 1 Prestige 645R Front Panel Table 2 1 Front Panel LED Description LED NAME DESCRIPTION PWR The PWR power LED is on when power is applied to the Prestige SYS A steady on SYS system LED indicates the Prestige is on and functioning properly while an off SYS LED indicates the system is not ready or has a malfunction The SYS LED blinks when the system is rebooting LAN 10M A steady light indicates a 10Mb Ethernet connection The LED blinks when data is being sent received LAN 100M A steady light indicates a 100Mb Ethernet connection The LED bl
62. NS Domain Name System is for mapping a domain name to its corresponding IP address and vice versa e g the IP address of www zyxel com is 204 217 0 2 The DNS server is extremely important because without it you must know the IP address of a machine before you can access it The DNS server addresses that you enter in the DHCP setup are passed to the client machines along with the assigned IP address and subnet mask There are two ways that an ISP disseminates the DNS server addresses The first is for an ISP to tell a customer the DNS server addresses usually in the form of an information sheet when s he signs up If your ISP gives you the DNS server addresses enter them in the DNS Server fields in DHCP Setup otherwise leave them blank Some ISP s choose to pass the DNS servers using the DNS server extensions of PPP IPCP IP Control Protocol after the connection is up If your ISP did not give you explicit DNS servers chances are the DNS servers are conveyed through IPCP negotiation The Prestige supports the IPCP DNS server extensions through the DNS proxy feature If the Primary and Secondary DNS Server fields in DHCP Setup are not specified i e left as 0 0 0 0 the Prestige tells the DHCP clients that it itself is the DNS server When a computer sends a DNS query to the Prestige the Prestige forwards the query to the real DNS server learned through IPCP and relays the response back to the computer Please note that DNS proxy works
63. PACE BAR to enable or disable SUA Please No see the following section for a more detailed discussion on Internet Access 3 13 Prestige P645 ADSL Internet Access Router FIELD DESCRIPTION EXAMPLE the Single User Account feature IP Address Assignment Press the SPACE BAR to select Static or Dynamic Dynamic address assignment Please see section 3 9 for related information IP Address Enter the IP address supplied by your ISP if applicable ENET ENCAP Gateway Enter the gateway IP address supplied by your ISP if applicable At this point if all your settings are correct your Prestige should connect automatically to the Internet 3 11 Single User Account Typically if there are multiple users on the LAN wanting to concurrently access the Internet you will have to lease a block of legal or globally unique IP addresses from the ISP The Single User Account SUA feature allows you to have the same benefits as having multiple legal addresses but only pay for one IP address thus saving significantly on the subscription fees Check with your ISP before you enable this feature SUA supports popular Internet applications such as MS traceroute CuSeeMe IRC RealAudio VDOLive Quake and PPTP with no extra configuration needed 3 14 Internet Access Prestige 645 ADSL Internet Access Router Private Network IP Addresses Assigned by User 192 168 1 33 m 192 168 1 1 Prestige 19
64. PPP PPPoE PSTN PVC RFC Password Authentication Protocol PAP is a security protocol that requires users to enter a password before accessing a secure system The user s name and password are sent over the wire to a server where they are compared with a database of user account names and passwords This technique is vulnerable to wiretapping eavesdropping because the password can be captured and used by someone to log onto the system An Internet port refers to a number that is part of a URL appearing after a colon right after the domain name Every service on an Internet server listens on a particular port number on that server Most services have standard port numbers e g Web servers normally listen on port 80 Plain Old Telephone Service is the analog telephone service that runs over copper twisted pair wires and is based on the original Bell telephone system Twisted pair wires connect homes and businesses to a neighborhood central office This is called the local loop The central office is connected to other central offices and long distance facilities Point to Point Protocol PPP encapsulates and transmits IP Internet Protocol datagrams over serial point to point links PPP works with other protocols such as IPX Internetwork Packet Exchange The protocol is defined in IETF Internet Engineering Task Force RFC 1661 through 1663 PPP provides router to router host to router and host to host connections PPPoE P
65. Prestige 645R ADSL Router User s Guide 2 50 Version 2 July 2001 ZyXEL TOTAL INTERNET ACCESS SOLUTION Prestige 645 ADSL Internet Access Router Copyright Copyright 2001 by ZyXEL Communications Corporation The contents of this publication may not be reproduced in any part or as a whole transcribed stored in a retrieval system translated into any language or transmitted in any form or by any means electronic mechanical magnetic optical chemical photocopying manual or otherwise without the prior written permission of ZyXEL Communications Corporation Published by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patents rights of others ZyXEL further reserves the right to make changes in any products described herein without notice This publication is subject to change without notice Trademarks Trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners ZyNOS is a registered trademark of ZyXEL Communications Corporation ii Copyright Prestige 645 ADSL Internet Access Router ZyXEL Limited Warranty ZyXEL warrants to the original end user purchaser that this product is free from any defects in materials or workmanship for
66. S03 gt R01mF Jul 19 14 44 00 192 168 102 2 ZyXEL Communications Corp IP Src 192 168 102 20 Dst 202 132 154 1 UDP spo 05d4 dpo 0035 S03 gt RO01mF Jul 19 14 44 04 192 168 102 2 ZyXEL Communications Corp IP Src 192 168 102 20 Dst 202 132 154 1 UDP spo 05d4 dpo 0035 S03 gt RO01mF 4 PPP log PPP Log Message Format sdcmdSyslogSend SYSLOG_PPPLOG SYSLOG NOTICE String String ppp Proto Starting ppp Proto Opening ppp Proto Closing ppp Proto Shutdown Proto LCP ATCP BACP BCP CBCP CCP CHAP PAP IPCP IPXCP Jul 19 11 42 44 192 168 102 2 ZyXEL Communications Corp ppp LCP Closing Jul 19 11 42 49 192 168 102 2 ZyXEL Communications Corp ppp IPCP Closing Jul 19 11 42 54 192 168 102 2 ZyXEL Communications Corp ppp CCP Closing 10 4 Diagnostic The diagnostic facility allows you to test the different aspects of your Prestige to determine if it is working properly Menu 24 4 allows you to choose among various types of diagnostic tests to evaluate your system as shown 10 8 System Maintenance Prestige 645 ADSL Internet Access Router Menu 24 4 System Maintenance Diagnostic ADSL System l Reset ADSL 21 Reboot System 22 Command Mode TCP IP 12 Ping Host Enter Menu Selection Number Host IP Address N A Figure 10 7 Menu 24 4 System Maintenance Diagnostic Follow the procedure below to get to Diagnostic Step 1 From the main menu enter 24 to open Menu 24
67. TS IP Protocol ji Matched E Check Sic amp lt DestPort Not Matched Matched Y d More gt Yes y Y No Action Not Matched Y Action Matched 3 Check Next Rule R Ax EN EN ER EN Drop Forward PPP i E E Y Y Y 8 zo Drop Packet j Check Next Rule Accept Packet Nes 2 b a ve R J N yy Figure 8 11 Executing an IP Filter Check Next Rule Drop Forward 8 12 Filter Configuration Prestige 645 ADSL Internet Access Router 8 3 2 Generic Filter Rule This section shows you how to configure a generic filter rule The purpose of generic rules is to allow you to filter non IP packets For IP it is generally easier to use the IP rules directly For generic rules the Prestige treats a packet as a byte stream as opposed to an IP or IPX packet You specify the portion of the packet to check with the Offset from 0 and the Length fields both in bytes The Prestige applies the Mask bit wise ANDing to the data portion before comparing the result against the Value to determine a match The Mask and Value are specified in hexadecimal numbers Note that it takes two hexadecimal digits to represent a byte so if the length is 4 the value in either field will take 8 digits e g FFFFFFFF To configure a generic rule select Generic Filter Rule in the Filter Type field and press ENTER to open Menu
68. Up Time Time this channel has been connected to the remote node Ethernet Status Shows the current status of the LAN Tx Pkts The number of transmitted packets to the LAN Rx Pkts The number of received packets from the LAN Collision Number of collisions 10 2 System Maintenance Prestige 645 ADSL Internet Access Router FIELD DESCRIPTION WAN Line Status Shows the current status of the ADSL line which can be Up Down Wait for Init or Initializing Upstream Speed Shows the ADSL line upstream speed Downstream Speed Shows the ADSL line downstream speed CPU Load Specifies the percentage of CPU utilization Press Command 1 Reset Counters Press 1 to reset all the above statistics to 0 ESC Exit Press ESC to go back to menu 24 10 2 System Information and Console Port speed System information list important data about your Prestige and its firmware Console port speed is included for use by qualified technical support personnel do not configure it Menu 24 2 System Information and Console Port Speed is as follows Menu 24 2 System Information and Console Port Speed 1 System Information 2 Console Port Speed Figure 10 3 System Information and Console Port Speed Press 1 to display the next screen Menu 24 2 1 System Maintenance Information System Maintenance 10 3 Prestige 645 ADSL Internet Access Router Menu 24 2 1 System Mainten
69. activate and No to deactivate the schedule set Yes default Start Date Enter the start date that you wish the set to take effect in year month 2000 07 01 day format Valid dates are from the present to February 5 2036 How Often Choose Once or Weekly Both these options are mutually exclusive Once If Once is selected then fill in the date it will occur If Weekly is default 13 2 Call Scheduling Prestige 645 ADSL Internet Access Router FIELD DESCRIPTION EXAMPLE selected then fill in the weekdays when call should occur When Once is selected the schedule rule deletes automatically after the scheduled time elapses Once If you select Once in the How Often field above enter the date the 2001 01 01 D set should activate in year month day format ate If you select Weekly in the How Often field above this field is N A Weekday f you select Weekly in the How Often field above then choose the N A D day s the set should activate and recur Individual Day parameters default ay are active when their fields read Yes and inactive when their fields read No or N A Start Time Enter the start time that you wish the schedule set to take effect in 12 00 hour minute format Duration Enter the maximum duration allowed in hour minute format for this 10 00 scheduled connection Action Choose an action Choices are Forced On means that the connection is maintain
70. aged devices The managed devices contain object variables managed objects that define each piece of information to be collected about a device Examples of variables include such as number of packets received node port status etc A Management Information Base MIB is a collection of managed objects SNMP allows a manager and agents to communicate for the purpose of accessing these objects SNMP itself is a simple request response protocol based on the manager agent model The manager issues a request and the agent returns responses using the following protocol operations e Get Allows the manager to retrieve an object variable from the agent e GetNext Allows the manager to retrieve the next object variable from a table or list within an agent In SNMPvI when a manager wants to retrieve all elements of a table from an agent it initiates a Get operation followed by a series of GetNext operations e Set Allows the manager to set values for object variables within an agent e Trap Used by the agent to inform the manager of some events 9 2 Supported MIBs The Prestige supports MIB II that is defined in RFC 1213 and RFC 1215 The Prestige can also respond with specific data from the ZyXEL private MIB ZY XEL MIB The focus of the MIBs is to let administrators collect statistic data and monitor status and performance The Prestige acts as an SNMP agent Users must implement their own GUI on SNMP platform SNMP manager 9 3 Conf
71. agrams but the messages are processed by the TCP IP software and are not directly apparent to the application user Lower case i Any time you connect 2 or more networks together you have an internet Glossary Prestige 645 ADSL Internet Access Router Internet Upper case I The vast collection of inter connected networks that all use the TCP IP protocols and that evolved from the ARPANET of the late 60 s and early 70 s The Internet now July 1995 connects roughly 60 000 independent networks into a vast global internet Intranet A private network inside a company or organization that uses the same kinds of software that you would find on the public Internet but that is only for internal use IP Internet Protocol he IP currently IP version 4 or IPv4 is the underlying protocol for routing packets on the Internet and other TCP IP based networks IPCP PPP IP Control Protocol allows changes to IP parameters such as the IP address IPX Internetwork Packet eXchange The native NetWare internetworking protocol is IPX Internetwork Packet Exchange Like IP Internet Protocol IPX is an internetworking protocol that provides datagram services ISP Internet Service Providers provide connections into the Internet for home users and businesses There are local regional national and global ISPs You can think of local ISPs as the gatekeepers into the Internet LAN Local Area Network is a shared communications system to which many
72. all Scheduling Configure call time periods to allow and restrict access to remote nodes Networking Compatibility Your Prestige is compatible with the major ADSL DSLAM Digital Subscriber Line Access Multiplexer providers making configuration as simple as possible for you Multiplexing The Prestige 645R supports VC based and LLC based multiplexing Encapsulation The Prestige 645R supports PPP RFC 2364 PPP over ATM Adaptation Layer 5 RFC 1483 encapsulation over ATM and MAC encapsulated routing ENET ENCAP as well as PPP over Ethernet RFC 2516 NAT SUA for single IP address Internet Access The Prestige s SUA Single User Account feature allows multiple user Internet access for the cost of a single IP account SUA supports popular Internet applications such as MS traceroute CuSeeMe IRC RealAudio VDOLive Quake and PPTP No configuration is needed to support these applications Full Network Management SNMP Simple Network Management Protocol support SMT System Management Terminal through a telnet connection 1 2 Getting to Know Your Prestige Prestige 645 ADSL Internet Access Router PAP and CHAP Security The Prestige supports PAP Password Authentication Protocol and CHAP Challenge Handshake Authentication Protocol CHAP is more secure since the password is scrambled prior to transmission However PAP is readily available on more platforms Filters The Prestige s packet filtering functions
73. allow added network security and management Reset Button The Prestige comes with a reset button built into the rear panel Use this button to restore the factory default password to 1234 IP address to 192 168 1 1 subnet mask to 255 255 255 0 and DHCP server enabled with a pool of 32 IP addressed starting at 192 168 1 33 1 3 Applications for the Prestige 645R 1 3 1 Internet Access The Prestige is the ideal high speed Internet access solution Your Prestige supports the TCP IP protocol which the Internet uses exclusively It is compatible with all major ADSL DSLAM providers A DSLAM is a rack of ADSL line cards with data multiplexed into a backbone network interface connection e g T1 OC3 DS3 ATM or Frame Relay Think of it as the equivalent of a modem rack for ADSL A typical Internet Access application is shown next Getting to Know Your Prestige 1 3 Prestige P645 ADSL Internet Access Router Office LAN 10 100M Ethernet INTERNET Prestige DSLAM Edge Router Figure 1 1 Internet Access Application Internet Single User Account For a SOHO Small Office Home Office environment your Prestige offers the Single User Account SUA feature that allows multiple users on the LAN Local Area Network to access the Internet concurrently for the cost of a single user 1 3 2 LAN to LAN Application You can use the Prestige to connect two geographically dispersed networks through an ADSL line A typical
74. amic IP address or if you want to use a static IP address on your computer make sure that it is on the same subnet as the Prestige Troubleshooting 14 1 Prestige 645 ADSL Internet Access Router 14 3 Problems With the WAN Interface Table 14 3 Troubleshooting the ADSL connection PROBLEM CORRECTIVE ACTION Initialization of the Check the cable connections between the ADSL port and the wall jack The ADSL connection failed DSL LED on the front panel of the Prestige should be on Check that your VPI VCI type of encapsulation and type of multiplexing settings are the same as what you collected from your telephone company and ISP Restart the Prestige If you still have problems you may need to verify your VPI VCI type of encapsulation and type of multiplexing settings with the telephone company and ISP 14 4 Problems With the LAN Interface Table 14 4 Troubleshooting the LAN Interface PROBLEM CORRECTIVE ACTION Can t ping any station on the LAN Check the Ethernet LEDs on the front panel A LAN LED should be on if the port is connected to a computer or hub If they are off check the cable connections between your Prestige and the computer or hub Verify that the IP addresses of the Prestige and the computers are on the same subnet 14 2 Troubleshooting Prestige 645 ADSL Internet Access Router 14 5 Problems Connecting to a Remote Node or ISP Ta
75. ance Information Name Routing IP ZyNOS F W Version V 250 EI 0 b1 6 1 2001 ADSL Chipset Vendor Alcatel Version 3 7 119 Standard Multi Mode LAN Ethernet Address 00 a0 c5 02 34 56 IP Address 192 168 1 1 IP Mask 255 255 255 0 DHCP Server Press ESC or RETURN to Exit Figure 10 4 System Maintenance Information Table 10 2 Fields in System Maintenance Information FIELD DESCRIPTION Name Displays the system name of your Prestige This information can be modified in Menu 1 General Setup Routing Refers to the routing protocol used ZyNOS F W Refers to the ZyNOS ZyXEL Network Operating System firmware version Version and date created ZyNOS is a registered trademark of ZyXEL Communications Corporation ADSL Chipset Displays the vendor of the ADSL chipset and ADSL modem software Vendor version Version Refers to the ANSI Version Standard Refers to the ADSL standard in use Full rate G dmt and ANSI T1 413 allow rates up to 8 Mbps downstream and 832 Kbps upstream and require the use of a telephone splitter The reduced rate G Lite provides up to 1 536 Mbps downstream and 512 Kbps upstream and does not require a telephone splitter Multi Mode allows the standard to be negotiated automatically Ethernet Address Refers to the Ethernet MAC Media Access Control of your Prestige IP Address This is the IP address of the Prestige in dotted decimal notation IP Mask This shows t
76. ancel 6 4 IPX Configuration Prestige P645 ADSL Internet Access Router 6 4 LAN to LAN Application with Novell IPX A typical LAN to LAN application is to use your Prestige 645R to call from a branch office to the corporate headquarters to enable the stations in the branch office to access the NetWare servers at the headquarters as depicted in the figure below Branch Office LAN Corporate LAN External Network External Network Number 333 Number 222 Prestige Prestige Netware Clients Netware Server Internal Network Number 111 Figure 6 4 LAN to LAN Application with Novell IPX 6 4 4 IPX Remote Node Setup Follow the procedure in Chapter 5 to configure the protocol independent parameters in Menu 11 1 Remote Node Profile For the IPX specific parameters in Menu 11 3 Remote Node Network Layer Options follow the instructions below Step 1 In menu 11 1 make sure IPX is among the protocols in the Route field The Route field should display Route IPX or Route IP IPX IPX Configuration 6 5 Prestige P645 ADSL Internet Access Router Step 2 Move the cursor to the Edit IP IPX Bridge field then press the space bar to select Yes and press ENTER to open Menu 11 3 Network Layer Options Menu 11 3 Remote Node Network Layer Options VPI VCI LLC mux or PPP PPPoE Encap VPI 0 VCI 35 IP Options Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 IP Address Assignment
77. ation Protocol For obvious reasons you should generally employ the strongest authentication protocol possible However some vendors implementation includes a specific authentication protocol in the user profile It will disconnect if the negotiated protocol is different from that in the user profile even when the negotiated protocol is stronger than specified If you encounter a case where the peer disconnects right after a 4 4 Remote Node Configuration Prestige P645 ADSL Internet Access Router successful authentication please make sure that you specify the correct authentication protocol when connecting to such an implementation 4 1 4 Editing PPP Options To edit the remote node PPP Options move the cursor to the Edit PPP Options field in Menu 11 1 Remote Node Profile and use the SPACE BAR to select Yes Press ENTER to open menu 11 2 as shown next Menu 11 2 Remote Node PPP Options Encapsulation Standard PPP Compression No Press ENTER to CONFIRM or ESC to CANCEL Press Space Bar to Toggle Figure 4 3 Menu 11 2 Remote Node PPP Options The following table describes the Remote Node PPP Options Menu and contains instructions on how to configure the PPP options fields Table 4 2 Remote Node PPP Options Menu Fields FIELD DESCRIPTION EXAMPLE Encapsulation Select CISCO PPP only when this remote node is a Standard PPP Cisco machine otherwise select the Standard PPP Compr
78. ations Corp ras Valid commands are Sys exit device wan poe ip bridge ipx hdap Figure 10 8 Command mode 10 10 System Maintenance Prestige 645 ADSL Internet Access Router Chapter 11 Configuration and Firmware File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files 11 1 Filename Conventions The configuration file often called the romfile or rom 0 contains the factory default settings in the menus such as password DHCP Setup TCP IP Setup etc It arrives from ZyXEL with a rom filename extension Once you have customized the Prestige s settings they can be saved back to your computer under a filename of your choosing ZyNOS ZyXEL Network Operating System sometimes referred to as the ras file is the system firmware and has a bin filename extension With many ftp and tftp clients the filenames are similar to those seen next ftp put firmware bin ras This is a sample ftp session showing the transfer of the computer file firmware bin to the Prestige ftp get rom 0 config cfg This is a sample ftp session saving the current configuration to the computer file config cfg If your t ftp client does not allow you to have a destination filename different than the source you will need to rename them as the Prestige only recognizes rom 0 and ras Be sure you keep unaltered copies of both files for
79. ble 14 5 Troubleshooting a Connection to a Remote Node or ISP PROBLEM CORRECTIVE ACTION ISP Can t connect to a remote node or Check menu 4 to verify that the My Login and My Password fields have the proper entries In menu 11 1 verify your login name and password for the remote node If these steps fail you may need to verify your login and password with your ISP Troubleshooting 14 3 Prestige 645 ADSL Internet Access Router Appendix A VPI and VCI ATM is a connection oriented technology meaning that it sets up virtual circuits over which end systems communicate The terminology for virtual circuits is as follows e VC virtual channel Logical connections between end stations e VP virtual path A bundle of VCs Think of a VP as a cable that contains a bundle of wires The cable connects two points and wires within the cable provide individual circuits between the two points In an ATM cell header a VPI Virtual Path Identifier identifies a link formed by a virtual path and a VCI Virtual Channel Identifier identifies a channel within a virtual path The VPI and VCI are identified and correspond to termination points at ATM switches as shown Your telephone company should supply you with these numbers E Bn Hova vers e a n Ev Virtual Eppe pues ee 5 Fr VCI 2 VPI 2 P i va 3 M P 1 VCI 1 c VPI VPI 3 vCI 2 Y A Diagram 1 VPI s amp VCI s
80. c AMERICA 800 255 4101 1650 Miraloma Avenue Placentia CA 92870 U S A sales zyxel 1 714 632 0858 tp zyxel com SCANDINAVIA support zyxel dk 45 3955 0700 www zyxel dk ZyXEL Communications A S Columbusvej 5 2860 Soeborg sales zyxel dk 45 3955 0707 tp zyxel dk Denmark AUSTRIA support zyxel at 43 1 4948677 0 www zyxel at ZyXEL Communications Services GmbH Thaliastrasse sales zyxel at 43 1 4948678 ftp zyxel at 125a 2 2 4 A 1160 Vienna Austria GERMANY support zyxel de 49 2405 6909 0 www zyxel de ZyXEL Deutschland GmbH Adenauerstr 20 A4 D 52146 sales zyxel de 49 2405 6909 99 Wuerselen Germany MALAYSIA support zyxel com my 603 795 44 688 www zyxel com my Lot B2 06 PJ Industrial Park Section 13 Jalan Kemajuan sales zyxel com my 603 795 34 407 46200 Petaling Jaya Selangor Darul Ehasn Malaysia Customer Support V P645 ADSL Internet Access Router Table of Contents Table of Contents ssscsccssrserssssressssssreesesserenssssensnsescesensesenensescesensesceseneesessensesssseseseesecnessesessesseseseens vi LAst Of FAQ U re p HQ xii n xvi Copyright E esi ii ZYXEL Limited Warranty RP iii Federal Communications Commission FCC Interference Statement ccce eee eeeenee iv C stom r SUpport PP
81. cast one sender everybody on the network Multicast is a third way to deliver IP packets to a group of hosts on the network not everybody IGMP Internet Group Multicast Protocol is a session layer protocol used to establish membership in a Multicast group it is not used to carry user data IGMP version 2 RFC 2236 is an improvement over version RFC 1112 but IGMP version 1 is still in wide use If you would like to read more detailed information about interoperability between IGMP version 2 and version 1 please see sections 4 and 5 of RFC 2236 The class D IP address is used to identify host groups and can be in the range 224 0 0 0 to 239 255 255 255 The address 224 0 0 0 is not assigned to any group and is used by IP multicast computers The address 224 0 0 1 is used for query messages and is assigned to the permanent group of all IP hosts including gateways All hosts must join the 224 0 0 1 group in order to participate in IGMP The address 224 0 0 2 is assigned to the multicast routers group The P645R supports both IGMP version 1 IGMP v1 and IGMP version 2 IGMP v2 At start up the P645R queries all directly connected networks to gather group membership After that the P645R periodically updates this information IP Multicasting can be enabled disabled on the P645R LAN and or WAN interfaces using menus 3 2 LAN and 11 3 WAN Select None to disable IP Multicasting on these interfaces 3 2 5 IP Alias IP Alias allows you
82. ch protocol is carried over a separate ATM virtual circuit VC based multiplexing Please refer to the RFC for more detailed information 3 10 Internet Access Prestige 645 ADSL Internet Access Router 3 9 IP Address Assignment A static IP is a fixed IP that your ISP gives you A dynamic IP is not fixed The ISP assigns you a different one each time The Single User Account feature can be enabled or disabled no matter whether you have a dynamic or static IP However the encapsulation method assigned influences your choices for IP Address and ENET ENCAP Gateway 3 9 1 Using PPP Encapsulation If you have a dynamic IP then the IP Address and ENET ENCAP Gateway fields are not applicable N A If you have a static IP then you only need to fill in the IP Address field and not the ENET ENCAP Gateway field 3 9 2 Using RFC 1483 Encapsulation In this case the IP Address Assignment must be static with the same requirements for the IP Address and ENET ENCAP Gateway fields as stated above in 3 9 1 3 9 3 Using ENET ENCAP Encapsulation In this case you can have either a static or dynamic IP For a static IP you must fill in all the IP Address and ENET ENCAP Gateway fields as supplied by your ISP However for a dynamic IP the Prestige acts as a DHCP client on the WAN port and so the IP Address and ENET ENCAP Gateway fields are not applicable N A as they are assigned to the Prestige by the DHCP server 3 10 Internet Access Configuratio
83. cheduling and Troubleshooting Also included are Appendices a Glossary and the i Index i Prestige 645 ADSL Internet Access Router Chapter 8 Filter Configuration This chapter shows you how to create and apply filter s 8 1 About Filtering Your Prestige uses filters to decide whether or not to allow passage of a packet Data filters are divided into incoming and outgoing filters depending on the direction of the packet relative to a port These filters are further subdivided into device and protocol filters which are discussed later Data filtering can be applied on either the WAN side or the Ethernet side Call filtering is used to determine if a packet should be allowed to trigger a call Remote node call filtering is only applicable when using PPPoE encapsulation Outgoing packets must undergo data filtering before they encounter call filtering as shown in the following figure Call Filtering Active Data No Built in User defined default Call Filters Initiate call Call Filters if applicable if line not up Send packet I t Outgoing b Data match Packet Filtering l if t i i J and reset Match Idle Timer Drop Drop packet Drop packet packet if line not up if line not up Or Or Send packet Send packet but do not reset but do not reset Idle
84. d VPI 10 VCI 10 Service Name My Login tarbuck My Password Single User Account Yes IP Address Assignment Static IP Address 0 0 0 0 ENET ENCAP Gateway 0 0 0 0 Press ENTER to confirm or ESC to cancel Figure 3 7 Internet Access Setup Table 3 5 Internet Access Setup Menu Fields Get the VPI and VCI from your telephone company and the other information from your ISP FIELD DESCRIPTION EXAMPLE ISP s Name Enter the name of your Internet Service Provider e g MyISP MyISP This information is for identification purposes only Encapsulation Press the SPACE BAR to select the method of PPP encapsulation used by your ISP The choices are PPP RFC 1483 PPPoE or ENET ENCAP Please see section 3 9 for related information Multiplexing Press the SPACE BAR to select the method of VC based multiplexing used by your ISP either VC based or LLC based VPI Enter the Virtual Path Identifier VPI that the telephone 10 company gives you VCI Enter the Virtual Channel Identifier VCI that the telephone 10 company gives you Service Name Only available when PPPoE encapsulation is used Enter the name of your PPPoE service provider This is the same as PPPoE Service Name in menu 11 1 My Login Enter the login name that your ISP gives you tarbuck My Password Enter the password associated with the login name above TET Single User Account Press the S
85. de connection to another network or the Internet 3 5 1 LANs WANs and the Prestige The actual physical connection determines whether the Prestige ports are LAN or WAN ports There are two separate IP networks one inside the LAN network the other outside the WAN network as shown next y N J Eho di The interface to e LAN is Ethernet E WAN Internet Prestige The interfaca to the Internet or a remote node as P is the ADSL port aa s Figure 3 6 LAN amp WAN IPs 3 6 VPI amp VCI Be sure to use the Virtual Path Identifier VPI and Virtual Channel Identifier VCI numbers supplied by your telephone company The valid range for the VPI is 1 to 255 and for the VCI is 32 to 65535 1 to 32 is reserved for local management of ATM traffic Please see Appendix VPI and VCI for more information 3 7 Multiplexing There are two conventions to identify what protocols the virtual circuit VC is carrying Be sure to use the multiplexing method required by your ISP Internet Access 3 9 Prestige P645 ADSL Internet Access Router 3 7 1 VC based multiplexing In this case by prior mutual agreement each protocol is assigned to a specific virtual circuit for example VCI carries IP VC2 carries IPX etc VC based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical 3 7 2
86. dge of the networks beyond For instance the Prestige knows about network N2 in the following diagram through remote node Router 1 However the Prestige is unable to route a packet to network N3 because it doesn t know that there is a route through remote node Router 1 via Router 2 The static routes are for you to tell the Prestige about the networks beyond the remote nodes Remote Node TCP IP Configuration 5 7 Prestige P645 ADSL Internet Access Router N1 N2 N3 Prestige R2 Figure 5 7 Example of Static Routing Topology Menu 12 Static Route Setup 1 IP Static Route 2 IPX Static Route 3 Bridge Static Route Please enter selection Figure 5 8 Menu 12 Static Route Setup Menu 12 Static Route Setup is shown above This section describes how to configure an IP static route See the following chapters for IPX configuration and bridging setup To configure an IP static route enter 1 in menu 12 to go to Menu 12 1 IP Static Route Setup as shown next From menu 12 1 enter the index number of the static route you wish to edit to open Menu 12 1 1 Edit IP Static Route 5 8 Remote Node TCP IP Configuration Prestige P645 ADSL Internet Access Router Menu 12 1 IP Static Route Setup 1 Tokyo 2 Seoul 3 Taipei 4 5 6 7 8 Enter selection number Figure 5 9 Menu 12 1 IP Static Route Setup Menu 12 1 1 Edit IP Static Route Route 4 1 Route Name Tokyo Active No
87. diately The action is to drop the Y a TCP IP filter rule Type packet m D if the action is matched and IP Pr 6 for destination to forward the packet immediately n F if telnet ports DP 23 the action is not matched no matter whether there are more rules to be checked there aren t in this example Figure 8 15 Example Filter Rules Summary Menu 21 3 After you ve created the filter set you must apply it Step 1 Enter 11 from the main menu to go to menu 11 Step 2 Select a remote node number and press ENTER Step 3 Go to the Edit Filter Sets field press the SPACE BAR to select Yes and press ENTER This brings you to menu 11 5 Apply the TELNET WAN filter set filter set 3 as shown later 8 5 Filter Types and SUA There are two types of filter rules Device Filter Generic rules and Protocol Filter TCP IP and IPX rules Device Filter rules act on the raw data from to LAN and WAN Protocol Filter rules act on the IP and IPX packets When NAT SUA Network Address Translation Single User Account is enabled the inside IP address and port number are replaced on a connection by connection basis which makes it impossible to know the exact address and port on the wire Therefore the Prestige applies the protocol 8 18 Filter Configuration Prestige 645 ADSL Internet Access Router filters to the native IP address and port number before NAT SUA for outgoing packets and after NAT SUA for inco
88. do not have source route Destination IP Enter the destination IP Address of the packet you wish to 0 0 0 0 Addr filter This field is a don t care if it is 0 0 0 0 Destination IP Enter the IP subnet mask to apply to the Destination IP 255 255 255 1 Mask Addr Destination Port Enter the destination port of the packets that you wish to 1378 filter The range of this field is 0 to 65535 This field is a don t care if it is O Destination Port Select the comparison either None Less Greater Equal Greater 8 10 Filter Configuration Prestige 645 ADSL Internet Access Router FIELD DESCRIPTION EXAMPLE Source IP Addr Enter the source IP Address of the packet you wish to 0 0 0 0 filter This field is a don t care if it is 0 0 0 0 Source IP Mask Enter the IP subnet mask to apply to the Source IP Addr Source Port Enter the source port of the packets that you wish to filter 0 The range of this field is 0 to 65535 This field is a don t care if itis 0 Source Port Select the comparison to apply to the source port in the None Comp packet against the value given in Source Port Choose from None Less Greater Equal and Not Equal TCP Estab This field is applicable only when IP Protocol field is 6 No TCP If Yes the rule matches only established TCP connections otherwise the rule matches all TCP packets More If Yes a matching packet is passed to the next filter rule No before
89. e noted that these fields are READ ONLY and are meant to be used for diagnostic purposes Please note that displaying this screen degrades system performance System Maintenance 10 1 Prestige 645 ADSL Internet Access Router Menu 24 1 System Maintenance Status Node Lnk Status TxPkts RxPkts Errors Tx B s Rx B s Up Time 1 1483 Up 1462 1567 0 222 211 22 15236 2 N A 0 0 0 0 0 0 00 00 3 N A 0 0 0 0 0 0 00 00 4 N A 0 0 0 0 0 0 00 00 5 N A 0 0 0 0 0 0 00 00 6 N A 0 0 0 0 0 0 00 00 Ji N A 0 0 0 0 0 0 00 00 8 N A 0 0 0 0 0 0 00 00 Ethernet WAN Status 10M Full Duplex Tx Pkts 1583 Line Status Up Collisions 0 Rx Pkts 1521 Upstream Speed 608 kbps Downstream Speed 4000 kbps CPU Load 4 25 Press Command COMMANDS 1 Reset Counters ESC Exit Figure 10 2 Menu 24 1 System Maintenance Status The following table describes the fields present in Menu 24 1 System Maintenance Status Table 10 1 System Maintenance Status Menu Fields FIELD DESCRIPTION Node Lnk This is the remote node index number and link type Link types are PPP ENET 1483 and PPPoE Status Shows the status of the remote node TxPkts The number of packets transmitted to this remote node RxPkts The number of packets received from this remote node Errors The number of error packets on this connection Tx B s Shows the transmission rate in bytes per second Rx B s Shows the receiving rate in bytes per second
90. e open and the IP address of your system Then type root and SMT password as requested Type put firmwarefilename ras where firmwarefilename is the name of your firmware upgrade file on your workstation and ras is the remote file name on the system The system reboots automatically after a successful firmware upload For details on FTP commands please consult the documentation of your FTP client program For details on uploading system firmware using TFTP note that you must remain on this menu to upload system firmware using TFTP please see your manual Press ENTER to Exit Figure 11 6 Menu 24 7 1 Upload System Firmware 11 4 2 Configuration File Upload You see the following screen when you telnet into menu 24 7 2 Configuration and Firmware File Maintenance 11 7 Prestige 645 ADSL Internet Access Router Menu 24 7 2 System Maintenance Upload System Configuration File To upload the system configuration file follow the procedure below Launch the FTP client on your workstation Type open and the IP address of your system Then type root and SMT password as requested Type put configurationfilename rom 0 where configurationfilename is the name of your system configuration file on your workstation which will be transferred to the rom 0 file on the system The system reboots automatically after the upload system configuration file process is complete For details on FTP commands
91. e User Account Yes Metric 2 Type IP Private No Policy sets RIP Direction None Bridge Opti t here Version RIP 1 Di Broadcast N A Multicast None IP Policies 2 4 7 9 Ethernet Addr Timeout min 0 Enter here to CONFIRM or ESC to CANCEL Figure 12 5 Menu 11 3 Remote Node Network Layer Options 12 6 IP Policy Routing Prestige 645 ADSL Internet Access Router 12 6 IP Policy Routing Example If a network has both Internet and remote node connections you can route Web packets to the Internet using one policy and route FTP packets to a remote network using another policy See the next figure PRESTIGE 192 168 1 1 LAN Remote Network WAN Router 192 168 1 100 ten Default IP Route Configured IP Route Figure 12 6 Example of IP Policy Routing To force Web packets coming from clients with IP addresses of 192 168 1 33 to 192 168 1 64 to be routed to the Internet via the WAN port of the P645R follow the steps as shown next Step 1 Create a routing policy set in menu 25 IP Policy Routing 12 7 Prestige 645 ADSL Internet Access Router Step 2 Create a rule for this set in Menu 25 1 1 IP Routing Policy as shown next Menu 25 1 1 IP Routing Policy Policy Set Name setl Active Yes Criteria IP Protocol 6 Type of Service Don t Care Precedence Don t Care ource addr start 192 168 1 33 art Destination addr start 0 0 0 0
92. e configurable via the SMT System Management Terminal interface About This User s Guide This user s guide covers all aspects of the Prestige 645R s operations and shows you how to get the best out of the multiple advanced features of your ADSL Internet Access Router using the SMT It is designed to guide you through the correct configuration of your Prestige 645R for various applications Syntax Conventions e Enter means for you to type one or more characters and press the carriage return Select or Choose means for you to select one from the predefined choices e Full SMT menu titles and labels are in Bold Times font The choices of a menu item are in Bold Arial font A single keystroke is in Arial font and enclosed in square brackets for instance ENTER means the Enter or carriage return key ESC means the Escape key e For brevity s sake we will use e g as a shorthand for for instance and i e as a shorthand for that is or in other words throughout this manual xviii List of Tables P645 ADSL Internet Access Router What Is ADSL About ADSL Asymmetric Digital Subscriber Line ADSL technology provides high speed data access across regular phone lines copper wires by making use of previously unused frequency bandwidth above the voice band By placing the ADSL signal above the frequency of voice signals ADSL service is able to coexist on the same line with your telephone service
93. e criteria includes the source address and port IP protocol ICMP UDP TCP etc destination address and port TOS and precedence fields in the IP header and length The inclusion of length criterion is to differentiate between interactive and bulk traffic Interactive applications telnet for example tend to have short packets while bulk traffic file transfer for example tends to have large packets The actions that can be taken include e routing the packet to a different gateway and hence the outgoing interface e setting the TOS and precedence fields in the IP header IP Policy Routing 12 1 Prestige 645 ADSL Internet Access Router IPPR follows the existing packet filtering facility of RAS in style and in implementation The policies are divided into sets where related policies are grouped together A user defines the policies before applying them to an interface or a remote node in the same fashion as the filters There are 12 policy sets with six policies in each set 12 4 IP Routing Policy Setup Menu 25 shows all the policies defined Menu 25 IP Routing Policy Setup Policy Policy Enter Policy Set Number to Configure 0 Edit Name N A Press ENTER to Confirm or ESC to Cancel Figure 12 1 IP Routing Policy Setup To setup a routing policy perform the following procedures Step 1 Type 25 in the main menu to open Menu 25 IP Routing Policy Setup Step 2 Type the index of the policy set you want
94. e eaae tas etas etas en aetas sea 2 3 2 5 Telephone Microfilters ecce cree eee eene eene enne enata seta setas tto stesse esses eene eas tasto setas eaae ete sss 2 4 Turning On Your Prestige 4 eres ee esee ee etes eene eene enne tn aetas etas tta setas oiorsie ossee soperas osses oorsese iosas 2 5 2 7 Navigating the SMT Interface eee esee eese seen ense teneas tas tn senses snae ta suse ta sens tn ses en seas 2 6 2 7 1 SMT Men Overview uester pectet C e Ee EpL egeo inse re hase ee epe edv eme ud 2 7 2 7 2 System Management Terminal Interface Summary eee 2 8 2 8 Changing the System Password eerie eee e ee esee esee eese ee sete sesto sata setas etas e toss tas staat tasto seo 2 9 y MEE CST eN Isi sissies rsss aeoo esi sS oro inson oS s issie eooo sS 2 9 2 10 Ethernet Setup css siccsecscdsccsecesssisdaciesacdsssessnacctobecssuascanasssasasdendendencedcsenssosanheacscssasdasheaseasacdsessessonne 2 10 2 10 1 General Ethernet Setup sci aiaa UE RP eden 2 11 2 11 Protocol Dependent Ethernet Setup eere eee e eee eee eee eese entes ta sensa stata sees sn senses snae 2 11 Chapter 3 Internet ACCOSS so ee deserere tin oa VD On ex Due phi n tosken e Y RERO e 3 1 3 1 Factory Ethernet Defaults 4 eee eese sees eee seen sete seins taste setas teste ese toss tone toss tasse a sea 3 1 3 2 TCP IP Parameters cissesssesscsessassssivse
95. ed whether or not Forced On there is a demand call on the line and will persist for the time period specified in the Duration field Forced Down means that the connection is blocked whether or not there is a demand call on the line Enable Dial On Demand means that this schedule permits a demand call on the line Disable Dial On Demand means that this schedule prevents a demand call on the line 13 4 Applying Schedule Sets to Remote Nodes Once your schedule sets are configured you must apply them to the desired remote node s Enter menu 11 from the main menu and enter a node number to edit In menu 11 1 press the SPACE BAR to select PPPoE in the Encapsulation field You can apply up to four schedule sets separated by commas for one remote node Enter the schedule set numbers in the Schedule Sets field In the following example schedule sets 2 5 7 and 9 are applied Call Scheduling 13 3 Prestige 645 ADSL Internet Access Router Menu 11 1 Remote Node Profile Rem Node Name ChangeMe Route IP Active Yes Bridge No Encapsulation PPPoE Edit PPP Options No Multiplexing VC based Rem IP Addr 0 0 0 0 Incoming Edit IP IPX Bridge No Rem Login Rem Password x Session Options Outgoing Edit Filter Sets No My Login oscar PPPoE Idle Timeout sec N A My Password PPPO e ice Name N A Authen CHAP PAP Schedule Sets 2 5 7 9 Press ENTER to CONFIRM or ESC to CANCEL Figure 1
96. ee eee eee eese esee eene enata seta ano 11 6 lL4l Firmware Upload scn eiet etae eee EUR eye SE Rte 11 7 11 4 2 Configuration File Upload esses eene enne nnne nennen en nnen tenen a 11 7 11 4 3 Using the FTP command from the DOS Prompt Example eee 11 8 11 44 TETP Fie Upload ete e eet eee efe pr ende 11 9 114 5 Example TRIP Conimand iicet oeni ed eem nee een 11 10 Chapter 12 IP Policy ROUN iiia eecae e tee e ine e kV et Yea o eA YO Fa ge RE DEU VR EUER eX ERREUR 12 1 12 1 rii est eror 12 1 LAM IIT Ii M 12 1 12 3 Routing Polity o n 12 1 12 4 IP Routing Policy Setup cccssscccsccssscssscscscscssscsscssscssscssseneessecsscsseesssssesssesssscsssssssssesees 12 2 12 5 Applying an IP Policy ccccssccscsscscccscsscccsescscssscssscsssscssscsessseesscesscssecssesssessscssssssssesssesesees 12 5 PST Ethernet IP Policies eene taber alee C e OUO 12 5 12 6 IP Policy Routing Example 4 esee esee esee ee ette ene eo setas etas ta setas eta sets ta seta seta setate sns eo ase 12 7 X Table of Contents P645 ADSL Internet Access Router Chapter 13 Call Scheduling ccsscsscsssiiascssssscceussiecasssvavacsasssissnsnsvenvsdvavasssdvbesonevesenseonsbenesen 13 1 13 1 octo er 13 1 13 2 VILDIINTAI Mc oon 13 1 13 3 Schedule Set Im
97. eet um eb dedere 4 5 Chapter 5 Remote Node TCP IP Configuration ecce eee eee ee ee eene en nennen 5 1 5 1 LAN to LAN Application e esee ee eene ene n etna etas tasto seta attese tests esatto sess sepas ease ease taa eea 5 1 5 1 1 Editing TCP IP Options 5 eoe tek tede e eue e e dede 5 1 5 1 2 t tic Route Setup ss eese eedem n on ie e Here denies 5 7 Chapter 6 IPX Configuration iiuseses esa ctsseeeuseseessceeeekYeckes ev ek eq kae Yt Y eee e EVERY SERMO eU 6 1 6 1 IPX Network Environment eese esee eee estne netta etnia sins tn tasa tata siae to tasse seta sine to tn sensn tn sn 6 1 6 1 1 Network and Node Number eerte ri a erare ee eph e PER SER EE Ere er RE Ere peg UAR 6 1 6 1 2 Frame Types retener et ee DU Rr Qe tt e He iere rre ees 6 1 viii Table of Contents P645 ADSL Internet Access Router 6 1 3 External Network NUMDbET cccccccsssecessececeessececsesseeecssaaececsceeceesueeecseaaececeseeeneseeeenaas 6 1 6 1 4 Internal Network Numbet cccccccessseceessececseseececseceecseaeeecseeeececeeeecsesaeeesseseeeessneeeeneaaees 6 2 6 2 Prestige in an IPX Environment scssccsssscssscscsscssssssssssecsssssessssssssessssssesssssessessessessssoes 6 2 6 2 1 Prestige 645R on LAN With SEVEL eiior ne eter erreur PER edere PEE eee UNS 6 3 6 2 2 Prestige 645R on LAN without Server eene eene mener 6 3 6 3 IPX Ethernet dn M 6
98. enu 4 Menu 11 Menu 12 Menu 12 1 Menu 15 Menu 21 General Setup Ethemet Setup Intemet Access Setup Remote Node Setup Static Route Setup IP Static Route Setup SUA Server Setup Filter Set Configuration Menu 3 1 Menu 11 1 Menu 12 2 Menu 12 11 Menu 21x1 Menu 21x General Ethernet Setup Remote Node Profile IPX Static Route Setup Edit IP Static Route TCP IP Filter Rule Filter Rules Summary Menu 12 2 Edit IPX Static Route Menu 321 Menu 32 Menu 113 Menu 112 Menu 12 3 Menu 21 1 Menu 21 x1 IP Alias Setup TCP IP and DHCP Remote Node Network Remote Node PPP Britge Static Route Setup IPX Filter Rule Generic Filter Rule Ethemet Setup Layer Options Options Menu 12 3 1 Edit Bridge Static Route Menu 33 Menu 115 Novell IPX Ethernet Remote Node Fitter Setup Menu 26 Menu 25 Menu 24 Menu 23 Menu 22 Menu 3 4 Schedule Setup IP Routing Policy Setup System Maintenance System Password SNMP Configuration Bridge Bhemet Setup Menu 26 x Menu 25 1 Menu 241 Schedule Set Setup IP Routing Policy Setup System Maintenance Menu 251 1 IP Routing Policy Menu 24 2 1 Menu 24 2 2 System Maintenance System Maintenance 2410 Information Change Console Port Time and Date Speed Setting 248 Menu 24 3 1 Menu 24 3 2 Command Interpreter i System Maintenance System Maintenance Mode Log and Trace View Error Log UNIX Syslog Menu 24 7 2 Menu 24 7 1 Menu 24 7 System Maintenance System Maintenance System Maintenance System
99. er 0 0 0 0 Secondary DNS Server 0 0 0 0 Remote DHCP Server N A Size of the IP Pool TCP IP Setup IP Address 192 68 1 1 IP Subnet Mask 255 255 255 0 RIP Direction Both Version RIP 1 Multicast None IP Policies 1 2 7 8 Edit IP Alias No Enter here to CONFIRM or ESC to CANCEL If set to 0 0 0 0 the Prestige acts as a proxy DNS Server Figure 3 4 Menu 3 2 TCP IP and DHCP Ethernet Setup Internet Access 3 5 Prestige P645 ADSL Internet Access Router Follow the instructions in the following table on how to configure the DHCP fields Table 3 1 DHCP Ethernet Setup Menu Fields FIELD DESCRIPTION EXAMPLE DHCP Setup DHCP If it is set to Server your Prestige can assign IP addresses an Server IP default gateway and DNS servers to Windows 98 Windows default 2000 and other systems that support the DHCP client If set to None the DHCP server will be disabled If set to Relay the Prestige acts as a surrogate DHCP server and relays DHCP requests and responses between the remote server and the clients Enter the IP address of the actual remote DHCP server in the Remote DHCP Server in this case When DHCP is used the following items need to be set Client IP Pool Starting This field specifies the first of the contiguous addresses in the 192 168 1 33 Address IP address pool Size of Client IP Pool This field specifies the size or count of the IP address pool 32 Primary DNS Server Ente
100. er 1 6 to Configure Figure 8 8 FTP _WAN Filter Rules Summary 8 6 Filter Configuration Prestige 645 ADSL Internet Access Router In filter rule 6 FTP_TELNET_WEB the WEB means that HTTP and TFTP traffic are blocked Menu 21 6 Filter Rules Summary Filter Rules 1 2 3 4 3 6 Enter Filter Rule Number 1 6 to Configure 1 Figure 8 9 FTP_TELNET_WEB Filter Rules Summary 8 2 1 Filter Rules Summary Menu This screen shows a summary of the existing rules in an example filter set The following tables contain a brief description of the abbreviations used in menu 21 1 Table 8 1 Abbreviations Used in the Filter Rules Summary Menu ABBREVIATIONS DESCRIPTION DISPLAY Refers to the filter rule number 1 6 A Shows whether the rule is active or Y means the filter rule is active bos N means the filter rule is inactive Type Refers to the type of filter rule GEN Generic IP TCP IP Filter Rules The filter rule parameters will be displayed here see below M Refers to More More in a set Y means there are more rules to check behaves like a logical AND i e the set is only matched if ALL rules in it are matched N means there are no more rules to check Y means an action can not yet be taken as there are more rules to Filter Configuration 8 7 Prestige 645 ADSL Internet Access Router ABBREVIATIONS DESCRIPTION DISPLAY chec
101. es for Management of IP Address Space 3 2 3 RIP Setup RIP Routing Information Protocol allows a router to exchange routing information with other routers The RIP Direction field controls the sending and receiving of RIP packets When set to both the Prestige will broadcast its routing table periodically and incorporate the RIP information that it receives when set to none it will not send any RIP packets and will ignore any RIP packets received The Version field controls the format and the broadcasting method of the RIP packets that the Prestige sends it recognizes both formats when receiving RIP 1 is universally supported but RIP 2 carries more information RIP 1 is probably adequate for most networks unless you have an unusual network topology Both RIP 2B and RIP 2M send the routing data in RIP 2 format the difference being that RIP 2B uses subnet broadcasting while RIP 2M uses multicasting Multicasting can reduce the load on non router machines since they generally do not listen to the RIP multicast address and so will not receive the RIP packets However if one router uses multicasting then all routers on your network must use multicasting also 3 2 Internet Access Prestige 645 ADSL Internet Access Router By default RIP direction is set to Both and the Version set to RIP 1 3 2 4 IP Multicast Traditionally IP packets are transmitted in one of either two ways Unicast one sender one recipient or Broad
102. ession Turn on off Stac Compression The default for this Off field is Off Default Once you have completed filling in Menu 11 2 Remote Node PPP Options press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC at any time to cancel 4 1 5 Remote Node Filter Use Menu 11 5 Remote Node Filter to specify the filter set s to apply to the incoming and outgoing traffic between this remote node and the Prestige You can specify up to four filter sets separated by commas e g 1 5 9 12 in each filter field The Prestige comes with default filter number 6 applied This filter blocks FTP Telnet TFTP and HTTP from coming in from the WAN Remote Node Configuration 4 5 Prestige P645 ADSL Internet Access Router Note that spaces are accepted in this field For more information on defining the filters see the section on Filter Configuration Menu 11 5 Remote Node Filter Input Filter Sets protocol filters 6 device filters Output Filter Sets protocol filters device filters Enter here to CONFIRM or ESC to CANCEL Figure 4 4 Menu 11 5 Remote Node Filter 4 6 Remote Node Configuration Prestige P645 ADSL Internet Access Router Chapter 5 Remote Node TCP IP Configuration This chapter shows you how to configure the TCP IP parameters of a remote node A typical LAN to LAN application is to use your Prestige to connect a branch office to the
103. et against that specified above Choose from Equal Not Equal Less Greater or None Operation This field is applicable only if one of the Socket fields is 0452 or 0453 indicating SAP and RIP packets There are seven options for this field that specify the type of the packet None RIP Request RIP Response SAP Request SAP Response SAP Get Nearest Server Request SAP Get Nearest Server Response Once you have completed filling in Menu 21 1 1 IPX Filter Rule press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC to cancel This data will now be displayed on Menu 21 1 Filter Rules Summary 8 4 Example Filter Let s look ata TELNET_WAN filter that block s outside users from telnetting into the Prestige Please see the supporting CD that came with your Prestige for more example filters This filter is designed Step 1 Enter 21 from the main menu to open Menu 21 Filter Set Configuration Step 2 Enter the index of the filter set you wish to configure for example 3 and press ENTER Step 3 Enter a descriptive name or comment in the Edit Comments field in this case TELNET_WAN and press ENTER Step 4 Press ENTER at the message Press ENTER to confirm to open Menu 21 3 Filter Rules Summary 8 16 Filter Configuration Prestige 645 ADSL Internet Access Router Step 5 nter 1 to configure the first filter rule the only filter rule of this set Make
104. etting of No Press the SPACE BAR to change No to Yes then press ENTER to go to a hidden menu Move the cursor ENTER or Up Down arrow keys Within a menu press ENTER to move to the next field You can also use the Up Down arrow keys to move to the previous and the next field respectively Enter information Fill in or Press the SPACE BAR to select You need to fill in two types of fields The first requires you to type in the appropriate information The second allows you to cycle through the available choices by pressing the SPACE BAR Required fields 225 All fields with the symbol lt gt must be filled in order be able to save the new configuration N A fields N A Some of the fields in the SMT will show a N A This symbol refers to an option that is Not Applicable ENTER Save your configuration by pressing ENTER at the message Save your Press ENTER to confirm or ESC to cancel Saving the data on configuration the screen will take you in most cases to the previous menu Exit the SMT Type 989 then press ENTER Type 99 at the main menu prompt and press ENTER to exit the SMT interface 2 6 Hardware Installation amp Setup Prestige 645 ADSL Internet Access Router 2 7 1 SMT Menu Overview The following figure shows the titles and layout of the various SMT menu screens of your Prestige Prestige Main Menu Menu 1 Menu 3 M
105. f the triggering packet is sent to the UNIX syslog server when this field is set to Yes Filter log No filters are logged when this field is set to No Filters with the individual filter Log Filter field set to Yes are logged when this field is set to Yes PPP log PPP events are logged when this field is set to Yes 10 6 System Maintenance Prestige 645 ADSL Internet Access Router Your Prestige sends four types of syslog messages Some examples of these syslog messages with their message formats are shown next 1 CDR CDR Message Format SdcmdSyslogSend SYSLOG_CDR SYSLOG_INFO String String board xx line xx channel xx call xx str board the hardware board ID line the WAN ID in a board Channel channel ID within the WAN call the call reference number which starts from 1 and increments by 1 for each new call str C01 Outgoing Call dev xx ch xx dev device No ch channel No L02 Tunnel Connected L2TP C02 OutCall Connected xxxx means connected speed xxxxx means Remote Call Number L02 Call Terminated C02 Call Terminated Jul 19 11 19 27 192 168 102 2 ZyXEL Communications Corp board 0 line 0 channel 0 call 1 C01 Outgoing Call dev 2 ch 0 40002 Jul 19 11 19 32 192 168 102 2 ZyXEL Communications Corp board 0 line 0 channel 0 call 1 C02 OutCall Connected 64000 40002 Jul 19 11 20 06 192 168 102 2 ZyXEL Communications Corp board 0 line 0 channel 0 call 1 C02 Call Terminated 2 Packet tr
106. for configuring your Prestige for Single User Account are identical to the conventional Internet access with the exception that you need to fill in two extra fields in Menu 4 Internet Access Setup as shown below Menu 4 Internet Access Setup ISP s Name 1 SUA Encapsulation ENET ENCAP Multiplexing LLC based VPI 10 VCI 10 Service Name N A My Login N A My Password N A ingle User Account Yes IP Address Assignment Static IP Address 192 168 1 100 ENET EN y 168 1 1 Press ENTER to Confirm or ESC to Cancel Figure 3 9 Menu 4 Internet Access Setup for Single User Account To enable the SUA feature in menu 4 move the cursor to the Single User Account field and select Yes or No to disable SUA Then follow the instructions on how to configure the SUA fields Table 3 6 Single User Account Menu Fields FIELD DESCRIPTION Single User Account Use the SPACE BAR to select Yes to enable SUA or No to disable it IP Address Assignment Use the SPACE BAR to select Static or Dynamic IP Address With Dynamic in the IP Address Assignment field this field will be N A otherwise enter the static IP address here Press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC at any time to cancel 3 16 Internet Access Prestige 645 ADSL Internet Access Router 3 12 Multiple Servers behind SUA If you wish you can ma
107. g which means that the line is a direct connection into the carrier s frame relay ATM Asynchronous Transfer Mode or Internet connect system A Digital Subscriber Line Access Multiplexer DSLAM is a network device usually at a telephone company central office that receives signals from multiple customer Digital Subscriber Line connections and puts the signals on a high speed backbone line using multiplexing techniques Depending on the product DSLAM multiplexers connect DSL lines with some combination of asynchronous transfer mode ATM frame relay or IP Glossary Prestige 645 ADSL Internet Access Router DTE EMI Encapsula tion Ethernet FAQ FCC Flash memory Gateway Host IANA ICMP internet networks Originally the DTE data terminal equipment was a dumb terminal or printer but today it is a computer or a bridge or router that interconnects local area networks ElectroMagnetic Interference The interference by electromagnetic signals that can cause reduced data integrity and increased error rates on transmission channels A process of putting information into packets One layer encloses or encapsulates other layers of the packet for example TCP IP uses encapsulation A whole separate packet can even be encapsulated into another with a technique called IP tunneling A very common method of networking computers in a LAN There are a number of adaptations to the IEEE 802 3 Ethernet standa
108. g table to configure IP Alias parameters Table 3 3 IP Alias Setup Menu Fields FIELD DESCRIPTION EXAMPLE IP Alias Choose Yes to configure the LAN network for the Prestige Yes IP Address Enter the IP address of your Prestige in dotted decimal notation 192 168 2 1 IP Subnet Mask Your Prestige will automatically calculate the subnet mask based on 255 255 255 0 the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the Prestige RIP Direction Press the SPACE BAR to select the RIP direction Options are None Both In Only Out Only or None default Version Press the SPACE BAR to select the RIP version Options are RIP RIP 1 1 RIP 2B or RIP 2M default Incoming Enter the filter set s you wish to apply to the incoming traffic N A Protocol Filters between this node and the Prestige Outgoing Enter the filter set s you wish to apply to the outgoing traffic between N A Protocol Filters this node and the Prestige When you have completed this menu press ENTER at the prompt Press ENTER to Confirm to save your configuration or press ESC at any time to cancel 3 8 Internet Access Prestige 645 ADSL Internet Access Router 3 5 LANs amp WANs A LAN Local Area Network is a computer network limited to the immediate area usually the same building or floor of a building A WAN Wide Area Network on the other hand is an outsi
109. ge supports the up downloading of the firmware and the configuration file using TFTP Trivial File Transfer Protocol over LAN Although TFTP should work over WAN as well it is not recommended To use TFTP your computer must have both telnet and TFTP clients To backup the configuration file follow the procedure shown next Step 1 Use telnet from your computer to connect to the Prestige and log in Because TFTP does not have any security checks the Prestige records the IP address of the telnet client and accepts TFTP requests only from this address Step 2 Put the SMT in command interpreter CI mode by entering 8 in Menu 24 System Maintenance Step 3 Enter command sys stdio 0 to disable the SMT timeout so the TFTP transfer will not be interrupted Enter command sys stdio 5 to restore the five minute SMT timeout default when the file transfer is complete Step 4 Launch the TFTP client on your computer and connect to the Prestige Set the transfer mode to binary before starting data transfer 11 4 Configuration and Firmware File Maintenance Prestige 645 ADSL Internet Access Router Step 5 Use the TFTP client see the example below to transfer files between the Prestige and the computer The file name for the configuration file is rom 0 rom zero not capital o Note that the telnet connection must be active and the SMT in CI mode before and during the TFTP transfer For details on TFTP commands see following e
110. ges 10 3 2 Syslog The Prestige uses the UNIX syslog facility to log the CDR Call Detail Record and system messages to a syslog server Syslog can be configured in Menu 24 3 2 System Maintenance Unix Syslog as shown next System Maintenance 10 5 Prestige 645 ADSL Internet Access Router Menu 24 3 2 System Maintenance UNIX Syslog UNIX Syslog Active No Syslog IP Address Log Facility Local 1 Types CDR No Packet triggered No Filter log No PPP log No Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 10 6 Menu 24 3 2 System Maintenance Syslog and Accounting You need to configure the UNIX syslog parameters described in the following table to activate syslog then choose what you want to log Table 10 3 System Maintenance Menu Syslog Parameters PARAMETER DESCRIPTION UNIX Syslog Active Syslog IP Address Use the SPACE BAR to turn on or off syslog Enter the IP Address of the server that will log the CDR Call Detail Record and system messages i e the syslog server Log Facility Use the SPACE BAR to select from the 7 different Local options The log facility allows you to log the message in different files in the server Please refer to your UNIX manual for more details Types CDR Call Detail Record CDR logs all data phone line activity if set to Yes Packet triggered The first 48 bytes or octets and protocol type o
111. he subnet mask of the Prestige DHCP This field shows the DHCP setting None Relay or Server of the Prestige 10 4 System Maintenance Prestige 645 ADSL Internet Access Router 10 3 Log and Trace There are two logging facilities in the Prestige The first is the error logs and trace records that are stored locally The second is the UNIX syslog facility for message logging 10 3 1 Viewing Error Log The first place you should look for clues when something goes wrong is the error log Follow the procedure below to view the local error trace log Step 1 Enter 24 from the main menu to open Menu 24 System Maintenance Step 2 From menu 24 enter 3 to open Menu 24 3 System Maintenance Log and Trace Step 3 Enter in Menu 24 3 System Maintenance Log and Trace to display the error log in the system After the Prestige finishes displaying the error log you will have the option to clear it Examples of typical error and information messages are presented in the following figure 58 Sat Jan 1 00 00 01 2000 PPOa INFO LAN promiscuous mode 0 59 Sat Jan 1 00 00 01 2000 PINI WARN SNMP TRAP 0 cold start 60 Sat Jan 1 00 00 01 2000 PINI INFO main init completed 61 Sat Jan 1 00 00 06 2000 PPOf INFO adjtime task pause 1 day 62 Sat Jan 1 00 00 11 2000 PINI INFO SMT Session Begin 63 Sat Jan 1 00 00 22 2000 PPO6 WARN MPOA Link Down Clear Error Log y n Figure 10 5 Examples of Error and Information Messa
112. ige 645R Rear Panel Connections 2 2 Figure 2 3 Connecting a POTS Splitter 2 4 Figure 2 4 Connecting the Microfilter 2 5 Figure 2 5 Login Screen 2 5 Figure 2 6 SMT Menu Overview 2 7 Figure 2 7 SMT Main Menu 2 8 Figure 2 8 Menu 23 1 System Password 2 9 Figure 2 9 Menu 1 General Setup 2 10 Figure 2 10 Menu 3 Ethernet Setup 2 11 Figure 2 11 Menu 3 1 General Ethernet Setup 2 11 3 3 Figure 3 1 Physical Network 3 3 Figure 3 2 Partitioned Logical Networks Figure 3 3 Menu 1 General Setup 3 5 Figure 3 4 Menu 3 2 TCP IP and DHCP Ethernet Setup 3 5 Figure 3 5 Menu 3 2 1 IP Alias Setup 3 8 Figure 3 6 LAN amp WAN IPs 3 9 Figure 3 7 Internet Access Setup 3 13 Figure 3 8 Single User Account Topology 3 15 Figure 3 9 Menu 4 Internet Access Setup for Single User Account Figure 3 10 Multiple Server Configuration 3 16 3 18 Figure 4 1 Menu 11 Remote Node Setup 4 1 Figure 4 2 Menu 11 1 Remote Node Profile 4 2 4 5 Figure 4 3 Menu 11 2 Remote Node PPP Options Xii List of Figures P645 ADSL Internet Access Router Figure 4 4 Menu 11 5 Remote Node Filter 4 6 Figure 5 1 TCP IP LAN to LAN Application 5 1 Figure 5 2 Menu 11 3 for VC based multiplexing with RFC 1483 and ENET
113. iggered Packet triggered Message Format sdcmdSyslogSend SYSLOG PKTTRI SYSLOG NOTICE String String Packet trigger Protocol xx Data XxxxXXXXXxXx X Protocol 1 IP 2 IPX 3 IPXHC 4 BPDU 5 ATALK 6 IPNG Data We will send forty eight Hex characters to the server Jul 19 11 28 39 192 168 102 2 ZyXEL Communications Corp Packet Trigger Protocol 1 Data 4500003c100100001f 010004c0a86614ca849a7508004a5c020001006162636465666768696a6b6c6d6e6 7071727374 Jul 19 11 28 56 192 168 102 2 ZyXEL Communications Corp Packet Trigger Protocol 1 Data 4500002c1b0140001 06b50ec0a86614ca849a7b0427001700195b3e00000000600220008cd4000002040 5b4 Jul 19 11 29 06 192 168 102 2 ZyXEL Communications Corp Packet Trigger Protocol 1 Data 45000028240140001 06ac12c0a86614ca849a7b0427001700195b451d1430135004000077600000 System Maintenance 10 7 Prestige 645 ADSL Internet Access Router 3 Filter log Filter log Message Format SdcmdSyslogSend SYSLOG FILLOG SYSLOG_NOTICE String String IP Src xx xx xx xx Dst2xx xx xx xx prot spo2xxxx dpo2xxxx S04 gt R01mD IP is the packet header and S04 R01mD means filter set 4 S and rule 1 R match m drop D Src Source Address Dst Destination Address prot Protocol TCP UDP ICMP spo Source port dpo Destination port Jul 19 14 43 55 192 168 102 2 ZyXEL Communications Corp IP Src 202 132 154 123 Dst 255 255 255 255 UDP spo 0208 dpo 0208
114. iguring SNMP To configure SNMP select SNMP Configuration enter 22 from the main menu to open Menu 22 SNMP Configuration as shown in the figure below The community for Get Set and Trap fields is simply SNMP s terminology for password 9 2 SNMP Configuration Prestige 645 ADSL Internet Access Router Menu 22 SNMP Configuration SNMP Get Community public Set Community public Trusted Host 0 0 0 0 Trap Community public Destination 0 0 0 0 Press ENTER to Confirm or ESC to Cancel Figure 9 2 Menu 22 SNMP Configuration The following table describes the SNMP configuration parameters Table 9 1 SNMP Configuration Menu Fields FIELD DESCRIPTION DEFAULT Get Enter the get community which is the password for the incoming public Community Get and GetNext requests from the management station default Set Enter the set community which is the password for incoming Set public Community requests from the management station default Trusted Host If you enter a trusted host your Prestige will only respond to 0 0 0 0 SNMP messages from this address If you leave the field set to default 0 0 0 0 default your Prestige will respond to all SNMP messages it receives regardless of source Trap Enter the trap community which is the password sent with each public Community trap to the SNMP manager default Trap Enter the IP address of the station to send your SNMP traps to 0 0
115. inks when data is being sent received DSL The ADSL LED is on when the Prestige is connected successfully to a DSLAM The LED blinks during ADSL line initialization The LED is off when the link is down ACT The ACT LED blinks during data transfer via the ADSL line The LED is off when no data is being transferred on the ADSL line Hardware Installation amp Setup 2 1 Prestige P645 ADSL Internet Access Router 2 2 Prestige 645R Rear Panel and Connections The following figure shows the rear panel connectors of your Prestige POWER f LAN 10 100M Power xDSL Figure 2 2 Prestige 645R Rear Panel Connections 2 2 1 Using the Reset Button The reset button restores the default IP address of 192 168 1 1 and subnet mask of 255 255 255 0 as well as the default SMT password of 1234 The DHCP server will also be reset to server mode with a pool of 32 IP addressed starting at 192 168 1 33 In order to prevent accidental use of the reset button it only works as follows To use the reset button turn off the Prestige and insert a small pointed object like a pen into the reset hole to push the reset button Next turn on your Prestige and keep the reset button pressed for one minute 2 2 2 Making the Connections Step 1 Connecting the ADSL line Connect the RJ 11 DSL port on the Prestige to the POTS splitter using the included ADSL cable teleph
116. ion 2 Enteran index number in menu 15 to go to Menu 15 1 SUA Server Configuration 3 Enter the service port number in the Port field and the inside IP address of the server in the IP Address field 4 Press ENTER at the Press ENTER to confirm prompt to save your configuration after you define all the servers or press ESC at any time to cancel Internet Access 3 17 Prestige P645 ADSL Internet Access Router Menu 15 Multiple Server Configuration Port IP Address Default 2d 23 25 80 0 0 0 1 2 3 4 5 6 hs 8 Press ENTER to Confirm or ESC to Cancel Figure 3 10 Multiple Server Configuration The most often used port numbers are Table 3 7 Services vs Port number SERVICES PORT NUMBER FTP File Transfer Protocol 21 Telnet 23 SMTP Simple Mail Transfer Protocol 25 DNS Domain Name System 53 HTTP Hyper Text Transfer protocol or WWW Web 80 PPTP Point to Point Tunneling Protocol 1723 3 18 Internet Access Advanced Applications Part II Advanced Applications This part describes Remote Node Configuration Remote Node TCP IP Configuration IPX Configuration and Bridging Setup Prestige P645 ADSL Internet Access Router Chapter 4 Remote Node Configuration This chapter is about parameters that are protocol independent The protocol dependent configuration will be covered in subsequent chapters
117. is menu to specify inside servers when SUA is enabled 21 Filter Set Configuration Use this menu to set up filters to provide security etc 22 SNMP Configuration Use this menu to set up SNMP related parameters 23 System Password Use this menu to change your password 24 System Maintenance This menu provides diagnostic file transfer time setting and other tools for maintaining your Prestige 25 IP Routing Policy Setup Use this menu to configure routing policies 2 8 Hardware Installation amp Setup Prestige 645 ADSL Internet Access Router MENU TITLE DESCRIPTION 26 Schedule Setup Use this menu to configure times for calls to remote nodes 99 Exit Use this to exit the SMT and return to a blank screen 2 8 Changing the System Password The first thing you should do is to change the default system password by following the steps below Step 1 Enter 23 in the main menu to open Menu 23 System Password as shown next When the Menu 23 System Password appears type your system password 1234 is the default when shipped and press ENTER Menu 23 System Password Old Password New Password Retype to confirm Enter here to CONFIRM or ESC to CANCEL Figure 2 8 Menu 23 1 System Password Step 2 Enter your new system password You can use up to 30 alphanumeric characters Do not use spaces but dashes and underscores are accepted Then press ENTER
118. k which are concatenated with the present rule to form a rule chain When the rule chain is complete an action can be taken N means you can now specify an action to be taken i e forward the packet drop the packet or check the next rule For the latter the next rule is independent of the rule just checked If More is Yes then Action Matched and Action Not Matched will be N A F means to forward the packet immediately and skip checking the remaining rules M Refers to Action Matched F means to forward the packet F means to forward the packet D means to drop the packet immediately and skip checking the remaining rules N means check the next rule N Refers to Action Not Matched F means to forward the packet D means to drop the packet N means check the next rule The protocol dependent filter rules abbreviations are listed as follows If the filter type is IP the abbreviations listed in the following table will be used Table 8 2 Abbreviations Used If Filter Type Is IP ABBREVIATION DESCRIPTION Pr Protocol SA Source Address SP Source Port number DA Destination Address DP Destination Port number 8 8 Filter Configuration Prestige 645 ADSL Internet Access Router 9 Abbreviations Used If Filter Type Is IPX Table 8 3 Abbreviations Used If Filter Type Is IPX ABBREVIATION DESCRIPTION PT IPX Packet Type SS S
119. ke inside servers for different services e g web or FTP visible to outside users even though SUA makes your whole inside network appear as a single machine to the outside world A service is identified by the port number e g web service is on port 80 and FTP on port 21 As an example if you have a web server at 192 168 1 2 and an FTP server 192 168 1 3 then you need to specify for port 80 web the server at IP address 192 168 1 2 and for port 21 FTP another at IP address 192 168 1 3 Please note that a server can support more than one service e g a server can provide both FTP and DNS service while another provides only web service Also since you need to specify the IP address of a server in the Prestige a server must have a fixed IP address and not be a DHCP client whose IP address potentially changes each time it is turned on In addition to the servers for specific services SUA supports a default server A service request that does not have a server explicitly designated for it is forwarded to the default server If the default server is not defined the service request is simply discarded To make a server visible to the outside world specify the port number of the service and the inside IP address of the server in Menu 15 Multiple Server Configuration 3 12 1 Configuring a Server behind SUA Follow the steps below to configure a server behind SUA 1 Enter 15 in the main menu to go to Menu 15 Multiple Server Configurat
120. kets are discarded Edit PPP Options Only available when using PPPoE or PPP To edit the PPP No options for this remote node move the cursor to this field use default the SPACE BAR to select Yes and press ENTER This will bring you to Menu 11 2 Remote Node PPP Options For more information on configuring PPP options see the section Editing PPP Options Rem IP Addr Enter the IP address of the remote gateway or leave this field 0 0 0 0 set to 0 0 0 0 for connecting to your ISP Edit IP IPX Bridge Press the SPACE BAR to select Yes and press ENTER to go No to Menu 11 3 Remote Node Network Layer Options menu Session Options Use the SPACE BAR to select Yes in this field and press No Edit Filter Set ENTER to open menu 11 5 to edit the filter sets See the default Ty oe Remote Node Filter section for more details PPPoE Idle This value specifies the number of idle seconds that elapse N A Timeout sec before the Prestige automatically disconnects the PPPoE session PPPoE Service Only available when PPPoE encapsulation is used Enter the N A Name name of your PPPoE service provider This is the same as Service Name in menu 4 Schedule Sets Only available when using PPPoE You can select up to four N A Once you have completed filling in Menu 11 1 Remote Node Profile press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC at any time to cancel 4 1 3 Outgoing Authentic
121. l use when it calls your Prestige The login name in this field combined with the Rem Node Password will be used to authenticate this node Enter the password used when this remote node calls your Prestige bucket Outgoing Outgoing Outgoing My Login My Password Authen Enter the login name for your Prestige when it calls this remote node Enter the password for your Prestige when it calls this remote node This field sets the authentication protocol used for outgoing calls Options for this field are CHAP PAP Your Prestige will accept either CHAP or PAP when requested by this remote node CHAP accept CHAP only PAP accept PAP only CHAP PAP Route This field determines the protocols that your Prestige will route Options are IP IPX IP PX and None although with ENET Remote Node Configuration 4 3 Prestige P645 ADSL Internet Access Router schedule sets here and configure them in menu 26 For more details please see the Call Scheduling chapter FIELD DESCRIPTION EXAMPLE ENCAP the only available protocol is IP Bridge Bridging is used for protocols that are not supported by the No Prestige e g SNA or are not turned on in the previous Route default field Select Yes to enable and No to disable When bridging is enabled your Prestige will forward any packet that it does not route to this remote node otherwise the pac
122. ming packets On the other hand the generic or device filters are applied to the raw packets that appear on the wire They are applied at the point when the Prestige is receiving and sending the packets i e the interface The interface can be an Ethernet or any other hardware port The following diagram illustrates this Figure 8 16 Protocol and Device Filter Sets 8 6 Applying a Filter and Factory Defaults This section shows you where to apply the filter s after you design it them Six sets of factory default filter rules have been configured in menu 21 to prevent NetBIOS traffic from triggering calls prevent incoming telnetting forward PPPoE packets and prevent incoming FTP and HTTP 8 6 1 Ethernet traffic You seldom need to filter Ethernet traffic however the filter sets may be useful to block certain packets reduce traffic and prevent security breaches Go to menu 3 1 shown below and enter the number s of the filter set s that you want to apply as appropriate You can choose up to four filter sets from twelve by entering their numbers separated by commas for example 2 4 7 9 The Prestige does not have any of the default filters applied to the Ethernet port when it is shipped Menu 3 1 General Ethernet Setup Input Filter Sets protocol filters device filters Output Filter Sets protocol filters device filters Press ENTER to Confirm or ESC to Cancel Figure 8 17 Filtering Ethernet traffic
123. mments field and press ENTER Step 4 Press ENTER at the message Press ENTER to confirm to open Menu 21 1 Filter Rules Summary Menu 21 1 Filter Rules Summary A Type Filter Rules Mmn 1 Y IP Pr 6 SA 0 0 0 0 DA 0 0 0 0 DP 137 NDN 2 Y IP Pr 6 SA 0 0 0 0 DA 0 0 0 0 DP 138 NDN 3 Y IP Pr 6 SA 0 0 0 0 DA 0 0 0 0 DP 139 NDN 4 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 137 NDN 5 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 138 NDN 6 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 139 NDF Enter Filter Rule Number 1 6 to Configure 1 Figure 8 4 NetBIOS WAN Filter Rules Summary 8 4 Filter Configuration Prestige 645 ADSL Internet Access Router Menu 21 2 Filter Rules Summary Filter Rules Pr 17 SA 0 0 0 0 SP 137 DA 0 0 0 0 DP 53 Enter Filter Rule Number 1 6 to Configure 1 DOuPWNE Fe Figure 8 5 NetBIOS _LAN Filter Rules Summary Menu 21 3 Filter Rules Summary Filter Rules SA 0 0 0 0 DA 0 0 0 0 Enter Filter Rule Number 1 6 to Configure 1 Figure 8 6 Telnet Filter Rules Summary Filter Configuration 8 5 Prestige 645 ADSL Internet Access Router 1 2 3 4 5 6 OUO 0 NPD s Menu 21 4 Filter Rules Summary Filter Rules Off 12 Len 2 Mask ffff Value 8863 Off 12 Len 2 Mask ffff Value 8864 Enter Filter Rule Number 1 6 to Configure Figure 8 7 PPPoE Filter Rules Summary Menu 21 5 Filter Rules Summary Filter Rules A 0 0 0 0 DA 0 0 0 0 Enter Filter Rule Numb
124. n Menu 4 allows you to enter the Internet Access information in one screen Menu 4 is actually a simplified setup for one of the remote nodes that you can access in menu 11 Before you configure your Prestige for Internet access you need to collect your Internet account information from your ISP and telephone company Use the following table to record your Internet Account Information Note that if you are using PPP encapsulation then the only ISP information you need is a login name and password You only need to know the Ethernet Encapsulation Gateway IP address if you are using ENET ENCAP encapsulation Internet Access 3 11 Prestige P645 ADSL Internet Access Router Table 3 4 Internet Account Information Internet Account Information Write your account information here Telephone Company Information VPI Virtual Path Identifier VCI Virtual Channel Identifier ISP Information IP Address of the ISP s Gateway Optional Login Name Password for ISP authentication Type of Multiplexing Type of Encapsulation Ethernet Encapsulation Gateway From the main menu enter 4 to go to Menu 4 Internet Access Setup as shown next The following table contains instructions on how to configure your Prestige for Internet access 3 12 Internet Access Prestige 645 ADSL Internet Access Router Menu 4 Internet Access Setup ISP s Name ChangeMe Encapsulation PPPoE Multiplexing LLC base
125. ndards One major difference between ADSL and dial up modems is the need for a telephone splitter This device keeps the telephone and ADSL signals separated giving the capability to provide simultaneous Internet access and telephone service on the same line Splitters also eliminate the destructive interference conditions caused by telephone sets The telephone splitter has to be installed on the line at the point of entry to the residence Noise generated from a telephone in the same frequency range as the ADSL signal can be disruptive to the ADSL signal In addition the impedance of a telephone when off hook may be so low that it essentially shunts the strength of the ADSL signal When a POTS splitter is installed at the entry point where the line comes into the home it will filter the telephone signals before combining the ADSL and telephone signals transmitted and received The issues of noise and impedance are eliminated with a single POTS splitter installation A telephone splitter can be installed as shown in the following figure Hardware Installation amp Setup 2 3 Prestige P645 ADSL Internet Access Router Prestige Figure 2 3 Connecting a POTS Splitter Step 1 Connect the side labeled Phone to your telephone Step 2 Connect the side labeled Modem to your Prestige Step 3 Connect the side labeled Line to the telephone wall jack 2 5 Telephone Microfilters You may also opt to purchase telephone micr
126. nings First loosely used the whole constellation of resources that can be accessed using Gopher FTP HTTP telnet USENET WAIS and some other tools Second the universe of hypertext servers HTTP servers Glossary Prestige 645 ADSL Internet Access Router About ADSL xix ADSL xix Advantages of ADSL xix Always on xix Applying Schedule Sets to Remote Nodes 13 3 Asymmetric Digital Subscriber Line xix asymmetric operation xix Authentication 4 3 4 4 B backup 11 2 Bridge See Bridging Bridging 2 11 4 4 7 1 7 3 Ethernet Setup 7 1 HANDLE IPX 7 2 Remote Node 7 2 Static Route 7 4 C Call Scheduling 13 1 maximum number of schedule sets 13 1 PPPoE 13 4 precedence 13 1 precedence example See precedence CDR 10 6 10 7 Certifications iv CHAP 4 3 Command Interpreter Mode 10 9 Connecting the Prestige 2 2 Connections Additional Requirements 2 3 Power Adapter 2 3 Rear Panel 2 2 Contacting Customer Support v Copyright ii Customer Support v Index D Defaults 2 2 Diagnostic Tools 10 1 10 8 Reset ADSL 10 9 DNS 3 6 Domain Name System 3 4 DSLAM See Digital Subscriber Line Access Multiplexer Dynamic Host Configuration Protocol 3 4 E Encapsulation 1 2 3 10 3 12 3 13 4 3 4 5 ENET ENCAP 3 10 PPP 3 10 RFC 1483 3 10 Ethernet 2 10 FCC iv Federal Communications Commission FCC Interference Statement iv Filename Conventions 11 1 Filter 2 11 About
127. nternet Access 3 1 Prestige P645 ADSL Internet Access Router The subnet mask specifies the network number portion of an IP address Your Prestige will compute the subnet mask automatically based on the IP address that you entered You don t need to change the subnet mask computed by the Prestige unless you are instructed to 3 2 2 Private IP Addresses Every machine on the Internet must have a unique address If your networks are isolated from the Internet e g only between your two branch offices you can assign any IP addresses to the hosts without problems However the Internet Assigned Numbers Authority IANA has reserved the following three blocks of IP addresses specifically for private networks 10 0 0 0 1025972557255 172 16 040 gt 172 31 255 255 192 168 0 0 192 168 255 255 You can obtain your IP address from the IANA from an ISP or have it assigned by a private network If you belong to a small organization and your Internet access is through an ISP the ISP can provide you with the Internet addresses for your local networks On the other hand if you are part of a much larger organization you should consult your network administrator for the appropriate IP addresses Regardless of your particular situation do not create an arbitrary IP address always follow the guidelines above For more information on address assignment please refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelin
128. nu 21 1 1 TCP IP Filter Rule 8 12 Figure 8 11 Executing an IP Filter Figure 8 12 Menu 21 1 1 Generic Filter Rule 8 13 Figure 8 13 Menu 21 1 1 IPX Filter Rule 8 15 Figure 8 14 Example Filter Menu 21 3 1 8 17 Figure 8 15 Example Filter Rules Summary Menu 21 3 8 18 Figure 8 16 Protocol and Device Filter Sets 8 19 Figure 8 17 Filtering Ethernet traffic 8 19 Figure 8 18 Filtering Remote Node Traffic PPPoE Encapsulation 8 20 Figure 9 1 SNMP Management Model 9 1 Figure 9 2 Menu 22 SNMP Configuration 9 3 Figure 10 1 Menu 24 System Maintenance 10 1 10 2 Figure 10 2 Menu 24 1 System Maintenance Status 10 3 Figure 10 3 System Information and Console Port Speed Figure 10 4 System Maintenance Information 10 4 Figure 10 5 Examples of Error and Information Messages 10 5 Figure 10 6 Menu 24 3 2 System Maintenance Syslog and Accounting Figure 10 7 Menu 24 4 System Maintenance Diagnostic 10 6 10 9 Figure 10 8 Command mode 10 10 Figure 11 1 Menu 24 5 Backup Configuration 11 3 Figure 11 2 FTP Session Example 11 3 Figure 11 3 Menu 24 6 Restore Configuration 11 6 Figure 11 5 Menu 24 7 System Maintenance Upload Firmware 11 6 Figure 11 6 Menu 24 7 1 Upload System Firmware 11 7 11 8 Figure 11 7 Menu 24 7 2 System Maintenance 11 9
129. number is a 48 bit quantity and usually is taken from the MAC Media Access Control address of the Ethernet hardware so you don t have to explicitly configure the node number An IPX client obtains its network number from a server that has the network numbers statically configured If there are multiple servers on a network only one server needs to have the network numbers configured and all other stations clients and servers can obtain the network numbers from it The server with configured network numbers is called a seed router If you have a NetWare server on the same LAN as the Prestige 645R we recommend that you set up a NetWare server as a seed router Even though the Prestige 645R is capable of functioning as a seed router a NetWare server offers a much more extensive facility for network management 6 1 2 Frame Types IPX can run on top of four different frame types on the Ethernet These frame types are 802 2 802 3 Ethernet II DIX and SNAP Sub Network Access Protocol Each frame type is a separate logical network even though they exist on one physical cable see the following diagram Although there are four frame types available on the Ethernet you should configure as few frame types as possible on your NetWare server and use automatic frame detection on the clients to simplify management and to reduce network overhead 6 1 3 External Network Number Each of the four logical networks based on frame type has its own ex
130. ofilters Telephone voice transmissions take place in the lower frequency range 0 4KHz while ADSL transmissions take place in the higher bandwidth range above 4KHz ZyXEL provides a microfilter that acts as a low pass filter for your telephone to ensure that ADSL transmissions do not interfere with your telephone voice transmissions Step 1 Connect a phone cable from the wall jack to the single jack end of the Y Connector Step 2 Connect a cable from the double jack end of the Y Connector to the wall side of the microfilter Step 3 Connect another cable from the double jack end of the Y Connector to the Prestige Step 4 Connect the phone side of the microfilter to your telephone as shown in the following figure 2 4 Hardware Installation amp Setup Prestige 645 ADSL Internet Access Router Prestige Wall Jack Y CONNECTOR Wall Phone Side Side Figure 2 4 Connecting the Microfilter 2 6 Turning On Your Prestige At this point you should have connected the ADSL line the Ethernet port and the power port to the appropriate devices or lines You can now turn on the Prestige by pushing the power button on Refer to the Read Me First for instructions on setting up your computer The following procedure details how to telnet into your Prestige Step 1 In Windows click Start usually in the bottom left corner Run and then type telnet 192 168 1 1 the default IP address and click OK The Prestige sho
131. ogin oscar PPPoE Idle Timeout sec N A connect to your My Password PPPoE Service Name N A Authen CHAP PAP Schedule Sets N A ISP or enter the IP address of the remote gateway Press ENTER to CONFIRM or ESC to CANCEL here Figure 4 2 Menu 11 1 Remote Node Profile Table 4 1 Remote Node Profile Menu Fields 4 2 Remote Node Configuration Prestige P645 ADSL Internet Access Router FIELD DESCRIPTION EXAMPLE Rem Node Name This is a required field Enter a descriptive name for the remote node for example Changeme This field can be up to eight characters This name must be unique from any other remote node name Changeme Active Press the SPACE BAR to select either Yes or No Inactive nodes are displayed with a minus sign at the beginning of the name in menu 11 No Encapsulation PPP refers to RFC 2364 PPP Encapsulation over ATM Adaptation Layer 5 If RFC 1483 Multiprotocol Encapsulation over ATM Adaptation Layer 5 or ENET ENCAP are selected then the Rem Login Rem Password My Login My Password Edit PPP Options and Authen fields will not be applicable N A Moreover ENET ENCAP encapsulation does not apply for IPX routing PPP Multiplexing Press the SPACE BAR to select either VC based or LLC based multiplexing LLC based Incoming Incoming Rem Login Name Rem Password Enter the login name that this remote node wil
132. oint to Point Protocol over Ethernet relies on two widely accepted standards PPP and Ethernet PPPoE is a specification for connecting the users on an Ethernet to the Internet through a common broadband medium such as a single DSL line wireless device or cable modem All the users over the Ethernet share a common connection so the Ethernet principles supporting multiple users in a LAN combine with the principles of PPP which apply to serial connections From authentication accounting and secure access to configuration management PPPoE supports a broad range of existing applications and services Public Switched Telephone Network was put into place many years ago as a voice telephone call switching system The system transmits voice calls as analog signals across copper twisted cables from homes and businesses to neighborhood COs central offices this is often called the local loop The PSTN is a circuit switched system meaning that an end to end private circuit is established between caller and callee Permanent Virtual Circuit A PVC is a logical point to point circuit between customer sites PVCs are low delay circuits because routing decisions do not need to be made along the way Permanent means that the circuit is preprogrammed by the carrier as a path through the network It does not need to be set up or torn down for each session An RFC Request for Comments is an Internet formal document or standard that is the result of committee
133. one wire Connect the micro filter s optional see 2 2 Hardware Installation amp Setup Prestige 645 ADSL Internet Access Router Figure 2 4 Connecting the Microfilter between the wall jack and your telephone s The micro filters act as low pass filters voice transmission takes place in the 0 to 4KHz bandwidth Step 2 Connecting a computer to the Prestige 10 100M LAN port Be careful not to plug a RJ 11 connector into the RJ 45 port Ethernet 10Base T 100Base T networks use Shielded Twisted Pair STP cable with RJ 45 connectors that look like a bigger telephone plug with 8 pins Use a crossover cable red tag to connect your Prestige 645R to a computer directly Use a straight through Ethernet cable white tag to connect to an external hub and then connect one end of a straight through Ethernet cable white tag from the hub to the Network Interface Card NIC on the computer Step 3 Connecting the power adapter to your Prestige Make sure that you use a P N DV 121AACS rated 12VAC 1 0A or equivalent power supply Connect the power adapter to the port labeled POWER on the rear panel of your Prestige 2 3 Additional Installation Requirements In addition to the contents of your package your computer must have a properly installed and enabled Ethernet 10Base T 100Base T NIC 2 4 Connecting the POTS Splitter You may purchase an optional POTS splitter for use with the Full Rate G dmt and ANSI T1 413 sta
134. orm a balanced circuit The twisting prevents interference problems STP shielded twisted pair provides protection against external crosstalk Straight A cable that wires a pin to its equivalent pin This cable connects two dissimilar devices for through example a data terminal equipment DTE and a data communications equipment DCE Ethernet device A straight through Ethernet cable is the most common cable used cable SUA Single User Account The Prestige s SUA Single User Account feature allows multiple user Internet access for the cost of a single ISP account see also NAT TCP Transmission Control Protocol handles flow control and packet recovery and IP providing basic addressing and packet forwarding services Telnet Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments It operates over TCP IP networks Its primary function is to allow users to log into remote host systems Terminal A device that allows you to send commands to a computer somewhere else At a minimum this usually means a keyboard and a display screen and some simple circuitry Terminal Software that pretends to be emulates a physical terminal and allows you to type Software commands to a computer somewhere else H Glossary Prestige 645 ADSL Internet Access Router TFTP UDP URL VCI VPI WAN WWW Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP File Transfe
135. ource Socket DS Destination Socket Ifthe filter type is GEN generic the abbreviations listed in the following table will be used Table 8 4 Abbreviations Used If Filter Type Is GEN ABBREVIATION DESCRIPTION Off Offset Len Length Refer to the next section for information on configuring the filter rules 8 3 Configuring a Filter Rule To configure a filter rule enter its number in Menu 21 1 Filter Rules Summary and press ENTER to open menu 21 1 1 for the rule There are three types of filter rules TCP IP IPX and Generic Depending on the type of rule the parameters below the type will be different Use the SPACE BAR to select the type of rule that you wish to create in the Filter Type field and press ENTER to open the respective menu To speed up filtering all rules in a filter set must be of the same class i e protocol filters or generic filters The class of a filter set is determined by the first rule that you create When applying the filter sets to a port separate menu fields are provided for protocol and device filter sets If you include a protocol filter set in a device filters field or vice versa the Prestige will warn you and will not allow you to save 8 3 1 TCP IP Filter Rule This section shows you how to configure a TCP IP filter rule TCP IP rules allow you to base the rule on the fields in the IP and the upper layer protocol e g UDP and TCP headers To configu
136. peed e eere eee eres ette eene tenete etta seta ana 10 3 10 3 Log and Trace sacsssiscceccsscssssssscscesssusesescoascessesdcovesiescesssvesensasstscesesesvonsesssesasenssuencs psnssnsesedvcsvoaseasess 10 5 10 3 1 Viewing Error Eog eee qe E EUER EU e NEUE Eee eee eda eebenvan sans 10 5 10 3 2 Sylo eee ette det ae o oie uio de rtu e oie eie end 10 5 10 4 UP iL M 10 8 10 5 Command Interpreter Mode aeree eee eese seen en seen enata tene ta sensns ta sensn sesto sees suse tatu ne 10 9 Chapter 11 Configuration and Firmware File Maintenance cesses 11 1 11 1 Filename Conventions eere eere eerte eene ee nennen atn tn atta tuse tasas ta senten eta sens tasses tosta tse ta senses en 11 1 11 2 Backup Configuration ecce esee ee ette eee eene enata seta setas etas ta sete setas toss to setas eos e ease tasses sta 11 2 11 2 1 Backup Configuration Using FIP cerie naa arere eaa nennen nene nennen enne 11 2 11 2 2 Using the FTP command from the DOS Prompt sees 11 3 11 2 3 Backup Configuration Using TFTP ceciren ianiai aeaoe a EE Ena aratai 11 4 11 244 Example TETP Command tene reme eee trei 11 5 11 3 Restore Configuration recess eese eese eene eee etes sense ease tn seta seta seta sete stesse sse e setas etas e east 11 5 11 4 Uploading Firmware and Configuration Files e ee
137. please consult the documentation of your FTP client program For details on uploading system firmware using TFTP note that you must remain on this menu to upload system firmware using TFTP please see your manual Press ENTER to Exit Figure 11 7 Menu 24 7 2 System Maintenance To transfer the firmware and the configuration file follow these examples 11 4 3 Using the FTP command from the DOS Prompt Example Step 1 Launch the FTP client on your computer Step 2 Enter open and the IP address of your Prestige Step 3 Press ENTER when prompted for a username Step 4 Enter root and your SMT password as requested The default is 1234 Step 5 Enter bin to set transfer mode to binary Step 6 Use put to transfer files from the computer to the Prestige e g put firmware bin ras transfers the firmware on your computer firmware bin to the Prestige and renames it ras Similarly put config rom rom 0 transfers the configuration file on your computer config rom to the Prestige and renames it rom 0 Likewise get rom 0 config rom transfers the configuration file on the Prestige to your computer and renames it config rom See earlier in this chapter for more information on filename conventions Step 7 Enter quit to exit the ftp prompt 11 8 Configuration and Firmware File Maintenance Prestige 645 ADSL Internet Access Router 331 Enter PASS command Password 230 Logged in
138. r Protocol but it is scaled back in functionality so that it requires fewer resources to run TFTP uses the UDP User Datagram Protocol rather than TCP Transmission Control Protocol UDP is a connectionless transport service that dispenses with the reliability services provided by TCP UDP gives applications a direct interface with IP and the ability to address a particular application process running on a host via a port number without setting up a connection session Uniform Resource Locator URL is an object on the Internet or an intranet that resides on a host system Objects include directories and an assortment of file types including text files graphics video and audio A URL is the address of an object that is normally typed in the Address field of a Web browser The URL is basically a pointer to the location of an object A Virtual Channel Identifier is a number that denotes a particular logical connection between end stations users or networks See also VPI A Virtual Path Identifier is a number that denotes a bundle of virtual channels See also VCI Wide Area Networks link geographically dispersed offices in other cities or around the globe Just about any long distance communication medium can serve as a WAN link including switched and permanent telephone circuits terrestrial radio systems and satellite systems World Wide Web Frequently used incorrectly when referring to The Internet WWW has two major mea
139. r the DNS server address es if your ISP gives you explicit DNS server address es If you wish to change the factory defaults or to learn more about TCP IP please read on 3 2 TCP IP Parameters 3 2 1 IP Address and Subnet Mask Similar to the way houses on a street share a common street name the machines on a LAN also share one common network number Where you obtain your network number depends on your particular situation If the ISP or your network administrator assigns you a block of registered IP addresses follow their instructions in selecting the IP addresses and the subnet mask If the ISP did not explicitly give you an IP network number then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established If this is the case it is recommended that you select a network number from 192 168 0 0 to 192 168 255 0 ignoring the trailing zero and you must enable the Single User Account feature of the Prestige The Internet Assigned Number Authority ANA has reserved this block of addresses specifically for private use please do not use any other number unless you are told otherwise Let s say you select 192 168 1 0 as the network number which covers 254 individual addresses from 192 168 1 1 to 192 168 1 254 zero and 255 are reserved In other words the first 3 numbers specify the network number while the last number identifies an individual computer on that network I
140. r the IP addresses of the DNS servers The DNS servers Secondary DNS are passed to the DHCP clients along with the IP address and Server the subnet mask Remote DHCP If Relay is selected in the DHCPz field above then enter the IP Server address of the actual remote DHCP server here Table 3 2 TCP IP Ethernet Setup Menu Fields Follow the instructions in the following table to configure TCP IP parameters for the Ethernet port IP Subnet Mask RIP Direction Version FIELD DESCRIPTION EXAMPLE TCP IP Setup IP Enter the LAN IP address of your Prestige in dotted decimal 192 168 1 1 Address notation default Your Prestige will automatically calculate the subnet mask based on the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the Prestige Press the SPACE BAR to select the RIP direction from Both In Only Out Only or None Press the SPACE BAR to select the RIP version from RIP 1 RIP 2B or RIP 2M 255 255 255 0 Both default RIP 1 default 3 6 Internet Access Prestige 645 ADSL Internet Access Router FIELD DESCRIPTION EXAMPLE Multicast IP Policies Edit IP alias IGMP Internet Group Multicast Protocol is a session layer protocol used to establish membership in a Multicast group The P645R supports both IGMP version 1 IGMP v1 and version 2 IGMP v2 Press the SPACE BAR to enable IP Multica
141. racters of your Prestige branch Contact Person s Enter the name up to 30 characters of the person in charge of this JohnDoe Name optional Prestige Protocols Press the SPACE BAR to select Yes or No to turn the individual routing protocols on or off Route IP Set this field to Yes to enable IP routing You must enable IP routing for Yes Internet access Route IPX Set this field to Yes to enable IPX routing No Bridge Turn on off bridging for protocols not supported e g SNA or not turned No on in the previous Route fields 2 10 Ethernet Setup This section describes how to configure the Ethernet using Menu 3 Ethernet Setup From the main menu enter 3 to open menu 3 2 10 Hardware Installation amp Setup Prestige 645 ADSL Internet Access Router Menu 3 Ethernet Setup General Setup TCP IP and DHCP Setup Novell IPX Setup Bridge Setup S0 IN D Figure 2 10 Menu 3 Ethernet Setup 2 10 1 General Ethernet Setup This menu allows you to specify filter set s that you wish to apply to the Ethernet traffic You seldom need to filter Ethernet traffic however the filter sets may be useful to block certain packets reduce traffic and prevent security breaches Menu 3 1 General Ethernet Setup Input Filter Sets Protocol filters device filters Output Filter Sets Protocol filters device filters Press ENTER to Confirm or ESC to Cancel Figure 2 11 Menu 3 1
142. rce 12 4 IP Policy Routing Prestige 645 ADSL Internet Access Router FIELD DESCRIPTION addr start end Source IP address range from start to end port start end Source port number range from start to end applicable only for TCP UDP Destination addr start end Destination IP address range from start to end port start end Destination port number range from start to end applicable only for TCP UDP Action Specifies whether action should be taken on criteria Matched or Not Matched Gateway addr Defines the outgoing gateway address The gateway must be on the same subnet as the P645R if it is on the LAN otherwise the gateway must be the IP address of a remote node The default gateway is specified as 0 0 0 0 Type of Service Set the new TOS value of the outgoing packet Prioritize incoming network traffic by choosing No Change Normal Min Delay Max Thruput Max Reliable or Min Cost Precedence Set the new outgoing packet precedence value Values are 0 to 7 or No Change Log Press SPACE BAR to select Yes to make an entry in the system log when a policy is executed When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 12 5 Applying an IP Policy This section shows you where to apply the IP policie
143. rd including adaptations with data rates of 10 Mbits sec and 100 Mbits sec over coaxial cable twisted pair cable and fiber optic cable The latest version of Ethernet Gigabit Ethernet has a data rate of 1 Gbit sec Frequently Asked Questions FAQs are documents that list and answer the most common questions on a particular subject The FCC Federal Communications Commission is in charge of allocating the electromagnetic spectrum and thus the bandwidth of various communication systems The nonvolatile storage that can be electrically erased and reprogrammed so that data can be stored booted and rewritten as necessary A gateway is a computer system or other device that acts as a translator between two systems that do not use the same communication protocols data formatting structures languages and or architecture Any computer on a network that is a repository for services available to other computers on the network It is quite common to have one host machine provide several services such as WWW and USENET Internet Assigned Number Authority acts as the clearinghouse to assign and coordinate the use of numerous Internet protocol parameters such as Internet addresses domain names protocol numbers and more The IANA Web site is at http www isi edu iana Internet Control Message Protocol is a message control and error reporting protocol between a host server and a gateway to the Internet ICMP uses Internet Protocol IP dat
144. re a TCP IP rule select TCP IP Filter Rule from the Filter Type field and press ENTER to open Menu 21 1 1 TCP IP Filter Rule as shown next Filter Configuration 8 9 Prestige 645 ADSL Internet Access Router Menu 21 1 1 TCP IP Filter Rule Filter 1 1 Filter Type TCP IP Filter Rule Active Yes IP Protocol 6 IP Source Route No Destination IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port 137 Port Comp Equal Source IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port 0 Port Comp None TCP Estab No More No Log None Action Matched Check Next Rule Action Not Matched Check Next Rule Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 8 10 Menu 21 1 1 TCP IP Filter Rule The following table describes how to configure your TCP IP filter rule Table 8 5 TCP IP Filter Rule Menu Fields Comp or Not Equal to apply to the destination port in the packet against the value given in Destination Port FIELD DESCRIPTION EXAMPLE Active Use Yes to activate and No to deactivate the filter rule Yes IP Protocol Protocol refers to the upper layer protocol e g TCP is 6 6 UDP is 17 and ICMP is 1 This value must be between 0 and 255 IP Source Route IP source route is an optional header that dictates the No route an IP packet takes from its source to its destination If Yes the rule applies to any packet with an IP source route The majority of IP packets
145. rs you need to configure Menu 11 3 Remote Node Network Layer Options To set up Menu 11 3 Remote Node Network Layer Options follow these steps Step 1 In menu 11 1 make sure the Bridge field is set to Yes 7 2 Bridging Setup Prestige P645 ADSL Internet Access Router Step 2 Move the cursor to the Edit IP IPX Bridge field then press the SPACE BAR to select Yes and press ENTER to open Menu 11 3 Network Layer Options VPI VCI LLC mux or PPP PPPoE Encap IPX Options VPI 0 Rem LAN Net 00000000 VCI 35 My WAN Net 00000000 IP Options Hop Count 1 Rem IP Addr 0 0 0 0 Tick Count 2 Rem Subnet Mask 0 0 0 0 W D Spoofing min N A IP Address Assignment Dynamic SAP RIP Timeout min N A My WAN Addr 0 0 0 0 Dial On Query N A Single User Account Yes Metric 2 Private No RIP Direction None Version RIP 1 Multicast None IP Policies Menu 11 3 Remote Node Network Layer Options Bridge Options Dial On Broadcast N A Ethernet Addr Timeout min 0 Enter here to CONFIRM or ESC to CANCEL Figure 7 2 Menu 11 3 Remote Node Bridging Options The following table describes the bridging specific parameters in Menu 11 1 Remote Node Profile and Menu 11 3 Remote Node Network Layer Options menus Table 7 2 P645R Remote Node Network Layers Menu Bridge Options FIELD DESCRIPTION Bridge menu 11 1 Make sure this field is set to Yes
146. rting Address 192 168 1 33 Size of Client IP Pool 64 Primary DNS Server 0 0 0 0 Secondary DNS Server 0 0 0 0 Remote DHCP Server N A TCP IP Setup IP Address 192 168 1 1 IP Subnet Mask 255 255 255 0 RIP Direction Both Version RIP 1 Multicast None IP Policies 1 2 Edr P as No Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 12 9 Applying IP Policies IP Policy Routing 12 9 Prestige 645 ADSL Internet Access Router Chapter 13 Call Scheduling This chapter shows you how to set up call time periods for remote nodes 13 1 Introduction The call scheduling feature allows the P645R to manage a remote node and dictate when a remote node should be called and for how long This feature is similar to the scheduler in a video cassette recorder where you record programs at times that you specify You can apply up to four schedule sets in Menu 11 1 Remote Node Profile 13 2 Schedule Setup From the main menu enter 26 to access Menu 26 Schedule Setup as shown next Menu 26 Schedule Setup Schedule Schedule Set 4 Name Set Name 1 7 2 8 3 9 4 10 5 TI 6 I2 Enter Schedule Set Number to Configure Edit Name Press ENTER to Confirm or ESC to Cancel Figure 13 1 Schedule Setup Lower numbered sets take precedence over higher numbered sets thereby avoiding scheduling conflicts For example if sets 1 2 3 and 4 are applied in the remote node then set 1
147. s after you design them 12 5 1 Ethernet IP Policies From Menu 3 Ethernet Setup type 2 to go to Menu 3 2 TCP IP and DHCP Ethernet Setup You can choose up to four IP policy sets from 12 by typing their numbers separated by commas e g 2 4 7 9 IP Policy Routing 12 5 Prestige 645 ADSL Internet Access Router Menu 3 2 TCP IP and DHCP Ethernet Setup DHCP Setup DHCP None Client IP Pool Starting Address N A Size of Client IP Pool N A Primary DNS Server N A Secondary DNS Server N A Remote DHCP Server N A TCP IP Setup IP Address 192 168 1 1 IP Subnet Mask 255 255 255 0 RIP Direction Both Version RIP 2B Multicast IGMP v2 IP Policies 2 4 7 9 Edit IP Alias No Type IP Policy sets here Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 12 4 Menu 3 2 TCP IP and DHCP Ethernet Setup Go to menu 11 3 shown next and type the number s of the IP Routing Policy set s as appropriate You can cascade up to four policy sets by typing their numbers separated by commas Menu 11 3 Remote Node Network Layer Options VPI VCI LLC mux or PPP PPPoE Encap IPX Options VPI 0 Rem LAN Net 00000000 VCI 35 My WAN Net 00000000 IP Options Hop Count 1 Rem IP Addr 0 0 0 0 Tick Count 2 Rem Subnet Mask 0 0 0 0 W D Spoofing min N A IP Address Assignment Dynamic SAP RIP Timeout min N A My WAN Addr 0 0 0 0 Dial On Query N A Singl
148. s from your computer to the Prestige 11 2 1 Backup Configuration Using FTP Enter 5 in Menu 24 System Maintenance to get the following screen 11 2 Configuration and Firmware File Maintenance Prestige 645 ADSL Internet Access Router Menu 24 5 Backup Configuration To transfer the configuration file to your workstation follow the procedure below Launch the FTP client on your workstation Type open and the IP address of your router Then type root and SMT password as requested Locate the rom 0 file Type get rom 0 to back up the current router configuration to your workstation For details on FTP commands please consult the documentation of your FTP client program For details on backup using TFTP note that you must remain in the menu to back up using TFTP please see your router manual Press ENTER to Exit Figure 11 1 Menu 24 5 Backup Configuration 11 2 2 Using the FTP command from the DOS Prompt Step 1 Launch the FTP client on your computer Step 2 Enter open and the IP address of your Prestige Step 3 Press ENTER when prompted for a username Step 4 Enter root and your SMT password as requested The default is 1234 Step 5 Enter bin to set transfer mode to binary Step 6 Use get to transfer files from the Prestige to the computer for example get rom 0 config rom transfers the configuration file on the Prestige to your computer and renames it
149. sssecssstactecesesceaseetesnsctesssbssssseceecscsabdoctavaszesactasdstsebesenaeceasseesess 3 1 3 2 1 IP Address and Subnet Mask sss enne enne ennt enne nenne enn 3 1 3 2 2 Private IP Add ESSES cioe eee etel o ee 3 2 32 3 RIP Sepu e tns montent tte n aer ee 3 2 3 2 4 B liac 3 3 312 5 TRA AS ite eto oak Ren omen iie tieu ra ita ee 3 3 3 2 6 DHCP Configuration 0 to cete op bases cR I pere tes rape E aet SEES ri cen 3 4 MEM nisle H 3 5 3 4 TCP IP Ethernet Setup and DHQCP eeeeeee ee eite eese eee etes estos etos e eaae ta setas etas tn sense ta seno 3 5 3 4 1 IP Alias Setup aie ne tees ter tbe eie t Pietre ett oe but dea 3 7 Table of Contents vii P645 ADSL Internet Access Router 35 LANS 3 9 3 5 1 LANs WANSs and the Prestige teet p rdiet e petite oor Ue tere gen 3 9 3 6 VPI amp VCDi NE N AEA EEA EE EA A E E AE 3 9 3 7 M ltiplexing icici cciccscssicoscssosnsssscssessasecdssoescevesoadsodeseaseassbacdusosssessssescotusessendessebesbesonscosssonseesevassunsee 3 9 3 7 1 VC based multiplexing seriotan petri E E aa EOE O iA aS 3 10 3 7 2 LLC based multiplexing nirien ea eepe Er a E ene nnne tenete 3 10 3 8 Encapsulation EE E AAE T T EE 3 10 3 8 1 ENED ENGADP 5 5 ARER E E EU a SEDE PUTES 3 10 8 20 a A E E A E E E T 3 10 3 8 3 REC 1483 iuo A a a A EAE E bep eie AN 3 10 3 9 IP Address Assignment
150. sting or select None default to disable it You can apply up to four IP Policy sets from twelve by entering their numbers separated by commas None are applied by default The P645R supports three logical LAN interfaces via its single physical Ethernet interface with the P645R itself as the gateway for each LAN network Press the SPACE BAR to select Yes then press ENTER to display menu 3 2 1 None default 1 2 7 8 No When you have completed this menu press ENTER at the prompt Press ENTER to Confirm to save your configuration or press ESC at any time to cancel 3 4 1 IP Alias Setup Use menu 3 2 to configure the first network Move the cursor to the Edit IP Alias field press SPACE BAR to choose Yes and press ENTER to configure the second and third networks Pressing ENTER opens Menu 3 2 1 IP Alias Setup as shown next Internet Access 3 7 Prestige P645 ADSL Internet Access Router Menu 3 2 1 IP Alias Setup IP Alias 1 Yes IP Address 192 168 2 1 IP Subnet Mask 255 255 255 0 RIP Direction None Version RIP 1 Incoming protocol filters N A Outgoing protocol filters N A IP Alias 2 No IP Address N A IP Subnet Mask N A RIP Direction N A Version N A Incoming protocol filters N A Outgoing protocol filters N A Enter here to CONFIRM or ESC to CANCEL Press Space Bar to Toggle Figure 3 5 Menu 3 2 1 IP Alias Setup Use the instructions in the followin
151. t N A Hop Count N A Tick Count N A W D Spoofing min N A SAP RIP Timeout min N A Dial On Query N A VPI N A VCI N A IP Options Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 IP Address Assignment Dynamic My WAN Addr 0 0 0 0 Single User Account No Metric 2 Private No RIP Direction Both Version RIP 1 Multicast None IP Policies VPI 0 VCI 35 Bridge Options Dial On Broadcast N A Ethernet Addr Timeout min N A VPI N A VCI N A o Confirm Or ESC to Cancel Figure 5 6 Menu 11 3 for VC based multiplexing with RFC 1483 and ENET ENCAP Remote Node TCP IP Configuration 5 5 Prestige P645 ADSL Internet Access Router Table 5 2 TCP IP Remote Node Configuration FIELD DESCRIPTION EXAMPLE Rem IP Address This will show the IP address you entered for this remote node in the previous menu 172 16 0 2 Rem IP Subnet Mask Enter the subnet mask for the remote network 255 255 255 0 IP Address Assignment Press the SPACE BAR to select Static for a fixed IP address given by an ISP or Dynamic for the IP address to be assigned automatically by a server each time the remote node logs on Dynamic My WAN Addr Some implementations especially the UNIX derivatives require the WAN link to have a separate IP network number from the LAN and each end must have a unique address within the WAN network number
152. t These two fields have the same meaning as those in the Ethernet setup and Tick Count Once you have completed filling in the menu press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC to cancel 6 8 IPX Configuration Prestige P645 ADSL Internet Access Router Chapter 7 Bridging Setup This chapter shows you how to configure the bridging parameters of your Prestige 7 1 Bridging in General Bridging bases the forwarding decision on the MAC Media Access Control or hardware address while routing does it on the network layer IP or IPX address Bridging allows the Prestige 645R to transport packets of network layer protocols that the Prestige 645R does not route e g SNA from one network to another The caveat is that compared to routing bridging generates more traffic for the same network layer protocol and it also demands more CPU cycles and memory For efficiency reasons do not turn on bridging unless you need to support protocols other than IP and IPX on your network For IP and IPX enable the respective routing if you need it do not bridge what the Prestige 645R can route 7 2 Bridge Ethernet Setup Basically all non local packets are bridged to the WAN however your Prestige 645R applies special handling for certain IPX packets to reduce the number of calls depending on the setting of the Handle IPX field From Menu 3 Ethernet Setup enter 4 to bring
153. t the discretion of ZyXEL and the customer will be billed for parts and labor All repaired or replaced products will be shipped by ZyXEL to the corresponding return address Postage Paid This warranty gives you specific legal rights and you may also have other rights that vary from country to country ZA Online Registration Don t forget to register your ZyXEL product fast easy online registration at www zyxel com for free future product updates and information ZyXEL Limited Warranty iii Prestige 645 ADSL Internet Access Router Federal Communications Commission FCC Interference Statement This device complies with Part 15 of FCC rules Operation is subject to the following two conditions This device may not cause harmful interference This device must accept any interference received including interference that may cause undesired operations This equipment has been tested and found to comply with the limits for a CLASS B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications If this equipment does cause harmful interference to radio television reception which can be determined by turning the equipment off and on
154. t to the Prestige Set the transfer mode to binary before starting data transfer Step 5 Use the TFTP client see the example below to transfer files between the Prestige and the computer The file name for the firmware is ras and the configuration file is rom 0 rom Zero not capital o Note that the telnet connection must be active and the SMT in CI mode before and during the TFTP transfer For details on TFTP commands see following example please consult the documentation of your TFTP client program For UNIX use get to transfer from the Prestige to the computer put the other way around and binary to set binary transfer mode Configuration and Firmware File Maintenance 11 9 Prestige 645 ADSL Internet Access Router 11 4 5 Example TFTP Command The following is an example tftp command TFTP i host put firmware bin ras where i specifies binary image transfer mode use this mode when transferring binary files host is the Prestige s IP address put transfers the file source on the computer firmware bin name of the firmware on the computer to the file destination on the remote host ras name of the firmware on the Prestige Commands that you may see in third party TFTP clients are listed earlier in this chapter TFTP over WAN will not work if you have applied a filter in menu 11 5 WAN to block Telnet service 11 10 Configuration and Firmware File Maintenance Pres
155. te pin for example RX is wired to TX This cable connects two similar devices for example two data terminal equipment DTE or data communications equipment DCE devices Channel Service Unit Data Service Unit CSUs channel service units and DSUs data service units are actually two separate devices but they are used in conjunction and often combined into the same box The devices are part of the hardware you need to connect Glossary Prestige 645 ADSL Internet Access Router DCE DHCP DNS Domain Name DRAM DSL DSLAM computer equipment to digital transmission lines The Channel Service Unit device connects with the digital communication line and provides a termination for the digital signal The Data Service Unit device sometimes called a digital service unit is the hardware component you need to transmit digital data over the hardware channel The device converts signals from bridges routers and multiplexors into the bipolar digital signals used by the digital lines Multiplexors mix voice signals and data on the same line Data Communications Equipment is typically a modem or other type of communication device The DCE sits between the DTE data terminal equipment and a transmission circuit such as a phone line Dynamic Host Configuration Protocol automatically assigns IP addresses to clients when they log on DHCP centralizes IP address management on central computers that run the DHCP server program DH
156. ternal network number IPX Configuration 6 1 Prestige P645 ADSL Internet Access Router 6 1 4 Internal Network Number In addition to the external network numbers each NetWare server has its own internal network number that is a virtual network to which the server is attached It is important to remember that every network number must be unique for that entire internetwork either internal or external NetWare Server File Print Server N Disk Drive A z D k i Printer Internal Network Number IPX Router Ethernet II External 802 3 Network Bode Numbers SNAP Figure 6 1 NetWare Server 6 2 Prestige in an IPX Environment There are two scenarios in which your Prestige 645R is deployed depending on whether there is a NetWare server on the LAN as depicted in the following diagram 6 2 IPX Configuration Prestige P645 ADSL Internet Access Router Seed Router Client Side Not a Seed Router Server Side Assigns Network Number Learns Network Number Prestige Netware Server Netware Clients Figure 6 2 Prestige 645R in an IPX Environment 6 2 1 Prestige 645R on LAN with Server If your Prestige is on a LAN with a seed router you do not need to configure the LAN network numbers Your Prestige will learn the network number from the seed router and add the routes to its routing table 6 2 2 Prestige 645R on LAN without Server Each IPX net
157. the entries in this menu as shown in the following figure Menu 21 3 1 TCP IP Filter Rule Press the SPACE BAR to ne ae d choose this filter rule type The Filter Type TCP IP Filter Rule first filter rule type determines Agtive Yes all subsequent filter types IP Protocol P Source Route No Sack Destination 0 within a set Port Comp Source IP Addr 0 IP Mask 0 Port 0 Port Comp TCP Estab No Log None Actioy Matched Prop 6 is the TCP protocol Select Yes to make the rule 0 0 active Press Space Bar to Toggle The port number for the telnet service TCP protocol is 23 See RFC 1060 for port numbers of well known services There are no more rules to Select Equal check here as we are looking for packets going to Select Drop here so that port 23 only the packet will be dropped if its destination is the telnet port Select Forward here so that the packet will be forwarded if its destination is not the telnet port Figure 8 14 Example Filter Menu 21 3 1 When you press ENTER to confirm you will see the following screen Note that there is only one filter tule in this set Filter Configuration 8 17 Prestige 645 ADSL Internet Access Router Menu 21 3 Filter Rules Summary Filter Rules ZA 0 0 0 0 DA 0 0 0 0 Enter Filter Rufe Number 1 6 to Configure 1 This shows you that you have M N means an action can be taken configured and activated A imme
158. the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and the receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help Notice 1 Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment Note Certifications For more information about certifications please refer to www zyxel com iv FCC Prestige 645 ADSL Internet Access Router Customer Support When contacting your Customer Support Representative please have the following information ready Product model and serial number Loopback Test information Warranty Information Date you received your Product 9 9 9 Brief description of the problem and the steps you took to solve it METHOD E MAIL TELEPHONE FAX WEB SITE FTP SITE REGULAR MAIL SUPPORT SALES LOCATION WORLDWIDE support zyxel com tw 886 3 578 3942 www zyxel com ZyXEL Communications Corp 6 Innovation Road II Science support europe zyxel com www europe zyxel com Based Industrial Park HsinChu Taiwan 300 R O C sales zyxel com tw 886 3 578 2439 tp europe zyxel com NORTH support zyxel com 1 714 632 0882 www zyxel com ZyXEL Communications In
159. tige 645 ADSL Internet Access Router Chapter 12 IP Policy Routing This chapter covers setting and applying policies used for IP routing 12 1 Introduction Traditionally routing is based on the destination address only and the P645R takes the shortest path to forward a packet IP Policy Routing IPPR provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator Policy based routing is applied to incoming packets on a per interface basis prior to the normal routing 12 2 Benefits e Source Based Routing Network administrators can use policy based routing to direct traffic from different users through different connections e Quality of Service QoS Organizations can differentiate traffic by setting the precedence or TOS Type of Service values in the IP header at the periphery of the network to enable the backbone to prioritize traffic e Cost Savings IPPR allows organizations to distribute interactive traffic on high bandwidth high cost paths while using low cost paths for batch traffic e Load Sharing Network administrators can use IPPR to distribute traffic among multiple paths 12 3 Routing Policy Individual routing policies are used as part of the overall IPPR process A policy defines the matching criteria and the action to take when a packet meets the criteria The action is taken only when all the criteria are met Th
160. tion Prestige 645 ADSL Internet Access Router Start Packet into Filter Fetch First Filter Set Filter Set l Fetch Next Fetch First id Filter Set Filter Rule Ea Fetch Next Yes Filter Rule ext Filter Rule Execute Filter Next Filter Set Available Available Rule Check Next Rule NOS PRESS ee VET Pe ep eee Drop Forward Drop Packet Accept Packet Figure 8 2 Filter Rule Process You can apply up to four filter sets to a particular port to block multiple types of packets With each filter set having up to six rules you can have a maximum of 24 rules active for a single port Filter Configuration 8 3 Prestige 645 ADSL Internet Access Router 8 2 Configuring a Filter Set To configure a filter set follow this procedure Step 1 Enter 21 from the main menu to open Menu 21 Filter Set Configuration Menu 21 Filter Set Configuration Filter Filter Set Comments Set Comments 1 NetBIOS_WAN 7 2 NetBIOS_LAN 8 3 TELNET_WAN 9 4 PPPOE 10 5 FTP_WAN 11 6 FTP_TELNET_WEB 12 Enter Filter Set Number to Configure Edit Comments NetBIOS_WAN Press ENTER to CONFIRM or ESC to CANCEL Figure 8 3 Menu 21 Filter Set Configuration Step 2 Enter the index of the filter set you wish to configure no 1 12 and press ENTER Step 3 Enter a descriptive name or comment in the Edit Co
161. to partition a physical network into different logical networks over the same Ethernet interface The P645R supports three logical LAN interfaces via its single physical Ethernet interface with the P645R itself as the gateway for each LAN network Prestige Prestige UB 2 LAN 1 IP address menu 3 2 Ethernet LAN 2 IP Alias 1 Menu 3 2 1 Interface LAN 3 IP Alias 2 Menu 3 2 1 Figure 3 1 Physical Network Figure 3 2 Partitioned Logical Networks Internet Access 3 3 Prestige P645 ADSL Internet Access Router 3 2 6 DHCP Configuration DHCP Dynamic Host Configuration Protocol allows the individual clients computers to obtain the TCP IP configuration at start up from a centralized DHCP server The Prestige has built in DHCP server capability enabled by default which means it can assign IP addresses an IP default gateway and DNS servers to Windows 98 Windows 2000 and other systems that support the DHCP client The Prestige can also act as a surrogate DHCP server where it relays IP address assignment from the actual DHCP server to the clients IP Pool Setup The Prestige is pre configured with a pool of 32 IP addresses ranging from 192 168 1 33 to 192 168 1 64 for the client machines This leaves 31 IP addresses 192 168 1 2 to 192 168 1 32 excluding the Prestige itself which has a default IP of 192 168 1 1 for other server machines e g server for mail FTP telnet web etc that you may have DNS Server Address D
162. uld already be on when you turn on your computer see the Read Me First for details Step 2 Entering the password The login screen appears prompting you to enter the password as shown below For your first login enter the default password 1234 As you type the password the screen displays an X for each character you type Please note that if there is no activity for longer than 5 minutes after you log in your Prestige will automatically log you out and will display a blank screen If you see a blank screen press ENTER to bring up the login screen again Enter Password XXXX Figure 2 5 Login Screen Hardware Installation amp Setup 2 5 Prestige P645 ADSL Internet Access Router 2 7 Navigating the SMT Interface The SMT System Management Terminal is the interface that you use to configure your Prestige Several operations that you should be familiar with before you attempt to modify the configuration are listed in the following table Table 2 2 Main Menu Commands OPERATION PRESS lt READ gt DESCRIPTION Move down to ENTER To move forward to a sub menu type in the number of the another menu desired sub menu and press ENTER Move up toa ESC Press the ESC key to move back to the previous menu previous menu Move to a hidden menu Press the SPACE BAR to change No to Yes then press ENTER Fields beginning with Edit lead to hidden menus and have a default s
163. up Menu 3 4 Bridge Ethernet Setup as shown next Menu 3 4 Bridge Ethernet Setup Handle IPX None Press ENTER to CONFIRM or ESC to CANCEL Press Space Bar to Toggle Figure 7 1 Menu 3 4 Bridge Ethernet Setup Bridging Setup 7 1 Prestige P645 ADSL Internet Access Router The following table describes how to configure the Handle IPX field in menu 3 4 Table 7 1 Bridge Ethernet Setup Menu Handle IPX Field Configuration HANDLE IPX FIELD OPTIONS DESCRIPTION None When there is no IPX traffic on the LAN or when you do not want to apply any special handling for IPX Client When there are only client computers on the LAN RIP and SAP Service Advertising Protocol response packets will not trigger calls Server When there are only IPX servers on the LAN No RIP or SAP packets will trigger calls In addition during the time when the line is down your Prestige 645R will reply to watchdog messages from the servers on behalf of remote clients The period of time that your Prestige 645R will do this is linked to the Ethernet Address Timeout parameter in each remote node see Remote Node Configuration When a remote Ethernet address is aged out there is no need to maintain its connection to the IPX server 7 2 1 Remote Node Bridging Setup Follow the procedure in Chapter 5 to configure the protocol independent parameters in Menu 11 1 Remote Node Profile For bridging specific paramete
164. up using TFTP please see your router manual Press ENTER to Exit Figure 11 3 Menu 24 6 Restore Configuration 11 4 Uploading Firmware and Configuration Files Menu 24 7 System Maintenance Upload Firmware allows you to upgrade the firmware and the configuration file WARNING PLEASE WAIT A FEW MINUTES FOR THE PRESTIGE TO RESTART AFTER FIRMWARE OR CONFIGURATION FILE UPLOAD INTERRUPTING THE UPLOAD PROCESS MAY PERMANENTLY DAMAGE YOUR PRESTIGE Menu 24 7 System Maintenance Upload Firmware 1 Upload System Firmware 2 Upload System Configuration File Enter Menu Selection Number Figure 11 5 Menu 24 7 System Maintenance Upload Firmware The configuration data system related data the error log and the trace log are all stored in the configuration file Please be aware that uploading the configuration file replaces everything contained within 11 6 Configuration and Firmware File Maintenance Prestige 645 ADSL Internet Access Router 11 4 1 Firmware Upload FTP is the preferred method for uploading the firmware and configuration To use this feature your computer must have an FTP client When you telnet into the Prestige you will see the following screens for uploading firmware and the configuration file using FTP Menu 24 7 1 System Maintenance Upload System Firmware To upload the system firmware follow the procedure below Launch the FTP client on your workstation Typ
165. will take precedence over sets 2 3 and 4 as the P645R by default applies the lowest numbered set first Set 2 will take precedence over sets 3 and 4 and so on You can design up to 12 schedule sets but you can only apply up to four schedule sets for a remote node Call Scheduling 13 1 Prestige 645 ADSL Internet Access Router To delete a schedule set enter the set number and press the SPACE BAR in the Edit Name field 13 3 Schedule Set Setup To setup a schedule set select the schedule set you want to setup from menu 26 1 12 press ENTER and then type in a name for the set Press ENTER to display Menu 26 1 Schedule Set Setup as shown next Menu 26 1 Schedule Set Setup Active Yes Start Date yyyy mm dd 2000 07 01 How Often Once Once Date yyyy mm dd 2001 01 01 Weekdays Sunday N A Monday N A Tuesday N A Wednesday N A Thursday N A Friday N A Saturday N A Start Time hh mm 12 00 Duration hh mm 10 00 Action Forced On Press ENTER to Confirm or ESC to Cancel Figure 13 2 Schedule Set Setup If a connection has already been established your P645R will not drop it Once the connection is dropped manually or it times out the time configured in the Duration field expires then that remote node can t be triggered again until the next configured start time Table 13 1 Schedule Set Setup Fields FIELD DESCRIPTION EXAMPLE Active Choose Yes to
166. work must have a seed router If you only have NetWare clients on your network then you must configure the Prestige as a seed router and set up unique network numbers for each frame type enabled using the Ethernet Setup Menu IPX Configuration 6 3 Prestige P645 ADSL Internet Access Router 6 3 IPX Ethernet Setup From Menu 3 Ethernet Setup enter 3 to go to Menu 3 3 Novell IPX Ethernet Setup as shown in the figure below Menu 3 3 Novell IPX Ethernet Setup Seed Router No Frame Type 802 2 Yes IPX Network N A Frame Type 802 3 No IPX Network N A Frame Type Ethernet II No IPX Network N A Frame Type SNAP No IPX Network N A Enter here to CONFIRM or ESC to CANCEL Press Space Bar to Toggle Figure 6 3 Menu 3 3 Novell IPX Ethernet Setup The following table describes the Novell IPX Ethernet Setup Menu Table 6 1 Novell IPX Ethernet Setup Fields FIELD DESCRIPTION EXAMPLE Seed Router Select Yes or No to determine if your Prestige 645R No is to act as a seed router Frame Type Enable Disable the individual frame type No Remember to enable only the ones that are actually used on your network 802 2 802 3 Ethernet II and SNAP IPX Network If your Prestige 645R is a seed router enter a N A unique network number for each frame type enabled Press ENTER at the message Press ENTER to Confirm to save your configuration or press ESC at any time to c
167. xample please consult the documentation of your TFTP client program For UNIX use get to transfer from the Prestige to the computer and binary to set binary transfer mode 11 2 4 Example TFTP Command The following is an example tftp command TFTP i host get rom 0 config rom where i specifies binary image transfer mode use this mode when transferring binary files host is the Prestige IP address get transfers the file source on the Prestige rom 0 name of the configuration file on the Prestige to the file destination on the computer and renames it config rom The following table describes some of the fields that you may see in third party TFTP clients Table 11 3 General Commands for Third Party TFTP Clients COMMAND DESCRIPTION Host Enter the IP address of the Prestige 192 168 1 1 is the Prestige s default IP address when shipped Send Fetch Use Send to upload the file to the Prestige and Fetch to back up the file on your computer Local File Enter the path and name of the firmware file bin extension or configuration file rom extension on your computer Remote File This is the filename on the Prestige The filename for the firmware is ras and for the configuration file is rom 0 Binary Transfer the file in binary mode Abort Stop transfer of the file TFTP over WAN will not work if you have applied a filter in menu 11 5 WAN to block Telnet service
Download Pdf Manuals
Related Search