ZyXEL Communications 645R-A Series Network Router User Manual
Contents
1. Fetch Next Filter Set 4 Fetch Next Filter Rule gt Yes Yes Next Filter Se Available Execute Filter Rule No Check Next Rule Forward y Drop l e Drop Ser zent y e e E Figure 17 2 Filter Rule Process You can apply up to four filter sets to a particular port to block various types of packets Because each filter set can have up to six rules you can have a maximum of 24 rules active for a single port 17 3 Filter Configuration Prestige 645R A Series User s Guide For incoming packets your Prestige applies data filters only Packets are processed depending on whether a match is found The following sections describe how to configure filter sets The Filter Structure of the Prestige A filter set consists of one or more filter rules Usually you would group related rules for example all the rules for NetBIOS into a single set and give it a descriptive name You can configure up to twelve filter sets with six rules in each set for a total of 72 filter rules in the system 17 2 Configuring a Filter Set To configure a filter set follow the steps shown next Step 1 Enter 21 in the main menu to display Menu 21 Filter Set Configuration Menu 21 Filter Set Configuration Filter Filter Comments Comments NetBIOS WAN NetBIOS LAN TELNET WAN PPPOE FTP WAN Enter Filter Set Number to Co2. FIELD DESCRIPTION EXAMPLE Type Press SPACE BAR and then ENTER to select from a total of five types One to One These are the mapping types discussed in the chapter on NAT web configurator screens Server allows you to specify multiple servers of different types behind NAT to this computer See section 16 5 3 for an example Local IP Only local IP fields are N A for server Global IP fields MUST be set for Server Start This is the starting local IP address ILA 0 0 0 0 End This is the ending local IP address ILA If the rule is for all local IPs then N A put the Start IP as 0 0 0 0 and the End IP as 255 255 255 255 This field is N A for One to One and Server types Global IP Start This is the starting inside global IP address IGA If you have a dynamic 0 0 0 0 IP enter 0 0 0 0 as the Global IP Start Note that Global IP Start can be set to 0 0 0 0 only if the types are Many to One or Server End This is the ending inside global IP address IGA This field is N A for N A One to One Many to One and Server types 16 8 NAT Prestige 645R A Series User s Guide Table 16 4 Menu 15 1 1 1 Editing Configuring an Individual Rule in a Set FIELD DESCRIPTION EXAMPLE Server Only available when Type is set to Server Type a number from 1 to 10 to Mapping Set choose a server set from menu 15 2 When you have completed this menu press ENTER at the prompt Press ENTER to confirm or
3. Setting up Your Computer s IP Address D 5 Prestige 645R A Series User s Guide 4 Select Internet Protocol TCP IP under the I Local Area Connection Properties General tab in Win XP and click Properties General Authentication Advanced Connect using E Standard PCI Fast Ethernet Adapter This connection uses the following items v sl Client for Microsoft Networks Y B File and Printer Sharing for Microsoft Networks v Bl QoS Packet Scheduler Description Transmission Control Protocol Intemet Protocol The default wide area network protocol that provides communication across diverse interconnected networks C Show icon in notification area when connected 5 Thelnternet Protocol TCP IP Properties Internet Protocol TCP IP Properties window opens the General tab in Windows XP EX If you have a dynamic IP address click Obtain You can get IP settings assigned automatically if your network supports an IP address automatica l ly e Er need to ask your network administrator for H If you have a static IP address click Use the Obtain an IP address automatically following IP Address and fill in the IP address O Use the following IP address Subnet mask and Default gateway fields Click Advanced Obtain DNS server address automatically Use the following DNS server addresses D 6 Setting up Your Computer s IP Address Prestige 645R A Series User s Guid
4. FCC Statement iii Prestige 645R A Series User s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user purchaser that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials ZyXEL will at its discretion repair or replace the defective products or components without charge for either parts or labor and to whatever extent it shall deem necessary to restore the product or components to proper operating condition Any replacement will consist of a new or re manufactured functionally equivalent product of equal value and will be solely at the discretion of ZyXEL This warranty shall not apply if the product is modified misused tampered with damaged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fitness for a particular use or purpose ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser To obtain the services of this warranty contact ZyXEL s Service Center for your Return Material Authorization nu
5. Figure 14 2 Menu 12 Static Route Setup Step 2 From menu 12 select 1 to open Menu 12 1 IP Static Route Setup shown next Menu 12 1 IP Static Route Setup co AU 4 QN HS Enter selection number Figure 14 3 Menu 12 1 IP Static Route Setup Step 3 Now type the route number of a static route you want to configure 14 2 Static Route Setup Prestige 645R A Series User s Guide Menu 12 1 1 Edit IP Static Route Route 1 Route Name Active No Destination IP Address IP Subnet Mask Gateway IP Address Metric 2 Private No Press ENTER to Confirm or ESC to Cancel Figure 14 4 Menu12 1 1 Edit IP Static Route The following table describes the fields for Menu 12 1 1 Edit IP Static Route Setup Table 14 1 Menu12 1 1 Edit IP Static Route FIELD DESCRIPTION Route This is the index number of the static route that you chose in menu 12 1 Route Name Type a descriptive name for this route This is for identification purpose only Active This field allows you to activate deactivate this static route Destination IP Address This parameter specifies the IP network address of the final destination Routing is always based on network number If you need to specify a route to a single host use a subnet mask of 255 255 255 255 in the subnet mask field to force the network number to be identical to the host ID IP Subnet Mask Type the subnet mask f
6. n 4 1 A bred 4 1 REG 148355 dne ten 4 2 EMOL iiis engeren 19 5 Error Information Messages Samples 5 ood Moe ta edt 19 6 Ethernet Encapsulation usus 6 5 Ethernet Traffic 17 18 F Factory LAN Defaults sss 5 2 joo ET lii Filename Conventions sss 20 1 Filet sni re erret 11 1 Applying Filters esses 17 17 Ethernet traffic sesse ee ee ee Re ee 17 18 Ethernet Traffic 17 18 Filter ER EE nets 19 7 Filter Rules nee 17 6 Filter Str cture sonst 17 4 Generic Filter Rule sess 17 12 Remote Node ette 13 9 Remote Node Filter 13 9 Remote Node Flters se se ee 17 18 Salina 17 16 SU C ida 17 14 TCP IP Filter Rule esse sees see ses ee 17 8 Filter logi NE EE HE 19 8 Filter Rule e eee ee ns 17 9 Filter Rule Process eese 17 3 Filter Rule Setup 17 7 Filter Rules Summary Sample iii ido 17 17 Filter Set Class sm ste o e eate 17 8 Filter Set Configuration sss 17 4 Filtering ascensus PES 17 1 17 8 Filtering Process Outgoing Packets iese se ee ee 17 2 FAN SOT AE EE 6 6 Firmware File MaintendnCl es sp tte 6 10 Forgot My Login Password A 3 Frame Relay essere 1 3 ME EE EE HK 6 5 6 6 7 1 FTP File Transfer sess 20 8 FTP Restrictions sss 20 4 FIP SV caco iet tete oer deed n 16 15 Full Rate estetico ees F 1 G
7. NAT Prestige 645R A Series User s Guide Table 6 4 NAT Mode LABEL DESCRIPTION None Select this radio button to disable NAT SUA Only Puis this radio button if you have just one public WAN IP address for your Prestige The restige uses Address Mapping Set 1 in the NAT Edit SUA NAT Server Set screen Edit Details Click this link to go to the NAT Edit SUA NAT Server Set screen Full Feature Select this radio button if you have multiple public WAN IP addresses for your Prestige Edit Details Click this link to go to the NAT Address Mapping Rules screen Apply Click Apply to save your configuration 6 5 Configuring SUA Server If you do not assign an IP Address in Server Set 1 default server then all packets received for ports not specified in this screen will be discarded Click NAT Select SUA Only and click Edit Details to open the following screen 6 8 NAT Prestige 645R A Series User s Guide NAT Edit SUA NAT Server Set Start Port No End Port No IP Address All ports All ports nung 0 0 0 a N UU ee dd A Kabes uh om N E TTT Save Figure 6 5 Edit SUA NAT Server Set The following table describes the labels in this screen Table 6 5 Edit SUA NAT Server Set LABEL DESCRIPTION Start Port No Enter a port number in this field To forward o
8. Chapter 15 Bridging Setup This chapter shows you how to configure the bridging parameters of your Prestige 15 1 Bridging Overview Bridging bases the forwarding decision on the MAC Media Access Control or hardware address while routing does it on the network layer IP address Bridging allows the Prestige to transport packets of network layer protocols that it does not route for example SNA from one network to another The caveat is that compared to routing bridging generates more traffic for the same network layer protocol and it also demands more CPU cycles and memory For efficiency reasons do not turn on bridging unless you need to support protocols other than IP on your network For IP enable the routing if you need it do not bridge what the Prestige can route 15 2 Bridge Ethernet Setup Basically all non local packets are bridged to the WAN Your Prestige does not support IPX 15 2 1 Remote Node Bridging Setup Follow the procedure in another section to configure the protocol independent parameters in Menu 11 1 Remote Node Profile For bridging related parameters you need to configure Menu 11 3 Remote Node Network Layer Options To setup Menu 11 3 Remote Node Network Layer Options shown in the next figure follow these steps Step 1 In menu 11 1 make sure the Bridge field is set to Yes Bridging Setup 15 1 Prestige 645R A Series User s Guide Menu 11 1 Remote Node Profile Rem
9. 19 3 System Information To get to the System Information Step 1 Step 2 Step 3 Enter 24 in the main menu to display Menu 24 System Maintenance Enter 2 to display Menu 24 2 System Information From this menu you have two choices as shown in the next figure Menu 24 2 System Information and Console Port Speed 1 System Information 2 Console Port Speed Please enter selection Figure 19 3 Menu 24 2 System Information and Console Port Speed 19 3 1 System Information Enter 1 in menu 24 2 to display the screen shown next System Information and Diagnosis 19 3 Prestige 645R A Series User s Guide Menu 24 2 1 System Maintenance Information Name P645R A1 Routing IP ZyNOS S W Version V3 40 NM 0 6 2 2003 ADSL Chipset Vendor SAMSUNG DSP Version 109 030225 Standard Multi Mode LAN Ethernet Address 00 a0 c5 55 07 5d IP Address 192 168 1 1 IP Mask 255 255 255 0 DHCP Server Press ESC or RETURN to Exit Figure 19 4 Menu 24 2 1 System Maintenance Information The following table describes the fields in this menu Table 19 2 Menu 24 2 1 System Maintenance Information FIELD DESCRIPTION Name Displays the system name of your Prestige This information can be changed in Menu 1 General Setup Routing Refers to the routing protocol used ZyNOS F W Version Refers to the ZyNOS ZyXEL Network Operating System system firmware version ZyNOS is a registere
10. Enter Network Password ax qe Please type your user name and password Site 192 168 1 1 Realm Prestige 545 User Name admin Password ma Save this password in your password list Cancel Figure 3 1 Password Screen Introducing the Web Configurator 3 1 Prestige 645R A Series User s Guide Step 6 Y ou should now see the Site Map screen The Prestige automatically times out after five minutes of inactivity Simply log back into the Prestige if this happens to you 3 3 Navigating the Prestige Web Configurator The following summarizes how to navigate the web configurator from the Site Map screen Screens vary slightly for different Prestige models gt Click Wizard Setup to begin a series of screens to configure your Prestige for the first time gt Click a link under Advanced Setup to configure advanced Prestige features gt Click a link under Maintenance to see Prestige performance statistics upload firmware and back up restore or upload a configuration file gt Click SITE MAP to go to the Site Map screen gt Click Logout in the navigation panel when you have finished a Prestige management session Wizard Setup Site Map Wizard Setup Advanced Setup Advanced Setup Maintenance Navigation panel Figure 3 2 Web Configurator SITE MAP Screen Logout Click the HELP icon located in the top right corner of most screens to view embedded help 3 2
11. Type of service of incoming packet PR Precedence of incoming packet Action GW Gateway IP address Outgoing Type of service Outgoing Precedence Service NM Normal MD Minimum Delay MT Maximum Throughput MR Maximum Reliability MC Minimum Cost IP Policy Routing 21 3 Prestige 645R A Series User s Guide Type a number from 1 to 6 to display Menu 25 1 1 IP Routing Policy see the next figure This menu allows you to configure a policy rule Menu 25 1 1 IP Routing Policy Policy Set Name test Active Yes Criteria IP Protocol Type of Service Precedence Source addr start 1 1 1 1 end 1 1 1 1 port start 20 end 20 Destination addr start 2 2 2 2 end 2 2 2 2 port start 20 end 20 6 Normal Packet length 40 0 Len Comp N A Action Matched Gateway addr Type of Service Precedence 192 168 1 1 Log No Max Thruput 0 Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 21 3 Menu 25 1 1 IP Routing Policy The following table describes the fields in this menu Table 21 2 Menu 25 1 1 IP Routing Policy FIELD DESCRIPTION Policy Set Name This is the policy set name assigned in Menu 25 IP Routing Policy Setup Active Press SPACE BAR and then ENTER to select Yes to activate or No to deactivate the policy Inactive policies are displayed with a minus sign in SMT menu 25
12. When you have completed this menu press ENTER at the prompt Press ENTER to Confirm to save your configuration or press ESC at any time to cancel 12 5 Route IP Setup The first step is to enable the IP routing in Menu 1 General Setup To edit menu 1 type in 1 in the main menu and press ENTER Set the Route IP field to Yes by pressing SPACE BAR Menu 1 General Setup System Name P645R El Location location Contact Person s Name Domain Name Edit Dynamic DNS No Route IP Bridge No Yes Press ENTER to Confirm or ESC to Cancel Figure 12 5 Menu 1 General Setup 12 4 Internet Access Prestige 645R A Series User s Guide 12 6 Internet Access Configuration Menu 4 allows you to enter the Internet Access information in one screen Menu 4 is actually a simplified setup for one of the remote nodes that you can access in menu 11 Before you configure your Prestige for Internet access you need to collect your Internet account information Use the Internet Access Checklist table in the Read Me First to record your Internet account information Note that if you are using PPPoA or PPPoE encapsulation then the only ISP information you need is a login name and password You only need to know the Ethernet Encapsulation Gateway IP address 1f you are using ENET ENCAP encapsulation From the main menu type 4 to display Menu 4 Internet Access Setup as shown next Menu 4 In
13. 2 32 33 62 63 3 64 65 94 95 4 96 97 126 127 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 223 254 255 The following table is a summary for class C subnet planning B 6 IP Subnetting Prestige 645R A Series User s Guide Chart B 12 Class C Subnet Planning NO BORROWED HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252 30 64 2 7 255 255 255 254 31 128 1 Subnetting With Class A and Class B Networks For class A and class B addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID A class B address has two host ID octets available for subnetting and a class A address has three host ID octets see Chart B 1 available for subnetting The following table is a summary for class B subnet planning Chart B 13 Class B Subnet Planning NO BORROWED HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 128 0 17 2 32766 2 255 255 192 0 18 4 16382 3 255 255 224 0 19 8 8190 4 255 255 240 0 20 16 4094 5 255 255 248 0 21 32 2046 6 255 255 252 0 22 64 1022 7 255 255 254 0 23 128 510 8 255 255 255 0 24 256 254 9 255 2
14. Type the IP address of your Prestige in the Router address box Click Apply Now and close the window 6 Turn on your Prestige and restart your computer if prompted Verifying Settings Check your TCP IP properties in the Network window Setting up Your Computer s IP Address D 11 Prestige 645R A Series User s Guide Appendix E Virtual Circuit Topology ATM is a connection oriented technology meaning that it sets up virtual circuits over which end systems communicate The terminology for virtual circuits is as follows e Virtual Channel Logical connections between ATM switches e Virtual Path A bundle of virtual channels e Virtual Circuit A series of virtual paths between circuit end points virtual circuit Diagram E 1 Virtual Circuit Topology Think of a virtual path as a cable that contains a bundle of wires The cable connects two points and wires within the cable provide individual circuits between the two points In an ATM cell header a VPI Virtual Path Identifier identifies a link formed by a virtual path a VCI Virtual Channel Identifier identifies a channel within a virtual path The VPI and VCI identify a virtual path that is termination points between ATM switches A series of virtual paths make up a virtual circuit Your service provider should supply you with VPI VCI numbers Virtual Circuit Topology E 1 Prestige 645R A Series User s Guide Appendix F Splitters and Microfilters This appe
15. Your Prestige is compatible with the major ADSL DSLAM Digital Subscriber Line Access Multiplexer providers making configuration as simple as possible for you Multiplexing Your Prestige supports VC based and LLC based multiplexing Encapsulation The Prestige supports PPPoA RFC 2364 PPP over ATM Adaptation Layer 5 RFC 1483 encapsulation over ATM and MAC encapsulated routing ENET ENCAP as well as PPP over Ethernet RFC 2516 SNMP SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network devices SNMP is a member of the TCP IP protocol suite Your Prestige supports SNMP agent functionality which allows a manager station to manage and monitor the Prestige through the network The Prestige supports SNMP version one SNMPv1 and version two SNMPv2 Network Address Translation NAT Network Address Translation NAT allows the translation of an Internet protocol address used within one network for example a private IP address used in a local network to a different IP address known within another network for example a public IP address used on the Internet Full Network Management e SNMP Simple Network Management Protocol support e SMT System Management Terminal through a telnet connection e Web configurator 1 2 Getting To Know Your Prestige Prestige 645R A Series User s Guide PAP and CHAP Security The Prestige supports PAP Password Authentication
16. 0 ja Action Edit Select Rule Press ENTER to Confirm or ESC to Cancel Figure 16 6 Menu 15 1 2 If the Set Name field is left blank the entire set will be deleted The Type Local and Global Start End IPs are configured in menu 15 1 1 1 described later and the values are displayed here Ordering Your Rules Ordering your rules is important because the Prestige applies the rules in the order that you specify When a rule matches the current packet the Prestige takes the corresponding action and the remaining rules are ignored If there are any empty rules before your new configured rule your configured rule will be pushed 16 6 NAT Prestige 645R A Series User s Guide up by that number of empty rules For example if you have already configured rules 1 to 6 in your current set and now you configure rule number 9 In the set summary screen the new rule will be rule 7 not 9 Now if you delete rule 4 rules 5 to 7 will be pushed up by 1 rule so as old rule 5 becomes rule 4 old rule 6 becomes rule 5 and old rule 7 becomes rule 6 Table 16 3 Menu 15 1 2 FIELD DESRIPTION EXAMPLE Set Name Enter a name for this set of rules This is a required field If this field ACL Default is left blank the entire set will be deleted Set Action The default is Edit Edit means you want to edit a selected rule see Edit following field Insert Before means to insert a rule before the rule selected The
17. 19 6 Eommand Initerpreter Mode ee ee dee Ra eie C ee aech E 19 9 Chapter 20 Firmware and Configuration File Maintenance eese eee eee eese Be Bee Bee Be ee atn ee 20 1 20 1 Filename Conventions 1e ies eR idee labo 20 1 20 2 Backup Corfigurati n ae eo ea E I se iE RE eS 20 2 20 2 1 Backup Configuration esee tee e EEN ENEE 20 3 20 2 2 Using the FTP Command from the Command Line eee 20 3 20 2 3 Example of FTP Commands from the Command me 20 3 20 2 4 GUIbased FTC HENS ste RR UR up et aee OA eem 20 4 20 2 5 TFTP and FTP over WAN Will Not Work When sesse see se ek ae RA Re ee Ee ee ee ee ee 20 4 20 2 6 Backup Configuration Using TFTP sees 20 5 20 2 7 TFTP Command Example ui esee eee e eee et Renee Per ee ELE Cede ei Pe Rae E de 20 5 20 28 GUI based TETP Clients rihanna e e LARA de 20 5 20 3 Restore Configuration eset ec e me eese t Ue ne ies Ee e P QR i 20 6 20 31 Restore Using TP iii a i bon pen INE 20 6 20 3 2 Restore Using FTP Session sample 20 8 D Table of Contents Prestige 645R A Series User s Guide 20 4 Uploading Firmware and Configuration Files nono ncnn RR GRA Re Gee ee 20 8 2041 FirmwareFile Upload uae eta eter ated wan 20 8 20 4 3 Configuration File Upload 20 9 20 4 3 FTP File Upload Command from the DOS Prompt Example sss 20 9 20 4 4 FTP Session Example of Firmware File Upload 20 10 20 45 TETP Eile Upload Ee is tote cc toc reed
18. 20 6 Firmware and Configuration File Maintenance Prestige 645R A Series User s Guide For details about backup using T FTP please refer to earlier sections on FTP and TFTP file upload in this chapter Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Menu 24 6 Restore Configuration To transfer the firmware and the configuration file follow the procedure below 1 Launch the FTP client on your computer 2 Type open and the IP address of your system Then type root and SMT password as requested 3 Type put backupfilename rom 0 where backupfilename is the name of your backup configuration file on your computer and rom 0 is the remote file name on the system This restores the configuration to your system 4 The system reboots automatically after a successful file transfer For details on FTP commands please consult the documentation of your FTP client program For details on restoring using TFTP note that you must remain on this menu to restore using TFTP please see your user manual Press ENTER to Exit Figure 20 3 Telnet into Menu 24 6 Launch the FTP client on your computer Enter open followed by a space and the IP address of your Prestige Press ENTER when prompted for a username Enter your password as requested the default is 1234 Enter bin to set transfer mode to binary Find the rom file on your computer that you want to restore
19. DP 21 Enter Filter Rule Number 1 6 to Configure Figure 17 8 FTP_WAN Filter Rules Summary 17 2 1 Filter Rules Summary Menus The following tables briefly describe the abbreviations used in menu 21 x Table 17 1 Abbreviations Used in the Filter Rules Summary Menu FIELD DESCRIPTION The filter rule number 1 to 6 A Active Y means the rule is active N means the rule is inactive Type The type of filter rule GEN for Generic IP for TCP IP Filter Rules These parameters are displayed here 17 6 Filter Configuration Prestige 645R A Series User s Guide Table 17 1 Abbreviations Used in the Filter Rules Summary Menu FIELD DESCRIPTION More Y means there are more rules to check which form a rule chain with the present rule An action cannot be taken until the rule chain is complete N means there are no more rules to check You can specify an action to be taken for instance forward the packet drop the packet or check the next rule For the latter the next rule is independent of the rule just checked Action Matched F means to forward the packet immediately and skip checking the remaining rules D means to drop the packet N means to check the next rule Action Not Matched F means to forward the packet immediately and skip checking the remaining rules D means to drop the packet N means
20. Embedded web help for descriptions of individual screens and supplementary information gt ZyXEL Glossary and Web Site Please refer to www zyxel com for an online glossary of networking terms and additional support documentation Syntax Conventions e Enter means for you to type one or more characters Select or Choose means for you to use one predefined choices e The SMT menu titles and labels are in Bold Times New Roman font Predefined field choices are in Bold Arial font Command and arrow keys are enclosed in square brackets ENTER means the Enter or carriage return key ESC means the Escape key and SPACE BAR means the Space Bar e Mouse action sequences are denoted using a comma For example click the Apple icon Control Panels and then Modem means first click the Apple icon then point your mouse pointer to Control Panels and then click Modem Preface Xix Prestige 645R A Series User s Guide e For brevity s sake we will use eg as a shorthand for for instance and e for that is or in other words throughout this manual e The Prestige 645R A series may be referred to as the Prestige in this user s guide The following section offers some background information on DSL Skip to Chapter 1 if you wish to begin working with your router right away User Guide Feedback Help us help you E mail all User Guide related comments questions or suggestions for impro
21. Menu 11 1 Remote Node Profile Rem Node Name ChangeMe Route IP Active Yes Bridge No Encapsulation PPPoE Edit IP Bridge No Multiplexing VC based Edit ATM Options No Service Name Telco Option Incoming Allocated Budget min 0 Rem Login Period hr 0 Rem Passwords x x Schedules 1 2 3 4 ee schedule Outgoing Nailed Up Connection No SEIS NETS My Login My Password Session Options Authen CHAP PAP Edit Filter Sets No Idle Timeout sec 100 Press ENTER to Confirm or ESC to Cancel Figure 22 3 Applying Schedule Set s to a Remote Node PPPoE You can apply up to four schedule sets separated by commas for one remote node Change the schedule set numbers to your preference s 22 4 Call Scheduling Appendices and Index Part VI Appendices and Index VI Prestige 645R A Series User s Guide Appendix A Troubleshooting This chapter covers potential problems and the corresponding remedies A 1 Using LEDs to Diagnose Problems The LEDs are useful aides for finding possible problem causes A 1 1 Power LED The PWR LED on the front panel does not light up Chart A 1 Troubleshooting Power LED STEPS CORRECTIVE ACTION 1 Make sure that the Prestige s power adaptor is connected to the Prestige and plugged in to an appropriate power source Use only the supplied power adaptor 2 Check that the Prestige and the power source are both turned on
22. System Name This is the name of your Prestige It is for identification purposes ZyNOS F W Version This is the ZyNOS firmware version and the date created ZyNOS is ZyXEL s proprietary Network Operating System design DSL FW Version This is the DSL firmware version associated with your Prestige Standard This is the standard that your Prestige is using WAN Information IP Address This is the WAN port IP address IP Subnet Mask This is the WAN port IP subnet mask Default Gateway This is the IP address of the default gateway if applicable VPI VCI This is the Virtual Path Identifier and Virtual Channel Identifier that you entered in the first Wizard screen LAN Information MAC Address This is the MAC Media Access Control or Ethernet address unique to your Prestige IP Address This is the LAN port IP address IP Subnet Mask This is the LAN port IP subnet mask DHCP This is the WAN port DHCP role Server Relay not all Prestige models or None DHCP Start IP This is the first of the contiguous addresses in the IP address pool DHCP Pool Size This is the number of IP addresses in the IP address pool Maintenance 8 3 Prestige 645R A Series User s Guide Table 8 1 System Status LABEL DESCRIPTION Show Statistics Click Show Statistics to see router performance statistics such as number of packets sent
23. The borrowed host ID bit can be either 0 or 1 thus giving two subnets 192 168 1 0 with mask 255 255 255 128 and 192 168 1 128 with mask 255 255 255 128 In the following charts shaded bolded last octet bit values indicate host ID bits borrowed to form network ID bits The number of borrowed host ID bits determines the number of subnets you can have The remaining number of host ID bits after borrowing determines the number of hosts you can have on each subnet Chart B 5 Subnet 1 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask 255 255 255 128 Subnet Mask Binary 11111111 11111111 11111111 10000000 Subnet Address 192 168 1 0 Lowest Host ID 192 168 1 1 Broadcast Address 192 168 1 127 Highest Host ID 192 168 1 126 Chart B 6 Subnet 2 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask 255 255 255 128 Subnet Mask Binary 11111111 11111111 11111111 10000000 Subnet Address 192 168 1 128 Lowest Host ID 192 168 1 129 Broadcast Address 192 168 1 255 Highest Host ID 192 168 1 254 The remaining 7 bits determine the number of hosts each subnet can have Host IDs of all zeros represent the subnet itself and host IDs of all ones are the broadcast address for that subnet
24. chapter and apply them on the Prestige LAN interface here You can apply up to four IP Policy sets from twelve by entering their numbers separated by commas Edit IP Alias The Prestige supports three logical LAN interfaces via its single No physical Ethernet interface with the Prestige itself as the gateway for default each LAN network Press SPACE BAR to change No to Yes and press ENTER to for menu 3 2 1 11 4 Ethernet Setup Prestige 645R A Series User s Guide Chapter 12 Internet Access This chapter shows you how to configure the LAN and WAN of your Prestige for Internet access 12 1 Internet Access Overview Refer to the chapters on the web configurator s wizard LAN and WAN screens for more background information on fields in the SMT screens covered in this chapter 12 2 IP Policies Traditionally routing is based on the destination address only and the router takes the shortest path to forward a packet IP Policy Routing IPPR provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator Policy based routing is applied to incoming packets on a per interface basis prior to the normal routing Create policies using SMT menu 25 see P Policy Routing and apply them on the Prestige LAN and or WAN interfaces using menus 3 2 LAN and 11 3 WAN 12 3 IP Alias IP Alias allows you to partition a physical networ
25. to select the RIP Direction Options are Both In Only Out Only or None None Version Press SPACE BAR and then ENTER to select the RIP version Options are RIP 1 RIP 2B or RIP 2M RIP 1 Multicast IGMP v1 sets IGMP to version 1 IGMP v2 sets IGMP to version 2 and None disables IGMP None IP Policies You can apply up to four IP Policy sets from 12 by typing in their numbers separated by commas Configure the filter sets in menu 25 first see the P Policy Routing chapter and then apply them here 3 4 5 6 When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 13 8 Remote Node Configuration Prestige 645R A Series User s Guide 13 4 1 My WAN Addr Sample IP Addresses The following figure uses sample IP addresses to help you understand the field of My Wan Addr in menu 11 3 Refer to the previous LAN and WAN IP Addresses figure in the web configurator chapter on LAN setup for a brief review of what a WAN IP is My WAN Addr indicates the local Prestige WAN IP 172 16 0 1 in the following figure while Rem IP Addr indicates the peer WAN IP 172 16 0 2 in the following figure Local Network 192 168 1 0 Remote Network xDSL Lines 10 100MB Figure 13 4 Sample IP Addresses for a TCP IP LAN to LAN Connection 13 5 Remote Node Fil
26. 1 13 6 1 VC based Multiplexing non PPP Encapsulation For VC based multiplexing by prior agreement a protocol is assigned a specific virtual circuit for example VC1 will carry IP Separate VPI and VCI numbers must be specified for each protocol Menu 11 6 Remote Node ATM Layer Options VPI VCI VC Multiplexing VC i or IP VC i for Bridge CPI 8 CPI 1 Separate VPI and VEL age AO VCI numbers must e UBR R Ype N A Peak Cell Rate PCR 0 Peak Cell Rate PCR N A be specified Sustain Cell Rate SCR 0 Sustain Cell Rate SCR N A Maximum Burst Size MBS 0 Maximum Burst Size MBR N A Press ENTER to Confirm or ESC to Cancel Figure 13 11 Menu 11 6 for VC based Multiplexing 13 6 2 LLC based Multiplexing or PPP Encapsulation For LLC based multiplexing or PPP encapsulation one VC carries multiple protocols with protocol identifying information being contained in each packet header Remote Node Configuration 13 13 Prestige 645R A Series User s Guide Menu 11 6 Remote Node ATM Layer Options VPI VCI LLC Multiplexing or PPP Encapsulation Only one set of VPI and VCI numbers eTl Rate PCR 0 needs to be Sustain Cell Rate SCR 0 at Maximum Burst Size MBS 0 specified ENTER here to CONFIRM or ESC to CANCEL Figure 13 12 Menu 11 6 for LLC based Multiplexing or PPP Encapsulation In this case only one set of VPI and VCI numbers need be specified for
27. 645R A Series User s Guide Table 20 3 General Commands for GUI based TFTP Clients COMMAND DESCRIPTION Host Enter the IP address of the Prestige 192 168 1 1 is the Prestige s default IP address when shipped Send Fetch Use Send to upload the file to the Prestige and Fetch to back up the file on your computer Local File Enter the path and name of the firmware file bin extension or configuration file rom extension on your computer Remote File This is the filename on the Prestige The filename for the firmware is ras and for the configuration file is rom 0 Binary Transfer the file in binary mode Abort Stop transfer of the file Refer to section 20 2 5 to read about configurations that disallow TFTP and FTP over WAN 20 3 Restore Configuration This section shows you how to restore a previously saved configuration Note that this function erases the current configuration before restoring a previous back up configuration please do not attempt to restore unless you have a backup configuration file stored on disk FTP is the preferred method for restoring your current computer configuration to your Prestige since FTP is faster Please note that you must wait for the system to automatically restart after the file transfer 1s complete WARNING DO NOT INTERRUPT THE FILE TRANSFER PROCESS AS THIS MAY PERMANENTLY DAMAGE YOUR PRESTIGE 20 3 1 Restore Using FTP
28. A N A end end N A 21 end end Log No Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 21 8 IP Routing Policy Example Step 6 Step 7 Check Menu 25 1 IP Routing Policy Setup to see if the rule is added correctly Apply both policy sets in menu 3 2 as shown next DHCP Setup DHCP Server Primary DNS Server Remote DHCP Server TCP IP Setup IP Address 192 168 IP Subnet Mask 255 RIP Direction Both Version RIP 1 Multicast None IP Policies 1 2 Edit IP Alias No Press Space Bar to Toggle Menu 3 2 TCP IP and DHCP Ethernet Setup Client IP Pool Starting Size of Client IP Pool 0 0 Secondary DNS Server 0 N A Press ENTER to Confirm or Address 192 168 1 33 64 0 0 0 0 0 255 0 ESC to Cancel Figure 21 9 Applying IP Policies Example IP Policy Routing 21 9 Prestige 645R A Series User s Guide Chapter 22 Call Scheduling Call scheduling applicable for PPPoA or PPPoE encapsulation only allows you to dictate when a remote node should be called and for how long 22 1 Call Scheduling Overview The call scheduling feature allows the Prestige to manage a remote node and dictate when a remote node should be called and for how long This feature is similar to the scheduler in a video cassette recorder you can specify a time period for the VCR to record You can apply up to 4 schedule sets in Menu 11 1 Rem
29. Access Control 15 1 policy based routing sss 21 1 Message Logging sese 19 5 POPI ekreis ate EE Oen 6 6 Metti ad 13 5 13 8 14 3 Port Numbers iria See 6 6 Wu Mee 5 3 13 8 Power Adapter secet ees 2 4 Multiplexing PPP Encapsulation esses 13 13 LUC based seen 4 2 IN NL 19 7 19 8 Index H 3 Prestige 645R A Series User s Guide di N EE 13 2 Server 6 4 16 4 16 5 16 8 16 9 16 10 16 13 PEL ER 6 6 16 14 Precedence 4n etes 21 1 21 4 SV ti GE E AE noe iv Private 5 estet e tu n xe tithe 13 8 14 4 Service A tiene A 5 Protocol eese tees 17 9 SELVICES it eese ise 6 5 6 6 Protocol Filter Rules sesse see ee ee 17 14 setup a schedule ee ee ee ee ee ee ee 22 2 Single User Account 12 6 0 SMT Menu OVErVleW sese 9 1 Quality of Service seem ttv ea 21 1 SMEEB NO 6 6 Quick Start Guide ee ee ee ee 3 1 AA erre E the gto dee ie e 6 6 CA 18 3 R Configuration esses 18 2 RAS d 19 4 21 2 reese ee 18 2 Rate Manaf ef sei EE de ree rere ten 18 2 Pete VINE EE ien 19 2 s SEH e Transmission ees ee ee ee ee Re 19 2 T EE WEE SG DOE 183 Read Me Firet iese Ee Se SERE Ee Ee GR EDE Ge ad xix ee KEER RE ee ER MELD Rear Panel EE EER this eo ias 2 2 SNME Simpie Network Management Protocol Realated E A sce center BS EE 1 2 Remote DHCP Server 113 Source Based Routmg ees ee see ee RA 21 1 EE Re DY ve ae Splitters uin da Fel Remote Node 13 1 19 2 B Static Rou
30. Cancel Figure 16 16 Example 3 Menu 11 3 The following figures show how to configure the first rule NAT 16 15 Prestige 645R A Series User s Guide Menu 15 1 1 1 Address Mapping Rule Type One to One Local IP Start 192 168 1 10 End N A Global IP Start 10 132 50 1 End N A Server Mapping Set N A Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 16 17 Example 3 Menu 15 1 1 1 Menu 15 1 1 Address Mapping Rules Set Name Idx Local abhal End IP 7192 168 1 10 192 168 1 11 0 0 0 0 255 255 2557255 Action Edit Select Rule Press ENTER to Confirm or ESC to Cancel Figure 16 18 Example 3 Final Menu 15 1 1 Now configure the IGA3 to map to our web server and mail server on the LAN Step 8 Enter 15 from the main menu Step 9 Enter 2 in Menu 15 NAT Setup Step 10 Enter 1 in Menu 15 2 NAT Server Sets to see the following menu Configure it as shown 16 16 NAT Prestige 645R A Series User s Guide Menu 15 2 1 NAT Server Setup Start Port No End Port No IP Address Default Default 80 80 25 25 Q SCC CC EN CO OO OO oO OO OO oo ooooocoooococcdiwumeo 0 0 0 0 0 0 0 0 0 oooooooody Press ENTER to Confirm or ESC to Cancel Example 3 Menu 15 2 1 16 5 4 Example 4 NAT Unfriendly Application Programs Some applications do not support NAT Mapping using TCP or UDP port address translation In this case it is better t
31. GE 7 Subnet l s EE B 5 EE Ge B 5 Clhart B 9 Subnet 3 EE B 5 Chart B 10 Subrnet4 sendet emt A LE EES edo OS TIE N B 6 Chart B 11 TES ie ER OE EE aii B 6 Chart B 12 Class C Subnet Planning ie GEE EES Ge GEE tete eed e EE R ee Rg B 7 Chart B 13 Class B Subnet Planning 5 se Ee li Ge eiia B 7 xviii List of Charts Prestige 645R A Series User s Guide Preface Congratulations on your purchase from the Prestige 645R A ADSL Router series Y our Prestige is easy to install and configure Use the web configurator System Management Terminal SMT or command interpreter interface to configure your Prestige Not all features can be configured through all interfaces Don t forget to register your Prestige online at www zyxel com for free future product updates and information About This User s Guide This manual is designed to guide you through the configuration of your Prestige for its various applications The web configurator parts of this guide contain background information on features configurable by web configurator The SMT parts of this guide contain background information on features not configurable by web configurator Related Documentation gt Supporting Disk Refer to the included CD for support documents gt Read Me First The Read Me First is designed to help you get up and running right away It contains connection information and instructions on getting started gt Web Configurator Online Help
32. Gale WAY oct ee ele EES EE 14 3 Gateway Node 15 4 General Setup esie 10 1 H Hidden Memes 9 3 Hop Count EN EeN 13 8 14 3 lebe 3 3 Host IDS eet nre ene t irr decere B 1 HPPP iile ER EE 6 6 I TAINA ito EE EE EE 4 6 IGMP cia 5 3 IGMP support 13 8 Interactive Applications ese sees ee ee 21 1 Internet a6 Cession EES RR ine 12 1 Internet Access 1 1 1 3 1 4 11 2 12 1 12 5 Internet Access Setup A 5 16 1 Internet Assigned Numbers Authority See IANA Introduction to DSL sese xxi IN 4 4 5 3 6 5 6 8 8 6 11 3 14 3 15 4 17 9 19 4 19 9 21 3 IP Address Assignment sees ee ee ee 4 5 ENETENCAP 5 onec tdi 4 5 PPPOA or PPPOoE seen 4 5 RE L t ee eere tein 4 5 IP Addressing sese B 1 IP Alias SEtUD ee ee ee ee Re Re RR Re ee 12 2 IP Cl SS68 5 et eet eee RE B 1 AAA E 17 11 H 2 Prestige 645R A Series User s Guide Logic Flow AO EE eres 17 10 VC pasedes son cla sts 4 2 IPmask EE 17 9 Multiplexing 1 2 4 2 12 6 13 2 IP Packet 32 d li A 17 12 Multiprotocol Encapsulation 4 2 IP Beleeger ti o etit b 21 5 My WAN Address 13 7 IP Policy Routing IPPR 1 2 12 1 Applying an IP Policy ses 21 5 N Ethernet IP Policies e 21 5 Nailed Up Connection iese se see ee 4 6 GIate Way E 21 5 N T REL MER MEN 4 5 6 5 6 7
33. Mapping Set N A Metric 2 Private No RIP Direction None Version RIP 1 Multicast None IP Policies Enter here to CONFIRM or ESC to CANCEL Ethernet Addr Timeout min N A Figure 16 2 Menu 11 3 Applying NAT to the Remote Node The following table describes the options for Network Address Translation Table 16 1 Applying NAT in Menus 4 amp 11 3 menu 15 1 see section 16 3 1 Choose SUA Only if you have just one public WAN IP address for your Prestige FIELD DESCRIPTION EXAMPLE NAT Press SPACE BAR and then ENTER to select Full Feature if you Full Feature have multiple public WAN IP addresses for your Prestige The SMT uses the address mapping set that you configure and enter in the Address Mapping Set field menu 15 1 see section 16 3 1 Select None to disable NAT None When you select SUA Only the SMT uses Address Mapping Set 255 SUA Only 16 3 NAT Setup Use the address mapping sets menus and submenus to create the mapping table used to assign global addresses to computers on the LAN You can see two NAT address mapping sets in menu 15 1 You can only configure Set 1 Set 255 is used for SUA When you select Full Feature in menu 4 or 11 3 the SMT will use Set 1 When you select SUA Only the SMT will use the pre configured Set 255 read only NAT 16 3 Prestige 645R A Series User s Guide The server set is a list of LAN servers mapped to external ports To use this se
34. Node Filters Go to menu 11 5 shown next and type the number s of the filter set s as appropriate You can cascade up to four filter sets by typing their numbers separated by commas The factory default filter set NetBIOS WAN is inserted in the protocol filters field under Call Filter Sets in menu 11 5 to block local NetBIOS traffic from triggering calls to the ISP 17 18 Filter Configuration Prestige 645R A Series User s Guide Menu 11 5 Remote Node Filter Input Filter Sets protocol filters 5 device filters Output Filter Sets protocol filters 4 device filters Call Filter Sets Apply filter 5 to block FTP traffic from the WAN Protocol filters 1 a Device filters Enter here to CONFIRM or ESC to CANCEL Figure 17 17 Filtering Remote Node Traffic Apply Default Filters 1 and 4 here Enter 1 in protocol filters under Output Filter Sets when using Ethernet encapsulation Note that call filter sets are visible when you select PPPoA or PPPoE encapsulation Filter Configuration 17 19 Prestige 645R A Series User s Guide Chapter 18 SNMP Configuration This chapter explains SNMP Configuration menu 22 18 1 SNMP Overview Simple Network Management Protocol is a protocol used for exchanging management information between network devices SNMP is a member of the TCP IP protocol suite Your Prestige supports SNMP agent functionality which allows a manager stat
35. Node Name Active Yes Encapsulation ENET ENCAP Multiplexing VC based Service Name N A Incoming Rem Login N A Rem Password N A Outgoing My Login N A My Password N A Authen N A Route IP Bridge Yes Edit IP Bridge Yes Edit ATM Options No Telco Option Allocated Budget min N A Period hr N A Schedule Sets N A Nailed Up Connection N A Session Options Edit Filter Sets No Idle Timeout sec N A Press ENTER to Confirm or ESC to Cancel Figure 15 1 Menu 11 1 Remote Node Profile Step 2 Move the cursor to the Edit IP Bridge field then press SPACE BAR to set the value to Yes and press ENTER to edit Menu 11 3 Remote Node Network Layer Options Menu 11 3 Remote Node Network Layer Options IP Options Bridge Options IP Address Assignment Static Ethernet Addr Timeout min 0 Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 My WAN Addr 0 0 0 0 NAT Full Feature Address Mapping Set 2 Metric 2 Private No RIP Direction Both Version RIP 2B Multicast IGMP v2 IP Policies Press ENTER to Confirm or ESC to Cancel Figure 15 2 Menu 11 3 Remote Node Network Layer Options 15 2 Bridging Setup Prestige 645R A Series User s Guide Table 15 1 Menu 11 3 Remote Node Network Layer Options Bridge Fields 11 1 FIELD DESCRIPTION Bridge menu 11 1 Make sure this field is set to Yes Edit IP Bridge menu Press SPACE BAR to select Yes and press ENTER to display
36. One Many to One and Server mapping types Server Mapping Only available when Type is set to Server Set Select a number from 1 to 10 from the drop down menu to choose a server set from the NAT Address Mapping Rules screen Edit Details Click this link to go to the NAT Edit SUA NAT Server Set screen to edit a server set that you have selected in the Server Mapping Set field Apply Click Apply to save your changes back to the Prestige Reset Click Reset to reload the previous configuration for this screen Delete Click Delete to exit this screen without saving NAT 6 13 Prestige 645R A Series User s Guide Chapter 7 Dynamic DNS Setup This chapter discusses how to configure your Prestige to use Dynamic DNS 7 1 Dynamic DNS Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you in NetMeeting CU SeeMe etc You can also access your FTP server or Web site on your own computer using a DNS like address for instance myhost dhs org where myhost is a name of your choice that will never change instead of using an IP address that changes each time you reconnect Your friends or relatives will always be able to call you even if they don t know your IP address First of all you need to have registered a dynamic DNS account with www dyndns org This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a DNS name
37. Protocol and CHAP Challenge Handshake Authentication Protocol CHAP is more secure since the password is scrambled prior to transmission However PAP is readily available on more platforms Filters The Prestige s packet filtering functions allow added network security and management Reset Button The Prestige comes with a reset button built into the rear panel Use this button to restore the factory default password to 1234 IP address to 192 168 1 1 subnet mask to 255 255 255 0 and DHCP server enabled with a pool of 32 IP addressed starting at 192 168 1 33 1 3 Applications for the Prestige Here are some example uses for which the Prestige is well suited 1 3 1 Internet Access The Prestige 1s the ideal high speed Internet access solution Your Prestige supports the TCP IP protocol which the Internet uses exclusively It is compatible with all major ADSL DSLAM providers A DSLAM is arack of ADSL line cards with data multiplexed into a backbone network interface connection e g T1 OC3 DS3 ATM or Frame Relay Think of it as the equivalent of a modem rack for ADSL A typical Internet Access application is shown next Getting To Know Your Prestige 1 3 Prestige 645R A Series User s Guide Office LAN 10 100M Ethernet INTERNET It Wu Qo DSLAM Edge Router Figure 1 1 Internet Access Application Prestige ISP 1 3 2 LAN to LAN Application You can use the Prestige to connect two ge
38. RICK 7 2 Table 8 1 System Status 8 3 Table 8 2 System Status Show Statistics ooooocooonoconocononoconooononononnnonn con ee Re Re rn nn GR Re GRA GRA nnne nennen 8 5 Table 8 3DHGCP Table iaa 8 6 Table 8 4Didgnostic General SE ER Ge ee A see a ee 8 8 Table 8 5 Diagnostic DSL Line ee ee se RR RR GR GR Re RR GRA GRA GRA Re Ee ee ee ee Re ee Re Ge Re GR Re GR Re Re ee Re ee Re ee 8 10 Table 8 6 Firmware Upgrade 8 11 Table 9 1 Main Menu Commandes 9 3 Table 9 2 Main Menu Summary cocoocccoccnonnonnnonnnnncnnnconocn nono nono nn GRA GRA Gee Ee ee ee Ge GE Re GE Re RN Re Re GE Re GR Re GR Re GR ee ee ee ee ee 9 4 Table 10 1 Men l General Setup ricn ER EE EE N EE EE sees 10 2 Table 10 2 Menu 1 1 Configure Dynamic DNS se es ee RA RA Re Re ee Re Ge Re GR Re GR ee Re ee Re ee Re ee Re RA 10 3 Table 11 1 DHCP Ethernet Setup Menu Fields 11 3 Table 11 2 TCP IP Ethernet Setup Menu Helde 11 3 Table 12 1 Menu 3 2 1 IP Alias Setup eese e ecce tete ee ee eet e eie ie Gee ee di 12 4 Table 12 2 Menu 4 Internet Access Setup ococococnnoonnonononconnconocn nono ncon nooo nonn nono non ee ee ee nnne nro rra nr rn rennen enn 12 5 Table 13 1 Menu 11 1 Remote Node Profile essere nennen nennen enne nnns 13 3 Table 13 2 Menu 11 3 Remote Node Network Layer Options esses 13 7 Table 14 1 Menul2 1 1 Edit IP Static Route 14 3 Table 15 1 Menu 11 3 Remote Node Network Layer Options Bridge Feld 15 3 Table 15 2 Menu 12 3 1 Edit Bridge Static Route 15
39. Saturday N A Start Time hh mm 00 00 Duration hh mm 00 00 Action Forced On Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 22 2 Menu 26 1 Schedule Set Setup If a connection has been already established your Prestige will not drop it Once the connection is dropped manually or it times out then that remote node can t be triggered up until the end of the Duration Table 22 1 Menu 26 1 Schedule Set Setup FIELD DESCRIPTION EXAMPLE Active Press SPACE BAR to select Yes or No Choose Yes and press Yes ENTER to activate the schedule set Start Date Enter the start date when you wish the set to take effect in year 2000 01 01 month date format Valid dates are from the present to 2036 February 5 22 2 Call Scheduling Prestige 645R A Series User s Guide Table 22 1 Menu 26 1 Schedule Set Setup FIELD DESCRIPTION EXAMPLE How Often Should this schedule set recur weekly or be used just once only Once Press the SPACE BAR and then ENTER to select Once or Weekly Both these options are mutually exclusive If Once is selected then all weekday settings are N A When Once is selected the schedule rule deletes automatically after the scheduled time elapses Once If you selected Once in the How Often field above then enter the 2000 01 01 Date date the set should activate here in year month date format Weekday If you selected W
40. Selecting the NAT Mode insedit e eee epi bo E need 6 7 6 5 Configuring SUA Srta EA eq ette S ds 6 8 6 6 Configuring Address Mappnmg ener ener enne 6 10 6 7 Editing an Address Mapping Rule 6 12 Chapter 7 Dynamic DNS Setup ient ee etse ovo oes eub ge ee un E eeu SR Ne SR ge ven se eese eu PR Ve epp e esr SR ee GEGEE Ee ee be ee ede 7 1 Fed Dinamic DNS i esee meia e erm eet vai de n SER S 7 1 7 1 1 DYNDNS Wildeard 2 A RE 7 1 7 2 Configuring Dynamic DNS ie ee ae ee ee ee Re GE nono eren ener ennt nnne nennen nennen 7 1 Maintenance III Chapter 8 Maintenance 8 1 8 Maintenance Overview oce Reti Cet Din Pee NE OR SEN 8 1 SN EEE EE 8 1 8 2 1 System MA data 8 4 83 DHCP Table Sci n ii A es Rae Rte A me 8 6 8 4 iS eie et ede ER ee i HDi eiie edt 8 7 8 4 1 Diagnostic General Screen td 8 7 8 4 2 Diagnostic DSE Line rei e eH eH dede rita 8 9 85 Firmware Mi RA e eet ee hte eie 8 10 SMT General Configuration esse esse esse esse see see eee eee eee eese Be Ee stent Ee GE Ee res i netu setas Bee Bee ee sensns enne IV Chapter 9 Introducing the SMT ssscccsssssssscccscssssesccscessesccsssseesccssesssescccsssseescessssssesccssesssesoessesserses 9 1 GEN RR ee DEE 9 1 9 1 1 Procedure for SMT Configuration via Telnet sese 9 1 9 1 2 Prestige SMT Menu OVetryIeW e eee a REI ie eid 9 1 92 sNavigating the SMC Inte
41. Sets Table FILTER SETS DESCRIPTION Input Filter Sets Apply filters for incoming traffic You may apply protocol or device filter rules See earlier in this chapter for information on filters Output Filter Sets Apply filters for traffic leaving the Prestige You may apply filter rules for protocol or device filters See earlier in this section for information on types of filters Call Filter Sets Apply filters to decide if a packet should be allowed to trigger a call 17 6 1 Ethernet Traffic You seldom need to filter Ethernet traffic however the filter sets may be useful to block certain packets reduce traffic and prevent security breaches Go to menu 3 1 shown next and type the number s of the filter set s that you want to apply as appropriate You can choose up to four filter sets from twelve by typing their numbers separated by commas for example 2 4 6 11 The factory default filter set NetBIOS LAN is inserted in the protocol filters field under Input Filter Sets in menu 3 1 in order to prevent local NetBIOS messages from triggering calls to the DNS server Menu 3 1 LAN Port Filter Setup x Apply filter 2 to Input Filter Sets MEE eue block NETBIOS protocol filters 2 device filters traffic from the Output Filter Sets protocol filters LAN device filters Press ENTER to Confirm or ESC to Cancel Figure 17 16 Filtering Ethernet Traffic 17 6 2 Remote
42. Subnet 2 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 64 IP Address Binary 11000000 10101000 00000001 01000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 64 Lowest Host ID 192 168 1 65 Broadcast Address 192 168 1 127 Highest Host ID 192 168 1 126 Chart B 9 Subnet 3 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 128 Lowest Host ID 192 168 1 129 Broadcast Address 192 168 1 191 Highest Host ID 192 168 1 190 IP Subnetting B 5 Prestige 645R A Series User s Guide Chart B 10 Subnet 4 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 192 IP Address Binary 11000000 10101000 00000001 11000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 192 Lowest Host ID 192 168 1 193 Broadcast Address 192 168 1 255 Highest Host ID 192 168 1 254 Example Eight Subnets Similarly use a 27 bit mask to create 8 subnets 001 010 011 100 101 110 The following table shows class C IP address last octet values for each subnet Chart B 11 Eight Subnets SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 1 0 1 30 31
43. Syslog sese enenene 19 6 Figure 19 9 Menu 24 4 System Maintenance Diagnostic eene enne 19 9 Figure 19 10 Valid Commandes 19 10 Figure 20 1 Telnetan Menu 24 5 nego e HERE Ve GAN Re ee EE Re e ER Beeren 20 3 Figure 20 2 FTP Session ee 20 4 Figure 20 3 Telnetanto Menu 24 6 eee e et 20 7 Figure 20 4 Restore Using FTP Session sample 20 8 Figure 20 5 Telnet Into Menu 24 7 1 Upload System Firmware sse 20 9 xiv List of Figures Prestige 645R A Series User s Guide Figure 20 6 Telnet Into Menu 24 7 2 System Maintenance esse sesse se se ek Ge GR Re GR ener 20 9 Figure 20 7 FTP Session Example of Firmware File Upload eene 20 10 Figure 21 1 Menu 25 IP Routing Policy Setup essen nennen enne 21 2 Figure 21 2 Menu 25 1 IP Routing Policy Setup iese se see se ee GRA RA GRA Re Ee ee ee ee Re ee nennen enne 21 3 Figure 21 3 Menu 25 1 1 IP Routing Policy ooooocnccicnnocononoconconoconconnccnnonn nono nonnrnnonn nono nn nn ee Re ee Re ee Re GR AR Re ee ee 21 4 Figure 21 4 Menu 3 2 TCP IP and DHCP Ethernet Setup 21 6 Figure 21 5 Menu 11 3 Remote Node Network Layer Options ese ee ee ee ee Re Re GE Re GR Re GR Re RA RA 21 6 Figure 21 6 Example of IP Policy Routing esse esse ese se see ee Re RR GRA GR nono ee ee Ee ee ee ee ee ee ee ee Re ee Re ee Re ee ee 21 7 Figure 21 7 IP Routing Policy Example A 21 8 Figure 21 8 IP Routing Policy sample 21 9 Fi
44. The Prestige has a successful 100Mb Ethernet connection Blinking The Prestige is receiving or sending data Off No device is connected at 100Mb DSL Green On The Prestige is linked successfully to a DSLAM Blinking The Prestige is initializing the DSL line Off The DSL link is down PPP ACT Green Blinking The Prestige is receiving or sending data Off The Prestige is ready but not sending or receiving data Orange On The Prestige is initiating a PPPoE connection 2 2 Rear Panel and Connections The following figures show the rear panel of your Prestige 2 2 1 DSL Port ne Jm OFF LJ POWER LAN 10 100M Figure 2 2 Rear Panel Connect the Prestige directly to the wall jack using the included DSL cable Connect a microfilter s between the wall jack and your telephone s A microfilter acts as low pass filter voice transmission takes place in the 0 to 4K Hz bandwidth and is an optional purchase 2 2 Hardware Installation Prestige 645R A Series User s Guide 2 2 2 One Auto crossover LAN 10 100M Port Ethernet 10Base T 100Base T networks use Shielded Twisted Pair STP cable with RJ 45 that look like a bigger telephone plug with 8 pins The LAN port is auto crossover so you may use a crossover or a straight through Ethernet cable to connect your Prestige to a computer or an external hub When the Prestige is on and properly connected to a computer or a hub the LAN LED on the front panel turn
45. a menu driven interface that you can access from a terminal emulator through the console port or over a telnet connection 9 1 1 Procedure for SMT Configuration via Telnet The following procedure details how to telnet into your Prestige Step 1 In Windows click Start usually in the bottom left corner Run and then type telnet 192 168 1 1 the default IP address and click OK Step 2 For your first login enter the default password 1234 As you type the password the screen displays an asterisk for each character you type Password XXXx Figure 9 1 Login Screen Step 3 After entering the password you will see the main menu Please note that 1f there is no activity for longer than five minutes default timeout period after you log in your Prestige will automatically log you out You will then have to telnet into the Prestige again 9 1 2 Prestige SMT Menu Overview We use the Prestige 645R A1 SMT menus in this guide as an example The SMT menus vary slightly for different Prestige models The following figure gives you an overview of the various SMT menu screens of your Prestige Introducing the SMT 9 1 Prestige 645R A Series User s Guide Main Menu Menu 1 Menu 3 Menu 4 Menu 11 Menu 12 Menu 15 General Setup Ethernet Setup Internet Access Setup Remote Node Setup Static Route Setup NAT Setup Menu 1 1 Menu 3 1 Menu 11 1 Menu 12 1 Menu 12 1 1 Menu 15 1 Menu 15 1 x Menu 15 1 x x onfigure D
46. and DHCP Ethernet Setup Type IP Policy sets here Go to menu 11 3 shown next and type the number s of the IP Routing Policy set s as appropriate You can cascade up to four policy sets by typing their numbers separated by commas Menu 11 3 Remote Node Network Layer Options IP Options Bridge Options IP Address Assignment Static Ethernet Addr Timeout min 0 Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 My WAN Addr 0 0 0 0 NAT Full Feature Address Mapping Set 2 Metric 2 Private No IP Policies 2 4 7 9 Press ENTER to Confirm or ESC to Cancel RIP Direction Both Type IP Version RIP 2B Policy sets Multicast IGMP v2 here Figure 21 5 Menu 11 3 Remote Node Network Layer Options 21 6 IP Policy Routing Prestige 645R A Series User s Guide 21 6 IP Policy Routing Example If a network has both Internet and remote node connections you can route Web packets to the Internet using one policy and route FTP packets to a remote network using another policy See the next figure Web Prestige WAN 192 168 1 1 Remote Network Default IP Route Configured IP Route Figure 21 6 Example of IP Policy Routing To force Web packets coming from clients with IP addresses of 192 168 1 33 to 192 168 1 64 to be routed to the Internet via the WAN port of the Prestige follow the steps as shown next IP Policy Routing 21 7 Prestige 645R A Ser
47. and GetNext requests from the management station Set Community Type the Set community which is the password for incoming Set public requests from the management station Trusted Host If you enter a trusted host your Prestige will only respond to SNMP 0 0 0 0 messages from this address A blank default field means your Prestige will respond to all SNMP messages it receives regardless of source Trap Community Type the trap community which is the password sent with each public trap to the SNMP manager Destination Type the IP address of the station to send your SNMP traps to 0 0 0 0 When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen SNMP Configuration 18 3 Prestige 645R A Series User s Guide 18 4 SNMP Traps The Prestige will send traps to the SNMP manager when any one of the following events occurs Table 18 2 SNMP Traps TRAP TRAP NAME DESCRIPTION 1 coldStart defined in RFC 1215 A trap is sent after booting power on 2 warmStart defined in RFC 1215 A trap is sent after booting software reboot 3 linkDown defined in RFC 1215 A trap is sent when the port is down 4 linkUp defined in RFC 1215 A trap is sent when the port is up 5 authenticationFailure defined in A trap is sent to the manager when recei
48. and number of packets received for each port 8 2 1 System Statistics Click Show Statistics in the System Status screen to open the following screen Read only information here includes port status and packet specific statistics Also provided are system up time and poll interval s The Poll Interval s field is configurable System up Time 0 34 26 WAN Port Statistics Link Status Wait for Init Upstream Speed 0 kbps Downstream Speed 0 kbps Node Link Status TxPkts RxPkts Errors Tx B s Rx B s Up Time MEN ve 0 1o Ho o o 000 LAN Port Statistics Status TxPkts RxPkts Collisions CPU Load MOOM FulDuplex 919 913 o 052 Poll Interval s D Set Interval Stop Figure 8 2 System Status Show Statistics Maintenance Prestige 645R A Series User s Guide The following table describes the labels in this screen Table 8 2 System Status Show Statistics LABEL DESCRIPTION System up Time This is the elapsed time the system has been up WAN Port Statistics This is the WAN port Link Status This is the status of your WAN link Upstream Speed This is the upstream speed of your Prestige Downstream Speed This is the downstream speed of your Prestige Node Link This field displays the remote node index number and link type Link types are PPPoA ENET RFC 1483 and PPPoE Status For the WAN port this displays the port spe
49. both files for later use The following table is a summary Please note that the internal filename refers to the filename on the Prestige and the external filename refers to the filename not on the Prestige that is on your computer local network or FTP site and so the name but not the extension may vary After uploading new firmware see the ZyNOS F W Version field in Menu 24 2 1 System Maintenance Information to confirm that you have uploaded the correct firmware version The AT command is the command you enter after you press y when prompted in the SMT menu to go into debug mode Firmware and Configuration File Maintenance 20 1 Prestige 645R A Series User s Guide Table 20 1 Filename Conventions FILE TYPE INTERNAL NAME EXTERNAL NAME DESCRIPTION Configuration Rom 0 This is the configuration filename on the Prestige rom File Uploading the rom 0 file replaces the entire ROM file system including your Prestige configurations system related data including the default password the error log and the trace log Firmware Ras This is the generic name for the ZyNOS firmware bin on the Prestige 20 2 Backup Configuration The Prestige displays different messages explaining different ways to backup restore and upload files in menus 24 5 24 6 24 7 1 and 24 7 2 depending on whether you use the console port or Telnet Option 5 from Menu 24 System Maintenance allows you to ba
50. configuration for this screen 7 2 Dynamic DNS Setup Maintenance Part III Maintenance Prestige 645R A Series User s Guide Chapter Maintenance This chapter displays system information such as ZyNOS firmware port IP addresses and port traffic statistics 8 1 Maintenance Overview Use the maintenance screens to view system information upload new firmware manage configuration and restart your Prestige 8 2 System Status Screen Click System Status to open the following screen where you can use to monitor your Prestige Note that these fields are READ ONLY and are meant to be used for diagnostic purposes Maintenance 8 1 Prestige 645R A Series User s Guide System Status System Status System Name PB45R A1 ZyNOS FAN Version 3 40 NM 0 6 2 2003 DSL FW Version SAMSUNG DSP Version 109 030225 Standard Multi Mode WAN Information IP Address 0 0 0 0 IP Subnet Mask 0 0 0 0 Default Gateway 0 0 0 0 WPINCI 8 35 LAN Information MAC Address 00 a0 c5 55 07 5d IP Address 192 168 1 1 IP Subnet Mask 255 255 255 0 DHCP Server DHCP Start IP 192 168 1 33 DHCP Pool Size 32 Show Statistics Figure 8 1 System Status The following table describes the labels in this screen 8 2 Maintenance Prestige 645R A Series User s Guide Table 8 1 System Status LABEL DESCRIPTION System Status
51. in Menu 24 1 System Maintenance Status Table 19 1 Menu 24 1 System Maintenance Status FIELD DESCRIPTION Node Lnk This is the node index number and link type Link types are PPP ENET 1483 Status This shows the status of the remote node TxPkts The number of transmitted packets to this remote node RxPkts The number of received packets from this remote node Errors The number of error packets on this connection Tx B s This shows the transmission rate in bytes per second Rx B s This shows the receiving rate in bytes per second Up Time This is the time this channel has been connected to the current remote node Ethernet This shows statistics for the LAN Status This shows the current status of the LAN Tx Pkts This is the number of transmitted packets to the LAN 19 2 System Information and Diagnosis Prestige 645R A Series User s Guide Table 19 1 Menu 24 1 System Maintenance Status FIELD DESCRIPTION Rx Pkts This is the number of received packets from the LAN Collision This is the number of collisions WAN This shows statistics for the WAN Line Status This shows the current status of the xDSL line which can be Up or Down Upstream This shows the upstream transfer rate in kbps Speed Downstream This shows the downstream transfer rate in kbps Speed CPU Load This specifies the percentage of CPU utilization
52. menu 11 3 min menu 11 3 Ethernet Addr Timeout Type the time in minutes for the Prestige to retain the Ethernet Address information in its internal tables while the line is down If this information is retained your Prestige will not have to recompile the tables when the line comes back up When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 15 2 2 Bridge Static Route Setup Similar to network layer static routes a bridging static route tells the Prestige the route to a node before a connection is established You configure bridge static routes in menu 12 3 1 go to menu 12 choose option 3 then choose a static route to edit as shown next Menu 12 3 1 Edit Bridge Static Route Route 1 Route Name Active No Ether Address IP Address Gateway Node 1 Press ENTER to Confirm or ESC to Cancel Figure 15 3 Menu 12 3 1 Edit Bridge Static Route The following table describes the Edit Bridge Static Route menu Table 15 2 Menu 12 3 1 Edit Bridge Static Route FIELD DESCRIPTION Route This is the route index number you typed in Menu 12 3 Bridge Static Route Setup Route Name Type a name for the bridge static route for identification purposes Bridging Setup 15 3 Prestige 645R A Series User s Guide Table 1
53. minutes After a successful upload the system will reboot See the Firmware and Configuration File Maintenance chapter in the parts that document the SMT for upgrading firmware using FTP TFTP commands Only use firmware for your Prestige s specific model Refer to the label on the bottom of your Prestige Click Firmware to open the following screen Follow the instructions in this screen to upload firmware to your Prestige 8 10 Maintenance Prestige 645R A Series User s Guide FIRMWARE Firmware Upgrade To upgrade the internal router firmware browse to the location of the binary BIN upgrade file and click UPLOAD File Path Browse Upload CONFIGURATION FILE Click Reset to clear all user defined configurations and return to the factory defaults Reset Figure 8 7 Firmware Upgrade The following table describes the labels in this screen Table 8 6 Firmware Upgrade LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it Browse Click Browse to find the bin file you want to upload Remember that you must decompress compressed zip files before you can upload them Upload Click Upload to begin the upload process This process may take up to two minutes Reset Click this button to clear all user entered configuration information and return the Prestige to its factory defaults
54. password as requested Type put configurationfilename rom 0 where configurationfilename is the name of your system configuration file on your workstation which will be transferred to the rom 0 file on the system The system reboots automatically after the upload system configuration file process is complete For details on FTP commands please consult the documentation of your FTP client program For details on uploading system firmware using TFTP note that you must remain on this menu to upload system firmware using TFTP please see your manual Press ENTER to Exit Figure 20 6 Telnet Into Menu 24 7 2 System Maintenance To upload the firmware and the configuration file follow these examples 20 4 3 FTP File Upload Command from the DOS Prompt Example Step 1 Launch the FTP client on your computer Firmware and Configuration File Maintenance 20 9 Prestige 645R A Series User s Guide Step 2 Enter open followed by a space and the IP address of your Prestige Step 3 Press ENTER when prompted for a username Step 4 Enter your password as requested the default is 1234 Step 5 Enter bin to set transfer mode to binary H Step 6 Use put to transfer files from the computer to the Prestige for example put firmware bin ras transfers the firmware on your computer firmware bin to the Prestige and renames it ras Similarly put config rom rom 0 transfers the configuratio
55. recognizes both formats when receiving RIP 1 is universally supported but RIP 2 carries more information RIP 1 is probably adequate for most networks unless you have an unusual network topology Both RIP 2B and RIP 2M sends the routing data in RIP 2 format the difference being that RIP 2B uses subnet broadcasting while RIP 2M uses multicasting 5 4 4 Multicast Traditionally IP packets are transmitted in one of either two ways Unicast 1 sender 1 recipient or Broadcast 1 sender everybody on the network Multicast delivers IP packets to a group of hosts on the network not everybody and not just 1 IGMP Internet Group Multicast Protocol is a network layer protocol used to establish membership in a Multicast group it is not used to carry user data IGMP version 2 RFC 2236 is an improvement over version 1 RFC 1112 but IGMP version 1 is still in wide use If you would like to read more detailed information about interoperability between IGMP version 2 and version 1 please see sections 4 and 5 of RFC 2236 The class D IP address is used to identify host groups and can be in the range 224 0 0 0 to 239 255 255 255 The address 224 0 0 0 is not assigned to any group and is used by IP multicast computers The address 224 0 0 1 is used for query messages and is assigned to the permanent group of all IP hosts including gateways All hosts must join the 224 0 0 1 group in order to participate in IGMP The address 224 0 0 2 is assigned t
56. the UNIX syslog facility to log the CDR Call Detail Record and system messages to a syslog server Syslog and accounting can be configured in Menu 24 3 2 System Maintenance UNIX Syslog as shown next Menu 24 3 2 System Maintenance UNIX Syslog UNIX Syslog Active No Syslog IP Address 0 0 0 0 Log Facility Local 1 Types CDR No Packet Triggered No Filter Log No PPP Log No Press ENTER to Confirm or ESC to Cancel Figure 19 8 Menu 24 3 2 System Maintenance UNIX Syslog Y ou need to configure the UNIX syslog parameters described in the following table to activate syslog then choose what you want to log Table 19 3 Menu 24 3 2 System Maintenance UNIX Syslog PARAMETER DESCRIPTION UNIX Syslog Active Use SPACE BAR and then ENTER to turn syslog on or off Syslog IP Address Type the IP address of your syslog server 19 6 System Information and Diagnosis Prestige 645R A Series User s Guide Table 19 3 Menu 24 3 2 System Maintenance UNIX Syslog PARAMETER DESCRIPTION Log Facility Use SPACE BAR and then ENTER to select one of seven different local options The log facility lets you log the message in different server files Refer to your UNIX manual Types CDR Call Detail Record CDR logs all data phone line activity if set to Yes Packet triggered The first 48 bytes or octets and protocol type of the triggering packet is
57. the microfilter Step 3 Connect another cable from the double jack end of the Y Connector to the Prestige Step 4 Connect the phone side of the microfilter to your telephone as shown in the following figure Microfilter Wall Side Phone Side Diagram F 2 Connecting a Microfilter F 2 Splitters and Microfilters Prestige 645R A Series User s Guide Appendix G Power Adaptor Specifications NORTH AMERICAN PLUG STANDARDS AC Power Adapter Model DV 1215A Input Power AC120Volts 60Hz 30W Output Power AC12Volts 1 25A Power Consumption 11W Safety Standards UL CUL CSA UL 1310 CSA C22 2 No 223 NORTH AMERICAN PLUG STANDARDS AC Power Adapter Model AA 121A25 Input Power AC120Volts 60Hz 19W Output Power AC 12Volts 1 25A Power Consumption 11W Safety Standards UL CUL UL 1310 CSA C22 2 No 223 EUROPEAN PLUG STANDARDS AC Power Adapter Model AA 121A3BN Input Power AC230Volts 50Hz 140mA Output Power AC12Volts 1 3A Power Consumption 11W Safety Standards ITS GS CE EN 60950 Power Adaptor Specifications G 1 Prestige 645R A Series User s Guide Appendix H Index Comtnuriity 42 citet ets 18 2 A Computer Name 10 1 Address Assignment sse 5 2 Conditions that prevent TFTP and FTP from ADSL Avliat df coe edere be geet xxi working over WAN ere se ER EER 20 4 Alternative Subnet Mask Notation B 3 Configuration
58. the subnet mask Remote DHCP Server If Relay is selected in the DHCP field above then enter the IP address of the actual remote DHCP server here Follow the instructions in the following table to configure TCP IP parameters for the Ethernet port Table 11 2 TCP IP Ethernet Setup Menu Fields FIELD DESCRIPTION EXAMPLE TCP IP Setup IP Address Enter the LAN IP address of your Prestige in dotted decimal 192 168 1 1 notation IP Subnet Mask Your Prestige will automatically calculate the subnet mask based on the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the Prestige 255 255 255 0 RIP Direction Press SPACE BAR to select the RIP direction Choices are Both Both In Only Out Only or None default Version Press SPACE BAR to select the RIP version Choices are RIP 1 RIP 1 RIP 2B or RIP 2M default Ethernet Setup 11 3 Prestige 645R A Series User s Guide Table 11 2 TCP IP Ethernet Setup Menu Fields FIELD DESCRIPTION EXAMPLE Multicast IGMP Internet Group Multicast Protocol is a network layer protocol None used to establish membership in a Multicast group The Prestige default supports both IGMP version 1 IGMP v1 and version 2 IGMP v2 Press the SPACE BAR to enable IP Multicasting or select None to disable it IP Policies Create policies using SMT menu 25 see the P Policy Routing 2 4 7 9
59. this feature your computer must have an FTP client When you telnet into the Prestige you will see the following screens for uploading firmware and the configuration file using FTP 20 8 Firmware and Configuration File Maintenance Prestige 645R A Series User s Guide Menu 24 7 1 System Maintenance Upload System Firmware To upload the system firmware follow the procedure below Launch the FTP client on your workstation Type open and the IP address of your system Then type root and SMT password as requested Type put firmwarefilename ras where firmwarefilename is the name of your firmware upgrade file on your workstation and ras is the remote file name on the system The system reboots automatically after a successful firmware upload For details on FTP commands please consult the documentation of your FTP client program For details on uploading system firmware using TFTP note that you must remain on this menu to upload system firmware using TFTP please see your manual Press ENTER to Exit Figure 20 5 Telnet Into Menu 24 7 1 Upload System Firmware 20 4 2 Configuration File Upload You see the following screen when you telnet into menu 24 7 2 Menu 24 7 2 System Maintenance Upload System Configuration File To upload the system configuration file follow the procedure below Launch the FTP client on your workstation Type open and the IP address of your system Then type root and SMT
60. to your Prestige Use put to transfer files from the Prestige to the computer for example put config rom rom 0 transfers the configuration file config rom on your computer to the Prestige See earlier in this chapter for more information on filename conventions Enter quit to exit the ftp prompt The Prestige will automatically restart after a successful restore process Firmware and Configuration File Maintenance 20 7 Prestige 645R A Series User s Guide 20 3 2 Restore Using FTP Session Example ftp put config rom rom 0 200 Port command okay 150 Opening data connection for STOR rom 0 226 File received OK 221 Goodbye for writing flash ftp 16384 bytes sent in 0 06Seconds 273 07Kbytes sec ftp gt quit Figure 20 4 Restore Using FTP Session Example Refer to section 20 2 5 to read about configurations that disallow TFTP and FTP over WAN 20 4 Uploading Firmware and Configuration Files This section shows you how to upload firmware and configuration files You can upload configuration files by following the procedure in the previous Restore Configuration section or by following the instructions in Menu 24 7 2 System Maintenance Upload System Configuration File for console port WARNING DO NOT INTERRUPT THE FILE TRANSFER PROCESS AS THIS MAY PERMANENTLY DAMAGE YOUR PRESTIGE 20 4 1 Firmware File Upload FTP is the preferred method for uploading the firmware and configuration To use
61. two groups the built in call filters and user defined call filters Your Prestige has built in call filters that prevent administrative for example RIP packets from triggering calls These filters are always enabled and not accessible to you Your Prestige applies the built in filters first and then the user defined call filters if applicable as shown next Filter Configuration 17 1 Prestige 645R A Series User s Guide Outgoing p Packet Data Match Drop packet No Built in default Call Filters Call User defined if applicable Filters Drop packet Drop if line not up if line packet not up Active Data Ini if line not up tiate call Send packet and reset Idle Timer Kb Send packet but do not reset Idle Timer ie Send packet but do not reset Idle Timer Figure 17 1 Outgoing Packet Filtering Process Two sets of factory filter rules have been configured in menu 21 to prevent NetBIOS traffic from triggering calls A summary of their filter rules is shown in the figures that follow The following figure illustrates the logic flow when executing a filter rule 17 2 Filter Configuration Prestige 645R A Series User s Guide di Start i J Packet intoFilter L Fetch First Filter Set Filter Set 1 Fetch First Filter Rule
62. you a dynamic IP address when the connection is established If this is the case it 1s recommended that you select a network number from 192 168 0 0 to 192 168 255 0 and you must enable the Wizard Setup Prestige 645R A Series User s Guide Network Address Translation NAT feature of the Prestige The Internet Assigned Number Authority IANA reserved this block of addresses specifically for private use please do not use any other number unless you are told otherwise Let s say you select 192 168 1 0 as the network number which covers 254 individual addresses from 192 168 1 1 to 192 168 1 254 zero and 255 are reserved In other words the first three numbers specify the network number while the last number identifies an individual computer on that network Once you have decided on the network number pick an IP address that is easy to remember for instance 192 168 1 1 for your Prestige but make sure that no other device on your network is using that IP address The subnet mask specifies the network number portion of an IP address Your Prestige will compute the subnet mask automatically based on the IP address that you entered You don t need to change the subnet mask computed by the Prestige unless you are instructed to do otherwise 4 7 IP Address Assignment A static IP is a fixed IP that your ISP gives you A dynamic IP is not fixed the ISP assigns you a different one each time The Single User Account feature can be enabled
63. 0 1 IGA 1 10 132 50 2 IGA 2 10 132 50 3 IGA 3 FTP Server 1 192 168 1 10 FTP Server 2 192 168 1 11 Figure 16 15 NAT Example 3 16 14 NAT Prestige 645R A Series User s Guide Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 In this case you need to configure Address Mapping Set 1 from Menu 15 1 Address Mapping Sets Therefore you must choose the Full Feature option from the Network Address Translation field in menu 4 or menu 11 3 in Figure 16 16 Then enter 15 from the main menu Enter 1 to configure the Address Mapping Sets Enter 1 to begin configuring this new set Enter a Set Name choose the Edit Action and then enter 1 for the Select Rule field Press ENTER to confirm Select Type as One to One direct mapping for packets going both ways and enter the local Start IP as 192 168 1 10 the IP address of FTP Server 1 the global Start IP as 10 132 50 1 our first IGA See Figure 16 17 Repeat the previous step for rules 2 to 4 as outlined above When finished menu 15 1 1 should look like as shown in Menu 11 3 Remote Node Network Layer Options IP Options Bridge Options IP Address Assignment Static Ethernet Addr Timeout min 0 Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 My WAN Addr 0 0 0 0 NAT Full Feature Address Mapping Set 2 Metric 2 Private No RIP Direction Both Version RIP 2B Multicast IGMP v2 IP Policies Press ENTER to Confirm or ESC to
64. 11 Remote Node Setup 13 2 2 Encapsulation and Multiplexing Scenarios For Internet access you should use the encapsulation and multiplexing methods used by your ISP Consult your ISP for information on encapsulation and multiplexing methods for LAN to LAN applications for example between a branch office and corporate headquarters There must be prior agreement on encapsulation and multiplexing methods because they cannot be automatically determined What method s you use also depends on how many VCs you have and how many different network protocols you need The extra overhead that ENET ENCAP encapsulation entails makes it a poor choice in a LAN to LAN application Here are some examples of more suitable combinations in such an application Scenario 1 One VC Multiple Protocols PPPoA RFC 2364 encapsulation with VC based multiplexing is the best combination because no extra protocol identifying headers are needed The PPP protocol already contains this information Scenario 2 One VC One Protocol IP Selecting RFC 1483 encapsulation with VC based multiplexing requires the least amount of overhead 0 octets However if there is a potential need for multiple protocol support in the future it may be safer to select PPPoA encapsulation instead of RFC 1483 so you do not need to reconfigure either computer later Scenario 3 Multiple VCs If you have an equal number or more of VCs than the number of protocols then select RFC 1483 encapsu
65. 17 14 IP Pfotocol deeem 21 4 Application A E La LM ia 6 3 IP Routing Policy IPPR 21 1 Applying NAT in the SMT Menus 16 1 Benefits ees ee teen 21 1 Configurinp cte csi rre tete ettet 16 3 Cost Savings En 21 1 D finitions eset 6 1 VE iere eet te eb te Rein 21 1 EE 16 11 Load Sharing esses 21 1 How NAT Works 6 2 ND ER Ee 21 2 Mapping TYPES ese ee ee ee 6 3 IP Routing Policy Sep 21 3 Non NAT Friendly Application Programs16 17 IP Static Ro te 4 cete 14 1 Ordering Rules e 16 6 IP Static Route Setup sse 14 2 Seryer SEIS cs dte T al 6 5 L What NAT does 6 1 Network Address Translation NAT 1 2 16 1 EO EIER dio 19 2 19 3 Network Management ee see ee ee ee 6 6 LAN Spin 5 1 huc E 6 6 LAN E AE 5 2 LED Iudteatorg seele Eers se ee Res ede 2 1 P LINK type RA ER EA 19 2 Packet LLC based Multiplexing ee 13 13 BOS EE ET I 19 2 Log and Trace EES 19 6 Received ion t Re 19 3 Log Facility tgp 19 7 Transmitted ccccccccccccccccccccececcccececcececeeeee 19 2 Logging Option esse ese ee ee 17 10 17 13 Packet triggered ese ee ee 19 7 LORIN ce Eeeege 13 4 Packets o E eee 19 2 M PAP 13 4 Password 3 3 9 1 9 5 13 4 18 2 MAC address 15 4 A A Nd 19 9 Main Men s eros spirit 9 3 Point to Point earna ee Ee Ded xxi Management Information Base MIB 18 2 Point to Point Tunneling Protocol 6 6 Media
66. 3 Table 16 1 Applying NAT in Menus 4 amp 11 3 ee se se ee RR Re GRA nennen nennen nennen enne 16 3 Table 16 2 SUA Address Mapping Rules se see se ee Re RR RA GRA RA Re eene enne eren ener enne nnns 16 5 Table 16 3 Menu HEEN e eee b e eee y ue t ERE 16 7 Table 16 4 Menu 15 1 1 1 Editing Configuring an Individual Rule in a Set 16 8 xvi List of Tables Prestige 645R A Series User s Guide Table 17 1 Abbreviations Used in the Filter Rules Summary Mem 17 6 Tabl 17 2 Rule Abbreviations Used 5 e ots e a D ORE RH edt eis 17 7 Table 17 3 Menu 21 x 1 TCPAP Filter Rule cial 17 9 Table 17 4 Menu 21 6 1 Generic Filter Rule 17 13 T ble 17 5 Filter Sets Table do 17 18 Table 18 1 Menu 22 SNMP Configuration eene ener enne ee rennen enne 18 3 Table 18 2 SNMP EFaps es N Ge ge ge Ee ee E Re gee De Ee RR ee ES EER EG De ER fe ee eg 18 4 Table 18 3 Ports and Interface Types esse ee ee ee Re ER RR RA GRA GRA GRA Re Ee ee ee ee Re ee nano Re Re ee Re ee Re ee ee 18 4 Table 19 1 Menu 24 1 System Maintenance Status 19 2 Table 19 2 Menu 24 2 1 System Maintenance Information eese 19 4 Table 19 3 Menu 24 3 2 System Maintenance UNIX Syslog sse 19 6 Table 19 4 Menu 24 4 System Maintenance Menu Diagnostic ie sees ee ee ee ee Ge ee Re Re RR ee Re ee ee 19 9 Table 20 1 Filename Convention ee ee se GR RR RA Re GR Re E E GRA GR ee E ee ee e Gee ee Re ee Re ee ee 20 2 Table 20 2 General Commands for GUI based FTP Clie
67. 3 2 Menu 11 3 Remote Node Network Layer Options FIELD DESCRIPTION EXAMPLE NAT Press SPACE BAR and then ENTER to select Full Feature if you have multiple public WAN IP addresses for your Prestige Select SUA Only if you have just one public WAN IP address for your Prestige The SMT uses Address Mapping Set 255 menu 15 1 see section 16 3 1 Select None to disable NAT SUA Only Address Mapping Set When Full Feature is selected in the NAT field configure address mapping sets in menu 15 1 Select one of the NAT server sets 2 10 in menu 15 2 see the NAT chapter for details and type that number here When SUA Only is selected in the NAT field the SMT uses NAT server set 1 in menu 15 2 see the NAT chapter for details Metric The metric represents the cost of transmission for routing purposes IP routing uses hop count as the cost measurement with a minimum of 1 for directly connected networks Type a number that approximates the cost for this link The number need not be precise but it must be between 1 and 15 In practice 2 or 3 is usually a good number Private This determines if the Prestige will include the route to this remote node in its RIP broadcasts If set to Yes this route is kept private and not included in RIP broadcast If No the route to this remote node will be propagated to other hosts through RIP broadcasts No RIP Direction Press SPACE BAR and then ENTER
68. 5 2 Menu 12 3 1 Edit Bridge Static Route FIELD DESCRIPTION Active Indicates whether the static route is active Yes or not No Ether Address Type the MAC address of the destination computer that you want to bridge the packets to IP Address If available type the IP address of the destination computer that you want to bridge the packets to Gateway Node Press SPACE BAR and then ENTER to select the number of the remote node one to eight that is the gateway of this static route When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 15 4 Bridging Setup Prestige 645R A Series User s Guide Chapter 16 Network Address Translation NAT This chapter discusses how to configure NAT on the Prestige 16 1 NAT Overview 16 1 1 SUA Single User Account Versus NAT SUA Single User Account is a ZyNOS implementation of a subset of NAT that supports two types of mapping Many to One and Server See section 16 3 1 for a detailed description of the NAT set for SUA The Prestige also supports Full Feature NAT to map multiple global IP addresses to multiple private LAN IP addresses of clients or servers using mapping types as outlined in the web configurator part of this guide 1 Choose SUA Only if you have just one public WAN IP address for your Prestige 2 Cho
69. 55 255 128 512 126 IP Subnetting B 7 Prestige 645R A Series User s Guide Chart B 13 Class B Subnet Planning 131 NO BORROWED HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 125 10 255 255 255 192 1024 62 126 11 255 255 255 224 2048 30 127 12 255 255 255 240 4096 14 28 13 255 255 255 248 8192 6 29 14 255 255 255 252 16384 2 30 15 255 255 255 254 32768 1 B 8 IP Subnetting Prestige 645R A Series User s Guide Appendix C PPPoE PPPOE in Action An ADSL modem bridges a PPP session over Ethernet PPP over Ethernet RFC 2516 from your PC to an ATM PVC Permanent Virtual Circuit which connects to a xDSL Access Concentrator where the PPP session terminates see the next figure One PVC can support any number of PPP sessions from your LAN PPPoE provides access control and billing functionality in a manner similar to dial up services using PPP Benefits of PPPoE PPPoE offers the following benefits 1 It provides you with a familiar dial up networking DUN user interface 2 It lessens the burden on the carriers of provisioning virtual circuits all the way to the ISP on multiple switches for thousands of users For GSTN PSTN and ISDN the switching fabric is already in place 3 Itallows the ISP to use the existing dial up model to authenticate and optionally to provide differentiated services Traditional
70. 6 3 1 Port Forwarding Services and Port Numbers A NAT server set is a list of inside behind NAT on the LAN servers for example web or FTP that you can make accessible to the outside world even though NAT makes your whole inside network appear as a single machine to the outside world Use the SUA Server page to forward incoming service requests to the server s on your local network You may enter a single port number or a range of port numbers to be forwarded and the local IP address of the desired server The port number identifies a service for example web service is on port 80 and FTP on port 21 In some cases such as for unknown services or where one server can support more than one service for example both FTP and web service it might be better to specify a range of port numbers In addition to the servers for specified services NAT supports a default server A service request that does not have a server explicitly designated for it is forwarded to the default server If the default is not defined the service request is simply discarded NAT 6 5 Prestige 645R A Series User s Guide Many residential broadband ISP accounts do not allow you to run any server processes such as a Web or FTP server from your location Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location If you are unsure refer to your ISP The most often used port numbers are sh
71. 7 Figure 4 3 Internet Connection with RFC 1483 sessi nre 4 8 Figure 4 4 Internet Connection with ENET ENCAP esse see se ee see see eke ee ee ee se enne enne se ee rennen 4 9 Figure 4 5 Internet Connection with PPPOA ese see see sea ee Re ee ee ee Ee ee ee Re ee Re Ge Re enne nnn nennen 4 11 Figure 4 6 Wizatd SCreen td p E deg 4 12 Figure 5 1 LAN and WAN IP Addresses sees eene nennen GR ee enne nein trennen enne 5 1 Figure 52 LAN ats ite rd tela ER ouf bees tod ete ec ente MeL RE bre e dde 5 4 Figure 621 How NAT WOEKS it eie o le ori dese tee Ses Fn ee hee ee LU Ge Ge se Ge Get eere 6 2 Figure 6 2 NAT Application With IP Alias rene enne trente RR Ge Re Ge ee 6 3 Figure 6 3 Multiple Servers Behind NAT Esample eese enne nennen ennt 6 7 Figure 6 4 NAT Mode isco eet E E Ere or E eI eer ee e oe Ge Re i ee er Feet eb ve 6 7 Figure 6 5 Edit SUA NAT Server ia ete eerte iet te ep rented eene 6 9 Figure 6 6 Address Mapping Rules esses eee ener entren rennen nnne nennen 6 11 Figure 6 7 Address Mapping Rule Ed 6 12 Figure TENOR o edt t te E DU si M AN o Se de Mm 7 2 Figure 8 1 System Stats cies eii argen tiene e He mo e E e OE EE Pop ED HE 8 2 Figure 8 2 System Status Show Statistics eren nee rre tnnt 8 4 Figure 8 3 DHCP Table oce e p CH ios 8 6 Figure ARIE NE A en e e oa e eee tee N 8 7 Figuie 8 5 Diagnostic General iii gu eec Rope o e A e bogota 8 8 Figure 8 6 Diagnostic DSL Eine er
72. Criteria IP Protocol IP layer 4 protocol for example UDP TCP ICMP etc Type of Service Prioritize incoming network traffic by choosing from Don t Care Normal Min Delay Max Thruput Min Cost or Max Reliable Precedence Precedence value of the incoming packet Press SPACE BAR and then ENTER to select a value from 0 to 7 or Don t Care Packet Length Type the length of incoming packets in bytes The operators in the Len Comp next field apply to packets of this length 21 4 IP Policy Routing Prestige 645R A Series User s Guide Table 21 2 Menu 25 1 1 IP Routing Policy FIELD DESCRIPTION Len Comp Press SPACE BAR and then ENTER to choose from Equal Not Equal Less Greater Less or Equal or Greater or Equal Source addr start end Source IP address range from start to end port start end Source port number range from start to end applicable only for TCP UDP Destination addr start end Destination IP address range from start to end port start end Destination port number range from start to end applicable only for TCP UDP Action Specifies whether action should be taken on criteria Matched or Not Matched Gateway addr Defines the outgoing gateway address The gateway must be on the same subnet as the Prestige if it is on the LAN otherwise the gateway must be the IP address of a remote node The default gateway is specified a
73. Dial up Scenario The following diagram depicts a typical hardware configuration where the PCs use traditional dial up networking dp d Prestige d J d ISP 1 Access Concentrator Diagram C 1 Single PC per Router Hardware Configuration PPPoE C 1 Prestige 645R A Series User s Guide How PPPoE Works The PPPoE driver makes the Ethernet appear as a serial link to the PC and the PC runs PPP over it while the modem bridges the Ethernet frames to the Access Concentrator AC Between the AC and an ISP the AC is acting as a L2TP Layer 2 Tunneling Protocol LAC L2TP Access Concentrator and tunnels the PPP frames to the ISP The L2TP tunnel is capable of carrying multiple PPP sessions With PPPoE the VC Virtual Circuit is equivalent to the dial up connection and is between the modem and the AC as opposed to all the way to the ISP However the PPP negotiation is between the PC and the ISP Prestige as a PPPoE Client When using the Prestige as a PPPoE client the PCs on the LAN see only Ethernet and are not aware of PPPoE This alleviates the administrator from having to manage the PPPoE clients on the individual PCs ISP 2 Prestige Access Concentrator Diagram C 2 Prestige as a PPPoE Client C 2 PPPoE Prestige 645R A Series User s Guide Appendix D Setting up Your Computer s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP IP installed Windows 95 98 M
74. EL DESCRIPTION Type Choose the port mapping type from one of the following 1 One to One One to One mode maps one local IP address to one global IP address Note that port numbers do not change for One to one NAT mapping type 2 Many to One Many to One mode maps multiple local IP addresses to one global IP address This is equivalent to SUA i e PAT port address translation ZyXEL s Single User Account feature that previous ZyXEL routers supported only 3 Many to Many Overload Many to Many Overload mode maps multiple local IP addresses to shared global IP addresses 4 Many to Many No Overload Many to Many No Overload mode maps each local IP address to unique global IP addresses 5 Server This type allows you to specify inside servers of different services behind the NAT to be accessible to the outside world Local Start IP This is the starting local IP address ILA Local IP addresses are N A for Server port mapping Local End IP This is the end local IP address ILA If your rule is for all local IP addresses then enter 0 0 0 0 as the Local Start IP address and 255 255 255 255 as the Local End IP address This field is N A for One to One and Server mapping types Global Start IP This is the starting global IP address IGA Enter 0 0 0 0 here if you have a dynamic IP address from your ISP Global End IP This is the ending global IP address IGA This field is N A for One to
75. ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 16 4 Configuring a Server behind NAT Follow these steps to configure a server behind NAT Step 1 Enter 15 in the main menu to go to Menu 15 NAT Setup Step 2 Enter 2 to display Menu 15 2 NAT Server Sets as shown next Menu 15 2 NAT Server Sets Server Set 1 Used for SUA Only Server Set 2 Server Set 3 Server Set 4 Server Set 5 Server Set 6 Server Set 7 Server Set 8 Server Set 9 Server Set 1 T Ay ES 4 5 6 Ts 8 95 0 1 0 Enter Set Number to Edit Figure 16 8 Menu 15 2 NAT Server Setup Step 3 Enter 1 to go to Menu 15 2 1 NAT Server Setup as follows NAT 16 9 Prestige 645R A Series User s Guide Menu 15 2 1 NAT Server Setup Default Default 21 25 o o EA OE IE OP KI oOooooooooo o oOooooooooobo oOooooooooooo 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Press ENTER to Confirm or ESC to Cancel Figure 16 9 Menu 15 2 1 NAT Server Setup Step 4 Enter a port number in an unused Start Port No field To forward only one port enter it again in the End Port No field To specify a range of ports enter the last port to be forwarded in the End Port No field Step 5 Enter the inside IP address of the server in the IP Address field In the following figure you have a computer acting as an FTP Telnet and SMTP server ports 21 23 and 25 at 192 168 1 33 Step 6 Pre
76. ICMP is 1 The value must be between 0 and 255 A value of O matches ANY protocol IP Source Route IP Source Route is an optional header that dictates the No route an IP packet takes from its source to its destination default If Yes the rule applies to any packet with an IP source route The majority of IP packets do not have source route Destination Type the destination IP address of the packet you want to IP address IP Addr filter This field is ignored if it is 0 0 0 0 IP Mask Type the IP mask to apply to the Destination IP Addr IP mask field Port Type the destination port of the packets you want to filter 0 to 65535 The field range is O to 65535 A O field is ignored Port Comp Select the comparison to apply to the destination port in None the packet against the value given in Destination Port Choices are None Less Greater Equal or Not Equal Source Type the source IP Address of the packet you want to IP address IP Addr filter A 0 0 0 0 field is ignored IP Mask Type the IP mask to apply to the Source IP Addr field IP mask Port Type the source port of the packets you want to filter The 0 to 65535 range of this field is O to 65535 A O field is ignored Port Comp Select the comparison to apply to the source port in the None packet against the value given in Source Port field Choices are None Less Greater Equal or Not Equal Filter Configuration 17 9 Prestige 645R A Series Us
77. Introducing the Web Configurator Prestige 645R A Series User s Gu ide 3 4 Configuring Password It is highly recommended that you change the password for accessing the Prestige To change your Prestige s password click Advanced Setup and then Password The screen appears as shown Password Old Password New Password Retype to confirm Please record your new password whenever you change it The system will lock you out if you have forgotten your password E Apply Reset Figure 3 3 Password The following table describes the labels in this screen Table 3 1 Password LABEL DESCRIPTION Old Password Type the default password or the existing password you use to access the system in this field New Password Type the new password in this field Retype to Confirm Type the new password again in this field Apply Click Apply to save your changes back to the Prestige Reset Click Reset to reload the previous configuration for this screen Introducing the Web Configurator 3 3 Prestige 645R A Series User s Guide 3 5 Resetting the Prestige If you forget your password or cannot access the Prestige you will need to reload the factory default configuration file or use the RESET button the back of the Prestige Uploading this configuration file replaces the current configuration file with the factory default configuration file This m
78. LAN port and the other Ethernet connections 2 Make sure you are using the correct IP address of the Prestige Check the IP address of the Prestige 3 Ping the Prestige from your computer If you cannot ping the Prestige check the IP addresses of the Prestige and your computer Make sure your computer is set to get a dynamic IP address or if you want to use a static IP address on your computer make sure that it is on the same subnet as the Prestige 4 Make sure you entered the correct username and password The default username is admin and the default password is 1234 If you have forgot your username or password refer to Section A 4 5 If these steps fail to correct the problem contact the distributor A 2 Troubleshooting Prestige 645R A Series User s Guide A 3 Web Configurator I cannot access the web configurator Chart A 5 Troubleshooting Web Configurator STEPS CORRECTIVE ACTION 1 Make sure you are using the correct IP address of the Prestige Check the IP address of the Prestige Make sure that there is not an SMT console session running Your computer s and the Prestige s IP addresses must be on the same subnet for LAN access 2 3 4 If you changed the Prestige s LAN IP address then enter the new one as the URL 5 Remove any filters in SMT menu 3 1 LAN or menu 11 5 WAN that block web service The web configurator does not display pro
79. OS 8 6 AT command ta ads 20 1 Connecting the Prestige en 2 3 Authentication A 13 4 13 5 Connections Additional Requirements 2 4 B ADSE Ling isi deser bentes 2 3 Back Panel Power Adapter iese se ea RA RA Re ee 2 3 ae e 2 3 Rear Panels iesbussassAtet sld tas 2 2 Backup 202 Copyright os il uu c ane E Eege o D mA LOS 13 8 143 E EEN Country Code 19 4 Ether Address sss 15 4 A sse ean eet eid eth 19 3 Ethernet igit eee 15 1 Cust S M A EE 153 ustomer Support v Remote Node 15 1 D Static Route Setup 15 3 EE Data Filtering sse 17 1 C Device Filter rules 17 14 Call Filtering eee 17 1 DHCE PR e RES RO M Call Filters Diagnostic Tools 19 1 e RERO 17 1 DNS es 11 3 User Defined 17 1 Domain Nada een e 5 2 6 6 Call Scheduling ET aA oman Name System wn gi Maximum Number of Schedule Sets 21 DSL Digital Subscriber Line S xxi PPPoE 22 3 Run vate See Digital Subscriber Line Access EE EE IN 22 1 4 Precedence Examples en See precedence Dynamic DNS ERR 7 1 10 2 CD b d ERA da 19 7 ee fH CDR Call Detail Record 19 6 E CHAP recipe cte ess 13 4 Classes of IP Addresses sss B 1 ECHO Do 6 6 COM GR EAER EEE 19 3 Eneapeulatton ees ees 1 2 4 1 12 5 13 2 Command Interpreter Mode 19 9 ENET ENGCAD siese de oett 4 1 Index H 1 Prestige 645R A Series User s Guide PPP over Ethernet
80. P IP configuration at start up from a server You can configure the Prestige as a DHCP server or disable it When configured as a server the Prestige provides the TCP IP configuration for the clients If set to None DHCP service will be disabled and you must have another DHCP server on your LAN or else the computer must be manually configured Click MAINTENANCE and then the DHCP Table tab Read only information here relates to your DHCP status The DHCP table shows current DHCP client information including IP Address Host Name and MAC Address of all network clients using the DHCP server DHCP Table Host Name IP Address MAC Address TWer 4 192 168 1 33 00 00 E8 7C 14 80 192 168 1 34 00 02 DD 32 91 64 oemcomputer 192168 1 35 00 AD C5 41 A7 96 Figure 8 3 DHCP Table The following table describes the labels in this screen Table 8 3 DHCP Table LABEL DESCRIPTION Host Name This is the name of the host computer IP Address This field displays the IP address relative to the Host Name field 8 6 Maintenance Prestige 645R A Series User s Guide Table 8 3 DHCP Table LABEL DESCRIPTION MAC This field displays the MAC Media Access Control address of the computer with the displayed Address host name Every Ethernet device has a unique MAC address The MAC address is assigned at the factory and consists of six pairs of hexadecimal c
81. P server and relays DHCP requests and responses between the remote server and the clients Enter the IP address of the actual remote DHCP server in the Remote DHCP Server field in this case When DHCP is used the following items need to be set Client IP Pool Starting Address This field specifies the first of the contiguous addresses in the IP address pool Size of Client IP Pool This field specifies the size or count of the IP address pool Primary DNS Server Enter the IP addresses of the DNS servers The DNS servers are passed to the DHCP clients along with the IP address and the subnet mask Secondary DNS Server As above Remote DHCP Server If Relay is selected in the DHCP field above then enter the IP address of the actual remote DHCP server here TCP IP IP Address Enter the IP address of your Prestige in dotted decimal notation for example 192 168 1 1 factory default IP Subnet Mask Type the subnet mask assigned to you by your ISP if given RIP Direction Select the RIP direction from None Both In Only and Out Only RIP Version Select the RIP version from RIP 1 RIP 2B and RIP 2M Multicast IGMP Internet Group Multicast Protocol is a session layer protocol used to establish membership in a multicast group The Prestige supports both IGMP version 1 IGMP v1 and IGMP v2 Select None to disable it Apply Click Apply to save your changes back to the Prestig
82. PY De Ge de ge Gede Ge ge gee Ee by de ge ED EE so di weg n ge Ede d 1 41 Wizard Setup TIntrod ctiOtt uai eee eie eser Ee 4 1 ER EE EE 4 1 4 2 1 e TE WEE 4 1 4 2 2 PPP over Ethetriet EE 4 1 vi Table of Contents Prestige 645R A Series User s Guide 4 2 3 PPPOA condis eon p te edu are nate e Tua o o db pedro 4 1 4 2 4 REG 1483 ti eb ehe a ear ee a ni a pede 4 2 43 Multiplexing 5 Ed de dect nae dae e e rbi i 4 2 4 3 1 V C based M ltiplexing 5 sitiens pee ere ene cua 4 2 4 3 2 LLC based Multiplexing essen enne nnne nnne nennen 4 2 44 cVPEand VE E o exor TD Uere rt cheb wast D eer LO PON 4 2 4 5 Wizard Setup Configuration First Screen ees ee ee ee Re RR RR RA RA GRA Re ee ee ee nennen 4 2 4 6 IP Address and Subnet Mask ee ae ee ee ee Re Re RR GR Re RA GRA enne entrent 4 4 NASA SA 4 5 4 7 1 IP Assignment with PPPoA or PPPoE Enceapsulatton essen 4 5 4 7 2 IP Assignment with RFC 1483 Encapsulation sese 4 5 4 7 3 IP Assignment with ENET ENCAP Encapsulation sees 4 5 4 7 4 Private IP Addresses ees eg TEE eR e rte 4 6 4 8 Nailed Up Connection DPP 4 6 AOS 6 NAT M 4 6 4 10 Wizard Setup Configuration Second SBereen sse 4 6 4 10 1 JPPPOE iei cedet teet ete ds 4 7 4 10 2 REG 1483 eere eere tee eee ee dites 4 8 4 10 3 ENET ENCAD 4 ient e att 4 9 MIU MEEdu M Y 4 10 4 11 Basic
83. Prestige 645R A series ADSL Router User s Guide Version 3 40 July 2003 ZyXEL Unleash Networking Power Prestige 645R A Series User s Guide Copyright Copyright O 2003 by ZyXEL Communications Corporation The contents of this publication may not be reproduced in any part or as a whole transcribed stored in a retrieval system translated into any language or transmitted in any form or by any means electronic mechanical magnetic optical chemical photocopying manual or otherwise without the prior written permission of ZyXEL Communications Corporation Published by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patent rights of others ZyXEL further reserves the right to make changes in any products described herein without notice This publication is subject to change without notice Trademarks ZyNOS ZyXEL Network Operating System is a registered trademark of ZyXEL Communications Inc Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners ii Copyright Prestige 645R A Series User s Guide Federal Communications Commission FCC Interference Statement This device complies with Part 15 of FCC rules Operation is subje
84. R A Series User s Guide Table 6 6 Address Mapping Rules LABEL DESCRIPTION Type 1 1 One to one mode maps one local IP address to one global IP address Note that port numbers do not change for the One to one NAT mapping type M 1 Many to One mode maps multiple local IP addresses to one global IP address This is equivalent to SUA i e PAT port address translation ZyXEL s Single User Account feature that previous ZyXEL routers supported only M M Ov Overload Many to Many Overload mode maps multiple local IP addresses to shared global IP addresses MM No No Overload Many to Many No Overload mode maps each local IP address to unique global IP addresses Server This type allows you to specify inside servers of different services behind the NAT to be accessible to the outside world Back Click Back to return to the NAT Mode screen 6 7 Editing an Address Mapping Rule To edit an address mapping rule click the rule s link in the NAT Address Mapping Rules screen to display the screen shown next NAT Edit Address Mapping Rule 1 Type Local Start IP 0 0 0 0 Local End IP N Global Start IP 0 0 0 0 Global End IP N A Server Mapping Set N A D One to One D Apply Reset Delete Figure 6 7 Address Mapping Rule Edit The following table describes the labels in this screen 6 12 NAT Prestige 645R A Series User s Guide Table 6 7 Address Mapping Rule Edit LAB
85. RI SYSLOG NOTICE String String Packet trigger Protocol xx Data XXXXXXXXXX X Protocol 1 1P 2 BPDU 3 ATALK 4 IPNG Data We will send forty eight Hex characters to the server System Information and Diagnosis 19 7 Prestige 645R A Series User s Guide Jul 19 11 28 39 192 168 102 2 ZyXEL Communications Corp Packet Trigger Protocol 1 Data 4500003c100100001f 010004c0a86614ca849a7b08004a5c020001006162636465666768696a6b6c6d6e6 7071727374 Jul 19 11 28 56 192 168 102 2 ZyXEL Communications Corp Packet Trigger Protocol 1 Data 4500002c1b0140001f06b50ec0a86614ca849a7b0427001700195b3e00000000600220008cd4000002040 5b4 Jul 19 11 29 06 192 168 102 2 ZyXEL Communications Corp Packet Trigger Protocol 1 Data 45000028240140001f06ac12c0a86614ca849a7b0427001700195b451d1430135004000077600000 3 Filter lo Filter log Message Format SdcmdSyslogSend SYSLOG_FILLOG SYSLOG NOTICE String String IP Src xx xx xx xx Dst xx xx xx xx prot spo xxxx dpo xxxx S04 gt R01mD IP is the packet header and SO4 RO1mD means filter set 4 S and rule 1 R match m drop Dy Src Source Address Dst Destination Address prot Protocol TCP UDP ICMP Spo Source port dpo Destination port Jul 19 14 43 55 192 168 102 2 ZyXEL Communications Corp IP Src 202 132 154 123 Dst 255 255 255 255 UDP spo 0208 dpo 0208 S03 gt RO01mF Jul 19 14 44 00 192 168 102 2 ZyXEL Communications Corp IP Sr
86. Refer to the Resetting the Prestige section Do not turn off the Prestige while firmware upload is in progress After you see the Firmware Upload in Process screen wait two minutes before logging into the Prestige again Maintenance 8 11 Prestige 645R A Series User s Guide The Prestige automatically restarts in this time causing a temporary network disconnect In some operating systems you may see the following icon on your desktop d Local Area Connection Network cable unplugged Figure 8 8 Network Temporarily Disconnected After two minutes log in again and check your new firmware version in the System Status screen If the upload was not successful the following screen will appear Click Back to go back to the Firmware screen Error Message ERROR FAIL TO UPDATE DUE TO The uploaded file was not accepted by the router Back Figure 8 9 Error Message 8 12 Maintenance SMT General Configuration Part IV SMT General Configuration Lech See the web configurator parts of this guide for background information on features configurable by web configurator and SMT Prestige 645R A Series User s Guide Chapter 9 Introducing the SMT This chapter explains how to access and navigate the System Management Terminal and gives an overview of its menus 9 1 SMT Introduction The Prestige s SMT System Management Terminal is
87. S information select Enable DNS and type the information in the D l fields below you may not need to fill them all Bus GEES in Remove Setting up Your Computers IP Address D 3 Prestige 645R A Series User s Guide 4 Click the Gateway tab TCP IP Properties E If you do not know your gateway s IP address Bindings Advanced NeBlos remove previously installed gateways DNS Configuration Gateway WINS Configuration IP Address di iti The first gateway in the Installed Gateway list will be the default T TUM have a gateway IP address type it in the The address order in the list will be the order in which these New gateway field and click Add machines are used New gateway Installed gateways Cancel 5 Click OK to save and close the TCP IP Properties window 6 Click OK to close the Network window Insert the Windows CD if prompted T Turn on your Prestige and restart your computer when prompted Verifying Settings 1 Click Start and then Run 2 In the Run window type winipcfg and then click OK to open the IP Configuration window Select your network adapter You should see your computer s IP address subnet mask and default gateway D 4 Setting up Your Computer s IP Address Prestige 645R A Series User s Guide Windows 2000 NT XP 1 For Windows XP click start Control Panel In Windows 2000 NT click Start Settings Control Panel 2 For Windows XP click Net
88. SL connection is a point to point dedicated circuit meaning that the link is always up and there is no dialing required What is ADSL It is an asymmetrical technology meaning that the downstream data rate is much higher than the upstream data rate As mentioned this works well for a typical Internet session in which more information is downloaded for example from Web servers than is uploaded ADSL operates in a frequency range that is above the frequency range of voice services so the two systems can operate over the same cable Introduction to DSL xxi Getting Started Part I Getting Started This part is structured as a step by step guide to help you access your Prestige lt covers key features and applications accessing the web configurator and configuring the wizard screens for Prestige 645R A Series User s Guide Chapter 1 Getting To Know Your Prestige This chapter describes the key features and applications of your Prestige 1 1 Introducing the Prestige 645R A Series Y our Prestige integrates a high speed 10 100Mbps auto negotiating LAN interface and a high speed DSL port into a single package The Prestige is ideal for high speed Internet browsing and making LAN to LAN connections to remote networks The web browser based Graphical User Interface provides easy management and is totally independent of the operating system platform you use 1 2 Features of the Prestige Y our Prestige i
89. Setup Complete Rete tte vice e i Pee e ete etd 4 12 LAN NAT and Dynamic DNS se esse esse ee Ee EE EE Se SEE DRA Bee ta seta setas tests sens ensis sens EG sense suse tassa concen II Chapter 5 LAN Setup ese 5 1 EHE WES au EE 5 1 5 1 1 LANs WANS and the Prestige EE EE Ee ee Re RE EE et 5 1 533 DNS Server Address sis es ne AR iaa eer d 5 1 33 DNS Server Address Assignment 2 nee ae etr II eee e 5 2 54 LAN TOP AP iia 5 2 5 4 1 Factory LAN Defaults ts n Re Rea eade d 5 2 5 4 2 TP Address tid Subnet Mask ut ases 5 3 5 4 3 RIP SetUp iii aeter tie Aa 5 3 5 4 4 UIE ER A he M 5 3 55 Configuring LAN occ EE RN Ret cei es ee ese RL i hd ee 5 4 Chapter 6 Network Address Translation NAT esse esse es see esse es see ee EE Ge Ee GE GE Ee GE Ge EE ee Ee Ge EE ee Ee Ge Se 6 1 6 1 NAT OVERVIEW SE De RE eet e e ness on b Een 6 1 6 1 1 NAT Definition ARE EE da EE nee 6 1 6 1 2 What NAT DOSS ge Ankit do GE OR EES 6 1 6 1 3 How NAT WOEKS ii ER GAN ES e EES e 6 2 6 1 4 NAT Appa e e t eto terea e OE e ped estet oon 2 6 3 6 1 5 NAT Mapping Types tee ste ete ee te eee ER DER TUN RR RU N N 6 3 6 2 SUA Single User Account Versus NAT rennen enne 6 4 Table of Contents vii Prestige 645R A Series User s Guide 6 3 EE O ANN 6 5 6 3 1 Port Forwarding Services and Port Number 6 5 6 3 2 Configuring Servers Behind SUA Exame 6 6 D
90. System Profiler gt ER Network Browser Recent Applications G Recent Documents if Remote Access Status Speakable Items ADSL Control and Status Appearance Apple Menu Options AppleTalk ColorSync Control Strip Date amp Time DialAssist Energy Saver Extensions Manager File Exchange File Sharing General Controls Internet Keyboard Keychain Access Launcher Location Manager Memory Modem Monitors Mouse Multiple Users Numbers QuickTime Settings Remote Access Software Update Sound Speech Startup Disk Text USB Printer Sharing TCP IP Comect vla Setup Ethernet Configure DHCP Client ID IP Address Subnet mask Router address Narne server addr Using DHCP Server A will be supplied by server gt lt will be supplied by server gt will be supplied by server gt will be supplied by server gt Search comans Setting up Your Computer s IP Address D 9 Prestige 645R A Series User s Guide For dynamically assigned settings select Using DHCP Server from the Configure list For statically assigned settings do the following From the Configure box select Manually Type your IP address in the IP Address box Type your subnet mask in the Subnet mask box Type the IP address of your Prestige in the Router address box Close the TCP IP Control Panel Click Save if prompted to sa
91. The Dynamic DNS service provider will give you a password or key 7 1 1 DYNDNS Wildcard Enabling the wildcard feature for your host causes yourhost dyndns org to be aliased to the same IP address as yourhost dyndns org This feature is useful if you want to be able to use for example www yourhost dyndns org and still reach your hostname If you have a private WAN IP address then you cannot use Dynamic DNS 7 2 Configuring Dynamic DNS To change your Prestige s DDNS click Dynamic DNS The screen appears as shown Dynamic DNS Setup 7 1 Prestige 645R A Series User s Guide Dynamic DNS Active Service Provider Host Name E mail Address User Password WwWw DynDNs oRG x E Enable Wildcard Apply Reset Figure 7 1 DDNS The following table describes the labels in this screen Table 7 1 DDNS LABEL DESCRIPTION Active Select this check box to use dynamic DNS Service Provider Select the name of your Dynamic DNS service provider Host Name Type the domain name assigned to your Prestige by your Dynamic DNS provider E mail Address Type your e mail address User Type your user name Password Type the password assigned to you Enable Wildcard Select this check box to enable DYNDNS Wildcard Apply Click Apply to save your changes back to the Prestige Reset Click Reset to reload the previous
92. all protocols The valid range for the VPI is 0 to 255 and for the VCI is 32 to 65535 1 to 31 is reserved for local management of ATM traffic 13 14 Remote Node Configuration Prestige 645R A Series User s Guide Chapter 14 Static Route Setup This chapter shows how to setup IP static routes 14 1 IP Static Route Overview Static routes tell the Prestige routing information that it cannot learn automatically through other means This can arise in cases where RIP is disabled on the LAN or a remote network is beyond the one that is directly connected to a remote node Each remote node specifies only the network to which the gateway is directly connected and the Prestige has no knowledge of the networks beyond For instance the Prestige knows about network N2 in the following figure through remote node Router 1 However the Prestige is unable to route a packet to network N3 because it does not know that there is a route through remote node Router 1 via Router 2 The static routes allow you to tell the Prestige about the networks beyond the remote nodes N1 N2 N3 PRESTIGE R2 Figure 14 1 Sample Static Routing Topology Static Route Setup 14 1 Prestige 645R A Series User s Guide 14 2 Configuring an IP static route Step 1 To configure an IP static route use Menu 12 Static Route Setup shown next Menu 12 Static Route Setup 1 IP Static Route 3 Bridge Static Route Please enter selection
93. ameter for the communication software you are using to connect to the Prestige 19 4 Log and Trace There are two logging facilities in the Prestige The first is the error logs and trace records that are stored locally The second is the UNIX syslog facility for message logging 19 4 1 Viewing Error Log The first place you should look for clues when something goes wrong is the error log Follow the procedures to view the local error trace log Step 1 Type 24 in the main menu to display Menu 24 System Maintenance Step 2 From menu 24 type 3 to display Menu 24 3 System Maintenance Log and Trace Menu 24 3 System Maintenance Log and Trace 1 View Error Log 2 UNIX Syslog Please enter selection Figure 19 6 Menu 24 3 System Maintenance Log and Trace System Information and Diagnosis 19 5 Prestige 645R A Series User s Guide Step 3 Enter 1 from Menu 24 3 System Maintenance Log and Trace to display the error log in the system After the Prestige finishes displaying the error log you will have the option to clear it Samples of typical error and information messages are presented in the next figure Thu Jan 00 LAN promiscuous mode 0 Thu Jan 00 SNMP TRAP 0 cold start Thu Jan 00 main init completed Thu Jan 00 SMT Session Begin Thu Jan 00 MPOA Link Down Clear Error Log Figure 19 7 Sample Error and Information Messages 19 4 2 Syslog and Accounting The Prestige uses
94. and the Prestige is receiving sufficient power 3 Turn the Prestige off and on 4 If the error persists you may have a hardware problem In this case you should contact your vendor A 1 2 LAN LED The LAN LED on the front panel does not light up Chart A 2 Troubleshooting LAN LED STEPS CORRECTIVE ACTION Check the Ethernet cable connections between your Prestige and the computer or hub Check for faulty Ethernet cables Make sure your computer s Ethernet card is working properly AJOJN If these steps fail to correct the problem contact your local distributor for assistance Troubleshooting A 1 Prestige 645R A Series User s Guide A 1 3 DSL LED The DSL LED on the front panel does not light up Chart A 3 Troubleshooting DSL LED STEPS CORRECTIVE ACTION 1 Check the telephone wire and connections between the Prestige DSL port and the wall jack 2 Make sure that the telephone company has checked your phone line and set it up for DSL service 3 Reset your ADSL line to reinitialize your link to the DSLAM For details refer to the Maintenance chapter web configurator or the System Information and Diagnosis chapter SMT 4 If these steps fail to correct the problem contact your local distributor for assistance A 2 Telnet I cannot telnet into the Prestige Chart A 4 Troubleshooting Telnet STEPS CORRECTIVE ACTION 1 Check the
95. ber 1 Local Start IP Local Start IP is the starting local IP address ILA 0 0 0 0 Local End IP Local End IP is the ending local IP address ILA If the rule is 255 255 255 255 for all local IPs then the Start IP is 0 0 0 0 and the End IP is 255 255 255 255 Global Start IP This is the starting global IP address IGA If you have a 0 0 0 0 dynamic IP enter 0 0 0 0 as the Global Start IP Global End IP This is the ending global IP address IGA Type These are the mapping types Server allows us to specify Server multiple servers of different types behind NAT to this machine See later for some examples NAT 16 5 Prestige 645R A Series User s Guide Table 16 2 SUA Address Mapping Rules FIELD DESCRIPTION EXAMPLE When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen User Defined Address Mapping Sets Now let s look at option 1 in menu 15 1 Enter 2 to bring up this menu We ll just look at the differences from the previous menu Note the extra Action and Select Rule fields mean you can configure rules in this screen Note also that the in the Set Name field means that this is a required field and you must enter a name for the set Menu 15 1 2 Address Mapping Rules Set Name Global Start IP Global End IP Serve 2 Su 4 5 6 d 8 D
96. c 192 168 102 20 Dst 202 132 154 1 UDP spo 05d4 dpo 0035 S03 gt RO01mF Jul 19 14 44 04 192 168 102 2 ZyXEL Communications Corp IP Src 192 168 102 20 Dst 202 132 154 1 UDP spo 05d4 dpo 0035 S03 gt RO01mF 4 PPP log PPP Log Message Format sdcmdSyslogSend SYSLOG PPPLOG SYSLOG NOTICE String String ppp Proto Starting ppp Proto Opening ppp Proto Closing ppp Proto Shutdown Proto LCP ATCP BACP BCP CBCP CCP CHAP PAP IPCP Jul 19 11 42 44 192 168 102 2 ZyXEL Communications Corp ppp LCP Closing Jul 19 11 42 49 192 168 102 2 ZyXEL Communications Corp ppp IPCP Closing Jul 19 11 42 54 192 168 102 2 ZyXEL Communications Corp ppp CCP Closing 19 5 Diagnostic The diagnostic facility allows you to test the different aspects of your Prestige to determine if it is working properly Menu 24 4 allows you to choose among various types of diagnostic tests to evaluate your system as shown in the following figure 19 8 System Information and Diagnosis Prestige 645R A Series User s Guide Follow the procedure next to get to Diagnostic Step 1 From the main menu type 24 to open Menu 24 System Maintenance Step 2 From this menu type 4 Diagnostic to open Menu 24 4 System Maintenance Diagnostic Menu 24 4 System Maintenance Diagnostic ADSL System 1 Reset ADSL 21 Reboot System 22 Command Mode TCP IP 12 Ping Host Enter Menu Selection Number Host IP Addr
97. ce that you use to configure your Prestige Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below 9 2 Introducing the SMT Prestige 645R A Series User s Guide Table 9 1 Main Menu Commands previous menu OPERATION KEYSTROKE DESCRIPTION Move down to ENTER To move forward to a submenu type in the number of the desired another menu submenu and press ENTER Move up to a ESC Press ESC to move back to the previous menu menu Move to a hidden Press SPACE BAR to change No to Yes then press ENTER Fields beginning with Edit lead to hidden menus and have a default setting of No Press SPACE BAR once to change No to Yes then press ENTER to go to the hidden menu Move the cursor ENTER or Within a menu press ENTER to move to the next field You can UP DOWN arrow also use the UP DOWN arrow keys to move to the previous keys and the next field respectively Entering Type in or press You need to fill in two types of fields The first requires you to type information SPACE BAR then in the appropriate information The second allows you to cycle press ENTER through the available choices by pressing SPACE BAR Required fields lt gt or ChangeMe fields with the symbol lt gt must be filled in order to be able to save the new configuration All fields with Chang
98. ceive on the screen and take the appropriate troubleshooting steps 12 6 Internet Access Prestige 645R A Series User s Guide Chapter 13 Remote Node Configuration This chapter covers remote node configuration 13 1 Remote Node Setup Overview This section describes the protocol independent parameters for a remote node A remote node is required for placing calls to a remote gateway A remote node represents both the remote gateway and the network behind it across a WAN connection When you use menu 4 to set up Internet access you are configuring one of the remote nodes You first choose a remote node in Menu 11 Remote Node Setup You can then edit that node s profile in menu 11 1 as well as configure specific settings in three submenus edit IP and bridge options in menu 11 3 edit ATM options in menu 11 6 and edit filter sets in menu 11 5 13 2 Remote Node Setup This section describes the protocol independent parameters for a remote node 13 2 1 Remote Node Profile To configure a remote node follow these steps Step 1 From the main menu enter 11 to display Menu 11 Remote Node Setup Step 2 When menu 11 appears as shown in the following figure type the number of the remote node that you want to configure Remote Node Configuration 13 1 Prestige 645R A Series User s Guide Menu 11 Remote Node Setup My ISP ISP NAT co AU bs QN ES Enter Node to Edit Figure 13 1 Menu
99. ch bits are part of the network number and which bits are part of the host ID using a logical AND operation A subnet mask has 32 bits each bit of the mask corresponds to a bit of the IP address If a bit in the subnet mask is a 1 then the corresponding bit in the IP address is part of the network number If a bit in the subnet mask is 0 then the corresponding bit in the IP address is part of the host ID Subnet masks are expressed in dotted decimal notation just as IP addresses are The natural masks for class A B and C IP addresses are as follows Chart B 3 Natural Masks CLASS NATURAL MASK A 255 0 0 0 B 255 255 0 0 C 255 255 255 0 Subnetting With subnetting the class arrangement of an IP address is ignored For example a class C address no longer has to have 24 bits of network number and 8 bits of host ID With subnetting some of the host ID bits are converted into network number bits By convention subnet masks always consist of a continuous sequence B 2 IP Subnetting Prestige 645R A Series User s Guide of ones beginning from the left most bit of the mask followed by a continuous sequence of zeros for a total number of 32 bits Since the mask is always a continuous number of ones beginning from the left followed by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet Thi
100. ck menu 4 or WAN screen to verify that the username and password are entered properly 2 In menu 11 1 verify your login name and password for the remote node 3 If these steps fail you may need to verify your login and password with your ISP A 6 Troubleshooting Prestige 645R A Series User s Guide Appendix B IP Subnetting IP Addressing Routers route based on the network number The router that delivers the data packet to the correct destination host uses the host ID IP Classes An IP address is made up of four octets eight bits written in dotted decimal notation for example 192 168 1 1 IP addresses are categorized into different classes The class of an address depends on the value of its first octet gt Class A addresses have a 0 in the left most bit In a class A address the first octet is the network number and the remaining three octets make up the host ID gt Class B addresses have a 1 in the left most bit and a 0 in the next left most bit In a class B address the first two octets make up the network number and the two remaining octets make up the host ID gt Class C addresses begin starting from the left with 1 1 0 In a class C address the first three octets make up the network number and the last octet is the host ID gt Class D addresses begin with 1 1 1 0 Class D addresses are used for multicasting There is also a class E address It is reserved f
101. ckup the current Prestige configuration to your computer Backup is highly recommended once your Prestige is functioning properly FTP is the preferred methods for backing up your current configuration to your computer since they are faster Please note that terms download and upload are relative to the computer Download means to transfer from the Prestige to the computer while upload means from your computer to the Prestige 20 2 Firmware and Configuration File Maintenance Prestige 645R A Series User s Guide 20 2 1 Backup Configuration Follow the instructions as shown in the next screen Menu 24 5 Backup Configuration To transfer the configuration file to your computer follow the procedure below Launch the FTP client on your computer Type open and the IP address of your system Then type root and SMT password as requested Locate the rom 0 file Type get rom 0 to back up the current system configuration to your computer For details on FTP commands please consult the documentation of your FTP client program For details on backup using TFTP note that you must remain in this menu to back up using TFTP please see your user manual Press ENTER to Exit Figure 20 1 Telnet in Menu 24 5 20 2 2 Using the FTP Command from the Command Line Step 1 Launch the FTP client on your computer Step 2 Enter open followed by a space and the IP address of your Prestige Step 3 Pres
102. ct to the following two conditions e This device may not cause harmful interference e This device must accept any interference received including interference that may cause undesired operations This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications If this equipment does cause harmful interference to radio television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures 1 Reorient or relocate the receiving antenna 2 Increase the separation between the equipment and the receiver 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected 4 Consult the dealer or an experienced radio TV technician for help Notice 1 Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment Certifications Refer to the product page at www zyxel com Tested To Comply FC With FCC Standards FOR HOME OR OFFICE USE
103. d My Password fields for PPPoA N A and PPPoE encapsulation only Enter the login name that your ISP gives you If you are using PPPoE encapsulation then this field must be of the form user domain where domain identifies your PPPoE service name My Password Enter the password associated with the login name above N A NAT Press SPACE BAR to select None SUA Only or Full SUA Only Feature Please see the NAT Chapter for more details on the SUA Single User Account feature Address Mapping Set When Full Feature is selected in the NAT field configure N A address mapping sets in menu 15 1 Select one of the NAT server sets 2 10 in menu 15 2 see the NAT chapter for details and type that number here When SUA Only is selected in the NAT field the SMT uses NAT server set 1 in menu 15 2 see the NAT chapter for details IP Address Press the SPACE BAR to select Static or Dynamic IP Dynamic Assignment address assignment IP Address Enter the IP address supplied by your ISP if applicable ENET ENCAP Enter the gateway IP address supplied by your ISP when you N A Gateway are using ENET ENCAP encapsulation When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen If all your settings are correct your Prestige should connect automatically to the Internet If the connection fails note the error message that you re
104. d trademark of ZyXEL Communications Corporation ADSL Chipset Vendor Displays the vendor of the ADSL chipset and DSL version Standard This refers to the operational protocol the Prestige and the DSLAM Digital Subscriber Line Access Multiplexer are using LAN Ethernet Address Refers to the Ethernet MAC Media Access Control of your Prestige IP Address This is the IP address of the Prestige in dotted decimal notation IP Mask This shows the subnet mask of the Prestige DHCP This field shows the DHCP setting None Relay or Server of the Prestige 19 4 System Information and Diagnosis Prestige 645R A Series User s Guide 19 3 2 Console Port Speed The Prestige has an internal console port for support personnel only Do not open the Prestige as it will void your warranty You can set up different port speeds for the console port through Menu 24 2 2 System Maintenance Console Port Speed Your Prestige supports 9600 default 19200 38400 57600 and 115200 bps Press SPACE BAR and then ENTER to select the desired speed in menu 24 2 2 as shown in the following figure Menu 24 2 2 System Maintenance Change Console Port Speed Console Port Speed 9600 Press ENTER to Confirm or ESC to Cancel Figure 19 5 Menu 24 2 2 System Maintenance Change Console Port Speed Once you change the Prestige consol port speed you must also set the speed par
105. dress Translation SUA Only Address Mapping Set N A Press ENTER to Confirm or ESC to Cancel Figure 16 12 Menu 4 Internet Access amp NAT Example From menu 4 choose the SUA Only option from the Network Address Translation field This is the Many to One mapping discussed in section 16 5 The SUA Only read only option from the Network Address Translation field in menus 4 and 11 3 is specifically pre configured to handle this case 16 12 NAT Prestige 645R A Series User s Guide 16 5 2 Example 2 Internet Access with an Inside Server Prestige Pc 2 e RE Inside Local One Dynamic PC3 Ol Addresses ILA Inside Global Addresses IGA Assigned by ISP Inside Server IP 192 168 1 10 Figure 16 13 NAT Example 2 In this case you do exactly as above use the convenient pre configured SUA Only set and also go to menu 15 2 to specify the Inside Server behind the NAT as shown in the next figure Menu 15 2 1 NAT Server Setup Used for SUA Only Rule Start Port No End Port No IP Address Default Default 0 68 1 10 o 1 24 34 4 Bis 6 7s 8 9 10 e um Co GO O OOo 0 00 01 oooooooooo oooooooooo o0oo0o0o0o0oooooNn 20000000000 ooooooooooo p N Press ENTER to Confirm or ESC to Cancel Figure 16 14 Menu 15 2 1 Specifying an Inside Server NAT 16 13 Prestige 645R A Series User s Guide 16 5 3 Example 3 Multiple Public IP Addresses With Inside Servers In this
106. e If you do not know your gateway s IP address remove any previously installed gateways in the IP Settings tab and click OK Do one or more of the following if you want to configure additional IP addresses In the IP Settings tab in IP addresses click Add In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additional default gateways in the IP Settings tab by clicking Add in Default gateways In TCP IP Gateway Address type the IP address of the default gateway in Gateway To manually configure a default metric the number of transmission hops clear the Automatic metric check box and type a metric in Metric Click Add Advanced TCP IP Settings IP Settings DNS WINS Options IP addresses IP address DHCP Enabled Subnet mask Default gateways Gateway Metric Automatic metric Repeat the previous three steps for each default gateway you want to add Click OK when finished Setting up Your Computer s IP Address D 7 Prestige 645R A Series User s Guide 7 In the Internet Protocol TCP IP Properties Internet Protocol TCP IP Properties window the General tab in Windows XP HEESE eneral emate Configuration Click Obtain DNS server address You can get IP settings assigned automatically if your network supports automa
107. e Reset Click Reset to reload the previous configuration for this screen LAN Setup 5 5 Prestige 645R A Series User s Guide Chapter 6 Network Address Translation NAT This chapter discusses how to configure NAT on the Prestige 6 1 NAT Overview NAT Network Address Translation NAT RFC 1631 is the translation of the IP address of a host in a packet for example the source address of an outgoing packet used within one network to a different IP address known within another network 6 1 1 NAT Definitions Inside outside denotes where a host is located relative to the Prestige for example the computers of your subscribers are the inside hosts while the web servers on the Internet are the outside hosts Global local denotes the IP address of a host in a packet as the packet traverses a router for example the local address refers to the IP address of a host when the packet is in the local network while the global address refers to the IP address of the host when the same packet is traveling in the WAN side Note that inside outside refers to the location of a host while global local refers to the IP address of a host used in a packet Thus an inside local address ILA is the IP address of an inside host in a packet when the packet is still in the local network while an inside global address IGA is the IP address of the same inside host when the packet is on the WAN side The following table summarizes this
108. e IP and the upper layer protocol for example UDP and TCP headers To configure TCP IP rules select TCP IP Filter Rule from the Filter Type field and press ENTER to open Menu 21 x 1 TCP IP Filter Rule as shown next Menu 21 6 1 TCP IP Filter Rule Filter 4 6 1 Filter Type TCP IP Filter Rule Active No IP Protocol 0 P Source Route No Destination IP Addr IP Mask Port Port 4 Comp None Source IP Addr IP Mask Port Port Comp None TCP Estab N A More No Log None Action Matched Check Next Rule Action Not Matched Check Next Rule Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 17 9 Menu 21 x 1 TCP IP Filter Rule The following table describes how to configure your TCP IP filter rule 17 8 Filter Configuration Prestige 645R A Series User s Guide Table 17 3 Menu 21 x 1 TCP IP Filter Rule FIELD DESCRIPTION EXAMPLE Filter This is the filter set filter rule coordinates for instance 2 6 1 3 refers to the second filter set and the third filter rule of that set Filter Type Use SPACE BAR and then ENTER to choose a rule TCP IP Filter Rule Parameters displayed for each type will be different Choices are TCP IP Filter Rule or Generic Filter Rule Active Select Yes to activate or No to deactivate the filter rule No default IP Protocol This is the upper layer protocol for example TCP is 6 0 to 255 UDP is 17 and
109. e Micerofblters esses F 1 TFTP and FTP over WAN Will Not Work When ageet nee thee 20 4 TFTP File Transfer 20 10 TFTP Restrictions ooooonnnonocnnonncnnconnconncnononss 20 4 TOS Type of Service esse ee ee Re 21 1 Trace Records iere 19 5 Transmission Rates iese esse ea RR RA RA 1 1 Troubleshooting Internet Browser Display A 3 Login Password A 3 Power LED cuina nd A 1 A 2 Telnet rete E ers A 2 Web Configurator c ooooonoccocnnonnonnconnconnconocnnoo A 3 Type of Service 21 1 21 3 21 4 21 5 U UNIX Syslog eene 19 5 19 6 UNIX syslog parameter esse see seek ee 19 6 Upload Firmware sse 20 8 User En EE EE S 7 2 Using LEDs To Diagnose Problems A 1 H VC based Multiplexing sssse 13 2 VEELS UM Clinicas Ep tee res 4 2 W Web Configurator esse ese ee se Ge Re RR e 3 1 3 2 Wizard Setup ie ee ee ee ee Re ER RR RR RA 4 1 Z ZYNOS REDE e tt 20 1 20 2 ZyNOS F W Version 20 1 ZyXEL Limited Warranty INO Les dto doeet e o EPOR EDU iv Index H 5
110. e NT 2000 XP Macintosh OS 7 and later operating systems and all versions of UNIX LINUX include the software components you need to install and use TCP IP on your computer Windows 3 1 requires the purchase of a third party TCP IP application package TCP IP should already be installed on computers using Windows NT 2000 XP Macintosh OS 7 and later operating systems After the appropriate TCP IP components are installed configure the TCP IP settings in order to communicate with your network If you manually assign IP information instead of using dynamic assignment make sure that your computers have IP addresses that place them in the same subnet as the Prestige s LAN port Windows 95 98 Me Click Start Settings Control Panel and double click the Ce o Network icon to open the Network window Configuration Identification Access Contrai The following network components are installed IB Zy IR 100 Wireless PCMCIA n Y NDISWAN gt nothing Y TCP IP gt Accton EN1207D TX PCI Fast Ethemet Adapte Y TCP IP gt Dial Up Adapter TCP IP gt ZyAIR 100 Wireless PCMCIA X Add Remove Properties Primary Network Logon Client for Microsoft Networks 7 File and Print Sharing TCP IP is the protocol you use to connect to the Internet and Description wide area networks Cancel Setting up Your Computer s IP Address D 1 Prestige 645R A Series User s Guide Installing Compone
111. e ed ek ete idu ee eterne Ge tato 13 1 13 21 Retnote Node Profile ci A A ete 13 1 13 22 Encapsulation and Multiplexing Scenarios ese ee ee ee ee ee Re Re ER RR RA GRA GRA Re ee 13 2 13 2 3 Outgoing Authentication Protocol ee se ee ee ee RR GR Re enne 13 5 13 3 7ZMeITIC AL tomes casero BSE O R 13 5 13 4 Remote Node Network Layer Options sess 13 6 13 41 My WAN Addr Sample IP Addresses ees ese ee ee ee Ge GR GR Re Re Ge Re ee Re GRA GRA GRA Gee ee 13 9 13 5 Remote Node Filter iii Ke EE eee nee re e de e i Be Ure heit 13 9 13 5 1 Web Configurator Internet Security Filter Rules essen 13 10 13 5 2 Web Configurator Filter Sets iese see sn ee ae se ee ee ee Ge Re GE Re GR Re GR Re enne 13 11 13 6 Editing ATM Layer Options veicas hiii arie E e E E a Ee 13 13 13 6 1 VC based Multiplexing non PPP Encapsulapon sese 13 13 13 6 2 LLC based Multiplexing or PPP Encapsulaton sesse sesse ee sees se ee see ee ee ee ee Ge ee ee ee ee ee 13 13 Chapter 14 Static Route Setup missed dese irte eed de ee dee se vee A 14 1 14 1 IP Static Route Overview EE Ee it 14 1 14 2 Configuring an IP static route ai tea ee 14 2 Chapter 15 Bridging Setup sesse sege se ee de orson Ge be ve vee ede ee oog ie sege pv to bee de ed Eg Nee 15 1 15 1 Biidsmg OVervi Ws ss EE RE EE ate e GE EA ee We AE 15 1 15 2 Bridge EOS OC RINT e AE ee 15 1 15 21 R mote Node Bridging t 22 EE E tio 15 1 1522 Bridge Sta
112. e the SMT timeout so the TFTP transfer will not be interrupted Enter command sys stdio 5 to restore the five minute SMT timeout default when the file transfer is complete Step 4 Launch the TFTP client on your computer and connect to the Prestige Set the transfer mode to binary before starting data transfer Step 5 Use the TFTP client see the example below to transfer files between the Prestige and the computer The file name for the configuration file is rom 0 rom zero not capital o Note that the telnet connection must be active and the SMT in CI mode before and during the TFTP transfer For details on TFTP commands see following example please consult the documentation of your TFTP client program For UNIX use get to transfer from the Prestige to the computer and binary to set binary transfer mode 20 2 7 TFTP Command Example The following is an example TFTP command tftp i host get rom 0 config rom DEE where i specifies binary image transfer mode use this mode when transferring binary files host is the Prestige IP address get transfers the file source on the Prestige rom 0 name of the configuration file on the Prestige to the file destination on the computer and renames it config rom 20 2 8 GUI based TFTP Clients The following table describes some of the fields that you may see in GUI based TFTP clients Firmware and Configuration File Maintenance 20 5 Prestige
113. e zyxel com support zyxel com 1 800 255 4101 www us zyxel com AMERICA sales zyxel com 1 714 632 0858 ftp zyxel com SCANDINAVIA support zyxel dk 45 3955 0700 www zyxel dk ZyXEL Communications A S Columbusvej 5 2860 Soeborg sales zyxel dk 45 3955 0707 ftp zyxel dk Denmark GERMANY support zyxel de 49 2405 6909 0 ZyXEL Deutschland GmbH Adenauerstr 20 A2 D 52146 sales zyxel de 49 2405 6909 99 Wuerselen Germany Customer Support V Prestige 645R A Series User s Guide Table of Contents NA EE M ed i EU au d ii Federal Communications Commission FCC Interference Statement sees ee Bee Ee eene iii ZyXEL Limited Warranty P Sovis soos iv US EN dd Ee RO EE EO EE NE EE EE GE OE E rov v Tapleof EE vi A RO xii Ip cod nos xvi List of Charts H Ge Se See xviii AF TUE e M xix Hino p ccoo nora ee nos xxi A A TA I Chapter 1 Getting To Know Your Prestige esse esse es sesse es Bee ee BEG Ee BEG Ee BEG Ge EE BEG Ge BEG ee EG ES 1 1 1 1 Introducing the Prestige 645R A Seege 1 1 2 Eeaturesof the Prestige uoo as
114. eMe must not be left blank in order to be able to save the new configuration N A fields lt N A gt Some of the fields in the SMT will show a lt N A gt This symbol refers to an option that is Not Applicable Save your ENTER Save your configuration by pressing ENTER at the message configuration Press ENTER to confirm or ESC to cancel Saving the data on the screen will take you in most cases to the previous menu Exit the SMT Type 99 then press Type 99 at the main menu prompt and press ENTER to exit the ENTER SMT interface After you enter the password the SMT displays the main menu as shown next Introducing the SMT 9 3 Prestige 645R A Series User s Guide Copyright c 1994 2003 ZyXEL Communications Corp Getting Started 1 General Setup 3 Ethernet Setup 4 Internet Access Setup Advanced Applications 11 Remote Node Prestige 645R A Main Menu Advanced Management Filter Set Configuration SNMP Configuration System Password System Maintenance IP Routing Policy Setup Setup Schedule Setup 12 Static Routing Setup 15 NAT Setup Exit Enter Menu Selection Number Figure 9 3 SMT Main Menu 9 2 1 System Management Terminal Interface Summary Table 9 2 Main Menu Summary MENU TITLE DESCRIPTION 1 General Setup Use this menu to set up your general information Ethernet Setup Use this menu to se
115. eans that you will lose all configurations that you had previously The password will be reset to 1234 also 3 5 1 Using The Reset Button Make sure the PWR LED is on not blinking when you begin this procedure 1 Press the RESET button for more than five seconds then release it If the PWR LED begins to blink the defaults have been restored and the Prestige restarts Otherwise go to step 2 2 Turn the Prestige off 3 While pressing the RESET button turn the Prestige on Continue to hold the RESET button The PWR LED will begin to blink and flicker very quickly after about 10 or 15 seconds This indicates that the defaults have been restored and the Prestige is now restarting 3 4 Introducing the Web Configurator Prestige 645R A Series User s Guide Chapter 4 Wizard Setup This chapter provides information on the Wizard Setup screens in the web configurator 4 1 Wizard Setup Introduction Use the Wizard Setup screens to configure your system for Internet access settings and fill in the fields with the information in the Internet Access Checklist table of the Read Me First Your ISP may have already configured some of the fields in the wizard screens for you 4 2 Encapsulation Be sure to use the encapsulation method required by your ISP The Prestige supports the following methods 4 2 1 ENET ENCAP The MAC Encapsulated Routing Link Protocol ENET ENCAP is only implemented with the IP network protocol IP pack
116. ed and duplex setting if you re using Ethernet encapsulation and down line is down idle line ppp idle dial starting to trigger a call and drop dropping a call if you re using PPPoE encapsulation For a LAN port this shows the port speed and duplex setting LAN Port Statistics This is the LAN port TxPkts This field displays the number of packets transmitted on this port RxPkts This field displays the number of packets received on this port Errors This field displays the number of error packets on this port Tx B s This field displays the number of bytes transmitted in the last second Rx B s This field displays the number of bytes received in the last second Up Time This field displays the elapsed time this port has been up Collisions This is the number of collisions on this port CPU Load This field specifies the percentage of CPU utilization Poll Interval s Type the time interval for the browser to refresh system statistics Maintenance 8 5 Prestige 645R A Series User s Guide Table 8 2 System Status Show Statistics LABEL DESCRIPTION Set Interval Click this button to apply the new poll interval you entered in the Poll Interval field above Stop Click this button to halt the refreshing of the system statistics 8 3 DHCP Table Screen DHCP Dynamic Host Configuration Protocol RFC 2131 and RFC 2132 allows individual clients to obtain TC
117. eekly in the How Often field above then select Yes D the day s when the set should activate and recur by going to that N ay day s and pressing SPACE BAR to select Yes then press Q ENTER N A Start Time Enter the start time when you wish the schedule set to take effect 09 00 in hour minute format Duration Enter the maximum length of time this connection is allowed in 08 00 hour minute format Action Forced On means that the connection is maintained whether or not there is a demand call on the line and will persist for the time period Forced On specified in the Duration field Forced Down means that the connection is blocked whether or not there is a demand call on the line Enable Dial On Demand means that this schedule permits a demand call on the line Disable Dial On Demand means that this schedule prevents a demand call on the line When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen Once your schedule sets are configured you must then apply them to the desired remote node s Enter 11 from the Main Menu and then enter the target remote node index Using SPACE BAR select PPPoE or PPPOA in the Encapsulation field and then press ENTER to make the schedule sets field available as shown next Call Scheduling 22 3 Prestige 645R A Series User s Guide
118. er s Guide Table 17 3 Menu 21 x 1 TCP IP Filter Rule Action Matched Only packets that match the rule parameters will be logged Action Not Matched Only packets that do not match the rule parameters will be logged Both All packets will be logged FIELD DESCRIPTION EXAMPLE TCP Estab This applies only when the IP Protocol field is 6 TCP If No Yes the rule matches packets that want to establish TCP default connection s SYN 1 and ACK 0 else it is ignored More If Yes a matching packet is passed to the next filter rule No before an action is taken or else the packet is disposed of default according to the action fields If More is Yes then Action Matched and Action Not Matched will be N A Log Selectthe logging option from the following None No packets will be logged None Action Matched Select the action for a matching packet Choices are Check Next Rule Check Next Rule Forward or Drop default Action Not Matched Select the action for a packet not matching the rule Check Next Rule Choices are Check Next Rule Forward or Drop default When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen The following figure illustrates the logic flow of an IP filter 17 10 Filter Configuration Prestige 645R A Series User s G
119. ess N A Figure 19 9 Menu 24 4 System Maintenance Diagnostic The following table describes the diagnostic tests available in menu 24 4 for and the connections Table 19 4 Menu 24 4 System Maintenance Menu Diagnostic FIELD DESCRIPTION Reset ADSL Re initialize the ADSL link to the telephone company Ping Host Ping the host to see if the links and TCP IP protocol on both systems are working Reboot System Reboot the Prestige Command Mode Type the mode to test and diagnose your Prestige using specified commands Host IP Address If you typed 12 to Ping Host now type the address of the computer you want to ping 19 6 Command Interpreter Mode The Command Interpreter CI is a part of the main system firmware The CI provides much of the same functionality as the SMT while adding some low level setup and diagnostic functions Enter the CI from the SMT by selecting menu 24 8 See the included disk or the zyxel com web site for more detailed information on CI commands Enter 8 from Menu 24 System Maintenance A list of valid commands can be found by typing help or at the command prompt Type exit to return to the SMT main menu when finished System Information and Diagnosis 19 9 Prestige 645R A Series User s Guide Copyright c 1994 2003 ZyXEL Communications Corp P645R Al gt Valid commands are Sys exit bridge ip P645R A1 Figure 19 10 Valid Command
120. ets are routed between the Ethernet interface and the WAN interface and then formatted so that they can be understood in a bridged environment For instance it encapsulates routed Ethernet frames into bridged ATM cells ENET ENCAP requires that you specify a gateway IP address in the Ethernet Encapsulation Gateway field in the second wizard screen You can get this information from your ISP 4 2 2 PPP over Ethernet PPPoE provides access control and billing functionality in a manner similar to dial up services using PPP The Prestige bridges a PPP session over Ethernet PPP over Ethernet RFC 2516 from your computer to an ATM PVC Permanent Virtual Circuit which connects to ADSL Access Concentrator where the PPP session terminates One PVC can support any number of PPP sessions from your LAN For more information on PPPoE see the appendix 4 2 3 PPPoA PPPoA stands for Point to Point Protocol over ATM Adaptation Layer 5 AALS It provides access control and billing functionality in a manner similar to dial up services using PPP The Prestige encapsulates the PPP session based on RFC1483 and sends it through an ATM PVC Permanent Virtual Circuit to the Internet Service Provider s ISP DSLAM digital access multiplexer Please refer to RFC 2364 for more information on PPPoA Refer to RFC 1661 for more information on PPP Wizard Setup 4 1 Prestige 645R A Series User s Guide 4 2 4 RFC 1483 RFC 1483 describes two methods for Multiprot
121. etwork Address Translator NAT 6 1 3 How NAT Works Each packet has two addresses a source address and a destination address For outgoing packets the ILA Inside Local Address is the source address on the LAN and the IGA Inside Global Address is the source address on the WAN For incoming packets the ILA is the destination address on the LAN and the IGA is the destination address on the WAN NAT maps private local IP addresses to globally unique ones required for communication with hosts on other networks It replaces the original IP source address and TCP or UDP source port numbers for Many to One and Many to Many Overload NAT mapping in each packet and then forwards it to the Internet The Prestige keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored The following figure illustrates this NAT Table Inside Local Inside Global IP Address IP Address LAN 192 168 1 10 IGA 1 WAN 192 168 1 11 IGA 2 192 168 1 12 IGA 3 Computer IP 192 168 1 13 IGA 4 192 168 1 13 O H PASS 182 168 1 10 EE Computer IP 192 168 1 12 Computer IP 192 168 1 11 Inside Global Addresses IGA Inside Local Addresses ILA Computer IP 192 168 1 10 Figure 6 1 How NAT Works 6 2 NAT Prestige 645R A Series User s Guide 6 1 4 NAT Application The following figure illustrates a possible NAT application where three inside LANs logical LANs us
122. ew Password field up to 30 characters and press ENTER Step 4 Re type your new system password in the Retype to confirm field for confirmation and press ENTER EEE Note that as you type a password the screen displays an for each character you type Introducing the SMT 9 5 Prestige 645R A Series User s Guide Chapter 10 General Setup Menu 1 General Setup contains administrative and system related information 10 1 General Setup Menu 1 General Setup contains administrative and system related information shown next The System Name field is for identification purposes However because some ISPs check this name you should enter your computer s Computer Name e In Windows 95 98 click Start Settings Control Panel Network Click the Identification tab note the entry for the Computer name field and enter it as the Prestige System Name e In Windows 2000 click Start Settings Control Panel and then double click System Click the Network Identification tab and then the Properties button Note the entry for the Computer name field and enter it as the Prestige System Name e In Windows XP click start My Computer View system information and then click the Computer Name tab Note the entry in the Full computer name field and enter it as the Prestige System Name The Domain Name entry is what is propagated to the DHCP clients on the LAN If you leave this blank the domain name obtained by DHCP from the ISP
123. example there are 3 IGAs from our ISP There are many departments but two have their own FTP server All departments share the same router The example will reserve one IGA for each department with an FTP server and all departments use the other IGA Map the FTP servers to the first two IGAs and the other LAN traffic to the remaining IGA Map the third IGA to an inside web server and mail server Four rules need to be configured two bi directional and two uni directional as follows Rule 1 Map the first IGA to the first inside FTP server for FTP traffic in both directions 1 1 mapping giving both local and global IP addresses Rule 2 Map the second IGA to our second inside FTP server for FTP traffic in both directions 1 1 mapping giving both local and global IP addresses Rule 3 Map the other outgoing LAN traffic to IGA3 Many 1 mapping Rule 4 You also map your third IGA to the web server and mail server on the LAN Type Server allows you to specify multiple servers of different types to other computers behind NAT on the LAN The example situation looks somewhat like this Other Computers on the LAN Web Server y 192 168 1 21 Mapping Rules 1 FTP 1 lt gt IGA 1 Type 1 1 2 FTP 2 lt gt IGA 2 Type 1 1 3 Other LAN traffic gt IGA 3 Type M 1 Outgoing Traffic 4 IGA 3 gt Internal web server and mail server Incoming Traffic Prestige Mail Server 192 168 1 20 31GAs 10 132 5
124. f you have multiple public WAN IP addresses for your Prestige 6 3 SUA Server A SUA server set is a list of inside behind NAT on the LAN servers for example web or FTP that you can make visible to the outside world even though SUA makes your whole inside network appear as a single computer to the outside world You may enter a single port number or a range of port numbers to be forwarded and the local IP address of the desired server The port number identifies a service for example web service is on port 80 and FTP on port 21 In some cases such as for unknown services or where one server can support more than one service for example both FTP and web service it might be better to specify a range of port numbers You can allocate a server IP address that corresponds to a port or a range of ports Many residential broadband ISP accounts do not allow you to run any server processes such as a Web or FTP server from your location Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location If you are unsure refer to your ISP Default Server IP Address In addition to the servers for specified services NAT supports a default server IP address A default server receives packets from ports that are not specified in this screen If you do not assign a Default Server IP Address then all packets received for ports not specified in this screen will be discarded
125. g ere get pelo hec p terr ee e eee tpe etes 8 9 Figure 8 7 Firmware Upgrade seite edet GER Se SE eee efe eee e erit eed etes 8 11 Figure 8 8 Network Temporarily Disconpnected nono ee ee Re ee ee ran enne enne 8 12 Figure 8 9 Error Message scada AR RO O A ia 8 12 Figure 9 1 Logi creia ii 9 1 Figure 9 2 Prestige 645R A1 SMT Menu Overview nono SR GR ee GRA Ge conc Ge ek Gee Ge 9 2 Figure 9 3 SMT Main Meri nire iii 9 4 Figure 9 4 Menu 23 System Password eese eese Be esee teen nete etd eren He Gee EE enean Ge ee See tien 9 5 Figure 10 1 Men General Setup intende Docendi n beret es EEN eite 10 2 Figure 10 2 Menu 1 1 Configure Dynamic DNR 10 3 Figure 11 1 Menu 3 Ethernet Semp se ote de ee SE qu MO ek Me 11 1 xii List of Figures Prestige 645R A Series User s Guide Figure 11 2 Menu 3 1 General Ethernet Setup 11 1 Figure 11 3 Menu 3 2 TCP IP and DHCP Ethernet Setup essere 11 2 Figure 1251 Physical Network s eec la eg Re deet 12 2 Figure 12 2 Partitioned Logical Network 12 2 Figure 12 3 Menu 3 2 TCP IP and DHCP Sep 12 3 Figure 12 4 Menu 3 2 1 IP Alias Setup 12 3 Figure 12 5 Menu 1 General Setup 12 4 Figure 12 6 Menu 4 Internet Access Setup 12 5 Figure 13 1 Menu 11 Remote Node Setup 13 2 Figure 13 2 Menu 11 1 Remote Node Proble 13 3 Figure 13 3 Menu 11 3 Remote Node Network Layer Options sse 13 7 Figure 13 4 Sample IP Addresses for a TCP IP LAN to LAN Conmecton ee
126. ge 645R A Series User s Guide 4 Many to Many No Overload In Many to Many No Overload mode the Prestige maps each local IP address to a unique global IP address 5 Server This type allows you to specify inside servers of different services behind the NAT to be accessible to the outside world Port numbers do not change for One to One and Many to Many No Overload NAT mapping types The following table summarizes these types Table 6 2 NAT Mapping Types TYPE IP MAPPING SMT ABBREVIATION One to One ILA1 amp IGA1 1 1 Many to One SUA PAT ILA1 amp IGA1 ILA2 amp IGA1 M 1 Many to Many Overload ILA1 lt gt 3 IGA1 ILA2 gt IGA2 ILA3 amp IGA1 ILA4 amp gt IGA2 M M Ov Many to Many No Overload ILA1 IGA1 ILA2 amp IGA2 ILA3 amp IGA3 M M No OV Server Server 1 IP IGA1 Server 2 IP IGA1 Server 3 IP IGA1 Server 6 2 SUA Single User Account Versus NAT SUA Single User Account is a ZyNOS implementation of a subset of NAT that supports two types of mapping Many to One and Server The Prestige also supports Full Feature NAT to map multiple global IP addresses to multiple private LAN IP addresses of clients or servers using mapping types as outlined in Table 6 2 Prestige 645R A Series User s Guide 1 Choose SUA Only if you have just one public WAN IP address for your Prestige 2 Choose Full Feature i
127. gnment Dynamic Ethernet Addr Timeout min N A Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 My WAN Addr 0 0 0 0 NAT Full Feature Address Mapping Set 2 Metric 2 Private No RIP Direction None Version RIP 1 Multicast None IP Policies 3 4 5 6 Press ENTER to Confirm or ESC to Cancel Figure 13 3 Menu 11 3 Remote Node Network Layer Options The next table explains fields in Menu 11 3 Remote Node Network Layer Options Table 13 2 Menu 11 3 Remote Node Network Layer Options FIELD DESCRIPTION EXAMPLE IP Address Press SPACE BAR and then ENTER to select Dynamic if the remote Dynamic Assignment node is using a dynamically assigned IP address or Static if it is using a static fixed IP address You will only be able to configure this in the ISP node also the one you configure in menu 4 All other nodes are set to Static Rem IP Addr This is the IP address you entered in the previous menu Rem Subnet Type the subnet mask assigned to the remote node Mask My WAN Some implementations especially UNIX derivatives require separate IP Addr network numbers for the WAN and LAN links and each end to have a unique address within the WAN network number In that case type the IP address assigned to the WAN port of your Prestige Refers to local Prestige address not the remote router address Remote Node Configuration 13 7 Prestige 645R A Series User s Guide Table 1
128. gure 21 9 Applying IP Policies Example eese enne nennen rennen Ge Re ek inneren 21 9 Figure 22 1 Menu 26 Schedule Setup eie eee teet ee rete edit ler deiode a 22 1 Figure 22 2 Menu 26 1 Schedule Set Sep 22 2 Figure 22 3 Applying Schedule Set s to a Remote Node DPbot ese esse esse ese ee ee ee Re ee Re Re ee Re ee Re ee ee 22 4 List of Figures XV Prestige 645R A Series User s Guide List of Table Table 2 T Front Panel LED Descriptio nba 2 1 Table Il M 3 3 Table 4 1 Wizard Sere n EE 4 3 Table 4 2 Internet Connection with PPPOE seeren see see se ee ee ee ee ee Ee ede R nennen nennen ener ne nennen 4 7 Table 4 3 Internet Connection with RFC LAN 4 9 Table 4 4 Internet Connection with ENET ENCAP dococococonoconcconconnconnonnconconn nono ee ee ee ee ron ee ee ee Re ee Re ee Re ee Re Gee 4 10 Table 4 5 Internet Connection with PPPOA ee ee se se RR GRA GRA Re ee Ee Re Ge ron ee ee ee ee Re Ge Re Ge Re nennen 4 11 TOE E 5 4 Table 6 1 NAT Definitions inten a a e tao dia 6 1 Table 6 2 NAT Mapping TYDES iese ee ee ee enne nennen rennen Re GR Re GR ea nennen nes 6 4 Table 6 3 Services and Port Numbers sesse se se RR RA ra ee Ee ee ee Re GE Re GR Re ener nn Ga ee ee ee ee ee ee ee 6 6 ARMS ses Ee 6 8 Fable 6 5Edit SUA NAT Servet datosde ME e ERIGI pied 6 9 Table 6 6 Address Mapping Rules sees enne ne enne GE eren ener nenne 6 11 Table 6 7 Address Mapping Rule Ed 6 13 EI OD
129. haracters for example 00 A0 C5 00 00 02 8 4 Diagnostic Screens These read only screens display information to help you identify problems with the Prestige Click Diagnostic to display the following screen Diagnostic General General Diagnostics DSL Line DSL Line Diagnostics Figure 8 4 Diagnostic 8 4 1 Diagnostic General Screen Click Diagnostic and then General to open the screen shown next Maintenance 8 7 Prestige 645R A Series User s Guide Diagnostic General TCP IP Address Ping System Reset System Back Figure 8 5 Diagnostic General The following table describes the labels in this screen Table 8 4 Diagnostic General LABEL DESCRIPTION TCP IP Type the IP address of a computer that you want to ping in order to test a connection Address Ping Click this button to ping the IP address that you entered Reset Click this button to reboot the Prestige A warning dialog box is then displayed asking you if System you re sure you want to reboot the system Click OK to proceed 8 8 Maintenance Prestige 645R A Series User s Guide Table 8 4 Diagnostic General LABEL DESCRIPTION Back Click this button to go back to the main Diagnostic screen 8 4 2 Diagnostic DSL Line Screen Click Diagnostic and then DSL Line to open the screen shown next Diagnostic DSL Line Reset ADSL Line Upst
130. he ZyXEL link shown in this screen to test your Internet connection Internet access is just the beginning Refer to the rest of this User s Guide for more detailed information on the complete range of Prestige features If you cannot access the Internet open the web configurator again to confirm that the Internet settings you configured in the Wizard Setup are correct Also check your cable connections and restart the Prestige if necessary Congratulations Your Web Configurator Internet Access Configuration is done You should be able to access the Internet now You can try it by going to the ZyXEL home page at Figure 4 6 Wizard Screen 3 4 12 Wizard Setup LAN NAT and Dynamic DNS Part II LAN NAT and Dynamic DNS This part covers LAN Local Area Network setup NAT Network Address Translation and dynamic DNS Domain Name Sever i Prestige 645R A Series User s Guide Chapter 5 LAN Setup This chapter describes how to configure LAN settings 5 1 LAN Overview A Local Area Network LAN is a shared communication system to which many computers are attached A LAN is a computer network limited to the immediate area usually the same building or floor of a building The LAN screens can help you configure a LAN DHCP server and manage IP addresses 5 1 1 LANs WANS and the Prestige The actual physical connection determines whether the Prestige ports are LAN or WAN ports There a
131. here are more rules to check Figure 17 14 Menu 21 3 1 Sample Filter 17 16 Filter Configuration Prestige 645R A Series User s Guide Menu 21 3 Filter Rules Summary Filter Rules SA 0 0 0 0 DA 0 0 0 0 Enter Filter B4le Number 1 6 to Configure 1 This shows you that you have M N means an action can be taken immediately configured and activated A Y a The action is to drop the packet m D if the TCP IP filter rule Type IP Pr 6 action is matched and to forward the packet for destination telnet ports DP immediately n F if the action is not matched no 23 matter whether there are more rules to be checked there aren t in this example Figure 17 15 Menu 21 3 Sample Filter Rules Summary After you have created the filter set you must apply it Step 1 Enter 11 in the main menu to display menu 11 and type the remote node number to edit Step 2 Goto the Edit Filter Sets field press SPACE BAR to choose Yes and press ENTER Step 3 This brings you to menu 11 5 Apply the example filter set for example filter set 3 in this menu as shown in the next section 17 6 Applying Filters and Factory Defaults This section shows you where to apply the filter s after you design it them Sets of factory default filter rules have been configured in menu 21 but have not been applied to filter traffic Filter Configuration 17 17 Prestige 645R A Series User s Guide Table 17 5 Filter
132. ic IP address otherwise select Static IP Address and type your ISP assigned IP address in the IP Address text box below Subnet Mask Enter a subnet mask in dotted decimal notation Refer to the P Subnetting appendix to calculate a subnet mask If you are implementing subnetting ENET ENCAP You must specify a gateway IP address supplied by your ISP when you use ENET Gateway ENCAP in the Protocol field in the previous screen Back Click Back to go back to the first wizard screen Finish Click Finish to save the settings and proceed to the next wizard screen 4 10 4 PPPoA Select PPPoA from the Encapsulation drop down list box in the first wizard screen to display the screen as shown 4 10 Wizard Setup Prestige 645R A Series User s Guide Wizard Setup ISP Parameters for Internet Access User Name username Password e IP Address Obtain an IP Address Automtically C Static IP Address 0 0 0 0 Connection Connect on Demand Max Idle Time o Sec C Nailed Up Connection Back Finish Figure 4 5 Internet Connection with PPPoA The following table describes the labels in this screen Table 4 5 Internet Connection with PPPoA LABEL DESCRIPTION User Name Enter the user name exactly as your ISP assigned If assigned a name in the form user domain where domain identifies a service name then enter both components exactly as given Password Enter the password as
133. idging is enabled your Prestige will forward any packet that it does not route to this remote node otherwise the packets are discarded Select Yes to enable and No to disable No Edit IP Bridge Press SPACE BAR to select Yes and press ENTER to display Menu 11 3 Remote Node Network Layer Options No Edit ATM Options Press SPACE BAR to select Yes and press ENTER to display Menu 11 6 Remote Node ATM Layer Options No Telco Option Allocated Budget min This sets a ceiling for outgoing call time for this remote node The default for this field is O meaning no budget control Period hr This field is the time period that the budget should be reset For example if we are allowed to call this remote node for a maximum of 10 minutes every hour then the Allocated Budget is 10 minutes and the Period hr is 1 hour 13 4 Remote Node Configuration Prestige 645R A Series User s Guide Table 13 1 Menu 11 1 Remote Node Profile FIELD DESCRIPTION EXAMPLE Schedule Sets This field is only applicable for PPPoE and PPPoA encapsulation You can apply up to four schedule sets here For more details please refer to the Call Scheduling chapter Nailed up This field is only applicable for PPPoE and PPPoA encapsulation Connection This field specifies if you want to make the connection to this remote node a nailed up connection Session Options Edit Fi
134. ies User s Guide Step 1 Create a routing policy set in menu 25 Step 2 Create a rule for this set in Menu 25 1 1 IP Routing Policy as shown next Menu 25 1 1 IP Routing Policy Policy Set Name setl Active Yes Criteria IP Protocol 6 Type of Service Don t Care Packet length 10 Precedence Don t Care Len Comp N A Source addr start 192 168 1 2 end 192 168 1 64 port start 0 end N A Destination addr start 0 0 0 0 end N A port start 80 end 80 Action Matched Gateway addr Type of Service Precedence 192 168 1 1 Log No No Change No Change Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 21 7 IP Routing Policy Example Step 3 Check Menu 25 1 IP Routing Policy Setup to see if the rule is added correctly Step 4 Create another policy set in menu 25 Step 5 Create a rule in menu 25 1 for this set to route packets from any host IP 0 0 0 0 means any host with protocol TCP and port FTP access through another gateway 192 168 1 100 21 8 IP Policy Routing Prestige 645R A Series User s Guide Menu 25 1 1 IP Routing Policy Policy Set Name set2 Active Yes Criteria IP Protocol 6 Type of Service Don t Care Precedence Don t Care Source addr start 0 0 0 0 port start 0 Destination addr start 0 0 0 0 port start 20 Action Matched Gateway addr 192 168 1 100 Type of Service No Change Precedence No Change Packet length 10 Len Comp N A N
135. information Table 6 1 NAT Definitions ITEM DESCRIPTION Inside This refers to the host on the LAN Outside This refers to the host on the WAN Local This refers to the packet address source or destination as the packet travels on the LAN Global This refers to the packet address source or destination as the packet travels on the WAN NAT never changes the IP address either local or global of an outside host 6 1 2 What NAT Does In the simplest form NAT changes the source IP address in a packet received from a subscriber the inside local address to another the inside global address before forwarding the packet to the WAN side When the response comes back NAT translates the destination address the inside global address back to the inside NAT 6 1 Prestige 645R A Series User s Guide local address before forwarding it to the original inside host Note that the IP address either local or global of an outside host is never changed The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP In addition you can designate servers for example a web server and a telnet server on your local network and make them accessible to the outside world With no servers defined your Prestige filters out all incoming inquiries thus preventing intruders from probing your network For more information on IP address translation refer to RFC 1631 The IP N
136. ing IP Alias behind the Prestige can communicate with three distinct WAN networks More examples follow at the end of this chapter LAN1 192 168 1 X Network Server Server in Admin 192 168 1 1 Admin Network a PC2 PC3 IP 1 IGA 1 Corporation A PC3 PC2 NT Server 192 168 1 1 Corporation B PC1 PC2 PC2 Server in i Sales Network po INTERNET A Sales Netwo LAN2 192 168 2 X Pc3 TT ARV PS Network Server O9 Ju EE 00 Sales 192 168 2 1 NT Server PC4 192 168 2 1 PC4 PC Server in R amp D Network NT Servel zIP 3 IGA 3 LAN3 192 168 3 X 192 168 3 1 Network Server R amp D 192 168 3 1 d WAN Addresses LAN Addresses Default IP s 192 168 1 1 Pen re gt 192 168 2 1 gt 192 168 3 1 Figure 6 2 NAT Application With IP Alias 6 1 5 NAT Mapping Types NAT supports five types of IP port mapping They are 1 One to One In One to One mode the Prestige maps one local IP address to one global IP address 2 Many to One In Many to One mode the Prestige maps multiple local IP addresses to one global IP address This is equivalent to SUA for instance PAT port address translation ZyXEL s Single User Account feature that previous ZyXEL routers supported the SUA Only option in today s routers 3 Many to Many Overload In Many to Many Overload mode the Prestige maps the multiple local IP addresses to shared global IP addresses NAT 6 3 Presti
137. ion Both IP addresses of Version RIP 1 the DNS Multicast None servers IP Policies Edit IP Alias No Press ENTER to Confirm or ESC to Cancel This is the IP address of the Prestige Press Space Bar to Toggle Figure 11 3 Menu 3 2 TCP IP and DHCP Ethernet Setup Follow the instructions in the following table on how to configure the DHCP fields 11 2 Ethernet Setup Prestige 645R A Series User s Guide Table 11 1 DHCP Ethernet Setup Menu Fields FIELD DESCRIPTION EXAMPLE DHCP Setup DHCP f set to Server your Prestige can assign IP addresses an IP default gateway and DNS servers to Windows 95 Windows NT and other S systems that support the DHCP client pudo If set to None the DHCP server will be disabled default If set to Relay the Prestige acts as a surrogate DHCP server and relays DHCP requests and responses between the remote server and the clients Enter the IP address of the actual remote DHCP server in the Remote DHCP Server in this case When DHCP is used the following items need to be set Client IP Pool Starting This field specifies the first of the contiguous addresses in the IP 192 168 1 33 Address address pool Size of Client IP Pool This field specifies the size or count of the IP address pool 32 Primary DNS Server Secondary DNS Server Enter the IP addresses of the DNS servers The DNS servers are passed to the DHCP clients along with the IP address and
138. ion to manage and monitor the Prestige through the network The Prestige supports SNMP version one SNMPv1 and version two c SNMPv2c The next figure illustrates an SNMP management operation SNMP is only available if TCP IP is configured MANAGER AGENT AGENT Managed Device Managed Device Managed Device Figure 18 1 SNMP Management Model An SNMP managed network consists of two main components agents and a manager SNMP Configuration 18 1 Prestige 645R A Series User s Guide An agent is a management software module that resides in a managed device the Prestige An agent translates the local management information from the managed device into a form compatible with SNMP The manager is the console through which network administrators perform network management functions It executes applications that control and monitor managed devices The managed devices contain object variables managed objects that define each piece of information to be collected about a device Examples of variables include the number of packets received node port status etc A Management Information Base MIB is a collection of managed objects SNMP allows a manager and agents to communicate for the purpose of accessing these objects SNMP itself is a simple request response protocol based on the manager agent model The manager issues a request and the agent returns responses using the following protocol operations e Get Allo
139. is used While you must enter the host name System Name on each individual computer the domain name can be assigned from the Prestige via DHCP 10 2 Configuring Menu 1 Enter 1 in the Main Menu to open Menu 1 General Setup shown next General Setup 10 1 Prestige 645R A Series User s Guide Menu 1 General Setup System Name P645R Al Location Contact Person s Name Domain Name Edit Dynamic DNS No Route IP Yes Bridge No Press ENTER to Confirm or ESC to Cancel Figure 10 1 Menu 1 General Setup Fill in the required fields Refer to the table shown next for more information about these fields Table 10 1 Menu 1 General Setup FIELD DESCRIPTION EXAMPLE System Name Enter a descriptive name for identification purposes This name can be P645R A1 up to 30 alphanumeric characters long Spaces are not allowed but dashes and underscores _ are accepted Location optional Enter the geographic location up to 31 characters of your Prestige MyHouse Contact Person s Enter the name up to 30 characters of the person in charge of this JohnDoe Name optional Prestige Domain Name Enter the domain name if you know it here If you leave this field blank the ISP may assign a domain name via DHCP You can go to menu 24 8 and type sys domainname to see the current domain name used by your gateway If you want to clear this field just press the SPACE BAR The do
140. ive such as e mail Cell Rate Cell rate configuration often helps eliminate traffic congestion that slows transmission of real time data such as audio and video connections Peak Cell Rate Divide the DSL line rate bps by 424 the size of an ATM cell to find the Peak Cell Rate PCR This is the maximum rate at which the sender can send cells Type the PCR here Sustain Cell Rate The Sustain Cell Rate SCR sets the average cell rate long term that can be transmitted Type the SCR which must be less than the PCR Maximum Burst Size Maximum Burst Size MBS refers to the maximum number of cells that can be sent at the peak rate Type the MBS which is less than 65535 Next Click this button to go to the next wizard screen The next wizard screen you see depends on what protocol you chose above Click on the protocol link to see the next wizard screen for that protocol 4 6 IP Address and Subnet Mask Similar to the way houses on a street share a common street name so too do computers on a LAN share one common network number Where you obtain your network number depends on your particular situation If the ISP or your network administrator assigns you a block of registered IP addresses follow their instructions in selecting the IP addresses and the subnet mask If the ISP did not explicitly give you an IP network number then most likely you have a single user account and the ISP will assign
141. k into different logical networks over the same Ethernet interface The Prestige supports three logical LAN interfaces via its single physical Ethernet interface with the Prestige itself as the gateway for each LAN network Internet Access 12 1 Prestige 645R A Series User s Guide Prestige Ethernet LAN 1 IP Address Menu 3 2 Interface LAN 2 IP Alias 1 Menu 3 2 1 LAN 3 IP alias 2 Menu 3 2 1 Figure 12 1 Physical Network Figure 12 2 Partitioned Logical Networks Use menu 3 2 1 to configure IP Alias on your Prestige 12 4 IP Alias Setup Use menu 3 2 to configure the first network Move the cursor to Edit IP Alias field and press SPACEBAR to choose Yes and press ENTER to configure the second and third network 12 2 Internet Access Prestige 645R A Series User s Guide Menu 3 2 TCP IP and DHCP Setup DHCP Setup DHCP Server Client IP Pool Starting Addres 192 168 1 33 Size of Client IP Pool 32 Primary DNS Server 0 0 0 0 Secondary DNS Server 0 0 0 0 Remote DHCP Server N A TCP IP Setup IP Address 192 168 1 1 IP Subnet Mask 255 255 255 0 RIP Direction None Version N A Multicast None IP Policies Edit IP Alias Yes Press ENTER to confirm or ESC to Cancel Press Space Bar to Toggle Figure 12 3 Menu 3 2 TCP IP and DHCP Setup Pressing ENTER displays Menu 3 2 1 IP Alias Setup as shown next Menu 3 2 1 IP Alias Setup IP Alias 1 Yes P Address 192 168 1 1 P Sub
142. ks do etr e E ede nete iste il ge gereg i ERGE 1 1 1 3 Applications for the Prestige enne nennen enne nnne 1 3 1 3 1 Internet ACCOSS 4 AE RR EE e aei edlen ep ii 1 3 1 3 2 LAN to LAN Application ee ee ee ee Re Re RR RA GRA ennt nnne nnne trennen nnne 1 4 Chapter 2 Hardware Installation ees ssse es sees esse es sees see BEG Ee EE BEG Ee BEG Ee Be Ge Ee BEG sets se BEG Ge EE BEG EE Ge Ee Gee 2 1 2 1 Front Panel LEDs of the Dresnge ee ee ee ee ee ee ee ee ee nnne ee Re ee ee 2 1 2 2 Rear Panel and Connections ee ee ee ee Re RR RR GRA GRA GRA Re Re Ee ee ee ee Re ee Re ee Re ee Re RA nnns 2 2 2 2 1 EE GE 2 3 222 One Auto crossover LAN 10 100M Pont 2 3 2 23 Using the Reset Button 2 3 2 2 4 Making the Connections 4 esie terii rer rt HH hee Ee Herd 2 3 2 3 Additional Installation Requirement sees ener enne 2 4 24 T rning On Your Prestige cs usce adenda 2 4 Chapter 3 Introducing the Web Configurator eee eee esee SG SEE SEE Bee Bee Be ee Ee Ee Ee enne ense See ee 3 1 3 1 Web Configurator Ovetview sese etti esee tetris eher ee eden reed ee ee 3 1 3 2 Accessing the Prestige Web Configurator eene nnne 3 1 3 3 Navigating the Prestige Web Configurator esse ese ee se Re RR Re GR Re GRA ene 3 2 34 Configuring EE EE 3 3 3 5 Resetting the oo EE dieere ee EE eet eee e EE E ded 3 4 3 5 1 Using The Reset BUHOT cede id 3 4 Chapter 4 Wizard Setup idee tener pese siot ede eo ide e
143. lation and VC based multiplexing 13 2 Remote Node Configuration Prestige 645R A Series User s Guide Menu 11 1 Remote Node Profile Rem Node Name MyISP Active Yes Encapsulation ENET ENCAP Multiplexing LLC based Service Name N A Incoming Rem Login N A Rem Password N A Outgoing My Login N A My Password N A Authen N A Edit IP Bridge Options Router TE in menu 11 3 Bridge No Edit IP Bridge No Edit ATM Options No Edit ATM Options in Telco Option Allocated Budget min N A menu 11 6 Period hr N A Schedule Sets N A Nailed Up Connection N A Session Options A nmm E Edit EE Edit Filter Sets in Idle Timeout sec N A Press ENTER to Confirm or ESC to Cancel Figure 13 2 Menu 11 1 Remote Node Profile In Menu 11 1 Remote Node Profile fill in the fields as described in the following table Table 13 1 Menu 11 1 Remote Node Profile menu 11 5 FIELD DESCRIPTION EXAMPLE Rem Node Name Type a unique descriptive name of up to eight characters for this node MyISP Active Press SPACE BAR and then ENTER to select Yes to activate or No to deactivate this node Inactive nodes are displayed with a minus sign in SMT menu 11 Yes Encapsulation PPPOA refers to RFC 2364 PPP Encapsulation over ATM Adaptation Layer 5 If RFC 1483 Multiprotocol Encapsulation over ATM Adaptation Layer 5 of ENET ENCAP are selected then the Rem Logi
144. ld is from O to 255 default Length Type the byte count of the data portion in the packet that you want to 0 compare The range for this field is O to 8 default Mask Type the mask in Hexadecimal to apply to the data portion before comparison Value Type the value in Hexadecimal to compare with the data portion More If Yes a matching packet is passed to the next filter rule before an action No is taken or else the packet is disposed of according to the action fields default If More is Yes then Action Matched and Action Not Matched will be N A Log Select the logging option from the following None No packets will be logged None Action Matched Only matching packets and rules will be logged Action Not Matched Only packets that do not match the rule parameters will be logged Both All packets will be logged Action Select the action for a matching packet Choices are Check Next Rule Check Next Matched Forward or Drop Rule default Action Not Select the action for a packet not matching the rule Choices are Check Check Next Matched Next Rule Forward or Drop Rule default When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen Filter Configuration 17 13 Prestige 645R A Series User s Guide 17 4 Filter Types and NAT There are two classes of filter rules Ge
145. le otn e Sb E Uh or t NR OR dene oi E 17 12 17 4 Filter Types and NAT ees ee ee ee Re GR RR GR Re enne enne nnne nennen tren trennen ener 17 14 1725 Example Filter eege eerste E ER ee se 17 14 17 6 Applying Filters and Factory Defaults sse 17 17 17 61 3iBthermet Lati ono roe rere EU ertet E OR E te Pe E 17 18 14 62 Remote Node Filters 52 nr ee e eerte ett me ene t 17 18 Chapter 18 SNMP Configuration see see sees eee eese Be Ee seen Ee Ee tnnt netu neto setas tasto seta seta Ee ee senses nano 18 1 IC WE ie ee GE E rre enr OP Pr eter ehe ire ir 18 1 18 2 Supported AS UR OE eee ec rte ERR EE ENG 18 2 183 SNMP Configur tion ENEE 18 2 184 SNMP Traps EE RE EE N GEEN ERE NEEN EENE E ENE 18 4 Chapter 19 System Information and DiagnoOSiS s sees sees se esse esse ese ee Ee EE SG SEE BRA Be SEE Re Bee Bee Be ee ee ee 19 1 19 1 System Maintenance Overview se ee ee AR AR RR AR AR AR Ee ee ee ee ee Re GE Re GR Re GR Re GRA GR ee Re ee 19 1 IDE ENE ER EE EE OR EE OO EE OE OO 19 1 19 3 System Information cesse tiri eH e HR TRE e eb eiit 19 3 19 3 1 System Informations usce tete dec e des de eee ehe eben 19 3 19 32 Console Port Speed x eS Re edet edet itte de rictu 19 5 19 4 Fog and T tace sere SOR eee een ES es 19 5 19 41 Viewing Ertot D09 5 A d EET ES eee 19 5 19 42 Syslog ahd Accounting tes EE Ae ee ed Bim RR Di ee vn 19 6 19 5 JDiagnoStie EE oe LN BERN CR I E EE INA a EE 19 8
146. left as 0 0 0 0 the Prestige tells the DHCP clients that it itself is the DNS server When a computer sends a DNS query to the Prestige the Prestige forwards the query to the real DNS server learned through IPCP and relays the response back to the computer Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions It does not mean you can leave the DNS servers out of the DHCP setup under all circumstances If your ISP gives you explicit DNS servers make sure that you enter their IP addresses in the DHCP Setup menu This way the Prestige can pass the DNS servers to the computers and the computers can query the DNS server directly without the Prestige s intervention 5 3 DNS Server Address Assignment Use DNS Domain Name System to map a domain name to its corresponding IP address and vice versa The DNS server is extremely important because without it you must know the IP address of a computer before you can access it There are two ways that an ISP disseminates the DNS server addresses 1 The ISP tells you the DNS server addresses usually in the form of an information sheet when you sign up If your ISP gives you DNS server addresses enter them in the DNS Server fields in DHCP Setup 2 Leave the DNS Server fields in DHCP Setup blank for example 0 0 0 0 The Prestige acts as a DNS proxy when this field is blank 5 4 LAN TCP IP The Prestige has built in DHCP server capability that assigns IP addresses a
147. les Summare eese 17 5 Figure 17 7 PPPoE Filter Rules Summary sis uses icti ettet aii 17 6 Figure 17 8 FTP WAN Filter Rules Summara eese nennen nennen nre nennen nnne 17 6 Figuie 17 9 Meni 2 x 1 TCP IP Filter Rule morte rrr nee eri epe teens 17 8 Figure 17 10 Exec ting an IP Filter ette ede ie eed RT Re 17 11 Figure 17 11 Menu 21 6 1 Generic Filter Rule 17 12 Figure 17 12 Protocol and Device Filter Setz 17 14 Figure 17 13 Sample Telnet Filters ii 17 15 Figure 17 14 Menu 21 3 1 OUER 17 16 Figure 17 15 Menu 21 3 Sample Filter Rules Summary essere 17 17 Figure 17 16 Filtering Ethernet WK ER 17 18 Figure 17 17 Filtering Remote Node Traffic 17 19 Figure 18 1 SNMP Management Model 18 1 Figure 18 2 Menu 22 SNMP Configuration eese enne ener nono none nn nan GR ee entente nennen 18 3 Figure 19 1 Menu 24 System Maintenance eene eene enne innen AR Ge rennen 19 1 Figure 19 2 Menu 24 1 System Maintenance Status eise see see Ge GR ee RA Ge AR Ge Re GR ee GRA Ge RR Ge Re ek ee 19 2 Figure 19 3 Menu 24 2 System Information and Console Port Speed 19 3 Figure 19 4 Menu 24 2 1 System Maintenance Information essent eene 19 4 Figure 19 5 Menu 24 2 2 System Maintenance Change Console Port Speed sss 19 5 Figure 19 6 Menu 24 3 System Maintenance Log and Trace sssesseeeeeeeeeeeree 19 5 Figure 19 7 Sample Error and Information Messages 19 6 Figure 19 8 Menu 24 3 2 System Maintenance UNIX
148. low cost paths for batch traffic e Load Sharing Network administrators can use IPPR to distribute traffic among multiple paths 21 3 Routing Policy Individual routing policies are used as part of the overall IPPR process A policy defines the matching criteria and the action to take when a packet meets the criteria The action is taken only when all the criteria are met The criteria includes the source address and port IP protocol ICMP UDP TCP etc destination address and port TOS and precedence fields in the IP header and length The inclusion of length criterion is to differentiate between interactive and bulk traffic Interactive applications for example telnet tend to have short packets while bulk traffic for example file transfer tends to have large packets The actions that can be taken include e routing the packet to a different gateway and hence the outgoing interface e setting the TOS and precedence fields in the IP header IP Policy Routing 21 1 Prestige 645R A Series User s Guide IPPR follows the existing packet filtering facility of RAS in style and in implementation The policies are divided into sets where related policies are grouped together A user defines the policies before applying them to an interface or a remote node in the same fashion as the filters There are 12 policy sets with six policies in each set 21 4 IP Routing Policy Setup Menu 25 shows all the policies defined Me
149. lter Sets Use SPACE BAR to choose Yes and press ENTER to open menu No 11 5 to edit the filter sets See the Remote Node Filter section for default more details Idle Timeout sec Type the number of seconds 0 9999 that can elapse when the Prestige is idle there is no traffic going to the remote node before the Prestige automatically disconnects the remote node 0 means that the session will not timeout When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 13 2 3 Outgoing Authentication Protocol For obvious reasons you should employ the strongest authentication protocol possible However some vendors implementation includes specific authentication protocol in the user profile It will disconnect if the negotiated protocol is different from that in the user profile even when the negotiated protocol is stronger than specified If the peer disconnects right after a successful authentication make sure that you specify the correct authentication protocol when connecting to such an implementation 13 3 Metric The metric represents the cost of transmission A router determines the best route for transmission by choosing a path with the lowest cost RIP routing uses hop count as the measurement of cost with a minimum of 1 for directly connected networks The number m
150. main name entered by you is given priority over the ISP assigned domain name zyxel com tw Edit Dynamic DNS Press the SPACE BAR to select Yes or No default Select Yes to No configure Menu 1 1 Configure Dynamic DNS discussed next Route IP Set this field to Yes to enable or No to disable IP routing You must Yes enable IP routing for Internet access Bridge Turn on off bridging for protocols not supported for example SNA or No not turned on in the previous Route IP field Select Yes to turn bridging on select No to turn bridging off 10 2 General Setup Prestige 645R A Series User s Guide 10 2 1 Configuring Dynamic DNS If you have a private WAN IP address then you cannot use Dynamic DNS To configure Dynamic DNS go to Menu 1 General Setup and select Yes in the Edit Dynamic DNS field Press ENTER to display Menu 1 1 Configure Dynamic DNS as shown next Menu 1 1 Configure Dynamic DNS Service Provider WWW DynDNS ORG Active Yes Host me ddns org EMAIL mail mailserver USER username Password ckckckckckckck kk Enable Wildcard No Press ENTER to confirm or ESC to cancel Figure 10 2 Menu 1 1 Configure Dynamic DNS Follow the instructions in the next table to configure Dynamic DNS parameters Table 10 2 Menu 1 1 Configure Dynamic DNS FIELD DESCRIPTION EXAMPLE Service Provider This is the name of your Dynamic DNS service p
151. mber RMA Products must be returned Postage Prepaid It is recommended that the unit be insured when shipped Any returned products without proof of purchase or those with an out dated warranty will be repaired or replaced at the discretion of ZyXEL and the customer will be billed for parts and labor All repaired or replaced products will be shipped by ZyXEL to the corresponding return address Postage Paid This warranty gives you specific legal rights and you may also have other rights that vary from country to country Safety Warnings 1 To reduce the risk of fire use only No 26 AWG or larger telephone wire 2 Do not use this product near water for example in a wet basement or near a swimming pool 3 Avoid using this product during an electrical storm There may be a remote risk of electric shock from lightening iv ZyXEL Warranty Prestige 645R A Series User s Guide Customer Support Please have the following information ready when you contact customer support Product model and serial number Warranty Information Date that you received your device Brief description of the problem and the steps you took to solve it E MAIL TELEPHONE FAX WEB SITE FTP SITE REGULAR MAIL SUPPORT SALES WORLDWIDE support zyxel com tw 886 3 578 3942 www zyxel com ZyXEL Communications Corp 6 Innovation Road ll Science www europe zyxel com Based Industrial Park Hsinchu 300 Taiwan sales zyxel com tw 886 3 578 2439 ftp europ
152. ments field for example TELNET WAN and press ENTER Filter Configuration 17 15 Prestige 645R A Series User s Guide Step 4 Press ENTER at the message Press ENTER to confirm or ESC to cancel to open Menu 21 3 Filter Rules Summary Step 5 Type 1 to configure the first filter rule Make the entries in this menu as shown next When you press ENTER to confirm the following screen appears Note that there is only one filter rule in this set Menu 21 3 1 TCP IP Filter Rule Press SPACE BAR to choose this Filter 3 1 filter rule type The first filter rule Filter Type TEMIR Filter RUIE type determines all subsequent filter Active Yes IP Protocol 6 types within a set Destination Wee Port 23 Port Comp Source IP Addr 0 0 0 0 IP Mask 0 0 0 Port Port Comp Hqual TCP Estab No Actioy Matched Prop Actign Not Match d Forward Pyess ENTER to Select Yes to make the rule active The port number for the telnet There are no service TCP protocol is 23 See more rules to Select Equal here RFC 1060 for port numbers of well check as we are looking known services for packets going Select Drop here so that the to port 23 only packet will be dropped if its destination is the telnet port Select Forward here so that the packet will be forwarded if its destination is not the telnet port and there are no more rules in this filter set to check Select Next if t
153. mputer equipped with a web browser with JavaScript enabled and or Telnet Hardware Installation 2 3 Prestige 645R A Series User s Guide 2 4 Turning On Your Prestige At this point you should have connected the DSL line the LAN port and the power port to the appropriate devices or lines Push in the power button located on the back of your Prestige to turn on your Prestige 2 4 Hardware Installation Prestige 645R A Series User s Guide 3 1 Chapter 3 Introducing the Web Configurator This chapter describes how to access and navigate the web configurator Web Configurator Overview The embedded web configurator allows you to manage the Prestige from anywhere through a browser such as Microsoft Internet Explorer or Netscape Navigator Use Internet Explorer 6 0 and later or Netscape Navigator 7 0 and later versions with JavaScript enabled It is recommended that you set your screen resolution to 1024 by 768 pixels 3 2 Accessing the Prestige Web Configurator Step 1 Step 2 Step 3 Step 4 Step 5 Make sure your Prestige hardware is properly connected refer to the Read Me First or the Hardware Installation chapter Prepare your computer computer network to connect to the Prestige refer to the Read Me First Launch your web browser Type 192 168 1 1 as the URL An Enter Network Password window displays Enter the user name admin is the default password 1234 is the default and click OK
154. n NAT RFC 1631 is the translation of the IP address of a host in a packet for example the source address of an outgoing packet used within one network to a different IP address known within another network 4 10 Wizard Setup Configuration Second Screen The second wizard screen varies depending on what protocol you use All screens shown are with routing mode Configure the fields and click Next to continue 4 6 Wizard Setup Prestige 645R A Series User s Guide 4 10 1 PPPoE Select PPPoE from the Protocol drop down list box in the first wizard screen to display the screen as shown Wizard Setup ISP Parameters for Internet Access Service Name Any User Name lusemame Password pus IP Address amp Obtain an IP Address Automtically C Static IP Address 0 0 0 0 Connection Connect on Demand Max Idle Time o Sec C Nailed Up Connection Back Finish Figure 4 2 Internet Connection with PPPoE The following table describes the labels in this screen Table 4 2 Internet Connection with PPPoE LABEL DESCRIPTION Service Name Type the name of your PPPoE service here User Name Configure User Name and Password fields for PPPoA and PPPoE encapsulation only Enter the user name exactly as your ISP assigned If assigned a name in the form user domain where domain identifies a service name then enter both components exactly as given Password Enter the password associated with the
155. n Edit Select Rule Press ENTER to Confirm or ESC to Cancel Figure 16 21 Example 4 Menu 15 1 1 Address Mapping Rules 16 18 NAT SMT Advanced Management Part V SMT Advanced Management This part discusses filtering setup SNMP system information and diagnosis firmware and configuration file maintenance system maintenance remote management IP policy routing and call scheduling See the web configurator parts of this guide for background information on features configurable by web configurator and SMT Prestige 645R A Series User s Guide Chapter 17 Filter Configuration This chapter shows you how to create and apply filters 17 1 About Filtering Y our Prestige uses filters to decide whether or not to allow passage of a data packet and or to make a call There are two types of filter applications data filtering and call filtering Filters are subdivided into device and protocol filters which are discussed later Data filtering screens data to determine if the packet should be allowed to pass Data filters are divided into incoming and outgoing filters depending on the direction of the packet relative to a port Data filtering can be applied on either the WAN side or the Ethernet side Call filtering is used to determine if a packet should be allowed to trigger a call Outgoing packets must undergo data filtering before they encounter call filtering Call filters are divided into
156. n Rem Password My Login My Password and Authen fields are not applicable N A ENET ENCAP Multiplexing Press SPACE BAR and then ENTER to select the method of multiplexing that your ISP uses either VC based or LLC based LLC based Service Name When using PPPoE encapsulation type the name of your PPPoE service here N A Incoming Remote Node Configuration 13 3 Prestige 645R A Series User s Guide Table 13 1 Menu 11 1 Remote Node Profile FIELD DESCRIPTION EXAMPLE Rem Login Type the login name that this remote node will use to call your Prestige The login name and the Rem Password will be used to authenticate this node Rem Password Type the password used when this remote node calls your Prestige Outgoing My Login Type the login name assigned by your ISP when the Prestige calls this remote node My Password Type the password assigned by your ISP when the Prestige calls this remote node Authen This field sets the authentication protocol used for outgoing calls Options for this field are CHAP PAP Your Prestige will accept either CHAP or PAP when requested by this remote node CHAP accept CHAP Challenge Handshake Authentication Protocol only PAP accept PAP Password Authentication Protocol only Route This field determines the protocol used in routing Options are IP and None Bridge When br
157. n file on your computer config rom to the Prestige and renames it rom 0 Likewise get rom 0 config rom transfers the configuration file on the Prestige to your computer and renames it config rom See earlier in this chapter for more information on filename conventions Step 7 Enter quit to exit the ftp prompt The Prestige automatically restarts after a successful file upload 20 4 4 FTP Session Example of Firmware File Upload 331 Enter PASS command Password 230 Logged in ftp gt bin 200 Type I OK ftp gt put firmware bin ras 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp 1103936 bytes sent in 1 10Seconds 297 89Kbytes sec ftp quit Figure 20 7 FTP Session Example of Firmware File Upload More commands found in GUI based FTP clients are listed earlier in this chapter Refer to section 20 2 5 to read about configurations that disallow TFTP and FTP over WAN 20 4 5 TFTP File Upload The Prestige also supports the uploading of firmware files using TFTP Trivial File Transfer Protocol over LAN Although TFTP should work over WAN as well it is not recommended To use TFTP your computer must have both telnet and TFTP clients To transfer the firmware and the configuration file follow the procedure shown next 20 10 Firmware and Configuration File Maintenance Prestige 645R A Series User s Guide Step 1 Use telnet from your computer
158. nd DNS servers to systems that support DHCP client capability 5 4 1 Factory LAN Defaults The LAN parameters of the Prestige are preset in the factory with the following values gt IP address of 192 168 1 1 with subnet mask of 255 255 255 0 24 bits gt DHCP server enabled with 32 client IP addresses starting from 192 168 1 33 5 2 LAN Setup Prestige 645R A Series User s Guide These parameters should work for the majority of installations If your ISP gives you explicit DNS server address es read the embedded web configurator help regarding what fields need to be configured 5 4 2 IP Address and Subnet Mask Refer to the JP Address and Subnet Mask section in the Wizard Setup chapter for this information 5 4 3 RIP Setup RIP Routing Information Protocol allows a router to exchange routing information with other routers The RIP Direction field controls the sending and receiving of RIP packets When set to 1 Both the Prestige will broadcast its routing table periodically and incorporate the RIP information that it receives 2 n Only the Prestige will not send any RIP packets but will accept all RIP packets received 3 Out Only the Prestige will send out RIP packets but will not accept any RIP packets received 4 None the Prestige will not send any RIP packets and will ignore any RIP packets received The Version field controls the format and the broadcasting method of the RIP packets that the Prestige sends it
159. ndix tells you how to install a POTS splitter or a telephone microfilter Connecting a POTS Splitter When you use the Full Rate G dmt ADSL standard you can use a POTS Plain Old Telephone Service splitter to separate the telephone and ADSL signals This allows simultaneous Internet access and telephone service on the same line A splitter also eliminates the destructive interference conditions caused by telephone sets Install the POTS splitter at the point where the telephone line enters your residence as shown in the following figure Wall Jack Diagram F 1 Connecting a POTS Splitter Step 1 Connect the side labeled Phone to your telephone Step 2 Connect the side labeled Modem to your Prestige Step 3 Connect the side labeled Line to the telephone wall jack Telephone Microfilters Telephone voice transmissions take place in the lower frequency range 0 4KHz while ADSL transmissions take place in the higher bandwidth range above 4KHz A microfilter acts as a low pass filter for your telephone to ensure that ADSL transmissions do not interfere with your telephone voice transmissions The use of a telephone microfilter is optional Step 1 Connect a phone cable from the wall jack to the single jack end of the Y Connector Splitters and Microfilters F 1 Prestige 645R A Series User s Guide Step 2 Connect a cable from the double jack end of the Y Connector to the wall side of
160. neric Filter Device rules and Protocol Filter TCP IP rules Generic Filter rules act on the raw data from to LAN and WAN Protocol Filter rules act on IP packets When NAT Network Address Translation is enabled the inside IP address and port number are replaced on a connection by connection basis which makes it impossible to know the exact address and port on the wire Therefore the Prestige applies the protocol filters to the native IP address and port number before NAT for outgoing packets and after NAT for incoming packets On the other hand the generic or device filters are applied to the raw packets that appear on the wire They are applied at the point where the Prestige is receiving and sending the packets for instance the interface The interface can be an Ethernet or any other hardware port The following figure illustrates this Figure 17 12 Protocol and Device Filter Sets 17 5 Example Filter Let s look at an example to block outside users from telnetting into the Prestige 17 14 Filter Configuration Prestige 645R A Series User s Guide Your LAN Prestige X User trying to telnet lt into the Prestige Incoming Traffic Filter Figure 17 13 Sample Telnet Filter Step 1 Enter 21 in the main menu to display Menu 21 Filter Set Configuration Step 2 Enter the index number of the filter set you want to configure in this case 3 Step 3 Type a descriptive name or comment in the Edit Com
161. net Mask 255 255 255 0 RIP Direction None Version RIP 1 ncoming protocol filters N A Outgoing protocol filters N A IP Alias 2 No P Address N A P Subnet Mask N A RIP Direction N A Version N A ncoming protocol filters N A Outgoing protocol filters N A Enter here to CONFIRM or ESC to CANCEL Figure 12 4 Menu 3 2 1 IP Alias Setup Follow the instructions in the following table to configure IP Alias parameters Internet Access 12 3 Prestige 645R A Series User s Guide Table 12 1 Menu 3 2 1 IP Alias Setup FIELD DESCRIPTION EXAMPLE IP Alias Choose Yes to configure the LAN network for the Prestige Yes IP Address Enter the IP address of your Prestige in dotted decimal notation 192 168 1 1 IP Subnet Mask Your Prestige will automatically calculate the subnet mask based on the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the Prestige 255 255 255 0 Protocol Filters RIP Direction Press SPACE BAR to select the RIP direction Choices are None None Both In Only or Out Only Version Press SPACE BAR to select the RIP version Choices are RIP 1 RIP 1 RIP 2B or RIP 2M Incoming Enter the filter set s you wish to apply to the incoming traffic between this node and the Prestige Outgoing Protocol Filters Enter the filter set s you wish to apply to the outgoing traffic between this node and the Prestige
162. nfiguration Comments NetBIOS WAN NetBIOS LAN TELNET WAN PPPOE FTP WAN WebSet1 WebSet2 Enter Filter Set Number to Configure 0 Edit Comments N A Press ENTER to Confirm or ESC to Cancel Figure 13 8 Menu 21 Filer Set Configuration The following figures display the filter rules in filter sets 11 and 12 OD bs GA bh t le d 2 3 4 5 6 Menu 21 11 Filter Rules Summary Filter Rules Enter Filter Rule Number 1 6 to Configure Figure 13 9 Menu 21 11 WebSet 11 Menu 21 12 Filter Rules Summary Filter Rules 0 0 i DP 23 Pr 6 OO DP 21 Pr 17 20405 DP 69 Pr 6 SA 0 0 DP 80 Pr 1 SA 0 0 DP 0 Enter Filter Rule Number 1 6 to Configure Figure 13 10 Menu 21 12 WebSet 12 13 12 Remote Node Configuration Prestige 645R A Series User s Guide Do not edit filter sets 11 and 12 They are used exclusively by the web configurator Any rules you configured in sets 11 and 12 will be erased and replaced when you apply the web configurator generated filter rules 13 6 Editing ATM Layer Options Follow the steps shown next to edit Menu 11 6 Remote Node ATM Layer Options In menu 11 1 move the cursor to the Edit ATM Options field and then press SPACE BAR to select Yes Press ENTER to display Menu 11 6 Remote Node ATM Layer Options There are two versions of menu 11 6 for the Prestige depending on whether you chose VC based LLC based multiplexing and PPP encapsulation in menu 11
163. nfigure 0 Edit Comments N A Press ENTER to Confirm or ESC to Cancel Figure 17 3 Menu 21 Filter Set Configuration Step 2 Type the filter set to configure no 1 to 12 and press ENTER Step 3 Type a descriptive name or comment in the Edit Comments field and press ENTER Step 4 Press ENTER at the message Press ENTER to confirm to display Menu 21 1 Filter Rules Summary that is if you selected filter set 1 in menu 21 17 4 Filter Configuration Prestige 645R A Series User s Guide 1 2 9 4 5 6 oU Abt I FH Menu 21 1 Filter Rules Summary Filter Rules Enter Filter Rule Number 1 6 to Configure Figure 17 4 NetBIOS WAN Filter Rules Summary Menu 21 2 Filter Rules Summary Filter Rules Pr 17 SA 0 0 0 0 SP 137 DA 0 0 0 0 DP 53 Enter Filter Rule Number 1 6 to Configure Figure 17 5 NetBIOS LAN Filter Rules Summary Menu 21 3 Filter Rules Summary Filter Rules SA 0 0 0 0 DA 0 0 0 0 DP 23 Enter Filter Rule Number 1 6 to Configure Figure 17 6 TELNET_WAN Filter Rules Summary Filter Configuration 17 5 Prestige 645R A Series User s Guide Menu 21 4 Filter Rules Summary Filter Rules Off 12 Len 2 Mask ffff Value 8863 Off 12 Len 2 Mask ffff Value 8864 T 2 3 4 5 6 Enter Filter Rule Number 1 6 to Configure Figure 17 7 PPPOE Filter Rules Summary Menu 21 5 Filter Rules Summary Filter Rules SA 0 0 0 0 DA 0 0 0 0
164. nly one port enter the port number again in the End Port No field To forward a series of ports enter the start port number here and the end port number in the End Port No field NAT 6 9 Prestige 645R A Series User s Guide Table 6 5 Edit SUA NAT Server Set LABEL DESCRIPTION End Port No Enter a port number in this field To forward only one port enter the port number again in the Start Port No field above and then enter it again in this field To forward a series of ports enter the last port number in a series that begins with the port number in the Start Port No field above IP Address Enter your server IP address in this field Save Click Save to save your changes back to the Prestige Reset Click Reset to reload the previous configuration for this screen 6 6 Configuring Address Mapping Ordering your rules is important because the Prestige applies the rules in the order that you specify When a rule matches the current packet the Prestige takes the corresponding action and the remaining rules are ignored If there are any empty rules before your new configured rule your configured rule will be pushed up by that number of empty rules For example if you have already configured rules 1 to 6 in your current set and now you configure rule number 9 In the set summary screen the new rule will be rule 7 not 9 Now if you delete rule 4 rules 5 to 7 will be pushed up by 1 rule so
165. nts essere 20 4 Table 20 3 General Commands for GUI based TFTP Clients iese ee ee ee RR RR GRA GRA Re Re ee ee ee 20 6 Table 21 1 Menu 25 1 IP Routing Policy Setup 21 3 Table 21 2 Menu 25 1 1 IP Routing Bolten 21 4 Table 22 1 Menu 26 1 Schedule Set Semi 22 2 List of Tables xvii Prestige 645R A Series User s Guide List of Chart Chart A 1 Troubleshooting Power LED tit A 1 Chart A 2 Troubleshooting LAN LED tt A 1 Chart A 3 Troubleshooting DS LEDE riter it A 2 Chart A 4 Troubleshooting Telnet e rettet Aaa A 2 Chart A 5 Troubleshooting Web Confgeurator eene nennen nennen A 3 Chart A 6 Troubleshooting Internet Browser Display A 3 Chart A 7 Troubleshooting Login Username and Password A 3 Chart A 8 Troubleshooting LAN Interface A 4 Chart A 9 Troubleshooting ADSL Connection se RR RA GRA GRA eene enne A 4 Chart A 10 Troubleshooting WAN Interface A 5 Chart A 11 Troubleshooting Internet Access A 5 Chart A 12 Troubleshooting Internet ConnectiOn ees sa se Re Re enne eren A 5 Chart A 13 Troubleshooting Connecting to a Remote Node or IS A 6 Chart B I Classes of IP Addresses ete tC eere te ee B 1 Chart B 2 Allowed IP Address Range By Class enne eene enne B 2 Chart B 3 5 Natural Masker Se UI deett eie regt ee ip ere B 2 Chart B 4 Alternative Subnet Mask Notation esses eene nennen nennen nennen nnne nennen B 3 Sic subnet se tee dete ex ee oett eoe eter n B 4 Cliart B 6 Subnet 2 EE B 4 EE
166. nts The Network window Configuration tab displays a list of installed components You need a network adapter the TCP IP protocol and Client for Microsoft Networks If you need the adapter a In the Network window click Add b Select Adapter and then click Add C Select the manufacturer and model of your network adapter and then click OK If you need TCP IP a In the Network window click Add b Select Protocol and then click Add C Select Microsoft from the list of manufacturers d Select TCP IP from the list of network protocols and then click OK If you need Client for Microsoft Networks a Click Add b Select Client and then click Add C Select Microsoft from the list of manufacturers d Select Client for Microsoft Networks from the list of network clients and then click OK e Restart your computer so the changes you made take effect Configuring 1 In the Network window Configuration tab select your network adapter s TCP IP entry and click Properties D 2 Setting up Your Computer s IP Address Prestige 645R A Series User s Guide Click the IP Address tab TCP IP Properties If your IP address is dynamic select Obtain an IP address automatically If you have a static IP address select Specify an IP address and type your information into the IP Address and Subnet Mask fields Click the DNS Configuration tab If you do not know your DNS information select Disable DNS If you know your DN
167. nu 25 IP Routing Policy Setup Policy Policy Enter Policy Set Number to Configure 0 Edit Name N A Press ENTER to Confirm or ESC to Cancel Figure 21 1 Menu 25 IP Routing Policy Setup To setup a routing policy perform the following procedures Step 1 Type 25 in the main menu to open Menu 25 IP Routing Policy Setup Step 2 Type the index of the policy set you want to configure to open Menu 25 1 IP Routing Policy Setup Menu 25 1 shows the summary of a policy set including the criteria and the action of a single policy and whether a policy is active or not Each policy contains two lines The former part is the criteria of the incoming packet and the latter is the action Between these two parts separator means the action is taken on criteria matched and separator means the action is taken on criteria not matched 21 2 IP Policy Routing Prestige 645R A Series User s Guide Menu 25 1 IP Routing Policy Setup Criteria Action A 1 1 1 1 1 1 1 1 DA 2 2 2 2 2 2 2 5 SP 20 25 DP 20 25 P 6 T NM PR 0 GW 192 168 1 1 T MT PR 0 Enter Policy Rule Number 1 6 to Configure Figure 21 2 Menu 25 1 IP Routing Policy Setup Table 21 1 Menu 25 1 IP Routing Policy Setup ABBREVIATION MEANING Criterion SA Source IP Address SP Source Port DA Destination IP Address DP Destination Port IP layer 4 protocol number TCP 6 UDP 17
168. o the multicast routers group The Prestige supports both IGMP version 1 IGMP v1 and IGMP version 2 IGMP v2 At start up the Prestige queries all directly connected networks to gather group membership After that the Prestige periodically updates this information IP multicasting can be enabled disabled on the Prestige LAN and or WAN interfaces in the web configurator LAN WAN Select None to disable IP multicasting on these interfaces LAN Setup 5 3 Prestige 645R A Series User s Guide 5 5 Configuring LAN Click LAN to open the following screen LAN Setup DHCP DHCP Server y Client IP Pool Starting Address 192168 1 33 Size of Client IP Pool bo Primary DNS Server nung Secondary DNS Server nung Remote DHCP Server N A TCP IP IP Address 9216833 IP Subnet Mask 255 255 2550 RIP Direction Both y RIP Version RIP 2B y Multicast IGMP v2 v spot Figure 5 2 LAN The following table describes the labels in this screen Table 5 1 LAN LABEL DESCRIPTION DHCP 5 4 LAN Setup Prestige 645R A Series User s Guide Table 5 1 LAN LABEL DESCRIPTION DHCP If set to Server your Prestige can assign IP addresses an IP default gateway and DNS servers to Windows 95 Windows NT and other systems that support the DHCP client If set to None the DHCP server will be disabled If set to Relay the Prestige acts as a surrogate DHC
169. o use Many to Many No Overload mapping as port numbers do not change for Many to Many No Overload and One to One NAT mapping types The following figure illustrates this Game Player 1 192 168 1 10 Mapping Rules 1 Game Players 1 to 3 IGAs 1 to 3 Type Many to Many No Overload Game Player 2 192 168 1 1 Prestige 3 IGAs e 10 132 50 1 IGA 1 10 132 50 2 IGA 2 10 132 50 3 IGA 3 Game Player 3 192 168 1 12 Figure 16 19 NAT Example 4 NAT 16 17 Prestige 645R A Series User s Guide Other applications such as some gaming programs are NAT unfriendly because they embed addressing information in the data stream These applications won t work through NAT even when using One to One and Many to Many No Overload mapping types Follow the steps outlined in example 3 to configure these two menus as follows Menu 15 1 1 1 Address Mapping Rule Type Many to Many No Overload Local IP Start 192 168 1 10 End 192 168 1 12 Global IP Start 10 132 50 1 End 10 132 50 3 Server Mapping Set N A Press ENTER to Confirm or ESC to Cancel Figure 16 20 Example 4 Menu 15 1 1 1 Address Mapping Rule After you ve configured your rule you should be able to check the settings in menu 15 1 1 as shown next Menu 15 1 1 Address Mapping Rules Set Name Example4 Idx Local Start IP Local End IP Global Start IP Global End IP 192 168 1 10 192 169 312 10 132 50 1 Actio
170. ocol Encapsulation over ATM Adaptation Layer 5 AALS The first method allows multiplexing of multiple protocols over a single ATM virtual circuit LLC based multiplexing and the second method assumes that each protocol is carried over a separate ATM virtual circuit VC based multiplexing Please refer to the RFC for more detailed information 4 3 Multiplexing There are two conventions to identify what protocols the virtual circuit VC is carrying Be sure to use the multiplexing method required by your ISP 4 3 1 VC based Multiplexing In this case by prior mutual agreement each protocol is assigned to a specific virtual circuit for example VCI carries IP etc VC based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical 4 3 2 LLC based Multiplexing In this case one VC carries multiple protocols with protocol identifying information being contained in each packet header Despite the extra bandwidth and processing overhead this method may be advantageous if it is not practical to have a separate VC for each carried protocol for example if charging heavily depends on the number of simultaneous VCs 4 4 VPI and VCI Be sure to use the correct Virtual Path Identifier VPI and Virtual Channel Identifier VCI numbers assigned to you The valid range for the VPI is 0 to 255 and for the VCI is 32 to 65535 0 to 31 is reserved for local management of ATM traffic Please
171. ographically dispersed networks through an ADSL line A typical LAN to LAN application for your Prestige is shown as follows Branch Office Corporate LAN LAN UU Prestige Prestige Figure 1 2 LAN to LAN Application 1 4 Getting To Know Your Prestige Prestige 645R A Series User s Guide Chapter 2 Hardware Installation This chapter describes the physical features and cable connections of the Prestige 2 1 Front Panel LEDs of the Prestige The LED indicators on the front panel indicate the operational status of the Prestige 0080 PPP ACT PRESTIGE 600 seres Figure 2 1 Front Panel The table below describes the status of the front panel LEDs Table 2 1 Front Panel LED Description LED COLOR STATUS DESCRIPTION PWR Green On The Prestige is receiving power Off The Prestige is not receiving power SYS Green On The Prestige is functioning properly Blinking The Prestige is rebooting Off The Prestige is not ready or has malfunctioned Orange On Dying gasp action The power to the Prestige is too low LAN 10M Green On The Prestige has a successful 10Mb Ethernet connection Blinking The Prestige is receiving or sending data Off No device is connected at 10Mb Hardware Installation 2 1 Prestige 645R A Series User s Guide Table 2 1 Front Panel LED Description LED COLOR STATUS DESCRIPTION LAN 100M Orange On
172. old rules 5 6 and 7 become new rules 4 5 and 6 To change your Prestige s address mapping settings click NAT Select Full Feature and click Edit Details to open the following screen 6 10 NAT Prestige 645R A Series User s Guide NAT Address Mapping Rules r Local Start IP Local End IP Global Start IP Global End IP Type Rule 1 Rule 2 Rule 3 Rule 4 Rule 5 Rule 5 Rule 7 Rule 8 Rule 9 Rule 10 Back Figure 6 6 Address Mapping Rules The following table describes the labels in this screen Table 6 6 Address Mapping Rules LABEL DESCRIPTION Local Start IP This is the starting Inside Local IP Address ILA Local IP addresses are N A for Server port mapping Local End IP This is the end Inside Local IP Address ILA If your rule is for all local IP addresses then enter 0 0 0 0 as the Local Start IP address and 255 255 255 255 as the Local End IP address This field is N A for One to one and Server mapping types Global Start IP This is the starting Inside Global IP Address IGA Enter 0 0 0 0 here if you have a dynamic IP address from your ISP You can only do this for Many to One and Server mapping types Global End IP This is the ending Inside Global IP Address IGA This field is N A for One to one Many to One and Server mapping types NAT 6 11 Prestige 645
173. or disabled if you have either a dynamic or static IP However the encapsulation method assigned influences your choices for IP address and ENET ENCAP Gateway 4 7 1 IP Assignment with PPPoA or PPPoE Encapsulation If you have a dynamic IP then the IP Address and ENET ENCAP Gateway fields are not applicable N A If you have a static IP then you only need to fill in the IP Address field and not the ENET ENCAP Gateway field 4 7 2 IP Assignment with RFC 1483 Encapsulation In this case the IP Address Assignment must be static with the same requirements for the IP Address and ENET ENCAP Gateway fields as stated above 4 7 3 IP Assignment with ENET ENCAP Encapsulation In this case you can have either a static or dynamic IP For a static IP you must fill in all the IP Address and ENET ENCAP Gateway fields as supplied by your ISP However for a dynamic IP the Prestige acts as a DHCP client on the WAN port and so the IP Address and ENET ENCAP Gateway fields are not applicable N A as the DHCP server assigns them to the Prestige Wizard Setup 4 5 Prestige 645R A Series User s Guide 4 7 4 Private IP Addresses Every machine on the Internet must have a unique address If your networks are isolated from the Internet for example only between your two branch offices you can assign any IP addresses to the hosts without problems However the Internet Assigned Numbers Authority IANA has reserved the following three blocks of IP addresse
174. or future use Chart B 1 Classes of IP Addresses IP ADDRESS OCTET 1 OCTET 2 OCTET 3 OCTET 4 Class A 0 Network number Host ID Host ID Host ID Class B 10 Network number Network number Host ID Host ID Class C 110 Network number Network number Network number Host ID Host IDs of all zeros or all ones are not allowed Therefore gt A class C network 8 host bits can have 2 2 or 254 hosts gt A class B address 16 host bits can have 2 2 or 65534 hosts IP Subnetting B 1 Prestige 645R A Series User s Guide A class A address 24 host bits can have 2 2 hosts approximately 16 million hosts Since the first octet of a class A IP address must contain a 0 the first octet of a class A address can have a value of 0 to 127 Similarly the first octet of a class B must begin with 10 therefore the first octet of a class B address has a valid range of 128 to 191 The first octet of a class C address begins with 110 and therefore has a range of 192 to 223 Chart B 2 Allowed IP Address Range By Class CLASS ALLOWED RANGE OF FIRST OCTET ALLOWED RANGE OF FIRST OCTET BINARY DECIMAL Class A 00000000 to 01111111 0 to 127 Class B 10000000 to 10111111 128 to 191 Class C 11000000 to 11011111 192 to 223 Class D 11100000 to 11101111 224 to 239 Subnet Masks A subnet mask is used to determine whi
175. or this destination Follow the discussion on P Subnet Mask in this manual Gateway IP Address Type the IP address of the gateway The gateway is an immediate neighbor of your Prestige that will forward the packet to the destination On the LAN the gateway must be a router on the same segment as your Prestige over WAN the gateway must be the IP address of one of the remote nodes Metric Metric represents the cost of transmission for routing purposes IP routing uses hop count as the measurement of cost with a minimum of 1 for directly connected networks Type a number that approximates the cost for this link The number need not be precise but it must be between 1 and 15 In practice 2 or 3 is usually a good number Static Route Setup 14 3 Prestige 645R A Series User s Guide Table 14 1 Menu12 1 1 Edit IP Static Route FIELD DESCRIPTION Private This parameter determines if the Prestige will include the route to this remote node in its RIP broadcasts If set to Yes this route is kept private and is not included in RIP broadcasts If No the route to this remote node will be propagated to other hosts through RIP broadcasts When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 14 4 Static Route Setup Prestige 645R A Series User s Guide
176. ose Full Feature if you have multiple public WAN IP addresses for your Prestige 16 2 Applying NAT You apply NAT via menus 4 or 11 3 as displayed next The next figure shows you how to apply NAT for Internet access in menu 4 Enter 4 from the main menu to go to Menu 4 Internet Access Setup NAT 16 1 Prestige 645R A Series User s Guide The following figure shows how you apply NAT to the remote node in menu 11 1 Step 1 Step 2 Step 3 Menu 4 Internet Access Setup ISP s Name MyISP Encapsulation PPPoA Multiplexing VC based VPI 8 VCI 35 Service Name N A My Login username My Password NAT SUA Only Address Mapping Set IP Address Assignment IP Address N A ENET ENCAP Gateway N A Press ENTER to Confirm or ESC to Cancel Drace Grace Rar tA Tarrla Enter 11 from the main menu N A Dynamic Figure 16 1 Menu 4 Applying NAT for Internet Access When menu 11 appears as shown in the following figure type the number of the remote node that you want to configure Move the cursor to the Edit IP Bridge field press SPACE BAR to select Yes and then press ENTER to bring up Menu 11 3 Remote Node Network Layer Options 16 2 NAT Prestige 645R A Series User s Guide Menu 11 3 Remote Node Network Layer Options IP Options Bridge Options IP Address Assignment Dynamic Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 My WAN Addr N A NAT SUA Only Address
177. ote Node Profile From the main menu enter 26 to access Menu 26 Schedule Setup as shown next Menu 26 Schedule Setup Schedule Schedule Set Name Set Name 1 AlwaysOn d DE SZ S 2 E E 8 gU Ee ee en Ee N i f EN N EG 10 5 DI b es ST 12 Enter Schedule Set Number to Configure Edit Name Press ENTER to Confirm or ESC to Cancel Figure 22 1 Menu 26 Schedule Setup Lower numbered sets take precedence over higher numbered sets thereby avoiding scheduling conflicts For example if sets 1 2 3 and 4 in are applied in the remote node then set 1 will take precedence over set 2 3 and 4 as the Prestige by default applies the lowest numbered set first Set 2 will take precedence over set 3 and 4 and so on You can design up to 12 schedule sets but you can only apply up to four schedule sets for a remote node Call Scheduling 22 1 Prestige 645R A Series User s Guide To delete a schedule set enter the set number and press SPACE BAR and then ENTER or delete in the Edit Name field To setup a schedule set select the schedule set you want to setup from menu 26 1 12 and press ENTER to see Menu 26 1 Schedule Set Setup as shown next Menu 26 1 Schedule Set Setup Active Yes Start Date yyyy mm dd 2000 01 01 How Often Once Once Date yyyy mm dd 2000 01 01 Weekdays Sunday N A Monday N A Tuesday N A Wednesday N A Thursday N A Friday N A
178. own in the following table Please refer to RFC 1700 for further information about port numbers Table 6 3 Services and Port Numbers SERVICES PORT NUMBER ECHO 7 FTP File Transfer Protocol 21 SMTP Simple Mail Transfer Protocol 25 DNS Domain Name System 53 Finger 79 HTTP Hyper Text Transfer protocol or WWW Web 80 POP3 Post Office Protocol 110 NNTP Network News Transport Protocol 119 SNMP Simple Network Management Protocol 161 SNMP trap 162 PPTP Point to Point Tunneling Protocol 1723 6 3 2 Configuring Servers Behind SUA Example Let s say you want to assign ports 22 25 to one server port 80 to another and assign a default server IP address of 192 168 1 35 as shown in the next figure 6 6 NAT Prestige 645R A Series User s Guide Priavte network IP addresses The NAT network appears as a single host on the Internet 192 168 1 1 FTP TELNET SMTP server IP Address 192 168 1 33 Prestige IP Address D Computer H IP Address o 192 168 1 35 Computer IP Address IP ADDRESS ASSIGNED 192 168 1 36 BY ISP Figure 6 3 Multiple Servers Behind NAT Example 6 4 Selecting the NAT Mode Click NAT to open the following screen NAT Mode Network Address Translation C None SUA Only Edit Details C Full Feature Edit Details Apply Figure 6 4 NAT Mode The following table describes the labels in this screen
179. perly Chart A 6 Troubleshooting Internet Browser Display STEPS CORRECTIVE ACTION 1 Make sure you are using Internet Explorer 5 0 and later versions 2 Delete the temporary web files and log in again In Internet Explorer click Tools Internet Options and then click the Delete Files button When a Delete Files window displays select Delete all offline content and click OK Steps may vary depending on the version of your Internet browser A 4 Login Username and Password I forgot my login username and or password Chart A 7 Troubleshooting Login Username and Password STEPS CORRECTIVE ACTION 1 If you have changed the password and have now forgotten it you will need to upload the default configuration file This will erase all custom configurations and restore all of the factory defaults including the password 2 Press the RESET button for five seconds and then release it When the SYS LED begins to blink the defaults have been restored and the Prestige restarts Troubleshooting A 3 Prestige 645R A Series User s Guide Chart A 7 Troubleshooting Login Username and Password STEPS CORRECTIVE ACTION 3 The default username is admin The default password is 1234 The Password and Username fields are case sensitive Make sure that you enter the correct password and username using the proper casing 4 It is highly recommended to change the default username and pas
180. quires a unique User ID and Password to login Transfer Type You must use binary mode when uploading the configuration or firmware file Transfer files in either ASCII plain text format or in binary mode Initial Remote Directory Specify the default remote directory path Initial Local Directory Specify the default local directory path 20 2 5 TFTP and FTP over WAN Will Not Work When TFTP FTP and Telnet over WAN will not work when 1 You have applied a filter in menu 3 1 LAN or in menu 11 5 WAN to block Telnet service 2 You have an SMT console session running 20 4 Firmware and Configuration File Maintenance Prestige 645R A Series User s Guide 20 2 6 Backup Configuration Using TFTP The Prestige supports the up downloading of the firmware and the configuration file using TFTP Trivial File Transfer Protocol over LAN Although TFTP should work over WAN as well it is not recommended To use TFTP your computer must have both telnet and TFTP clients To backup the configuration file follow the procedure shown next Step 1 Use telnet from your computer to connect to the Prestige and log in Because TFTP does not have any security checks the Prestige records the IP address of the telnet client and accepts TFTP requests only from this address Step 2 Put the SMT in command interpreter CI mode by entering 8 in Menu 24 System Maintenance Step 3 Enter command sys stdio 0 to disabl
181. re two separate IP networks one inside the LAN network the other outside the WAN network as shown next The interface to the Internet or a remote node is the ADSL port Prestige 5 2 DNS Server Address DNS Domain Name System is for mapping a domain name to its corresponding IP address and vice versa for example the IP address of www zyxel com is 204 217 0 2 The DNS server is extremely important because without it you must know the IP address of a machine before you can access it The DNS server addresses that you enter in the DHCP setup are passed to the client machines along with the assigned IP address and subnet mask LAN Setup 5 1 Prestige 645R A Series User s Guide There are two ways that an ISP disseminates the DNS server addresses The first is for an ISP to tell a customer the DNS server addresses usually in the form of an information sheet when s he signs up If your ISP gives you the DNS server addresses enter them in the DNS Server fields in DHCP Setup otherwise leave them blank Some ISP s choose to pass the DNS servers using the DNS server extensions of PPP IPCP IP Control Protocol after the connection is up If your ISP did not give you explicit DNS servers chances are the DNS servers are conveyed through IPCP negotiation The Prestige supports the IPCP DNS server extensions through the DNS proxy feature If the Primary and Secondary DNS Server fields in DHCP Setup are not specified for instance
182. ream Noise Margin ATM Status Downstream Noise Margin ATM Loopback Test Back Figure 8 6 Diagnostic DSL Line The following table describes the labels in this screen Maintenance 8 9 Prestige 645R A Series User s Guide Table 8 5 Diagnostic DSL Line LABEL DESCRIPTION Reset ADSL Click this button to reinitialize the ADSL line The large text box above then displays the Line progress and results of this operation for example Start to reset ADSL Loading ADSL modem F W Reset ADSL Line Successfully ATM Status Click this button to view ATM status ATM Loopback Test Click this button to start the ATM loopback test Make sure you have configured at least one PVC with proper VPIs VCIs before you begin this test The Prestige sends an OAM F5 packet to the DSLAM ATM switch and then returns it loops it back to the Prestige The ATM loopback test is useful for troubleshooting problems with the DSLAM and ATM network Upstream Noise Margin Click this button to display the upstream noise margin Downstream Noise Margin Click this button to display the downstream noise margin Back Click this button to go back to the main Diagnostic screen 8 5 Firmware Screen Find firmware at www zyxel com in a file that usually uses the system model name with a bin extension e g Prestige bin The upload process uses FTP File Transfer Protocol and may take up to two
183. ress and put transfers the file source on the computer firmware bin name of the firmware on the computer to the file destination on the remote host ras name of the firmware on the Prestige Commands that you may see in GUI based TFTP clients are listed earlier in this chapter Firmware and Configuration File Maintenance 20 11 Prestige 645R A Series User s Guide Chapter 21 IP Policy Routing This chapter covers setting and applying policies used for IP routing 21 1 IP Policy Routing Overview Traditionally routing 1s based on the destination address only and the IAD takes the shortest path to forward a packet IP Routing Policy IPPR provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator Policy based routing is applied to incoming packets on a per interface basis prior to the normal routing 21 2 Benefits of IP Policy Routing e Source Based Routing Network administrators can use policy based routing to direct traffic from different users through different connections e Quality of Service QoS Organizations can differentiate traffic by setting the precedence or TOS Type of Service values in the IP header at the periphery of the network to enable the backbone to prioritize traffic e Cost Savings IPPR allows organizations to distribute interactive traffic on high bandwidth high cost paths while using
184. reter Mode co AU bs QN ES Enter Menu Selection Number Figure 19 1 Menu 24 System Maintenance 19 2 System Status The first selection System Status gives you information on the status and statistics of the ports as shown next System Status is a tool that can be used to monitor your Prestige Specifically it gives you information on your ADSL telephone line status number of packets sent and received To get to System Status type 24 to go to Menu 24 System Maintenance From this menu type 1 System Status There are two commands in Menu 24 1 System Maintenance Status Entering 1 resets the counters ESC takes you back to the previous screen System Information and Diagnosis 19 1 Prestige 645R A Series User s Guide The following table describes the fields present in Menu 24 1 System Maintenance Status which are read only and meant for diagnostic purposes Menu 24 1 System Maintenance Status 01 33 24 Sat Jan 01 2000 Node Lnk Status TxPkts RxPkts Errors Tx B s Rx B s 1 PPP N A 0 2 N A N A N A N A N A N A N A oooooooo oooooooo oooooooo oooooooo Ethernet WAN Status 100M Full Duplex Tx Pkts 2550 Line Status Wait for Init Collisions 0 Rx Pkts 2448 Upstream Speed 0 kbps CPU Load 1 46 Downstream Speed 0 kbps Press Command COMMANDS 1 Reset Counters ESC Exit Figure 19 2 Menu 24 1 System Maintenance Status The following table describes the fields present
185. rface Seeerei EA A A OR edet eid eng 9 2 9 2 1 System Management Terminal Interface Summary eee 9 4 9 3 Changing the System Password 9 5 Chapter 10 General Setup eese eee eee eese eee Bee Be Ee attain sisse tuns sustine ess Ge RE Re tasa tos tastes nono ee 10 1 10 1 General Setupc id RUM EDS 10 1 19 2 Gonfiguring Menu tires RE ertet a EI e ER TR EE Riese 10 1 10 2 1 Configuring Dynamic DNS sse RR GRA GRA GRA Ee nnne nenne 10 3 Chapter AAA D M 11 1 SN 11 1 Itl General Ethernet Setup imitan ot be Been EEN 11 1 11 2 Protocol Dependent Ethernet Setup 11 2 11 3 TCP IP Ethernet Setup and DHCP iese sees sees see sae ae ee ee Re Re GE Re GR nn nn Re GRA GR ron Re enne nnns 11 2 RO hb AE E 12 1 1 21 Internet Access OvelVlE Wi li REUS 12 1 EE cs ie tin do fare ER EG do e DE TUS 12 1 viii Table of Contents Prestige 645R A Series User s Guide 1253 A OO 12 1 E EA e debetur a det epe beret dietus 12 2 122 Route IP Seuss ds bb GEE EGGSA ED GR GR hate tros 12 4 12 6 Internet Access Configuration Re RR RA GRA GRA Re ee Ee ae ee ee ee A nnne A GRA 12 5 Chapter 13 Remote Node Confteuraton sees sees esse es sees see see Ge EE BAG EE Ge nete netta EE BAG EE GE setas EE Ge EE SEG EE Ge EE Se enu 13 1 13 1 Remote Node Setup Overview se ee ae ae ee ee Re Re ER GR Re GR Re GR Re GRA GRA Ga nennen 13 1 13 2 Remote Node Setup i esi
186. rity breaches Menu 3 1 General Ethernet Setup Input Filter Sets protocol filters device filters Output Filter Sets protocol filters device filters Press ENTER to Confirm or ESC to Cancel Figure 11 2 Menu 3 1 General Ethernet Setup If you need to define filters please read the Filter Set Configuration chapter first then return to this menu to define the filter sets Ethernet Setup Prestige 645R A Series User s Guide 11 2 Protocol Dependent Ethernet Setup Depending on the protocols for your applications you need to configure the respective Ethernet Setup as outlined below For TCP IP Ethernet setup refer to the Internet Access Application chapter For bridging Ethernet setup refer to the Bridging Setup chapter 11 3 TCP IP Ethernet Setup and DHCP Use menu 3 2 to configure your Prestige for TCP IP To edit menu 3 2 enter 3 from the main menu to display Menu 3 Ethernet Setup When menu 3 appears press 2 and press ENTER to display Menu 3 2 TCP IP and DHCP Ethernet Setup as shown next Menu 3 2 TCP IP and DHCP Ethernet Setup r First address in DHCP Setup DHCP Server wee the IP pool Client IP Pool Starting Address 192 168 1 33 Size of Client IP Pool 32 Primary DNS Server 0 0 0 0 Secondary DNS Server 0 0 0 0 Size of the IP Remote DHCP Server N A Pool TCP IP Setup IP Address 192 68 1 1 IP Subnet Mask 255 255 2 RIP Direct
187. rovider WWW DynDNS ORG default Active Press SPACE BAR to select Yes and then press ENTER to Yes make dynamic DNS active Host Enter the domain name assigned to your Prestige by your me dyndns org Dynamic DNS provider EMAIL Enter your e mail address mail mailserver USER Enter your user name Password Enter the password assigned to you Enable Wildcard Your Prestige supports DYNDNS Wildcard Press SPACE No BAR and then ENTER to select Yes or No This field is N A when you choose DDNS client as your service provider When you have completed this menu press ENTER at the prompt Press ENTER to Confirm to save your configuration or press ESC at any time to cancel General Setup 10 3 Prestige 645R A Series User s Guide Chapter 11 Ethernet Setup This chapter covers how to configure your wired Local Area Network LAN settings 11 1 Ethernet Setup This section describes how to configure the Ethernet using Menu 3 Ethernet Setup From the main menu enter 3 to display menu 3 Menu 3 Ethernet Setup 1 General Setup 2 TCP IP and DHCP Setup Enter Menu Selection Number Figure 11 1 Menu 3 Ethernet Setup 11 1 1 General Ethernet Setup This menu allows you to specify filter set s that you wish to apply to the Ethernet traffic You seldom need to filter Ethernet traffic however the filter sets may be useful to block certain packets reduce traffic and prevent secu
188. rules after the selected rule will then be moved down by one rule Delete means to delete the selected rule and then all the rules after the selected one will be advanced one rule None disables the Select Rule item Select Rule When you choose Edit Insert Before or Delete in the previous field 1 the cursor jumps to this field to allow you to select the rule to apply the action in question You must press ENTER at the bottom of the screen to save the whole set You must do this again if you make any changes to the set including deleting a rule No changes to the set take place until this action is taken Selecting Edit in the Action field and then selecting a rule brings up the following menu Menu 15 1 1 1 Address Mapping Rule in which you can edit an individual rule and configure the Type Local and Global Start End IPs An End IP address must be numerically greater than its corresponding IP Start address NAT 16 7 Prestige 645R A Series User s Guide Menu 15 1 1 1 Address Mapping Rule Type One to One Local IP Start End N A Global IP Start 0 0 0 0 End N A Server Mapping Set N A Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 16 7 Menu 15 1 1 1 Editing Configuring an Individual Rule in a Set The following table explains the fields in this menu Table 16 4 Menu 15 1 1 1 Editing Configuring an Individual Rule in a Set
189. s 19 10 System Information and Diagnosis Prestige 645R A Series User s Guide Chapter 20 Firmware and Configuration File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files 20 1 Filename Conventions The configuration file often called the romfile or rom 0 contains the factory default settings in the menus such as password DHCP Setup TCP IP Setup etc It arrives from ZyXEL with a rom filename extension Once you have customized the Prestige s settings they can be saved back to your computer under a filename of your choosing ZyNOS ZyXEL Network Operating System sometimes referred to as the ras file is the system firmware and has a bin filename extension With many FTP and TFTP clients the filenames are similar to those seen next Only use firmware for your Prestige s specific model Refer to the label on the bottom of your Prestige ftp put firmware bin ras This is a sample FTP session showing the transfer of the computer file firmware bin to the Prestige ftp get rom 0 config cfg This is a sample FTP session saving the current configuration to the computer file config cfg If your T FTP client does not allow you to have a destination filename different than the source you will need to rename them as the Prestige only recognizes rom 0 and ras Be sure you keep unaltered copies of
190. s ENTER when prompted for a username Step 4 Enter your password as requested the default is 1234 Step 5 Enter bin to set transfer mode to binary Step 6 Use get to transfer files from the Prestige to the computer for example get rom 0 config rom transfers the configuration file on the Prestige to your computer and renames it config rom See earlier in this chapter for more information on filename conventions Step 7 Enter quit to exit the ftp prompt 20 2 3 Example of FTP Commands from the Command Line Firmware and Configuration File Maintenance 20 3 Prestige 645R A Series User s Guide 331 Enter PASS command Password 230 Logged in ftp gt bin 200 Type I OK ftp get rom 0 zyxel rom 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp 16384 bytes sent in 1 10Seconds 297 89Kbytes sec ftp quit Figure 20 2 FTP Session Example 20 2 4 GUI based FTP Clients The following table describes some of the commands that you may see in GUI based FTP clients Table 20 2 General Commands for GUI based FTP Clients COMMAND DESCRIPTION Host Address Enter the address of the host server Login Type Anonymous This is when a user I D and password is automatically supplied to the server for anonymous access Anonymous logins will work only if your ISP or service administrator has enabled this option Normal The server re
191. s 0 0 0 0 Type of Service Set the new TOS value of the outgoing packet Prioritize incoming network traffic by choosing No Change Normal Min Delay Max Thruput Max Reliable or Min Cost Precedence Set the new outgoing packet precedence value Values are 0 to 7 or No Change Log Press SPACE BAR and then ENTER to select Yes to make an entry in the system log when a policy is executed When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 21 5 Applying an IP Policy This section shows you where to apply the IP policies after you design them 21 5 1 Ethernet IP Policies From Menu 3 Ethernet Setup type 2 to go to Menu 3 2 TCP IP and DHCP Ethernet Setup You can choose up to four IP policy sets from 12 by typing their numbers separated by commas for example 2 4 7 9 IP Policy Routing 21 5 Prestige 645R A Series User s Guide Menu 3 2 TCP IP and DHCP Ethernet Setup DHCP Setup DHCP None Client IP Pool Starting Address N A Size of Client IP Pool N A Primary DNS Server N A Secondary DNS Server N A Remote DHCP Server N A TCP IP Setup IP Address 192 168 1 1 IP Subnet Mask 255 255 255 0 RIP Direction Both Version RIP 2B Multicast IGMP v2 IP Policies 2 4 7 Edit IP Alias No Press ENTER to Confirm or ESC to Cancel Figure 21 4 Menu 3 2 TCP IP
192. s is usually specified by writing a followed by the number of bits in the mask after the address For example 192 1 1 0 25 is equivalent to saying 192 1 1 0 with mask 255 255 255 128 The following table shows all possible subnet masks for a class C address using both notations Chart B 4 Alternative Subnet Mask Notation SUBNET MASK IP ADDRESS SUBNET MASK 1 BITS LAST OCTET BIT VALUE 255 255 255 0 124 0000 0000 255 255 255 128 125 1000 0000 255 255 255 192 126 1100 0000 255 255 255 224 127 1110 0000 255 255 255 240 128 1111 0000 255 255 255 248 129 1111 1000 255 255 255 252 30 1111 1100 The first mask shown is the class C natural mask Normally if no mask is specified it is understood that the natural mask is being used Example Two Subnets As an example you have a class C address 192 168 1 0 with subnet mask of 255 255 255 0 NETWORK NUMBER HOST ID IP Address 192 168 1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask 255 255 255 0 Subnet Mask Binary 11111111 11111111 11111111 00000000 The first three octets of the address make up the network number class C You want to have two separate networks IP Subnetting B 3 Prestige 645R A Series User s Guide Divide the network 192 168 1 0 into two separate subnets by converting one of the host ID bits of the IP address to a network number bit
193. s on 2 2 3 Using the Reset Button Hold this button in for more than five seconds to restart the Prestige Resetting the Prestige deletes all custom configurations 2 2 4 Making the Connections Step 1 Connecting the DSL line Connect the RJ 11 DSL port on the Prestige to the POTS splitter using the included DSL cable telephone wire Connect the micro filter s optional see the Splitters and Microfilters appendix for the details between the wall jack and your telephone s The micro filters act as low pass filters voice transmission takes place in the 0 to 4KHz bandwidth Step 2 Connecting a computer or an external hub to the Prestige s 10 100M LAN port Be careful not to insert an RJ 11 connector into the RJ 45 port Ethernet 10Base T 100Base T networks use Shielded Twisted Pair STP cable with RJ 45 connectors that look like a bigger telephone plug with 8 pins The LAN port is auto crossover so you may use a crossover or a straight through Ethernet cable to connect your Prestige to a computer or an external hub Step 3 Connecting the power adaptor to your Prestige Make sure that you use the supplied power adaptor See Power Adaptor Specifications appendix for information Connect the power adaptor to the port labeled POWER on the rear panel of your Prestige 2 3 Additional Installation Requirements Acomputer must have a properly installed and enabled Ethernet 10Base T 100Base T NIC Aco
194. s packed with a number of features that give it the flexibility to provide a complete networking solution for almost any user Ease of Installation Your Prestige 1s designed for quick intuitive and easy installation Physically its compact size and lightness make it easy to position anywhere in your busy office High Speed Internet Access The Prestige supports downstream transmission rates of up to 8Mbps and upstream transmission rates of 800 Kbps 10 100Mbps Auto negotiating Fast Ethernet LAN Interface This auto negotiation feature allows the Prestige to detect the speed of incoming transmissions and adjust appropriately without manual intervention It allows data transfer of either 10 Mbps or 100 Mbps in either half duplex or full duplex mode depending on your Ethernet network Protocols Supported e TCP IP Transmission Control Protocol Internet Protocol network layer protocol e PPP Point to Point Protocol link layer protocol Getting To Know Your Prestige 1 1 Prestige 645R A Series User s Guide e Transparent bridging for unsupported network layer protocols e DHCP Client Server and Relay e RIPIandRIP II IP Policy Routing IP Policy Routing IPPR provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator Call Scheduling Configure call time periods to allow and restrict access to remote nodes Networking Compatibility
195. s sesse se se ek Ge ek ek ee ee ee 13 9 Figure 13 5 Menu 11 5 Remote Node Filter RFC 1483 or ENET Encapsulation esses 13 10 Figure 13 6 Menu 11 5 Remote Node Filter PPPoA or PPPoE Encapsulation see see ee ee se see ee 13 10 Figure 13 7 Internet Security a N N 13 11 Figure 13 8 Menu 21 Filer Set Configuration esses ener ener nnne 13 12 Figure 13 9 Menu 21 11 WebSet 11 ege eee erede tiii eene de Een 13 12 Figure 13 10 Menu 21 12 WebSet 12 inicio ente d e edere dena 13 12 Figure 13 11 Menu 11 6 for VC based Multiplexing ene 13 13 Figure 13 12 Menu 11 6 for LLC based Multiplexing or PPP Encapsulation sse 13 14 Figure 14 1 Sample Static Routing Topology coooccionnocnnocnnoncoonconconncnnnonn nono nonn non nonn nono nnne ener 14 1 Figure 14 2 Menu 12 Static Route Sep 14 2 Figure 14 3 Menu 12 1 IP Static Route Setup 14 2 Figure 14 4 Menul2 1 1 Edit IP Static Route 14 3 Figure 15 1 Menu 11 1 Remote Node Proble 15 2 Figure 15 2 Menu 11 3 Remote Node Network Layer Options sss 15 2 Figure 15 3 Menu 12 3 1 Edit Bridge Static Route 15 3 Figure 16 1 Menu 4 Applying NAT for Internet Access eese enne 16 2 Figure 16 2 Menu 11 3 Applying NAT to the Remote Node eee 16 3 Figure 16 3 Menu 15 NAT Set p a ene ee eeu eh 16 4 Figure 16 4 Menu 15 1 Address Mapping Setz 16 4 Figure 16 5 Menu 15 1 255 SUA Address Mapping Rules oro Re ee Re Ge Re ee Re Re 16 5 Figure 16 6 Men
196. s specifically for private networks 10 0 0 0 10 255 255 255 172 16 0 0 l172 31 255 255 192 168 0 0 192 168 255 255 You can obtain your IP address from the IANA from an ISP or it can be assigned from a private network If you belong to a small organization and your Internet access is through an ISP the ISP can provide you with the Internet addresses for your local networks On the other hand if you are part of a much larger organization you should consult your network administrator for the appropriate IP addresses Regardless of your particular situation do not create an arbitrary IP address always follow the guidelines above For more information on address assignment please refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space 4 8 Nailed Up Connection PPP A nailed up connection is a dial up line where the connection is always up regardless of traffic demand The Prestige does two things when you specify a nailed up connection The first is that idle timeout is disabled The second is that the Prestige will try to bring up the connection when turned on and whenever the connection is down A nailed up connection can be very expensive for obvious reasons Do not specify a nailed up connection unless your telephone company offers flat rate service or you need a constant connection and the cost is of no concern 4 9 NAT NAT Network Address Translatio
197. s tc eet rtt rp t TU 20 10 20 4 6 TFTP Upload Command Example esses 20 11 Chapter 21 uirginem M 21 1 21 1 IP Policy Routing Overview ccooocooononnnoncnoncnnncnnnono non ccoo nono nono ron ron nennen nn rn nennen nnne enne 21 1 21 2 Benefits of IP Policy Roupng ener enne nnne nnne 21 1 21 3 Routing Policy ees et titt ete itu e irt due lace E det 21 1 21 4 IP Routing Policy Set p eet sre ee ette et E e lidia 21 2 21 5 NASA ie irt re rete ipe se De C ee ed 21 5 21 5 Ethernet IP Policies niei een een EH TR E Ere eet 21 5 21 6 IP Policy Routing Example eese reete te tee te e SEENEN 21 7 Chapt r 22 Call Scheduling viccccsscssscccvsccesetusesdunsscecesesusssuesvosoesessonsesetusesusessesndcesveseeseduesvendesusesvovaseedvesorsedies 22 1 22 1 Call Scheduling Overview ees eet iere ete tene hee Rede eds 22 1 Y IO m See ee VI Appendix A Troubleshooting eere eee eee eee eee ene BEA BRA Bee tns Be sten Ee sns sens ens Ge ERG RA Se sees ee anao A 1 A l Using LEDs to Diagnose Problems eren A 1 A 1 1 Power TED aco eee tenen etu A ey A 1 AAD LAN E RE A 1 A 1 3 DSE LED MEE EE A 2 ADS oi EA RE oo Lt e Rd A RH OR N A 2 A 3 Web Configurators xc sse oe a eite Ee es HL Ee EE ee Ge Ee Dee A 3 AA Login Username and Password eene A 3 AO TAN Interface cca eiiie Aa A 4 7 NSRI ae EE Ai A 4 AT Inteime
198. see the appendix for more information 4 5 Wizard Setup Configuration First Screen In the SITE MAP screen click Wizard Setup to display the first wizard screen 4 2 Wizard Setup Prestige 645R A Series User s Guide Wizard Setup ISP Parameters for Internet Access Protocol PPPoE LLC e Virtual Circuit ID ATM QoS Type Cell Rate VPI VCI a LL Peak Cell Rate cell sec Sustain Cell Rate DI Maximum Burst Size Next Figure 4 1 Wizard Screen 1 The following table describes the labels in this screen Table 4 1 Wizard Screen 1 LABEL DESCRIPTION Protocol This field contains some pre configured encapsulation multiplexing combinations Choose from PPPoA VC PPPoA LLC RFC 1483 VC RFC 1483 LLC ENET ENCAP VC ENET ENCAP LLC PPPoE VC PPPoE LLC Wizard Setup 4 3 Prestige 645R A Series User s Guide Table 4 1 Wizard Screen 1 LABEL DESCRIPTION Virtual Circuit VPI Virtual Path Identifier and VCI Virtual Channel Identifier define a virtual circuit Refer to ID the appendix for more information VPI Enter the VPI assigned to you This field may already be configured VCI Enter the VCI assigned to you This field may already be configured ATM QoS Select CBR Continuous Bit Rate to specify fixed always on bandwidth for voice or data Type traffic Select UBR Unspecified Bit Rate for applications that are non time sensit
199. sent to the UNIX syslog server when this field is set to Yes Filter log No filters are logged when this field is set to No Filters with the individual filter Log Filter field set to Yes are logged when this field is set to Yes PPP log PPP events are logged when this field is set to Yes Your Prestige sends four types of syslog messages Some examples of these syslog messages with their message formats are shown next 1 CDR CDR Message Format SdcmdSyslogSend SYSLOG CDR SYSLOG INFO String String board xx line xx channel xx call xx str board the hardware board ID line the WAN ID in a board Channel channel ID within the WAN call the call reference number which starts from 1 and increments by 1 for each new call str C01 Outgoing Call dev xx ch xx dev device No ch channel No L02 Tunnel Connected L2TP C02 OutCall Connected xxxx means connected speed xxxxx means Remote Call Number L02 Call Terminated C02 Call Terminated Jul 19 11 19 27 192 168 102 2 ZyXEL Communications Corp board 0 line 0 channel 0 call 1 C01 Outgoing Call dev 2 ch 0 40002 Jul 19 11 19 32 192 168 102 2 ZyXEL Communications Corp board 0 line O channel 0 call 1 C02 OutCall Connected 64000 40002 Jul 19 11 20 06 192 168 102 2 ZyXEL Communications Corp board 0 line 0 channel 0 call 1 C02 Call Terminated 2 Packet triggered Packet triggered Message Format sdcmdSyslogSend SYSLOG PKTT
200. so the actual number of hosts available on each subnet in the example above is 2 2 or 126 hosts for each subnet 192 168 1 0 with mask 255 255 255 128 is the subnet itself and 192 168 1 127 with mask 255 255 255 128 is the directed broadcast address for the first subnet Therefore the lowest IP address that can be assigned to an B 4 IP Subnetting Prestige 645R A Series User s Guide actual host for the first subnet is 192 168 1 1 and the highest is 192 168 1 126 Similarly the host ID range for the second subnet is 192 168 1 129 to 192 168 1 254 Example Four Subnets The above example illustrated using a 25 bit subnet mask to divide a class C address space into two subnets Similarly to divide a class C address into four subnets you need to borrow two host ID bits to give four possible combinations of 00 01 10 and 11 The subnet mask is 26 bits 11111111 11111111 11111111 11000000 or 255 255 255 192 Each subnet contains 6 host ID bits giving 25 2 or 62 hosts for each subnet all O s is the subnet itself all Us is the broadcast address on the subnet Chart B 7 Subnet 1 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 0 Lowest Host ID 192 168 1 1 Broadcast Address 192 168 1 63 Highest Host ID 192 168 1 62 Chart B 8
201. sociated with the user name above IP Address A static IP address is a fixed IP that your ISP gives you A dynamic IP address is not fixed the ISP assigns you a different one each time you connect to the Internet The Single User Account feature can be used with either a dynamic or static IP address Click Obtain an IP Address Automatically if you have a dynamic IP address otherwise click Static IP Address and type your ISP assigned IP address in the IP Address text box below Wizard Setup 4 11 Prestige 645R A Series User s Guide Table 4 5 Internet Connection with PPPoA LABEL DESCRIPTION Connection Select Connect on Demand when you don t want the connection up all the time and specify an idle time out in seconds in the Max Idle Timeout field The default setting selects Connection on Demand with 0 as the idle time out which means the Internet session will not timeout Select Nailed Up Connection when you want your connection up all the time The Prestige will try to bring up the connection automatically if it is disconnected The schedule rule s in SMT menu 26 has priority over your Connection settings Back Click Back to go back to the first wizard screen Finish Click Finish to save the settings and proceed to the next wizard screen 4 11 Basic Setup Complete Congratulations You are now set up to access the Internet Launch your web browser and navigate to www zyxel com or click t
202. ss ENTER at the Press ENTER to confirm prompt to save your configuration after you define all the servers or press ESC at any time to cancel 16 10 NAT Prestige 645R A Series User s Guide The NAT network appears as a single host on the Internet 192 168 1 1 FTP TELNET SMTP server IP Address 192 168 1 33 Prestige IP Address A Priavte network IP addresses n O Computer 9 IP Address fo 192 168 1 35 Computer IP Address IP ADDRESS ASSIGNED 192 168 1 36 BY ISP Figure 16 10 Multiple Servers Behind NAT Example 16 5 General NAT Examples The following are some examples of NAT configuration 16 5 1 Example 1 Internet Access Only In the following Internet access example you only need one rule where your ILAs Inside Local addresses all map to one dynamic IGA Inside Global Address assigned by your ISP NAT 16 11 Prestige 645R A Series User s Guide de 2 Ol 192 168 1 10 Inside Local One Dynamic PC 3 O E Addresses ILA Inside Global Addresses IGA Assigned by ISP Figure 16 11 NAT Example 1 Menu 4 Internet Access Setup ISP s Name MyISP Encapsulation RFC 1483 Multiplexing LLC based VPI 8 VCI 35 ATM QoS Type UBR Peak Cell Rate PCR 0 Sustain Cell Rate SCR 0 Maximum Burst Size MBS 0 My Login N A My Password N A ENET ENCAP Gateway N A IP Address Assignment Static IP Address 0 0 0 0 Network Ad
203. sword Make sure you store the username and password in a save place A 5 LAN Interface I cannot access the Prestige from the LAN or ping any computer on the LAN Chart A 8 Troubleshooting LAN Interface STEPS CORRECTIVE ACTION 1 Check the Ethernet LEDs on the front panel A LAN LED should be on if the port is connected to a computer or hub If the 10M 100M LEDs on the front panel are both off refer to Section A 1 2 2 Make sure that the IP address and the subnet mask of the Prestige and your computer s are on the same subnet A 6 WAN Interface Initialization of the ADSL connection failed Chart A 9 Troubleshooting ADSL Connection STEPS CORRECTIVE ACTION 1 Check the cable connections between the ADSL port and the wall jack The DSL LED on the front panel of the Prestige should be on 2 Check that your VPI VCI type of encapsulation and type of multiplexing settings are the same as what you collected from your telephone company and ISP 3 Restart the Prestige If you still have problems you may need to verify your VPI VCI type of encapsulation and type of multiplexing settings with the telephone company and ISP A 4 Troubleshooting Prestige 645R A Series User s Guide I cannot get a WAN IP address from the ISP Chart A 10 Troubleshooting WAN Interface STEPS CORRECTIVE ACTION 1 The ISP provides the WAN IP address after authenticating you A
204. t a server rule must be set up inside the NAT address mapping set Please see the section on port forwarding in the chapter on NAT web configurator screens for further information on these menus To configure NAT enter 15 from the main menu to bring up the following screen Menu 15 NAT Setup Address Mapping Sets NAT Server Sets Enter Menu Selection Number Figure 16 3 Menu 15 NAT Setup 16 3 1 Address Mapping Sets Enter 1 to bring up Menu 15 1 Address Mapping Sets Menu 15 1 Address Mapping Sets ACL Default Set SUA read only Enter Menu Selection Number Enter Menu Selection Number Figure 16 4 Menu 15 1 Address Mapping Sets SUA Address Mapping Set Enter 255 to display the next screen see also section 16 1 1 The fields in this menu cannot be changed 16 4 NAT Prestige 645R A Series User s Guide Menu 15 1 255 Address Mapping Rules Set Name SUA Start IP Local End IP Global Start IP Global End IP Server E 3 4 Dis 6 7 8 Die 0 pb Press ENTER to Confirm or ESC to Cancel Figure 16 5 Menu 15 1 255 SUA Address Mapping Rules The following table explains the fields in this menu Menu 15 1 255 is read only Table 16 2 SUA Address Mapping Rules FIELD DESCRIPTION EXAMPLE Set Name This is the name of the set you selected in menu 15 1 or enter SUA the name of a new set you want to create ldx This is the index or rule num
205. t EER RR etie OR eerie e ee Age Seen A 5 AR Remote Node Connection ee dee rte tet ee paci le cre ere eese Boca det repe Ee koe is A 6 Appendix B TE E BI Appendix C PPPoE M C 1 Appendix D Setting up Your Computer s IP Address Leere Ge Ee rete seen eene seen Ge EE Ge sten usen D 1 Appendix E Virtual Circuit Topology 4 creer etes eren ette EE Be Ge eren nete ense BRA EE Ge EE BEG EE Ge EE Be Ge toss etos ES E 1 Appendix F Splitters and Microfilters 4 cresce essere eene eene BEG Ge nenne etas BRA EE Ge setas EE Ge setas etna etna ES F 1 Appendix G Power Adaptor Specifications e ee ee e eee eee eee sees eene enne BEE Bee Be Ee Ee sensns Gee G 1 Appendix H ET E H 1 Table of Contents xi Prestige 645R A Series User s Guide List of Figures Figure 1 1 Interiet Access Application EE eee E RT NEEDS EU ee RENT Reda 1 4 Figure 1 2 LAN to LAN ApplicatOn ees ee ea RA RA enne enne enne erret nennen nennen 1 4 Figure 2 1 Front Panel rtr eda et re dutem en ee 2 1 Figure 222 Rear Panel cette ts 2 2 Figure 3 1 Pass un ME 3 1 Figure 3 2 Web Configurator SITE MAP Screen esse sesse ee se ese ek ee Ge GR nee enne nennen nennen 3 2 Figure 3 3 PaSSWOI reato treo o 3 3 Pisure 4a Wizard Screen ls se OO 4 3 Figure 4 2 Internet Connection with Pbbob enne enne nennen nnne nnns 4
206. t up your Ethernet connection 4 Internet Access Setup A quick and easy way to set up an Internet connection 11 Remote Node Setup Use this menu to set up the Remote Node for LAN to LAN connection including Internet connection 12 Static Routing Setup Use this menu to set up static routes 15 NAT Setup Use this menu to specify inside servers when NAT is enabled 21 Filter Set Configuration Use this menu to set up filters to provide security etc 22 SNMP Configuration Use this menu to set up SNMP related parameters 23 System Password Use this menu to change your password 24 System Maintenance This menu provides system status diagnostics software upload etc 25 IP Routing Policy Setup Use this menu to configure your IP routing policy 26 Schedule Setup Use this menu to schedule outgoing calls 99 Exit Use this to exit from SMT and return to a blank screen 9 4 Introducing the SMT Prestige 645R A Series User s Guide 9 3 Changing the System Password Change the Prestige default password by following the steps shown next Step 1 Enter 23 in the main menu to display Menu 23 System Security as shown next Step 2 Type your existing system password in the Old Password field for example 1234 and press ENTER Menu 23 System Password Old Password New Password Retype to confirm Enter here to CONFIRM or ESC to CANCEL Figure 9 4 Menu 23 System Password Step 3 Type your new system password in the N
207. te Setup esse ese ese ee ee ee ee 14 1 Remote Node Profile ese ee ese ee 13 3 Remote Node Setup 13 1 13 2 Static Routing Topology sss 14 1 Rc eer er f ANT aco eene dei m 223 Remote Node Index Number 19 2 Remote Node Traffic 17 19 SUA ege 6 5 6 6 RE EG SUA Single User Account See NAT See NAT SE SE SE Sibret Mak 4 4 5 3 11 3 13 7 14 3 19 4 RFC 1483 ER 132 Subnet Masks 5 ce ae itt ette B 2 1107 77 MEDECIN 13 2 13 8 B oa ea MEM Be RIP 11 3 13 8 See Routing Information Protocol upporting Direk en xix d Syntax Comventons sse XIX Routing Information Protocol 5 3 HS Slot ae ech 19 6 Direction ie err e eet eres 5 3 Vekon 5 3 Syslog IP Address ee sees ee ee ee ee ee 19 6 Routing Policy EI Ue EC AI gt 1 1 Syslog Servers AN 19 6 EE HE EE System S Console Port Speed 19 5 ET 19 8 Sample IP Addresses EEN 13 9 Log and Trace 19 5 Schedule Sets Syslog and Accounting sss 19 6 Duration a Suede ce tete eto EEE A 22 2 System Information es 19 3 Nein 1 3 System Status eerte 19 1 H 4 Index Prestige 645R A Series User s Guide System Intormaton esse see seke ee ee RA RA 19 3 System Information amp Diagnosis 19 1 System Maintenance 19 1 19 3 19 9 20 2 20 5 20 11 System Management Terminal 9 2 System Status 19 2 T Eeer 17 14 19 9 Telephon
208. ter Move the cursor to the Edit Filter Sets field in menu 11 1 then press SPACE BAR to select Yes Press ENTER to display Menu 11 5 Remote Node Filter Use Menu 11 5 Remote Node Filter to specify the filter set s to apply to the incoming and outgoing traffic between this remote node and the Prestige and also to prevent certain packets from triggering calls You can specify up to 4 filter sets separated by comma for example 1 5 9 12 in each filter field Remote Node Configuration 13 9 Prestige 645R A Series User s Guide Note that spaces are accepted in this field The Prestige has a prepackaged filter set NetBIOS WAN that blocks NetBIOS packets call protocol filter 1 Include this in the call filter sets 1f you want to prevent NetBIOS packets from triggering calls to a remote node Menu 11 5 Remote Node Filter Input Filter Sets protocol filters 11 12 device filters Output Filter Sets protocol filters device filters Enter here to CONFIRM or ESC to CANCEL Figure 13 5 Menu 11 5 Remote Node Filter RFC 1483 or ENET Encapsulation Menu 11 5 Remote Node Filter Input Filter Sets protocol filters 11 12 device filters Output Filter Sets protocol filters device filters Call Filter Sets Protocol filters Device filters Enter here to CONFIRM or ESC to CANCEL Figure 13 6 Menu 11 5 Remote Node Filter PPPoA or PPPoE Encapsulation 13 5 1 Web Configurator Internet Security Fil
209. ter Rules In the web configurator open the Security screen as shown next Select the predefined filter rules and click Apply 13 10 Remote Node Configuration Prestige 645R A Series User s Guide Internet Security Your device provides the following filter rules I Telnet Telnet traffic is blocked from the WAN to the LAN FTP FTP traffic is blocked from the WAN to the LAN CD mm TFTP traffic is blocked from the WAN to the LAN I Web 1 Web traffic is blocked from the WAN to the LAN TC SNMP SNMP traffic is blocked from the WAN T Ping Ping traffic is blocked from the WAN Apply Cancel Figure 13 7 Internet Security Once you apply the filter rules in the web configurator filter sets 11 and 12 are automatically applied in the protocol filters field under Input Filter Sets in SMT menu 11 5 SMT input protocol filter set numbers that were previously applied are erased after you apply the Internet Security filter rules in the web configurator To reapply them or apply new filter sets you need to enter the filter set numbers again along with filter sets 11 and 12 For example to apply filter sets 1 and 2 you enter 1 2 tds 12 13 5 2 Web Configurator Filter Sets When you apply filter rules using the web configurator filter sets 11 and 12 are automatically generated in SMT menu 21 Remote Node Configuration 13 11 Prestige 645R A Series User s Guide Menu 21 Filter Set Co
210. ternet Access Setup ISP s Name MyISP Encapsulation ENET ENCAP Multiplexing LLC based VPI 8 VCI 35 Service Name N A My Login N A My Password N A NAT SUA Only Address Mapping Set N A IP Address Assignment Dynamic IP Address N A ENET ENCAP Gateway N A Press ENTER to Confirm or ESC to Cancel Figure 12 6 Menu 4 Internet Access Setup The following table contains instructions on how to configure your Prestige for Internet access Table 12 2 Menu 4 Internet Access Setup FIELD DESCRIPTION EXAMPLE ISP s Name Enter the name of your Internet Service Provider This MyISP information is for identification purposes only Encapsulation Press SPACE BAR to select the method of encapsulation ENET ENCAP used by your ISP Choices are PPPoE PPPoA RFC 1483 or ENET ENCAP Internet Access 12 5 Prestige 645R A Series User s Guide Table 12 2 Menu 4 Internet Access Setup FIELD DESCRIPTION EXAMPLE Multiplexing Press SPACE BAR to select the method of multiplexing LLC based used by your ISP Choices are VC based or LLC based VPI Enter the Virtual Path Identifier VPI assigned to you 8 VCI Enter the Virtual Channel Identifier VCI assigned to you 35 Service Name Only available when PPPoE encapsulation is used Enter the name of your PPPoE service provider This is the same as Service Name in menu 11 1 My Login Configure the My Login an
211. the value in either field will take 8 digits for example FFFFFFFF To configure a generic rule select an empty filter set in menu 21 for example 6 Select Generic Filter Rule in the Filter Type field and press ENTER to open Menu 21 6 1 Generic Filter Rule as shown in the following figure Menu 21 6 1 Generic Filter Rule Filter 4 6 1 Filter Type Generic Filter Rule Active No Offset 0 Length 0 Mask N A Value N A More No Log None Action Matched Check Next Rule Action Not Matched Check Next Rule Press ENTER to Confirm or ESC to Cancel Press Space Bar to Toggle Figure 17 11 Menu 21 6 1 Generic Filter Rule The next table describes the fields in the Generic Filter Rule menu 17 12 Filter Configuration Prestige 645R A Series User s Guide Table 17 4 Menu 21 6 1 Generic Filter Rule FIELD DESCRIPTION EXAMPLE Filter This is the filter set filter rule coordinates for instance 2 3 refers to the 6 1 second filter set and the third rule of that set Filter Type Press SPACE BAR and then ENTER to select a type of rule Generic Filter Parameters displayed below each type will be different Choices are Rule Generic Filter Rule or TCP IP Filter Rule Active Select Yes to turn on or No to turn off the filter rule No default Offset Type the starting byte of the data portion in the packet that you want to 0 compare The range for this fie
212. tic Route Setup EE SE EE GEE A GR EE HERR RS 15 3 Chapter 16 Network Address Translation NAT esse ee ee eee See eese eese tenete Ee Ee Ee Ee Gee Ge Ee 16 1 61 NAT OVAs 16 1 16 1 1 SUA Single User Account Versus NAT 16 1 16 2 Applying NAT iu oe ee I RET S ie ROT RR Re Le ts 16 1 16 35 NAT Setup diat a Ei aos rr LLL 16 3 16 3 1 Address Mapping Set a seen e e P ee tag Ee eeh EGG d Ce Re EE ge Zei 16 4 16 4 Configuring a Server behind NAT sse eene enne 16 9 16 5 General NAT Examples spes e Ge Eg OE EEN Ee Re ee GEKEER E Ge deeg Ee SEER EE Ge eke GEGEE Ee an 16 11 16 5 1 Example 1 Internet Access Only 16 11 16 5 2 Example 2 Internet Access with an Inside Server 16 13 16 5 3 Example 3 Multiple Public IP Addresses With Inside Servers iese se ee ee ee 16 14 16 5 4 Example 4 NAT Unfriendly Application Programs sese 16 17 Mull Advanced Management V Chapter 17 Filter Configuration esse esse esse see see see see See eee eee enne Bee Se atta statis sins suns ense suse tassa sense suse tns tasa See 17 1 Table of Contents ix Prestige 645R A Series User s Guide 171 About nn eet pe a tut e etu mt ets 17 1 172 Configuring a Ete Set EEN 17 4 17 2 1 Filter Rules Summary Menus sse nennen enne nnne nnns 17 6 17 3 Configuring a Filter Rule ca to bre e d 17 7 1731 POPP Eder RUIS SG eee tice eto tiet ee esee ee sg 17 8 14 32 Generic Filter Ru
213. tically if you do not know your DNS Ha SS need to ask your network administrator for server IP address es Obtain an IP address automatically If you know your DNS server IP address es O Use the following IP address click Use the following DNS server addresses and type them in the Preferred DNS server and Alternate DNS server fields If you have previously configured DNS servers Obtain DNS server address automatically click Advanced and then the DNS tab to order O Use the following DNS server addresses them 8 Click OK to close the Internet Protocol TCP IP Properties window 9 Click OK to close the Local Area Connection Properties window 10 Turn on your Prestige and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories and then Command Prompt 2 Inthe Command Prompt window type ipconfig and then press ENTER You can also open Network Connections right click a network connection click Status and then click the Support tab D 8 Setting up Your Computer s IP Address Prestige 645R A Series User s Guide Macintosh OS 8 9 1 Click the Apple menu Control Panel and double click TCP IP to open the TCP IP Control Panel 2 Select Ethernet built in from the Connect via list L File Edit View Window Special Help About This Computer E Calculator FS Chooser KR Control Panels Favorites J Key Caps Scrapbook Sherlock 2 d Stickies ZC Apple
214. to check the next rule The protocol dependent filter rules abbreviation are listed as follows Table 17 2 Rule Abbreviations Used FILTER TYPE DESCRIPTION IP Pr Protocol SA Source Address SP Source Port Number DA Destination Address DP Destination Port Number GEN Off Offset Len Length 17 3 Configuring a Filter Rule To configure a filter rule type its number in Menu 21 x Filter Rules Summary and press ENTER to open menu 21 x 1 for the rule Filter Configuration 17 7 Prestige 645R A Series User s Guide There are two types of filter rules TCP IP and Generic Depending on the type of rule the parameters for each type will be different Use SPACE BAR to select the type of rule that you want to create in the Filter Type field and press ENTER to open the respective menu To speed up filtering all rules in a filter set must be of the same class for instance protocol filters or generic filters The class of a filter set is determined by the first rule that you create When applying the filter sets to a port separate menu fields are provided for protocol and device filter sets If you include a protocol filter set in a device filters field or vice versa the Prestige will warn you and will not allow you to save 17 3 1 TCP IP Filter Rule This section shows you how to configure a TCP IP filter rule TCP IP rules allow you to base the rule on the fields in th
215. to connect to the Prestige and log in Because TFTP does not have any security checks the Prestige records the IP address of the telnet client and accepts TFTP requests only from this address Step 2 Put the SMT in command interpreter CI mode by entering 8 in Menu 24 System Maintenance Step 3 Enter the command sys stdio 0 to disable the console timeout so the TFTP transfer will not be interrupted Enter command sys stdio 5 to restore the five minute console timeout default when the file transfer is complete Step 4 Launch the TFTP client on your computer and connect to the Prestige Set the transfer mode to binary before starting data transfer Step 5 Use the TFTP client see the example below to transfer files between the Prestige and the computer The file name for the firmware is ras Note that the telnet connection must be active and the Prestige in CI mode before and during the TFTP transfer For details on TFTP commands see following example please consult the documentation of your TFTP client program For UNIX use get to transfer from the Prestige to the computer put the other way around and binary to set binary transfer mode 20 4 6 TFTP Upload Command Example The following is an example TFTP command tftp i host put firmware bin ras DEE where i specifies binary image transfer mode use this mode when transferring binary files host is the Prestige s IP add
216. u lS al 2 aus wok ORE Ee See 16 6 Figure 16 7 Menu 15 1 1 1 Editing Configuring an Individual Rule in a Set 16 8 Figure 16 8 Menu 15 2 NAT Server Setup e ode sace tenete e tere D ELE b egere nee hada eal 16 9 Figure 16 9 Menu 15 2 1 NAT Server Setup 16 10 Figure 16 10 Multiple Servers Behind NAT sample 16 11 Figure 16 11 NAT Example 1 16 12 Figure 16 12 Menu 4 Internet Access amp NAT Example sse 16 12 Figure 16 13 e ENEE 16 13 Figure 16 14 Menu 15 2 1 Specifying an Inside Server 16 13 List of Figures xiii Prestige 645R A Series User s Guide Figure 16 15 NAT Example 3 ss de tee ie chavs o a oen dH tete beum 16 14 Figure 16 16 Example 3 Menu lila ba eoa ad es 16 15 Figure 16 17 Example 3 Menu Sd dd aed pd bati ie p rens 16 16 Figure 6 18 Example 3 Final Menu 15 1 1 e bh baee f b s 16 16 Figure 16 19 NAT Example 4 EE 16 17 Figure 16 20 Example 4 Menu 15 1 1 1 Address Mapping Rule 16 18 Figure 16 21 Example 4 Menu 15 1 1 Address Mapping Rules sesse se se ee RR GRA GR RA RA GR ee ee ee 16 18 Figure 17 1 Outgoing Packet Filtering Process 17 2 Figure 17 2 Filter Rule Process si A e edet ente ideis 17 3 Figure 17 3 Menu 21 Filter Set Configuration sesse see sea ee ee Ge ee Re ee ee ee Re ee Re Ge Re GR Re ee Re nnns 17 4 Figure 17 4 NetBIOS WAN Filter Rules Summary 17 5 Figure 17 5 NetBIOS LAN Filter Rules Summary eese eene enne nne etes 17 5 Figure 17 6 TELNET WAN Filter Ru
217. uide Packet into IP Filter 522 Y Apply SrcAddrMask to Src Addr y o Check Sio p Ad E ERE Matched Matched Y Apply DestAddrMask to Dest Addr Check Deg dB Ad EE E Matched _ Check E lt p Protocol 7 Not Matched ET Matched pa Check Seck Dest Po ios Not Matched Matched Action Matched Check Next Rule y Check Next Rule Action Not Matched Drop Forward Drop Forward Va Drop Packet Nes d Check Next Rule P aL Accept Packet 5 E Figure 17 10 Executing an IP Filter Filter Configuration 17 11 Prestige 645R A Series User s Guide 17 3 2 Generic Filter Rule This section shows you how to configure a generic filter rule The purpose of generic rules is to allow you to filter non IP packets For IP it is generally easier to use the IP rules directly For generic rules the Prestige treats a packet as a byte stream as opposed to an IP packet You specify the portion of the packet to check with the Offset from 0 and the Length fields both in bytes The Prestige applies the Mask bit wise ANDing to the data portion before comparing the result against the Value to determine a match The Mask and Value fields are specified in hexadecimal numbers Note that it takes two hexadecimal digits to represent a byte so if the length is 4
218. user name above Wizard Setup 4 7 Prestige 645R A Series User s Guide Table 4 2 Internet Connection with PPPoE LABEL DESCRIPTION IP Address A static IP address is a fixed IP that your ISP gives you A dynamic IP address is not fixed the ISP assigns you a different one each time you connect to the Internet The Single User Account feature can be used with either a dynamic or static IP address Select Obtain an IP Address Automatically if you have a dynamic IP address otherwise select Static IP Address and type your ISP assigned IP address in the IP Address text box below Connection Select Connect on Demand when you don t want the connection up all the time and specify an idle time out in seconds in the Max Idle Timeout field The default setting selects Connection on Demand with 0 as the idle time out which means the Internet session will not timeout Select Nailed Up Connection when you want your connection up all the time The Prestige will try to bring up the connection automatically if it is disconnected The schedule rule s in SMT menu 26 has priority over your Connection settings Back Click Back to go back to the first wizard screen Finish Click Finish to save the settings and proceed to the next wizard screen 4 10 2 RFC 1483 Select RFC 1483 from the Encapsulation drop down list box in the first wizard screen to display the screen as sho
219. ust be between 1 and 15 a number greater than 15 means the link is down The smaller the number the lower the cost Remote Node Configuration 13 5 Prestige 645R A Series User s Guide The metric sets the priority for the Prestige s routes to the Internet If any two of the default routes have the same metric the Prestige uses the following pre defined priorities 1 Normal route designated by the ISP 2 Traffic redirect route IP Policy Routing overrides the default routing behavior and takes priority over all of the routes mentioned above see the IP Policy Routing chapter For example if the normal route has a metric of 1 and the traffic redirect route has a metric of 2 then the normal route acts as the primary default route If the normal route fails to connect to the Internet the Prestige tries the traffic redirect route next 13 4 Remote Node Network Layer Options For the TCP IP parameters perform the following steps to edit Menu 11 3 Remote Node Network Layer Options as shown next Step 1 In menu 11 1 make sure IP is among the protocols in the Route field Step 2 Move the cursor to the Edit IP Bridge field press SPACE BAR to select Yes then press ENTER to display Menu 11 3 Remote Node Network Layer Options 13 6 Remote Node Configuration Prestige 645R A Series User s Guide Menu 11 3 Remote Node Network Layer Options IP Options Bridge Options IP Address Assi
220. uthentication may be through the user name and password the MAC address or the host name 2 The username and password apply to PPPoE and PPoA encapsulation only Make sure that you have entered the correct Service Type User Name and Password be sure to use the correct casing Refer to the WAN Setup chapter web configurator or the Internet Access chapter SMT A 7 Internet Access I cannot access the Internet Chart A 11 Troubleshooting Internet Access STEPS CORRECTIVE ACTION 1 Make sure the Prestige is turned on and connected to the network 2 If the DSL LED is off refer to Section A 1 3 3 Verify your WAN settings Refer to the WAN Setup chapter web configurator or the nternet Access chapter SMT 4 Make sure you entered the correct user name and password Internet connection disconnects Chart A 12 Troubleshooting Internet Connection STEPS CORRECTIVE ACTION 1 Check the schedule rules Refer to the Call Scheduling chapter SMT 2 If you use PPPoA or PPPoE encapsulation check the idle time out setting Refer to the WAN chapter web configurator or the Remote Node Configuration chapter SMT 3 Contact your ISP Troubleshooting A 5 Prestige 645R A Series User s Guide A 8 Remote Node Connection cannot connect to a remote node or ISP Chart A 13 Troubleshooting Connecting to a Remote Node or ISP STEPS CORRECTIVE ACTION 1 Che
221. ve changes to your configuration Turn on your Prestige and restart your computer if prompted Verifying Settings Check your TCP IP properties in the TCP IP Control Panel window Maci 1 ntosh OS X Click the Apple menu and click System Preferences to open the System Preferences window Grab File Edit Capt About This Mac Get Mac OS X Software System Preferences Dock gt Location gt D 10 Setting up Your Computer s IP Address Prestige 645R A Series User s Guide 2 Click Network in the icon bar eo Network e i A m E e Select Automatic from the Location list E e mE Select Built in Ethernet from the Show list Location Automatic 3 Click the TCP IP tab Show Built in Ethernet m Tee PPPoE H AppleTalk f Proxies Configure Using DHCP r3 Domain Name Servers Optional IP Address 192 168 11 12 168 95 1 1 Provided by DHCP Server Subnet Mask 255 255 254 0 Router 192 168 10 11 Search Domains Optional DHCP Client ID Optional Example apple com earthlink net Ethernet Address 00 05 02 43 93 ff d Click the lock to prevent further changes 3 For dynamically assigned settings select Using DHCP from the Configure list 4 For statically assigned settings do the following From the Configure box select Manually Type your IP address in the IP Address box Type your subnet mask in the Subnet mask box
222. vement to techwriters zyxel com tw or send regular mail to The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road II Science Based Industrial Park Hsinchu 300 Taiwan Thank you XX Preface Prestige 645R A Series User s Guide Introduction to DSL DSL Digital Subscriber Line technology enhances the data capacity of the existing twisted pair wire that runs between the local telephone company switching offices and most homes and offices While the wire itself can handle higher frequencies the telephone switching equipment is designed to cut off signals above 4 000 Hz to filter noise off the voice line but now everybody is searching for ways to get more bandwidth to improve access to the Web hence DSL technologies There are actually seven types of DSL service ranging in speeds from 16 Kbits sec to 52 Mbits sec The services are elther symmetrical traffic flows at the same speed in both directions or asymmetrical the downstream capacity is higher than the upstream capacity Asymmetrical services ADSL are suitable for Internet users because more information is usually downloaded than uploaded For example a simple button click in a web browser can start an extended download that includes graphics and text As data rates increase the carrying distance decreases That means that users who are beyond a certain distance from the telephone company s central office may not be able to obtain the higher speeds A D
223. ving any SNMP RFC 1215 get or set requirements with wrong community password 6 whyReboot defined in ZYXEL A trap is sent with the reason of restart before rebooting MIB when the system is going to restart warm start 6a For intentional reboot A trap is sent with the message System reboot by user if reboot is done intentionally for example download new files Cl command sys reboot etc The following table maps the physical port and encapsulation to the interface type Table 18 3 Ports and Interface Types PHYSICAL PORT ENCAP INTERFACE TYPE LAN port s enetO Wireless port enet1 PPPOE encap pppoe 1483 encap mpoa Ethernet encap enet encap PPPoA ppp 18 4 SNMP Configuration Prestige 645R A Series User s Guide Chapter 19 System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT menus 24 1 to 24 4 and menu 24 8 19 1 System Maintenance Overview These tools include updates on system status port status log and trace capabilities and upgrades for the system software This chapter describes how to use these tools in detail Type 24 in the main menu to open Menu 24 System Maintenance as shown in the following figure Menu 24 System Maintenance System Status System Information and Console Port Speed Log and Trace Diagnostic Backup Configuration Restore Configuration Upload Firmware Command Interp
224. wn Wizard Setup ISP Parameters for Internet Access IP Address bunn Back Finish Figure 4 3 Internet Connection with RFC 1483 4 8 Wizard Setup Prestige 645R A Series User s Guide The following table describes the labels in this screen Table 4 3 Internet Connection with RFC 1483 LABEL DESCRIPTION IP Address Type your ISP assigned IP address in this field Back Click Back to go back to the first wizard screen Finish Click Finish to save the settings and proceed to the next wizard screen 4 10 3 ENET ENCAP Select ENET ENCAP from the Encapsulation drop down list box in the first wizard screen to display the screen as shown Wizard Setup ISP Parameters for Internet Access IP Address e Obtain an IP Address Automtically Static IP Address IP Address 0 0 0 0 ENET ENCAP Gateway 0 0 0 0 Back Finish Figure 4 4 Internet Connection with ENET ENCAP The following table describes the labels in this screen Wizard Setup 4 9 Prestige 645R A Series User s Guide Table 4 4 Internet Connection with ENET ENCAP LABEL DESCRIPTION IP Address A static IP address is a fixed IP that your ISP gives you A dynamic IP address is not fixed the ISP assigns you a different one each time you connect to the Internet The Single User Account feature can be used with either a dynamic or static IP address Select Obtain an IP Address Automatically if you have a dynam
225. work Connections For Windows 2000 NT click Network and Dial up Connections E Control Panel File Edit View Favorites Tools Help e o e 2 JO search Es Folders E Address e Control Panel e Control Panel A e Add Hardware See Also 7 Fonts Game Controllers o Windows Update 3 Y Paint BY Command Prompt Tour Windows XP 8 Internet Explorer 5 Outlook Express Files and Settings Transfer W EE acrobat Reader 4 0 Ei Windows Movie Maker All Programs gt c My Documents 2 My Recent Document e My Pictures A i c My Music c ef My Computer E Control Panel Va Printers and Faxes Q9 Help and Support yo Search 177 Run B Log Off fo Turn OFF Compi untitled Paint Right click Local Area Connection and then click Properties Network Connections File Edit View Favorites Tools Advanced Help Qe S o y yo Search gt Folders EJ Address e Network Connections Network Tasks Create a new connection Set up a home or small office network Disable this network device Aa Repair this connection si Rename this connection View status of this connection LA Change settings of this connection Standard PCI Fast Ethemet Adapte LAN or High Speed Internet a Connection Disable Status Repair Bridge Connections Create Shortcut elete Rename Properties
226. ws the manager to retrieve an object variable from the agent e GetNext Allows the manager to retrieve the next object variable from a table or list within an agent In SNMPvI when a manager wants to retrieve all elements of a table from an agent it initiates a Get operation followed by a series of GetNext operations e Set Allows the manager to set values for object variables within an agent e Trap Used by the agent to inform the manager of some events 18 2 Supported MIBs The Prestige supports RFC 1215 and MIB II as defined in RFC 1213 as well as ZyXEL private MIBs The focus of the MIBs is to let administrators collect statistic data and monitor status and performance 18 3 SNMP Configuration To configure SNMP select option 22 from the main menu to open Menu 22 SNMP Configuration as shown next The community for Get Set and Trap fields is SNMP terminology for password 18 2 SNMP Configuration Prestige 645R A Series User s Guide Menu 22 SNMP Configuration SNMP Get Community public Set Community public Trusted Host 0 0 0 0 Trap Community public Destination 0 0 0 0 Press ENTER to Confirm or ESC to Cancel Figure 18 2 Menu 22 SNMP Configuration The following table describes the SNMP configuration parameters Table 18 1 Menu 22 SNMP Configuration FIELD DESCRIPTION EXAMPLE SNMP Get Community Type the Get Community which is the password for the incoming public Get
227. ynamic DNS General Ethernet Setup Remote Node Profile IP Static Route Setup Edit IP Static Route Address Mapping Sets Address Mapping Rules Address Mapping Rule emm Menu 3 2 Menu 12 3 Menu 12 3 1 Menu 15 2 Bridge Stati it Bric NAT Server Sets IP Alias Setup TCP IP and DHCP ridge ic Edit Bridge Ethernet Setup Menu 11 3 Remote Node Network Route Setup Static Route Layer Options Menu 11 5 Remote Node Filter Menu 11 6 Remote Node ATM Layer Options Schedule Setup IP Routing Policy Setup System Maintenance System Password SNMP Configuration Menu 21 Menu 26 x Menu 25 1 Menu 24 1 Status JE Rouing Pol Menu 24 2 Menu 24 2 1 Menu 24 2 2 System Information and System Maintenance System Maintenance Console Port Speed Information Change Console Port Speed Menu 24 8 Menu 24 3 Menu 24 3 1 Menu 24 3 2 Command Interpreter System Maintenance System Maintenance System Maintenance Mode Log and Trace View Error Log UNIX Syslog Menu 24 7 2 Menu 24 7 1 Menu 24 7 Menu 24 4 System Maintenance System Maintenance System Maintenance System Maintenance Upload System Upload System Firmware Upload Firmware Diagnostic Configuration File Menu 24 6 Menu 24 5 System Maintenance System Maintenance Restore Configuration Backup Configuration Figure 9 2 Prestige 645R A1 SMT Menu Overview 9 2 Navigating the SMT Interface The SMT System Management Terminal is the interfa
Download Pdf Manuals
Related Search