Manual De UsuarioTabla de contenidosP-2602HW(L) Series1P-2602H Series1User’s Guide1Copyright3Certifications4Safety Warnings5ZyXEL Limited Warranty6Customer Support7Table of Contents9List of Figures23List of Tables29Preface35Getting To Know the ZyXEL Device371.1 Introducing the P-2602H(W)(L)-Dx Series371.2 Features381.3 Wireless Features (“W” models only)421.4 Applications for the ZyXEL Device441.4.1 Internet Access441.4.1.1 Internet Single User Account441.4.2 Making Calls via Internet Telephony Service Provider441.4.3 Make Peer-to-peer Calls451.4.4 Firewall for Secure Broadband Internet Access451.4.5 LAN to LAN Application461.4.6 LEDs47Introducing the Web Configurator492.1 Web Configurator Overview492.1.1 Accessing the Web Configurator492.1.2 The RESET Button512.1.2.1 Using The Reset Button512.2 Web Configurator Main Screen522.2.1 Title Bar522.2.2 Navigation Panel532.2.3 Main Window552.2.4 Status Bar55Internet and Wireless Setup Wizard573.1 Introduction573.2 Internet Access Wizard Setup573.2.1 Manual Configuration593.3 Wireless Connection Wizard Setup65VoIP Wizard And Example714.1 Introduction714.2 VoIP Wizard Setup71Bandwidth Management Wizard775.1 Introduction775.2 Predefined Media Bandwidth Management Services775.3 Bandwidth Management Wizard Setup78Status Screens836.2 Any IP Table866.3 WLAN Status (“W” models only)876.4 Packet Statistics876.5 VoIP Statistics89WAN Setup937.1.1 Encapsulation937.1.1.1 ENET ENCAP937.1.1.2 PPP over Ethernet937.1.1.3 PPPoA947.1.1.4 RFC 1483947.1.2 Multiplexing947.1.2.1 VC-based Multiplexing947.1.2.2 LLC-based Multiplexing947.1.3 VPI and VCI947.1.4 IP Address Assignment957.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulation957.1.4.2 IP Assignment with RFC 1483 Encapsulation957.1.4.3 IP Assignment with ENET ENCAP Encapsulation957.1.5 Nailed-Up Connection (PPP)957.1.6 NAT957.2 Metric967.3 Traffic Shaping967.3.1 ATM Traffic Classes977.3.1.1 Constant Bit Rate (CBR)977.3.1.2 Variable Bit Rate (VBR)977.3.1.3 Unspecified Bit Rate (UBR)987.4 Zero Configuration Internet Access98LAN Setup1078.1.1 LANs, WANs and the ZyXEL Device1078.1.2 DHCP Setup1088.1.2.1 IP Pool Setup1088.1.3 DNS Server Address1088.1.4 DNS Server Address Assignment1098.2 LAN TCP/IP1098.2.1 IP Address and Subnet Mask1098.2.1.1 Private IP Addresses1108.2.2 RIP Setup1108.2.3 Multicast1118.2.4 Any IP1118.2.4.1 How Any IP Works112Wireless LAN1219.1 Wireless Network Overview1219.2 Wireless Security Overview1229.2.1 SSID1229.2.2 MAC Address Filter1229.2.3 User Authentication1239.2.4 Encryption1239.2.5 One-Touch Intelligent Security Technology (OTIST)1249.3 Wireless Performance Overview1249.3.1 Quality of Service (QoS)1249.4 Additional Wireless Terms1259.5.1 No Security1269.5.2 WEP Encryption Screen1279.5.3 WPA(2)-PSK1289.5.4 WPA(2) Authentication Screen1309.6.1 Notes on OTIST135Network Address Translation (NAT) Screens14110.1.1 NAT Definitions14110.1.2 What NAT Does14210.1.3 How NAT Works14210.1.4 NAT Application14310.1.5 NAT Mapping Types14310.2 SUA (Single User Account) Versus NAT14410.4 Port Forwarding14510.4.1 Default Server IP Address14610.4.2 Port Forwarding: Services and Port Numbers14610.4.3 Configuring Servers Behind Port Forwarding (Example)146Voice15111.1 Introduction to VoIP15111.2 SIP15111.2.1 SIP Identities15111.2.1.1 SIP Number15111.2.1.2 SIP Service Domain15211.2.2 SIP Call Progression15211.2.3 SIP Servers15211.2.3.1 SIP User Agent15311.2.3.2 SIP Proxy Server15311.2.3.3 SIP Redirect Server15411.2.3.4 SIP Register Server15411.3.1 RTP15611.4 Pulse Code Modulation15611.5 Voice Coding15611.5.1 G.71115611.5.2 G.72915611.6 PSTN Call Setup Signaling15711.7 MWI (Message Waiting Indication)15711.8 Custom Tones (IVR)15711.8.0.1 Recording Custom Tones15711.8.0.2 Listening to Custom Tones15811.8.0.3 Deleting Custom Tones15811.10 Quality of Service (QoS)16211.10.1 Type Of Service (ToS)16211.10.2 DiffServ16211.10.2.1 DSCP and Per-Hop Behavior16211.10.3 VLAN16311.11 Phone16411.12 PSTN Line (“L” models only)16411.12.1 Voice Activity Detection/Silence Suppression16411.12.2 Comfort Noise Generation16411.12.3 Echo Cancellation16411.15 Supplementary Phone Services Overview16811.15.1 The Flash Key16811.15.2 Europe Type Supplementary Phone Services16811.15.2.1 European Call Hold16911.15.2.2 European Call Waiting16911.15.2.3 European Call Transfer16911.15.2.4 European Three-Way Conference17011.15.3 USA Type Supplementary Services17011.15.3.1 USA Call Hold17011.15.3.2 USA Call Waiting17111.15.3.3 USA Call Transfer17111.15.3.4 USA Three-Way Conference17111.17 Speed Dial17211.17.1 Peer-to-Peer Calls172Phone Usage17912.1 Dialing a Telephone Number17912.2 Using Speed Dial to Dial a Telephone Number17912.3 Internal Calls17912.4 Checking the Device’s IP Address17912.5 Auto Firmware Upgrade180Firewalls18113.2 Types of Firewalls18113.2.1 Packet Filtering Firewalls18113.2.2 Application-level Firewalls18213.2.3 Stateful Inspection Firewalls18213.3 Introduction to ZyXEL’s Firewall18213.3.1 Denial of Service Attacks18313.4 Denial of Service18313.4.1 Basics18313.4.2 Types of DoS Attacks18413.4.2.1 ICMP Vulnerability18613.4.2.2 Illegal Commands (NetBIOS and SMTP)18613.4.2.3 Traceroute18713.5 Stateful Inspection18713.5.1 Stateful Inspection Process18813.5.2 Stateful Inspection on Your ZyXEL Device18813.5.3 TCP Security18913.5.4 UDP/ICMP Security18913.5.5 Upper Layer Protocols19013.6 Guidelines for Enhancing Security with Your Firewall19013.6.1 Security In General19013.7 Packet Filtering Vs Firewall19113.7.1 Packet Filtering:19113.7.1.1 When To Use Filtering19213.7.2 Firewall19213.7.2.1 When To Use The Firewall192Firewall Configuration19314.1 Access Methods19314.2 Firewall Policies Overview19314.3 Rule Logic Overview19414.3.1 Rule Checklist19414.3.2 Security Ramifications19414.3.3 Key Fields For Configuring Rules19514.3.3.1 Action19514.3.3.2 Service19514.3.3.3 Source Address19514.3.3.4 Destination Address19514.4 Connection Direction19514.4.1 LAN to WAN Rules19614.4.2 Alerts19614.7 Example Firewall Rule20314.8.1 Threshold Values20714.8.2 Half-Open Sessions20814.8.2.1 TCP Maximum Incomplete and Blocking Time208Content Filtering211Introduction to IPSec21516.1 VPN Overview21516.1.1 IPSec21516.1.2 Security Association21516.1.3 Other Terminology21516.1.3.1 Encryption21516.1.3.2 Data Confidentiality21616.1.3.3 Data Integrity21616.1.3.4 Data Origin Authentication21616.1.4 VPN Applications21616.2 IPSec Architecture21616.2.1 IPSec Algorithms21716.2.2 Key Management21716.3 Encapsulation21716.3.1 Transport Mode21816.3.2 Tunnel Mode21816.4 IPSec and NAT218VPN Screens22117.1 VPN/IPSec Overview22117.2 IPSec Algorithms22117.2.1 AH (Authentication Header) Protocol22117.2.2 ESP (Encapsulating Security Payload) Protocol22117.3 My IP Address22217.4 Secure Gateway Address22317.4.1 Dynamic Secure Gateway Address22317.6 Keep Alive22517.7 VPN, NAT, and NAT Traversal22617.8 Remote DNS Server22717.9 ID Type and Content22717.9.1 ID Type and Content Examples22917.10 Pre-Shared Key22917.12 IKE Phases23417.12.1 Negotiation Mode23517.12.2 Diffie-Hellman (DH) Key Groups23617.12.3 Perfect Forward Secrecy (PFS)23617.14 Manual Key Setup23917.14.1 Security Parameter Index (SPI)23917.18 Telecommuter VPN/IPSec Examples24417.18.1 Telecommuters Sharing One VPN Rule Example24417.18.2 Telecommuters Using Unique VPN Rules Example24517.19 VPN and Remote Management247Static Route249Bandwidth Management25319.2 Application-based Bandwidth Management25319.3 Subnet-based Bandwidth Management25319.4 Application and Subnet-based Bandwidth Management25419.5 Scheduler25419.5.1 Priority-based Scheduler25419.5.2 Fairness-based Scheduler25519.6 Maximize Bandwidth Usage25519.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic25519.6.2 Maximize Bandwidth Usage Example25619.6.2.1 Priority-based Allotment of Unused and Unbudgeted Bandwidth25619.6.2.2 Fairness-based Allotment of Unused and Unbudgeted Bandwidth25719.6.3 Bandwidth Management Priorities257Dynamic DNS Setup26320.1.1 DYNDNS Wildcard263Remote Management Configuration26721.1.1 Remote Management Limitations26721.1.2 Remote Management and NAT26821.1.3 System Timeout26821.3 Telnet26921.6.1 Supported MIBs27221.6.2 SNMP Traps273Universal Plug-and-Play (UPnP)27722.1.1 How do I know if I'm using UPnP?27722.1.2 NAT Traversal27722.1.3 Cautions with UPnP27822.2 UPnP and ZyXEL27822.3 Installing UPnP in Windows Example27922.4 Using UPnP in Windows XP Example282System28923.1 General Setup and System Name289Logs29524.1.1 Alerts and Logs29524.4 SMTP Error Messages29924.4.1 Example E-mail Log299Tools30125.1 Introduction30125.2 Filename Conventions30125.3 File Maintenance Over WAN30225.5.1 Backup Configuration30525.5.2 Restore Configuration30525.5.3 Reset to Factory Defaults30725.7 Using FTP or TFTP to Back Up Configuration30825.7.1 Using the FTP Commands to Back Up Configuration30825.7.2 FTP Command Configuration Backup Example30825.7.3 Configuration Backup Using GUI-based FTP Clients30925.7.4 Backup Configuration Using TFTP30925.7.5 TFTP Command Configuration Backup Example31025.7.6 Configuration Backup Using GUI-based TFTP Clients31025.8 Using FTP or TFTP to Restore Configuration31025.8.1 Restore Using FTP Session Example31125.9 FTP and TFTP Firmware and Configuration File Uploads31125.9.1 FTP File Upload Command from the DOS Prompt Example31125.9.2 FTP Session Example of Firmware File Upload31225.9.3 TFTP File Upload31225.9.4 TFTP Upload Command Example313Diagnostic315Troubleshooting31927.1 Problems Starting Up the ZyXEL Device31927.2 Problems with the LAN31927.3 Problems with the WAN32027.4 Problems Accessing the ZyXEL Device32127.4.1 Pop-up Windows, JavaScripts and Java Permissions32127.4.1.1 Internet Explorer Pop-up Blockers32227.4.1.2 JavaScripts32527.4.1.3 Java Permissions32727.5 Telephone Problems32927.6 Problems With Multiple SIP Accounts33027.6.1 Outgoing Calls33027.6.2 Incoming Calls331Product Specifications333Splitters and Microfilters339Setting up Your Computer’s IP Address341IP Addresses and Subnetting353Wireless LANs361Services371Firewall Commands375Triangle Route377Log Descriptions381Command Interpreter393Internal SPTGEN395Index421A421B421C421D422E422F422G423H423I423J424K424L424M424N424O424P425Q425R425S426T426U427V427W427Z427Tamaño: 10 MBPáginas: 427Language: EnglishManuales abiertas