ユーザーズマニュアル目次Copyright3Federal Communications Commission (FCC) Interference Statement4Information for Canadian Users5ZyXEL Limited Warranty7Customer Support8Table of Contents10List of Figures22List of Tables28Preface32Getting to Know Your Prestige35Prestige Internet Security Gateway Overview35Prestige Features35Physical Features35Non-Physical Features36Applications for the Prestige39Secure Broadband Internet Access via Cable or DSL Modem40VPN Application40Internet Access Application41Introducing the Web Configurator43Web Configurator Overview43Accessing the Prestige Web Configurator43Resetting the Prestige44Procedure To Use The Reset Button44Navigation Panel45Wizard Setup49Wizard Setup Overview49Wizard Setup: General Setup and System Name49Domain Name49Wizard Setup: Screen 250Wizard Setup: Screen 351Wizard Setup: Screen 453Ethernet53PPPoE Encapsulation55PPTP Encapsulation57Wizard Setup: Screen 558WAN IP Address Assignment58IP Address and Subnet Mask59DNS Server Address Assignment59WAN MAC Address60Basic Setup Complete62Media Bandwidth Management Setup65Media Bandwidth Management Setup Overview65Media Bandwidth Management Setup 165Media Bandwidth Management Setup 266Media Bandwidth Management Setup 3:67Media Bandwidth Management Setup Complete68System Screens71System Overview71Configuring General Setup71Dynamic DNS73DynDNS Wildcard73Configuring Dynamic DNS73Configuring Password75Configuring Time Zone76LAN Screens79LAN Overview79DHCP Setup79IP Pool Setup79System DNS Servers79LAN TCP/IP79Factory LAN Defaults79IP Address and Subnet Mask80RIP Setup80Multicast80Any IP81How Any IP Works82Configuring IP82Configuring Static DHCP86Configuring IP Alias87Wireless Configuration and Roaming89Wireless LAN Overview89IBSS89BSS89ESS90Wireless LAN Basics91RTS/CTS91Fragmentation Threshold92Configuring Wireless93Configuring Roaming94Requirements for Roaming96Wireless Security99Wireless Security Overview99Security Parameters Summary101WEP Overview102Data Encryption102Authentication102Preamble Type104Configuring WEP Encryption104Introduction to WPA106User Authentication107Encryption107WPA-PSK Application Example107Configuring WPA-PSK Authentication108Wireless Client WPA Supplicants111WPA with RADIUS Application Example111Configuring WPA Authentication112802.1x Overview114Dynamic WEP Key Exchange115Configuring 802.1x and Dynamic WEP Key Exchange115Configuring 802.1x and Static WEP Key Exchange117Configuring 802.1x121MAC Filter123Introduction to Local User Database125Configuring Local User Database126Introduction to RADIUS127EAP Authentication Overview128Configuring RADIUS129WAN Screens131WAN Overview131TCP/IP Priority (Metric)131Configuring Route131Configuring WAN ISP132Ethernet Encapsulation132PPPoE Encapsulation134PPTP Encapsulation136Configuring WAN IP137Configuring WAN MAC141Traffic Redirect142Configuring Traffic Redirect143Network Address Translation (NAT) Screens147NAT Overview147NAT Definitions147What NAT Does148How NAT Works148NAT Application149NAT Mapping Types150Using NAT152SUA (Single User Account) Versus NAT152SUA Server152Port Forwarding: Services and Port Numbers152Configuring Servers Behind SUA (Example)153Configuring SUA Server154Configuring Address Mapping156Trigger Port Forwarding159Trigger Port Forwarding Example160Two Points To Remember About Trigger Ports160Configuring Trigger Port Forwarding160Static Route Screens163Static Route Overview163Configuring IP Static Route163Configuring Route Entry164UPnP169Universal Plug and Play Overview169How Do I Know If I'm Using UPnP?169NAT Traversal169Cautions with UPnP170UPnP and ZyXEL170Configuring UPnP170Installing UPnP in Windows Example172Installing UPnP in Windows Me172Installing UPnP in Windows XP172Using UPnP in Windows XP Example174Auto-discover Your UPnP-enabled Network Device174Web Configurator Easy Access176Firewall179Introduction179Guidelines For Enhancing Security With Your Firewall180Firewall Settings Screen181The Firewall, NAT and Remote Management183LAN-to-WAN rules183WAN-to-LAN rules183Configuring Content Filtering184Services186Remote Management Screens191Remote Management Overview191Remote Management Limitations192Remote Management and NAT192System Timeout192Configuring WWW192Configuring Telnet194Configuring TELNET194Configuring FTP196SNMP197Supported MIBs199SNMP Traps199Configuring SNMP200Configuring DNS201Configuring Security203Introduction to IPSec205VPN Overview205IPSec205Security Association205Other Terminology205VPN Applications206IPSec Architecture207IPSec Algorithms207Key Management208Encapsulation208Transport Mode208Tunnel Mode208IPSec and NAT209VPN Screens211VPN/IPSec Overview211IPSec Algorithms211AH (Authentication Header) Protocol211ESP (Encapsulating Security Payload) Protocol212My IP Address212Secure Gateway Address212Dynamic Secure Gateway Address213Summary Screen213Keep Alive215NAT Traversal216NAT Traversal Configuration216Remote DNS Server217ID Type and Content218ID Type and Content Examples219Pre-Shared Key220Editing VPN Rules220IKE Phases225Negotiation Mode227Diffie-Hellman (DH) Key Groups227Perfect Forward Secrecy (PFS)228Configuring Advanced IKE Settings228Manual Key Setup235Security Parameter Index (SPI)235Configuring Manual Key236Viewing SA Monitor240Configuring Global Setting242Telecommuter VPN/IPSec Examples243Telecommuters Sharing One VPN Rule Example243Telecommuters Using Unique VPN Rules Example244VPN and Remote Management246Introducing the SMT283SMT Introduction283Procedure for SMT Configuration via Console Port283Procedure for SMT Configuration via Telnet283Entering Password283Prestige SMT Menu Overview284Navigating the SMT Interface285System Management Terminal Interface Summary287Changing the System Password288Menu 1 General Setup289General Setup289Procedure To Configure Menu 1289Procedure to Configure Dynamic DNS291Menu 2 WAN Setup295Introduction to WAN295WAN Setup295Menu 3 LAN Setup297LAN Setup297General Ethernet Setup297Protocol Dependent Ethernet Setup298TCP/IP Ethernet Setup and DHCP298IP Alias Setup300Wireless LAN Setup302Configuring MAC Address Filter305Configuring Roaming on the Prestige307Internet Access309Introduction to Internet Access Setup309Ethernet Encapsulation309Configuring the PPTP Client311Configuring the PPPoE Client312Basic Setup Complete313Remote Node Configuration315Introduction to Remote Node Setup315Remote Node Profile Setup315Ethernet Encapsulation315PPPoE Encapsulation318PPTP Encapsulation320Edit IP321Remote Node Filter323Traffic Redirect Setup324Static Route Setup327IP Static Route Setup327Dial-in User Setup331Dial-in User Setup331Network Address Translation (NAT)333Using NAT333SUA (Single User Account) Versus NAT333Applying NAT333NAT Setup335Address Mapping Sets336Configuring a Server behind NAT341General NAT Examples342Example 1: Internet Access Only342Example 2: Internet Access with an Inside Server343Example 3: Multiple Public IP Addresses With Inside Servers344Example 4: NAT Unfriendly Application Programs348Configuring Trigger Port Forwarding350Enabling the Firewall353Remote Management and the Firewall353Access Methods353Enabling the Firewall353Filter Configuration357Introduction to Filters357The Filter Structure of the Prestige358Configuring a Filter Set360Configuring a Filter Rule362Configuring a TCP/IP Filter Rule362Configuring a Generic Filter Rule367Example Filter369Filter Types and NAT371Firewall Versus Filters372Applying a Filter372Applying LAN Filters373Applying Remote Node Filters373SNMP Configuration375About SNMP375Supported MIBs376SNMP Configuration376SNMP Traps378System Security379System Security379System Password379Configuring External RADIUS Server379802.1x381System Information and Diagnosis385System Status385System Information387System Information387Console Port Speed388Log and Trace389Syslog Logging389Call-Triggering Packet392Diagnostic393WAN DHCP394Firmware and Configuration File Maintenance397Filename Conventions397Backup Configuration398Backup Configuration399Using the FTP Command from the Command Line399Example of FTP Commands from the Command Line400GUI-based FTP Clients400TFTP and FTP over WAN Management Limitations400Backup Configuration Using TFTP401TFTP Command Example401GUI-based TFTP Clients402Restore Configuration402Restore Using FTP403Restore Using FTP Session Example404Uploading Firmware and Configuration Files404Firmware File Upload404Configuration File Upload405FTP File Upload Command from the DOS Prompt Example406FTP Session Example of Firmware File Upload406TFTP File Upload406TFTP Upload Command Example407System Maintenance409Command Interpreter Mode409Command Syntax409Command Usage410Call Control Support410Budget Management411Call History412Time and Date Setting412Resetting the Time414Remote Management417Remote Management417Remote Management Limitations418Call Scheduling419Introduction to Call Scheduling419VPN/IPSec Setup425VPN/IPSec Overview425IPSec Summary Screen426IPSec Setup429IKE Setup434Manual Setup437Active Protocol437Security Parameter Index (SPI)437SA Monitor441SA Monitor Overview441Using SA Monitor441PPPoE445PPTP449NetBIOS Filter Commands453Log Descriptions457Setting up Your Computer’s IP Address461Wireless LAN and IEEE 802.11475Wireless LAN With IEEE 802.1x479Types of EAP Authentication481Antenna Selection and Positioning Recommendation483Brute-Force Password Guessing Protection485Triangle Route487Index491Centralized Logs249View Log249Log Settings250Media Bandwidth Management255Bandwidth Management Overview255Application-based Bandwidth Management Example255Subnet-based Bandwidth Management Example256Application and Subnet-based Bandwidth Management Example256Bandwidth Usage Example257Bandwidth Management Priorities258Bandwidth Management Services259Services260Configuration Screen262Editing Bandwidth Management Rules265Bandwidth Borrowing265Configuring Bandwidth Management Rules and Services265Monitor Screen267Maintenance269Maintenance Overview269Status Screen269System Statistics270DHCP Table Screen272Any IP Table273Association List273F/W Upload Screen274Configuration Screen276Backup Configuration277Restore Configuration277Back to Factory Defaults279Restart Screen279サイズ: 13.1MBページ数: 496Language: Englishマニュアルを開く
