ユーザーズマニュアル (91-004-370001)目次P660H/HW1Copyright3Federal Communications Commission (FCC) Interference Statement4ZyXEL Limited Warranty5Customer Support6Table of Contents7List of Figures23List of Tables31Preface37Introduction to DSL391. Getting To Know Your Prestige411.1 Introducing the Prestige411.1.1 Features of the Prestige421.1.2 Applications for the Prestige471.1.2.1 Internet Access471.1.3 Firewall for Secure Broadband Internet Access481.1.3.1 LAN to LAN Application481.1.4 Prestige Hardware Installation and Connection482. Introducing the Web Configurator492.1 Web Configurator Overview492.1.1 Accessing the Prestige Web Configurator492.1.2 Resetting the Prestige502.1.2.1 Using the Reset Button502.1.3 Navigating the Prestige Web Configurator513. Wizard Setup for Internet Access553.1 Introduction553.1.1 Encapsulation553.1.1.1 ENET ENCAP553.1.1.2 PPP over Ethernet553.1.1.3 PPPoA553.1.1.4 RFC 1483563.1.2 Multiplexing563.1.2.1 VC-based Multiplexing563.1.2.2 LLC-based Multiplexing563.1.3 VPI and VCI563.1.4 Internet Access Wizard Setup: First Screen563.2 IP Address and Subnet Mask573.2.1 IP Address Assignment583.2.1.1 IP Assignment with PPPoA or PPPoE Encapsulation583.2.1.2 IP Assignment with RFC 1483 Encapsulation583.2.1.3 IP Assignment with ENET ENCAP Encapsulation583.2.1.4 Private IP Addresses593.2.2 Nailed-Up Connection (PPP)593.2.3 NAT593.2.4 Internet Access Wizard Setup: Second Screen593.2.5 DHCP Setup633.2.5.1 IP Pool Setup633.2.6 Internet Access Wizard Setup: Third Screen633.2.7 Internet Access Wizard Setup: Connection Test653.2.7.1 Test Your Internet Connection664. Wizard Setup for Media Bandwidth Management674.1 Introduction674.1.1 Predefined Media Bandwidth Management Services674.2 Media Bandwidth Management Setup: First Screen684.3 Media Bandwidth Mgnt. Wizard Setup: Second Screen694.4 Media Bandwidth Mgnt. Wizard Setup: Finish705. Password Setup715.1 Password Overview715.1.1 Configuring Password716. LAN Setup736.1 LAN Overview736.1.1 LANs, WANs and the Prestige736.2 DNS Server Address746.3 DNS Server Address Assignment746.4 LAN TCP/IP756.4.1 Factory LAN Defaults756.4.2 IP Address and Subnet Mask756.4.3 RIP Setup756.4.4 Multicast766.5 Any IP766.5.1 How Any IP Works776.6 Configuring LAN786.7 Configuring Static DHCP797. Wireless LAN Setup817.1 Introduction817.1.1 Additional Installation Requirements for Using 802.1x817.1.2 Channel817.1.3 ESS ID817.1.4 RTS/CTS827.1.5 Fragmentation Threshold837.2 Levels of Security837.3 Data Encryption with WEP847.4 Configuring Wireless LAN847.5 Configuring MAC Filter867.6 Network Authentication887.6.1 EAP887.6.1.1 RADIUS887.6.1.2 Types of RADIUS Messages897.6.2 EAP Authentication Overview897.7 Introduction to WPA907.7.1 User Authentication907.7.2 Encryption907.8 WPA-PSK Application Example917.9 WPA with RADIUS Application Example927.10 Security Parameters Summary937.11 Wireless Client WPA Supplicants947.12 Configuring 802.1x and WPA947.12.1 Authentication Required: 802.1x957.12.2 Authentication Required: WPA967.12.3 Authentication Required: WPA-PSK987.13 Configuring Local User Authentication997.14 Configuring RADIUS1007.15 OTIST1017.15.1 Activating OTIST1028. WAN Setup1058.1 WAN Overview1058.2 Metric1058.3 PPPoE Encapsulation1068.4 Traffic Shaping1068.5 Zero Configuration Internet Access1078.6 Configuring WAN Setup1078.7 Traffic Redirect1108.8 Configuring WAN Backup1119. Network Address Translation (NAT) Screens1159.1 NAT Overview1159.1.1 NAT Definitions1159.1.2 What NAT Does1169.1.3 How NAT Works1169.1.4 NAT Application1179.1.5 NAT Mapping Types1189.2 SUA (Single User Account) Versus NAT1199.3 SUA Server1199.3.1 Default Server IP Address1199.3.2 Port Forwarding: Services and Port Numbers1199.3.3 Configuring Servers Behind SUA (Example)1209.4 Selecting the NAT Mode1209.5 Configuring SUA Server1219.6 Configuring Address Mapping1239.7 Editing an Address Mapping Rule12410. Dynamic DNS Setup12710.1 Dynamic DNS12710.1.1 DYNDNS Wildcard12710.2 Configuring Dynamic DNS12711. Time and Date12911.1 Configuring Time and Date12912. Firewalls13112.1 Firewall Overview13112.2 Types of Firewalls13112.2.1 Packet Filtering Firewalls13112.2.2 Application-level Firewalls13112.2.3 Stateful Inspection Firewalls13212.3 Introduction to ZyXEL’s Firewall13212.3.1 Denial of Service Attacks13312.4 Denial of Service13312.4.1 Basics13312.4.2 Types of DoS Attacks13412.4.2.1 ICMP Vulnerability13612.4.2.2 Illegal Commands (NetBIOS and SMTP)13612.4.2.3 Traceroute13712.5 Stateful Inspection13712.5.1 Stateful Inspection Process13812.5.2 Stateful Inspection and the Prestige13912.5.3 TCP Security13912.5.4 UDP/ICMP Security14012.5.5 Upper Layer Protocols14012.6 Guidelines for Enhancing Security with Your Firewall14012.6.1 Security In General14112.7 Packet Filtering Vs Firewall14212.7.1 Packet Filtering:14212.7.1.1 When To Use Filtering14212.7.2 Firewall14212.7.2.1 When To Use The Firewall14213. Firewall Configuration14513.1 Access Methods14513.2 Firewall Policies Overview14513.3 Rule Logic Overview14613.3.1 Rule Checklist14613.3.2 Security Ramifications14613.3.3 Key Fields For Configuring Rules14713.3.3.1 Action14713.3.3.2 Service14713.3.3.3 Source Address14713.3.3.4 Destination Address14713.4 Connection Direction Example14713.4.1 LAN to WAN Rules14813.4.2 WAN to LAN Rules14813.4.3 Alerts14913.5 Configuring Basic Firewall Settings14913.6 Rule Summary15013.6.1 Configuring Firewall Rules15213.7 Customized Services15513.8 Creating/Editing A Customized Service15513.9 Example Firewall Rule15613.10 Predefined Services16013.11 Anti-Probing16213.12 Configuring Attack Alert16313.12.1 Threshold Values16413.12.2 Half-Open Sessions16413.12.2.1 TCP Maximum Incomplete and Blocking Time16414. Content Filtering16714.1 Content Filtering Overview16714.2 Configuring Keyword Blocking16714.3 Configuring the Schedule16814.4 Configuring Trusted Computers16915. Remote Management Configuration17115.1 Remote Management Overview17115.1.1 Remote Management Limitations17115.1.2 Remote Management and NAT17215.1.3 System Timeout17215.2 Telnet17215.3 FTP17215.4 Web17315.5 Configuring Remote Management17316. Universal Plug-and-Play (UPnP)17516.1 Introducing Universal Plug and Play17516.1.1 How do I know if I'm using UPnP?17516.1.2 NAT Traversal17516.1.3 Cautions with UPnP17516.2 UPnP and ZyXEL17616.2.1 Configuring UPnP17616.3 Installing UPnP in Windows Example17716.4 Using UPnP in Windows XP Example18117. Logs Screens18917.1 Logs Overview18917.1.1 Alerts and Logs18917.2 Configuring Log Settings18917.3 Displaying the Logs19117.4 SMTP Error Messages19217.4.1 Example E-mail Log19318. Media Bandwidth Management Advanced Setup19518.1 Bandwidth Management Advanced Setup Overview19518.2 Bandwidth Classes and Filters19518.3 Proportional Bandwidth Allocation19618.4 Bandwidth Management Usage Examples19618.4.1 Application-based Bandwidth Management Example19618.4.2 Subnet-based Bandwidth Management Example19618.4.3 Application and Subnet-based Bandwidth Management Example19718.5 Scheduler19818.5.1 Priority-based Scheduler19818.5.2 Fairness-based Scheduler19818.6 Maximize Bandwidth Usage19818.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic19818.6.2 Maximize Bandwidth Usage Example19918.7 Bandwidth Borrowing20018.7.1 Bandwidth Borrowing Example20018.7.2 Maximize Bandwidth Usage With Bandwidth Borrowing20118.8 Configuring Summary20118.9 Configuring Class Setup20318.9.1 Media Bandwidth Management Class Configuration20418.9.2 Media Bandwidth Management Statistics20618.10 Bandwidth Monitor20719. Maintenance20919.1 Maintenance Overview20919.2 System Status Screen20919.2.1 System Statistics21119.3 DHCP Table Screen21319.4 Any IP Table Screen21419.5 Wireless Screen21419.5.1 Association List21419.6 Diagnostic Screens21519.6.1 Diagnostic General Screen21519.6.2 Diagnostic DSL Line Screen21619.7 Firmware Screen21820. Introducing the SMT22120.1 SMT Introduction22120.1.1 Procedure for SMT Configuration via Telnet22120.1.2 Entering Password22120.1.3 Prestige SMT Menu Overview22220.2 Navigating the SMT Interface22220.2.1 System Management Terminal Interface Summary22420.3 Changing the System Password22421. Menu 1 General Setup22721.1 General Setup22721.2 Procedure To Configure Menu 122721.2.1 Procedure to Configure Dynamic DNS22822. Menu 2 WAN Backup Setup23122.1 Introduction to WAN Backup Setup23122.2 Configuring Dial Backup in Menu 223122.2.1 Traffic Redirect Setup23223. Menu 3 LAN Setup23523.1 LAN Setup23523.1.1 General Ethernet Setup23523.2 Protocol Dependent Ethernet Setup23623.3 CP/IP Ethernet Setup and DHCP23624. Wireless LAN Setup23924.1 Wireless LAN Overview23924.2 Wireless LAN Setup23924.2.1 Wireless LAN MAC Address Filter24025. Internet Access24325.1 Internet Access Overview24325.2 IP Policies24325.3 IP Alias24325.4 IP Alias Setup24425.5 Route IP Setup24525.6 Internet Access Configuration24626. Remote Node Configuration24926.1 Remote Node Setup Overview24926.2 Remote Node Setup24926.2.1 Remote Node Profile24926.2.2 Encapsulation and Multiplexing Scenarios25026.2.2.1 Scenario 1: One VC, Multiple Protocols25026.2.2.2 Scenario 2: One VC, One Protocol (IP)25026.2.2.3 Scenario 3: Multiple VCs25026.2.3 Outgoing Authentication Protocol25226.3 Remote Node Network Layer Options25326.3.1 My WAN Addr Sample IP Addresses25426.4 Remote Node Filter25526.5 Editing ATM Layer Options25626.5.1 VC-based Multiplexing (non-PPP Encapsulation)25626.5.2 LLC-based Multiplexing or PPP Encapsulation25626.5.3 Advance Setup Options25727. Static Route Setup25927.1 IP Static Route Overview25927.2 Configuration25928. Bridging Setup26328.1 Bridging in General26328.2 Bridge Ethernet Setup26328.2.1 Remote Node Bridging Setup26328.2.2 Bridge Static Route Setup26529. Network Address Translation (NAT)26729.1 Using NAT26729.1.1 SUA (Single User Account) Versus NAT26729.2 Applying NAT26729.3 NAT Setup26929.3.1 Address Mapping Sets26929.3.1.1 SUA Address Mapping Set27029.3.1.2 User-Defined Address Mapping Sets27129.3.1.3 Ordering Your Rules27229.4 Configuring a Server behind NAT27329.5 General NAT Examples27429.5.1 Example 1: Internet Access Only27529.5.2 Example 2: Internet Access with an Inside Server27529.5.3 Example 3: Multiple Public IP Addresses With Inside Servers27629.5.4 Example 4: NAT Unfriendly Application Programs28030. Enabling the Firewall28330.1 Remote Management and the Firewall28330.2 Access Methods28330.3 Enabling the Firewall28331. Filter Configuration28531.1 About Filtering28531.1.1 The Filter Structure of the Prestige28631.2 Configuring a Filter Set for the Prestige28731.3 Filter Rules Summary Menus28831.4 Configuring a Filter Rule28931.4.1 TCP/IP Filter Rule29031.4.2 Generic Filter Rule29231.5 Filter Types and NAT29431.6 Example Filter29431.7 Applying Filters and Factory Defaults29631.7.1 Ethernet Traffic29731.7.2 Remote Node Filters29732. SNMP Configuration29932.1 About SNMP29932.2 Supported MIBs30032.3 SNMP Configuration30032.4 SNMP Traps30133. System Security30333.1 System Security30333.1.1 System Password30333.1.2 Configuring External RADIUS Server30333.1.3 IEEE802.1x30533.2 Creating User Accounts on the Prestige30734. System Information and Diagnosis30934.1 Overview30934.2 System Status30934.3 System Information31134.3.1 System Information31134.3.2 Console Port Speed31234.4 Log and Trace31334.4.1 Viewing Error Log31334.4.2 Syslog and Accounting31434.5 Diagnostic31635. Firmware and Configuration File Maintenance31935.1 Filename Conventions31935.2 Backup Configuration32035.2.1 Backup Configuration32035.2.2 Using the FTP Command from the Command Line32135.2.3 Example of FTP Commands from the Command Line32135.2.4 GUI-based FTP Clients32235.2.5 TFTP and FTP over WAN Management Limitations32235.2.6 Backup Configuration Using TFTP32335.2.7 TFTP Command Example32335.2.8 GUI-based TFTP Clients32335.3 Restore Configuration32435.3.1 Restore Using FTP32435.3.2 Restore Using FTP Session Example32535.4 Uploading Firmware and Configuration Files32635.4.1 Firmware File Upload32635.4.2 Configuration File Upload32635.4.3 FTP File Upload Command from the DOS Prompt Example32735.4.4 FTP Session Example of Firmware File Upload32835.4.5 TFTP File Upload32835.4.6 TFTP Upload Command Example32936. System Maintenance33136.1 Command Interpreter Mode33136.2 Call Control Support33236.2.1 Budget Management33236.3 Time and Date Setting33336.3.1 Resetting the Time33437. Remote Management33737.1 Remote Management Overview33737.2 Remote Management33737.2.1 Remote Management Setup33737.2.2 Remote Management Limitations33837.3 Remote Management and NAT33937.4 System Timeout33938. IP Policy Routing34138.1 IP Policy Routing Overview34138.2 Benefits of IP Policy Routing34138.3 Routing Policy34138.4 IP Routing Policy Setup34238.5 Applying an IP Policy34538.5.1 Ethernet IP Policies34538.6 IP Policy Routing Example34639. Call Scheduling35139.1 Introduction35140. Internal SPTGEN35540.1 Internal SPTGEN Overview35540.2 The Configuration Text File Format35540.2.1 Internal SPTGEN File Modification - Important Points to Remember35640.3 Internal SPTGEN FTP Download Example35640.4 Internal SPTGEN FTP Upload Example35741. Troubleshooting35941.1 Problems Starting Up the Prestige35941.2 Problems with the LAN LED35941.3 Problems with the DSL LED36041.4 Problems with the LAN Interface36041.5 Problems with the WAN Interface36041.6 Problems with Internet Access36141.7 Problems with the Password36141.8 Problems with the Web Configurator36241.9 Problems with Remote Management362A. Splitters and Microfilters363B. Setting up Your Computer’s IP Address367C. IP Subnetting379D. PPPoE387E. Virtual Circuit Topology389F. Wireless LAN and IEEE 802.11391G. Wireless LAN With IEEE 802.1x395H. Types of EAP Authentication397I. Antenna Selection and Positioning Recommendation399J. Example Internal SPTGEN Screens401K. Command Interpreter423L. Firewall Commands42541.10 Sys Firewall Commands425M. Brute-Force Password Guessing Protection427N. Boot Commands429O. Log Descriptions431Index443A443B443C443D444E444F445G445H445I446K446L446M447N447O447P447Q448R448S448T449U450V450W450X450Z450サイズ: 17.3MBページ数: 450Language: Englishマニュアルを開く