사용자 설명서차례User’s Guide1Copyright2Federal Communications Commission (FCC) Interference Statement3ZyXEL Limited Warranty4Customer Support5Table of Contents8List of Figures26List of Tables34Preface40Introduction to DSL42Getting To Know Your Prestige441.1 Introducing the Prestige441.1.1 Features of the Prestige451.1.2 Applications for the Prestige511.1.2.1 Internet Access511.1.3 Firewall for Secure Broadband Internet Access511.1.3.1 LAN to LAN Application521.1.4 Prestige Hardware Installation and Connection52Introducing the Web Configurator542.1 Web Configurator Overview542.1.1 Accessing the Prestige Web Configurator542.1.2 Resetting the Prestige552.1.2.1 Using the Reset Button552.1.3 Navigating the Prestige Web Configurator56Wizard Setup for Internet Access603.1 Introduction603.1.1 Encapsulation603.1.1.1 ENET ENCAP603.1.1.2 PPP over Ethernet603.1.1.3 PPPoA603.1.1.4 RFC 1483613.1.2 Multiplexing613.1.2.1 VC-based Multiplexing613.1.2.2 LLC-based Multiplexing613.1.3 VPI and VCI613.2 Internet Access Wizard Setup: First Screen613.3 IP Address and Subnet Mask623.3.1 IP Address Assignment633.3.1.1 IP Assignment with PPPoA or PPPoE Encapsulation633.3.1.2 IP Assignment with RFC 1483 Encapsulation633.3.1.3 IP Assignment with ENET ENCAP Encapsulation633.3.1.4 Private IP Addresses643.3.2 Nailed-Up Connection (PPP)643.3.3 NAT643.4 Internet Access Wizard Setup: Second Screen643.4.1 DHCP Setup693.4.1.1 IP Pool Setup693.4.2 Internet Access Wizard Setup: Third Screen693.5 Internet Access Wizard Setup: Connection Test703.5.1 Test Your Internet Connection71Wizard Setup for Media Bandwidth Management724.1 Introduction724.1.1 Predefined Media Bandwidth Management Services724.2 Media Bandwidth Management Setup 1734.3 Media Bandwidth Mgnt. Wizard Setup: Second Screen744.4 Media Bandwidth Mgnt. Wizard Setup: Finish75Password Setup765.1 Password Overview765.1.1 Configuring Password76LAN Setup786.1 LAN Overview786.1.1 LANs, WANs and the Prestige786.2 DNS Server Address796.3 DNS Server Address Assignment796.4 LAN TCP/IP806.4.1 Factory LAN Defaults806.4.2 IP Address and Subnet Mask806.4.3 RIP Setup806.4.4 Multicast816.5 Any IP816.5.1 How Any IP Works826.6 Configuring LAN836.7 Configuring Static DHCP84DMZ867.1 Introduction867.2 Configuring DMZ86Wireless LAN Setup908.1 Introduction908.1.1 Additional Installation Requirements for Using 802.1x908.1.2 Channel908.1.3 ESS ID918.1.4 RTS/CTS918.1.5 Fragmentation Threshold928.2 Levels of Security928.3 Data Encryption with WEP938.4 Configuring Wireless LAN938.5 Configuring MAC Filter958.6 Network Authentication978.6.1 EAP978.6.1.1 RADIUS978.6.1.2 Types of RADIUS Messages978.6.2 EAP Authentication Overview988.7 Introduction to WPA998.7.1 User Authentication998.7.2 Encryption998.8 WPA-PSK Application Example1008.9 WPA with RADIUS Application Example1008.10 Security Parameters Summary1018.11 Wireless Client WPA Supplicants1028.12 Configuring 802.1x and WPA1028.12.1 Authentication Required: 802.1x1038.12.2 Authentication Required: WPA1058.12.3 Authentication Required: WPA-PSK1068.13 Configuring Local User Authentication1088.14 Configuring RADIUS109WAN Setup1129.1 WAN Overview1129.2 Metric1129.3 PPPoE Encapsulation1139.4 Traffic Shaping1139.5 Zero Configuration Internet Access1149.6 Configuring WAN Setup1149.7 Traffic Redirect1179.8 Configuring WAN Backup1189.9 Configuring Advanced WAN Backup1219.10 AT Command Strings1249.11 DTR Signal1249.12 Response Strings1249.13 Configuring Advanced Modem Setup124Network Address Translation (NAT) Screens12810.1 NAT Overview12810.1.1 NAT Definitions12810.1.2 What NAT Does12910.1.3 How NAT Works12910.1.4 NAT Application13010.1.5 NAT Mapping Types13010.2 SUA (Single User Account) Versus NAT13110.3 SUA Server13210.3.1 Default Server IP Address13210.3.2 Port Forwarding: Services and Port Numbers13210.3.3 Configuring Servers Behind SUA (Example)13310.4 Selecting the NAT Mode13310.5 Configuring SUA Server13410.6 Configuring Address Mapping13610.7 Editing an Address Mapping Rule137Dynamic DNS Setup14011.1 Dynamic DNS14011.1.1 DYNDNS Wildcard14011.2 Configuring Dynamic DNS140Time and Date14212.1 Configuring Time and Date142Firewalls14413.1 Firewall Overview14413.2 Types of Firewalls14413.2.1 Packet Filtering Firewalls14413.2.2 Application-level Firewalls14413.2.3 Stateful Inspection Firewalls14513.3 Introduction to ZyXEL’s Firewall14513.3.1 Denial of Service Attacks14613.4 Denial of Service14613.4.1 Basics14613.4.2 Types of DoS Attacks14713.4.2.1 ICMP Vulnerability14913.4.2.2 Illegal Commands (NetBIOS and SMTP)14913.4.2.3 Traceroute15013.5 Stateful Inspection15013.5.1 Stateful Inspection Process15113.5.2 Stateful Inspection and the Prestige15213.5.3 TCP Security15213.5.4 UDP/ICMP Security15313.5.5 Upper Layer Protocols15313.6 Guidelines for Enhancing Security with Your Firewall15413.6.1 Security In General15413.7 Packet Filtering Vs Firewall15513.7.1 Packet Filtering:15513.7.1.1 When To Use Filtering15513.7.2 Firewall15513.7.2.1 When To Use The Firewall156Firewall Configuration15814.1 Access Methods15814.2 Firewall Policies Overview15814.3 Rule Logic Overview15914.3.1 Rule Checklist15914.3.2 Security Ramifications16014.3.3 Key Fields For Configuring Rules16014.3.3.1 Action16014.3.3.2 Service16014.3.3.3 Source Address16014.3.3.4 Destination Address16114.4 Connection Direction Example16114.4.1 LAN to WAN Rules16114.4.2 WAN to LAN Rules16114.4.3 Alerts16214.5 Configuring Basic Firewall Settings16214.6 Rule Summary16414.6.1 Configuring Firewall Rules16514.7 Customized Services16814.8 Creating/Editing A Customized Service16814.9 Example Firewall Rule16914.10 Predefined Services17314.11 Anti-Probing17514.12 Configuring Attack Alert17614.12.1 Threshold Values17714.12.2 Half-Open Sessions17714.12.2.1 TCP Maximum Incomplete and Blocking Time177Content Filtering18015.1 Content Filtering Overview18015.2 Configuring Keyword Blocking18015.3 Configuring the Schedule18115.4 Configuring Trusted Computers182Content Access Control18416.1 Content Access Control Overview18416.1.1 Content Access Control WLAN Application18416.1.2 Configuration Steps18416.2 Activating CAC and Create User Groups18516.2.1 Configuring Time Schedule18616.2.2 Configuring Services18816.2.2.1 Available Services18916.2.3 Configuring Web Site Filters19116.2.4 Testing Web Site Access Privileges19716.3 User Account Setup19816.4 User Online Status20016.5 Content Access Control Logins20116.5.1 User Login20116.5.2 Administrator Login202Anti-Virus Packet Scan20417.1 Overview20417.1.1 Types of Computer Viruses20417.2 Signature-Based Virus Scan20417.2.1 Computer Virus Infection and Prevention20517.3 Introduction to the Prestige Anti-virus Packet Scan20517.3.1 How the Prestige Virus Scan Works20617.3.2 Limitations of the Prestige Packet Scan20617.4 Anti-virus Packet Scan Configuration20717.5 Registration and Online Update20817.5.1 Updating the Anti Virus Packet Scan210Introduction to IPSec21218.1 VPN Overview21218.1.1 IPSec21218.1.2 Security Association21218.1.3 Other Terminology21218.1.3.1 Encryption21218.1.3.2 Data Confidentiality21318.1.3.3 Data Integrity21318.1.3.4 Data Origin Authentication21318.1.4 VPN Applications21318.2 IPSec Architecture21318.2.1 IPSec Algorithms21418.2.2 Key Management21418.3 Encapsulation21418.3.1 Transport Mode21518.3.2 Tunnel Mode21518.4 IPSec and NAT215VPN Screens21819.1 VPN/IPSec Overview21819.2 IPSec Algorithms21819.2.1 AH (Authentication Header) Protocol21819.2.2 ESP (Encapsulating Security Payload) Protocol21819.3 My IP Address21919.4 Secure Gateway Address22019.4.1 Dynamic Secure Gateway Address22019.5 VPN Summary Screen22019.6 Keep Alive22219.7 NAT Traversal22219.7.1 NAT Traversal Configuration22319.7.2 Remote DNS Server22319.8 ID Type and Content22419.8.1 ID Type and Content Examples22519.9 Pre-Shared Key22619.10 Editing VPN Policies22619.11 IKE Phases23119.11.1 Negotiation Mode23219.11.2 Diffie-Hellman (DH) Key Groups23319.11.3 Perfect Forward Secrecy (PFS)23319.12 Configuring Advanced IKE Settings23319.13 Manual Key Setup23619.13.1 Security Parameter Index (SPI)23619.14 Configuring Manual Key23719.15 Viewing SA Monitor24019.16 Configuring Global Setting24119.17 Telecommuter VPN/IPSec Examples24219.17.1 Telecommuters Sharing One VPN Rule Example24219.17.2 Telecommuters Using Unique VPN Rules Example24319.18 VPN and Remote Management245Remote Management Configuration24620.1 Remote Management Overview24620.1.1 Remote Management Limitations24620.1.2 Remote Management and NAT24720.1.3 System Timeout24720.2 Telnet24720.3 FTP24720.4 Web24820.5 Configuring Remote Management248Universal Plug-and-Play (UPnP)25021.1 Introducing Universal Plug and Play25021.1.1 How do I know if I'm using UPnP?25021.1.2 NAT Traversal25021.1.3 Cautions with UPnP25021.2 UPnP and ZyXEL25121.2.1 Configuring UPnP25121.3 Installing UPnP in Windows Example25221.4 Using UPnP in Windows XP Example256Logs Screens26422.1 Logs Overview26422.1.1 Alerts and Logs26422.2 Configuring Log Settings26422.3 Displaying the Logs26622.4 SMTP Error Messages26722.4.1 Example E-mail Log268Media Bandwidth Management Advanced Setup27023.1 Bandwidth Management Advanced Setup Overview27023.2 Bandwidth Classes and Filters27023.3 Proportional Bandwidth Allocation27123.4 Bandwidth Management Usage Examples27123.4.1 Application-based Bandwidth Management Example27123.4.2 Subnet-based Bandwidth Management Example27123.4.3 Application and Subnet-based Bandwidth Management Example27223.5 Scheduler27223.5.1 Priority-based Scheduler27323.5.2 Fairness-based Scheduler27323.6 Maximize Bandwidth Usage27323.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic27323.6.2 Maximize Bandwidth Usage Example27423.7 Bandwidth Borrowing27523.7.1 Bandwidth Borrowing Example27523.7.2 Maximize Bandwidth Usage With Bandwidth Borrowing27723.8 Configuring Summary27723.9 Configuring Class Setup27823.9.1 Media Bandwidth Management Class Configuration27923.9.2 Media Bandwidth Management Statistics28223.10 Bandwidth Monitor283Maintenance28424.1 Maintenance Overview28424.2 System Status Screen28424.2.1 System Statistics28624.3 DHCP Table Screen28824.4 Any IP Table Screen28924.5 Wireless Screen28924.5.1 Association List28924.6 Diagnostic Screens29024.6.1 Diagnostic General Screen29024.6.2 Diagnostic DSL Line Screen29124.7 Firmware Screen293Introducing the SMT29625.1 SMT Introduction29625.1.1 Procedure for SMT Configuration via Telnet29625.1.2 Entering Password29625.1.3 Prestige SMT Menu Overview29725.2 Navigating the SMT Interface29725.2.1 System Management Terminal Interface Summary29925.3 Changing the System Password299Menu 1 General Setup30226.1 General Setup30226.2 Procedure To Configure Menu 130226.2.1 Procedure to Configure Dynamic DNS303Menu 2 WAN Backup Setup30627.1 Introduction to WAN Backup Setup30627.2 Configuring Dial Backup in Menu 230627.2.1 Traffic Redirect Setup30727.3 Configuring Dial Backup Setup30827.4 Advanced Dial Backup Setup309Menu 3 LAN Setup31228.1 LAN Setup31228.1.1 General Ethernet Setup31228.2 Protocol Dependent Ethernet Setup31328.3 CP/IP Ethernet Setup and DHCP313Wireless LAN Setup31629.1 Wireless LAN Overview31629.2 Wireless LAN Setup31629.2.1 Wireless LAN MAC Address Filter317Internet Access32030.1 Internet Access Overview32030.2 IP Policies32030.3 IP Alias32030.4 IP Alias Setup32130.5 Route IP Setup32230.6 Internet Access Configuration323Remote Node Configuration32631.1 Remote Node Setup Overview32631.2 Remote Node Setup32631.2.1 Remote Node Profile32631.2.2 Encapsulation and Multiplexing Scenarios32731.2.2.1 Scenario 1: One VC, Multiple Protocols32731.2.2.2 Scenario 2: One VC, One Protocol (IP)32731.2.2.3 Scenario 3: Multiple VCs32731.2.3 Outgoing Authentication Protocol32931.3 Remote Node Network Layer Options33031.3.1 My WAN Addr Sample IP Addresses33131.4 Remote Node Filter33231.5 Editing ATM Layer Options33331.5.1 VC-based Multiplexing (non-PPP Encapsulation)33331.5.2 LLC-based Multiplexing or PPP Encapsulation33431.5.3 Advance Setup Options334Static Route Setup33632.1 IP Static Route Overview33632.2 Configuration336Bridging Setup34033.1 Bridging in General34033.2 Bridge Ethernet Setup34033.2.1 Remote Node Bridging Setup34033.2.2 Bridge Static Route Setup342Network Address Translation (NAT)34434.1 Using NAT34434.1.1 SUA (Single User Account) Versus NAT34434.2 Applying NAT34434.3 NAT Setup34634.3.1 Address Mapping Sets34634.3.1.1 SUA Address Mapping Set34734.3.1.2 User-Defined Address Mapping Sets34834.3.1.3 Ordering Your Rules34934.4 Configuring a Server behind NAT35034.5 General NAT Examples35234.5.1 Example 1: Internet Access Only35234.5.2 Example 2: Internet Access with an Inside Server35334.5.3 Example 3: Multiple Public IP Addresses With Inside Servers35434.5.4 Example 4: NAT Unfriendly Application Programs358Enabling the Firewall36035.1 Remote Management and the Firewall36035.2 Access Methods36035.3 Enabling the Firewall360Filter Configuration36236.1 About Filtering36236.1.1 The Filter Structure of the Prestige36336.2 Configuring a Filter Set for the Prestige36436.3 Filter Rules Summary Menus36536.4 Configuring a Filter Rule36636.4.1 TCP/IP Filter Rule36736.4.2 Generic Filter Rule36936.5 Filter Types and NAT37136.6 Example Filter37136.7 Applying Filters and Factory Defaults37336.7.1 Ethernet Traffic37436.7.2 Remote Node Filters374SNMP Configuration37637.1 About SNMP37637.2 Supported MIBs37737.3 SNMP Configuration37737.4 SNMP Traps378System Security38038.1 System Security38038.1.1 System Password38038.1.2 Configuring External RADIUS Server38038.1.3 IEEE802.1x38238.2 Creating User Accounts on the Prestige384System Information and Diagnosis38639.1 Overview38639.2 System Status38639.3 System Information38839.3.1 System Information38839.3.2 Console Port Speed38939.4 Log and Trace39039.4.1 Viewing Error Log39039.4.2 Syslog and Accounting39139.5 Diagnostic393Firmware and Configuration File Maintenance39640.1 Filename Conventions39640.2 Backup Configuration39740.2.1 Backup Configuration39740.2.2 Using the FTP Command from the Command Line39840.2.3 Example of FTP Commands from the Command Line39840.2.4 GUI-based FTP Clients39940.2.5 TFTP and FTP over WAN Management Limitations39940.2.6 Backup Configuration Using TFTP40040.2.7 TFTP Command Example40040.2.8 GUI-based TFTP Clients40040.2.9 Backup Via Console Port40140.3 Restore Configuration40240.3.1 Restore Using FTP40240.3.2 Restore Using FTP Session Example40340.3.3 Restore Via Console Port40440.4 Uploading Firmware and Configuration Files40540.4.1 Firmware File Upload40540.4.2 Configuration File Upload40540.4.3 FTP File Upload Command from the DOS Prompt Example40640.4.4 FTP Session Example of Firmware File Upload40740.4.5 TFTP File Upload40740.4.6 TFTP Upload Command Example40840.4.7 Uploading Via Console Port40840.4.8 Uploading Firmware File Via Console Port40840.4.9 Example Xmodem Firmware Upload Using HyperTerminal40940.4.10 Uploading Configuration File Via Console Port40940.4.11 Example Xmodem Configuration Upload Using HyperTerminal410System Maintenance41241.1 Command Interpreter Mode41241.2 Call Control Support41341.2.1 Budget Management41341.3 Time and Date Setting41441.3.1 Resetting the Time416Remote Management41842.1 Remote Management Overview41842.2 Remote Management41842.2.1 Remote Management Setup41842.2.2 Remote Management Limitations41942.3 Remote Management and NAT42042.4 System Timeout420IP Policy Routing42243.1 IP Policy Routing Overview42243.2 Benefits of IP Policy Routing42243.3 Routing Policy42243.4 IP Routing Policy Setup42343.5 Applying an IP Policy42643.5.1 Ethernet IP Policies42643.6 IP Policy Routing Example427Call Scheduling43044.1 Introduction430VPN/IPSec Setup43445.1 VPN/IPSec Overview43445.2 IPSec Summary Screen43545.3 IPSec Setup43745.4 IKE Setup44145.5 Manual Setup44345.5.1 Active Protocol44345.5.2 Security Parameter Index (SPI)443SA Monitor44646.1 SA Monitor Overview44646.2 Using SA Monitor446Internal SPTGEN45047.1 Internal SPTGEN Overview45047.2 The Configuration Text File Format45047.2.1 Internal SPTGEN File Modification - Important Points to Remember45147.3 Internal SPTGEN FTP Download Example45147.4 Internal SPTGEN FTP Upload Example452Troubleshooting45448.1 Problems Starting Up the Prestige45448.2 Problems with the LAN LED45448.3 Problems with the DSL LED45548.4 Problems with the LAN Interface45548.5 Problems with the WAN Interface45548.6 Problems with Internet Access45648.7 Problems with the Password45648.8 Problems with the Web Configurator45748.9 Problems with Remote Management457Cable Pin Assignments458Splitters and Microfilters460Setting up Your Computer’s IP Address462IP Subnetting474PPPoE482Virtual Circuit Topology484Wireless LAN and IEEE 802.11486Wireless LAN With IEEE 802.1x490Types of EAP Authentication492Antenna Selection and Positioning Recommendation494myZyXEL.com496Windows 98/Me Requirements for Anti- Virus Packet Scan Message Display502Example Internal SPTGEN Screens506Command Interpreter528Firewall Commands530Sys Firewall Commands530NetBIOS Filter Commands532Brute-Force Password Guessing Protection536Boot Commands538Log Descriptions540Index554A554B554C555D555E556F556G557H557I557K558L558M558N559O559P559Q560R560S561T562U562V562W562X563Z563크기: 23메가바이트페이지: 563Language: English매뉴얼 열기
사용자 가이드차례User’s Guide1Copyright3Federal Communications Commission (FCC) Interference Statement4Safety Warnings5ZyXEL Limited Warranty6Customer Support7Table of Contents9List of Figures25List of Tables33Preface39Introduction to DSL41Getting To Know Your Prestige431.1 Introducing the Prestige431.1.1 Features of the Prestige441.1.1.1 P-660HW Wireless Features481.1.2 Applications for the Prestige491.1.2.1 Internet Access491.1.3 Firewall for Secure Broadband Internet Access501.1.3.1 LAN to LAN Application501.1.4 Front Panel LEDs50Introducing the Web Configurator532.1 Web Configurator Overview532.1.1 Accessing the Prestige Web Configurator532.1.2 Resetting the Prestige542.1.2.1 Using the Reset Button542.1.3 Navigating the Prestige Web Configurator55Wizard Setup for Internet Access593.1 Introduction to Internet Access Wizard593.1.1 Internet Access Wizard Setup59Wizard Setup for Media Bandwidth Management674.1 Introduction to Media Bandwidth Management674.1.1 Predefined Media Bandwidth Management Services674.2 Media Bandwidth Management Setup68Password Setup715.1 Password Overview715.1.1 Configuring Password71LAN Setup736.1 LAN Overview736.1.1 LANs, WANs and the Prestige736.2 DNS Server Address746.3 DNS Server Address Assignment746.4 LAN TCP/IP756.4.1 Factory LAN Defaults756.4.2 IP Address and Subnet Mask756.4.3 RIP Setup766.4.4 Multicast766.5 Any IP776.5.1 How Any IP Works776.6 Configuring LAN786.7 Configuring Static DHCP80Wireless LAN (Prestige 660HW)837.1 Introduction837.2 Wireless Security Overview837.2.1 Encryption837.2.2 Authentication837.2.3 Restricted Access847.2.4 Hide Prestige Identity847.2.5 G-plus847.2.6 Configuring Wireless LAN on the Prestige847.3 Configuring the Wireless Screen857.3.1 WEP Encryption857.4 Configuring MAC Filters887.5 Introduction to WPA907.5.1 WPA-PSK Application Example907.5.2 WPA with RADIUS Application Example917.5.3 Wireless Client WPA Supplicants927.6 Configuring IEEE 802.1x and WPA927.6.1 Authentication Required: 802.1x937.6.2 Authentication Required: WPA957.6.3 Authentication Required: WPA-PSK977.7 Configuring Local User Authentication987.8 Configuring RADIUS997.9 Introduction to OTIST1007.9.1 Enabling OTIST1007.9.1.1 AP1007.9.1.2 Wireless Client1027.9.2 Starting OTIST1027.9.3 Notes on OTIST103WAN Setup1058.1 WAN Overview1058.2 Metric1058.3 PPPoE Encapsulation1068.4 Traffic Shaping1068.5 Zero Configuration Internet Access1078.6 Configuring WAN Setup1078.7 Traffic Redirect1108.8 Configuring WAN Backup111Network Address Translation (NAT) Screens1159.1 NAT Overview1159.1.1 NAT Definitions1159.1.2 What NAT Does1169.1.3 How NAT Works1169.1.4 NAT Application1179.1.5 NAT Mapping Types1189.2 SUA (Single User Account) Versus NAT1199.3 SUA Server1199.3.1 Default Server IP Address1199.3.2 Port Forwarding: Services and Port Numbers1199.3.3 Configuring Servers Behind SUA (Example)1209.4 SIP ALG1209.5 Selecting the NAT Mode1219.6 Configuring SUA Server1219.7 Configuring Address Mapping1239.8 Editing an Address Mapping Rule124Dynamic DNS Setup12710.1 Dynamic DNS12710.1.1 DYNDNS Wildcard12710.2 Configuring Dynamic DNS127Time and Date12911.1 Configuring Time and Date129Firewalls13112.1 Firewall Overview13112.2 Types of Firewalls13112.2.1 Packet Filtering Firewalls13112.2.2 Application-level Firewalls13112.2.3 Stateful Inspection Firewalls13212.3 Introduction to ZyXEL’s Firewall13212.3.1 Denial of Service Attacks13312.4 Denial of Service13312.4.1 Basics13312.4.2 Types of DoS Attacks13412.4.2.1 ICMP Vulnerability13612.4.2.2 Illegal Commands (NetBIOS and SMTP)13612.4.2.3 Traceroute13712.5 Stateful Inspection13712.5.1 Stateful Inspection Process13812.5.2 Stateful Inspection and the Prestige13912.5.3 TCP Security13912.5.4 UDP/ICMP Security14012.5.5 Upper Layer Protocols14012.6 Guidelines for Enhancing Security with Your Firewall14012.6.1 Security In General14112.7 Packet Filtering Vs Firewall14212.7.1 Packet Filtering:14212.7.1.1 When To Use Filtering14212.7.2 Firewall14212.7.2.1 When To Use The Firewall142Firewall Configuration14513.1 Access Methods14513.2 Firewall Policies Overview14513.3 Rule Logic Overview14613.3.1 Rule Checklist14613.3.2 Security Ramifications14613.3.3 Key Fields For Configuring Rules14713.3.3.1 Action14713.3.3.2 Service14713.3.3.3 Source Address14713.3.3.4 Destination Address14713.4 Connection Direction Example14713.4.1 LAN to WAN Rules14813.4.2 WAN to LAN Rules14813.4.3 Alerts14913.5 Configuring Basic Firewall Settings14913.6 Rule Summary15013.6.1 Configuring Firewall Rules15213.7 Customized Services15513.8 Creating/Editing A Customized Service15513.9 Example Firewall Rule15613.10 Predefined Services16013.11 Anti-Probing16213.12 Configuring Attack Alert16313.12.1 Threshold Values16413.12.2 Half-Open Sessions16413.12.2.1 TCP Maximum Incomplete and Blocking Time164Content Filtering16714.1 Content Filtering Overview16714.2 Configuring Keyword Blocking16714.3 Configuring the Schedule16814.4 Configuring Trusted Computers169Remote Management Configuration17115.1 Remote Management Overview17115.1.1 Remote Management Limitations17115.1.2 Remote Management and NAT17215.1.3 System Timeout17215.2 Telnet17215.3 FTP17215.4 Web17315.5 Configuring Remote Management173Universal Plug-and-Play (UPnP)17516.1 Introducing Universal Plug and Play17516.1.1 How do I know if I'm using UPnP?17516.1.2 NAT Traversal17516.1.3 Cautions with UPnP17516.2 UPnP and ZyXEL17616.2.1 Configuring UPnP17616.3 Installing UPnP in Windows Example17716.4 Using UPnP in Windows XP Example181Logs Screens18917.1 Logs Overview18917.1.1 Alerts and Logs18917.2 Configuring Log Settings18917.3 Displaying the Logs19117.4 SMTP Error Messages19217.4.1 Example E-mail Log193Media Bandwidth Management Advanced Setup19518.1 Bandwidth Management Advanced Setup Overview19518.2 Bandwidth Classes and Filters19518.3 Proportional Bandwidth Allocation19618.4 Bandwidth Management Usage Examples19618.4.1 Application-based Bandwidth Management Example19618.4.2 Subnet-based Bandwidth Management Example19618.4.3 Application and Subnet-based Bandwidth Management Example19718.5 Scheduler19818.5.1 Priority-based Scheduler19818.5.2 Fairness-based Scheduler19818.6 Maximize Bandwidth Usage19818.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic19818.6.2 Maximize Bandwidth Usage Example19918.7 Bandwidth Borrowing20018.7.1 Bandwidth Borrowing Example20018.7.2 Maximize Bandwidth Usage With Bandwidth Borrowing20118.8 Configuring Summary20118.9 Configuring Class Setup20318.9.1 DiffServ20418.9.1.1 DSCP and Per-Hop Behavior20418.9.2 Media Bandwidth Management Class Configuration20418.9.3 Media Bandwidth Management Statistics20718.10 Bandwidth Monitor208Maintenance21119.1 Maintenance Overview21119.2 System Status Screen21119.2.1 System Statistics21319.3 DHCP Table Screen21519.4 Any IP Table Screen21619.5 Wireless Screen21619.5.1 Association List21619.6 Diagnostic Screens21719.6.1 Diagnostic General Screen21719.6.2 Diagnostic DSL Line Screen21819.7 Firmware Screen220Introducing the SMT22320.1 SMT Introduction22320.1.1 Procedure for SMT Configuration via Telnet22320.1.2 Entering Password22320.1.3 Prestige SMT Menu Overview22420.2 Navigating the SMT Interface22420.2.1 System Management Terminal Interface Summary22620.3 Changing the System Password226Menu 1 General Setup22921.1 General Setup22921.2 Procedure To Configure Menu 122921.2.1 Procedure to Configure Dynamic DNS230Menu 2 WAN Backup Setup23322.1 Introduction to WAN Backup Setup23322.2 Configuring Dial Backup in Menu 223322.2.1 Traffic Redirect Setup234Menu 3 LAN Setup23723.1 LAN Setup23723.1.1 General Ethernet Setup23723.2 Protocol Dependent Ethernet Setup23823.3 CP/IP Ethernet Setup and DHCP238Wireless LAN Setup24124.1 Wireless LAN Overview24124.2 Wireless LAN Setup24124.2.1 Wireless LAN MAC Address Filter242Internet Access24525.1 Internet Access Overview24525.2 IP Policies24525.3 IP Alias24525.4 IP Alias Setup24625.5 Route IP Setup24725.6 Internet Access Configuration248Remote Node Configuration25126.1 Remote Node Setup Overview25126.2 Remote Node Setup25126.2.1 Remote Node Profile25126.2.2 Encapsulation and Multiplexing Scenarios25226.2.2.1 Scenario 1: One VC, Multiple Protocols25226.2.2.2 Scenario 2: One VC, One Protocol (IP)25226.2.2.3 Scenario 3: Multiple VCs25226.2.3 Outgoing Authentication Protocol25426.3 Remote Node Network Layer Options25526.3.1 My WAN Addr Sample IP Addresses25626.4 Remote Node Filter25726.5 Editing ATM Layer Options25826.5.1 VC-based Multiplexing (non-PPP Encapsulation)25826.5.2 LLC-based Multiplexing or PPP Encapsulation25826.5.3 Advance Setup Options259Static Route Setup26127.1 IP Static Route Overview26127.2 Configuration261Bridging Setup26528.1 Bridging in General26528.2 Bridge Ethernet Setup26528.2.1 Remote Node Bridging Setup26528.2.2 Bridge Static Route Setup267Network Address Translation (NAT)26929.1 Using NAT26929.1.1 SUA (Single User Account) Versus NAT26929.2 Applying NAT26929.3 NAT Setup27129.3.1 Address Mapping Sets27129.3.1.1 SUA Address Mapping Set27229.3.1.2 User-Defined Address Mapping Sets27329.3.1.3 Ordering Your Rules27429.4 Configuring a Server behind NAT27529.5 General NAT Examples27629.5.1 Example 1: Internet Access Only27729.5.2 Example 2: Internet Access with an Inside Server27729.5.3 Example 3: Multiple Public IP Addresses With Inside Servers27829.5.4 Example 4: NAT Unfriendly Application Programs282Enabling the Firewall28530.1 Remote Management and the Firewall28530.2 Access Methods28530.3 Enabling the Firewall285Filter Configuration28731.1 About Filtering28731.1.1 The Filter Structure of the Prestige28831.2 Configuring a Filter Set for the Prestige28931.3 Filter Rules Summary Menus29031.4 Configuring a Filter Rule29131.4.1 TCP/IP Filter Rule29231.4.2 Generic Filter Rule29431.5 Filter Types and NAT29631.6 Example Filter29631.7 Applying Filters and Factory Defaults29831.7.1 Ethernet Traffic29931.7.2 Remote Node Filters299SNMP Configuration30132.1 About SNMP30132.2 Supported MIBs30232.3 SNMP Configuration30232.4 SNMP Traps303System Security30533.1 System Security30533.1.1 System Password30533.1.2 Configuring External RADIUS Server30533.1.3 IEEE802.1x30733.2 Creating User Accounts on the Prestige309System Information and Diagnosis31134.1 Overview31134.2 System Status31134.3 System Information31334.3.1 System Information31334.3.2 Console Port Speed31434.4 Log and Trace31534.4.1 Viewing Error Log31534.4.2 Syslog and Accounting31634.5 Diagnostic318Firmware and Configuration File Maintenance32135.1 Filename Conventions32135.2 Backup Configuration32235.2.1 Backup Configuration32235.2.2 Using the FTP Command from the Command Line32335.2.3 Example of FTP Commands from the Command Line32335.2.4 GUI-based FTP Clients32435.2.5 TFTP and FTP over WAN Management Limitations32435.2.6 Backup Configuration Using TFTP32535.2.7 TFTP Command Example32535.2.8 GUI-based TFTP Clients32535.3 Restore Configuration32635.3.1 Restore Using FTP32635.3.2 Restore Using FTP Session Example32735.4 Uploading Firmware and Configuration Files32835.4.1 Firmware File Upload32835.4.2 Configuration File Upload32835.4.3 FTP File Upload Command from the DOS Prompt Example32935.4.4 FTP Session Example of Firmware File Upload33035.4.5 TFTP File Upload33035.4.6 TFTP Upload Command Example331System Maintenance33336.1 Command Interpreter Mode33336.2 Call Control Support33436.2.1 Budget Management33436.3 Time and Date Setting33536.3.1 Resetting the Time336Remote Management33937.1 Remote Management Overview33937.2 Remote Management33937.2.1 Remote Management Setup33937.2.2 Remote Management Limitations34037.3 Remote Management and NAT34137.4 System Timeout341IP Policy Routing34338.1 IP Policy Routing Overview34338.2 Benefits of IP Policy Routing34338.3 Routing Policy34338.4 IP Routing Policy Setup34438.5 Applying an IP Policy34738.5.1 Ethernet IP Policies34738.6 IP Policy Routing Example348Call Scheduling35339.1 Introduction353Internal SPTGEN35740.1 Internal SPTGEN Overview35740.2 The Configuration Text File Format35740.2.1 Internal SPTGEN File Modification - Important Points to Remember35840.3 Internal SPTGEN FTP Download Example35840.4 Internal SPTGEN FTP Upload Example359Troubleshooting36141.1 Problems Starting Up the Prestige36141.2 Problems with the LAN LED36141.3 Problems with the DSL LED36241.4 Problems with the LAN Interface36241.5 Problems with the WAN Interface36241.6 Problems with Internet Access36341.7 Problems with the Password36341.8 Problems with the Web Configurator36441.9 Problems with Remote Management364Splitters and Microfilters365Connecting a POTS Splitter365Telephone Microfilters366Prestige With ISDN366Setting up Your Computer’s IP Address369Windows 95/98/Me369Windows 2000/NT/XP372Macintosh OS 8/9376Macintosh OS X378IP Subnetting381IP Addressing381IP Classes381Subnet Masks382Subnetting382Example: Two Subnets383Example: Four Subnets385Example Eight Subnets386Subnetting With Class A and Class B Networks.387PPPoE389PPPoE in Action389Benefits of PPPoE389Traditional Dial-up Scenario389How PPPoE Works390Prestige as a PPPoE Client390Virtual Circuit Topology391Wireless LANs393Wireless LAN Topologies393Channel395RTS/CTS395Fragmentation Threshold396Preamble Type397IEEE 802.1x398RADIUS398EAP Authentication399Types of Authentication400WEP Authentication Steps401WPA403Security Parameters Summary404Roaming404Antenna Selection and Positioning Recommendation407Antenna Characteristics407Types of Antennas For WLAN408Connector Type408Example Internal SPTGEN Screens409Command Examples429Command Interpreter431Command Syntax431Command Usage431Firewall Commands433Sys Firewall Commands433Brute-Force Password Guessing Protection435Example435Boot Commands437Log Descriptions439Log Commands448Log Command Example449Index451Numerics451A451B451C452D452E453F453G454H454I454K455L455M455N455O456P456Q457R457S458T459U459V459W459X460Z460크기: 17.1메가바이트페이지: 460Language: English매뉴얼 열기
사용자 설명서차례Prestige 660H Series1Prestige 660HW Series1Overview21 Hardware Connections22 Configuration for Internet Access32.1 Configuration Genie42.2 Zero Configuration42.3 Accessing the Web Configurator43 Wireless Configuration (P660HW series only)73.1 OTIST94 NAT105 Firewall106 Troubleshooting116.1 Set Up Your Computer’s IP Address11Viewing Your Product’s Certifications12크기: 1.08메가바이트페이지: 12Language: English매뉴얼 열기
사용자 가이드차례Copyright2Federal Communications Commission (FCC) Interference Statement3ZyXEL Limited Warranty4Customer Support5List of Figures12List of Tables16List of Charts19Preface20Introduction to DSL22Getting To Know Your Prestige25Introducing the Prestige25Features of the Prestige25Applications for the Prestige29Internet Access29Internet Single User Account29Firewall for Secure Broadband Internet Access29LAN to LAN Application30Introducing the Web Configurator31Web Configurator Overview31Accessing the Prestige Web Configurator31Resetting the Prestige31Using The Reset Button32Navigating the Prestige Web Configurator32Wizard Setup35Wizard Setup Introduction35Encapsulation35ENET ENCAP35PPP over Ethernet35PPPoA35RFC 148335Multiplexing36VC-based Multiplexing36LLC-based Multiplexing36VPI and VCI36Wizard Setup Configuration: First Screen36IP Address and Subnet Mask37IP Address Assignment38IP Assignment with PPPoA or PPPoE Encapsulation38IP Assignment with RFC 1483 Encapsulation38IP Assignment with ENET ENCAP Encapsulation38Private IP Addresses38Nailed-Up Connection (PPP)39NAT39Wizard Setup Configuration: Second Screen39DHCP Setup43IP Pool Setup43Wizard Setup Configuration: Third Screen43Wizard Setup Configuration: Connection Tests45Test Your Internet Connection46Password Setup49Password Overview49Configuring Password49LAN Setup51LAN Overview51LANs, WANs and the Prestige51DNS Server Address51DNS Server Address Assignment52LAN TCP/IP52Factory LAN Defaults52IP Address and Subnet Mask52RIP Setup52Multicast53Configuring LAN53WAN Setup57WAN Overview57Metric57PPPoE Encapsulation57Traffic Shaping58Configuring WAN Setup58Traffic Redirect61Configuring WAN Backup62Network Address Translation (NAT) Screens67NAT Overview67NAT Definitions67What NAT Does67How NAT Works68NAT Application68NAT Mapping Types69SUA (Single User Account) Versus NAT70SUA Server70Port Forwarding: Services and Port Numbers71Configuring Servers Behind SUA (Example)71Selecting the NAT Mode71Configuring SUA Server72Configuring Address Mapping73Editing an Address Mapping Rule75Dynamic DNS Setup77Dynamic DNS77DYNDNS Wildcard77Configuring Dynamic DNS77Time and Date79Configuring Time and Date79Firewalls83Firewall Overview83Types of Firewalls83Packet Filtering Firewalls83Application-level Firewalls83Stateful Inspection Firewalls84Introduction to ZyXEL’s Firewall84Denial of Service85Basics85Types of DoS Attacks85ICMP Vulnerability87Illegal Commands (NetBIOS and SMTP)87Traceroute88Stateful Inspection88Stateful Inspection Process89Stateful Inspection and the Prestige89TCP Security90UDP/ICMP Security90Upper Layer Protocols90Guidelines for Enhancing Security with Your Firewall91Security In General91Packet Filtering Vs Firewall92Packet Filtering:92When To Use Filtering92Firewall92When To Use The Firewall93Firewall Configuration95Remote Management and the Firewall95Enabling the Firewall95Attack Alert95Alerts96Threshold Values96Half-Open Sessions96TCP Maximum Incomplete and Blocking Time96Creating Custom Rules99Rules Overview99Rule Logic Overview99Rule Checklist99Security Ramifications100Key Fields For Configuring Rules100Action100Service100Source Address100Destination Address100Connection Direction100LAN to WAN Rules100WAN to LAN Rules101Rule Summary101Predefined Services103Creating/Editing Firewall Rules105Source and Destination Addresses107Timeout108Factors Influencing Choices for Timeout Values108Customized Services109Introduction to Customized Services109Creating/Editing A Customized Service110Example Custom Service Firewall Rule110Content Filtering115Content Filtering Overview115Configuring Keyword Blocking115Configuring the Schedule116Configuring Trusted Computers117Remote Management Configuration121Remote Management Overview121Remote Management Limitations121Remote Management and NAT121System Timeout122Telnet122FTP122Web122Configuring Remote Management122Universal Plug-and-Play (UPnP)125Introducing Universal Plug and Play125How do I know if I'm using UPnP?125NAT Traversal125Cautions with UPnP125UPnP and ZyXEL125Configuring UPnP126Installing UPnP in Windows Example126Using UPnP in Windows XP Example128Logs Screens133Logs Overview133Alerts and Logs133Configuring Log Settings133Displaying the Logs135SMTP Error Messages136Example E-mail Log137Bandwidth Management141Bandwidth Management Overview141Bandwidth Classes and Filters141Proportional Bandwidth Allocation141Bandwidth Management Usage Examples142Application-based Bandwidth Management Example142Subnet-based Bandwidth Management Example142Application and Subnet-based Bandwidth Management Example142Scheduler143Priority-based Scheduler143Fairness-based Scheduler143Maximize Bandwidth Usage143Reserving Bandwidth for Non-Bandwidth Class Traffic143Maximize Bandwidth Usage Example144Bandwidth Borrowing145Bandwidth Borrowing Example145Maximize Bandwidth Usage With Bandwidth Borrowing147Configuring Summary147Configuring Class Setup148Bandwidth Manager Class Configuration149Bandwidth Management Statistics151Bandwidth Monitor152Maintenance157Maintenance Overview157System Status Screen157System Statistics158DHCP Table Screen160Diagnostic Screens161Diagnostic General Screen161Diagnostic DSL Line Screen161Firmware Screen162Introducing the SMT167SMT Introduction167Procedure for SMT Configuration via Telnet167Entering Password167Prestige SMT Menu Overview167Navigating the SMT Interface168System Management Terminal Interface Summary169Changing the System Password170Menu 1 General Setup171General Setup171Procedure To Configure Menu 1171Procedure to Configure Dynamic DNS172Menu 2 WAN Backup Setup175Introduction to WAN Backup Setup175Configuring Dial Backup in Menu 2175Traffic Redirect Setup176Menu 3 LAN Setup179LAN Setup179General Ethernet Setup179Protocol Dependent Ethernet Setup180TCP/IP Ethernet Setup and DHCP180Internet Access183Internet Access Overview183IP Policies183IP Alias183IP Alias Setup184Route IP Setup185Internet Access Configuration186Remote Node Configuration189Remote Node Setup Overview189Remote Node Setup189Remote Node Profile189Encapsulation and Multiplexing Scenarios190Scenario 1.One VC, Multiple Protocols190Scenario 2.One VC, One Protocol (IP)190Scenario 3.Multiple VCs190Outgoing Authentication Protocol193Remote Node Network Layer Options193My WAN Addr Sample IP Addresses194Remote Node Filter195Editing ATM Layer Options196VC-based Multiplexing (non-PPP Encapsulation)196LLC-based Multiplexing or PPP Encapsulation197Advance Setup Options197Static Route Setup199IP Static Route Overview199Configuration199Bridging Setup203Bridging in General203Bridge Ethernet Setup203Remote Node Bridging Setup203Bridge Static Route Setup205Network Address Translation (NAT)207Using NAT207SUA (Single User Account) Versus NAT207Applying NAT207NAT Setup209Address Mapping Sets210SUA Address Mapping Set210User-Defined Address Mapping Sets211Ordering Your Rules212Configuring a Server behind NAT214General NAT Examples215Example 1: Internet Access Only216Example 2: Internet Access with an Inside Server217Example 3: Multiple Public IP Addresses With Inside Servers217Example 4: NAT Unfriendly Application Programs221Enabling the Firewall223Remote Management and the Firewall223Access Methods223Enabling the Firewall223Filter Configuration227About Filtering227Configuring a Filter Set for the Prestige229Filter Rules Summary Menus230Configuring a Filter Rule231TCP/IP Filter Rule231Generic Filter Rule234Filter Types and NAT236Example Filter236Applying Filters and Factory Defaults239Ethernet Traffic239Remote Node Filters240SNMP Configuration241About SNMP241Supported MIBs242SNMP Configuration242SNMP Traps243System Security245System Security245System Password245System Information and Diagnosis247Overview247System Status247System Information249System Information249Console Port Speed250Log and Trace251Viewing Error Log251Syslog and Accounting251Diagnostic253Firmware and Configuration File Maintenance255Filename Conventions255Backup Configuration256Backup Configuration256Using the FTP Command from the Command Line256Example of FTP Commands from the Command Line257GUI-based FTP Clients257TFTP and FTP over WAN Management Limitations257Backup Configuration Using TFTP258TFTP Command Example258GUI-based TFTP Clients258Restore Configuration259Restore Using FTP259Restore Using FTP Session Example260Uploading Firmware and Configuration Files260Firmware File Upload260Configuration File Upload261FTP File Upload Command from the DOS Prompt Example261FTP Session Example of Firmware File Upload262TFTP File Upload262TFTP Upload Command Example263System Maintenance265Command Interpreter Mode265Call Control Support266Budget Management266Time and Date Setting267Resetting the Time269Remote Management271Remote Management Overview271Remote Management271Remote Management Setup271Remote Management Limitations272Remote Management and NAT273System Timeout273IP Policy Routing275IP Policy Routing Overview275Benefits of IP Policy Routing275Routing Policy275IP Routing Policy Setup275Applying an IP Policy278Ethernet IP Policies278IP Policy Routing Example279Call Scheduling283Introduction283Internal SPTGEN287Internal SPTGEN Overview287The Configuration Text File Format287Internal SPTGEN File Modification - Important Points to Remember288Internal SPTGEN FTP Download Example289Internal SPTGEN FTP Upload Example289Troubleshooting293Problems Starting Up the Prestige293Problems with the LAN LED293Problems with the DSL LED293Problems with the LAN Interface294Problems with the WAN Interface294Problems with Internet Access294Problems with the Password295Problems with the Web Configurator295Problems with Remote Management295IP Subnetting297PPPoE303Virtual Circuit Topology305Example Internal SPTGEN Screens307Setting up Your Computer’s IP Address331Splitters and Microfilters341Log Descriptions343Index349크기: 10.8메가바이트페이지: 354Language: English매뉴얼 열기
사용자 가이드차례Copyright2Federal Communications Commission (FCC) Interference Statement3ZyXEL Limited Warranty4Customer Support5List of Figures12List of Tables16List of Charts19Preface20Introduction to DSL22Getting To Know Your Prestige25Introducing the Prestige25Features of the Prestige25Applications for the Prestige29Internet Access29Internet Single User Account29Firewall for Secure Broadband Internet Access29LAN to LAN Application30Introducing the Web Configurator31Web Configurator Overview31Accessing the Prestige Web Configurator31Resetting the Prestige31Using The Reset Button32Navigating the Prestige Web Configurator32Wizard Setup35Wizard Setup Introduction35Encapsulation35ENET ENCAP35PPP over Ethernet35PPPoA35RFC 148335Multiplexing36VC-based Multiplexing36LLC-based Multiplexing36VPI and VCI36Wizard Setup Configuration: First Screen36IP Address and Subnet Mask37IP Address Assignment38IP Assignment with PPPoA or PPPoE Encapsulation38IP Assignment with RFC 1483 Encapsulation38IP Assignment with ENET ENCAP Encapsulation38Private IP Addresses38Nailed-Up Connection (PPP)39NAT39Wizard Setup Configuration: Second Screen39DHCP Setup43IP Pool Setup43Wizard Setup Configuration: Third Screen43Wizard Setup Configuration: Connection Tests45Test Your Internet Connection46Password Setup49Password Overview49Configuring Password49LAN Setup51LAN Overview51LANs, WANs and the Prestige51DNS Server Address51DNS Server Address Assignment52LAN TCP/IP52Factory LAN Defaults52IP Address and Subnet Mask52RIP Setup52Multicast53Configuring LAN53WAN Setup57WAN Overview57Metric57PPPoE Encapsulation57Traffic Shaping58Configuring WAN Setup58Traffic Redirect61Configuring WAN Backup62Network Address Translation (NAT) Screens67NAT Overview67NAT Definitions67What NAT Does67How NAT Works68NAT Application68NAT Mapping Types69SUA (Single User Account) Versus NAT70SUA Server70Port Forwarding: Services and Port Numbers71Configuring Servers Behind SUA (Example)71Selecting the NAT Mode71Configuring SUA Server72Configuring Address Mapping73Editing an Address Mapping Rule75Dynamic DNS Setup77Dynamic DNS77DYNDNS Wildcard77Configuring Dynamic DNS77Time and Date79Configuring Time and Date79Firewalls83Firewall Overview83Types of Firewalls83Packet Filtering Firewalls83Application-level Firewalls83Stateful Inspection Firewalls84Introduction to ZyXEL’s Firewall84Denial of Service85Basics85Types of DoS Attacks85ICMP Vulnerability87Illegal Commands (NetBIOS and SMTP)87Traceroute88Stateful Inspection88Stateful Inspection Process89Stateful Inspection and the Prestige89TCP Security90UDP/ICMP Security90Upper Layer Protocols90Guidelines for Enhancing Security with Your Firewall91Security In General91Packet Filtering Vs Firewall92Packet Filtering:92When To Use Filtering92Firewall92When To Use The Firewall93Firewall Configuration95Remote Management and the Firewall95Enabling the Firewall95Attack Alert95Alerts96Threshold Values96Half-Open Sessions96TCP Maximum Incomplete and Blocking Time96Creating Custom Rules99Rules Overview99Rule Logic Overview99Rule Checklist99Security Ramifications100Key Fields For Configuring Rules100Action100Service100Source Address100Destination Address100Connection Direction100LAN to WAN Rules100WAN to LAN Rules101Rule Summary101Predefined Services103Creating/Editing Firewall Rules105Source and Destination Addresses107Timeout108Factors Influencing Choices for Timeout Values108Customized Services109Introduction to Customized Services109Creating/Editing A Customized Service110Example Custom Service Firewall Rule110Content Filtering115Content Filtering Overview115Configuring Keyword Blocking115Configuring the Schedule116Configuring Trusted Computers117Remote Management Configuration121Remote Management Overview121Remote Management Limitations121Remote Management and NAT121System Timeout122Telnet122FTP122Web122Configuring Remote Management122Universal Plug-and-Play (UPnP)125Introducing Universal Plug and Play125How do I know if I'm using UPnP?125NAT Traversal125Cautions with UPnP125UPnP and ZyXEL125Configuring UPnP126Installing UPnP in Windows Example126Using UPnP in Windows XP Example128Logs Screens133Logs Overview133Alerts and Logs133Configuring Log Settings133Displaying the Logs135SMTP Error Messages136Example E-mail Log137Bandwidth Management141Bandwidth Management Overview141Bandwidth Classes and Filters141Proportional Bandwidth Allocation141Bandwidth Management Usage Examples142Application-based Bandwidth Management Example142Subnet-based Bandwidth Management Example142Application and Subnet-based Bandwidth Management Example142Scheduler143Priority-based Scheduler143Fairness-based Scheduler143Maximize Bandwidth Usage143Reserving Bandwidth for Non-Bandwidth Class Traffic143Maximize Bandwidth Usage Example144Bandwidth Borrowing145Bandwidth Borrowing Example145Maximize Bandwidth Usage With Bandwidth Borrowing147Configuring Summary147Configuring Class Setup148Bandwidth Manager Class Configuration149Bandwidth Management Statistics151Bandwidth Monitor152Maintenance157Maintenance Overview157System Status Screen157System Statistics158DHCP Table Screen160Diagnostic Screens161Diagnostic General Screen161Diagnostic DSL Line Screen161Firmware Screen162Introducing the SMT167SMT Introduction167Procedure for SMT Configuration via Telnet167Entering Password167Prestige SMT Menu Overview167Navigating the SMT Interface168System Management Terminal Interface Summary169Changing the System Password170Menu 1 General Setup171General Setup171Procedure To Configure Menu 1171Procedure to Configure Dynamic DNS172Menu 2 WAN Backup Setup175Introduction to WAN Backup Setup175Configuring Dial Backup in Menu 2175Traffic Redirect Setup176Menu 3 LAN Setup179LAN Setup179General Ethernet Setup179Protocol Dependent Ethernet Setup180TCP/IP Ethernet Setup and DHCP180Internet Access183Internet Access Overview183IP Policies183IP Alias183IP Alias Setup184Route IP Setup185Internet Access Configuration186Remote Node Configuration189Remote Node Setup Overview189Remote Node Setup189Remote Node Profile189Encapsulation and Multiplexing Scenarios190Scenario 1.One VC, Multiple Protocols190Scenario 2.One VC, One Protocol (IP)190Scenario 3.Multiple VCs190Outgoing Authentication Protocol193Remote Node Network Layer Options193My WAN Addr Sample IP Addresses194Remote Node Filter195Editing ATM Layer Options196VC-based Multiplexing (non-PPP Encapsulation)196LLC-based Multiplexing or PPP Encapsulation197Advance Setup Options197Static Route Setup199IP Static Route Overview199Configuration199Bridging Setup203Bridging in General203Bridge Ethernet Setup203Remote Node Bridging Setup203Bridge Static Route Setup205Network Address Translation (NAT)207Using NAT207SUA (Single User Account) Versus NAT207Applying NAT207NAT Setup209Address Mapping Sets210SUA Address Mapping Set210User-Defined Address Mapping Sets211Ordering Your Rules212Configuring a Server behind NAT214General NAT Examples215Example 1: Internet Access Only216Example 2: Internet Access with an Inside Server217Example 3: Multiple Public IP Addresses With Inside Servers217Example 4: NAT Unfriendly Application Programs221Enabling the Firewall223Remote Management and the Firewall223Access Methods223Enabling the Firewall223Filter Configuration227About Filtering227Configuring a Filter Set for the Prestige229Filter Rules Summary Menus230Configuring a Filter Rule231TCP/IP Filter Rule231Generic Filter Rule234Filter Types and NAT236Example Filter236Applying Filters and Factory Defaults239Ethernet Traffic239Remote Node Filters240SNMP Configuration241About SNMP241Supported MIBs242SNMP Configuration242SNMP Traps243System Security245System Security245System Password245System Information and Diagnosis247Overview247System Status247System Information249System Information249Console Port Speed250Log and Trace251Viewing Error Log251Syslog and Accounting251Diagnostic253Firmware and Configuration File Maintenance255Filename Conventions255Backup Configuration256Backup Configuration256Using the FTP Command from the Command Line256Example of FTP Commands from the Command Line257GUI-based FTP Clients257TFTP and FTP over WAN Management Limitations257Backup Configuration Using TFTP258TFTP Command Example258GUI-based TFTP Clients258Restore Configuration259Restore Using FTP259Restore Using FTP Session Example260Uploading Firmware and Configuration Files260Firmware File Upload260Configuration File Upload261FTP File Upload Command from the DOS Prompt Example261FTP Session Example of Firmware File Upload262TFTP File Upload262TFTP Upload Command Example263System Maintenance265Command Interpreter Mode265Call Control Support266Budget Management266Time and Date Setting267Resetting the Time269Remote Management271Remote Management Overview271Remote Management271Remote Management Setup271Remote Management Limitations272Remote Management and NAT273System Timeout273IP Policy Routing275IP Policy Routing Overview275Benefits of IP Policy Routing275Routing Policy275IP Routing Policy Setup275Applying an IP Policy278Ethernet IP Policies278IP Policy Routing Example279Call Scheduling283Introduction283Internal SPTGEN287Internal SPTGEN Overview287The Configuration Text File Format287Internal SPTGEN File Modification - Important Points to Remember288Internal SPTGEN FTP Download Example289Internal SPTGEN FTP Upload Example289Troubleshooting293Problems Starting Up the Prestige293Problems with the LAN LED293Problems with the DSL LED293Problems with the LAN Interface294Problems with the WAN Interface294Problems with Internet Access294Problems with the Password295Problems with the Web Configurator295Problems with Remote Management295IP Subnetting297PPPoE303Virtual Circuit Topology305Example Internal SPTGEN Screens307Setting up Your Computer’s IP Address331Splitters and Microfilters341Log Descriptions343Index349크기: 10.8메가바이트페이지: 354Language: English매뉴얼 열기