사용자 설명서 (91-003-154001B)차례P-202H Plus v21Copyright3Certifications4Safety Warnings5ZyXEL Limited Warranty6Customer Support7Table of Contents9List of Figures21List of Tables27Preface311. Getting To Know Your ZyXEL Device331.1 Introducing the ZyXEL Device331.2 Features331.3 Applications for the ZyXEL Device371.3.1 Internet Access371.3.2 LAN-to-LAN Connection371.3.3 Remote Access Server381.3.4 Secure Broadband Internet Access and VPN381.4 Front Panel LEDs391.5 Hardware Connection402. Introducing the Web Configurator412.1 Web Configurator Overview412.2 Accessing the Web Configurator412.3 Resetting the ZyXEL Device422.3.1 Using the Reset Button422.4 Navigating the Web Configurator432.4.1 Changing Login Password443. Wizard Setup473.1 Introduction473.1.1 MSN (Multiple Subscriber Number) and Subaddress473.1.2 PABX Outside Line Prefix473.2 Wizard Setup473.2.1 Test Your Internet Connection544. LAN Setup554.1 LAN Overview554.1.1 LANs, WANs and the ZyXEL Device554.1.2 DHCP Setup554.1.2.1 IP Pool Setup564.1.3 DNS Server Address Assignment564.2 LAN TCP/IP564.2.1 IP Address and Subnet Mask564.2.1.1 Private IP Addresses574.3 Configuring LAN Setup575. WAN Setup615.1 WAN Overview615.1.1 PPP Multilink615.1.2 Bandwidth on Demand615.1.3 IP Address Assignment615.2 Internet Access Setup616. Network Address Translation (NAT) Screens656.1 NAT Overview656.1.1 NAT Definitions656.1.2 What NAT Does666.1.3 How NAT Works666.1.4 NAT Application676.1.5 NAT Mapping Types676.2 SUA (Single User Account) Versus NAT686.3 Selecting the NAT Mode686.4 SUA Server696.4.1 Default Server IP Address706.4.2 Port Forwarding: Services and Port Numbers706.4.3 Configuring Servers Behind NAT (Example)706.5 Configuring SUA Server716.6 Configuring Address Mapping726.6.1 Address Mapping Rule Edit737. Dynamic DNS757.1 Dynamic DNS Overview757.1.1 DYNDNS Wildcard757.2 Configuring Dynamic DNS758. Firewalls778.1 Firewall Overview778.2 Types of Firewalls778.2.1 Packet Filtering Firewalls778.2.2 Application-level Firewalls778.2.3 Stateful Inspection Firewalls788.3 Introduction to ZyXEL’s Firewall788.3.1 Denial of Service Attacks798.4 Denial of Service798.4.1 Basics798.4.2 Types of DoS Attacks808.4.2.1 ICMP Vulnerability828.4.2.2 Illegal Commands (NetBIOS and SMTP)828.4.2.3 Traceroute838.5 Stateful Inspection838.5.1 Stateful Inspection Process848.5.2 Stateful Inspection and the ZyXEL Device848.5.3 TCP Security858.5.4 UDP/ICMP Security858.5.5 Upper Layer Protocols868.6 Guidelines for Enhancing Security with Your Firewall868.6.1 Security In General868.7 Packet Filtering Vs Firewall878.7.1 Packet Filtering:878.7.1.1 When To Use Filtering888.7.2 Firewall888.7.2.1 When To Use The Firewall889. Firewall Configuration899.1 Enabling the Firewall899.2 E-Mail899.3 Attack Alert919.3.1 Alerts919.3.2 Threshold Values919.3.3 Half-Open Sessions929.3.3.1 TCP Maximum Incomplete and Blocking Time929.3.4 Configuring Firewall Alert929.4 Rules Overview949.5 Rule Logic Overview949.5.1 Rule Checklist959.5.2 Security Ramifications959.5.3 Key Fields For Configuring Rules959.5.3.1 Action959.5.3.2 Service959.5.3.3 Source Address969.5.3.4 Destination Address969.6 Connection Direction969.6.1 LAN to WAN Rules969.6.2 WAN to LAN Rules969.7 Firewall Rules Summary969.7.1 Configuring Firewall Rules989.7.2 Source and Destination Addresses1009.7.3 Customized Services1019.7.4 Configuring A Customized Service1029.8 Timeout1029.8.1 Factors Influencing Choices for Timeout Values1039.9 Logs Screen1049.10 Example Firewall Rule1059.11 Predefined Services10810. Introduction to IPSec11110.1 VPN Overview11110.1.1 IPSec11110.1.2 Security11110.1.3 Other Terminology11110.1.3.1 Encryption11110.1.3.2 Data Confidentiality11210.1.3.3 Data Integrity11210.1.3.4 Data Origin Authentication11210.1.4 VPN Applications11210.2 IPSec Architecture11210.2.1 IPSec Algorithms11310.2.2 Key Management11310.3 Encapsulation11310.3.1 Transport Mode11410.3.2 Tunnel Mode11410.4 IPSec and NAT11411. VPN Screens11711.1 VPN/IPSec Overview11711.2 IPSec Algorithms11711.2.1 AH (Authentication Header) Protocol11711.2.2 ESP (Encapsulating Security Payload) Protocol11711.3 My IP Address11811.4 Secure Gateway IP Address11811.4.1 Dynamic Secure Gateway Address11911.5 VPN Summary Screen11911.6 Keep Alive12111.7 ID Type and Content12111.7.1 ID Type and Content Examples12211.8 Pre-Shared Key12311.9 VPN Rules12311.10 IKE Phases12711.10.1 Negotiation Mode12811.10.2 Diffie-Hellman (DH) Key Groups12911.10.3 Perfect Forward Secrecy (PFS)12911.11 Advanced IKE Settings12911.12 Manual Key13211.12.1 Security Parameter Index (SPI)13211.13 Manual Key Screen13311.14 SA Monitor Screen13511.15 Global Setting Screen13611.16 Telecommuter VPN/IPSec Examples13711.16.1 Telecommuters Sharing One VPN Rule Example13711.16.2 Telecommuters Using Unique VPN Rules Example13811.17 Logs13912. NetCAPI14112.1 NetCAPI Overview14112.2 CAPI14112.2.1 ISDN-DCP14112.3 Configuring NetCAPI14212.3.1 Configuring the ZyXEL Device as a NetCAPI Server14312.3.2 RVS-COM14312.3.3 Example of Installing a CAPI driver and Communication Software14413. Supplementary Phone Services14513.1 Overview14513.2 Setting Up Supplemental Phone Service14613.3 The Flash Key14613.4 Call Waiting14613.4.1 How to Use Call Waiting14613.4.1.1 Placing the Current Call on Hold14613.4.1.2 Dropping the Current Call to Switch to an Incoming/Holding Call14613.5 Three Way Calling14713.5.1 How to Use Three-Way Calling14713.5.1.1 To drop the last call added to the three-way call:14713.5.1.2 To drop yourself from the conference call:14713.6 Call Transfer14713.6.1 How to Use Call Transfer14713.6.2 To Do a Blind Transfer:14813.7 Call Forwarding14813.8 Reminder Ring14813.9 Multiple Subscriber Number (MSN)14913.10 Using MSN14913.11 Terminal Portability (Suspend/Resume)14913.11.1 How to Suspend/Resume a Phone Call:14913.11.1.1 To suspend an active phone call14913.11.1.2 To resume your phone call14914. Maintenance15114.1 Maintenance Overview15114.2 System Status15114.2.1 System Statistics15314.3 DHCP Table Screen15414.4 Firmware Screen15514.5 Budget Control15815. Introducing the SMT15915.1 SMT Introduction15915.2 Accessing the ZyXEL Device via Console Port15915.2.1 Initial Screen15915.2.2 Entering Password15915.3 Procedure for SMT Configuration via Telnet16015.4 SMT Menu Overview16015.5 Navigating the SMT Interface16215.5.1 System Management Terminal Interface Summary16315.6 Changing the System Password16416. Menu 1 General Setup16716.1 General Setup16716.2 Procedure To Configure Menu 116716.2.1 Procedure to Configure Dynamic DNS16817. Menu 2 ISDN Setup17117.1 ISDN Setup Overview17117.1.1 Supplementary Voice Services17117.1.2 ISDN Call Waiting17117.1.3 PABX Outside Line Prefix17117.1.4 Outgoing Calling Party Number17217.2 ISDN Setup17217.2.1 ISDN Advanced Setup17417.2.2 Configuring Advanced Setup17517.3 NetCAPI17617.3.1 Configuring NetCAPI17618. Menu 3 Ethernet Setup17918.1 Ethernet Setup17918.1.1 General Ethernet Setup17918.2 Ethernet TCP/IP and DHCP Server18018.3 Configuring TCP/IP Ethernet Setup and DHCP18018.3.1 IP Alias Setup18119. Internet Access Setup18519.1 Introduction to Internet Access Setup18519.2 Internet Access Setup18520. Remote Node Configuration18720.1 Introduction to Remote Node Setup18720.1.1 Minimum Toll Period18720.2 Remote Node Profile Setup18720.3 Outgoing Authentication Protocol19020.4 PPP Multilink19120.5 Bandwidth on Demand19120.6 Editing PPP Options19220.7 LAN-to-LAN Application19320.8 Configuring Network Layer Options19420.9 Remote Node Filter19621. Static Route Setup19921.1 Static Route19921.2 IP Static Route Setup19922. Dial-in Setup20322.1 Dial-in Users Overview20322.2 Default Dial-in User Setup20322.2.1 CLID Callback Support For Dial-In Users20322.3 Setting Up Default Dial-in20422.3.1 Default Dial-in Filter20622.4 Callback Overview20622.5 Dial-In User Setup20722.6 Telecommuting Application With Windows Example20822.7 LAN-to-LAN Server Application Example21022.7.1 Configuring Callback in LAN-to-LAN Application21022.7.2 Configuring With CLID in LAN-to-LAN Application21223. Network Address Translation (NAT)21523.1 Using NAT21523.1.1 SUA (Single User Account) Versus NAT21523.2 Applying NAT21523.3 NAT Setup21723.3.1 Address Mapping Sets21723.3.1.1 User-Defined Address Mapping Sets21923.3.1.2 Ordering Your Rules22023.4 Configuring a Server behind NAT22123.5 General NAT Examples22323.5.1 Example 1: Internet Access Only22323.5.2 Example 2: Internet Access with an Inside Server22423.5.3 Example 3: Multiple Public IP Addresses With Inside Servers22423.5.4 Example 4: NAT Unfriendly Application Programs22824. Enabling the Firewall23124.1 Remote Management and the Firewall23124.2 Access Methods23124.3 Enabling the Firewall23124.3.1 Viewing the Firewall Log23224.3.2 Example E-mail Log23425. Filter Configuration23525.1 Introduction to Filters23525.1.1 The Filter Structure of the ZyXEL Device23625.2 Configuring a Filter Set23725.2.1 Filter Rules Summary Menus24025.2.2 Configuring a Filter Rule24125.2.3 Configuring a TCP/IP Filter Rule24125.2.4 Configuring a Generic Filter Rule24425.3 Example Filter24625.4 Filter Types and NAT24825.5 Firewall Versus Filters24925.6 Applying a Filter24925.6.1 Applying LAN Filters24925.6.2 Applying Remote Node Filters25026. SNMP Configuration25126.1 About SNMP25126.2 Supported MIBs25226.3 SNMP Configuration25226.4 SNMP Traps25327. System Security25527.1 System Security25527.2 System Password25527.3 RADIUS25527.4 Configuring External Server25628. System Information and Diagnosis25928.1 System Status25928.2 System Information and Console Port Speed26128.2.1 System Information26128.2.2 Console Port Speed26228.3 Log and Trace26328.3.1 Viewing Error Log26328.3.2 Unix Syslog26428.3.2.1 CDR26528.3.2.2 Packet triggered26628.3.2.3 Filter log26628.3.2.4 PPP log26728.3.2.5 POTS log26728.3.3 Accounting Server26728.3.4 Call-Triggering Packet26828.4 Diagnostic26929. Firmware and Configuration File Maintenance27129.1 Filename Conventions27129.2 Backup Configuration27229.2.1 Backup Configuration27229.2.2 Using the FTP Command from the Command Line27329.2.3 Example of FTP Commands from the Command Line27329.2.4 GUI-based FTP Clients27429.2.5 Remote Management Limitations27429.2.6 Backup Configuration Using TFTP27429.2.7 TFTP Command Example27529.2.8 GUI-based TFTP Clients27529.2.9 Backup Via Console Port27629.3 Restore Configuration27729.3.1 Restore Using FTP27729.3.2 Restore Using FTP Session Example27829.3.3 Restore Via Console Port27829.4 Uploading Firmware and Configuration Files27929.4.1 Firmware File Upload27929.4.2 Configuration File Upload28029.4.3 FTP File Upload Command from the DOS Prompt Example28129.4.4 FTP Session Example of Firmware File Upload28129.4.5 TFTP File Upload28129.4.6 TFTP Upload Command Example28229.4.7 Uploading Via Console Port28229.4.8 Uploading Firmware File Via Console Port28229.4.9 Example Xmodem Firmware Upload Using HyperTerminal28329.4.10 Uploading Configuration File Via Console Port28329.4.11 Example Xmodem Configuration Upload Using HyperTerminal28430. System Maintenance28530.1 Command Interpreter Mode28530.1.1 Command Syntax28530.1.2 Command Usage28630.2 Call Control Support28630.2.1 Call Control Parameters28730.2.2 Black List28730.2.3 Budget Management28830.2.4 Call History28930.3 Time and Date Setting29030.3.1 Resetting the Time29131. Remote Management29331.1 Remote Management29331.1.1 Remote Management Limitations29431.2 Remote Management and NAT29431.3 System Timeout29532. Call Scheduling29732.1 Introduction to Call Scheduling29733. VPN/IPSec Setup30133.1 VPN/IPSec Overview30133.2 IPSec Summary Screen30233.3 IPSec Setup30433.4 IKE Setup30733.5 Manual Setup30933.5.1 Active Protocol30934. SA Monitor31334.1 SA Monitor Overview31334.2 Using SA Monitor31335. IPSec Log31535.1 IPSec Logs31536. Troubleshooting31936.1 Problems Starting Up the ZyXEL Device31936.2 Problems with the LAN31936.3 Problems with the ISDN Line32036.4 Problems with Remote User Dial-in32036.5 Problems Accessing the ZyXEL Device321A. Product Specifications323B. Wall-mounting Instructions325C. Log Descriptions327D. Setting up Your Computer’s IP Address33936.5.1 Verifying Settings354E. IP Addresses and Subnetting355F. Pop-up Windows, JavaScripts and Java Permissions363Index371A371B371C371D371E372F372G372H372I372K373L373M373N373O373P373Q374R374S374T375U375V375W375X375Z375크기: 9.78메가바이트페이지: 375Language: English매뉴얼 열기