advertisement
Prestige 660R
ADSL 2+ Access Gateway
User's Guide
Version 3.40
April
2004
Prestige 660R ADSL 2+ Access Gateway
Copyright
Copyright © 2004 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others.
ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc.
Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Prestige 660R ADSL 2+ Access Gateway
Federal Communications Commission
(FCC) Interference Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
•
This device may not cause harmful interference.
•
This device must accept any interference received, including interference that may cause undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
1. Reorient or relocate the receiving antenna.
2. Increase the separation between the equipment and the receiver.
3. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
4. Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.
Certifications
to
2. Select your product from the drop-down list box on the ZyXEL home page to go to that product's page.
3. Select the certification you wish to view from this page
FCC Statement iii
Prestige 660R ADSL 2+ Access Gateway
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material
Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address,
Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country.
Safety Warnings
1. To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.
2. Do not use this product near water, for example, in a wet basement or near a swimming pool.
3. Avoid using this product during an electrical storm. There may be a remote risk of electric shock from lightening.
iv ZyXEL Warranty
Prestige 660R ADSL 2+ Access Gateway
Customer Support
Please have the following information ready when you contact customer support.
•
Product model and serial number.
•
Warranty Information.
•
Date that you received your device.
•
Brief description of the problem and the steps you took to solve it.
METHOD SUPPORT E-MAIL TELEPHONE
1
LOCATION
SALES E-MAIL FAX
1
SITE
REGULAR MAIL
WORLDWIDE [email protected] +886-3-578-3942 www.zyxel.com
www.europe.zyxel.com
+886-3-578-2439 ftp.zyxel.com
ftp.europe.zyxel.com
ZyXEL Communications Corp.
6 Innovation Road II
Science Park
Hsinchu 300
Taiwan
NORTH
AMERICA
GERMANY
FRANCE
SPAIN
DENMARK
NORWAY [email protected]
+1-800-255-4101
+1
-
714
-
632-0882 www.us.zyxel.com
+1-714-632-0858 ftp.us.zyxel.com
[email protected] [email protected] [email protected] [email protected]
+49-2405-6909-0
+49-2405-6909-99
+33 (0)4 72 52 97 97
+33 (0)4 72 52 19 20
+34 902 195 420
+34 913 005 345
+45 39 55 07 00
+45 39 55 07 07
+47 22 80 61 80
+47 22 80 61 81 www.zyxel.de www.zyxel.fr www.zyxel.es
www.zyxel.dk
www.zyxel.no
ZyXEL Communications Inc.
1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.
ZyXEL Deutschland GmbH.
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
ZyXEL France
1 rue des Vergers
Bat. 1 / C
69760 Limonest
France
ZyXEL Communications
Alejandro Villegas 33
1º, 28043 Madrid
Spain
ZyXEL Communications A/S
Columbusvej 5
2860 Soeborg
Denmark
ZyXEL Communications A/S
Nils Hansens vei 13
0667 Oslo
Norway
1
“+” is the (prefix) number you enter to make an international telephone call.
Customer Support v
Prestige 660R ADSL 2+ Access Gateway
METHOD
LOCATION
SWEDEN
FINLAND
SUPPORT E-MAIL
SALES E-MAIL
TELEPHONE
1
FAX
+46 31 744 7700
+46 31 744 7701 www.zyxel.se
+358-9-4780-8411 [email protected] +358-9-4780 8448
REGULAR MAIL
ZyXEL Communications A/S
Sjöporten 4, 41764 Göteborg
Sweden
ZyXEL Communications Oy
Malminkaari 10
00700 Helsinki
Finland vi Customer Support
Prestige 660R ADSL 2+ Access Gateway
Table of Contents
Copyright.........................................................................................................................................................ii
Federal Communications Commission (FCC) Interference Statement.....................................................iii
ZyXEL Limited Warranty.............................................................................................................................iv
Customer Support...........................................................................................................................................v
List of Figures................................................................................................................................................xii
List of Tables.................................................................................................................................................xvi
List of Charts..............................................................................................................................................xviii
Preface...........................................................................................................................................................xix
Introduction to DSL....................................................................................................................................xxii
Getting Started ................................................................................................................................................ I
Chapter 1 Getting To Know Your Prestige.................................................................................................1-1
1.1
Introducing the Prestige .............................................................................................................1-1
1.2
Features of the Prestige ..............................................................................................................1-2
1.3
Applications for the Prestige ......................................................................................................1-5
Chapter 2 Introducing the Web Configurator...........................................................................................2-1
2.1
Web Configurator Overview......................................................................................................2-1
2.2
Accessing the Prestige Web Configurator..................................................................................2-1
2.3
Resetting the Prestige.................................................................................................................2-2
2.4
Navigating the Prestige Web Configurator ................................................................................2-2
Chapter 3 Wizard Setup ..............................................................................................................................3-1
3.1
Wizard Setup Introduction .........................................................................................................3-1
3.2
Encapsulation .............................................................................................................................3-1
3.3
Multiplexing...............................................................................................................................3-2
3.4
VPI and VCI...............................................................................................................................3-2
3.5
Wizard Setup Configuration: First Screen .................................................................................3-2
3.6
IP Address and Subnet Mask .....................................................................................................3-4
3.7
IP Address Assignment ..............................................................................................................3-4
3.8
Nailed-Up Connection (PPP) .....................................................................................................3-6
3.9
NAT ...........................................................................................................................................3-6
3.10
Wizard Setup Configuration: Second Screen .............................................................................3-6
3.11
DHCP Setup.............................................................................................................................3-11
3.12
Wizard Setup Configuration: Third Screen..............................................................................3-12
3.13
Wizard Setup Configuration: Connection Tests.......................................................................3-14
3.14
Test Your Internet Connection.................................................................................................3-15
Password, LAN and WAN .............................................................................................................................II
Chapter 4 Password Setup ..........................................................................................................................4-1
4.1
Password Overview....................................................................................................................4-1
4.2
Configuring Password................................................................................................................4-1
Table of Contents vii
Prestige 660R ADSL 2+ Access Gateway
Chapter 5 LAN Setup ..................................................................................................................................5-1
5.1
LAN Overview ..........................................................................................................................5-1
5.2
DNS Server Address..................................................................................................................5-1
5.3
DNS Server Address Assignment ..............................................................................................5-2
5.4
LAN TCP/IP ..............................................................................................................................5-2
5.5
Configuring LAN.......................................................................................................................5-4
Chapter 6 WAN Setup .................................................................................................................................6-1
6.1
WAN Overview .........................................................................................................................6-1
6.2
Metric.........................................................................................................................................6-1
6.3
PPPoE Encapsulation.................................................................................................................6-1
6.4
Traffic Shaping ..........................................................................................................................6-2
6.5
Configuring WAN Setup ...........................................................................................................6-3
6.6
Traffic Redirect..........................................................................................................................6-7
6.7
Configuring WAN Backup ........................................................................................................6-8
NAT, Dynamic DNS and Time and Date.....................................................................................................III
Chapter 7 Network Address Translation (NAT) Screens..........................................................................7-1
7.1
NAT Overview ..........................................................................................................................7-1
7.2
SUA (Single User Account) Versus NAT .................................................................................7-4
7.3
SUA Server................................................................................................................................7-5
7.4
Selecting the NAT Mode ...........................................................................................................7-6
7.5
Configuring SUA Server............................................................................................................7-7
7.6
Configuring Address Mapping...................................................................................................7-9
7.7
Editing an Address Mapping Rule ...........................................................................................7-11
Chapter 8 Dynamic DNS Setup ..................................................................................................................8-1
8.1
Dynamic DNS............................................................................................................................8-1
8.2
Configuring Dynamic DNS .......................................................................................................8-1
Chapter 9 Time and Date ............................................................................................................................9-1
9.1
Configuring Time and Date .......................................................................................................9-1
Remote Management and UPnP..................................................................................................................IV
Chapter 10 Remote Management Configuration....................................................................................10-1
10.1
Remote Management Overview...............................................................................................10-1
10.2
Telnet .......................................................................................................................................10-2
10.3
FTP ..........................................................................................................................................10-2
10.4
Web..........................................................................................................................................10-2
10.5
Configuring Remote Management...........................................................................................10-3
Chapter 11 Universal Plug-and-Play (UPnP) .......................................................................................... 11-1
11.1
Introducing Universal Plug and Play .......................................................................................11-1
11.2
UPnP and ZyXEL ....................................................................................................................11-2
11.3
Installing UPnP in Windows Example.....................................................................................11-3
11.4
Using UPnP in Windows XP Example ....................................................................................11-5
Maintenance ................................................................................................................................................... V
viii Table of Contents
Prestige 660R ADSL 2+ Access Gateway
Chapter 12 Maintenance ...........................................................................................................................12-1
12.1
Maintenance Overview ............................................................................................................12-1
12.2
System Status Screen ...............................................................................................................12-1
12.3
DHCP Table Screen .................................................................................................................12-6
12.4
Diagnostic Screens ...................................................................................................................12-7
12.5
Firmware Screen ......................................................................................................................12-9
SMT General Configuration ....................................................................................................................... VI
Chapter 13 Introducing the SMT .............................................................................................................13-1
13.1
SMT Introduction.....................................................................................................................13-1
13.2
Navigating the SMT Interface..................................................................................................13-3
13.3
Changing the System Password ...............................................................................................13-5
Chapter 14 Menu 1 General Setup ...........................................................................................................14-1
14.1
General Setup...........................................................................................................................14-1
14.2
Procedure To Configure Menu 1..............................................................................................14-1
Chapter 15 Menu 2 WAN Backup Setup..................................................................................................15-1
15.1
Introduction to WAN Backup Setup ........................................................................................15-1
15.2
Configuring Dial Backup in Menu 2........................................................................................15-1
Chapter 16 Menu 3 LAN Setup ................................................................................................................16-1
16.1
LAN Setup ...............................................................................................................................16-1
16.2
Protocol Dependent Ethernet Setup .........................................................................................16-2
16.3
TCP/IP Ethernet Setup and DHCP...........................................................................................16-2
Chapter 17 Internet Access .......................................................................................................................17-1
17.1
Internet Access Overview ........................................................................................................17-1
17.2
IP Policies ................................................................................................................................17-1
17.3
IP Alias.....................................................................................................................................17-1
17.4
IP Alias Setup...........................................................................................................................17-2
17.5
Route IP Setup..........................................................................................................................17-4
17.6
Internet Access Configuration..................................................................................................17-4
Chapter 18 Remote Node Configuration..................................................................................................18-1
18.1
Remote Node Setup Overview.................................................................................................18-1
18.2
Remote Node Setup..................................................................................................................18-1
18.3
Remote Node Network Layer Options.....................................................................................18-6
18.4
Remote Node Filter ..................................................................................................................18-8
18.5
Editing ATM Layer Options ..................................................................................................18-12
Chapter 19 Static Route Setup ..................................................................................................................19-1
19.1
IP Static Route Overview.........................................................................................................19-1
19.2
Configuration ...........................................................................................................................19-2
Chapter 20 Bridging Setup........................................................................................................................20-1
20.1
Bridging in General..................................................................................................................20-1
20.2
Bridge Ethernet Setup ..............................................................................................................20-1
Chapter 21 Network Address Translation (NAT)....................................................................................21-1
Table of Contents ix
Prestige 660R ADSL 2+ Access Gateway
21.1
Using NAT...............................................................................................................................21-1
21.2
Applying NAT .........................................................................................................................21-1
21.3
NAT Setup ...............................................................................................................................21-3
21.4
Configuring a Server behind NAT...........................................................................................21-9
21.5
General NAT Examples.........................................................................................................21-11
SMT Advanced Management..................................................................................................................... VII
Chapter 22 Filter Configuration...............................................................................................................22-1
22.1
About Filtering.........................................................................................................................22-1
22.2
Configuring a Filter Set for the Prestige ..................................................................................22-4
22.3
Filter Rules Summary Menus ..................................................................................................22-6
22.4
Configuring a Filter Rule .........................................................................................................22-7
22.5
Filter Types and NAT ............................................................................................................22-14
22.6
Example Filter........................................................................................................................22-14
22.7
Applying Filters and Factory Defaults...................................................................................22-17
Chapter 23 SNMP Configuration .............................................................................................................23-1
23.1
About SNMP............................................................................................................................23-1
23.2
Supported MIBs.......................................................................................................................23-2
23.3
SNMP Configuration ...............................................................................................................23-2
23.4
SNMP Traps ............................................................................................................................23-4
Chapter 24 System Information and Diagnosis.......................................................................................24-1
24.1
System Status...........................................................................................................................24-1
24.2
System Information..................................................................................................................24-3
24.3
Log and Trace ..........................................................................................................................24-5
24.4
Diagnostic ................................................................................................................................24-8
Chapter 25 Firmware and Configuration File Maintenance .................................................................25-1
25.1
Filename Conventions .............................................................................................................25-1
25.2
Backup Configuration..............................................................................................................25-2
25.3
Restore Configuration..............................................................................................................25-6
25.4
Uploading Firmware and Configuration Files .........................................................................25-7
Chapter 26 System Maintenance..............................................................................................................26-1
26.1
Command Interpreter Mode.....................................................................................................26-1
26.2
Call Control Support................................................................................................................26-2
26.3
Time and Date Setting .............................................................................................................26-4
Chapter 27 Remote Management.............................................................................................................27-1
27.1
Remote Management Overview...............................................................................................27-1
27.2
Remote Management ...............................................................................................................27-1
27.3
Remote Management and NAT ...............................................................................................27-3
27.4
System Timeout .......................................................................................................................27-3
Chapter 28 IP Policy Routing ...................................................................................................................28-1
28.1
IP Policy Routing Overview ....................................................................................................28-1
28.2
Benefits of IP Policy Routing ..................................................................................................28-1 x Table of Contents
Prestige 660R ADSL 2+ Access Gateway
28.3
Routing Policy..........................................................................................................................28-1
28.4
IP Routing Policy Setup ...........................................................................................................28-2
28.5
Applying an IP Policy ..............................................................................................................28-5
28.6
IP Policy Routing Example ......................................................................................................28-6
Chapter 29 Call Scheduling.......................................................................................................................29-1
29.1
Introduction..............................................................................................................................29-1
Appendices and Index............................................................................................................................... VIII
Appendix A Troubleshooting......................................................................................................................A-1
Appendix B IP Subnetting..........................................................................................................................B-1
Appendix C PPPoE .....................................................................................................................................C-1
Appendix D Virtual Circuit Topology .......................................................................................................D-1
Appendix E Setting up Your Computer’s IP Address ..............................................................................E-1
Appendix F Splitters and Microfilters....................................................................................................... F-1
Appendix G Log Descriptions ................................................................................................................... G-1
Appendix H Index ...................................................................................................................................... H-1
Table of Contents xi
Prestige 660R ADSL 2+ Access Gateway
List of Figures
Figure 1-1 Prestige Internet Access Application.............................................................................................1-6
Figure 1-2 Prestige LAN-to-LAN Application ...............................................................................................1-6
Figure 2-1 Password Screen ...........................................................................................................................2-1
Figure 2-2 Web Configurator SITE MAP Screen ...........................................................................................2-3
Figure 3-1 Wizard Screen 1 ............................................................................................................................3-3
Figure 3-2 Internet Connection with PPPoE...................................................................................................3-6
Figure 3-3 Internet Connection with RFC 1483 .............................................................................................3-8
Figure 3-4 Internet Connection with ENET ENCAP......................................................................................3-9
Figure 3-5 Internet Connection with PPPoA ................................................................................................3-10
Figure 3-6 Wizard Screen 3 ..........................................................................................................................3-12
Figure 3-7 Wizard : LAN Configuration.......................................................................................................3-13
Figure 3-8 Wizard Screen 4 ..........................................................................................................................3-14
Figure 4-1 Password .......................................................................................................................................4-1
Figure 5-1 LAN and WAN IP Addresses ........................................................................................................5-1
Figure 5-2 LAN ..............................................................................................................................................5-4
Figure 6-1 Example of Traffic Shaping ..........................................................................................................6-3
Figure 6-2 WAN Setup .....................................................................................................................................6-4
Figure 6-3 Traffic Redirect Example ..............................................................................................................6-8
Figure 6-4 Traffic Redirect LAN Setup ..........................................................................................................6-8
Figure 6-5 WAN Backup
..................................................................................................................................6-9
Figure 7-1 How NAT Works...........................................................................................................................7-2
Figure 7-2 NAT Application With IP Alias .....................................................................................................7-3
Figure 7-3 Multiple Servers Behind NAT Example........................................................................................7-6
Figure 7-4 NAT Mode.....................................................................................................................................7-7
Figure 7-5 Edit SUA/NAT Server Set.............................................................................................................7-8
Figure 7-6 Address Mapping Rules ..............................................................................................................7-10
Figure 7-7 Address Mapping Rule Edit ........................................................................................................7-11
Figure 8-1 DDNS............................................................................................................................................8-2
Figure 9-1 Time and Date ...............................................................................................................................9-1
Figure 10-1 Telnet Configuration on a TCP/IP Network ..............................................................................10-2
Figure 10-2 Remote Management ................................................................................................................10-3
Figure 11-1 Configuring UPnP .....................................................................................................................11-2
Figure 12-1 System Status ............................................................................................................................12-2
Figure 12-2 System Status: Show Statistics..................................................................................................12-4
Figure 12-3 DHCP Table ..............................................................................................................................12-6
Figure 12-4 Diagnostic General....................................................................................................................12-7
Figure 12-5 Diagnostic DSL Line.................................................................................................................12-8
Figure 12-6 Firmware Upgrade ..................................................................................................................12-10 xii List of Figures
Prestige 660R ADSL 2+ Access Gateway
Figure 12-7 Network Temporarily Disconnected........................................................................................12-11
Figure 12-8 Error Message..........................................................................................................................12-11
Figure 13-1 Login Screen ............................................................................................................................ 13-1
Figure 13-2 Prestige 660R SMT Menu Overview ....................................................................................... 13-2
Figure 13-3 SMT Main Menu ...................................................................................................................... 13-4
Figure 13-4 Menu 23.1 Change Password ................................................................................................... 13-5
Figure 14-1 Menu 1 General Setup.............................................................................................................. 14-2
Figure 14-2 Menu 1.1 Configure Dynamic DNS ......................................................................................... 14-3
Figure 15-1 Menu 2 WAN Backup Setup .................................................................................................... 15-1
Figure 15-2 Menu 2.1Traffic Redirect Setup ............................................................................................... 15-3
Figure 16-1 Menu 3 LAN Setup .................................................................................................................. 16-1
Figure 16-2 Menu 3.1 LAN Port Filter Setup .............................................................................................. 16-2
Figure 16-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup ........................................................................... 16-3
Figure 17-1 Physical Network Figure 17-2 Partitioned Logical Networks ......................... 17-2
Figure 17-3 Menu 3.2 TCP/IP and DHCP Setup.......................................................................................... 17-2
Figure 17-4 Menu 3.2.1 IP Alias Setup ........................................................................................................ 17-3
Figure 17-5 Menu 1 General Setup.............................................................................................................. 17-4
Figure 17-6 Menu 4 Internet Access Setup .................................................................................................. 17-5
Figure 18-1 Menu 11 Remote Node Setup................................................................................................... 18-2
Figure 18-2 Menu 11.1 Remote Node Profile .............................................................................................. 18-3
Figure 18-3 Menu 11.3 Remote Node Network Layer Options ................................................................... 18-6
Figure 18-4 Sample IP Addresses for a TCP/IP LAN-to-LAN Connection ................................................. 18-8
Figure 18-5 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation) ..................................... 18-9
Figure 18-6 Menu 11.5 Remote Node Filter (PPPoA or PPPoE Encapsulation).......................................... 18-9
Figure 18-7 Internet Security ..................................................................................................................... 18-10
Figure 18-8 Menu 21- Filer Set Configuration ...........................................................................................18-11
Figure 18-9 Menu 21.11- WebSet 11 ..........................................................................................................18-11
Figure 18-10 Menu 21.12- WebSet 12 ........................................................................................................18-11
Figure 18-11 Menu 11.6 for VC-based Multiplexing................................................................................. 18-12
Figure 18-12 Menu 11.6 for LLC-based Multiplexing or PPP Encapsulation ........................................... 18-13
Figure 18-13 Menu 11.1 Remote Node Profile .......................................................................................... 18-13
Figure 18-14 Menu 11.8 Advance Setup Options ...................................................................................... 18-14
Figure 19-1 Sample Static Routing Topology .............................................................................................. 19-1
Figure 19-2 Menu 12 Static Route Setup ..................................................................................................... 19-2
Figure 19-3 Menu 12.1 IP Static Route Setup.............................................................................................. 19-2
Figure 19-4 Menu12.1.1 Edit IP Static Route .............................................................................................. 19-3
Figure 20-1 Menu 11.1 Remote Node Profile .............................................................................................. 20-2
Figure 20-2 Menu 11.3 Remote Node Network Layer Options ................................................................... 20-2
Figure 20-3 Menu 12.3.1 Edit Bridge Static Route...................................................................................... 20-3
Figure 21-1 Menu 4 Applying NAT for Internet Access .............................................................................. 21-2
Figure 21-2 Menu 11.3 Applying NAT to the Remote Node ....................................................................... 21-3
List of Figures xiii
Prestige 660R ADSL 2+ Access Gateway
Figure 21-3 Menu 15 NAT Setup..................................................................................................................21-4
Figure 21-4 Menu 15.1 Address Mapping Sets.............................................................................................21-4
Figure 21-5 Menu 15.1.255 SUA Address Mapping Rules ..........................................................................21-5
Figure 21-6 Menu 15.1.1 First Set ................................................................................................................21-6
Figure 21-7 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set...............................................21-8
Figure 21-8 Menu 15.2 NAT Server Setup ...................................................................................................21-9
Figure 21-9 Menu 15.2.1 NAT Server Setup ..............................................................................................21-10
Figure 21-10 Multiple Servers Behind NAT Example................................................................................21-11
Figure 21-11 NAT Example 1.....................................................................................................................21-11
Figure 21-12 Menu 4 Internet Access & NAT Example .............................................................................21-12
Figure 21-13 NAT Example 2.....................................................................................................................21-12
Figure 21-14 Menu 15.2.1 Specifying an Inside Server .............................................................................21-13
Figure 21-15 NAT Example 3.....................................................................................................................21-14
Figure 21-16 Example 3: Menu 11.3 ..........................................................................................................21-15
Figure 21-17 Example 3: Menu 15.1.1.1 ....................................................................................................21-15
Figure 21-18 Example 3: Final Menu 15.1.1 ..............................................................................................21-16
Figure 21-19 NAT Example 4.....................................................................................................................21-17
Figure 21-20 Example 4: Menu 15.1.1.1 Address Mapping Rule...............................................................21-18
Figure 21-21 Example 4: Menu 15.1.1 Address Mapping Rules ................................................................21-18
Figure 22-1 Outgoing Packet Filtering Process ............................................................................................22-2
Figure 22-2 Filter Rule Process ....................................................................................................................22-3
Figure 22-3 Menu 21 Filter Set Configuration .............................................................................................22-4
Figure 22-4 NetBIOS_WAN Filter Rules Summary.....................................................................................22-5
Figure 22-5 NetBIOS_LAN Filter Rules Summary......................................................................................22-5
Figure 22-6 IGMP Filter Rules Summary.....................................................................................................22-5
Figure 22-7 Menu 21.x.1 TCP/IP Filter Rule................................................................................................22-8
Figure 22-8 Executing an IP Filter..............................................................................................................22-11
Figure 22-9 Menu 21.5.1 Generic Filter Rule ............................................................................................22-12
Figure 22-10 Protocol and Device Filter Sets.............................................................................................22-14
Figure 22-11 Sample Telnet Filter ..............................................................................................................22-15
Figure 22-12 Menu 21.6.1 Sample Filter....................................................................................................22-16
Figure 22-13 Menu 21.6 Sample Filter Rules Summary ............................................................................22-17
Figure 22-14 Filtering Ethernet Traffic.......................................................................................................22-18
Figure 22-15 Filtering Remote Node Traffic ..............................................................................................22-19
Figure 23-1 SNMP Management Model.......................................................................................................23-1
Figure 23-2 Menu 22 SNMP Configuration .................................................................................................23-3
Figure 24-1 Menu 24 System Maintenance ..................................................................................................24-1
Figure 24-2 Menu 24.1 System Maintenance : Status ..................................................................................24-2
Figure 24-3 Menu 24.2 System Information and Console Port Speed..........................................................24-3
Figure 24-4 Menu 24.2.1 System Maintenance : Information ......................................................................24-4
Figure 24-5 Menu 24.2.2 System Maintenance : Change Console Port Speed.............................................24-5 xiv List of Figures
Prestige 660R ADSL 2+ Access Gateway
Figure 24-6 Menu 24.3 System Maintenance : Log and Trace .................................................................... 24-5
Figure 24-7 Sample Error and Information Messages ................................................................................. 24-6
Figure 24-8 Menu 24.3.2 System Maintenance : Syslog and Accounting.................................................... 24-6
Figure 24-9 Menu 24.4 System Maintenance : Diagnostic .......................................................................... 24-9
Figure 25-1 Telnet in Menu 24.5.................................................................................................................. 25-2
Figure 25-2 FTP Session Example............................................................................................................... 25-3
Figure 25-3 Telnet into Menu 24.6............................................................................................................... 25-6
Figure 25-4 Restore Using FTP Session Example ....................................................................................... 25-7
Figure 25-5 Telnet Into Menu 24.7.1 Upload System Firmware.................................................................. 25-8
Figure 25-6 Telnet Into Menu 24.7.2 System Maintenance ......................................................................... 25-8
Figure 25-7 FTP Session Example of Firmware File Upload ...................................................................... 25-9
Figure 26-1 Command Mode in Menu 24.................................................................................................... 26-1
Figure 26-2 Valid Commands ...................................................................................................................... 26-2
Figure 26-3 Menu 24.9 System Maintenance : Call Control........................................................................ 26-2
Figure 26-4 Menu 24.9.1 System Maintenance : Budget Management ....................................................... 26-3
Figure 26-5 Menu 24 System Maintenance ................................................................................................. 26-4
Figure 26-6 Menu 24.10 System Maintenance: Time and Date Setting....................................................... 26-4
Figure 27-1 Menu 24.11 Remote Management Control............................................................................... 27-2
Figure 28-1 Menu 25 IP Routing Policy Setup ............................................................................................ 28-2
Figure 28-2 Menu 25.1 IP Routing Policy Setup ......................................................................................... 28-3
Figure 28-3 Menu 25.1.1 IP Routing Policy ................................................................................................ 28-4
Figure 28-4 Menu 3.2 TCP/IP and DHCP Ethernet Setup ........................................................................... 28-6
Figure 28-5 Menu 11.3 Remote Node Network Layer Options ................................................................... 28-6
Figure 28-6 Example of IP Policy Routing .................................................................................................. 28-7
Figure 28-7 IP Routing Policy Example ...................................................................................................... 28-8
Figure 28-8 IP Routing Policy Example ...................................................................................................... 28-9
Figure 28-9 Applying IP Policies Example .................................................................................................. 28-9
Figure 29-1 Menu 26 Schedule Setup .......................................................................................................... 29-1
Figure 29-2 Menu 26.1 Schedule Set Setup................................................................................................. 29-2
Figure 29-3 Applying Schedule Set(s) to a Remote Node (PPPoE)............................................................. 29-4
List of Figures xv
Prestige 660R ADSL 2+ Access Gateway
List of Tables
Table 2-1 Web Configurator Screens Summary..............................................................................................2-3
Table 3-1 Wizard Screen 1..............................................................................................................................3-3
Table 3-2 Internet Connection with PPPoE ....................................................................................................3-7
Table 3-3 Internet Connection with RFC 1483...............................................................................................3-8
Table 3-4 Internet Connection with ENET ENCAP .......................................................................................3-9
Table 3-5 Internet Connection with PPPoA..................................................................................................3-11
Table 3-6 Wizard : LAN Configuration ........................................................................................................3-13
Table 4-1 Password.........................................................................................................................................4-1
Table 5-1 LAN................................................................................................................................................5-4
Table 6-1 WAN Setup
.......................................................................................................................................6-5
..................................................................................................................................610
Table 6-2 WAN Backup
Table 7-1 NAT Definitions..............................................................................................................................7-1
Table 7-2 NAT Mapping Types.......................................................................................................................7-4
Table 7-3 Services and Port Numbers.............................................................................................................7-5
Table 7-4 NAT Mode ......................................................................................................................................7-7
Table 7-5 Edit SUA/NAT Server Set ..............................................................................................................7-8
Table 7-6 Address Mapping Rules................................................................................................................7-10
Table 7-7 Address Mapping Rule Edit..........................................................................................................7-12
Table 8-1 DDNS .............................................................................................................................................8-2
Table 9-1 Time and Date.................................................................................................................................9-2
Table 10-1 Remote Management ..................................................................................................................10-3
Table 11-1 Configuring UPnP.......................................................................................................................11-2
Table 12-1 System Status..............................................................................................................................12-3
Table 12-2 System Status: Show Statistics ...................................................................................................12-5
Table 12-3 DHCP Table................................................................................................................................12-6
Table 12-4 Diagnostic General .....................................................................................................................12-8
Table 12-5 Diagnostic DSL Line ..................................................................................................................12-9
Table 12-6 Firmware Upgrade ....................................................................................................................12-10
Table 13-1 Main Menu Commands ..............................................................................................................13-3
Table 13-2 Main Menu Summary .................................................................................................................13-4
Table 14-1 Menu 1 General Setup ................................................................................................................14-2
Table 14-2 Menu 1.1 Configure Dynamic DNS ...........................................................................................14-3
Table 15-1 Menu 2 WAN Backup Setup.......................................................................................................15-1
Table 15-2 Menu 2.1Traffic Redirect Setup..................................................................................................15-3
Table 16-1 DHCP Ethernet Setup .................................................................................................................16-3
Table 16-2 TCP/IP Ethernet Setup................................................................................................................16-4
Table 17-1 Menu 3.2.1 IP Alias Setup ..........................................................................................................17-3
Table 17-2 Menu 4 Internet Access Setup ....................................................................................................17-5 xvi List of Tables
Prestige 660R ADSL 2+ Access Gateway
Table 18-1 Menu 11.1 Remote Node Profile................................................................................................ 18-3
Table 18-2 Menu 11.3 Remote Node Network Layer Options..................................................................... 18-6
Table 18-3 Menu 11.8 Advance Setup Options.......................................................................................... 18-14
Table 19-1 Menu12.1.1 Edit IP Static Route................................................................................................ 19-3
Table 20-1 Remote Node Network Layer Options : Bridge Fields .............................................................. 20-3
Table 20-2 Menu 12.3.1 Edit Bridge Static Route ....................................................................................... 20-3
Table 21-1 Applying NAT in Menus 4 & 11.3 ............................................................................................. 21-3
Table 21-2 SUA Address Mapping Rules .................................................................................................... 21-5
Table 21-3 Menu 15.1.1 First Set................................................................................................................. 21-7
Table 21-4 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set................................................ 21-8
Table 22-1 Abbreviations Used in the Filter Rules Summary Menu............................................................ 22-6
Table 22-2 Rule Abbreviations Used ........................................................................................................... 22-6
Table 22-3 Menu 21.x.1 TCP/IP Filter Rule ................................................................................................ 22-8
Table 22-4 Menu 21.5.1 Generic Filter Rule.............................................................................................. 22-13
Table 22-5 Filter Sets Table ....................................................................................................................... 22-18
Table 23-1 Menu 22 SNMP Configuration .................................................................................................. 23-3
Table 23-2 SNMP Traps............................................................................................................................... 23-4
Table 23-3 Ports and Permanent Virtual Circuits ......................................................................................... 23-4
Table 24-1 Menu 24.1 System Maintenance : Status ................................................................................... 24-2
Table 24-2 Menu 24.2.1 System Maintenance : Information ....................................................................... 24-4
Table 24-3 Menu 24.3.2 System Maintenance : Syslog and Accounting ..................................................... 24-6
Table 24-4 Menu 24.4 System Maintenance Menu : Diagnostic ................................................................. 24-9
Table 25-1 Filename Conventions................................................................................................................ 25-2
Table 25-2 General Commands for GUI-based FTP Clients........................................................................ 25-3
Table 25-3 General Commands for GUI-based TFTP Clients ..................................................................... 25-5
Table 26-1 Menu 24.9.1 System Maintenance : Budget Management......................................................... 26-3
Table 26-2 Menu 24.10 System Maintenance: Time and Date Setting ........................................................ 26-5
Table 27-1 Menu 24.11 Remote Management Control ................................................................................ 27-2
Table 28-1 Menu 25.1 IP Routing Policy Setup........................................................................................... 28-3
Table 28-2 Menu 25.1.1 IP Routing Policy.................................................................................................. 28-4
Table 29-1 Menu 26.1 Schedule Set Setup................................................................................................... 29-2
List of Tables xvii
Prestige 660R ADSL 2+ Access Gateway
List of Charts
Chart A-1 Troubleshooting the Start-Up of Your Prestige .............................................................................A-1
Chart A-2 Troubleshooting the LAN LED.....................................................................................................A-1
Chart A-3 Troubleshooting the DSL LED .....................................................................................................A-2
Chart A-4 Troubleshooting the LAN Interface ..............................................................................................A-2
Chart A-5 Troubleshooting the WAN Interface .............................................................................................A-2
Chart A-6 Troubleshooting Internet Access...................................................................................................A-3
Chart A-7 Troubleshooting the Password ......................................................................................................A-3
Chart A-8 Troubleshooting the Web Configurator.........................................................................................A-4
Chart A-9 Troubleshooting Remote Management .........................................................................................A-4
Chart B-1 Classes of IP Addresses................................................................................................................. B-1
Chart B-2 Allowed IP Address Range By Class ............................................................................................ B-2
Chart B-3 “Natural” Masks............................................................................................................................ B-2
Chart B-4 Alternative Subnet Mask Notation ................................................................................................ B-3
Chart B-5 Subnet 1 ........................................................................................................................................ B-4
Chart B-6 Subnet 2 ........................................................................................................................................ B-4
Chart B-7 Subnet 1 ........................................................................................................................................ B-5
Chart B-8 Subnet 2 ........................................................................................................................................ B-5
Chart B-9 Subnet 3 ........................................................................................................................................ B-5
Chart B-10 Subnet 4 ...................................................................................................................................... B-6
Chart B-11 Eight Subnets .............................................................................................................................. B-6
Chart B-12 Class C Subnet Planning ............................................................................................................. B-7
Chart B-13 Class B Subnet Planning ............................................................................................................. B-7
Chart G-1 System Maintenance Logs ............................................................................................................G-1
Chart G-2 Access Logs ..................................................................................................................................G-2
Chart G-3 ICMP Notes ..................................................................................................................................G-2 xviii Lists of Charts
Prestige 660R ADSL 2+ Access Gateway
Preface
Congratulations on your purchase of the Prestige 660R ADSL 2+ Access Gateway.
Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com
for global products, or at www.us.zyxel.com
for
North American products.
Your Prestige is easy to install and configure.
Use the web configurator, System Management Terminal (SMT) or command interpreter interface to configure your ZyWALL. Not all features can be configured through all interfaces.
The web configurator parts of this guide contain background information on features configurable by the web configurator and the SMT. The SMT parts of this guide contain background information solely on features not configurable by the web configurator.
About This User's Guide
This manual is designed to guide you through the configuration of your Prestige for its various applications.
The web configurator parts of this guide contain background information on features configurable by web configurator. The SMT parts of this guide contain background information solely on features not configurable by web configurator.
Use the web configurator, System Management Terminal (SMT) or command interpreter interface to configure your Prestige. Not all features can be configured through all interfaces.
Related Documentation
Supporting Disk
Refer to the included CD for support documents.
Compact Guide
The Compact Guide is designed to help you get up and running right away. They contain connection information and instructions on getting started.
Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary information.
ZyXEL Glossary and Web Site
Please refer to www.zyxel.com for an online glossary of networking terms and additional support documentation.
Preface xix
Prestige 660R ADSL 2+ Access Gateway
User Guide Feedback
Help us help you! E-mail all User Guide-related comments, questions or suggestions for improvement to [email protected] or send regular mail to The Technical Writing Team, ZyXEL Communications
Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you!
Syntax Conventions
•
“Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choices.
•
The SMT menu titles and labels are in
Bold Times New Roman
font. Predefined field choices are in
Bold Arial
font. Command and arrow keys are enclosed in square brackets . [ENTER] means the
Enter, or carriage return key; [ESC] means the Escape key and [SPACE BAR] means the Space Bar.
•
Mouse action sequences are denoted using a comma. For example, “click the Apple icon,
Control
Panels
and then
Modem
” means first click the Apple icon, then point your mouse pointer to
Control
Panels
and then click
Modem
.
•
For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in other words” throughout this manual.
•
The Prestige 660R series may be referred to as the Prestige in this user’s guide. This refers to both models (ADSL over POTS and ADSL over ISDN) unless specifically identified. xx Preface
Prestige 660R ADSL 2+ Access Gateway
Graphics Icons Key
Prestige
Computer
Notebook computer
Server
DSLAM
Switch
Firewall
Router
Telephone
Wireless Signal
The following section offers some background information on DSL. Skip to
Chapter 1
if you wish to begin working with your router right away.
Preface xxi
Prestige 660R ADSL 2+ Access Gateway
Introduction to DSL
DSL (Digital Subscriber Line) technology enhances the data capacity of the existing twisted-pair wire that runs between the local telephone company switching offices and most homes and offices. While the wire itself can handle higher frequencies, the telephone switching equipment is designed to cut off signals above
4,000 Hz to filter noise off the voice line, but now everybody is searching for ways to get more bandwidth to improve access to the Web - hence DSL technologies.
There are actually seven types of DSL service, ranging in speeds from 16 Kbits/sec to 52 Mbits/sec. The services are either symmetrical (traffic flows at the same speed in both directions), or asymmetrical (the downstream capacity is higher than the upstream capacity). Asymmetrical services (ADSL) are suitable for
Internet users because more information is usually downloaded than uploaded. For example, a simple button click in a web browser can start an extended download that includes graphics and text.
As data rates increase, the carrying distance decreases. That means that users who are beyond a certain distance from the telephone company’s central office may not be able to obtain the higher speeds.
A DSL connection is a point-to-point dedicated circuit, meaning that the link is always up and there is no dialing required.
Introduction to ADSL
It is an asymmetrical technology, meaning that the downstream data rate is much higher than the upstream data rate. As mentioned, this works well for a typical Internet session in which more information is downloaded, for example, from Web servers, than is uploaded. ADSL operates in a frequency range that is above the frequency range of voice services, so the two systems can operate over the same cable. xxii DSL?
Getting Started
Part I:
Getting Started
This part is structured as a step-by-step guide to help you access your Prestige. It covers key features and applications, accessing the web configurator and configuring the wizard screens for initial setup.
I
Prestige 660R ADSL 2+ Access Gateway
Chapter 1
Getting To Know Your Prestige
This chapter describes the key features and applications of your Prestige
.
1.1 Introducing the Prestige
Your Prestige integrates high-speed 10/100Mbps auto-negotiating LAN interface(s) and a high-speed ADSL port into a single package. The Prestige is ideal for high-speed Internet browsing and making LAN-to-LAN connections to remote networks. The Prestige is an ADSL router compatible with the
ADSL/ADSL2/ADSL2+ standards. Maximum data rates attainable by the Prestige for each standard are shown in the next table.
UPSTREAM DOWNSTREAM DATA RATE
STANDARD
ADSL
832 kbps 8Mbps
ADSL2
ADSL2+
3.5Mbps 12Mbps
3.5Mbps 24Mbps
The standard your ISP supports determines the maximum upstream and downstream speeds attainable. Actual speeds attained also depend on the distance from your ISP, noise, line quality, etc.
By integrating DSL and NAT, the Prestige provides ease of installation and Internet access.
Models ending in “1”, for example P660R-61, denote a device that works over the analog telephone system,
POTS (Plain Old Telephone Service). Models ending in “3” denote a device that works over ISDN
(Integrated Synchronous Digital System). Models ending in “7” denote a device that works over T-ISDN
(UR-2).
Only use firmware for your Prestige’s specific model. Refer to the label on the bottom of your Prestige.
The web browser-based Graphical User Interface provides easy management.
Getting To Know Your Prestige 1-1
Prestige 660R ADSL 2+ Access Gateway
1.2 Features of the Prestige
The following sections describe the features of the Prestige.
High Speed Internet Access
Your Prestige ADSL/ADSL2/ADSL2+ router can support downstream transmission rates of up to 24Mbps and upstream transmission rates of up to 3.5Mbps. Actual speeds attained depend on ISP DSLAM environment.
Traffic Redirect
Traffic redirect forwards WAN traffic to a backup gateway when the Prestige cannot connect to the Internet, thus acting as an auxiliary if your regular WAN connection fails.
Universal Plug and Play (UPnP)
Using the standard TCP/IP protocol, the Prestige and other UPnP enabled devices can dynamically join a network, obtain an IP address and convey its capabilities to other devices on the network.
PPPoE Support (RFC2516)
PPPoE (Point-to-Point Protocol over Ethernet) emulates a dial-up connection. It allows your ISP to use their existing network configuration with newer broadband technologies such as ADSL. The PPPoE driver on the
Prestige is transparent to the computers on the LAN, which see only Ethernet and are not aware of PPPoE thus saving you from having to manage PPPoE clients on individual computers.
Network Address Translation (NAT)
Network Address Translation (NAT) allows the translation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet).
10/100M Auto-negotiating Ethernet/Fast Ethernet Interface(s)
This auto-negotiation feature allows the Prestige to detect the speed of incoming transmissions and adjust appropriately without manual intervention. It allows data transfer of either 10 Mbps or 100 Mbps in either half-duplex or full-duplex mode depending on your Ethernet network.
Auto-Crossover (MDI/MDI-X) 10/100 Mbps Ethernet Interface(s)
These interfaces automatically adjust to either a crossover or straight-through Ethernet cable.
1-2 Getting To Know Your Prestige
Prestige 660R ADSL 2+ Access Gateway
Dynamic DNS Support
With Dynamic DNS support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register for this service with a Dynamic DNS service provider.
Multiple PVC (Permanent Virtual Circuits) Support
Your Prestige supports up to 8 PVC’s.
ADSL Transmission Rate Standards
♦
Full-Rate (ANSI T1.413, Issue 2; G.dmt (G.992.1) with line rate support of up to 8 Mbps downstream and 832 Kbps upstream.
♦
G.lite (G.992.2) with line rate support of up to 1.5Mbps downstream and 512Kbps upstream.
♦
Supports Multi-Mode standard (ANSI T1.413, Issue 2; G.dmt (G.992.1); G.lite (G992.2)).
♦
TCP/IP (Transmission Control Protocol/Internet Protocol) network layer protocol.
♦
ATM Forum UNI 3.1/4.0 PVC.
♦
Supports up to 8 PVCs (UBR, CBR, VBR).
♦
Multiple Protocol over AAL5 (RFC 1483).
♦
PPP over AAL5 (RFC 2364).
♦
PPP over Ethernet over AAL5 (RFC 2516).
♦
RFC 1661.
♦
PPP over PAP (RFC 1334).
♦
PPP over CHAP (RFC 1994).
Protocol Support
♦
DHCP Support
DHCP (Dynamic Host Configuration Protocol) allows the individual clients (computers) to obtain the TCP/IP configuration at start-up from a centralized DHCP server. The Prestige has built-in
DHCP server capability enabled by default. It can assign IP addresses, an IP default gateway and
DNS servers to DHCP clients. The Prestige can now also act as a surrogate DHCP server (DHCP
Relay) where it relays IP address assignment from the actual real DHCP server to the clients.
♦
IP Alias
Getting To Know Your Prestige 1-3
Prestige 660R ADSL 2+ Access Gateway
IP Alias allows you to partition a physical network into logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physical Ethernet interface with the Prestige itself as the gateway for each LAN network.
♦
IP Policy Routing (IPPR)
Traditionally, routing is based on the destination address only and the router takes the shortest path to forward a packet. IP Policy Routing (IPPR) provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator.
♦
PPP (Point-to-Point Protocol) link layer protocol.
♦
Transparent bridging for unsupported network layer protocols.
♦
RIP I/RIP II
♦
IGMP Proxy
♦
ICMP support
♦
ATM QoS support
♦
MIB II support (RFC 1213)
Networking Compatibility
Your Prestige is compatible with the major ADSL DSLAM (Digital Subscriber Line Access Multiplexer) providers, making configuration as simple as possible for you.
Multiplexing
The Prestige supports VC-based and LLC-based multiplexing.
Encapsulation
The Prestige supports PPPoA (RFC 2364 - PPP over ATM Adaptation Layer 5), RFC 1483 encapsulation over ATM, MAC encapsulated routing (ENET encapsulation) as well as PPP over Ethernet (RFC 2516).
Network Management
♦
Menu driven SMT (System Management Terminal) management
♦
Embedded web configurator
♦
CLI (Command Line Interpreter)
♦
Remote Management via Telnet or Web.
♦
SNMP manageable
♦
DHCP Server/Client/Relay
1-4 Getting To Know Your Prestige
Prestige 660R ADSL 2+ Access Gateway
♦
Built-in Diagnostic Tools
♦
Syslog
♦
Telnet Support (Password-protected telnet access to internal configuration manager)
♦
TFTP/FTP server, firmware upgrade and configuration backup/support supported
♦
Supports OAM F4/F5 loop-back, AIS and RDI OAM cells
Other PPPoE Features
♦
PPPoE idle time out
♦
PPPoE Dial on Demand
Diagnostics Capabilities
The Prestige can perform self-diagnostic tests. These tests check the integrity of the following circuitry:
♦
FLASH memory
♦
ADSL circuitry
♦
RAM
♦
LAN port
Packet Filters
The Prestige's packet filtering functions allows added network security and management.
Ease of Installation
Your Prestige is designed for quick, intuitive and easy installation.
Housing
Your Prestige's compact and ventilated housing minimizes space requirements making it easy to position anywhere in your busy office.
1.3 Applications for the Prestige
Here are some example uses for which the Prestige is well suited.
1.3.1 Internet Access
The Prestige is the ideal high-speed Internet access solution. Your Prestige supports the TCP/IP protocol, which the Internet uses exclusively. It is compatible with all major ADSL DSLAM (Digital Subscriber Line
Getting To Know Your Prestige 1-5
Prestige 660R ADSL 2+ Access Gateway
Access Multiplexer) providers. A DSLAM is a rack of ADSL line cards with data multiplexed into a backbone network interface/connection (for example, T1, OC3, DS3, ATM or Frame Relay). Think of it as the equivalent of a modem rack for ADSL. A typical Internet access application is shown below.
Figure 1-1 Prestige Internet Access Application
Internet Single User Account
For a SOHO (Small Office/Home Office) environment, your Prestige offers the Single User Account (SUA) feature that allows multiple users on the LAN (Local Area Network) to access the Internet concurrently for the cost of a single IP address.
1.3.2 LAN to LAN Application
You can use the Prestige to connect two geogr aphical ly dispersed networks over the ADSL line. A typical
LAN-to-LAN application for your Prestige is shown as follows.
Figure 1-2 Prestige LAN-to-LAN Application
1-6 Getting To Know Your Prestige
Prestige 660R ADSL 2+ Access Gateway
Chapter 2
Introducing the Web Configurator
This chapter describes how to access and navigate the web configurator.
2.1 Web Configurator Overview
The embedded web configurator allows you to manage the Prestige from anywhere through a browser such as Microsoft Internet Explorer or Netscape Navigator. Use Internet Explorer 6.0 and later or Netscape
Navigator 7.0 and later versions with JavaScript enabled. It is recommended that you set your screen resolution to 1024 by 768 pixels
2.2 Accessing the Prestige Web Configurator
Step 1.
Step 2.
Step 3.
Step 4.
Step 5.
Make sure your Prestige hardware is properly connected (refer to the
Read Me First
).
Prepare your computer/computer network to connect to the Prestige (refer to the
Read Me
First
).
Launch your web browser.
Type "192.168.1.1" as the URL.
An
Enter Network Password
window displays. Enter the user name (“admin” is the default), password (“1234” is the default) and click
OK
.
Step 6.
Figure 2-1 Password Screen
You should now see the
SITE MAP
screen.
Introducing the Web Configurator 2-1
Prestige 660R ADSL 2+ Access Gateway
The Prestige automatically times out after five minutes of inactivity. Simply log back into the Prestige if this happens to you.
2.3 Resetting the Prestige
If you forget your password or cannot access the web configurator, you will need to use the
RESET
button at the back of the Prestige to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to “1234”.
2.3.1 Using The Reset Button
Step 1.
Make sure the
SYS
LED is on (not blinking).
Step 2.
Press the
RESET
button for ten seconds or until the
SYS
LED begins to blink and then release it.
When the
SYS
LED begins to blink, the defaults have been restored and the Prestige restarts.
2.4 Navigating the Prestige Web Configurator
The following summarizes how to navigate the web configurator from the
SITE MAP
screen. We use the
Prestige 660HW-61 web screens in this guide as an example. Screens vary slightly for different Prestige models.
Click
Wizard Setup
to begin a series of screens to configure your Prestige for the first time.
Click a link under
Advanced Setup
to configure advanced Prestige features.
Click a link under
Maintenance
to see Prestige performance statistics, upload firmware and back up, restore or upload a configuration file.
Click
SITE MAP
to go to the
Site Map
screen.
Click
Logout
in the navigation panel when you have finished a Prestige management session.
2-2 Introducing the Web Configurator
Prestige 660R ADSL 2+ Access Gateway
Wizard Setup
Navigation panel
Logout
Figure 2-2 Web Configurator SITE MAP Screen
Click the icon (located in the top right corner of most screens) to view embedded help.
Table 2-1 Web Configurator Screens Summary
LINK SUB-LINK
Wizard Setup
FUNCTION
Use these screens for initial configuration including general setup, ISP parameters for Internet Access and WAN IP/DNS Server/MAC address assignment.
Advanced Setup
Password
LAN
WAN
NAT
Dynamic DNS
WAN Setup
WAN Backup
SUA Only
Full Feature
Use this screen to change your password.
Use this screen to configure LAN DHCP and TCP/IP settings.
Use this screen to change the Prestige’s WAN remote node settings.
Use this screen to configure your traffic redirect properties and WAN backup settings.
Use this screen to configure servers behind the Prestige.
Use this screen to configure network address translation mapping rules.
Use this screen to set up dynamic DNS.
Introducing the Web Configurator 2-3
Prestige 660R ADSL 2+ Access Gateway
Table 2-1 Web Configurator Screens Summary
LINK SUB-LINK
Time and Date
FUNCTION
Use this screen to change your Prestige’s time and date.
Remote
Management
UPnP
Logs Log Settings
Maintenance
System Status
DHCP Table
View Log
Use this screen to configure through which interface(s) and from which
IP address(es) users can use Telnet/FTP/Web to manage the
Prestige.
Use this screen to enable UPnP on the Prestige.
Use this screen to change your Prestige’s log settings.
Use this screen to view the logs for the categories that you selected.
Diagnostic
Firmware
LOGOUT
General
DSL Line
This screen contains administrative and system-related information.
This screen displays DHCP (Dynamic Host Configuration Protocol) related information and is READ-ONLY.
These screens display information to help you identify problems with the Prestige general connection.
These screens display information to help you identify problems with the DSL line.
Use this screen to upload firmware or reset the factory defaults to your
Prestige
Click this label to exit the web configurator.
2-4 Introducing the Web Configurator
Prestige 660R ADSL 2+ Access Gateway
Chapter 3
Wizard Setup
This chapter provides information on the Wizard Setup screens in the web configurator.
3.1 Wizard Setup Introduction
Use the Wizard Setup screens to configure your system for Internet access settings and fill in the fields with the information in the
Internet Account Information
table of the
Read Me First
. Your ISP may have already configured some of the fields in the wizard screens for you.
3.2 Encapsulation
Be sure to use the encapsulation method required by your ISP. The Prestige supports the following methods.
3.2.1 ENET ENCAP
The MAC Encapsulated Routing Link Protocol (ENET ENCAP) is only implemented with the IP network protocol. IP packets are routed between the Ethernet interface and the WAN interface and then formatted so that they can be understood in a bridged environment. For instance, it encapsulates routed Ethernet frames into bridged ATM cells. ENET ENCAP requires that you specify a gateway IP address in the
ENET
ENCAP Gateway
field in the second wizard screen. You can get this information from your ISP.
3.2.2 PPP over Ethernet
PPPoE provides access control and billing functionality in a manner similar to dial-up services using PPP.
The Prestige bridges a PPP session over Ethernet (PPP over Ethernet, RFC 2516) from your computer to an
ATM PVC (Permanent Virtual Circuit) which connects to ADSL Access Concentrator where the PPP session terminates. One PVC can support any number of PPP sessions from your LAN. For more information on
PPPoE, see the appendix.
3.2.3 PPPoA
PPPoA stands for Point to Point Protocol over ATM Adaptation Layer 5 (AAL5). A PPPoA connection functions like a dial-up Internet connection. The Prestige encapsulates the PPP session based on RFC1483 and sends it through an ATM PVC (Permanent Virtual Circuit) to the Internet Service Provider’s (ISP)
DSLAM (digital access multiplexer). Please refer to RFC 2364 for more information on PPPoA. Refer to
RFC 1661 for more information on PPP.
Wizard Setup 3-1
Prestige 660R ADSL 2+ Access Gateway
3.2.4 RFC 1483
RFC 1483 describes two methods for Multiprotocol Encapsulation over ATM Adaptation Layer 5 (AAL5).
The first method allows multiplexing of multiple protocols over a single ATM virtual circuit (LLC-based multiplexing) and the second method assumes that each protocol is carried over a separate ATM virtual circuit (VC-based multiplexing). Please refer to the RFC for more detailed information.
3.3 Multiplexing
There are two conventions to identify what protocols the virtual circuit (VC) is carrying. Be sure to use the multiplexing method required by your ISP.
3.3.1 VC-based Multiplexing
In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit; for example,
VC1 carries IP, etc. VC-based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical.
3.3.2 LLC-based Multiplexing
In this case one VC carries multiple protocols with protocol identifying information being contained in each packet header. Despite the extra bandwidth and processing overhead, this method may be advantageous if it is not practical to have a separate VC for each carried protocol, for example, if charging heavily depends on the number of simultaneous VCs.
Be sure to use the correct Virtual Path Identifier (VPI) and Virtual Channel Identifier (VCI) numbers assigned to you. The valid range for the VPI is 0 to 255 and for the VCI is 32 to 65535 (0 to 31 is reserved for local management of ATM traffic). Please see the appendix for more information.
3.5 Wizard Setup Configuration: First Screen
In the
SITE MAP
screen click
Wizard Setup
to display the first wizard screen.
3-2 Wizard Setup
Prestige 660R ADSL 2+ Access Gateway
Figure 3-1 Wizard Screen 1
The following table describes the fields in this screen.
LABEL
Mode
Table 3-1 Wizard Screen 1
DESCRIPTION
From the
Mode
drop-down list box, select
Routing
(default) if your ISP allows multiple computers to share an Internet account. Otherwise select
Bridge
.
Encapsulation Select the encapsulation type your ISP uses from the
Encapsulation
drop-down list box.
Choices vary depending on what you select in the
Mode
field.
If you select
Bridge
in the
Mode
field, select either
PPPoA
or
RFC 1483
.
If you select
Routing
in the
Mode
field, select
PPPoA
,
RFC 1483
,
ENET ENCAP
or
PPPoE
.
Multiplex
Select the multiplexing method used by your ISP from the
Multiplex
drop-down list box either
VC-based or LLC-based.
Virtual Circuit
ID
VPI (Virtual Path Identifier) and VCI (Virtual Channel Identifier) define a virtual circuit. Refer to the appendix for more information.
VPI Enter the VPI assigned to you. This field may already be configured.
VCI Enter the VCI assigned to you. This field may already be configured.
Wizard Setup 3-3
Prestige 660R ADSL 2+ Access Gateway
LABEL
Next
Table 3-1 Wizard Screen 1
DESCRIPTION
Click this button to go to the next wizard screen. The next wizard screen you see depends on what protocol you chose above. Click on the protocol link to see the next wizard screen for that protocol.
3.6 IP Address and Subnet Mask
Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number.
Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. If this is the case, it is recommended that you select a network number from 192.168.0.0 to 192.168.255.0 and you must enable the
Network Address Translation (NAT) feature of the Prestige. The Internet Assigned Number Authority
(IANA) reserved this block of addresses specifically for private use; please do not use any other number unless you are told otherwise. Let's say you select 192.168.1.0 as the network number; which covers 254 individual addresses, from 192.168.1.1 to 192.168.1.254 (zero and 255 are reserved). In other words, the first three numbers specify the network number while the last number identifies an individual computer on that network.
Once you have decided on the network number, pick an IP address that is easy to remember, for instance,
192.168.1.1, for your Prestige, but make sure that no other device on your network is using that IP address.
The subnet mask specifies the network number portion of an IP address. Your Prestige will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the Prestige unless you are instructed to do otherwise.
3.7 IP Address Assignment
A static IP is a fixed IP that your ISP gives you. A dynamic IP is not fixed; the ISP assigns you a different one each time. The Single User Account feature can be enabled or disabled if you have either a dynamic or static IP. However the encapsulation method assigned influences your choices for IP address and ENET
ENCAP Gateway.
3-4 Wizard Setup
Prestige 660R ADSL 2+ Access Gateway
3.7.1 IP Assignment with PPPoA or PPPoE Encapsulation
If you have a dynamic IP, then the IP Address and ENET ENCAP Gateway fields are not applicable (N/A). If you have a static IP, then you
only
need to fill in the IP Address field and
not
the ENET ENCAP Gateway field.
3.7.2 IP Assignment with RFC 1483 Encapsulation
In this case the IP Address Assignment
must
be static with the same requirements for the IP Address and
ENET ENCAP Gateway fields as stated above.
3.7.3 IP Assignment with ENET ENCAP Encapsulation
In this case you can have either a static or dynamic IP. For a static IP you must fill in all the IP Address and
ENET ENCAP Gateway fields as supplied by your ISP. However for a dynamic IP, the Prestige acts as a
DHCP client on the WAN port and so the IP Address and ENET ENCAP Gateway fields are not applicable
(N/A) as the DHCP server assigns them to the Prestige.
3.7.4 Private IP Addresses
Every machine on the Internet must have a unique address. If your networks are isolated from the Internet, for example, only between your two branch offices, you can assign any IP addresses to the hosts without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks:
10.0.0.0 — 10.255.255.255
172.16.0.0 — 172.31.255.255
192.168.0.0 — 192.168.255.255
You can obtain your IP address from the IANA, from an ISP or it can be assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.
Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597,
Address Allocation for Private Internets
and RFC 1466,
Guidelines for Management of IP Address Space.
Wizard Setup 3-5
Prestige 660R ADSL 2+ Access Gateway
3.8 Nailed-Up Connection (PPP)
A nailed-up connection is a dial-up line where the connection is always up regardless of traffic demand. The
Prestige does two things when you specify a nailed-up connection. The first is that idle timeout is disabled.
The second is that the Prestige will try to bring up the connection when turned on and whenever the connection is down. A nailed-up connection can be very expensive for obvious reasons.
Do not specify a nailed-up connection unless your telephone company offers flat-rate service or you need a constant connection and the cost is of no concern
3.9 NAT
NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
3.10 Wizard Setup Configuration: Second Screen
The second wizard screen varies depending on what mode and encapsulation type you use. All screens shown are with routing mode. Configure the fields and click
Next
to continue.
3-6
Figure 3-2 Internet Connection with PPPoE
Wizard Setup
Prestige 660R ADSL 2+ Access Gateway
The following table describes the fields in this screen.
LABEL
Table 3-2 Internet Connection with PPPoE
DESCRIPTION
Service Name Type the name of your PPPoE service here.
User Name
Password
IP Address
Connection
Enter the user name exactly as your ISP assigned. If assigned a name in the form user@domain where domain identifies a service name, then enter both components exactly as given.
Enter the password associated with the user name above.
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet. The Single User
Account feature can be used with either a dynamic or static IP address.
Select
Obtain an IP Address Automatically
if you have a dynamic IP address; otherwise select
Static IP Address
and type your ISP assigned IP address in the
IP Address
text box below.
Select
Connect on Demand
when you don't want the connection up all the time and specify an idle time-out (in seconds) in the
Max. Idle Timeout
field. The default setting selects
Connection on Demand
with 0 as the idle time-out, which means the Internet session will not timeout.
Select
Nailed-Up Connection
when you want your connection up all the time. The Prestige will try to bring up the connection automatically if it is disconnected.
The schedule rule(s) in SMT menu 26 has priority over your
Connection
settings.
Select
None
,
SUA Only
or
Full Feature
from the drop-sown list box. Refer to the NAT chapter for more details.
Network
Address
Translation
Back
Next
Click
Back
to go back to the first wizard screen.
Click
Next
to continue to the next wizard screen.
Wizard Setup 3-7
Prestige 660R ADSL 2+ Access Gateway
Figure 3-3 Internet Connection with RFC 1483
The following table describes the fields in this screen.
LABEL
IP Address
Network Address
Translation
Back
Next
Table 3-3 Internet Connection with RFC 1483
DESCRIPTION
This field is available if you select
Routing
in the
Mode
field.
Type your ISP assigned IP address in this field.
Select
None
,
SUA Only
or
Full Feature
from the drop-sown list box. Refer to the NAT chapter for more details.
Click
Back
to go back to the first wizard screen.
Click
Next
to continue to the next wizard screen.
3-8 Wizard Setup
Prestige 660R ADSL 2+ Access Gateway
Figure 3-4 Internet Connection with ENET ENCAP
The following table describes the fields in this screen.
LABEL
IP Address
Table 3-4 Internet Connection with ENET ENCAP
DESCRIPTION
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet. The
Single User Account feature can be used with either a dynamic or static IP address.
Select
Obtain an IP Address Automatically
if you have a dynamic IP address; otherwise select
Static IP Address
and type your ISP assigned IP address in the
IP
Address
text box below.
Subnet Mask Enter a subnet mask in dotted decimal notation.
Refer to the
IP Subnetting
appendix to calculate a subnet mask If you are implementing subnetting.
ENET ENCAP
Gateway
You must specify a gateway IP address (supplied by your ISP) when you use
ENET
ENCAP
in the
Encapsulation
field in the previous screen.
Wizard Setup 3-9
Prestige 660R ADSL 2+ Access Gateway
LABEL
Network Address
Translation
Back
Next
Table 3-4 Internet Connection with ENET ENCAP
DESCRIPTION
Select
None
,
SUA Only
or
Full Feature
from the drop-sown list box. Refer to the NAT chapter for more details.
Click
Back
to go back to the first wizard screen.
Click
Next
to continue to the next wizard screen.
Figure 3-5 Internet Connection with PPPoA
The following table describes the fields in this screen.
3-10 Wizard Setup
Prestige 660R ADSL 2+ Access Gateway
LABEL
User Name
Password
IP Address
Connection
Network
Address
Translation
Back
Next
Table 3-5 Internet Connection with PPPoA
DESCRIPTION
Enter the login name that your ISP gives you.
Enter the password associated with the user name above.
This option is available if you select
Routing
in the
Mode
field.
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet. The Single User
Account feature can be used with either a dynamic or static IP address.
Click
Obtain an IP Address Automatically
if you have a dynamic IP address; otherwise click
Static IP Address
and type your ISP assigned IP address in the
IP Address
text box below.
Select
Connect on Demand
when you don't want the connection up all the time and specify an idle time-out (in seconds) in the
Max. Idle Timeout
field. The default setting selects
Connection on Demand
with 0 as the idle time-out, which means the Internet session will not timeout.
Select
Nailed-Up Connection
when you want your connection up all the time. The Prestige will try to bring up the connection automatically if it is disconnected.
The schedule rule(s) in SMT menu 26 has priority over your
Connection
settings.
This option is available if you select
Routing
in the
Mode
field.
Select
None
,
SUA Only
or
Full Feature
from the drop-sown list box. Refer to the NAT chapter for more details.
Click
Back
to go back to the first wizard screen.
Click
Next
to continue to the next wizard screen.
3.11 DHCP Setup
DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain
TCP/IP configuration at start-up from a server. You can configure the Prestige as a DHCP server or disable it. When configured as a server, the Prestige provides the TCP/IP configuration for the clients. If you turn
DHCP service off, you must have another DHCP server on your LAN, or else the computer must be manually configured.
Wizard Setup 3-11
Prestige 660R ADSL 2+ Access Gateway
3.11.1 IP Pool Setup
The Prestige is pre-configured with a pool of 32 IP addresses starting from 192.168.1.33 to 192.168.1.64 for the client machines. This leaves 31 IP addresses, 192.168.1.2 to 192.168.1.32 (excluding the Prestige itself which has a default IP of 192.168.1.1) for other server machines, for example, server for mail, FTP, telnet, web, etc., that you may have.
3.12 Wizard Setup Configuration: Third Screen
Step 1.
Verify the settings in the screen shown next. To change the LAN information on the Prestige, click
Change LAN Configurations
. Otherwise click
Save Settings
to save the configuration and skip to the section 3.13.
Figure 3-6 Wizard Screen 3
Step 2.
If you want to change your Prestige LAN settings, click
Change LAN Configuration
to display the screen as shown next.
3-12 Wizard Setup
Prestige 660R ADSL 2+ Access Gateway
Figure 3-7 Wizard : LAN Configuration
The following table describes the fields in this screen.
LABEL
LAN IP Address
Table 3-6 Wizard : LAN Configuration
DESCRIPTION
Enter the IP address of your Prestige in dotted decimal notation, for example,
192.168.1.1 (factory default).
If you changed the Prestige's LAN IP address, you must use the new IP address if you want to access the web configurator again.
LAN Subnet Mask Enter a subnet mask in dotted decimal notation.
DHCP
DHCP Server From the
DHCP Server
drop-down list box, select
On
to allow your Prestige to assign IP addresses, an IP default gateway and DNS servers to computer systems that support the DHCP client. Select
Off
to disable DHCP server.
When DHCP server is used, set the following items:
Wizard Setup 3-13
Prestige 660R ADSL 2+ Access Gateway
LABEL
Table 3-6 Wizard : LAN Configuration
DESCRIPTION
Client IP Pool Starting
Address
This field specifies the first of the contiguous addresses in the IP address pool.
Size of Client IP Pool This field specifies the size or count of the IP address pool.
Primary DNS Server Enter the IP addresses of the DNS servers. The DNS servers are passed to the
DHCP clients along with the IP address and the subnet mask.
Secondary DNS Server As above.
Back Click
Back
to go back to the previous screen.
Finish
Click
Finish
to save the settings and proceed to the next wizard screen.
3.13 Wizard Setup Configuration: Connection Tests
The Prestige automatically tests the connection to the computer(s) connected to the LAN ports. To test the connection from the Prestige to the ISP, click
Start Diagnose
. Otherwise click
Return to Main Menu
to go back to the
Site Map
screen.
3-14
Figure 3-8 Wizard Screen 4
Wizard Setup
Prestige 660R ADSL 2+ Access Gateway
3.14 Test Your Internet Connection
Launch your web browser and navigate to www.zyxel.com
. Internet access is just the beginning. Refer to the rest of this
User’s Guide
for more detailed information on the complete range of Prestige features. If you cannot access the Internet, open the web configurator again to confirm that the Internet settings you configured in the Wizard Setup are correct.
Wizard Setup 3-15
Password, LAN and WAN
Part II:
Password, LAN and WAN
This part covers the password, LAN (Local Area Network) and WAN setup.
II
Prestige 660R ADSL 2+ Access Gateway
Chapter 4
Password Setup
This chapter provides information on the Password screen.
It is highly recommended that you change the password for accessing the Prestige.
To change your Prestige’s password (recommended), click
Password
. The screen appears as shown.
Figure 4-1 Password
The following table describes the fields in this screen.
Table 4-1 Password
LABEL DESCRIPTION
Old Password Type the default password or the existing password you use to access the system in this field.
New Password Type the new password in this field.
Password Setup 4-1
Prestige 660R ADSL 2+ Access Gateway
Table 4-1 Password
LABEL DESCRIPTION
Retype to Confirm Type the new password again in this field.
Apply
Cancel
Click
Click
Apply
to save your changes back to the Prestige.
Cancel
to begin configuring this screen afresh.
4-2 Password Setup
Prestige 660R ADSL 2+ Access Gateway
Chapter 5
LAN Setup
This chapter describes how to configure LAN settings.
A Local Area Network (LAN) is a shared communication system to which many computers are attached. A
LAN is a computer network limited to the immediate area, usually the same building or floor of a building.
The LAN screens can help you configure a LAN DHCP server and manage IP addresses.
5.1.1 LANs, WANs and the Prestige
The actual physical connection determines whether the Prestige ports are LAN or WAN ports. There are two separate IP networks, one inside the LAN network and the other outside the WAN network as shown next:
Figure 5-1 LAN and WAN IP Addresses
DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa.
The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. The DNS server addresses that you enter in the DHCP setup are passed to the client machines along with the assigned IP address and subnet mask.
LAN Setup 5-1
Prestige 660R ADSL 2+ Access Gateway
There are two ways that an ISP disseminates the DNS server addresses. The first is for an ISP to tell a customer the DNS server addresses, usually in the form of an information sheet, when s/he signs up. If your
ISP gives you the DNS server addresses, enter them in the
DNS Server
fields in the
LAN Setup
screen, otherwise, leave them blank.
Some ISP’s choose to pass the DNS servers using the DNS server extensions of PPP IPCP (IP Control
Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP negotiation. The Prestige supports the IPCP DNS server extensions through the DNS proxy feature.
If the
Primary
and
Secondary DNS Server
fields in the
LAN Setup
screen are not specified, for instance, left as 0.0.0.0, the Prestige tells the DHCP clients that it itself is the DNS server. When a computer sends a
DNS query to the Prestige, the Prestige forwards the query to the real DNS server learned through IPCP and relays the response back to the computer.
Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions. It does not mean you can leave the DNS servers out of the DHCP setup under all circumstances. If your ISP gives you explicit DNS servers, make sure that you enter their IP addresses in the
LAN Setup
screen. This way, the
Prestige can pass the DNS servers to the computers and the computers can query the DNS server directly without the Prestige’s intervention.
5.3 DNS Server Address Assignment
Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. The
DNS server is extremely important because without it, you must know the IP address of a computer before you can access it.
There are two ways that an ISP disseminates the DNS server addresses.
1. The ISP tells you the DNS server addresses, usually in the form of an information sheet, when you sign up. If your ISP gives you DNS server addresses, enter them in the DNS Server fields in DHCP Setup.
2. The Prestige acts as a DNS proxy when the
Primary
and
Secondary DNS Server
fields are left blank in the
LAN Setup
screen.
5.4 LAN TCP/IP
The Prestige has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability.
5.4.1 Factory LAN Defaults
The LAN parameters of the Prestige are preset in the factory with the following values:
IP address of 192.168.1.1 with subnet mask of 255.255.255.0 (24 bits)
DHCP server enabled with 32 client IP addresses starting from 192.168.1.33.
5-2 LAN Setup
Prestige 660R ADSL 2+ Access Gateway
These parameters should work for the majority of installations. If your ISP gives you explicit DNS server address(es), read the embedded web configurator help regarding what fields need to be configured.
5.4.2 IP Address and Subnet Mask
Refer to the
IP Address and Subnet Mask
section in the
Wizard Setup
chapter for this information.
5.4.3 RIP Setup
RIP (Routing Information Protocol) allows a router to exchange routing information with other routers. The
RIP Direction
field controls the sending and receiving of RIP packets. When set to:
1.
Both -
the Prestige will broadcast its routing table periodically and incorporate the RIP information that it receives.
2.
In Only -
the Prestige will not send any RIP packets but will accept all RIP packets received.
3.
Out Only -
the Prestige will send out RIP packets but will not accept any RIP packets received.
4.
None
-
the Prestige will not send any RIP packets and will ignore any RIP packets received.
The
Version
field controls the format and the broadcasting method of the RIP packets that the Prestige sends
(it recognizes both formats when receiving).
RIP-1
is universally supported; but RIP-2 carries more information. RIP-1 is probably adequate for most networks, unless you have an unusual network topology.
Both
RIP-2B
and
RIP-2M
sends the routing data in RIP-2 format; the difference being that
RIP-2B
uses subnet broadcasting while
RIP-2M
uses multicasting.
5.4.4 Multicast
Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or
Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of hosts on the network - not everybody and not just 1.
IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a
Multicast group - it is not used to carry user data. IGMP version 2 (RFC 2236) is an improvement over version 1 (RFC 1112) but IGMP version 1 is still in wide use. If you would like to read more detailed information about interoperability between IGMP version 2 and version 1, please see sections 4 and 5 of
RFC 2236. The class D IP address is used to identify host groups and can be in the range 224.0.0.0 to
239.255.255.255. The address 224.0.0.0 is not assigned to any group and is used by IP multicast computers.
The address 224.0.0.1 is used for query messages and is assigned to the permanent group of all IP hosts
(including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP. The address
224.0.0.2 is assigned to the multicast routers group.
The Prestige supports both IGMP version 1 (
IGMP-v1
) and IGMP version 2 (
IGMP-v2
). At start up, the
Prestige queries all directly connected networks to gather group membership. After that, the Prestige periodically updates this information. IP multicasting can be enabled/disabled on the Prestige LAN and/or
WAN interfaces in the web configurator (
LAN
;
WAN
). Select
None
to disable IP multicasting on these interfaces.
LAN Setup 5-3
Prestige 660R ADSL 2+ Access Gateway
Click
LAN
to open the following screen.
Figure 5-2 LAN
The following table describes the fields in this screen.
LABEL
DHCP
Table 5-1 LAN
DESCRIPTION
DHCP
If set to
Server
, your Prestige can assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client.
If set to
None
, the DHCP server will be disabled.
If set to
Relay
, the Prestige acts as a surrogate DHCP server and relays DHCP requests and responses between the remote server and the clients. Enter the IP address of the actual, remote DHCP server in the
Remote DHCP Server
field in this case.
When DHCP is used, the following items need to be set:
5-4 LAN Setup
Prestige 660R ADSL 2+ Access Gateway
LABEL
Client IP Pool
Starting Address
Size of Client IP
Pool
Table 5-1 LAN
DESCRIPTION
This field specifies the first of the contiguous addresses in the IP address pool.
This field specifies the size or count of the IP address pool.
Primary DNS
Server
Secondary DNS
Server
Enter the IP addresses of the DNS servers. The DNS servers are passed to the DHCP clients along with the IP address and the subnet mask.
As above.
Remote DHCP
Server
TCP/IP
If
Relay
is selected in the
DHCP
field above then enter the IP address of the actual remote DHCP server here.
IP Address
Enter the IP address of your Prestige in dotted decimal notation, for example,
192.168.1.1 (factory default).
IP Subnet Mask Type the subnet mask assigned to you by your ISP (if given).
RIP Direction
Select the RIP direction from
None
,
Both
,
In Only
and
Out Only
.
RIP Version Select the RIP version from
RIP-1
,
RIP-2B
and
RIP-2M
.
Multicast
IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a multicast group. The Prestige supports both IGMP version 1 (
IGMP-v1
) and
IGMP-v2
. Select
None
to disable it.
Apply
Cancel
Click
Apply
to save your changes back to the Prestige.
Click
Cancel
to begin configuring this screen afresh.
LAN Setup 5-5
Prestige 660R ADSL 2+ Access Gateway
Chapter 6
WAN Setup
This chapter describes how to configure WAN settings.
A WAN (Wide Area Network) is an outside connection to another network or the Internet.
See the
Wizard Setup
chapter for more information on the fields in the WAN screens.
6.2 Metric
The metric represents the "cost of transmission". A router determines the best route for transmission by choosing a path with the lowest "cost". RIP routing uses hop count as the measurement of cost, with a minimum of "1" for directly connected networks. The number must be between "1" and "15"; a number greater than "15" means the link is down. The smaller the number, the lower the "cost".
The metric sets the priority for the Prestige’s routes to the Internet. If any two of the default routes have the same metric, the Prestige uses the following pre-defined priorities: route:
section 6.5
)
2. Traffic-redirect route (see
section 6.6
) route,
section 6.6
)
For example, if the normal route has a metric of "1" and the traffic-redirect route has a metric of "2" and dialbackup route has a metric of "3", then the normal route acts as the primary default route. If the normal route fails to connect to the Internet, the Prestige tries the traffic-redirect route next. In the same manner, the
Prestige uses the dial-backup route if the traffic-redirect route also fails.
If you want the dial-backup route to take first priority over the traffic-redirect route or even the normal route, all you need to do is set the dial-backup route’s metric to "1" and the others to "2" (or greater).
IP Policy Routing overrides the default routing behavior and takes priority over all of the routes mentioned above (see the
IP Policy Routing
chapter).
The Prestige supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF Draft standard (RFC
2516) specifying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.) connection. The
PPPoE
option is for a dial-up connection using PPPoE.
WAN Setup 6-1
Prestige 660R ADSL 2+ Access Gateway
For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for example Radius). PPPoE provides a login and authentication method that the existing
Microsoft Dial-Up Networking software can activate, and therefore requires no new learning or procedures for Windows users.
One of the benefits of PPPoE is the ability to let you access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for individuals.
Operationally, PPPoE saves significant effort for both you and the ISP or carrier, as it requires no specific configuration of the broadband modem at the customer site.
By implementing PPPoE directly on the Prestige (rather than individual computers), the computers on the
LAN do not need PPPoE software installed, since the Prestige does that part of the task. Furthermore, with
NAT, all of the LANs’ computers will have access.
Traffic Shaping is an agreement between the carrier and the subscriber to regulate the average rate and fluctuations of data transmission over an ATM network. This agreement helps eliminate congestion, which is important for transmission of real time data such as audio and video connections.
Peak Cell Rate (PCR) is the maximum rate at which the sender can send cells. This parameter may be lower
(but not higher) than the maximum line speed. 1 ATM cell is 53 bytes (424 bits), so a maximum speed of
832Kbps gives a maximum PCR of 1962 cells/sec. This rate is not guaranteed because it is dependent on the line speed.
Sustained Cell Rate (SCR) is the mean cell rate of each bursty traffic source. It specifies the maximum average rate at which cells can be sent over the virtual connection. SCR may not be greater than the PCR.
Maximum Burst Size (MBS) is the maximum number of cells that can be sent at the PCR. After MBS is reached, cell rates fall below SCR until cell rate averages to the SCR again. At this time, more cells (up to the MBS) can be sent at the PCR again.
If the PCR, SCR or MBS is set to the default of “0”, the system will assign a maximum value that correlates to your upstream line rate.
The following figure illustrates the relationship between PCR, SCR and MBS.
6-2 WAN Setup
Prestige 660R ADSL 2+ Access Gateway
Figure 6-1 Example of Traffic Shaping
6.5 Configuring WAN Setup
To change your Prestige’s WAN remote node settings, click
WAN
,
WAN Setup
.
The screen differs by the encapsulation.
WAN Setup 6-3
Prestige 660R ADSL 2+ Access Gateway
Figure 6-2 WAN Setup
The following table describes the fields in this screen.
6-4 WAN Setup
Prestige 660R ADSL 2+ Access Gateway
Table 6-1 WAN Setup
LABEL DESCRIPTION
Name Enter the name of your Internet Service Provider, e.g., MyISP. This information is for identification purposes only.
Mode Select
Routing
(default) from the drop-down list box if your ISP allows multiple computers to share an Internet account. Otherwise select
Bridge
.
Encapsulation Select the method of encapsulation used by your ISP from the drop-down list box.
Choices vary depending on the mode you select in the
Mode
field.
If you select
Bridge
in the
Mode
field, select either
PPPoA
or
RFC 1483
.
If you select
Routing
in the
Mode
field, select
PPPoA
,
RFC 1483
,
ENET ENCAP
or
PPPoE
.
Multiplex Select the method of multiplexing used by your ISP from the drop-down list. Choices are
VC
or
LLC
.
Virtual Circuit ID
VPI
VCI
VPI (Virtual Path Identifier) and VCI (Virtual Channel Identifier) define a virtual circuit.
Refer to the appendix for more information.
The valid range for the VPI is 0 to 255. Enter the VPI assigned to you.
The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local management of
ATM traffic). Enter the VCI assigned to you.
ATM QoS Type Select
CBR
(Continuous Bit Rate) to specify fixed (always-on) bandwidth for voice or data traffic. Select
UBR
(Unspecified Bit Rate) for applications that are non-time sensitive, such as e-mail. Select
VBR
(Variable Bit Rate) for bursty traffic and bandwidth sharing with other applications.
Cell Rate Cell rate configuration often helps eliminate traffic congestion that slows transmission of real time data such as audio and video connections.
Peak Cell Rate Divide the DSL line rate (bps) by 424 (the size of an ATM cell) to find the Peak Cell
Rate (PCR). This is the maximum rate at which the sender can send cells. Type the
PCR here.
Sustain Cell Rate The Sustain Cell Rate (SCR) sets the average cell rate (long-term) that can be transmitted. Type the SCR, which must be less than the PCR. Note that system default is 0 cells/sec.
WAN Setup 6-5
Prestige 660R ADSL 2+ Access Gateway
Table 6-1 WAN Setup
LABEL DESCRIPTION
Maximum Burst Size Maximum Burst Size (MBS) refers to the maximum number of cells that can be sent at the peak rate. Type the MBS, which is less than 65535.
Login Information (PPPoA and PPPoE encapsulation only)
Service Name (PPPoE only) Type the name of your PPPoE service here.
User Name
Password
IP Address
Enter the user name exactly as your ISP assigned. If assigned a name in the form user@domain where domain identifies a service name, then enter both components exactly as given.
Enter the password associated with the user name above.
This option is available if you select
Routing
in the
Mode
field.
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet. The
Single User Account feature can be used with either a dynamic or static IP address.
Select
Obtain an IP Address Automatically
if you have a dynamic IP address; otherwise select
Static IP Address
and type your ISP assigned IP address in the
IP
Address
field below.
Connection
(PPPoA and PPPoE encapsulation only)
The schedule rule(s) in SMT menu 26 have priority over your
Connection
settings.
Nailed-Up Connection Select
Nailed-Up Connection
when you want your connection up all the time. The
Prestige will try to bring up the connection automatically if it is disconnected.
Connect on Demand Select
Connect on Demand
when you don't want the connection up all the time and specify an idle time-out in the
Max Idle Timeout
field.
Max Idle Timeout Specify an idle time-out in the
Max Idle Timeout
field when you select
Connect on
Demand
. The default setting is 0, which means the Internet session will not timeout.
PPPoE Pass Through This field is available when you select
PPPoE
encapsulation.
6-6 WAN Setup
Prestige 660R ADSL 2+ Access Gateway
Table 6-1 WAN Setup
LABEL DESCRIPTION
PPPoE +
PPPoE_Client_PC
(PPPoE encapsulation only)
In addition to the Prestige's built-in PPPoE client, you can enable PPPoE pass through to allow up to ten hosts on the LAN to use PPPoE client software on their computers to connect to the ISP via the Prestige. Each host can have a separate account and a public WAN IP address.
PPPoE pass through is an alternative to NAT for application where NAT is not appropriate.
Disable PPPoE pass through if you do not need to allow hosts on the LAN to use
PPPoE client software on their computers to connect to the ISP.
Subnet Mask
(ENET ENCAP encapsulation only)
ENET ENCAP
Gateway
(ENET ENCAP encapsulation only)
Enter a subnet mask in dotted decimal notation.
Refer to the
Subnetting
appendix on how to calculate a subnet mask If you are implementing subnetting.
You must specify a gateway IP address (supplied by your ISP) when you select
ENET
ENCAP
in the
Encapsulation
field
Back
Apply
Cancel
Click
Back
to return to the previous screen.
Click
Apply
to save the changes.
Click
Cancel
to begin configuring this screen afresh.
6.6 Traffic Redirect
Traffic redirect forwards traffic to a backup gateway when the Prestige cannot connect to the Internet. An example is shown in the figure below.
WAN Setup 6-7
Prestige 660R ADSL 2+ Access Gateway
Figure 6-3 Traffic Redirect Example
The following network topology allows you to avoid triangle route security issues when the backup gateway is connected to the LAN. Use IP alias to configure the LAN into two or three logical networks with the
Prestige itself as the gateway for each LAN network. Put the protected LAN in one subnet (Subnet 1 in the following figure) and the backup gateway in another subnet (Subnet 2). Configure filters that allow packets from the protected LAN (Subnet 1) to the backup gateway (Subnet 2).
Figure 6-4 Traffic Redirect LAN Setup
6.7 Configuring WAN Backup
To change your Prestige’s WAN backup settings, click
WAN
, then
WAN Backup
. The screen appears as shown.
6-8 WAN Setup
Prestige 660R ADSL 2+ Access Gateway
Figure 6-5 WAN Backup
The following table describes the fields in this screen.
WAN Setup 6-9
Prestige 660R ADSL 2+ Access Gateway
Table 6-2 WAN Backup
LABEL DESCRIPTION
Backup Type
Check WAN IP
Address1-3
Select the method that the Prestige uses to check the DSL connection.
Select
DSL Link
to have the Prestige check if the connection to the DSLAM is up. Select
ICMP
to have the Prestige periodically ping the IP addresses configured in the
Check WAN IP Address
fields.
Configure this field to test your Prestige's WAN accessibility. Type the IP address of a reliable nearby computer (for example, your ISP's DNS server address).
If you activate either traffic redirect or dial backup, you must configure at least one IP address here.
Fail Tolerance
When using a WAN backup connection, the Prestige periodically pings the addresses configured here and uses the other WAN backup connection (if configured) if there is no response.
Type the number of times (2 recommended) that your Prestige may ping the IP addresses configured in the
Check WAN IP Address
fields without getting a response before switching to a WAN backup connection (or a different WAN backup connection).
Recovery Interval
Timeout
When the Prestige is using a lower priority connection (usually a WAN backup connection), it periodically checks to whether or not it can use a higher priority connection.
Type the number of seconds (30 recommended) for the Prestige to wait between checks. Allow more time if your destination IP address handles lots of traffic.
Type the number of seconds (3 recommended) for your Prestige to wait for a ping response from one of the IP addresses in the
Check WAN IP Address
fields before timing out the request. The WAN connection is considered "down" after the Prestige times out the number of times specified in the
Fail Tolerance
field.
Use a higher value in this field if your network is busy or congested.
Traffic Redirect
Active Select this check box to have the Prestige use traffic redirect if the normal WAN connection goes down.
If you activate traffic redirect, you must configure at least one
Check WAN IP Address
.
6-10 WAN Setup
Prestige 660R ADSL 2+ Access Gateway
Table 6-2 WAN Backup
LABEL DESCRIPTION
Metric This field sets this route's priority among the routes the Prestige uses.
The metric represents the "cost of transmission". A router determines the best route for transmission by choosing a path with the lowest "cost". RIP routing uses hop count as the measurement of cost, with a minimum of "1" for directly connected networks. The number must be between "1" and "15"; a number greater than "15" means the link is down. The smaller the number, the lower the
"cost".
Backup Gateway Type the IP address of your backup gateway in dotted decimal notation. The
Prestige automatically forwards traffic to this IP address if the Prestige's Internet connection terminates.
Back
Apply
Cancel
Click
Back
to return to the previous screen.
Click
Apply
to save the changes.
Click
Cancel
to begin configuring this screen afresh.
WAN Setup 6-11
NAT, Dynamic DNS and Time and Date
Part III:
NAT, Dynamic DNS and Time and Date
This part covers NAT (Network Address Translation), dynamic DNS (Domain Name Sever) and
Time and Date setup.
III
Prestige 660R ADSL 2+ Access Gateway
Chapter 7
Network Address Translation (NAT)
Screens
This chapter discusses how to configure NAT on the
Prestige
.
NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
7.1.1 NAT Definitions
Inside/outside denotes where a host is located relative to the Prestige, for example, the computers of your subscribers are the inside hosts, while the web servers on the Internet are the outside hosts.
Global/local denotes the IP address of a host in a packet as the packet traverses a router, for example, the local address refers to the IP address of a host when the packet is in the local network, while the global address refers to the IP address of the host when the same packet is traveling in the WAN side.
Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in a packet when the packet is still in the local network, while an inside global address (IGA) is the IP address of the same inside host when the packet is on the WAN side. The following table summarizes this information.
Table 7-1 NAT Definitions
ITEM DESCRIPTION
Inside This refers to the host on the LAN.
Outside This refers to the host on the WAN.
Local
Global
This refers to the packet address (source or destination) as the packet travels on the LAN.
This refers to the packet address (source or destination) as the packet travels on the WAN.
NAT 7-1
Prestige 660R ADSL 2+ Access Gateway
NAT never changes the IP address (either local or global) of an
outside
host.
7.1.2 What NAT Does
In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host. Note that the IP address (either local or global) of an outside host is never changed.
The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP. In addition, you can designate servers, for example, a web server and a telnet server, on your local network and make them accessible to the outside world. If you do not define any servers (for Many-to-One and Many-to-
Many Overload mapping – see
Table 7-2
), NAT offers the additional benefit of firewall protection. With no servers defined, your Prestige filters out all incoming inquiries, thus preventing intruders from probing your network. For more information on IP address translation, refer to
RFC 1631
,
The IP Network Address
Translator (NAT)
.
7.1.3 How NAT Works
Each packet has two addresses – a source address and a destination address. For outgoing packets, the ILA
(Inside Local Address) is the source address on the LAN, and the IGA (Inside Global Address) is the source address on the WAN. For incoming packets, the ILA is the destination address on the LAN, and the IGA is the destination address on the WAN. NAT maps private (local) IP addresses to globally unique ones required for communication with hosts on other networks. It replaces the original IP source address (and TCP or UDP source port numbers for Many-to-One and Many-to-Many Overload NAT mapping) in each packet and then forwards it to the Internet. The Prestige keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored. The following figure illustrates this.
7-2
Figure 7-1 How NAT Works
NAT
Prestige 660R ADSL 2+ Access Gateway
7.1.4 NAT Application
The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP
Alias) behind the Prestige can communicate with three distinct WAN networks. More examples follow at the end of this chapter.
Figure 7-2 NAT Application With IP Alias
7.1.5 NAT Mapping Types
NAT supports five types of IP/port mapping. They are:
1.
One to One
: In One-to-One mode, the Prestige maps one local IP address to one global IP address.
2.
Many to One
: In Many-to-One mode, the Prestige maps multiple local IP addresses to one global IP address. This is equivalent to SUA (for instance, PAT, port address translation), ZyXEL’s Single User
Account feature that previous ZyXEL routers supported (the
SUA Only
option in today’s routers).
NAT 7-3
Prestige 660R ADSL 2+ Access Gateway
3.
Many to Many Overload
: In Many-to-Many Overload mode, the Prestige maps the multiple local IP addresses to shared global IP addresses.
4.
Many-to-Many No Overload
: In Many-to-Many No Overload mode, the Prestige maps each local IP address to a unique global IP address.
5.
Server
: This type allows you to specify inside servers of different services behind the NAT to be accessible to the outside world.
Port numbers do
not
change for
One-to-One
and
Many-to-Many No Overload
NAT mapping types.
The following table summarizes these types.
Table 7-2 NAT Mapping Types
TYPE IP ABBREVIATION
One-to-One ILA1 ÅÆ IGA1
Many-to-One (SUA/PAT) ILA1
ÅÆ
IGA1
ILA2 ÅÆ IGA1
…
1:1
M:1
Many-to-Many Overload ILA1 ÅÆ IGA1
ILA2 ÅÆ IGA2
ILA3 ÅÆ IGA1
ILA4 ÅÆ IGA2
…
Many-to-Many No Overload ILA1 ÅÆ IGA1
ILA2 ÅÆ IGA2
ILA3 ÅÆ IGA3
…
Server Server 1 IP
ÅÆ
IGA1
Server 2 IP
ÅÆ
IGA1
Server 3 IP ÅÆ IGA1
M:M Ov
M:M No OV
Server
7.2 SUA (Single User Account) Versus NAT
SUA (Single User Account) is a ZyNOS implementation of a subset of NAT that supports two types of mapping,
Many-to-One
and
Server
. The Prestige also supports
Full Feature
NAT to map multiple global
IP addresses to multiple private LAN IP addresses of clients or servers using mapping types as outlined in
Table 7-2
.
7-4 NAT
Prestige 660R ADSL 2+ Access Gateway
1. Choose if you have just one public WAN IP address for your Prestige.
2. Choose if you have multiple public WAN IP addresses for your Prestige.
7.3 SUA Server
A SUA server set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though SUA makes your whole inside network appear as a single computer to the outside world.
You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one server can support more than one service
(for example both FTP and web service), it might be better to specify a range of port numbers. You can allocate a server IP address that corresponds to a port or a range of ports.
Many residential broadband ISP accounts do not allow you to run any server processes (such as a Web or
FTP server) from your location. Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location. If you are unsure, refer to your ISP.
Default Server IP Address
In addition to the servers for specified services, NAT supports a default server IP address. A default server receives packets from ports that are not specified in this screen.
If you do not assign an IP address in
Server Set 1
(default server), the Prestige discards all packets received for ports that are not specified here or in the remote management setup.
7.3.1 Port Forwarding: Services and Port Numbers
The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers.
Table 7-3 Services and Port Numbers
ECHO 7
FTP (File Transfer Protocol) 21
SMTP (Simple Mail Transfer Protocol)
DNS (Domain Name System)
25
53
Finger 79
HTTP (Hyper Text Transfer protocol or WWW, Web) 80
NAT 7-5
Prestige 660R ADSL 2+ Access Gateway
Table 7-3 Services and Port Numbers
POP3 (Post Office Protocol)
NNTP (Network News Transport Protocol)
SNMP (Simple Network Management Protocol)
SNMP trap
PPTP (Point-to-Point Tunneling Protocol)
110
119
161
162
1723
7.3.2 Configuring Servers Behind SUA (Example)
Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet.
Figure 7-3 Multiple Servers Behind NAT Example
IP address assigned by ISP.
7.4 Selecting the NAT Mode
You must create a firewall rule in addition to setting up SUA/NAT, to allow traffic from the WAN to be forwarded through the Prestige.
Click
NAT
to open the following screen.
7-6 NAT
Prestige 660R ADSL 2+ Access Gateway
Figure 7-4 NAT Mode
The following table describes the labels in this screen.
Table 7-4 NAT Mode
LABEL DESCRIPTION
None Select this radio button to disable NAT.
SUA Only
Select this radio button if you have just one public WAN IP address for your Prestige. The
Prestige uses Address Mapping Set 1 in the
NAT - Edit SUA/NAT Server Set
screen.
Edit Details Click this link to go to the
NAT - Edit SUA/NAT Server Set
screen.
Full Feature Select this radio button if you have multiple public WAN IP addresses for your Prestige.
Edit Details Click this link to go to the
NAT - Address Mapping Rules
screen.
Apply Click
Apply
to save your configuration.
7.5 Configuring SUA Server
If you do not assign an IP address in
Server Set 1
(default server), the Prestige discards all packets received for ports that are not specified here or in the remote management setup.
Click
NAT
, select
SUA Only
and click
Edit Details
to open the following screen.
Refer to
Table 7-3
for port numbers commonly used for particular services.
NAT 7-7
Prestige 660R ADSL 2+ Access Gateway
Figure 7-5 Edit SUA/NAT Server Set
The following table describes the fields in this screen.
Table 7-5 Edit SUA/NAT Server Set
LABEL DESCRIPTION
Start Port No. Enter a port number in this field.
To forward only one port, enter the port number again in the
End Port No.
field.
To forward a series of ports, enter the start port number here and the end port number in the
End Port No.
field.
7-8 NAT
Prestige 660R ADSL 2+ Access Gateway
Table 7-5 Edit SUA/NAT Server Set
LABEL DESCRIPTION
End Port No. Enter a port number in this field.
To forward only one port, enter the port number again in the
Start Port No.
field above and then enter it again in this field.
To forward a series of ports, enter the last port number in a series that begins with the port number in the
Start Port No.
field above.
Server IP
Address
Enter your server IP address in this field.
Save
Cancel
Click
Save
to save your changes back to the Prestige.
Click
Cancel
to return to the previous configuration.
Ordering your rules is important because the Prestige applies the rules in the order that you specify. When a rule matches the current packet, the Prestige takes the corresponding action and the remaining rules are ignored. If there are any empty rules before your new configured rule, your configured rule will be pushed up by that number of empty rules. For example, if you have already configured rules 1 to 6 in your current set and now you configure rule number 9. In the set summary screen, the new rule will be rule 7, not 9. Now if you delete rule 4, rules 5 to 7 will be pushed up by 1 rule, so old rules 5, 6 and 7 become new rules 4, 5 and
6.
To change your Prestige’s address mapping settings, click
NAT
, Select
Full Feature
and click
Edit Details
to open the following screen.
NAT 7-9
Prestige 660R ADSL 2+ Access Gateway
Figure 7-6 Address Mapping Rules
The following table describes the fields in this screen.
Table 7-6 Address Mapping Rules
LABEL DESCRIPTION
Local Start IP This is the starting Inside Local IP Address (ILA). Local IP addresses are
N/A
for
Server
port mapping.
Local End IP This is the end Inside Local IP Address (ILA). If the rule is for all local IP addresses, then this field displays 0.0.0.0 as the
Local Start IP
address and 255.255.255.255 as the
Local End IP
address. This field is
N/A
for
One-to-one
and
Server
mapping types.
Global Start IP This is the starting Inside Global IP Address (IGA). Enter 0.0.0.0 here if you have a dynamic IP address from your ISP. You can only do this for
Many-to-One
and
Server
mapping types.
Global End IP This is the ending Inside Global IP Address (IGA). This field is
N/A
for
One-to-one
,
Many-to-One
and
Server
mapping types.
7-10 NAT
Prestige 660R ADSL 2+ Access Gateway
Table 7-6 Address Mapping Rules
LABEL DESCRIPTION
Type
1-1
: One-to-one mode maps one local IP address to one global IP address. Note that port numbers do not change for the One-to-one NAT mapping type.
M-1
: Many-to-One mode maps multiple local IP addresses to one global IP address. This is equivalent to SUA (i.e., PAT, port address translation), ZyXEL's Single User Account feature that previous ZyXEL routers supported only.
M-M Ov
(Overload): Many-to-Many Overload mode maps multiple local IP addresses to shared global IP addresses.
MM No
(No Overload): Many-to-Many No Overload mode maps each local IP address to unique global IP addresses.
Server
: This type allows you to specify inside servers of different services behind the
NAT to be accessible to the outside world.
Back Click
Back
to return to the
NAT Mode
screen.
7.7 Editing an Address Mapping Rule
To edit an address mapping rule, click the rule’s link in the
NAT Address Mapping Rules
screen to display the screen shown next.
Figure 7-7 Address Mapping Rule Edit
The following table describes the fields in this screen.
NAT 7-11
Prestige 660R ADSL 2+ Access Gateway
Table 7-7 Address Mapping Rule Edit
Type
LABEL DESCRIPTION
Choose the port mapping type from one of the following.
1.
One-to-One
: One-to-One mode maps one local IP address to one global IP address. Note that port numbers do not change for One-to-one NAT mapping type.
2.
Many-to-One
: Many-to-One mode maps multiple local IP addresses to one global
IP address. This is equivalent to SUA (i.e., PAT, port address translation), ZyXEL's
Single User Account feature that previous ZyXEL routers supported only.
3.
Many-to-Many Overload
: Many-to-Many Overload mode maps multiple local IP addresses to shared global IP addresses.
4.
Many-to-Many No Overload
: Many-to-Many No Overload mode maps each local
IP address to unique global IP addresses.
5.
Server
: This type allows you to specify inside servers of different services behind the NAT to be accessible to the outside world.
Local Start IP This is the starting local IP address (ILA). Local IP addresses are
N/A
for
Server
port mapping.
Local End IP
Global Start IP
Global End IP
This is the end local IP address (ILA). If your rule is for all local IP addresses, then enter 0.0.0.0 as the
Local Start IP
address and 255.255.255.255 as the
Local End
IP
address.
This field is
N/A
for
One-to-One
and
Server
mapping types.
This is the starting global IP address (IGA). Enter 0.0.0.0 here if you have a dynamic
IP address from your ISP.
This is the ending global IP address (IGA). This field is
N/A
for
One-to-One
,
Manyto-One
and
Server
mapping types.
Server Mapping
Set
Only available when
Type
is set to
Server
.
Select a number from the drop-down menu to choose a server set from the
NAT -
Address Mapping Rules
screen.
Apply
Edit Details Click this link to go to the
NAT - Edit SUA/NAT Server Set
screen to edit a server set that you have selected in the
Server Mapping Set
field.
Click
Apply
to save your changes back to the Prestige.
Cancel
Delete
Click
Cancel
to return to the previously saved settings.
Click
Delete
to exit this screen without saving.
7-12 NAT
Prestige 660R ADSL 2+ Access Gateway
Chapter 8
Dynamic DNS Setup
This chapter discusses how to configure your Prestige to use Dynamic DNS.
Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect. Your friends or relatives will always be able to call you even if they don't know your IP address.
First of all, you need to have registered a dynamic DNS account with www.dyndns.org. This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a domain name. The Dynamic
DNS service provider will give you a password or key.
8.1.1 DYNDNS Wildcard
Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example, www.yourhost.dyndns.org and still reach your hostname.
If you have a private WAN IP address, then you cannot use Dynamic DNS.
8.2 Configuring Dynamic DNS
To change your Prestige’s DDNS, click
Dynamic DNS
. The screen appears as shown.
Dynamic DNS Setup 8-1
Prestige 660R ADSL 2+ Access Gateway
Figure 8-1 DDNS
The following table describes the fields in this screen.
Table 8-1 DDNS
Active
LABEL DESCRIPTION
Select this check box to use dynamic DNS.
Service Provider This is the name of your Dynamic DNS service provider.
Host Names
E-mail Address
User
Password
Type the domain name assigned to your Prestige by your Dynamic DNS provider.
Type your e-mail address.
Type your user name.
Type the password assigned to you.
Enable Wildcard
Apply
Cancel
Select the check box to enable DYNDNS Wildcard.
Click
Apply
to save your changes back to the Prestige.
Click
Cancel
to begin configuring this screen afresh.
8-2 Dynamic DNS Setup
Prestige 660R ADSL 2+ Access Gateway
Chapter 9
Time and Date
This screen is not available on all models. Use this screen to configure the Prestige’s time and date settings.
9.1 Configuring Time and Date
To change your Prestige’s time and date, click
Time And Date
. The screen appears as shown. Use this screen to configure the Prestige’s time based on your local time zone.
Time and Date
Figure 9-1 Time and Date
9-1
Prestige 660R ADSL 2+ Access Gateway
The following table describes the fields in this screen.
Table 9-1 Time and Date
LABEL DESCRIPTION
Time Server
Use Protocol when
Bootup
Select the time service protocol that your time server sends when you turn on the
Prestige. Not all time servers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works.
The main difference between them is the format.
Daytime (RFC 867)
format is day/month/year/time zone of the server.
Time (RFC 868)
format displays a 4-byte integer giving the total number of seconds since 1970/1/1 at 0:0:0.
The default,
NTP (RFC 1305),
is similar to Time (RFC 868).
Select
None
to enter the time and date manually.
IP Address or URL Enter the IP address or URL of your time server. Check with your ISP/network administrator if you are unsure of this information (the default is tick.stdtime.gov.tw).
Time and Date Choose the time zone of your location. This will set the time difference between your time zone and Greenwich Mean Time (GMT).
Daylight Savings Select this option if you use daylight savings time. Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening.
Start Date Enter the month and day that your daylight-savings time starts on if you selected
Daylight Savings
.
End Date Enter the month and day that your daylight-savings time ends on if you selected
Daylight Savings
.
Synchronize system clock with
Time Server now.
Select this option to have your Prestige use the time server (that you configured above) to set its internal system clock.
Please wait for up to 60 seconds while the Prestige locates the time server. If the
Prestige cannot find the time server, please check the time server protocol and its IP address. If the IP address was entered correctly, try pinging it for example to test the connection.
Date
Current Date This field displays the date of your Prestige.
Each time you reload this page, the Prestige synchronizes the time with the time server.
9-2 Time and Date
Prestige 660R ADSL 2+ Access Gateway
Table 9-1 Time and Date
LABEL DESCRIPTION
New Date (yyyymm-dd)
This field displays the last updated date from the time server.
When you select
None
in the
Use Protocol when Bootup
field, enter the new date in this field and then click
Apply
.
Time
Current Time This field displays the time of your Prestige.
Each time you reload this page, the Prestige synchronizes the time with the time server.
New Time This field displays the last updated time from the time server.
When you select
None
in the
Use Protocol when Bootup
field, enter the new time in this field and then click
Apply
.
Apply
Cancel
Click
Apply
to save your changes back to the Prestige.
Click
Cancel
to begin configuring this screen afresh.
Time and Date 9-3
Remote Management and UPnP
Part IV:
Remote Management and UPnP
This part contains information on how to configure the Prestige for remote management and setting up Universal Plug and Play (UPnP).
IV
Prestige 660R ADSL 2+ Access Gateway
Chapter 10
Remote Management Configuration
This chapter provides information on configuring remote management.
10.1 Remote Management Overview
Remote management allows you to determine which services/protocols can access which Prestige interface
(if any) from which computers.
You may manage your Prestige from a remote location via:
Internet (WAN only) ALL (LAN and WAN)
LAN only, Neither (Disable).
To disable remote management of a service, select
Disable
in the corresponding
Server Access
field.
You may only have one remote management session running at a time. The Prestige automatically disconnects a remote management session of lower priority when another remote management session of higher priority starts. The priorities for the different types of remote management sessions are as follows.
1. Telnet
2. HTTP
10.1.1 Remote Management Limitations
Remote management over LAN or WAN will not work when:
1. A filter in SMT menu 3.1 (LAN) or in menu 11.5 (WAN) is applied to block a Telnet, FTP or Web service.
2. You have disabled that service in one of the remote management screens.
3. The IP address in the
Secured Client IP
field does not match the client IP address. If it does not match, the Prestige will disconnect the session immediately.
4. There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time.
Remote Management Configuration 10-1
Prestige 660R ADSL 2+ Access Gateway
10.1.2 Remote Management and NAT
When NAT is enabled:
Use the Prestige’s WAN IP address when configuring from the WAN.
Use the Prestige’s LAN IP address when configuring from the LAN.
10.1.3 System Timeout
There is a default system management idle timeout of five minutes (three hundred seconds). The Prestige automatically logs you out if the management session remains idle for longer than this timeout period. The management session does not time out when a statistics screen is polling.
10.2 Telnet
You can configure your Prestige for remote Telnet access as shown next.
Figure 10-1 Telnet Configuration on a TCP/IP Network
10.3 FTP
You can upload and download Prestige firmware and configuration files using FTP. To use this feature, your computer must have an FTP client.
10.4 Web
You can use the Prestige’s embedded web configurator for configuration and file management. See the online help for details.
10-2 Remote Management Configuration
Prestige 660R ADSL 2+ Access Gateway
10.5 Configuring Remote Management
Click
Remote Management
to open the following screen.
Port
Figure 10-2 Remote Management
The following table describes the fields in this screen.
Table 10-1 Remote Management
LABEL DESCRIPTION
Server Type Each of these labels denotes a service that you may use to remotely manage the Prestige.
Access Status Select the access interface. Choices are
All
,
LAN Only
,
WAN Only
and
Disable
.
This field shows the port number for the remote management service. You may change the port number for a service in this field, but you must use the same port number to use that service for remote management.
Secured Client
IP
Apply
Cancel
The default 0.0.0.0 allows any client to use this service to remotely manage the Prestige.
Type an IP address to restrict access to a client with a matching IP address.
Click
Apply
to save your settings back to the Prestige.
Click
Cancel
to begin configuring this screen afresh.
Remote Management Configuration 10-3
Prestige 660R ADSL 2+ Access Gateway
Chapter 11
Universal Plug-and-Play (UPnP)
This chapter introduces the UPnP feature in the web configurator.
11.1 Introducing Universal Plug and Play
Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peerto-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network. In turn, a device can leave a network smoothly and automatically when it is no longer in use.
11.1.1 How do I know if I'm using UPnP?
UPnP hardware is identified as an icon in the Network Connections folder (Windows XP). Each UPnP compatible device installed on your network will appear as a separate icon. Selecting the icon of a UPnP device will allow you to access the information and properties of that device.
11.1.2 NAT Traversal
UPnP NAT traversal automates the process of allowing an application to operate through NAT. UPnP network devices can automatically configure network addressing, announce their presence in the network to other UPnP devices and enable exchange of simple product and service descriptions. NAT traversal allows the following:
Dynamic port mapping
Learning public IP addresses
Assigning lease times to mappings
Windows Messenger is an example of an application that supports NAT traversal and UPnP.
See the
Network Address Translation (NAT)
chapter for further information about NAT.
11.1.3 Cautions with UPnP
The automated nature of NAT traversal applications in establishing their own services may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments.
UPnP 11-1
Prestige 660R ADSL 2+ Access Gateway
All UPnP-enabled devices may communicate freely with each other without additional configuration. Disable
UPnP if this is not your intention.
11.2 UPnP and ZyXEL
ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum Creates UPnP™
Implementers Corp. (UIC). ZyXEL's UPnP implementation supports IGD 1.0 (Internet Gateway Device). At the time of writing ZyXEL's UPnP implementation supports Windows Messenger 4.6 and 4.7 while
Windows Messenger 5.0 and Xbox are still being tested.
UPnP broadcasts are only allowed on the LAN.
See later sections for examples of installing UPnP in Windows XP and Windows Me as well as an example of using UPnP in Windows.
11.2.1 Configuring UPnP
From the
Site Map
in the main menu, click
UPnP
under
Advanced Setup
to display the screen shown next.
Figure 11-1 Configuring UPnP
The following table describes the fields in this screen.
Table 11-1 Configuring UPnP
LABEL
Enable the Universal Plug and Play (UPnP) Service
DESCRIPTION
Select this checkbox to activate UPnP. Be aware that anyone could use a
UPnP application to open the web configurator's login screen without entering the Prestige's IP address (although you must still enter the password to access the web configurator).
11-2 UPnP
Prestige 660R ADSL 2+ Access Gateway
LABEL
Allow users to make configuration changes through UPnP
Table 11-1 Configuring UPnP
DESCRIPTION
Select this check box to allow UPnP-enabled applications to automatically configure the Prestige so that they can communicate through the Prestige, for example by using NAT traversal, UPnP applications automatically reserve a
NAT forwarding port in order to communicate with another UPnP enabled device; this eliminates the need to manually configure port forwarding for the
UPnP enabled application.
Click
Apply
to save the setting to the Prestige.
Click
Cancel
to return to the previously saved settings.
Apply
Cancel
11.3 Installing UPnP in Windows Example
This section shows how to install UPnP in Windows Me and Windows XP.
Installing UPnP in Windows Me
Follow the steps below to install the UPnP in Windows Me.
Step 1.
Click
Start
and
Control Panel
. Double-click
Add/Remove
Programs
.
Step 2.
Click on the
Windows Setup
tab and select
Communication
in the
Components
selection box. Click
Details
.
UPnP 11-3
Prestige 660R ADSL 2+ Access Gateway
Step 3.
In the
Communications
window, select the
Universal Plug and Play
check box in the
Components
selection box.
Step 4.
Click
OK
to go back to the
Add/Remove Programs
Properties
window and click
Next
.
Step 5.
Restart the computer when prompted.
Installing UPnP in Windows XP
Follow the steps below to install the UPnP in Windows XP.
Step 1.
Click
Start
and
Control Panel
.
Step 2.
Double-click
Network Connections
.
Step 3.
In the
Network Connections
window, click
Advanced
in the main menu and select
Optional Networking Components
…
.
The
Windows Optional Networking
Components Wizard
window displays.
Step 4.
Select
Networking Service
in the
Components
selection box and click
Details
.
11-4 UPnP
Step 5.
In the
Networking Services
window, select the
Universal Plug and Play
check box.
Step 6.
Click
OK
to go back to the
Windows
Optional Networking Component
Wizard
window and click
Next
.
Prestige 660R ADSL 2+ Access Gateway
11.4 Using UPnP in Windows XP Example
This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the Prestige.
Make sure the computer is connected to a LAN port of the Prestige. Turn on your computer and the Prestige.
Auto-discover Your UPnP-enabled Network Device
Step 1.
Click
Start
and
Control Panel
. Double-click
Network Connections
. An icon displays under Internet Gateway.
Step 2.
Right-click the icon and select
Properties
.
UPnP 11-5
Prestige 660R ADSL 2+ Access Gateway
Step 3.
In the
Internet Connection Properties
window, click
Settings
to see the port mappings there were automatically created.
Step 4.
You may edit or delete the port mappings or click
Add
to manually add port mappings.
When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically.
Step 5.
Select
Show icon in notification area when connected
option and click
OK
. An icon displays in the system tray
11-6 UPnP
Step 6.
Double-click on the icon to display your current Internet connection status.
Prestige 660R ADSL 2+ Access Gateway
Web Configurator Easy Access
With UPnP, you can access the web-based configurator on the Prestige without finding out the IP address of the Prestige first. This comes helpful if you do not know the IP address of the Prestige.
Follow the steps below to access the web configurator.
Step 1.
Click
Start
and then
Control Panel
.
Step 2.
Double-click
Network
Connections
.
Step 3.
Select
My Network Places
under
Other Places
.
UPnP 11-7
Prestige 660R ADSL 2+ Access Gateway
Step 4.
An icon with the description for each
UPnP-enabled device displays under
Local Network
.
Step 5.
Right-click on the icon for your
Prestige and select
Invoke
. The web configurator login screen displays.
Step 6.
Right-click on the icon for your Prestige and select
Properties
. A properties window displays with basic information about the Prestige.
11-8 UPnP
Maintenance
Part V:
Maintenance
This part covers the maintenance screens.
V
Prestige 660R ADSL 2+ Access Gateway
Chapter 12
Maintenance
This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics.
12.1 Maintenance Overview
The maintenance screens can help you view system information, upload new firmware, manage configuration and restart your Prestige.
12.2 System Status Screen
Click
System Status
to open the following screen, where you can use to monitor your Prestige. Note that these fields are READ-ONLY and only for diagnostic purposes.
Maintenance 12-1
Prestige 660R ADSL 2+ Access Gateway
Figure 12-1 System Status
The following table describes the fields in this screen.
12-2 Maintenance
Prestige 660R ADSL 2+ Access Gateway
LABEL
Table 12-1 System Status
DESCRIPTION
System Status
System Name This is the name of your Prestige. It is for identification purposes.
ZyNOS Firmware Version
This is the ZyNOS firmware version and the date created. ZyNOS is ZyXEL's proprietary Network Operating System design.
DSL FW Version This is the DSL firmware version associated with your Prestige.
WAN Information
Standard This is the standard that your Prestige is using.
IP Address This is the WAN port IP address.
IP Subnet Mask This is the WAN port IP subnet mask.
Default Gateway This is the IP address of the default gateway, if applicable.
VPI/VCI This is the Virtual Path Identifier and Virtual Channel Identifier that you entered in the first Wizard screen.
LAN Information
MAC Address This is the MAC (Media Access Control) or Ethernet address unique to your
Prestige.
IP Address This is the LAN port IP address.
IP Subnet Mask This is the LAN port IP subnet mask.
DHCP This is the WAN port DHCP role -
None
.
Server
,
Relay
(not all Prestige models) or
DHCP Start IP This is the first of the contiguous addresses in the IP address pool.
DHCP Pool Size This is the number of IP addresses in the IP address pool.
Maintenance 12-3
Prestige 660R ADSL 2+ Access Gateway
LABEL
Show Statistics
Table 12-1 System Status
DESCRIPTION
Click
Show Statistics
to see the performance statistics such as number of packets sent and number of packets received for each port.
12.2.1 System Statistics
Click
Show Statistics
in the
System Status
screen to open the following screen. Read-only information here includes port status and packet specific statistics. Also provided are "system up time" and "poll interval(s)".
The
Poll Interval(s)
field is configurable.
Figure 12-2 System Status: Show Statistics
The following table describes the fields in this screen.
12-4 Maintenance
Prestige 660R ADSL 2+ Access Gateway
LABEL
System up Time
CPU Load
LAN or WAN Port
Statistics
Table 12-2 System Status: Show Statistics
DESCRIPTION
This is the elapsed time the system has been up.
This field specifies the percentage of CPU utilization.
This is the WAN or LAN port.
Link Status This is the status of your WAN link.
Upstream Speed This is the upstream speed of your Prestige.
Downstream Speed This is the downstream speed of your Prestige.
Node-Link This field displays the remote node index number and link type. Link types are PPPoA,
ENET, RFC 1483 and PPPoE.
Interface
Status
TxPkts
RxPkts
Errors
Tx B/s
Rx B/s
Up Time
Collisions
This field displays the type of port.
For the WAN port, this displays the port speed and duplex setting if you're using Ethernet encapsulation and
down
(line is down),
idle
(line (ppp) idle),
dial
(starting to trigger a call) and
drop
(dropping a call) if you're using PPPoE encapsulation.
For a LAN port, this shows the port speed and duplex setting.
This field displays the number of packets transmitted on this port.
This field displays the number of packets received on this port.
This field displays the number of error packets on this port.
This field displays the number of bytes received in the last second.
This field displays the elapsed time this port has been up.
This is the number of collisions on this port.
Poll Interval(s) Type the time interval for the browser to refresh system statistics.
This field displays the number of bytes transmitted in the last second.
Maintenance 12-5
Prestige 660R ADSL 2+ Access Gateway
LABEL
Set Interval
Stop
Table 12-2 System Status: Show Statistics
DESCRIPTION
Click this button to apply the new poll interval you entered in the
Poll Interval
field above.
Click this button to halt the refreshing of the system statistics.
12.3 DHCP Table Screen
DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain
TCP/IP configuration at start-up from a server. You can configure the Prestige as a DHCP server or disable it. When configured as a server, the Prestige provides the TCP/IP configuration for the clients. If set to
None
,
DHCP service will be disabled and you must have another DHCP server on your LAN, or else the computer must be manually configured.
Click
Maintenance
, and then the
DHCP Table
tab. Read-only information here relates to your DHCP status.
The DHCP table shows current DHCP Client information (including
IP Address
,
Host Name
and
MAC
Address
) of all network clients using the DHCP server.
Figure 12-3 DHCP Table
The following table describes the fields in this screen.
Table 12-3 DHCP Table
LABEL
Host Name This is the name of the host computer.
DESCRIPTION
IP Address This field displays the IP address relative to the
Host Name
field.
12-6 Maintenance
Prestige 660R ADSL 2+ Access Gateway
Table 12-3 DHCP Table
LABEL DESCRIPTION
MAC Address This field displays the MAC (Media Access Control) address of the computer with the displayed host name.
Every Ethernet device has a unique MAC address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
12.4 Diagnostic Screens
These read-only screens display information to help you identify problems with the Prestige.
12.4.1 Diagnostic General Screen
Click
Diagnostic
and then
General
to open the screen shown next.
Figure 12-4 Diagnostic General
The following table describes the fields in this screen.
Maintenance 12-7
Prestige 660R ADSL 2+ Access Gateway
LABEL
TCP/IP
Address
Ping
Table 12-4 Diagnostic General
DESCRIPTION
Type the IP address of a computer that you want to ping in order to test a connection.
Click this button to ping the IP address that you entered.
Reset System
Click this button to reboot the Prestige. A warning dialog box is then displayed asking you if you're sure you want to reboot the system. Click
OK
to proceed.
Back Click this button to go back to the main
Diagnostic
screen.
12.4.2 Diagnostic DSL Line Screen
Click
Diagnostic
and then
DSL Line
to open the screen shown next.
Figure 12-5 Diagnostic DSL Line
The following table describes the fields in this screen.
12-8 Maintenance
Prestige 660R ADSL 2+ Access Gateway
LABEL
Reset ADSL
Line
Table 12-5 Diagnostic DSL Line
DESCRIPTION
Click this button to reinitialize the ADSL line. The large text box above then displays the progress and results of this operation, for example:
"Start to reset ADSL
Loading ADSL modem F/W...
Reset ADSL Line Successfully!"
ATM Status Click this button to view ATM status.
ATM Loopback
Test
Click this button to start the ATM loopback test. Make sure you have configured at least one PVC with proper VPIs/VCIs before you begin this test. The Prestige sends an OAM
F5 packet to the DSLAM/ATM switch and then returns it (loops it back) to the Prestige.
The ATM loopback test is useful for troubleshooting problems with the DSLAM and ATM network.
Upstream Noise
Margin
Click this button to display the upstream noise margin.
Click this button to display the downstream noise margin. Downstream
Noise Margin
Back Click this button to go back to the main
Diagnostic
screen.
12.5 Firmware Screen
Find firmware at www.zyxel.com
in a file that (usually) uses the system model name with a "*.bin" extension, e.g., "Prestige.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot. See the
Firmware and Configuration File
Maintenance
chapter in the parts that document the SMT for upgrading firmware using FTP/TFTP commands.
Only use firmware for your device’s specific model. Refer to the label on the bottom of your device.
Click
Firmware
to open the following screen. Follow the instructions in this screen to upload firmware to your Prestige.
Maintenance 12-9
Prestige 660R ADSL 2+ Access Gateway
Figure 12-6 Firmware Upgrade
The following table describes the labels in this screen.
Table 12-6 Firmware Upgrade
LABEL DESCRIPTION
File Path Type in the location of the file you want to upload in this field or click
Browse ...
to find it.
Browse...
Click
Browse...
to find the .bin file you want to upload. Remember that you must decompress compressed (.zip) files before you can upload them.
Upload Click
Upload
to begin the upload process. This process may take up to two minutes.
Reset Click this button to clear all user-entered configuration information and return the Prestige to its factory defaults. Refer to the
Resetting the Prestige
section.
Do not turn off the Prestige while firmware upload is in progress!
After you see the
Firmware Upload in Process
screen, wait two minutes before logging into the Prestige again.
The Prestige automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.
12-10 Maintenance
Prestige 660R ADSL 2+ Access Gateway
Figure 12-7 Network Temporarily Disconnected
After two minutes, log in again and check your new firmware version in the
System Status
screen.
If the upload was not successful, the following screen will appear. Click
Back
to go back to the
Firmware
screen.
Figure 12-8 Error Message
Maintenance 12-11
SMT General Configuration
Part VI:
SMT General Configuration
This part covers System Management Terminal configuration for general setup, WAN backup, LAN setup, Internet access, remote node, static route and NAT.
See the web configurator parts of this guide for background information on features configurable by web configurator and SMT.
VI
Prestige 660R ADSL 2+ Access Gateway
Chapter 13
Introducing the SMT
This chapter explains how to access and navigate the System Management Terminal and gives an overview of its menus.
13.1 SMT Introduction
T he Prestige’s SMT (System Management Terminal) is a menu-driven interface that you can access from a terminal emulator over a telnet connection. This chapter shows you how to access the SMT (System
Management Terminal) menus via Telnet, how to navigate the SMT and how to configure SMT menus.
13.1.1 Procedure for SMT Configuration via Telnet
The following procedure details how to telnet into your Prestige.
Step 1.
In Windows, click
Start
(usually in the bottom left corner),
Run
and then type “telnet
192.168.1.1” (the default IP address) and click
OK
.
Step 2.
Enter “1234” in the
Password
field.
Step 3.
After entering the password you will see the main menu.
Please note that if there is no activity for longer than five minutes (default timeout period) after you log in, your Prestige will automatically log you out. You will then have to telnet into the Prestige again.
13.1.2 Entering Password
The login screen appears after you press
[ENTER]
, prompting you to enter the password, as shown next.
For your first login, enter the default password “1234”. As you type the password, the screen displays an asterisk “*” for each character you type.
Please note that if there is no activity for longer than five minutes after you log in, your Prestige will automatically log you out.
Enter Password : ****
Figure 13-1 Login Screen
Introducing the SMT 13-1
Prestige 660R ADSL 2+ Access Gateway
13.1.3 Prestige SMT Menu Overview
The following figure gives you an overview of the various SMT menu screens of your Prestige.
Prestige 660R
Main Menu
Menu 1
General Setup
Menu 2
WAN Backup Setup
Menu 1.1
Configure Dynamic
DNS
Menu 2.1
Traffic Redirect
Setup
Menu 3
LAN Setup
Menu 3.1
LAN Port Filter
Setup
Menu 3.2
TCP/IP and DHCP
Setup
Menu 3.2.1
IP Alias Setup
Menu 4
Internet Access
Setup
Menu 11
Remote Node Setup
Menu 12
Static Routing Setup
Menu 15
NAT Setup
Menu 11.1
Remote Node Profile
Menu 12.1
IP Static Route
Menu 11.3
Remote Node Network
Layer Options
Menu 12.3
Bridge Static Route
Menu 12.1.1
Edit IP Static Route
Menu 15.1
Address Mapping Sets
Menu 15.1.x
Address Mapping Rules
Menu 12.3.1
Edit Bridge Static
Route
Menu 15.2
NAT Server Sets
Menu 15.1.x.x
Address Mapping Rule
Menu 11.5
Remote Node Filter
Menu 15.2.x
NAT Server Setup
Menu 11.6
Remote Node ATM
Layer Options
Menu 11.8
Advance Setup
Options
Menu 26
Schedule Setup
Menu 26.x
Schedule Set Setup
Menu 25.1.1
IP Routing Policy
Menu 25
IP Routing Policy
Setup
Menu 24
System Maintenance
Menu 25.1
IP Routing Policy
Setup
Menu 24.1
System Maintenance --
Status
Menu 23
System Password
Menu 22
SNMP Configuration
Menu 21
Filter Set Configuration
Menu 21.x
Filter Rules Summary
Menu 24.11
Remote Management
Menu 24.10
Time and Date
Setting
Menu 24.9.1
Budget Management
Menu 24.2.2
System Maintenance --
Change Console Port Spee d
Menu 24.2
System Information and
Console port Speed
Menu 24.2.1
System Maintenance --
Information
Menu 24.9
Call Control
Menu 24.8
Command Interpreter
Mode
Menu 24.3
System Maintenance --
Log and Trace
Menu 24.3.1
System Maintenance --
View Error Log
Menu 24.3.2
System Maintenance --
UNIX Syslog
Menu 21.x.1
TCP/IP Filter Rule
Menu 21.x.1
Generic Filter Rule
Menu 24.7.2
System Maintenance --
Upload System
Configuration File
Menu 24.7.1
System Maintenance --
Upload System Firmware
Menu 24.7
System Maintenance --
Upload Firmware
Menu 24.4
System Maintenance --
Diagnostic
Menu 24.6
System Maintenance --
Restore Configuration
Menu 24.5
System Maintenance --
Backup Configuration
Figure 13-2 Prestige 660R SMT Menu Overview
13-2 Introducing the SMT
Prestige 660R ADSL 2+ Access Gateway
13.2 Navigating the SMT Interface
The SMT (System Management Terminal) is the interface that you use to configure your Prestige.
Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below.
Table 13-1 Main Menu Commands
OPERATION KEYSTROKE
Move down to another menu
[ENTER]
DESCRIPTION
To move forward to a submenu, type in the number of the desired submenu and press [ENTER].
Move up to a previous menu
[ESC] Press [ESC] to move back to the previous menu.
Move to a “hidden” menu
Press [SPACE
BAR] to change
No
to
Yes
then press
[ENTER].
Fields beginning with “Edit” lead to hidden menus and have a default setting of
No
. Press [SPACE BAR] once to change
No
to
Yes
, then press [ENTER] to go to the “hidden” menu.
Move the cursor [ENTER] or
[UP]/[DOWN] arrow keys.
Within a menu, press [ENTER] to move to the next field. You can also use the [UP]/[DOWN] arrow keys to move to the previous and the next field, respectively.
Entering information
Required fields
N/A fields
Type in or press
[SPACE BAR], then press [ENTER].
You need to fill in two types of fields. The first requires you to type in the appropriate information. The second allows you to cycle through the available choices by pressing [SPACE BAR].
<
?
> or
ChangeMe
All fields with the symbol <?> must be filled in order to be able to save the new configuration.
<N/A>
All fields with
ChangeMe
must not be left blank in order to be able to save the new configuration.
Some of the fields in the SMT will show a <N/A>. This symbol refers to an option that is Not Applicable.
Save your configuration
Exit the SMT
[ENTER] Save your configuration by pressing [ENTER] at the message
“Press ENTER to confirm or ESC to cancel”. Saving the data on the screen will take you, in most cases to the previous menu.
Type 99, then press
[ENTER].
Type 99 at the main menu prompt and press [ENTER] to exit the
SMT interface.
After you enter the password, the SMT displays the main menu, as shown next.
Introducing the SMT 13-3
Prestige 660R ADSL 2+ Access Gateway
Copyright (c) 1994 - 2004 ZyXEL Communications Corp.
Prestige 660R-61 Main Menu
Getting Started Advanced Management
1. General Setup 21. Filter Set Configuration
2. WAN Backup Setup 22. SNMP Configuration
3. LAN Setup 23. System Password
4. Internet Access Setup 24. System Maintenance
25. IP Routing Policy Setup
Advanced Applications 26. Schedule Setup
11. Remote Node Setup
12. Static Routing Setup
15. NAT Setup 99. Exit
Enter Menu Selection Number:
Figure 13-3 SMT Main Menu
13.2.1 System Management Terminal Interface Summary
Table 13-2 Main Menu Summary
1
2
3
General Setup
WAN Backup Setup
LAN Setup
4 Internet Access Setup
11 Remote Node Setup
12 Static Routing Setup
15 NAT Setup
21 Filter Set Configuration
22 SNMP Configuration
23 System Password
24 System Maintenance
25 IP Routing Policy Setup
DESCRIPTION
Use this menu to set up your general information.
Use this menu to setup traffic redirect.
Use this menu to set up your LAN connection.
A quick and easy way to set up an Internet connection.
Use this menu to set up the Remote Node for LAN-to-LAN connection, including Internet connection.
Use this menu to set up static routes.
Use this menu to specify inside servers when NAT is enabled.
Use this menu to configure filters.
Use this menu to set up SNMP related parameters.
Use this menu to change your password.
This menu provides system status, diagnostics, software upload, etc.
Use this menu to configure your IP routing policy.
13-4 Introducing the SMT
Prestige 660R ADSL 2+ Access Gateway
26 Schedule Setup
99 Exit
Table 13-2 Main Menu Summary
DESCRIPTION
Use this menu to schedule outgoing calls.
Use this to exit from SMT and return to a blank screen.
13.3 Changing the System Password
Change the Prestige default password by following the steps shown next.
Step 1.
Enter 23 in the main menu to display
Menu 23 - System Password
as shown next.
Step 2.
Type your existing system password in the
Old Password
field, for example “1234”, and press
[ENTER]
.
Menu 23 - System Password
Old Password= ?
New Password= ?
Retype to confirm= ?
Enter here to CONFIRM or ESC to CANCEL:
Figure 13-4 Menu 23.1 Change Password
Step 3.
Type your new system password in the
New Password
field (up to 30 characters), and press
[ENTER] .
Step 4.
Re-type your new system password in the
Retype to confirm
field for confirmation and press
[ENTER] .
Note that as you type a password, the screen displays an “*” for each character you type.
Introducing the SMT 13-5
Prestige 660R ADSL 2+ Access Gateway
Chapter 14
Menu 1 General Setup
Menu 1 - General Setup
contains administrative and system-related information.
14.1 General Setup
Menu 1 — General Setup
contains administrative and system-related information (shown next). The
System Name
field is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name".
•
In Windows 95/98 click
Start
,
Settings
,
Control Panel
,
Network
. Click the
Identification
tab, note the entry for the
Computer name
field and enter it as the Prestige
System Name
.
•
In Windows 2000 click
Start
,
Settings
,
Control Panel
and then double-click
System
. Click the
Network Identification
tab and then the
Properties
button. Note the entry for the
Computer name
field and enter it as the Prestige
System Name
.
•
In Windows XP, click
start
,
My Computer
,
View system information
and then click the
Computer Name
tab. Note the entry in the
Full computer name
field and enter it as the Prestige
System Name
.
The
Domain Name
entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the Prestige via DHCP.
14.2 Procedure To Configure Menu 1
Step 1.
Enter 1 in the Main Menu to open
Menu 1
—
General Setup
(shown next).
Menu 1 General Setup 14-1
Prestige 660R ADSL 2+ Access Gateway
Menu 1 - General Setup
System Name= ?
Location=
Contact Person's Name=
Domain Name=
Edit Dynamic DNS= No
Route IP= Yes
Bridge= No
Press ENTER to Confirm or ESC to Cancel:
Figure 14-1 Menu 1 General Setup
Step 2.
Fill in the required fields. Refer to the table shown next for more information about these fields.
Table 14-1 Menu 1 General Setup
System Name Choose a descriptive name for identification purposes. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and underscores "_" are accepted.
Location (optional) Enter the geographic location (up to 31 characters) of your Prestige
.
MyHouse
Contact Person's
Name (optional)
Enter the name (up to 30 characters) of the person in charge of this
Prestige.
JohnDoe
Domain Name Enter the domain name (if you know it) here. If you leave this field blank, the ISP may assign a domain name via DHCP. You can go to menu 24.8 and type "sys domainname" to see the current domain name used by your gateway. zyxel.com.tw
If you want to clear this field just press the [SPACE BAR]. The domain name entered by you is given priority over the ISP assigned domain name.
Edit Dynamic DNS Press the [SPACE BAR] to select
Yes
or
No
(default). Select
Yes
to configure
Menu 1.1 — Configure Dynamic DNS
(discussed next).
Route IP Set this field to
Yes
to enable or
No
to disable IP routing. You must enable IP routing for Internet access.
No
Yes
Bridge Turn on/off bridging for protocols not supported (for example, SNA) or not turned on in the previous
Route IP
field. Select
Yes
to turn bridging on; select
No
to turn bridging off.
No
14-2 Menu 1 General Setup
Prestige 660R ADSL 2+ Access Gateway
14.2.1 Procedure to Configure Dynamic DNS
If you have a private WAN IP address, then you cannot use Dynamic DNS.
Step 1.
To configure Dynamic DNS, go to
Menu 1 — General Setup
and select
Yes
in the
Edit
Dynamic DNS
field. Press [
ENTER
] to display
Menu 1.1— Configure Dynamic DNS
as shown next.
Menu 1.1 - Configure Dynamic DNS
Service Provider = WWW.DynDNS.ORG
Active= Yes
Host= me.dyndns.org
EMAIL= mail@mailserver
USER= username
Password= *********
Enable Wildcard= No
Press ENTER to confirm or ESC to cancel:
Figure 14-2 Menu 1.1 Configure Dynamic DNS
Follow the instructions in the next table to configure Dynamic DNS parameters.
Table 14-2 Menu 1.1 Configure Dynamic DNS
FIELD DESCRIPTION EXAMPLE
Service Provider This is the name of your Dynamic DNS service provider.
Active
WWW.DynDNS.ORG
(default)
Yes
Host
USER
Press [SPACE BAR] to select
Yes
and then press [ENTER] to make dynamic DNS active.
Enter the domain name assigned to your Prestige by your
Dynamic DNS provider.
Enter your e-mail address.
Enter your user name. me.dyndns.org mail@mailserver
Password Enter the password assigned to you.
Enable Wildcard Your Prestige supports DYNDNS Wildcard. Press [SPACE
BAR] and then [ENTER] to select
Yes
or
No
This field is
N/A
when you choose DDNS client as your service provider.
No
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save your configuration, or press [ESC] at any time to cancel.
Menu 1 General Setup 14-3
Prestige 660R ADSL 2+ Access Gateway
Chapter 15
Menu 2 WAN Backup Setup
This chapter describes how to configure traffic redirect using menu 2 and 2.1.
15.1 Introduction to WAN Backup Setup
This chapter explains how to configure the Prestige for traffic redirect.
15.2 Configuring Dial Backup in Menu 2
From the main menu, enter 2 to open menu 2.
Menu 2 - Wan Backup Setup
Check Mechanism = DSL Link
Check WAN IP Address1 = 0.0.0.0
Check WAN IP Address2 = 0.0.0.0
Check WAN IP Address3 = 0.0.0.0
KeepAlive Fail Tolerance = 0
Recovery Interval(sec) = 0
ICMP Timeout(sec) = 0
Traffic Redirect = No
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 15-1 Menu 2 WAN Backup Setup
The following table describes the fields in this menu.
FIELD
Check Mechanism
Table 15-1 Menu 2 WAN Backup Setup
DESCRIPTION
Press [SPACE BAR] and then press [ENTER] to select the method that the Prestige uses to check the DSL connection.
Select
DSL Link
to have the Prestige check the DSL connection’s physical layer.
Select
ICMP
to have the Prestige periodically ping the IP addresses configured in the
Check WAN IP Address
fields.
Menu 2 WAN Backup Setup 15-1
Prestige 660R ADSL 2+ Access Gateway
Table 15-1 Menu 2 WAN Backup Setup
FIELD
Check WAN IP
Address1-3
KeepAlive Fail
Tolerance
DESCRIPTION
Configure this field to test your Prestige's WAN accessibility. Type the IP address of a reliable nearby computer (for example, your ISP's DNS server address).
When using a WAN backup connection, the Prestige periodically pings the addresses configured here and uses the other WAN backup connection (if configured) if there is no response.
Type the number of times (2 recommended) that your Prestige may ping the IP addresses configured in the
Check WAN IP Address
field without getting a response before switching to a WAN backup connection (or a different WAN backup connection).
Recovery
Interval(sec)
ICMP Timeout
Traffic Redirect
When the Prestige is using a lower priority connection (usually a WAN backup connection), it periodically checks to whether or not it can use a higher priority connection.
Type the number of seconds (30 recommended) for the Prestige to wait between checks. Allow more time if your destination IP address handles lots of traffic.
Type the number of seconds for an ICMP session to wait for the ICMP response.
Press [SPACE BAR] to select
Yes
or
No
.
Select
Yes
and press [ENTER] to configure
Menu 2.1 Traffic Redirect Setup
.
Select
No
(default) if you do not want to configure this feature.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save your configuration, or press [ESC] at any time to cancel.
15.2.1 Traffic Redirect Setup
Configure parameters that determine when the Prestige will forward WAN traffic to the backup gateway using
Menu 2.1 — Traffic Redirect Setup
.
15-2 Menu 2 WAN Backup Setup
Prestige 660R ADSL 2+ Access Gateway
Menu 2.1 - Traffic Redirect Setup
Active= No
Configuration:
Backup Gateway IP Address= 0.0.0.0
Metric= 15
Press ENTER to Confirm or ESC to Cancel:
Figure 15-2 Menu 2.1Traffic Redirect Setup
The following table describes the fields in this menu.
Table 15-2 Menu 2.1Traffic Redirect Setup
FIELD
Active
DESCRIPTION
Press [SPACE BAR] and select
Yes
(to enable) or
No
(to disable) traffic redirect setup.
The default is
No
.
Configuration:
Backup
Gateway IP
Address
Enter the IP address of your backup gateway in dotted decimal notation.
The Prestige automatically forwards traffic to this IP address if the Prestige’s Internet connection terminates.
Metric This field sets this route's priority among the routes the Prestige uses.
The metric represents the "cost of transmission". A router determines the best route for transmission by choosing a path with the lowest "cost". RIP routing uses hop count as the measurement of cost, with a minimum of "1" for directly connected networks. The number must be between "1" and "15"; a number greater than "15" means the link is down. The smaller the number, the lower the "cost".
When you have completed this menu, press [ENTER] at the prompt “Press [ENTER] to confirm or [ESC] to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
Menu 2 WAN Backup Setup 15-3
Prestige 660R ADSL 2+ Access Gateway
Chapter 16
Menu 3 LAN Setup
This chapter covers how to configure your wired Local Area Network (LAN) settings.
16.1 LAN Setup
This section describes how to configure the Ethernet using
Menu 3
—
LAN Setup
. From the main menu, enter 3 to display menu 3.
Menu 3 - LAN Setup
1. LAN Port Filter Setup
2. TCP/IP and DHCP Setup
Enter Menu Selection Number:
Figure 16-1 Menu 3 LAN Setup
16.1.1 General Ethernet Setup
This menu allows you to specify filter set(s) that you wish to apply to the Ethernet traffic. You seldom need to filter Ethernet traffic; however, the filter sets may be useful to block certain packets, reduce traffic and prevent security breaches.
Menu 3 LAN Setup 16-1
Prestige 660R ADSL 2+ Access Gateway
Menu 3.1 - LAN Port Filter Setup
Input Filter Sets:
protocol filters=
device filters=
Output Filter Sets:
protocol filters=
device filters=
Press ENTER to Confirm or ESC to Cancel:
Figure 16-2 Menu 3.1 LAN Port Filter Setup
If you need to define filters, please read the
Filter Set Configuration
chapter first, then return to this menu to define the filter sets.
16.2 Protocol Dependent Ethernet Setup
Depending on the protocols for your applications, you need to configure the respective Ethernet Setup, as outlined below.
For TCP/IP Ethernet setup refer to the
Internet Access Application
chapter.
For bridging Ethernet setup refer to the
Bridging Setup
chapter
.
16.3 TCP/IP Ethernet Setup and DHCP
Use menu 3.2 to configure your Prestige for TCP/IP.
To edit menu 3.2, enter 3 from the main menu to display
Menu 3 — LAN Setup
. When menu 3 appears, press 2 and press [ENTER] to display
Menu 3.2 — TCP/IP and DHCP Ethernet Setup
, as shown next
:
16-2 Menu 3 LAN Setup
Prestige 660R ADSL 2+ Access Gateway
Menu 3.2 - TCP/IP and DHCP Ethernet Setup
DHCP Setup:
DHCP= Server
Client IP Pool Starting Address= 192.168.1.33
Size of Client IP Pool= 32
Primary DNS Server= 0.0.0.0
Secondary DNS Server= 0.0.0.0
Remote DHCP Server= N/A
TCP/IP Setup:
IP Address= 192.68.1.1
IP Subnet Mask= 255.255.255.0
RIP Direction= Both
Version= RIP-1
Multicast= None
IP Policies=
Edit IP Alias= No
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 16-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup
Follow the instructions in the following table on how to configure the DHCP fields.
Table 16-1 DHCP Ethernet Setup
First address in the IP pool
Size of the IP
Pool
IP addresses of the DNS servers
This is the IP address of the
Prestige
DHCP Setup
DHCP If set to
Server
, your Prestige can assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client.
If set to
None
, the DHCP server will be disabled.
If set to
Relay
, the Prestige acts as a surrogate DHCP server and relays DHCP requests and responses between the remote server and the clients. Enter the IP address of the actual, remote DHCP server in the Remote DHCP Server in this case.
When DHCP is used, the following items need to be set:
Client IP Pool Starting
Address
This field specifies the first of the contiguous addresses in the IP address pool.
Size of Client IP Pool This field specifies the size or count of the IP address pool.
Primary DNS Server
Secondary DNS
Server
Enter the IP addresses of the DNS servers. The DNS servers are passed to the DHCP clients along with the IP address and the subnet mask.
Server
32
(default)
192.168.1.33
Menu 3 LAN Setup 16-3
Prestige 660R ADSL 2+ Access Gateway
Table 16-1 DHCP Ethernet Setup
Remote DHCP Server If
Relay
is selected in the
DHCP
field above then enter the IP address of the actual remote DHCP server here.
Follow the instructions in the following table to configure TCP/IP parameters for the Ethernet port.
Table 16-2 TCP/IP Ethernet Setup
TCP/IP Setup
IP Address Enter the (LAN) IP address of your Prestige in dotted decimal notation
IP Subnet Mask Your Prestige will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the Prestige.
RIP Direction Press [ SPACE BAR
] to select the RIP direction. Choices are
Both
,
In Only
,
Out Only
or
None
.
Version
Multicast
IP Policies
Edit IP Alias
Press [
SPACE BAR]
to select the RIP version. Choices are
RIP-1
,
RIP-2B
or
RIP-2M
.
IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a Multicast group. The Prestige supports both IGMP version 1 (
IGMP-v1
) and version 2 (
IGMP-v2
).
Press the [
SPACE BAR]
to enable IP Multicasting or select
None
to disable it.
Create policies using SMT menu 25 (see the
IP Policy Routing chapter
) and apply them on the Prestige LAN interface here. You can apply up to four IP Policy sets (from twelve) by entering their numbers separated by commas.
The Prestige supports three logical LAN interfaces via its single physical Ethernet interface with the Prestige itself as the gateway for each LAN network. Press [
SPACE BAR
] to change
No
to
Yes
and press [
ENTER
] to display menu 3.2.1.
192.168.1.1
255.255.255.0
Both
(default)
RIP-1
(default)
None
(default)
2,4,7,9
No
(default)
16-4 Menu 3 LAN Setup
Prestige 660R ADSL 2+ Access Gateway
Chapter 17
Internet Access
This chapter shows you how to configure the LAN and WAN of your Prestige for Internet access
.
17.1 Internet Access Overview
Refer to the chapters on the web configurator’s wizard, LAN and WAN screens for more background information on fields in the SMT screens covered in this chapter.
17.2 IP Policies
Traditionally, routing is based on the destination address
only
and the router takes the shortest path to forward a packet. IP Policy Routing (IPPR) provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator. Policy-based routing is applied to incoming packets on a per interface basis, prior to the normal routing. Create policies using SMT menu 25 (see
IP Policy Routing
) and apply them on the Prestige LAN and/or WAN interfaces using menus 3.2 (LAN) and 11.3 (WAN).
17.3 IP Alias
IP alias allows you to partition a physical network into different logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physical Ethernet interface with the Prestige itself as the gateway for each LAN network.
Make sure that the subnets of the logical networks do not overlap.
The following figure shows a LAN divided into subnets A, B, and C.
Internet Access 17-1
Prestige 660R ADSL 2+ Access Gateway
Figure 17-1 Physical Network Figure 17-2 Partitioned Logical Networks
Use menu 3.2.1 to configure IP Alias on your Prestige.
17.4 IP Alias Setup
Use menu 3.2 to configure the first network. Move the cursor to
Edit IP Alias
field and press [ SPACEBAR] to choose
Yes
and press [ENTER] to configure the second and third network.
Menu 3.2 - TCP/IP and DHCP Setup
DHCP Setup:
DHCP= Server
Client IP Pool Starting Addres= 192.168.1.33
Size of Client IP Pool= 32
Primary DNS Server= 0.0.0.0
Secondary DNS Server= 0.0.0.0
Remote DHCP Server= N/A
TCP/IP Setup:
IP Address= 192.168.1.1
IP Subnet Mask= 255.255.255.0
RIP Direction= None
Version= N/A
Multicast= None
IP Policies=
Edit IP Alias= Yes
Press ENTER to confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 17-3 Menu 3.2 TCP/IP and DHCP Setup
Pressing [ ENTER ] displays
Menu 3.2.1 — IP Alias Setup
, as shown next.
17-2
Prestige 660R ADSL 2+ Access Gateway
Menu 3.2.1 - IP Alias Setup
IP Alias 1= No
IP Address= N/A
IP Subnet Mask= N/A
RIP Direction= N/A
Version= N/A
Incoming protocol filters= N/A
Outgoing protocol filters= N/A
IP Alias 2= No
IP Address= N/A
IP Subnet Mask= N/A
RIP Direction= N/A
Version= N/A
Incoming protocol filters= N/A
Outgoing protocol filters= N/A
Enter here to CONFIRM or ESC to CANCEL:
Figure 17-4 Menu 3.2.1 IP Alias Setup
Follow the instructions in the following table to configure IP Alias parameters.
Table 17-1 Menu 3.2.1 IP Alias Setup
FIELD DESCRIPTION EXAMPLE
IP Alias Choose
Yes
to configure the LAN network for the Prestige.
Yes
IP Address
IP Subnet
Mask
Enter the IP address of your Prestige in dotted decimal notation
Your Prestige will automatically calculate the subnet mask based on the
IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the Prestige
192.168.2.1
255.255.255.0
None
RIP Direction
Press [
SPACE BAR
] to select the RIP direction. Choices are
None
,
Both
,
In Only
or
Out Only
.
Version
Press [
SPACE BAR]
RIP-2B
or
RIP-2M
.
to select the RIP version. Choices are
RIP-1
,
RIP-1
Incoming
Protocol Filters
Enter the filter set(s) you wish to apply to the incoming traffic between this node and the Prestige.
Outgoing
Protocol Filters
Enter the filter set(s) you wish to apply to the outgoing traffic between this node and the Prestige.
When you have completed this menu, press [
ENTER
] at the prompt “Press ENTER to Confirm…” to save your configuration, or press [
ESC
] at any time to cancel.
Internet Access 17-3
Prestige 660R ADSL 2+ Access Gateway
17.5 Route IP Setup
The first step is to enable the IP routing in
Menu 1 — General Setup
.
To edit menu 1, type 1 in the main menu and press [ ENTER ]. Set the
Route IP
field to
Yes
by pressing
[
SPACE BAR
].
Menu 1 - General Setup
System Name= ?
Location= location
Contact Person's Name=
Domain Name=
Edit Dynamic DNS= No
Route IP= Yes
Bridge= No
Press ENTER to Confirm or ESC to Cancel:
Figure 17-5 Menu 1 General Setup
17.6 Internet Access Configuration
Menu 4 allows you to enter the Internet Access information in one screen. Menu 4 is actually a simplified setup for one of the remote nodes that you can access in menu 11. Before you configure your Prestige for
Internet access, you need to collect your Internet account information.
Use the
Internet Account Information
table in the
Read Me First
to record your Internet account information.
Note that if you are using PPPoA or PPPoE encapsulation, then the only ISP information you need is a login name and password. You only need to know the Ethernet Encapsulation Gateway IP address if you are using
ENET ENCAP encapsulation.
From the main menu, type 4 to display
Menu 4 - Internet Access Setup
, as shown next.
17-4
Prestige 660R ADSL 2+ Access Gateway
Menu 4 - Internet Access Setup
ISP's Name= MyIsp
Encapsulation= ENET ENCAP
Multiplexing= LLC-based
VPI #= 8
VCI #= 32
ATM QoS Type= UBR
Peak Cell Rate (PCR)= 0
Sustain Cell Rate (SCR)= 0
Maximum Burst Size (MBS)= 0
My Login= N/A
My Password= N/A
ENET ENCAP Gateway= N/A
IP Address Assignment= Dynamic
IP Address= N/A
Network Address Translation= SUA Only
Address Mapping Set= N/A
Press ENTER to Confirm or ESC to Cancel:
Figure 17-6 Menu 4 Internet Access Setup
The following table contains instructions on how to configure your Prestige for Internet access.
Table 17-2 Menu 4 Internet Access Setup
ISP’s Name
Encapsulation
Multiplexing
Enter the name of your Internet Service Provider. This information is for identification purposes only.
Press [
SPACE BAR
] to select the method of encapsulation used by your ISP. Choices are
PPPoE
,
PPPoA
,
RFC 1483
or
ENET ENCAP
.
Press [
SPACE BAR
] to select the method of multiplexing used by your ISP. Choices are
VC-based
or
LLC-based
.
Enter the Virtual Path Identifier (VPI) assigned to you.
Enter the Virtual Channel Identifier (VCI) assigned to you.
VPI #
VCI #
ATM QoS Type Press [SPACE BAR] and select
CBR
(Continuous Bit Rate) to specify fixed (always-on) bandwidth. Select
UBR
(Unspecified Bit Rate) for applications that are non-time sensitive, such as e-mail. Select
VBR
(Variable Bit Rate) for bursty traffic and bandwidth sharing with other applications.
Peak Cell Rate
(PCR)
This is the maximum rate at which the sender can send cells. Type the PCR.
MyIsp
ENET ENCAP
LLC-based
8
32
UBR
0
Internet Access 17-5
Prestige 660R ADSL 2+ Access Gateway
Table 17-2 Menu 4 Internet Access Setup
Sustain Cell
Rate (SCR)= 0
Maximum Burst
Size (MBS)= 0
Sustained Cell Rate is the mean cell rate of a bursty, on-off traffic source that can be sent at the peak rate, and a parameter for bursttraffic. Type the SCR; it must be less than the PCR.
Refers to the maximum number of cells that can be sent at the peak rate. Type the MBS. The MBS must be less than 65535.
0
0
My Login
My Password
ENET ENCAP
Gateway
Idle Timeout
Configure the
My Login
and
My Password
fields for PPPoA and
PPPoE encapsulation only. Enter the login name that your ISP gives you. If you are using PPPoE encapsulation
,
then this field must be of the form user@domain where domain identifies your PPPoE service name.
Enter the password associated with the login name above.
Enter the gateway IP address supplied by your ISP when you are using
ENET ENCAP
encapsulation.
This value specifies the number of idle seconds that elapse before the Prestige automatically disconnects the PPPoE session.
IP Address
Assignment
Press [
SPACE BAR
] to select
Static
or
Dynamic
address assignment.
IP Address Enter the IP address supplied by your ISP if applicable.
N/A
N/A
N/A
0
Dynamic
Network
Address
Translation
Press [
SPACE BAR
] to select
None
,
SUA Only
or
Full Feature
.
Please see the
NAT Chapter
for more details on the SUA (Single
User Account) feature.
N/A
SUA Only
Address
Mapping Set
Type the numbers of mapping sets (1-8) to use with NAT. See the
NAT
chapter for details.
N/A
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
If all your settings are correct your Prestige should connect automatically to the Internet. If the connection fails, note the error message that you receive on the screen and take the appropriate troubleshooting steps.
17-6
Prestige 660R ADSL 2+ Access Gateway
Chapter 18
Remote Node Configuration
This chapter covers remote node configuration.
18.1 Remote Node Setup Overview
This section describes the protocol-independent parameters for a remote node. A remote node is required for placing calls to a remote gateway. A remote node represents both the remote gateway and the network behind it across a WAN connection. When you use menu 4 to set up Internet access, you are configuring one of the remote nodes.
You first choose a remote node in
Menu 11- Remote Node Setup
. You can then edit that node’s profile in menu 11.1, as well as configure specific settings in three submenus: edit IP and bridge options in menu 11.3; edit ATM options in menu 11.6; and edit filter sets in menu 11.5.
18.2 Remote Node Setup
This section describes the protocol-independent parameters for a remote node.
18.2.1 Remote Node Profile
To configure a remote node, follow these steps:
Step 1.
From the main menu, enter 11 to display
Menu 11 - Remote Node Setup.
Step 2.
When menu 11 appears, as shown in the following figure, type the number of the remote node that you want to configure.
Remote Node Configuration 18-1
Prestige 660R ADSL 2+ Access Gateway
Menu 11 - Remote Node Setup
1. MyISP (ISP, NAT)
2. ________
3. ________
4. ________
5. ________
6. ________
7. ________
8. ________
Enter Node # to Edit:
Figure 18-1 Menu 11 Remote Node Setup
18.2.2 Encapsulation and Multiplexing Scenarios
For Internet access you should use the encapsulation and multiplexing methods used by your ISP. Consult your telephone company for information on encapsulation and multiplexing methods for LAN-to-LAN applications, for example between a branch office and corporate headquarters. There must be prior agreement on encapsulation and multiplexing methods because they cannot be automatically determined. What method(s) you use also depends on how many VCs you have and how many different network protocols you need. The extra overhead that ENET ENCAP encapsulation entails makes it a poor choice in a LAN-to-LAN application. Here are some examples of more suitable combinations in such an application.
Scenario 1. One VC, Multiple Protocols
PPPoA
(RFC-2364) encapsulation with
VC-based
multiplexing is the best combination because no extra protocol identifying headers are needed. The
PPP
protocol already contains this information.
Scenario 2. One VC, One Protocol (IP)
Selecting
RFC-1483
encapsulation with
VC-based
multiplexing requires the least amount of overhead (0 octets). However, if there is a potential need for multiple protocol support in the future, it may be safer to select
PPPoA
encapsulation instead of
RFC-1483
, so you do not need to reconfigure either computer later.
Scenario 3. Multiple VCs
If you have an equal number (or more) of VCs than the number of protocols, then select
RFC-1483
encapsulation and
VC-based
multiplexing.
Prestige 660R ADSL 2+ Access Gateway
Menu 11.1 - Remote Node Profile
Rem Node Name= MyIsp Route= IP
Active= Yes Bridge= No
Encapsulation= ENET ENCAP Edit IP/Bridge= No
Multiplexing= LLC-based Edit ATM Options= No
Service Name= N/A Edit Advance Options= N/A
Incoming: Telco Option:
Rem Login= N/A Allocated Budget(min)= N/A
Rem Password= N/A Period(hr)= N/A
Outgoing: Schedule Sets= N/A
My Login= N/A Nailed-Up Connection= N/A
My Password= N/A Session Options:
Authen= N/A Edit Filter Sets= No
Idle Timeout(sec)= N/A
Press ENTER to Confirm or ESC to Cancel:
Edit IP/Bridge Options in menu 11.3.
Edit ATM Options in menu 11.6
Edit Filter Sets in menu 11.5.
Figure 18-2 Menu 11.1 Remote Node Profile
In
Menu 11.1 – Remote Node Profile
, fill in the fields as described in the following table.
Table 18-1 Menu 11.1 Remote Node Profile
Rem Node Name Type a unique, descriptive name of up to eight characters for this node.
Active Press [SPACE BAR] and then [ENTER] to select
Yes
to activate or
No
to deactivate this node. Inactive nodes are displayed with a minus sign
“–“ in SMT menu 11.
Encapsulation
PPPoA
refers to RFC-2364 (PPP Encapsulation over ATM Adaptation
Layer 5).
If RFC-1483 (Multiprotocol Encapsulation over ATM Adaptation Layer
5) of
ENET ENCAP
are selected, then the
Rem Login
,
Rem Password
,
My Login
,
My Password
and
Authen
fields are not applicable (
N/A
).
Multiplexing
Service Name
Press [SPACE BAR] and then [ENTER] to select the method of multiplexing that your ISP uses, either
VC-based
or
LLC-based
.
When using
PPPoE
encapsulation, type the name of your PPPoE service here.
Incoming:
MyIsp
Yes
ENET
ENCAP
N/A
LLC-based
Remote Node Configuration 18-3
Prestige 660R ADSL 2+ Access Gateway
Table 18-1 Menu 11.1 Remote Node Profile
Rem Login Type the login name that this remote node will use to call your
Prestige. The login name and the
Rem Password
will be used to authenticate this node.
Rem Password Type the password used when this remote node calls your Prestige.
Outgoing:
My Login Type the login name assigned by your ISP when the Prestige calls this remote node.
My Password Type the password assigned by your ISP when the Prestige calls this remote node.
Authen This field sets the authentication protocol used for outgoing calls.
Options for this field are:
Route
Bridge
CHAP
/
PAP
– Your Prestige will accept either
CHAP
or
PAP
when requested by this remote node.
CHAP
– accept
CHAP
(Challenge Handshake Authentication
Protocol) only.
PAP
– accept PAP (Password Authentication Protocol) only.
This field determines the protocol used in routing. Options are
IP
and
None.
When bridging is enabled, your Prestige will forward any packet that it does not route to this remote node; otherwise, the packets are discarded. Select
Yes
to enable and
No
to disable.
Edit IP/Bridge Press [SPACE BAR] to select
Yes
and press [ENTER] to display
Menu 11.3 – Remote Node Network Layer Options
.
Edit ATM Options
Press [SPACE BAR] to select
Yes
and press [ENTER] to display
Menu 11.6 – Remote Node ATM Layer Options
.
Edit Advance
Options
Telco Option
This field is only available when you select
PPPoE
in the
Encapsulation
field.
Press [SPACE BAR] to select
Yes
and press [ENTER] to display
Menu 11.8 – Advance Setup Options
.
IP
No
No
No
No
Prestige 660R ADSL 2+ Access Gateway
Table 18-1 Menu 11.1 Remote Node Profile
Allocated Budget
(min)
This sets a ceiling for outgoing call time for this remote node. The default for this field is 0 meaning no budget control.
Period (hr) This field is the time period that the budget should be reset. For example, if we are allowed to call this remote node for a maximum of
10 minutes every hour, then the
Allocated Budget
is (10 minutes) and the
Period (hr)
is 1 (hour).
Schedule Sets This field is only applicable for
PPPoE
and
PPPoA
encapsulation. You can apply up to four schedule sets here. For more details please refer to the
Call Schedule Setup
chapter.
Nailed up
Connection
This field is only applicable for section.
PPPoE
and
PPPoA
encapsulation.
This field specifies if you want to make the connection to this remote node a nailed-up connection. More details are given earlier in this
Session Options
Edit Filter Sets Use [SPACE BAR] to choose
Yes
and press [ENTER] to open menu
11.5 to edit the filter sets. See the
Remote Node Filter
section for more details.
Idle Timeout (sec) Type the number of seconds (0-9999) that can elapse when the
Prestige is idle (there is no traffic going to the remote node), before the
Prestige automatically disconnects the remote node. 0 means that the session will not timeout.
No
(default)
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
18.2.3 Outgoing Authentication Protocol
For obvious reasons, you should employ the strongest authentication protocol possible. However, some vendors’ implementation includes specific authentication protocol in the user profile. It will disconnect if the negotiated protocol is different from that in the user profile, even when the negotiated protocol is stronger than specified. If the peer disconnects right after a successful authentication, make sure that you specify the correct authentication protocol when connecting to such an implementation.
Remote Node Configuration 18-5
Prestige 660R ADSL 2+ Access Gateway
18.3 Remote Node Network Layer Options
For the TCP/IP parameters, perform the following steps to edit
Menu 11.3 – Remote Node Network Layer
Options
as shown next.
Step 1.
In menu 11.1, make sure
IP
is among the protocols in the
Route
field.
Step 2.
Move the cursor to the
Edit IP/Bridge
field, press [ SPACE BAR ] to select
Yes,
then press
[ENTER] to display
Menu 11.3
–
Remote Node Network Layer Options.
Menu 11.3 - Remote Node Network Layer Options
IP Options: Bridge Options:
IP Address Assignment=
Dynamic
Ethernet Addr Timeout (min)= N/A
Rem IP Addr: 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= N/A
NAT= Full Feature
Address Mapping Set= 2
Metric= 2
Private= No
RIP Direction= None
Version= RIP-1
Multicast= None
IP Policies= 3,4,5,6
Press ENTER to Confirm or ESC to Cancel:
Figure 18-3 Menu 11.3 Remote Node Network Layer Options
The next table explains fields in
Menu 11.3
–
Remote Node Network Layer Options
.
Table 18-2 Menu 11.3 Remote Node Network Layer Options
IP Address
Assignment
Press [SPACE BAR] and then [ENTER] to select
Dynamic
if the remote node is using a dynamically assigned IP address or
Static
if it is using a static (fixed) IP address. You will only be able to configure this in the ISP node (also the one you configure in menu 4), all other nodes are set to
Static
.
Rem IP Addr This is the IP address you entered in the previous menu.
Rem Subnet
Mask
Type the subnet mask assigned to the remote node.
Dynamic
Prestige 660R ADSL 2+ Access Gateway
Table 18-2 Menu 11.3 Remote Node Network Layer Options
My WAN
Addr
NAT
Some implementations, especially UNIX derivatives, require separate IP network numbers for the WAN and LAN links and each end to have a unique address within the WAN network number. In that case, type the IP address assigned to the WAN port of your Prestige.
NOTE: Refers to local Prestige address, not the remote router address.
Press [SPACE BAR] and then [ENTER] to select
Full Feature
if you have multiple public WAN IP addresses for your Prestige.
Select
SUA Only
if you have just one public WAN IP address for your
Prestige. The SMT uses Address Mapping Set 255 (menu 15.1 - see section
21.3.1
).
Select
None
to disable NAT.
Address
Mapping Set
Metric
Private
When
Full Feature
is selected in the
NAT
field, configure address mapping sets in menu 15.1. Select one of the NAT server sets (2-10) in menu 15.2 (see the
NAT
chapter for details) and type that number here.
When
SUA Only
is selected in the NAT field, the SMT uses NAT server set
1 in menu 15.2 (see the
NAT
chapter for details).
The metric represents the “cost” of transmission for routing purposes. IP routing uses hop count as the cost measurement, with a minimum of 1 for directly connected networks. Type a number that approximates the cost for this link. The number need not be precise, but it must be between 1 and
15. In practice, 2 or 3 is usually a good number.
This determines if the Prestige will include the route to this remote node in its RIP broadcasts. If set to
Yes
, this route is kept private and not included in RIP broadcast. If
No
, the route to this remote node will be propagated to other hosts through RIP broadcasts.
Press [SPACE BAR] and then [ENTER] to select the RIP Direction.
Options are
Both
,
In Only
,
Out Only
or
None
.
RIP
Direction
Version Press [SPACE BAR] and then [ENTER] to select the RIP version. Options are
RIP-1
,
RIP-2B
or
RIP-2M
.
Multicast
IGMP-v1
sets IGMP to version 1,
None
disables IGMP.
IGMP-v2
sets IGMP to version 2 and
IP Policies You can apply up to four IP Policy sets (from 12) by typing in their numbers separated by commas. Configure the filter sets in menu 25 first (see the
IP
Policy Routing
chapter) and then apply them here.
SUA Only
2
2
No
None
RIP-1
None
3, 4, 5, 6
Remote Node Configuration 18-7
Prestige 660R ADSL 2+ Access Gateway
Table 18-2 Menu 11.3 Remote Node Network Layer Options
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
18.3.1 My WAN Addr Sample IP Addresses
The following figure uses sample IP addresses to help you understand the field of
My WAN Addr
in menu
11.3. Refer to the previous
LAN and WAN IP Addresses
figure in the web configurator chapter on LAN setup for a brief review of what a WAN IP is.
My WAN Addr
indicates the local Prestige WAN IP (172.16.0.1 in the following figure) while
Rem IP Addr
indicates the peer WAN IP (172.16.0.2 in the following figure).
Figure 18-4 Sample IP Addresses for a TCP/IP LAN-to-LAN Connection
18.4 Remote Node Filter
Move the cursor to the
Edit Filter Sets
field in menu 11.1, then press [SPACE BAR] to select
Yes
. Press
[ENTER] to display
Menu 11.5 – Remote Node Filter
.
Prestige 660R ADSL 2+ Access Gateway
Use
Menu 11.5 – Remote Node Filter
to specify the filter set(s) to apply to the incoming and outgoing traffic between this remote node and the Prestige and also to prevent certain packets from triggering calls.
You can specify up to 4 filter sets separated by comma, for example, 1, 5, 9, 12, in each filter field.
Note that spaces are accepted in this field. The Prestige has a prepackaged filter set, NetBIOS_WAN, that blocks NetBIOS packets. Include this in the call filter sets if you want to prevent NetBIOS packets from triggering calls to a remote node.
Menu 11.5 - Remote Node Filter
Input Filter Sets:
protocol filters= 11, 12
device filters=
Output Filter Sets:
protocol filters=
device filters=
Enter here to CONFIRM or ESC to CANCEL:
Figure 18-5 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation)
Menu 11.5 - Remote Node Filter
Input Filter Sets:
protocol filters= 11, 12
device filters=
Output Filter Sets:
protocol filters=
device filters=
Call Filter Sets:
Protocol filters=
Device filters=
Enter here to CONFIRM or ESC to CANCEL:
Figure 18-6 Menu 11.5 Remote Node Filter (PPPoA or PPPoE Encapsulation)
18.4.1 Web Configurator Internet Security Filter Rules
In the web configurator, open the
Security
screen as shown next. Select the predefined filter rules and click
Apply
.
Remote Node Configuration 18-9
Prestige 660R ADSL 2+ Access Gateway
Figure 18-7 Internet Security
Once you apply the filter rules in the web configurator, filter sets 11 and 12 are automatically applied in the
protocol filters
field under
Input Filter Sets
in SMT menu 11.5.
SMT input protocol filter set numbers that were previously applied are erased after you apply the
Internet Security
filter rules in the web configurator. To reapply them or apply new filter sets, you need to enter the filter set numbers again along with filter sets 11 and 12. For example, to apply filter sets 1 and 2, you enter “1, 2, 11,
12”.
18.4.2 Web Configurator Filter Sets
When you apply filter rules using the web configurator, filter sets 11 and 12 are automatically generated in
SMT menu 21. This feature is not available on all models.
Prestige 660R ADSL 2+ Access Gateway
Menu 21 - Filter Set Configuration
Filter Filter
Set # Comments Set # Comments
------ ----------------- ------ -----------------
1 _______________ 7 _______________
2 NetBIOS_WAN 8 _______________
3 NetBIOS_LAN 9 _______________
4 _______________ 10 _______________
5 _______________ 11 WebSet1
6 _______________ 12 WebSet2
Enter Filter Set Number to Configure= 0
Figure 18-8 Menu 21- Filer Set Configuration
The following figures display the filter rules in filter sets 11 and 12.
Menu 21.11 - Filter Rules Summary
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=161 N D N
2 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=162 N D F
3 N
4 N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure:
Figure 18-9 Menu 21.11- WebSet 11
Menu 21.12 - Filter Rules Summary
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D N
2 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=21 N D N
3 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=69 N D N
4 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=80 N D N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure
Figure 18-10 Menu 21.12- WebSet 12
Remote Node Configuration 18-11
Prestige 660R ADSL 2+ Access Gateway
Do not edit filter sets 11 and 12. They are used exclusively by the web configurator.
Any rules you configured in sets 11 and 12 will be erased and replaced when you apply the web configurator-generated filter rules.
18.5 Editing ATM Layer Options
Follow the steps shown next to edit
Menu 11.6 – Remote Node ATM Layer Options
.
In menu 11.1, move the cursor to the
Edit ATM Options
field and then press [SPACE BAR] to select
Yes
.
Press [ENTER] to display
Menu 11.6 – Remote Node ATM Layer Options
.
There are two versions of menu 11.6 for the Prestige, depending on whether you chose
VC-based
/
LLCbased
multiplexing and
PPP
encapsulation in menu 11.1.
18.5.1 VC-based Multiplexing (non-PPP Encapsulation)
For
VC-based
multiplexing, by prior agreement, a protocol is assigned a specific virtual circuit, for example,
VC1 will carry IP. Separate VPI and VCI numbers must be specified for each protocol.
Menu 11.6 - Remote Node ATM Layer Options
VPI/VCI (VC-Multiplexing)
VC Options for IP:
VPI #= 8
VCI #= 35
ATM QoS Type= UBR
Peak Cell Rate (PCR)= 0
Sustain Cell Rate (SCR)= 0
Maximum Burst Size (MBS)= 0
VC Options for Bridge:
VPI #= 1
VCI #= 36
ATM QoS Type= N/A
Peak Cell Rate (PCR)= N/A
Sustain Cell Rate (SCR)= N/A
Maximum Burst Size (MBR)= N/A
Press ENTER to Confirm or ESC to Cancel:
Separate VPI and
VCI numbers must be specified.
Figure 18-11 Menu 11.6 for VC-based Multiplexing
18.5.2 LLC-based Multiplexing or PPP Encapsulation
For
LLC-based
multiplexing or
PPP
encapsulation, one VC carries multiple protocols with protocol identifying information being contained in each packet header.
Prestige 660R ADSL 2+ Access Gateway
Menu 11.6 - Remote Node ATM Layer Options
VPI/VCI (LLC-Multiplexing or PPP-Encapsulation)
VPI #= 8
VCI #= 35
ATM QoS Type= UBR
Peak Cell Rate (PCR)= 0
Sustain Cell Rate (SCR)= 0
Maximum Burst Size (MBS)= 0
ENTER here to CONFIRM or ESC to CANCEL:
.
Only one set of VPI and VCI numbers needs to be specified.
Figure 18-12 Menu 11.6 for LLC-based Multiplexing or PPP Encapsulation
In this case, only one set of VPI and VCI numbers need be specified for all protocols. The valid range for the
VPI is 0 to 255 and for the VCI is 32 to 65535 (1 to 31 is reserved for local management of ATM traffic).
18.5.3 Advance Setup Options
In menu 11.1, select
PPPoE
in the
Encapsulation
field.
Menu 11.1 - Remote Node Profile
Rem Node Name= MyISP Route= IP
Active= Yes Bridge= No
Encapsulation= PPPoE
Edit IP/Bridge= No
Multiplexing= LLC-based Edit ATM Options= No
Service Name=
Edit Advance Options= Yes
Incoming: Telco Option:
Rem Login= Allocated Budget(min)= 0
Rem Password= ******** Period(hr)= 0
Outgoing: Schedule Sets=
My Login= ? Nailed-Up Connection= No
My Password= ? Session Options:
Authen= CHAP/PAP Edit Filter Sets= No
Idle Timeout(sec)= 0
Press ENTER to Confirm or ESC to Cancel:
Figure 18-13 Menu 11.1 Remote Node Profile
Move the cursor to the
Edit Advance Options
field, press [SPACE BAR] to select
Yes ,
then press
[ENTER] to display
Menu 11.8
–
Advance Setup Options
.
Remote Node Configuration 18-13
Prestige 660R ADSL 2+ Access Gateway
Menu 11.8 - Advance Setup Options
PPPoE pass-through= No
Press ENTER to Confirm or ESC to Cancel:
Figure 18-14 Menu 11.8 Advance Setup Options
The following table describes the fields in this menu.
Table 18-3 Menu 11.8 Advance Setup Options
FIELD DESCRIPTION
PPPoE passthrough
Press [SPACE BAR] to select
Yes
and press [ENTER] to enable PPPoE pass through. In addition to the Prestige's built-in PPPoE client, you can enable PPPoE pass through to allow up to ten hosts on the LAN to use PPPoE client software on their computers to connect to the ISP via the Prestige. Each host can have a separate account and a public WAN IP address.
PPPoE pass through is an alternative to NAT for applications where NAT is not appropriate.
Press [SPACE BAR] to select
No
and press [ENTER] to disable PPPoE pass through if you do not need to allow hosts on the LAN to use PPPoE client software on their computers to connect to the ISP.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
Prestige 660R ADSL 2+ Access Gateway
Chapter 19
Static Route Setup
This chapter shows how to setup IP static routes.
19.1 IP Static Route Overview
Static routes tell the Prestige routing information that it cannot learn automatically through other means. This can arise in cases where RIP is disabled on the LAN or a remote network is beyond the one that is directly connected to a remote node.
Each remote node specifies only the network to which the gateway is directly connected and the Prestige has no knowledge of the networks beyond. For instance, the Prestige knows about network N2 in the following figure through remote node Router 1. However, the Prestige is unable to route a packet to network N3 because it does not know that there is a route through remote node Router 1 (via Router 2). The static routes allow you to tell the Prestige about the networks beyond the remote nodes.
Static Route Setup
Figure 19-1 Sample Static Routing Topology
19-1
Prestige 660R ADSL 2+ Access Gateway
19.2 Configuration
Step 1.
To configure an IP static route, use
Menu 12
–
Static Route Setup
(shown next).
Menu 12 - Static Route Setup
1. IP Static Route
3. Bridge Static Route
Please enter selection:
Figure 19-2 Menu 12 Static Route Setup
Step 2.
From menu 12, select 1 to open
Menu 12.1
—
IP Static Route Setup
(shown next).
Menu 12.1 - IP Static Route Setup
1. ________
2. ________
3. ________
4. ________
5. ________
6. ________
7. ________
8. ________
9. ________
10. ________
11. ________
12. ________
13. ________
14. ________
15. ________
16. ________
Enter selection number:
Figure 19-3 Menu 12.1 IP Static Route Setup
Step 3.
Now, type the route number of a static route you want to configure.
Prestige 660R ADSL 2+ Access Gateway
Menu 12.1.1 - Edit IP Static Route
Route #: 1
Route Name= ?
Active= No
Destination IP Address= ?
IP Subnet Mask= ?
Gateway IP Address= ?
Metric= 2
Private= No
Press ENTER to Confirm or ESC to Cancel:
Figure 19-4 Menu12.1.1 Edit IP Static Route
The following table describes the fields for
Menu 12.1.1 – Edit IP Static Route
.
Table 19-1 Menu12.1.1 Edit IP Static Route
Route #
FIELD DESCRIPTION
This is the index number of the static route that you chose in menu 12.1.
Route Name
Active
Type a descriptive name for this route. This is for identification purpose only.
This field allows you to activate/deactivate this static route.
Destination IP Address This parameter specifies the IP network address of the final destination. Routing is always based on network number. If you need to specify a route to a single host, use a subnet mask of 255.255.255.255 in the subnet mask field to force the network number to be identical to the host ID.
IP Subnet Mask Type the subnet mask for this destination. Follow the discussion on
IP Subnet
Mask
in this manual.
Gateway IP Address Type the IP address of the gateway. The gateway is an immediate neighbor of your Prestige that will forward the packet to the destination. On the LAN, the gateway must be a router on the same segment as your Prestige; over WAN, the gateway must be the IP address of one of the remote nodes.
Metric Metric represents the “cost” of transmission for routing purposes. IP routing uses hop count as the measurement of cost, with a minimum of 1 for directly connected networks. Type a number that approximates the cost for this link. The number need not be precise, but it must be between 1 and 15. In practice, 2 or 3 is usually a good number.
Static Route Setup 19-3
Prestige 660R ADSL 2+ Access Gateway
Table 19-1 Menu12.1.1 Edit IP Static Route
Private
FIELD DESCRIPTION
This parameter determines if the Prestige will include the route to this remote node in its RIP broadcasts. If set to
Yes
, this route is kept private and is not included in RIP broadcasts. If
No
, the route to this remote node will be propagated to other hosts through RIP broadcasts.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
Prestige 660R ADSL 2+ Access Gateway
Chapter 20
Bridging Setup
This chapter shows you how to configure the bridging parameters of your Prestige.
20.1 Bridging in General
Bridging bases the forwarding decision on the MAC (Media Access Control), or hardware address, while routing does it on the network layer (IP) address. Bridging allows the Prestige to transport packets of network layer protocols that it does not route, for example, SNA, from one network to another. The caveat is that, compared to routing, bridging generates more traffic for the same network layer protocol, and it also demands more CPU cycles and memory.
For efficiency reasons, do
not
turn on bridging unless you need to support protocols other than IP on your network. For IP, enable the routing if you need it; do not bridge what the Prestige can route.
20.2 Bridge Ethernet Setup
Basically, all non-local packets are bridged to the WAN. Your Prestige does not support IPX.
20.2.1 Remote Node Bridging Setup
Follow the procedure in another section to configure the protocol-independent parameters in
Menu 11.1 –
Remote Node Profile
. For bridging-related parameters, you need to configure
Menu 11.3 – Remote Node
Network Layer Options
.
To setup
Menu 11.3 – Remote Node Network Layer Options
shown in the next figure, follow these steps:
Step 1.
In menu 11.1, make sure the
Bridge
field is set to
Yes
.
Bridging Setup 20-1
Prestige 660R ADSL 2+ Access Gateway
Menu 11.1 - Remote Node Profile
Rem Node Name= ? Route= IP
Active= Yes
Encapsulation= ENET ENCAP
Bridge= Yes
Edit IP/Bridge= No
Multiplexing= VC-based Edit ATM Options= No
Service Name= N/A Edit Advance Options= N/A
Incoming: Telco Option:
Rem Login= N/A Allocated Budget(min)= N/A
Rem Password= N/A Period(hr)= N/A
Outgoing: Schedule Sets= N/A
My Login= N/A Nailed-Up Connection= N/A
My Password= N/A Session Options:
Authen= N/A Edit Filter Sets= No
Idle Timeout(sec)= N/A
Press ENTER to Confirm or ESC to Cancel:
Figure 20-1 Menu 11.1 Remote Node Profile
Step 2.
Move the cursor to the
Edit IP/Bridge
field, then press [
SPACE BAR
] to set the value to
Yes
and press [ENTER] to edit
Menu 11.3 – Remote Node Network Layer Options
.
Menu 11.3 - Remote Node Network Layer Options
IP Options: Bridge Options:
IP Address Assignment= Static
Ethernet Addr Timeout (min)= 0
Rem IP Addr: 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= 0.0.0.0
NAT= Full Feature
Address Mapping Set=2
Metric= 2
Private= No
RIP Direction= Both
Version= RIP-2B
Multicast= IGMP-v2
IP Policies=
Press ENTER to Confirm or ESC to Cancel:
Figure 20-2 Menu 11.3 Remote Node Network Layer Options
Prestige 660R ADSL 2+ Access Gateway
Table 20-1 Remote Node Network Layer Options : Bridge Fields
Bridge (menu 11.1)
Edit IP/Bridge (menu
11.1)
FIELD DESCRIPTION
Make sure this field is set to
Yes
.
Press [SPACE BAR] to select
Yes
and press [ENTER] to display menu 11.3.
Ethernet Addr Timeout
(min.) (menu 11.3)
Type the time (in minutes) for the Prestige to retain the Ethernet Address information in its internal tables while the line is down. If this information is retained, your Prestige will not have to recompile the tables when the line comes back up.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
20.2.2 Bridge Static Route Setup
Similar to network layer static routes, a bridging static route tells the Prestige the route to a node before a connection is established. You configure bridge static routes in menu 12.3.1 (go to menu 12, choose option 3, then choose a static route to edit) as shown next.
Menu 12.3.1 - Edit Bridge Static Route
Route #: 1
Route Name=
Active= No
Ether Address= ?
IP Address=
Gateway Node= 1
Press ENTER to Confirm or ESC to Cancel:
Figure 20-3 Menu 12.3.1 Edit Bridge Static Route
The following table describes the
Edit Bridge Static Route
menu.
Table 20-2 Menu 12.3.1 Edit Bridge Static Route
FIELD DESCRIPTION
Route # This is the route index number you typed in
Menu 12.3 – Bridge Static Route Setup
.
Route Name Type a name for the bridge static route for identification purposes.
Bridging Setup 20-3
Prestige 660R ADSL 2+ Access Gateway
Table 20-2 Menu 12.3.1 Edit Bridge Static Route
FIELD DESCRIPTION
Active Indicates whether the static route is active (
Yes
) or not (
No
).
Ether Address Type the MAC address of the destination computer that you want to bridge the packets to.
IP Address If available, type the IP address of the destination computer that you want to bridge the packets to.
Gateway Node Press [SPACE BAR] and then [ENTER] to select the number of the remote node (one to eight) that is the gateway of this static route.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
Prestige 660R ADSL 2+ Access Gateway
Chapter 21
Network Address Translation (NAT)
This chapter discusses how to configure NAT on the Prestige.
21.1 Using NAT
You must create a firewall rule in addition to setting up SUA/NAT, to allow traffic from the WAN to be forwarded through the Prestige.
21.1.1 SUA (Single User Account) Versus NAT
SUA (Single User Account) is a ZyNOS implementation of a subset of NAT that supports two types of mapping,
Many-to-One
and
Server
. See
section 21.3.1
for a detailed description of the NAT set for SUA.
The Prestige also supports
Full Feature
NAT to map multiple global IP addresses to multiple private LAN
IP addresses of clients or servers using mapping types
.
1. Choose if you have just one public WAN IP address for your Prestige.
2. Choose if you have multiple public WAN IP addresses for your Prestige.
21.2 Applying NAT
You apply NAT via menus 4 or 11.3 as displayed next. The next figure shows you how to apply NAT for
Internet access in menu 4. Enter 4 from the main menu to go to
Menu 4 - Internet Access Setup
.
NAT 21-1
Prestige 660R ADSL 2+ Access Gateway
Menu 4 - Internet Access Setup
ISP's Name= MyISP
Encapsulation= RFC 1483
Multiplexing= LLC-based
VPI #= 8
VCI #= 35
ATM QoS Type= UBR
Peak Cell Rate (PCR)= 0
Sustain Cell Rate (SCR)= 0
Maximum Burst Size (MBS)= 0
My Login= N/A
My Password= N/A
ENET ENCAP Gateway= N/A
IP Address Assignment= Static
IP Address= 0.0.0.0
Network Address Translation= SUA Only
Address Mapping Set= N/A
Press ENTER to Confirm or ESC to Cancel:
Figure 21-1 Menu 4 Applying NAT for Internet Access
The following figure shows how you apply NAT to the remote node in menu 11.1.
Step 1.
Enter 11 from the main menu.
Step 2.
When menu 11 appears, as shown in the following figure, type the number of the remote node that you want to configure.
Step 3.
Move the cursor to the
Edit IP/Bridge
field, press [SPACE BAR] to select
Yes
and then press
[ENTER] to bring up
Menu 11.3 - Remote Node Network Layer Options.
21-2 NAT
Prestige 660R ADSL 2+ Access Gateway
Menu 11.3 - Remote Node Network Layer Options
IP Options: Bridge Options:
IP Address Assignment = Dynamic Ethernet Addr Timeout(min)= N/A
Rem IP Addr = 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= N/A
NAT= SUA Only
Address Mapping Set= N/A
Metric= 2
Private= No
RIP Direction= None
Version= RIP-1
Multicast= None
IP Policies=
Enter here to CONFIRM or ESC to CANCEL:
Figure 21-2 Menu 11.3 Applying NAT to the Remote Node
The following table describes the options for Network Address Translation.
Table 21-1 Applying NAT in Menus 4 & 11.3
FIELD DESCRIPTION EXAMPLE
NAT Press [SPACE BAR] and then [ENTER] to select
Full Feature
have multiple public WAN IP addresses for your Prestige. The SMT uses the address mapping set that you configure and enter in the
Address Mapping Set
field (menu 15.1 - see section
21.3.1
).
if you
Full Feature
Select
None
to disable NAT.
When you select
SUA Only
, the SMT uses Address Mapping Set 255
(menu 15.1 - see section
21.3.1
). Choose
SUA Only
if you have just one public WAN IP address for your Prestige.
None
SUA Only
21.3 NAT Setup
Use the address mapping sets menus and submenus to create the mapping table used to assign global addresses to computers on the LAN.
Set 255
is used for SUA. When you select
Full Feature
in menu 4 or
11.3, the SMT will use
Set 1
. When you select
SUA Only
, the SMT will use the pre-configured
Set 255
(read only).
The server set is a list of LAN servers mapped to external ports. To use this set, a server rule must be set up inside the NAT address mapping set. Please see the section on port forwarding in the chapter on NAT web
NAT 21-3
Prestige 660R ADSL 2+ Access Gateway configurator screens for further information on these menus. To configure NAT, enter 15 from the main menu to bring up the following screen.
Menu 15 - NAT Setup
1. Address Mapping Sets
2. NAT Server Sets
Enter Menu Selection Number:
Figure 21-3 Menu 15 NAT Setup
21.3.1 Address Mapping Sets
Enter 1 to bring up
Menu 15.1 — Address Mapping Sets
.
Menu 15.1 - Address Mapping Sets
1. ACL Default Set
2.
3.
4.
5.
6.
7.
8.
255. SUA (read only)
Enter Menu Selection Number:
Enter Menu Selection Number:
Figure 21-4 Menu 15.1 Address Mapping Sets
SUA Address Mapping Set
Enter 255 to display the next screen (see also
section 21.1.1)
. The fields in this menu cannot be changed.
21-4 NAT
Prestige 660R ADSL 2+ Access Gateway
Menu 15.1.255 - Address Mapping Rules
Set Name= SUA
Idx Local Start IP Local End IP Global Start IP Global End IP Type
--- --------------- --------------- --------------- --------------- ------
1. 0.0.0.0 255.255.255.255 0.0.0.0 M-1
2. 0.0.0.0 Server
3.
4.
5.
6.
7.
8.
9.
10.
Press ENTER to Confirm or ESC to Cancel:
Figure 21-5 Menu 15.1.255 SUA Address Mapping Rules
The following table explains the fields in this menu.
Menu 15.1.255 is read-only.
Table 21-2 SUA Address Mapping Rules
Set Name
Idx
Local Start IP
Local End IP
Global Start IP
Global End IP
Type
This is the name of the set you selected in menu 15.1 or enter the name of a new set you want to create.
This is the index or rule number.
Local Start IP
is the starting local IP address (ILA).
Local End IP
is the ending local IP address (ILA). If the rule is for all local IPs, then the Start IP is 0.0.0.0 and the End IP is
255.255.255.255.
This is the starting global IP address (IGA). If you have a dynamic
IP, enter 0.0.0.0 as the
Global Start IP
.
This is the ending global IP address (IGA).
These are the mapping types.
Server
allows us to specify multiple servers of different types behind NAT to this machine. See later for some examples.
SUA
1
0.0.0.0
255.255.255.255
0.0.0.0
Server
NAT 21-5
Prestige 660R ADSL 2+ Access Gateway
Table 21-2 SUA Address Mapping Rules
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
User-Defined Address Mapping Sets
Now let’s look at option 1 in menu 15.1. Enter 1 to bring up this menu. We’ll just look at the differences from the previous menu. Note the extra
Action
and
Select Rule
fields mean you can configure rules in this screen. Note also that the [?] in the
Set Name
field means that this is a required field and you must enter a name for the set.
Menu 15.1.1 - Address Mapping Rules
Set Name= ACL Default Set
Idx Local Start IP Local End IP Global Start IP Global End IP Type
--- --------------- --------------- --------------- --------------- ------
1.
2
3.
4.
5.
6.
7.
8.
9.
10.
Action= Edit Select Rule=
Press ENTER to Confirm or ESC to Cancel:
Figure 21-6 Menu 15.1.1 First Set
If the
Set Name
field is left blank, the entire set will be deleted.
The Type, Local and Global Start/End IPs are configured in menu 15.1.1.1
(described later) and the values are displayed here.
Ordering Your Rules
Ordering your rules is important because the Prestige applies the rules in the order that you specify. When a rule matches the current packet, the Prestige takes the corresponding action and the remaining rules are
21-6 NAT
Prestige 660R ADSL 2+ Access Gateway ignored. If there are any empty rules before your new configured rule, your configured rule will be pushed up by that number of empty rules. For example, if you have already configured rules 1 to 6 in your current set and now you configure rule number 9. In the set summary screen, the new rule will be rule 7, not 9.
Now if you delete rule 4, rules 5 to 7 will be pushed up by 1 rule, so as old rule 5 becomes rule 4, old rule 6 becomes rule 5 and old rule 7 becomes rule 6.
Table 21-3 Menu 15.1.1 First Set
Set Name
Action
Select Rule
Enter a name for this set of rules. This is a required field. If this field is left blank, the entire set will be deleted.
The default is
Edit
.
Edit
means you want to edit a selected rule (see following field).
Insert Before
means to insert a rule before the rule selected. The rules after the selected rule will then be moved down by one rule.
Delete
means to delete the selected rule and then all the rules after the selected one will be advanced one rule.
None
disables the
Select Rule
item.
When you choose
Edit
,
Insert Before
or
Delete
in the previous field the cursor jumps to this field to allow you to select the rule to apply the action in question.
ACL Default
Set
Edit
1
You must press
[ENTER]
at the bottom of the screen to save the whole set. You must do this again if you make any changes to the set – including deleting a rule.
No changes to the set take place until this action is taken.
Selecting
Edit
in the
Action
field and then selecting a rule brings up the following menu,
Menu 15.1.1.1
-
Address Mapping Rule
in which you can edit an individual rule and configure the
Type
,
Local
and
Global
Start/End IPs
.
An End IP address must be numerically greater than its corresponding IP Start address.
NAT 21-7
Prestige 660R ADSL 2+ Access Gateway
Menu 15.1.1.1 Address Mapping Rule
Type= One-to-One
Local IP:
Start=
End = N/A
Global IP:
Start=
End = N/A
Server Mapping Set= N/A
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 21-7 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set
The following table explains the fields in this menu.
Table 21-4 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set
Type
Local IP
Press [SPACE BAR] and then [ENTER] to select from a total of five types.
These are the mapping types discussed in the chapter on NAT web configurator screens.
Server
allows you to specify multiple servers of different types behind NAT to this computer. See
section 21.5.3
for an example.
Only local IP fields are
N/A
for server; Global IP fields MUST be set for
Server
.
Start This is the starting local IP address (ILA).
Global IP
End This is the ending local IP address (ILA). If the rule is for all local IPs, then put the Start IP as 0.0.0.0 and the End IP as 255.255.255.255. This field is
N/A
for One-to-One and Server types.
Start This is the starting inside global IP address (IGA). If you have a dynamic
IP, enter 0.0.0.0 as the
Global IP Start
. Note that
Global IP Start
can be set to 0.0.0.0 only if the types are
Many-to-One
or
Server
.
End This is the ending inside global IP address (IGA). This field is
N/A
for
Oneto-One
,
Many-to-One
and
Server types
.
One-to-One
0.0.0.0
N/A
0.0.0.0
N/A
21-8 NAT
Prestige 660R ADSL 2+ Access Gateway
Table 21-4 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set
Server
Mapping Set
Only available when
Type
is set to
Server
.
Type a number from 1 to 10 to choose a server set from menu 15.2.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
21.4 Configuring a Server behind NAT
Follow these steps to configure a server behind NAT:
Step 1.
Enter 15 in the main menu to go to
Menu 15 - NAT Setup.
Step 2.
Enter 2 to display
Menu 15.2 - NAT Server Sets
as shown next.
Menu 15.2 - NAT Server Sets
1. Server Set 1 (Used for SUA Only)
2. Server Set 2
3. Server Set 3
4. Server Set 4
5. Server Set 5
6. Server Set 6
7. Server Set 7
8. Server Set 8
9. Server Set 9
10. Server Set 10
Enter Set Number to Edit:
Figure 21-8 Menu 15.2 NAT Server Setup
Step 3.
Enter 1 to go to
Menu 15.2.1 NAT Server Setup
as follows.
NAT 21-9
Prestige 660R ADSL 2+ Access Gateway
Menu 15.2 - NAT Server Setup
Rule Start Port No. End Port No. IP Address
---------------------------------------------------
1. Default Default 0.0.0.0
2. 21 21 192.168.1.33
3. 0 0 0.0.0.0
4. 0 0 0.0.0.0
5. 0 0 0.0.0.0
6. 0 0 0.0.0.0
7. 0 0 0.0.0.0
8. 0 0 0.0.0.0
9. 0 0 0.0.0.0
10. 0 0 0.0.0.0
11. 0 0 0.0.0.0
12. 0 0 0.0.0.0
Press ENTER to Confirm or ESC to Cancel:
Figure 21-9 Menu 15.2.1 NAT Server Setup
Step 4.
Enter a port number in an unused
Start Port No
field. To forward only one port, enter it again in the
End Port No
field. To specify a range of ports, enter the last port to be forwarded in the
End
Port No
field.
Step 5.
Enter the inside IP address of the server in the
IP Address
field. In the following figure, you have a computer acting as an FTP, Telnet and SMTP server (ports 21, 23 and 25) at 192.168.1.33.
Step 6.
Press [ENTER] at the “Press ENTER to confirm …” prompt to save your configuration after you define all the servers or press [ESC] at any time to cancel.
21-10 NAT
Prestige 660R ADSL 2+ Access Gateway
Figure 21-10 Multiple Servers Behind NAT Example
21.5 General NAT Examples
The following are some examples of NAT configuration.
21.5.1 Example 1: Internet Access Only
In the following Internet access example, you only need one rule where your ILAs (Inside Local addresses) all map to one dynamic IGA (Inside Global Address) assigned by your ISP.
NAT
Figure 21-11 NAT Example 1
21-11
Prestige 660R ADSL 2+ Access Gateway
Menu 4 - Internet Access Setup
ISP's Name= MyISP
Encapsulation= RFC 1483
Multiplexing= LLC-based
VPI #= 8
VCI #= 35
ATM QoS Type= UBR
Peak Cell Rate (PCR)= 0
Sustain Cell Rate (SCR)= 0
Maximum Burst Size (MBS)= 0
My Login= N/A
My Password= N/A
ENET ENCAP Gateway= N/A
IP Address Assignment= Static
IP Address= 0.0.0.0
Network Address Translation= SUA Only
Address Mapping Set= N/A
Press ENTER to Confirm or ESC to Cancel:
Figure 21-12 Menu 4 Internet Access & NAT Example
From menu 4, choose the
SUA Only
option from the
Network Address Translation
field. This is the
Many-to-One mapping discussed in
section 21.5.
The
SUA Only
read-only option from the
Network
Address Translation
field in menus 4 and 11.3 is specifically pre-configured to handle this case.
21.5.2 Example 2: Internet Access with an Inside Server
Figure 21-13 NAT Example 2
In this case, you do exactly as above (use the convenient pre-configured
SUA Only
set) and also go to menu
15.2 to specify the Inside Server behind the NAT as shown in the next figure.
21-12 NAT
Prestige 660R ADSL 2+ Access Gateway
Menu 15.2.1 - NAT Server Setup (Used for SUA Only)
Rule Start Port No. End Port No. IP Address
---------------------------------------------------
1. Default Default 192.168.1.10
2. 0 0 0.0.0.0
3. 0 0 0.0.0.0
4. 0 0 0.0.0.0
5. 0 0 0.0.0.0
6. 0 0 0.0.0.0
7. 0 0 0.0.0.0
8. 0 0 0.0.0.0
9. 0 0 0.0.0.0
10. 0 0 0.0.0.0
11. 0 0 0.0.0.0
12. 0 0 0.0.0.0
Press ENTER to Confirm or ESC to Cancel:
Figure 21-14 Menu 15.2.1 Specifying an Inside Server
21.5.3 Example 3: Multiple Public IP Addresses With Inside Servers
In this example, there are 3 IGAs from our ISP. There are many departments but two have their own FTP server. All departments share the same router. The example will reserve one IGA for each department with an FTP server and all departments use the other IGA. Map the FTP servers to the first two IGAs and the other LAN traffic to the remaining IGA. Map the third IGA to an inside web server and mail server. Four rules need to be configured, two bi-directional and two unidirectional as follows.
Rule 1.
Map the first IGA to the first inside FTP server for FTP traffic in both directions (
1 : 1
mapping, giving both local and global IP addresses).
Rule 2.
Map the second IGA to our second inside FTP server for FTP traffic in both directions (
1 : 1
mapping, giving both local and global IP addresses).
Rule 3.
Map the other outgoing LAN traffic to IGA3 (
Many : 1
mapping).
Rule 4.
You also map your third IGA to the web server and mail server on the LAN. Type
Server
allows you to specify multiple servers, of different types, to other computers behind NAT on the LAN.
The example situation looks somewhat like this:
NAT 21-13
Prestige 660R ADSL 2+ Access Gateway
Figure 21-15 NAT Example 3
Step 1.
In this case you need to configure Address Mapping Set 1 from
Menu 15.1 - Address Mapping
Sets.
Therefore you must choose the
Full Feature
option from the
Network Address
Translation
field (in menu 4 or menu 11.3) in
Figure 21-16
.
Step 2.
Then enter 15 from the main menu.
Step 3.
Enter 1 to configure the Address Mapping Sets.
Step 4.
Enter 1 to begin configuring this new set. Enter a Set Name, choose the
Edit Action
and then enter 1 for the
Select Rule
field. Press [ENTER] to confirm.
Step 5.
Select
Type
as
One-to-One
(direct mapping for packets going both ways) , and enter the local
Start IP
as 192.168.1.10 (the IP address of FTP Server 1), the global
Start IP
as 10.132.50.1 (our first IGA). (See
Figure 21-17).
Step 6.
Repeat the previous step for rules 2 to 4 as outlined above.
Step 7.
When finished, menu 15.1.1 should look like as shown in
Figure 21-18
.
21-14 NAT
Prestige 660R ADSL 2+ Access Gateway
Menu 11.3 - Remote Node Network Layer Options
IP Options: Bridge Options:
IP Address Assignment= Static Ethernet Addr Timeout (min)= 0
Rem IP Addr: 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= 0.0.0.0
NAT= Full Feature
Address Mapping Set= 2
Metric= 2
Private= No
RIP Direction= Both
Version= RIP-2B
Multicast= IGMP-v2
IP Policies=
Press ENTER to Confirm or ESC to Cancel:
Figure 21-16 Example 3: Menu 11.3
The following figures show how to configure the first rule
Menu 15.1.1.1 Address Mapping Rule
Type= One-to-One
Local IP:
Start= 192.168.1.10
End = N/A
Global IP:
Start= 10.132.50.1
End = N/A
Server Mapping Set= N/A
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 21-17 Example 3: Menu 15.1.1.1
NAT 21-15
Prestige 660R ADSL 2+ Access Gateway
Menu 15.1.1 - Address Mapping Rules
Set Name= Example3
Idx Local Start IP Local End IP Global Start IP Global End IP Type
--- --------------- --------------- --------------- --------------- ------
1. 192.168.1.10 10.132.50.1 1-1
2 192.168.1.11 10.132.50.2 1-1
3. 0.0.0.0 255.255.255.255 10.132.50.3 M-1
4. 10.132.50.3 Server
5.
6.
7.
8.
9.
10.
Action= Edit Select Rule=
Press ENTER to Confirm or ESC to Cancel:
Figure 21-18 Example 3: Final Menu 15.1.1
Now configure the IGA3 to map to our web server and mail server on the LAN.
Step 8.
Enter 15 from the main menu.
Step 9.
Enter 2 in
Menu 15 - NAT Setup
.
Step 10.
Enter 1 in
Menu 15.2 - NAT Server Sets
to see the following menu. Configure it as shown.
21-16 NAT
Prestige 660R ADSL 2+ Access Gateway
Menu 15.2.1 - NAT Server Setup
Rule Start Port No. End Port No. IP Address
---------------------------------------------------
1. Default Default 0.0.0.0
2. 80 80 192.168.1.21
3. 25 25 192.168.1.20
4. 0 0 0.0.0.0
5. 0 0 0.0.0.0
6. 0 0 0.0.0.0
7. 0 0 0.0.0.0
8. 0 0 0.0.0.0
9. 0 0 0.0.0.0
10. 0 0 0.0.0.0
11. 0 0 0.0.0.0
12. 0 0 0.0.0.0
Press ENTER to Confirm or ESC to Cancel:
Example 3: Menu 15.2.1
21.5.4 Example 4: NAT Unfriendly Application Programs
Some applications do not support NAT Mapping using TCP or UDP port address translation. In this case it is better to use
Many-to-Many No Overload
mapping as port numbers do
not
change for
Many-to-Many
No Overload
(and
One-to-One
) NAT mapping types. The following figure illustrates this.
NAT
Figure 21-19 NAT Example 4
21-17
Prestige 660R ADSL 2+ Access Gateway
Other applications such as some gaming programs are NAT unfriendly because they embed addressing information in the data stream. These applications won’t work through NAT even when using
One-to-One
and
Many-to-Many No Overload
mapping types.
Follow the steps outlined in example 3 to configure these two menus as follows.
Menu 15.1.1.1 Address Mapping Rule
Type= Many-to-Many No Overload
Local IP:
Start= 192.168.1.10
End = 192.168.1.12
Global IP:
Start= 10.132.50.1
End = 10.132.50.3
Server Mapping Set= N/A
Press ENTER to Confirm or ESC to Cancel:
Figure 21-20 Example 4: Menu 15.1.1.1 Address Mapping Rule
After you’ve configured your rule, you should be able to check the settings in menu 15.1.1 as shown next.
Menu 15.1.1 - Address Mapping Rules
Set Name= Example4
Idx Local Start IP Local End IP Global Start IP Global End IP Type
--- --------------- --------------- --------------- --------------- ------
1. 192.168.1.10 192.168.1.12 10.132.50.1 10.132.50.3 M:M NO OV
2.
3.
4.
5.
6.
7.
8.
9.
10.
Action= Edit Select Rule=
Press ENTER to Confirm or ESC to Cancel:
Figure 21-21 Example 4: Menu 15.1.1 Address Mapping Rules
21-18 NAT
SMT Advanced Management
Part VII:
SMT Advanced Management
This part discusses filtering setup, SNMP, system information and diagnosis, firmware and configuration file maintenance, system maintenance, remote management, IP Policy Routing and call scheduling.
See the web configurator parts of this guide for background information on features configurable by web configurator and SMT.
VII
Prestige 660R ADSL 2+ Access Gateway
Chapter 22
Filter Configuration
This chapter shows you how to create and apply filters.
22.1 About Filtering
Your Prestige uses filters to decide whether or not to allow passage of a data packet and/or to make a call.
There are two types of filter applications: data filtering and call filtering. Filters are subdivided into device and protocol filters, which are discussed later.
Data filtering screens data to determine if the packet should be allowed to pass. Data filters are divided into incoming and outgoing filters, depending on the direction of the packet relative to a port. Data filtering can be applied on either the WAN side or the Ethernet side. Call filtering is used to determine if a packet should be allowed to trigger a call.
Outgoing packets must undergo data filtering before they encounter call filtering. Call filters are divided into two groups, the built-in call filters and user-defined call filters. Your Prestige has built-in call filters that prevent administrative, for example, RIP packets from triggering calls. These filters are always enabled and not accessible to you. Your Prestige applies the built-in filters first and then the user-defined call filters, if applicable, as shown next.
Filter Configuration 22-1
Prestige 660R ADSL 2+ Access Gateway
Outgoing
Packet
Data
No match
Match
Built-in default
Call Filters
Match
Call Filtering
No match
User-defined
Call Filters
(if applicable)
Match
No match
Active Data
Initiate call if line not up
Send packet and reset
Idle Timer
Drop packet
Drop packet if line not up
Or
Drop packet if line not up
Or
Send packet but do not reset
Idle Timer
Send packet but do not reset
Idle Timer
Figure 22-1 Outgoing Packet Filtering Process
Two sets of factory filter rules have been configured in menu 21 to prevent NetBIOS traffic from triggering calls. A summary of their filter rules is shown in the figures that follow.
The following figure illustrates the logic flow when executing a filter rule.
22-2 Filter Configuration
Fetch Next
Filter Set
Yes
Next Filter Set
Available?
No
Filter Set
Prestige 660R ADSL 2+ Access Gateway
Start
Packet intoFilter
Fetch First
Filter Set
Fetch First
Filter Rule
Fetch Next
Filter Rule
Yes
Next filter
Rule
Available?
No
Active?
Yes
No
Execute
Filter Rule
Check
Next
Rule
Forward
Drop
Drop Packet Accept Packet
Figure 22-2 Filter Rule Process
You can apply up to four filter sets to a particular port to block various types of packets. Because each filter set can have up to six rules, you can have a maximum of 24 rules active for a single port.
Filter Configuration 22-3
Prestige 660R ADSL 2+ Access Gateway
For incoming packets, your Prestige applies data filters only. Packets are processed depending on whether a match is found. The following sections describe how to configure filter sets.
The Filter Structure of the Prestige
A filter set consists of one or more filter rules. Usually, you would group related rules, for example, all the rules for NetBIOS, into a single set and give it a descriptive name. You can configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system.
22.2 Configuring a Filter Set for the Prestige
To configure a filter set, follow the steps shown next.
Step 1.
Enter 21 in the main menu to display
Menu 21 - Filter Set Configuration
as shown next.
Menu 21 - Filter Set Configuration
Filter Filter
Set # Comments Set # Comments
------ ----------------- ------ -----------------
1 _______________ 7 _______________
2 NetBIOS_WAN 8 _______________
3 NetBIOS_LAN 9 _______________
4 _______________ 10 _______________
5 _______________ 11 WebSet1
6 _______________ 12 WebSet2
Enter Filter Set Number to Configure= 0
Edit Comments= N/A
Press ENTER to Confirm or ESC to Cancel:
Figure 22-3 Menu 21 Filter Set Configuration
Step 2.
Type the filter set to configure (no. 1 to 12) and press [ENTER]
.
Step 3.
Type a descriptive name or comment in the
Edit Comments
field and press [ ENTER ].
Step 4.
Press [ENTER] at the message
“
Press ENTER to confirm…” to display
Menu 21.1 – Filter
Rules Summary
(that is, if you selected filter set 1 in menu 21).
22-4 Filter Configuration
Prestige 660R ADSL 2+ Access Gateway
Menu 21.2 - Filter Rules Summary
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N
2 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=138 N D N
3 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=139 N D N
4 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N
5 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=138 N D N
6 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=139 N D F
Enter Filter Rule Number (1-6) to Configure:
Figure 22-4 NetBIOS_WAN Filter Rules Summary
Menu 21.3 - Filter Rules Summary
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 Y IP Pr=17, SA=0.0.0.0, SP=137, DA=0.0.0.0, DP=53 N D F
2 N
3 N
4 N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure:
Figure 22-5 NetBIOS_LAN Filter Rules Summary
Menu 21.4 - Filter Rules Summary
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 Y Gen Off=0, Len=3, Mask=ffffff, Value=01005e N D F
2 N
3 N
4 N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure:
Figure 22-6 IGMP Filter Rules Summary
Filter Configuration 22-5
Prestige 660R ADSL 2+ Access Gateway
22.3 Filter Rules Summary Menus
The following tables briefly describe the abbreviations used in menus 21.1 and 21.2.
Table 22-1 Abbreviations Used in the Filter Rules Summary Menu
#
FIELD DESCRIPTION
The filter rule number: 1 to 6.
A
Type
Active: “Y” means the rule is active. “N” means the rule is inactive.
The type of filter rule: “GEN” for Generic, “IP” for TCP/IP.
Filter Rules These parameters are displayed here.
M More.
“Y” means there are more rules to check which form a rule chain with the present rule.
An action cannot be taken until the rule chain is complete.
“N” means there are no more rules to check. You can specify an action to be taken for instance, forward the packet, drop the packet or check the next rule. For the latter, the next rule is independent of the rule just checked. n
“F” means to forward the packet immediately and skip checking the remaining rules.
“D” means to drop the packet.
“N“ means to check the next rule.
Action Not Matched.
“F” means to forward the packet immediately and skip checking the remaining rules.
“D” means to drop the packet.
“N” means to check the next rule.
The protocol dependent filter rules abbreviation are listed as follows:
Table 22-2 Rule Abbreviations Used
FILTER TYPE DESCRIPTION
IP
Pr Protocol
SP Source Port Number
22-6 Filter Configuration
Prestige 660R ADSL 2+ Access Gateway
Table 22-2 Rule Abbreviations Used
FILTER TYPE DESCRIPTION
DP Destination Port Number
GEN
Off Offset
Len Length
22.4 Configuring a Filter Rule
To configure a filter rule, type its number in
Menu 21.x – Filter Rules Summary
and press [ENTER] to open menu 21.x.1 for the rule.
There are two types of filter rules:
TCP/IP
and
Generic
. Depending on the type of rule, the parameters for each type will be different. Use [SPACE BAR] to select the type of rule that you want to create in the
Filter
Type
field and press
[ENTER]
to open the respective menu.
To speed up filtering, all rules in a filter set must be of the same class, for instance, protocol filters or generic filters. The class of a filter set is determined by the first rule that you create. When applying the filter sets to a port, separate menu fields are provided for protocol and device filter sets. If you include a protocol filter set in a device filters field or vice versa, the Prestige will warn you and will not allow you to save.
22.4.1 TCP/IP Filter Rule
This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on the fields in the IP and the upper layer protocol, for example, UDP and TCP headers.
To configure TCP/IP rules, select TCP/IP Filter Rule from the
Filter Type
field and press
[ENTER]
to open
Menu 21.x.1 – TCP/IP Filter Rule
, as shown next.
Filter Configuration 22-7
Prestige 660R ADSL 2+ Access Gateway
Menu 21.1.1 - TCP/IP Filter Rule
Filter #: 1,1
Filter Type= TCP/IP Filter Rule
Active= No
IP Protocol= 0 IP Source Route= No
Destination: IP Addr=
IP Mask=
Port #=
Port # Comp= None
Source: IP Addr=
IP Mask=
Port #=
Port # Comp= None
TCP Estab= N/A
More= No Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 22-7 Menu 21.x.1 TCP/IP Filter Rule
The following table describes how to configure your TCP/IP filter rule.
Table 22-3 Menu 21.x.1 TCP/IP Filter Rule
Filter #
Filter Type
Active
This is the filter set, filter rule coordinates, for instance, 2, 3 refers to the second filter set and the third filter rule of that set.
Use [SPACE BAR] and then [ENTER] to choose a rule.
Parameters displayed for each type will be different. Choices are
TCP/IP Filter Rule
or
Generic Filter Rule
.
Select
Yes
to activate or
No
to deactivate the filter rule.
1,1
TCP/IP Filter Rule
No
(default)
0 to 255 IP Protocol
IP Source Route
This is the upper layer protocol, for example, TCP is 6, UDP is 17 and ICMP is 1. The value must be between 0 and 255.
A value of O matches ANY protocol.
IP Source Route is an optional header that dictates the route an IP packet takes from its source to its destination. If
Yes
, the rule applies to any packet with an IP source route. The majority of IP packets do not have source route.
Destination:
No
(default)
22-8 Filter Configuration
Prestige 660R ADSL 2+ Access Gateway
Table 22-3 Menu 21.x.1 TCP/IP Filter Rule
IP Addr Type the destination IP address of the packet you want to filter. This field is ignored if it is 0.0.0.0.
IP Mask Type the IP mask to apply to the Destination: IP Addr field.
Port # Type the destination port of the packets you want to filter.
The field range is 0 to 65535. A 0 field is ignored.
Port # Comp Select the comparison to apply to the destination port in the packet against the value given in
Destination: Port #.
Choices are
None
,
Less
,
Greater
,
Equal
or
Not Equal
.
Source:
IP Addr Type the source IP Address of the packet you want to filter.
A 0.0.0.0 field is ignored.
IP Mask Type the IP mask to apply to the
Source: IP Addr
field.
Port # Type the source port of the packets you want to filter. The range of this field is 0 to 65535. A 0 field is ignored.
Port # Comp Select the comparison to apply to the source port in the packet against the value given in
Source: Port #
field.
Choices are
None
,
Less
,
Greater
,
Equal
or
Not Equal
.
TCP Estab This applies only when the IP Protocol field is 6, TCP. If
Yes
, the rule matches packets that want to establish TCP connection(s) (SYN=1 and ACK=0); else it is ignored.
More If
Yes
, a matching packet is passed to the next filter rule before an action is taken or else the packet is disposed of according to the action fields.
If
More
is
Yes
, then
Action Matched
and
Action Not
Matched
will be N/A.
Log Select the logging option from the following:
None
– No packets will be logged.
Action Matched
– Only packets that match the rule parameters will be logged.
Action Not Matched
– Only packets that do not match the rule parameters will be logged.
Both
– All packets will be logged.
Filter Configuration
None
22-9
IP address
IP mask
0 to 65535
None
IP address
IP mask
0 to 65535
None
No
(default)
No
(default)
Prestige 660R ADSL 2+ Access Gateway
Table 22-3 Menu 21.x.1 TCP/IP Filter Rule
Action Matched Select the action for a matching packet. Choices are
Check
Next Rule
,
Forward
or
Drop
.
Action Not Matched Select the action for a packet not matching the rule. Choices are
Check Next Rule
,
Forward
or
Drop
.
Check Next Rule
(default)
Check Next Rule
(default)
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
The following figure illustrates the logic flow of an IP filter.
22-10 Filter Configuration
Prestige 660R ADSL 2+ Access Gateway
Packet into IP Filter
Filter Active?
Yes
Apply SrcAddrMask to Src Addr
No
Check Src
IP Addr
Matched
Apply DestAddrMask to Dest Addr
Not Matched
Check Dest
IP Addr
Matched
Check
IP Protocol
Matched
Check Src &
Dest Port
Matched
More?
Not Matched
Not Matched
Not Matched
Yes
No
Action Matched
Check Next Rule
Check Next Rule
Action Not Matched
Drop Forward
Drop
Drop Packet
Forward
Check Next Rule
Figure 22-8 Executing an IP Filter
Accept Packet
Filter Configuration 22-11
Prestige 660R ADSL 2+ Access Gateway
22.4.2 Generic Filter Rule
This section shows you how to configure a generic filter rule. The purpose of generic rules is to allow you to filter non-IP packets. For IP, it is generally easier to use the IP rules directly.
For generic rules, the Prestige treats a packet as a byte stream as opposed to an IP packet. You specify the portion of the packet to check with the
Offset
(from 0) and the
Length
fields, both in bytes. The Prestige applies the Mask (bit-wise ANDing) to the data portion before comparing the result against the Value to determine a match. The
Mask
and
Value
fields are specified in hexadecimal numbers. Note that it takes two hexadecimal digits to represent a byte, so if the length is 4, the value in either field will take 8 digits, for example, FFFFFFFF.
To configure a generic rule select an empty filter set in menu 21, for example 5. Select
Generic Filter
Rule
in the
Filter Type
field and press [ENTER] to open
Menu 21.5.1
–
Generic Filter Rule
, as shown in the following figure.
Menu 21.5.1 - Generic Filter Rule
Filter #: 5,1
Filter Type= Generic Filter Rule
Active= No
Offset= 0
Length= 0
Mask= N/A
Value= N/A
More= No Log= None
Action Matched= Check Next Rule
Action Not Matched= Check Next Rule
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 22-9 Menu 21.5.1 Generic Filter Rule
The next table describes the fields in the Generic Filter Rule menu.
22-12 Filter Configuration
Prestige 660R ADSL 2+ Access Gateway
Table 22-4 Menu 21.5.1 Generic Filter Rule
FIELD DESCRIPTION EXAMPLE
Filter # This is the filter set, filter rule coordinates, for instance, 2, 3 refers to the second filter set and the third rule of that set.
5,1
Filter Type
Active
Press [SPACE BAR] and then [ENTER] to select a type of rule.
Parameters displayed below each type will be different. Choices are
Generic Filter Rule
or
TCP/IP Filter Rule
.
Select
Yes
to turn on or
No
to turn off the filter rule.
Generic Filter
Rule
Offset
Length
Type the starting byte of the data portion in the packet that you want to compare. The range for this field is from 0 to 255.
Type the byte count of the data portion in the packet that you want to compare. The range for this field is 0 to 8.
No
(default)
0
(default)
0
(default)
Mask
Value
More
Type the mask (in Hexadecimal) to apply to the data portion before comparison.
Type the value (in Hexadecimal) to compare with the data portion.
If
Yes
, a matching packet is passed to the next filter rule before an action is taken or else the packet is disposed of according to the action fields.
If
More
is
Yes
, then
Action Matched
and
Action Not Matched
will be
N/A
.
No
(default)
Log Select the logging option from the following:
None
– No packets will be logged.
Action Matched
– Only matching packets and rules will be logged.
Action Not Matched
– Only packets that do not match the rule parameters will be logged.
Both
– All packets will be logged.
Select the action for a matching packet. Choices are
Check Next Rule
,
Forward
or
Drop
.
None
Action
Matched
Check Next
Rule
(default)
Action Not
Matched
Select the action for a packet not matching the rule. Choices are
Next Rule
,
Forward
or
Drop
.
Check Check Next
Rule
(default)
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
Filter Configuration 22-13
Prestige 660R ADSL 2+ Access Gateway
22.5 Filter Types and NAT
There are two classes of filter rules,
Generic Filter
Device rules and Protocol Filter (
TCP/IP
) rules. Generic
Filter rules act on the raw data from/to LAN and WAN. Protocol Filter rules act on IP packets.
When NAT (Network Address Translation) is enabled, the inside IP address and port number are replaced on a connection-by-connection basis, which makes it impossible to know the exact address and port on the wire. Therefore, the Prestige applies the protocol filters to the “native” IP address and port number before
NAT for outgoing packets and after NAT for incoming packets. On the other hand, the generic (or device) filters are applied to the raw packets that appear on the wire. They are applied at the point where the Prestige is receiving and sending the packets; for instance, the interface. The interface can be an Ethernet, or any other hardware port. The following figure illustrates this.
Figure 22-10 Protocol and Device Filter Sets
22.6 Example Filter
Let’s look at an example to block outside users from telnetting into the Prestige.
22-14 Filter Configuration
Prestige 660R ADSL 2+ Access Gateway
Figure 22-11 Sample Telnet Filter
Step 1.
Enter 21 in the main menu to display
Menu 21 - Filter Set Configuration
.
Step 2.
Enter the index number of the filter set you want to configure (in this case 6)
.
Step 3.
Type a descriptive name or comment in the
Edit Comments
field (for example, TELNET_WAN) and press [ENTER] .
Filter Configuration 22-15
Prestige 660R ADSL 2+ Access Gateway
Step 4.
Press [ENTER] at the message
“
Press [ENTER] to confirm or [ESC] to cancel” to open
Menu
21.6
—
Filter Rules Summary
.
Step 5.
Type 1 to configure the first filter rule. Make the entries in this menu as shown next.
When you press [ENTER] to confirm, the following screen appears. Note that there is only one filter rule in this set.
Port #= 23
Port # Comp= Equal
Source: IP Addr= 0.0.0.0
IP Mask= 0.0.0.0
Port #=
Port # Comp= Equal
TCP Estab= No
More= No Log= None
Action Matched= Drop
Action Not Matched= Forward
Menu 21.6.1 - TCP/IP Filter Rule
Filter #: 6,1
Filter Type= TCP/IP Filter Rule
Active= Yes
IP Protocol= 6 IP Source Route= No
Destination: IP Addr= 0.0.0.0
IP Mask= 0.0.0.0
Press ENTER to Confirm or ESC to Cancel:
There are no more rules to check.
Select
Equal
here as we are looking for packets going to port 23 only.
Press [SPACE BAR] to choose this filter rule type. The first filter rule type determines all subsequent filter types within a set.
Select
Yes
to make the rule active.
6
is the TCP protocol.
The port number for the telnet service (TCP protocol) is
23
. See
RFC-1060 for port numbers of wellknown services.
Select
Drop
here so that the packet will be dropped if its destination is the telnet port.
Select
Forward
here so that the packet will be forwarded if its destination is not the telnet port and there are no more rules in this filter set to check. Select
Next
if there are more rules to check.
Figure 22-12 Menu 21.6.1 Sample Filter
22-16 Filter Configuration
Prestige 660R ADSL 2+ Access Gateway
Menu 21.6 - Filter Rules Summary
# A Type Filter Rules M m n
- - ---- --------------------------------------------------------------- - - -
1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D F
2 N
3 N
4 N
5 N
6 N
Enter Filter Rule Number (1-6) to Configure: 1
This shows you that you have configured and activated (
A = Y
) a
TCP/IP filter rule (
Type = IP
,
Pr = 6
) for destination telnet ports (
DP =
23
).
M = N
means an action can be taken immediately.
The action is to drop the packet (
m = D
) if the action is matched and to forward the packet immediately (
n = F
) if the action is not matched no matter whether there are more rules to be checked (there aren’t in this example).
Figure 22-13 Menu 21.6 Sample Filter Rules Summary
After you have created the filter set, you must apply it.
Step 1.
Enter 11 in the main menu to display menu 11 and type the remote node number to edit.
Step 2.
Go to the
Edit Filter Sets
field, press [SPACE BAR] to choose
Yes
and press [ENTER] .
Step 3.
This brings you to menu 11.5. Apply the example filter set (for example, filter set 3) in this menu as shown in the next section.
22.7 Applying Filters and Factory Defaults
This section shows you where to apply the filter(s) after you design it (them). Sets of factory default filter rules have been configured in menu 21 (but have not been applied) to filter traffic.
Filter Configuration 22-17
Prestige 660R ADSL 2+ Access Gateway
Table 22-5 Filter Sets Table
FILTER SETS DESCRIPTION
Input Filter Sets: Apply filters for incoming traffic. You may apply protocol or device filter rules. See earlier in this chapter for information on filters.
Output Filter Sets: Apply filters for traffic leaving the Prestige. You may apply filter rules for protocol or device filters. See earlier in this section for information on types of filters.
Call Filter Sets: Apply filters to decide if a packet should be allowed to trigger a call.
22.7.1 Ethernet Traffic
You seldom need to filter Ethernet traffic; however, the filter sets may be useful to block certain packets, reduce traffic and prevent security breaches. Go to menu 3.1 (shown next) and type the number(s) of the filter set(s) that you want to apply as appropriate. You can choose up to four filter sets (from twelve) by typing their numbers separated by commas, for example, 3, 4, 6, 11. The factory default filter set,
NetBIOS_LAN, is inserted in the
protocol filters
field under
Input Filter Sets
in menu 3.1 in order to prevent local NetBIOS messages from triggering calls to the DNS server.
Menu 3.1 – LAN Port Filter Setup
Input Filter Sets: protocol filters= device filters=
Output Filter Sets:
3 protocol filters= device filters=
Press ENTER to Confirm or ESC to Cancel:
Apply filter 3 to block NETBIOS traffic from the
LAN.
Figure 22-14 Filtering Ethernet Traffic
22.7.2 Remote Node Filters
Go to menu 11.5 (shown next) and type the number(s) of the filter set(s) as appropriate. You can cascade up to four filter sets by typing their numbers separated by commas. The factory default filter set,
NetBIOS_WAN, is inserted in the
protocol filters
field under
Call Filter Sets
in menu 11.5 to block local
NetBIOS traffic from triggering calls to the ISP.
22-18 Filter Configuration
Prestige 660R ADSL 2+ Access Gateway
Menu 11.5 - Remote Node Filter
Input Filter Sets:
protocol filters= 6
device filters=
Output Filter Sets:
protocol filters= 2
device filters=
Call Filter Sets:
Protocol filters=
Device filters=
Enter here to CONFIRM or ESC to CANCEL:
Apply filter 6 to block
Tel, FTP and Web traffic from the WAN.
Apply filter 2 to block
NETBIOS traffic to the WAN.
Figure 22-15 Filtering Remote Node Traffic
Note that call filter sets are visible when you select PPPoA or PPPoE encapsulation.
Filter Configuration 22-19
Prestige 660R ADSL 2+ Access Gateway
Chapter 23
SNMP Configuration
This chapter explains SNMP Configuration menu 22.
23.1 About SNMP
Simple Network Management Protocol is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your Prestige supports SNMP agent functionality, which allows a manager station to manage and monitor the Prestige through the network. The
Prestige supports SNMP version one (SNMPv1) and version two c (SNMPv2c). The next figure illustrates an SNMP management operation. SNMP is only available if TCP/IP is configured.
Figure 23-1 SNMP Management Model
An SNMP managed network consists of two main components: agents and a manager.
SNMP Configuration 23-1
Prestige 660R ADSL 2+ Access Gateway
An agent is a management software module that resides in a managed device (the Prestige). An agent translates the local management information from the managed device into a form compatible with SNMP.
The manager is the console through which network administrators perform network management functions.
It executes applications that control and monitor managed devices.
The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include the number of packets received, node port status etc.
A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects.
SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations:
•
Get - Allows the manager to retrieve an object variable from the agent.
•
GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent. In
SNMPv1, when a manager wants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext operations.
•
Set - Allows the manager to set values for object variables within an agent.
•
Trap - Used by the agent to inform the manager of some events.
23.2 Supported MIBs
The Prestige supports RFC-1215 and MIB II as defined in RFC-1213 as well as ZyXEL private MIBs. The focus of the MIBs is to let administrators collect statistic data and monitor status and performance.
23.3 SNMP Configuration
To configure SNMP, select option 22 from the main menu to open
Menu 22 — SNMP Configuration
as shown next. The “community” for Get, Set and Trap fields is SNMP terminology for password.
Prestige 660R ADSL 2+ Access Gateway
Menu 22 - SNMP Configuration
SNMP:
Get Community= public
Set Community= public
Trusted Host= 0.0.0.0
Trap:
Community= public
Destination= 0.0.0.0
Press ENTER to Confirm or ESC to Cancel:
Figure 23-2 Menu 22 SNMP Configuration
The following table describes the SNMP configuration parameters.
Table 23-1 Menu 22 SNMP Configuration
SNMP:
Get Community
Set Community
Type the
Get Community
, which is the password for the incoming
Get- and GetNext requests from the management station.
Type the
Set
community, which is the password for incoming Set requests from the management station.
Trusted Host If you enter a trusted host, your Prestige will only respond to SNMP messages from this address. A blank (default) field means your
Prestige will respond to all SNMP messages it receives, regardless of source.
Trap:
Community Type the trap community, which is the password sent with each trap to the SNMP manager.
Destination Type the IP address of the station to send your SNMP traps to. public public
0.0.0.0 public
0.0.0.0
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
SNMP Configuration 23-3
Prestige 660R ADSL 2+ Access Gateway
23.4 SNMP Traps
The Prestige will send traps to the SNMP manager when any one of the following events occurs:
Table 23-2 SNMP Traps
TRAP # TRAP NAME
1 coldStart )
6 whyReboot (defined in ZYXEL-
MIB)
DESCRIPTION
A trap is sent after booting (power on).
2 warmStart ) A trap is sent after booting (software reboot).
3 linkDown ) A trap is sent with the port number when any of the links are down. See the following table.
4 linkUp ) A trap is sent with the port number.
5 authenticationFailure
RFC-1215
)
A trap is sent to the manager when receiving any SNMP gets or sets requirements with wrong community
(password).
A trap is sent with the reason of restart before rebooting when the system is going to restart (warm start).
6a For intentional reboot : A trap is sent with the message "System reboot by user!" if reboot is done intentionally, (for example, download new files, CI command "sys reboot", etc.).
The port number is its interface index under the interface group.
Table 23-3 Ports and Permanent Virtual Circuits
PORT PVC (PERMANENT VIRTUAL CIRCUIT)
2 1
3 2
… …
13 12
14 xDSL
Prestige 660R ADSL 2+ Access Gateway
Chapter 24
System Information and Diagnosis
This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4.
These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software. This chapter describes how to use these tools in detail.
Type 24 in the main menu to open
Menu 24
–
System Maintenance
, as shown in the following figure.
Menu 24 - System Maintenance
1. System Status
2. System Information and Console Port Speed
3. Log and Trace
4. Diagnostic
5. Backup Configuration
6. Restore Configuration
7. Upload Firmware
8. Command Interpreter Mode
Control
10. Time and Date Setting
11. Remote Management
Enter Menu Selection Number:
Figure 24-1 Menu 24 System Maintenance
24.1 System Status
The first selection, System Status gives you information on the status and statistics of the ports, as shown next. System Status is a tool that can be used to monitor your Prestige. Specifically, it gives you information on your ADSL telephone line status, number of packets sent and received.
To get to System Status, type 24 to go to
Menu 24
—
System Maintenance.
From this menu, type 1
.
System Status
. There are two commands in
Menu 24.1
—
System Maintenance
—
Status
. Entering 1 resets the counters; [ESC] takes you back to the previous screen.
The following table describes the fields present in
Menu 24.1
—
System Maintenance
—
Status
which are read-only and meant for diagnostic purposes.
System Information and Diagnosis 24-1
Prestige 660R ADSL 2+ Access Gateway
Menu 24.1 - System Maintenance - Status 02:19:33
Sat. Jan. 01, 2000
Node-Lnk Status TxPkts RxPkts Errors Tx B/s Rx B/s Up Time
1-PPPoE Idle 0 0 0 0 0 0:00:00
2 N/A 0 0 0 0 0 0:00:00
3 N/A 0 0 0 0 0 0:00:00
4 N/A 0 0 0 0 0 0:00:00
5 N/A 0 0 0 0 0 0:00:00
6 N/A 0 0 0 0 0 0:00:00
7 N/A 0 0 0 0 0 0:00:00
8 N/A 0 0 0 0 0 0:00:00
My WAN IP (from ISP): 0.0.0.0
Ethernet: WAN:
Status: 100M/Full Duplex Tx Pkts: 1683 Line Status: Down
Collisions: 0 Rx Pkts: 2640 Upstream Speed: 0 kbps
CPU Load = 1.67% Downstream Speed: 0 kbps
Press Command:
COMMANDS: 1-Reset Counters ESC-Exit
Figure 24-2 Menu 24.1 System Maintenance : Status
The following table describes the fields present in
Menu 24.1
—
System Maintenance
—
Status
.
Table 24-1 Menu 24.1 System Maintenance : Status
FIELD DESCRIPTION
Node-Lnk This is the node index number and link type. Link types are: PPP, ENET, 1483.
Status This shows the status of the remote node.
TxPkts
RxPkts
Errors
Tx B/s
The number of transmitted packets to this remote node.
The number of received packets from this remote node.
The number of error packets on this connection.
This shows the transmission rate in bytes per second.
Rx B/s
Up Time
My WAN IP
(from ISP)
This shows the receiving rate in bytes per second.
This is the time this channel has been connected to the current remote node.
This is the IP address of the ISP remote node.
Ethernet This shows statistics for the LAN.
Status This shows the current status of the LAN.
24-2 System Information and Diagnosis
Prestige 660R ADSL 2+ Access Gateway
Table 24-1 Menu 24.1 System Maintenance : Status
FIELD DESCRIPTION
Tx Pkts This is the number of transmitted packets to the LAN.
Rx Pkts This is the number of received packets from the LAN.
Collision This is the number of collisions.
WAN This shows statistics for the WAN.
Line Status This shows the current status of the xDSL line, which can be Up or Down.
Upstream
Speed
This shows the upstream transfer rate in kbps.
Downstream
Speed
CPU Load
This shows the downstream transfer rate in kbps.
This specifies the percentage of CPU utilization.
24.2 System Information
To get to the System Information:
Step 1.
Enter 24 to display
Menu 24
—
System Maintenance
.
Step 2.
Enter 2 to display
Menu 24.2
—
System Information and Console Port Speed
.
Step 3.
From this menu you have two choices as shown in the next figure:
Menu 24.2 - System Information and Console Port Speed
1. System Information
2. Console Port Speed
Please enter selection:
Figure 24-3 Menu 24.2 System Information and Console Port Speed
The Prestige has an internal console port for support personnel only. Do not open the Prestige as it will void your warranty.
24.2.1 System Information
Enter 1 in menu 24.2 to display the screen shown next.
System Information and Diagnosis 24-3
Prestige 660R ADSL 2+ Access Gateway
Menu 24.2.1 - System Maintenance - Information
Name:
Routing: IP
ZyNOS F/W Version: V3.40(QG.0)b2 | 2/23/2004
ADSL Chipset Vendor: TI AR7 01.01.00.00
Standard: Multi-Mode
LAN
Ethernet Address: 00:a0:c5:77:90:8b
IP Address: 192.168.1.1
IP Mask: 255.255.255.0
DHCP: Server
Press ESC or RETURN to Exit:
Figure 24-4 Menu 24.2.1 System Maintenance : Information
The following table describes the fields in this menu.
Table 24-2 Menu 24.2.1 System Maintenance : Information
Name
FIELD DESCRIPTION
Displays the system name of your Prestige. This information can be changed in
Menu 1 – General Setup
.
Routing
ZyNOS F/W Version
Refers to the routing protocol used.
Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications
Corporation.
ADSL Chipset Vendor Displays the vendor of the ADSL chipset and DSL version.
Standard This refers to the operational protocol the Prestige and the DSLAM (Digital
Subscriber Line Access Multiplexer) are using.
LAN
Ethernet Address Refers to the Ethernet MAC (Media Access Control) of your Prestige.
IP Address This is the IP address of the Prestige in dotted decimal notation.
IP Mask This shows the subnet mask of the Prestige.
DHCP This field shows the DHCP setting (None, Relay or Server) of the Prestige.
24-4 System Information and Diagnosis
Prestige 660R ADSL 2+ Access Gateway
24.2.2 Console Port Speed
You can set up different port speeds for the console port through
Menu 24.2.2 – System Maintenance –
Console Port Speed
. Your Prestige supports 9600 (default), 19200, 38400, 57600 and 115200 bps. Press
[ SPACE BAR ] and then [ENTER] to select the desired speed in menu 24.2.2, as shown in the following figure.
Menu 24.2.2 – System Maintenance – Change Console Port Speed
Console Port Speed: 9600
Press ENTER to Confirm or ESC to Cancel:
Figure 24-5 Menu 24.2.2 System Maintenance : Change Console Port Speed
Once you change the Prestige consol port speed, you must also set the speed parameter for the communication software you are using to connect to the
Prestige.
24.3 Log and Trace
There are two logging facilities in the Prestige. The first is the error logs and trace records that are stored locally. The second is the UNIX syslog facility for message logging.
24.3.1 Viewing Error Log
The first place you should look for clues when something goes wrong is the error log. Follow the procedures to view the local error/trace log:
Step 1.
Type 24 in the main menu to display
Menu 24
–
System Maintenance
.
Step 2.
From menu 24, type 3 to display
Menu 24.3
–
System Maintenance
–
Log and Trace
.
Menu 24.3 - System Maintenance - Log and Trace
1. View Error Log
2. UNIX Syslog
Please enter selection
Figure 24-6 Menu 24.3 System Maintenance : Log and Trace
System Information and Diagnosis 24-5
Prestige 660R ADSL 2+ Access Gateway
Step 3.
Enter 1 from
Menu 24.3
—
System Maintenance
—
Log and Trace
to display the error log in the system.
After the Prestige finishes displaying the error log, you will have the option to clear it. Samples of typical error and information messages are presented in the next figure.
58 Sat Jan 01 02:16:07 2000 PP0a -WARN SNMP TRAP 3: link up
59 Sat Jan 01 02:16:07 2000 PP10 WARN netMakeChannDial: err=-3001 rn_p=94441328
60 Sat Jan 01 02:16:39 2000 PP12 WARN Last errorlog repeat 6 Times
61 Sat Jan 01 02:16:39 2000 PP12 INFO SMT Password pass
62 Sat Jan 01 02:16:39 2000 PP01 INFO SMT Session Begin
63 Sat Jan 01 02:17:24 2000 PP10 WARN netMakeChannDial: err=-3001 rn_p=94441328
Clear Error Log (y/n):
Figure 24-7 Sample Error and Information Messages
24.3.2 Syslog and Accounting
The Prestige uses the UNIX syslog facility to log the CDR (Call Detail Record) and system messages to a syslog server. Syslog and accounting can be configured in
Menu 24.3.2
—
System Maintenance
—
UNIX
Syslog
, as shown next.
Menu 24.3.2 - System Maintenance - UNIX Syslog
UNIX Syslog:
Active= No
Syslog IP Address= ?
Log Facility= Local 1
Types:
CDR= No
Packet Triggered= No
Filter Log= No
PPP Log= No
Press ENTER to Confirm or ESC to Cancel:
Figure 24-8 Menu 24.3.2 System Maintenance : Syslog and Accounting
You need to configure the UNIX syslog parameters described in the following table to activate syslog then choose what you want to log.
Table 24-3 Menu 24.3.2 System Maintenance : Syslog and Accounting
PARAMETER DESCRIPTION
UNIX Syslog:
24-6 System Information and Diagnosis
Prestige 660R ADSL 2+ Access Gateway
Table 24-3 Menu 24.3.2 System Maintenance : Syslog and Accounting
PARAMETER DESCRIPTION
Active Use [SPACE BAR] and then [ENTER] to turn syslog on or off.
Syslog IP Address Type the IP address of your syslog server.
Log Facility Use [SPACE BAR] and then [ENTER] to select one of seven different local options.
The log facility lets you log the message in different server files. Refer to your UNIX manual.
Types:
CDR Call Detail Record (CDR) logs all data phone line activity if set to
Yes
.
Packet Triggered The first 48 bytes or octets and protocol type of the triggering packet is sent to the
UNIX syslog server when this field is set to
Yes
.
Filter Log No filters are logged when this field is set to
No
. Filters with the individual filter Log
Filter field set to
Yes
are logged when this field is set to
Yes
.
PPP Log PPP events are logged when this field is set to
Yes
.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
The following are examples of the four types of syslog messages sent by the Prestige:
1 - CDR
SdcmdSyslogSend ( SYSLOG_CDR, SYSLOG_INFO, String);
String = board xx line xx channel xx, call xx, str board = the hardware board ID line = the WAN ID in a board
Channel = channel ID within the WAN call = the call reference number which starts from 1 and increments by 1 for each new call str = C01 Outgoing Call dev xx ch xx (dev:device No. ch:channel No.)
C01 Incoming Call xxxxBps xxxxx (L2TP, xxxxx = Remote Call ID)
C01 Incoming Call xxxx (= connected speed) xxxxx (= Remote Call ID)
L02 Tunnel Connected (L2TP)
C02 OutCall Connected xxxx (= connected speed) xxxxx (= Remote Call ID)
C02 CLID call refused
L02 Call Terminated
C02 Call Terminated
Jul 19 11:19:27 192.168.102.2 ZYXEL: board 0 line 0 channel 0, call 1, C01 Outgoing Call dev=2 ch=0
40002
Jul 19 11:19:32 192.168.102.2 ZYXEL: board 0 line 0 channel 0, call 1, C02 OutCall Connected 64000
40002
Jul 19 11:20:06 192.168.102.2 ZYXEL: board 0 line 0 channel 0, call 1, C02 Call Terminated
2 - Packet Triggered
SdcmdSyslogSend (SYSLOG_PKTTRI, SYSLOG_NOTICE, String);
String = Packet trigger: Protocol=xx Data=xxxxxxxxxx…..x
Protocol: (1:IP 2:IPX 3:IPXHC 4:BPDU 5:ATALK 6:IPNG)
Data: We will send forty-eight Hex characters to the server
Jul 19 11:28:39 192.168.102.2 ZYXEL: Packet Trigger: Protocol=1,
System Information and Diagnosis 24-7
Prestige 660R ADSL 2+ Access Gateway
Data=4500003c100100001f010004c0a86614ca849a7b08004a5c020001006162636465666768696a6b6c6d6e6f70717273
74
Jul 19 11:28:56 192.168.102.2 ZYXEL: Packet Trigger: Protocol=1,
Data=4500002c1b0140001f06b50ec0a86614ca849a7b0427001700195b3e00000000600220008cd40000020405b4
Jul 19 11:29:06 192.168.102.2 ZYXEL: Packet Trigger: Protocol=1,
Data=45000028240140001f06ac12c0a86614ca849a7b0427001700195b451d1430135004000077600000
3 - Filter Log
SdcmdSyslogSend (SYSLOG_FILLOG, SYSLOG_NOTICE, String);
String = IP[Src=xx.xx.xx.xx Dst=xx.xx.xx.xx prot spo=xxxx dpo=xxxx] S04>R01mD
IP[…] is the packet header and S04>R01mD means filter set 4 (S) and rule 1 (R), match (m), drop
(D).
Src: Source Address
Dst: Destination Address prot: Protocol (“TCP”, ”UDP”, ”ICMP”) spo: Source port dpo: Destination port
Jul 19 14:43:55 192.168.102.2 ZYXEL: IP [Src=202.132.154.123 Dst=255.255.255.255 UDP spo=0208 dpo=0208]} S03>R01mF
Jul 19 14:44:00 192.168.102.2 ZYXEL: IP [Src=192.168.102.20 Dst=202.132.154.1 UDP spo=05d4 dpo=0035]} S03>R01mF
Jul 19 14:44:04 192.168.102.2 ZYXEL: IP [Src=192.168.102.20 Dst=202.132.154.1 UDP spo=05d4 dpo=0035]} S03>R01mF
4 - PPP Log
SdcmdSyslogSend (SYSLOG_PPPLOG, SYSLOG_NOTICE, String);
String = ppp:Proto Starting / ppp:Proto Opening / ppp:Proto Closing / ppp:Proto Shutdown
Proto = LCP / ATCP / BACP / BCP / CBCP / CCP / CHAP/ PAP / IPCP / IPXCP
Jul 19 11:42:44 192.168.102.2 ZYXEL: ppp:LCP Closing
Jul 19 11:42:49 192.168.102.2 ZYXEL: ppp:IPCP Closing
Jul 19 11:42:54 192.168.102.2 ZYXEL: ppp:CCP Closing
24.4 Diagnostic
The diagnostic facility allows you to test the different aspects of your Prestige to determine if it is working properly. Menu 24.4 allows you to choose among various types of diagnostic tests to evaluate your system, as shown in the following figure.
Follow the procedure next to get to Diagnostic:
Step 1.
From the main menu, type 24 to open
Menu 24 – System Maintenance
.
Step 2.
From this menu, type 4. Diagnostic to open
Menu 24.4
–
System Maintenance
–
Diagnostic
.
24-8 System Information and Diagnosis
Prestige 660R ADSL 2+ Access Gateway
Menu 24.4 - System Maintenance - Diagnostic
xDSL System
1. Reset xDSL 21. Reboot System
22. Command Mode
TCP/IP
12. Ping Host
Enter Menu Selection Number:
Host IP Address= N/A
Figure 24-9 Menu 24.4 System Maintenance : Diagnostic
The following table describes the diagnostic tests available in menu 24.4 for and the connections.
Table 24-4 Menu 24.4 System Maintenance Menu : Diagnostic
FIELD DESCRIPTION
Reset xDSL Re-initialize the xDSL link to the telephone company.
Ping Host
Reboot System
Ping the host to see if the links and TCP/IP protocol on both systems are working.
Reboot the Prestige.
Command Mode Type the mode to test and diagnose your Prestige using specified commands.
Host IP Address If you typed 12 to Ping Host, now type the address of the computer you want to ping.
System Information and Diagnosis 24-9
Prestige 660R ADSL 2+ Access Gateway
Chapter 25
Firmware and Configuration File
Maintenance
This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files.
25.1 Filename Conventions
The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password, DHCP Setup, TCP/IP Setup, etc. It arrives from ZyXEL with a “rom” filename extension.
Once you have customized the Prestige's settings, they can be saved back to your computer under a filename of your choosing.
ZyNOS (ZyXEL Network Operating System sometimes referred to as the “ras” file) is the system firmware and has a “bin” filename extension. With many FTP and TFTP clients, the filenames are similar to those seen next.
Only use firmware for your Prestige’s specific model. Refer to the label on the bottom of your Prestige.
ftp> put firmware.bin ras
This is a sample FTP session showing the transfer of the computer file " firmware.bin" to the Prestige. ftp> get rom-0 config.cfg
This is a sample FTP session saving the current configuration to the computer file “config.cfg”.
If your (T)FTP client does not allow you to have a destination filename different than the source, you will need to rename them as the Prestige only recognizes “rom-0” and “ras”. Be sure you keep unaltered copies of both files for later use.
The following table is a summary. Please note that the internal filename refers to the filename on the Prestige and the external filename refers to the filename not on the Prestige, that is, on your computer, local network or FTP site and so the name (but not the extension) may vary. After uploading new firmware, see the
ZyNOS
F/W Version
field in
Menu 24.2.1 – System Maintenance – Information
to confirm that you have uploaded the correct firmware version. The AT command is the command you enter after you press “y” when prompted in the SMT menu to go into debug mode.
Firmware and Configuration File Maintenance 25-1
Prestige 660R ADSL 2+ Access Gateway
FILE TYPE
Configuration
File
Firmware
Table 25-1 Filename Conventions
INTERNAL NAME
Rom-0
Ras
EXTERNAL NAME
This is the configuration filename on the Prestige.
Uploading the rom-0 file replaces the entire ROM file system, including your Prestige configurations, system-related data (including the default password), the error log and the trace log.
This is the generic name for the ZyNOS firmware on the Prestige.
DESCRIPTION
*.rom
*.bin
25.2 Backup Configuration
Option 5 from
Menu 24 – System Maintenance
allows you to backup the current Prestige configuration to your computer. Backup is highly recommended once your Prestige is functioning properly. FTP is the preferred methods for backing up your current configuration to your computer since they are faster. Any serial communications program should work fine; however, you must use Xmodem protocol to perform the download/upload and you don’t have to rename the files.
Please note that terms “download” and “upload” are relative to the computer. Download means to transfer from the Prestige to the computer, while upload means from your computer to the Prestige.
25.2.1 Backup Configuration
Follow the instructions as shown in the next screen.
Menu 24.5 - System Maintenance - Backup Configuration
To transfer the configuration file to your workstation, follow the procedure below:
1. Launch the FTP client on your workstation.
2. Type "open" and the IP address of your Prestige. Then type "root" and
SMT password as requested.
3. Locate the 'rom-0' file.
4. Type 'get rom-0' to back up the current Prestige configuration to
your workstation.
For details on FTP commands, please consult the documentation of your FTP client program. For details on backup using TFTP (note that you must remain in this menu to back up using TFTP), please see your Prestige manual.
Press ENTER to Exit:
Figure 25-1 Telnet in Menu 24.5
25-2 Firmware and Configuration File Maintenance
Prestige 660R ADSL 2+ Access Gateway
25.2.2 Using the FTP Command from the Command Line
Step 1.
Launch the FTP client on your computer.
Step 2.
Enter “open”, followed by a space and the IP address of your Prestige.
Step 3.
Press [ENTER] when prompted for a username.
Step 4.
Enter your password as requested (the default is “1234”).
Step 5.
Enter “bin” to set transfer mode to binary.
Step 6.
Use “get” to transfer files from the Prestige to the computer, for example, “get rom-0 config.rom” transfers the configuration file on the Prestige to your computer and renames it “config.rom”. See earlier in this chapter for more information on filename conventions.
Step 7.
Enter “quit” to exit the ftp prompt.
25.2.3 Example of FTP Commands from the Command Line
331 Enter PASS command
Password:
230 Logged in ftp> bin
200 Type I OK ftp> get rom-0 zyxel.rom
200 Port command okay
150 Opening data connection for STOR ras
226 File received OK ftp: 16384 bytes sent in 1.10Seconds 297.89Kbytes/sec. ftp> quit
Figure 25-2 FTP Session Example
25.2.4 GUI-based FTP Clients
The following table describes some of the commands that you may see in GUI-based FTP clients.
Table 25-2 General Commands for GUI-based FTP Clients
COMMAND DESCRIPTION
Host Address Enter the address of the host server.
Firmware and Configuration File Maintenance 25-3
Prestige 660R ADSL 2+ Access Gateway
Table 25-2 General Commands for GUI-based FTP Clients
COMMAND DESCRIPTION
Login Type Anonymous.
This is when a user I.D. and password is automatically supplied to the server for anonymous access. Anonymous logins will work only if your
ISP or service administrator has enabled this option.
Normal.
Transfer Type
The server requires a unique User ID and Password to login.
Transfer files in either ASCII (plain text format) or in binary mode.
Configuration and firmware files should be transferred in binary mode.
Initial Remote Directory Specify the default remote directory (path).
Initial Local Directory Specify the default local directory (path).
25.2.5 TFTP and FTP over WAN Management Limitations
TFTP, FTP and Telnet over WAN will not work when:
1. You have disabled Telnet service in menu 24.11.
2. You have applied a filter in menu 3.1 (LAN) or in menu 11.5 (WAN) to block Telnet service.
3. The IP address in the
Secured Client IP
field in menu 24.11 does not match the client IP. If it does not match, the Prestige will disconnect the Telnet session immediately.
4. You have an SMT console session running.
25.2.6 Backup Configuration Using TFTP
The Prestige supports the up/downloading of the firmware and the configuration file using TFTP (Trivial File
Transfer Protocol) over LAN. Although TFTP should work over WAN as well, it is not recommended.
To use TFTP, your computer must have both telnet and TFTP clients. To backup the configuration file, follow the procedure shown next.
Step 1.
Use telnet from your computer to connect to the Prestige and log in. Because TFTP does not have any security checks, the Prestige records the IP address of the telnet client and accepts TFTP requests only from this address.
Step 2.
Put the SMT in command interpreter (CI) mode by entering 8 in
Menu 24
–
System
Maintenance
.
25-4 Firmware and Configuration File Maintenance
Prestige 660R ADSL 2+ Access Gateway
Step 3.
Enter command “sys stdio 0” to disable the SMT timeout, so the TFTP transfer will not be interrupted. Enter command “sys stdio 5” to restore the five-minute SMT timeout (default) when the file transfer is complete.
Step 4.
Launch the TFTP client on your computer and connect to the Prestige. Set the transfer mode to binary before starting data transfer.
Step 5.
Use the TFTP client (see the example below) to transfer files between the Prestige and the computer. The file name for the configuration file is “rom-0” (rom-zero, not capital o).
Note that the telnet connection must be active and the SMT in CI mode before and during the TFTP transfer.
For details on TFTP commands (see following example), please consult the documentation of your TFTP client program. For UNIX, use “get” to transfer from the Prestige to the computer and “binary” to set binary transfer mode.
25.2.7 TFTP Command Example
The following is an example TFTP command: tftp [-i] host get rom-0 config.rom where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the
Prestige IP address, “get” transfers the file source on the Prestige (rom-0, name of the configuration file on the Prestige) to the file destination on the computer and renames it config.rom.
25.2.8 GUI-based TFTP Clients
The following table describes some of the fields that you may see in GUI-based TFTP clients.
Table 25-3 General Commands for GUI-based TFTP Clients
COMMAND DESCRIPTION
Host Enter the IP address of the Prestige. 192.168.1.1 is the Prestige’s default IP address when shipped.
Send/Fetch Use “Send” to upload the file to the Prestige and “Fetch” to back up the file on your computer.
Local File Enter the path and name of the firmware file (*.bin extension) or configuration file (*.rom extension) on your computer.
Remote File This is the filename on the Prestige. The filename for the firmware is “ras” and for the configuration file, is “rom-0”.
Binary
Abort
Transfer the file in binary mode.
Stop transfer of the file.
Firmware and Configuration File Maintenance 25-5
Prestige 660R ADSL 2+ Access Gateway
Refer to
section 25.2.5
to read about configurations that disallow TFTP and FTP over WAN.
25.3 Restore Configuration
This section shows you how to restore a previously saved configuration. Note that this function erases the current configuration before restoring a previous back up configuration; please do not attempt to restore unless you have a backup configuration file stored on disk.
FTP is the preferred method for restoring your current computer configuration to your Prestige since FTP is faster. Please note that you must wait for the system to automatically restart after the file transfer is complete.
WARNING!
DO NOT INTERRUPT THE FILE TRANSFER PROCESS AS THIS MAY
PERMANENTLY DAMAGE YOUR PRESTIGE.
25.3.1 Restore Using FTP
For details about backup using (T)FTP please refer to earlier sections on FTP and TFTP file upload in this chapter.
Menu 24.6 -- System Maintenance - Restore Configuration
To transfer the firmware and configuration file to your workstation, follow the procedure below:
1. Launch the FTP client on your workstation.
2. Type "open" and the IP address of your Prestige. Then type "root" and
SMT password as requested.
3. Type "put backupfilename rom-0" where backupfilename is the name of
your backup configuration file on your workstation and rom-0 is the
remote file name on the Prestige. This restores the configuration to
your Prestige.
4. The system reboots automatically after a successful file transfer
For details on FTP commands, please consult the documentation of your FTP client program. For details on backup using TFTP (note that you must remain in this menu to back up using TFTP), please see your Prestige manual.
Press ENTER to Exit:
Figure 25-3 Telnet into Menu 24.6
Step 1.
Launch the FTP client on your computer.
Step 2.
Enter “open”, followed by a space and the IP address of your Prestige.
Step 3.
Press [ENTER] when prompted for a username.
25-6 Firmware and Configuration File Maintenance
Prestige 660R ADSL 2+ Access Gateway
Step 4.
Enter your password as requested (the default is “1234”).
Step 5.
Enter “bin” to set transfer mode to binary.
Step 6.
Find the “rom” file (on your computer) that you want to restore to your Prestige.
Step 7.
Use “put” to transfer files from the Prestige to the computer, for example, “put config.rom rom-0” transfers the configuration file “config.rom” on your computer to the Prestige. See earlier in this chapter for more information on filename conventions.
Step 8.
Enter “quit” to exit the ftp prompt. The Prestige will automatically restart after a successful restore process.
25.3.2 Restore Using FTP Session Example
ftp> put config.rom rom-0
200 Port command okay
150 Opening data connection for STOR rom-0
226 File received OK
221 Goodbye for writing flash ftp: 16384 bytes sent in 0.06Seconds 273.07Kbytes/sec. ftp>quit
Figure 25-4 Restore Using FTP Session Example
Refer to
section 25.2.5
to read about configurations that disallow TFTP and FTP over WAN.
25.4 Uploading Firmware and Configuration Files
This section shows you how to upload firmware and configuration files. You can upload configuration files by following the procedure in the previous
Restore Configuration
section or by following the instructions in
Menu 24.7.2 – System Maintenance – Upload System Configuration File
.
WARNING!
DO NOT INTERRUPT THE FILE TRANSFER PROCESS AS THIS MAY
PERMANENTLY DAMAGE YOUR PRESTIGE.
25.4.1 Firmware File Upload
FTP is the preferred method for uploading the firmware and configuration. To use this feature, your computer must have an FTP client.
When you telnet into the Prestige, you will see the following screens for uploading firmware and the configuration file using FTP.
Firmware and Configuration File Maintenance 25-7
Prestige 660R ADSL 2+ Access Gateway
Menu 24.7.1 - System Maintenance - Upload System Firmware
To upload the system firmware, follow the procedure below:
1. Launch the FTP client on your workstation.
2. Type "open" and the IP address of your system. Then type "root" and
SMT password as requested.
3. Type "put firmware filename ras" where "firmwarefilename" is the name
of your firmware upgrade file on your workstation and "ras" is the
remote file name on the system.
4. The system reboots automatically after a successful firmware upload.
For details on FTP commands, please consult the documentation of your FTP client program. For details on uploading system firmware using TFTP (note that you must remain on this menu to upload system firmware using TFTP), please see your manual.
Press ENTER to Exit:
Figure 25-5 Telnet Into Menu 24.7.1 Upload System Firmware
25.4.2 Configuration File Upload
You see the following screen when you telnet into menu 24.7.2.
Menu 24.7.2 - System Maintenance - Upload System Configuration File
To upload the system configuration file, follow the procedure below:
1. Launch the FTP client on your workstation.
2. Type "open" and the IP address of your system. Then type "root" and
SMT password as requested.
3. Type "put configuration filename rom-0" where "configurationfilename"
is the name of your system configuration file on your workstation, which
will be transferred to the "rom-0" file on the system.
4. The system reboots automatically after the upload system configuration
file process is complete.
For details on FTP commands, please consult the documentation of your FTP client program. For details on uploading system firmware using TFTP (note that you must remain on this menu to upload system firmware using TFTP), please see your manual.
Press ENTER to Exit:
Figure 25-6 Telnet Into Menu 24.7.2 System Maintenance
To upload the firmware and the configuration file, follow these examples
25-8 Firmware and Configuration File Maintenance
Prestige 660R ADSL 2+ Access Gateway
25.4.3 FTP File Upload Command from the DOS Prompt Example
Step 1.
Launch the FTP client on your computer.
Step 2.
Enter “open”, followed by a space and the IP address of your Prestige.
Step 3.
Press [ENTER] when prompted for a username.
Step 4.
Enter your password as requested (the default is “1234”).
Step 5.
Enter “bin” to set transfer mode to binary.
Step 6.
Use “put” to transfer files from the computer to the Prestige, for example, “put firmware.bin ras” transfers the firmware on your computer (firmware.bin) to the Prestige and renames it “ras”.
Similarly, “put config.rom rom-0” transfers the configuration file on your computer (config.rom) to the Prestige and renames it “rom-0”. Likewise “get rom-0 config.rom” transfers the configuration file on the Prestige to your computer and renames it “config.rom.” See earlier in this chapter for more information on filename conventions.
Step 7.
Enter “quit” to exit the ftp prompt.
The Prestige automatically restarts after a successful file upload.
25.4.4 FTP Session Example of Firmware File Upload
331 Enter PASS command
Password:
230 Logged in ftp> bin
200 Type I OK ftp> put firmware.bin ras
200 Port command okay
150 Opening data connection for STOR ras
226 File received OK ftp: 1103936 bytes sent in 1.10Seconds 297.89Kbytes/sec. ftp> quit
Figure 25-7 FTP Session Example of Firmware File Upload
More commands (found in GUI-based FTP clients) are listed earlier in this chapter.
Refer to
section 25.2.5
to read about configurations that disallow TFTP and FTP over WAN.
25.4.5 TFTP File Upload
The Prestige also supports the uploading of firmware files using TFTP (Trivial File Transfer Protocol) over
LAN. Although TFTP should work over WAN as well, it is not recommended.
Firmware and Configuration File Maintenance 25-9
Prestige 660R ADSL 2+ Access Gateway
To use TFTP, your computer must have both telnet and TFTP clients. To transfer the firmware and the configuration file, follow the procedure shown next.
Step 1.
Use telnet from your computer to connect to the Prestige and log in. Because TFTP does not have any security checks, the Prestige records the IP address of the telnet client and accepts TFTP requests only from this address.
Step 2.
Put the SMT in command interpreter (CI) mode by entering 8 in
Menu 24 – System
Maintenance
.
Step 3.
Enter the command “sys stdio 0” to disable the console timeout, so the TFTP transfer will not be interrupted. Enter “command sys stdio 5” to restore the five-minute console timeout (default) when the file transfer is complete.
Step 4.
Launch the TFTP client on your computer and connect to the Prestige. Set the transfer mode to binary before starting data transfer.
Step 5.
Use the TFTP client (see the example below) to transfer files between the Prestige and the computer. The file name for the firmware is “ras”.
Note that the telnet connection must be active and the Prestige in CI mode before and during the TFTP transfer. For details on TFTP commands (see following example), please consult the documentation of your
TFTP client program. For UNIX, use “get” to transfer from the Prestige to the computer, “put” the other way around, and “binary” to set binary transfer mode.
25.4.6 TFTP Upload Command Example
The following is an example TFTP command: tftp [-i] host put firmware.bin ras where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the
Prestige’s IP address and “put” transfers the file source on the computer (firmware.bin – name of the firmware on the computer) to the file destination on the remote host (ras - name of the firmware on the
Prestige).
Commands that you may see in GUI-based TFTP clients are listed earlier in this chapter.
25-10 Firmware and Configuration File Maintenance
Prestige 660R ADSL 2+ Access Gateway
Chapter 26
System Maintenance
This chapter leads you through SMT menus 24.8 to 24.10.
26.1 Command Interpreter Mode
The Command Interpreter (CI) is a part of the main system firmware. The CI provides much of the same functionality as the SMT, while adding some low-level setup and diagnostic functions. Enter the CI from the
SMT by selecting menu 24.8. See the included disk or the zyxel.com web site for more detailed information on CI commands. Enter 8 from
Menu 24 — System Maintenance
. A list of valid commands can be found by typing help
or
?
at the command prompt. Type “exit” to return to the SMT main menu when finished.
Menu 24 - System Maintenance
1. System Status
2. System Information and Console Port Speed
3. Log and Trace
4. Diagnostic
5. Backup Configuration
6. Restore Configuration
7. Upload Firmware
8. Command Interpreter Mode
9. Call Control
10. Time and Date Setting
11. Remote Management
Enter Menu Selection Number:
Figure 26-1 Command Mode in Menu 24
System Maintenance 26-1
Prestige 660R ADSL 2+ Access Gateway
Copyright (c) 1994 - 2004 ZyXEL Communications Corp. ras> ?
Valid commands are: sys exit ether wan ip bridge lan ras>
Figure 26-2 Valid Commands
26.2 Call Control Support
Call Control Support is only applicable when
Encapsulation
is set to
PPPoE
in menu 4 or menu 11.1.
The budget management function allows you to set a limit on the total outgoing call time of the Prestige within certain times. When the total outgoing call time exceeds the limit, the current call will be dropped and any future outgoing calls will be blocked.
To access the call control menu, select option 9 in menu 24 to go to
Menu 24.9 — System Maintenance —
Call Control
, as shown in the next table.
Menu 24.9 - System Maintenance - Call Control
Enter Menu Selection Number:
Figure 26-3 Menu 24.9 System Maintenance : Call Control
26.2.1 Budget Management
Menu 24.9.1 shows the budget management statistics for outgoing calls. Enter 1 from
Menu 24.9 — System
Maintenance — Call Control
to bring up the following menu.
Prestige 660R ADSL 2+ Access Gateway
Remote Node
1.MyIsp
2.--------
3.--------
4.--------
5.--------
6.--------
7.--------
8.--------
Menu 24.9.1 - System Maintenance - Budget Management
Connection Time/Total Budget
No Budget
---
---
---
---
---
---
---
Elapsed Time/Total Period
Reset Node (0 to update screen):
No Budget
---
---
---
---
---
---
---
Figure 26-4 Menu 24.9.1 System Maintenance : Budget Management
The total budget is the time limit on the accumulated time for outgoing calls to a remote node. When this limit is reached, the call will be dropped and further outgoing calls to that remote node will be blocked. After each period, the total budget is reset. The default for the total budget is 0 minutes and the period is 0 hours, meaning no budget control. You can reset the accumulated connection time in this menu by entering the index of a remote node. Enter 0 to update the screen. The budget and the reset period can be configured in menu 11.1 for the remote node when PPPoE encapsulation is selected.
Table 26-1 Menu 24.9.1 System Maintenance : Budget Management
Remote Node
Connection Time/Total
Budget
Elapsed Time/Total
Period
Enter the index number of the remote node you want to reset (just one in this case)
This is the total connection time that has gone by
(within the allocated budget that you set in menu
11.1.
The period is the time cycle in hours that the allocation budget is reset (see menu 11.1.) The elapsed time is the time used up within this period.
1
5/10 means that 5 minutes out of a total allocation of 10 minutes have lapsed.
0.5/1 means that 30 minutes out of the 1 hour time period has lapsed.
Enter “0” to update the screen or press [ESC] to return to the previous screen.
System Maintenance 26-3
Prestige 660R ADSL 2+ Access Gateway
26.3 Time and Date Setting
The Prestige keeps track of the time and date. There is also a software mechanism to set the time manually or get the current time and date from an external server when you turn on your Prestige. Menu 24.10 allows you to update the time and date settings of your Prestige.
The real time is then displayed in the Prestige error logs.
Select menu 24 in the main menu to open
Menu 24 System Maintenance
, as shown next.
Menu 24 - System Maintenance
Status
2. System
3. Log and Trace
4. Diagnostic
5. Backup
6. Restore Configuration
7. Upload Firmware
8. Command Interpreter Mode
10. Time and Date Setting
11. Remote Management
Enter Menu Selection Number:
Figure 26-5 Menu 24 System Maintenance
Then enter 10 to go to
Menu 24.10 System Maintenance Time and Date Setting
to update the time and date settings of your Prestige as shown in the following screen.
Menu 24.10 - System Maintenance - Time and Date Setting
Use Time Server when Bootup= None
Time Server Address= N/A
Current Time: 00 : 00 : 00
New Time (hh:mm:ss): 11 : 23 : 16
Current Date: 2000 - 01 - 01
New Date (yyyy-mm-dd): 2001 - 03 - 01
Time Zone= GMT
Daylight Saving= No
Start Date (mm-dd): 01 – 00
End Date (mm_dd): 01 – 00
Press ENTER to Confirm or ESC to Cancel:
Figure 26-6 Menu 24.10 System Maintenance: Time and Date Setting
Prestige 660R ADSL 2+ Access Gateway
Table 26-2 Menu 24.10 System Maintenance: Time and Date Setting
FIELD DESCRIPTION
Use Time Server when Bootup
Enter the time service protocol that your time server sends when you turn on the
Prestige. Not all time servers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works.
The main differences between them are the format.
Daytime (RFC 867)
format is day/month/year/time zone of the server.
Time (RFC-868)
format displays a 4-byte integer giving the total number of seconds since 1970/1/1 at 0:0:0.
NTP (RFC-1305)
is similar to
Time (RFC-868)
.
None
. The default, enter the time manually.
Time Server
Address
Enter the IP address or domain name of your time server. Check with your
ISP/network administrator if you are unsure of this information.
Current Time
New Time
Current Date
New Date
Time Zone
This field displays an updated time only when you reenter this menu.
Enter the new time in hour, minute and second format.
This field displays an updated date only when you re-enter this menu.
Enter the new date in year, month and day format.
Press [SPACE BAR] and then [ENTER] to set the time difference between your time zone and Greenwich Mean Time (GMT).
Daylight Saving
Start Date
If you use daylight savings time, then choose
Yes
.
If using daylight savings time, enter the month and day that it starts on.
End Date If using daylight savings time, enter the month and day that it ends on
Once you have filled in this menu, press [ENTER] at the message “Press ENTER to Confirm or ESC to
Cancel“ to save your configuration, or press [ESC] to cancel.
26.3.1 Resetting the Time
The Prestige resets the time in three instances: i. On leaving menu 24.10 after making changes. ii. iii.
When the Prestige starts up, if there is a timeserver configured in menu 24.10.
24-hour intervals after starting.
System Maintenance 26-5
Prestige 660R ADSL 2+ Access Gateway
Chapter 27
Remote Management
This chapter covers remote management (SMT menu 24.11).
27.1 Remote Management Overview
Remote management allows you to determine which services/protocols can access which Prestige interface
(if any) from which computers.
27.2 Remote Management
To disable remote management of a service, select
Disable
in the corresponding
Server Access
field.
Enter 11 from menu 24 to display
Menu 24.11 — Remote Management Control
.
27.2.1 Remote Management Setup
You may manage your Prestige from a remote location via:
the Internet (
WAN only
), the
LAN only
,
All
(LAN and WAN) or
Disable
(neither).
WAN only (Internet) ALL (LAN and WAN)
LAN only Disable (Neither)
If you enable remote management of a service, but have applied a filter to block the service, then you will not be able to remotely manage the service.
Enter 11, from menu 24, to display
Menu 24.11 — Remote Management Control
(shown next).
Remote Management 27-1
Prestige 660R ADSL 2+ Access Gateway
Menu 24.11 - Remote Management Control
TELNET Server:
Server Port = 23 Server Access = LAN only
Secured Client IP = 0.0.0.0
FTP Server:
Server Port = 21 Server Access = LAN only
Secured Client IP = 0.0.0.0
Web Server:
Server Port = 80 Server Access = LAN only
Secured Client IP = 0.0.0.0
Press ENTER to Confirm or ESC to Cancel:
Figure 27-1 Menu 24.11 Remote Management Control
The following table describes the fields in this menu.
Table 27-1 Menu 24.11 Remote Management Control
Telnet Server
FTP Server
Web Server
Port
Each of these read-only labels denotes a service or protocol.
Access
This field shows the port number for the service or protocol. You may change the port number if needed, but you must use the same port number to access the Prestige.
Select the access interface (if any) by pressing the [SPACE BAR].
Choices are:
LAN only
,
WAN only
,
All
or
Disable
. The default is
LAN only
.
23
LAN only
Secured Client IP The default 0.0.0.0 allows any client to use this service or protocol to access the Prestige. Enter an IP address to restrict access to a client with a matching IP address.
0.0.0.0
Once you have filled in this menu, press [ENTER] at the message "Press ENTER to Confirm or ESC to
Cancel" to save your configuration, or press [ESC] to cancel.
27.2.2 Remote Management Limitations
Remote management over LAN or WAN will not work when:
Prestige 660R ADSL 2+ Access Gateway
1. A filter in menu 3.1 (LAN) or in menu 11.5 (WAN) is applied to block a Telnet, FTP or Web service.
2. You have disabled that service in menu 24.11.
3. The IP address in the
Secured Client IP
field (menu 24.11) does not match the client IP address. If it does not match, the Prestige will disconnect the session immediately.
4. There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time.
27.3 Remote Management and NAT
When NAT is enabled:
Use the Prestige’s WAN IP address when configuring from the WAN.
Use the Prestige’s LAN IP address when configuring from the LAN.
27.4 System Timeout
There is a default system management idle timeout of five minutes (three hundred seconds). The Prestige automatically logs you out if the management session remains idle for longer than this timeout period. The management session does not time out when it is continuously updating the status in menu 24.1
or when sys stdio
has been changed on the command line.
Remote Management 27-3
Prestige 660R ADSL 2+ Access Gateway
Chapter 28
IP Policy Routing
This chapter covers setting and applying policies used for IP routing.
28.1 IP Policy Routing Overview
Traditionally, routing is based on the destination address only and the IAD takes the shortest path to forward a packet. IP Routing Policy (IPPR) provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator. Policy-based routing is applied to incoming packets on a per interface basis, prior to the normal routing.
28.2 Benefits of IP Policy Routing
•
Source-Based Routing – Network administrators can use policy-based routing to direct traffic from different users through different connections.
•
Quality of Service (QoS) – Organizations can differentiate traffic by setting the precedence or TOS
(Type of Service) values in the IP header at the periphery of the network to enable the backbone to prioritize traffic.
•
Cost Savings – IPPR allows organizations to distribute interactive traffic on high-bandwidth, high-cost paths while using low-cost paths for batch traffic.
•
Load Sharing – Network administrators can use IPPR to distribute traffic among multiple paths.
28.3 Routing Policy
Individual routing policies are used as part of the overall IPPR process. A policy defines the matching criteria and the action to take when a packet meets the criteria. The action is taken only when all the criteria are met.
The criteria includes the source address and port, IP protocol (ICMP, UDP, TCP, etc.), destination address and port, TOS and precedence (fields in the IP header) and length. The inclusion of length criterion is to differentiate between interactive and bulk traffic. Interactive applications, for example, telnet, tend to have short packets, while bulk traffic, for example, file transfer, tends to have large packets.
The actions that can be taken include:
• routing the packet to a different gateway (and hence the outgoing interface).
• setting the TOS and precedence fields in the IP header.
IP Policy Routing 28-1
Prestige 660R ADSL 2+ Access Gateway
IPPR follows the existing packet filtering facility of RAS in style and in implementation. The policies are divided into sets, where related policies are grouped together. A user defines the policies before applying them to an interface or a remote node, in the same fashion as the filters. There are 12 policy sets with six policies in each set.
28.4 IP Routing Policy Setup
Menu 25 shows all the policies defined.
Menu 25 - IP Routing Policy Setup
Policy Policy
Set # Name Set # Name
------ ----------------- ------ -----------------
1 test 7 _______________
2 _______________ 8 _______________
3 _______________ 9 _______________
4 _______________ 10 _______________
5 _______________ 11 _______________
6 _______________ 12 _______________
Enter Policy Set Number to Configure= 0
Edit Name= N/A
Press ENTER to Confirm or ESC to Cancel:
Figure 28-1 Menu 25 IP Routing Policy Setup
To setup a routing policy, perform the following procedures:
Step 1.
Type 25 in the main menu to open
Menu 25 – IP Routing Policy Setup.
Step 2.
Type the index of the policy set you want to configure to open
Menu 25.1 – IP Routing Policy
Setup
.
Menu 25.1 shows the summary of a policy set, including the criteria and the action of a single policy, and whether a policy is active or not. Each policy contains two lines. The former part is the criteria of the incoming packet and the latter is the action. Between these two parts, separator “|” means the action is taken on criteria matched and separator “=” means the action is taken on criteria not matched.
28-2 IP Policy Routing
Prestige 660R ADSL 2+ Access Gateway
Menu 25.1 - IP Routing Policy Setup
# A Criteria/Action
- - --------------------------------------------------------------------------
1 Y SA=1.1.1.1-1.1.1.1,DA=2.2.2.2-2.2.2.5
SP=20-25,DP=20-25,P=6,T=NM,PR=0 |GW=192.168.1.1,T=MT,PR=0
2 N __________________________________________________________________________
__________________________________________________________________________
3 N __________________________________________________________________________
__________________________________________________________________________
4 N __________________________________________________________________________
__________________________________________________________________________
5 N __________________________________________________________________________
__________________________________________________________________________
6 N __________________________________________________________________________
__________________________________________________________________________
Enter Policy Rule Number (1-6) to Configure:
Figure 28-2 Menu 25.1 IP Routing Policy Setup
TABLE 28-1 MENU 25.1 IP ROUTING POLICY SETUP
ABBREVIATION MEANING
Criterion
SA Source IP Address
SP Source Port
DA Destination IP Address
DP Destination Port
P IP layer 4 protocol number (TCP=6, UDP=17…)
T Type of service of incoming packet
PR Precedence of incoming packet
Action
GW Gateway IP address
T Outgoing Type of service
P Outgoing Precedence
Service
NM Normal
MD Minimum Delay
MT Maximum Throughput
MR Maximum Reliability
MC Minimum Cost
IP Policy Routing 28-3
Prestige 660R ADSL 2+ Access Gateway
Type a number from 1 to 6 to display
Menu 25.1.1 – IP Routing Policy
(see the next figure).
This menu allows you to configure a policy rule.
Menu 25.1.1 - IP Routing Policy
Policy Set Name= test
Active= Yes
Criteria:
IP Protocol = 6
Type of Service= Normal
Precedence = 0
Source:
addr start= 1.1.1.1
port start= 20
Destination:
addr start= 2.2.2.2
port start= 20
Action= Matched
Gateway addr = 192.168.1.1
Len Comp= N/A end= 1.1.1.1 end= 20 end= 2.2.2.2 end= 20
Log= No
Type of Service= Max Thruput
Precedence = 0
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Packet length= 40
Figure 28-3 Menu 25.1.1 IP Routing Policy
The following table describes the fields in this menu.
Table 28-2 Menu 25.1.1 IP Routing Policy
FIELD DESCRIPTION
Policy Set Name This is the policy set name assigned in
Menu 25 – IP Routing Policy Setup
.
Active Press [SPACE BAR] and then [ENTER] to select
Yes
to activate or No to deactivate the policy. Inactive policies are displayed with a minus sign “-“ in SMT menu 25.
Criteria
IP Protocol IP layer 4 protocol, for example,
UDP
,
TCP
,
ICMP
, etc.
Type of Service
Precedence
Packet Length
Prioritize incoming network traffic by choosing from
Don’t Care
,
Normal
,
Min Delay
,
Max Thruput, Min Cost
or
Max Reliable
.
Precedence value of the incoming packet. Press [SPACE BAR] and then [ENTER] to select a value from
0
to
7
or
Don’t Care
.
Type the length of incoming packets (in bytes). The operators in the
Len Comp
(next field) apply to packets of this length.
28-4 IP Policy Routing
Prestige 660R ADSL 2+ Access Gateway
Table 28-2 Menu 25.1.1 IP Routing Policy
FIELD DESCRIPTION
Len Comp Press [SPACE BAR] and then [ENTER] to choose from
Greater
,
Less or Equal
or
Greater or Equal
.
Equal
,
Not Equal
,
Less
,
Source: addr start / end Source IP address range from start to end. port start / end Source port number range from start to end; applicable only for TCP/UDP.
Destination: addr start / end Destination IP address range from start to end. port start / end Destination port number range from start to end; applicable only for TCP/UDP.
Action Specifies whether action should be taken on criteria
Matched
or
Not Matched
.
Gateway addr
Type of Service
Defines the outgoing gateway address. The gateway must be on the same subnet as the Prestige if it is on the LAN, otherwise, the gateway must be the IP address of a remote node. The default gateway is specified as 0.0.0.0.
Set the new TOS value of the outgoing packet. Prioritize incoming network traffic by choosing
No Change
,
Normal
,
Min Delay
,
Max Thruput
,
Max Reliable
or
Min
Cost
.
Precedence
Log
Set the new outgoing packet precedence value. Values are
0
to
7
or
No Change
.
Press [SPACE BAR] and then [ENTER] to select
Yes
to make an entry in the system log when a policy is executed.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
28.5 Applying an IP Policy
This section shows you where to apply the IP policies after you design them.
28.5.1 Ethernet IP Policies
From
Menu 3
—
Ethernet Setup
, type 2 to go to
Menu 3.2
—
TCP/IP and DHCP Ethernet Setup
.
You can choose up to four IP policy sets (from 12) by typing their numbers separated by commas, for example, 2, 4, 7, 9.
IP Policy Routing 28-5
Prestige 660R ADSL 2+ Access Gateway
Menu 3.2 - TCP/IP and DHCP Ethernet Setup
DHCP Setup:
DHCP= None
Client IP Pool Starting Address= N/A
Size of Client IP Pool= N/A
Primary DNS Server= N/A
Secondary DNS Server= N/A
Remote DHCP Server= N/A
TCP/IP Setup:
IP Address= 192.168.1.1
IP Subnet Mask= 255.255.255.0
RIP Direction= Both
Version= RIP-2B
Multicast= IGMP-v2
IP Policies= 2,4,7,9
Edit IP Alias= No
Press ENTER to Confirm or ESC to Cancel:
Type IP
Policy sets here.
Figure 28-4 Menu 3.2 TCP/IP and DHCP Ethernet Setup
Go to menu 11.3 (shown next) and type the number(s) of the IP Routing Policy set(s) as appropriate. You can cascade up to four policy sets by typing their numbers separated by commas.
Menu 11.3 - Remote Node Network Layer Options
IP Options: Bridge Options:
IP Address Assignment= Static Ethernet Addr Timeout (min)= 0
Rem IP Addr: 0.0.0.0
Rem Subnet Mask= 0.0.0.0
My WAN Addr= 0.0.0.0
NAT= Full Feature
Address Mapping Set= 2
Metric= 2
Private= No
RIP Direction= Both
Version= RIP-2B
Multicast= IGMP-v2
IP Policies= 2,4,7,9
Type IP
Policy sets here.
Press ENTER to Confirm or ESC to Cancel:
Figure 28-5 Menu 11.3 Remote Node Network Layer Options
28.6 IP Policy Routing Example
If a network has both Internet and remote node connections, you can route Web packets to the Internet using one policy and route FTP packets to a remote network using another policy. See the next figure.
Route 1 represents the default IP route and route 2 represents the configured IP route.
28-6 IP Policy Routing
Prestige 660R ADSL 2+ Access Gateway
Figure 28-6 Example of IP Policy Routing
To force Web packets coming from clients with IP addresses of 192.168.1.33 to 192.168.1.64 to be routed to the Internet via the WAN port of the Prestige, follow the steps as shown next.
Step 1.
Create a routing policy set in menu 25.
Step 2.
Create a rule for this set in
Menu 25.1.1 — IP Routing Policy
as shown next.
IP Policy Routing 28-7
Prestige 660R ADSL 2+ Access Gateway
Menu 25.1.1 - IP Routing Policy
Policy Set Name= set1
Active= Yes
Criteria:
IP Protocol = 6
Type of Service= Don't Care
Precedence = Don't Care
Source:
Packet length= 10
Len Comp= N/A
addr start= 192.168.1.33 end= 192.168.1.64
port start= 0 end= N/A
Destination:
addr start= 0.0.0.0 end= N/A
port start= 80 end= 80
Action= Matched
Gateway addr = 192.168.1.1 Log= No
Type of Service= No Change
Precedence = No Change
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 28-7 IP Routing Policy Example
Step 3.
Check
Menu 25.1 — IP Routing Policy Setup
to see if the rule is added correctly.
Step 4.
Create another policy set in menu 25.
Step 5.
Create a rule in menu 25.1 for this set to route packets from any host (IP=0.0.0.0 means any host) with protocol TCP and port FTP access through another gateway (192.168.1.100).
28-8 IP Policy Routing
Prestige 660R ADSL 2+ Access Gateway
Menu 25.1.1 - IP Routing Policy
Policy Set Name= set2
Active= Yes
Criteria:
IP Protocol = 6
Type of Service= Don't Care Packet length= 10
Precedence = Don't Care
Source:
Len Comp= N/A
addr start= 0.0.0.0 end= N/A
port start= 0 end= N/A
Destination:
addr start= 0.0.0.0 end= N/A
port start= 20 end= 21
Action= Matched
Gateway addr =192.168.1.100
Log= No
Type of Service= No Change
Precedence = No Change
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 28-8 IP Routing Policy Example
Step 6.
Check
Menu 25.1 — IP Routing Policy Setup
to see if the rule is added correctly.
Step 7.
Apply both policy sets in menu 3.2 as shown next.
Menu 3.2 - TCP/IP and DHCP Ethernet Setup
DHCP Setup
DHCP= Server
Client IP Pool Starting Address= 192.168.1.33
Size of Client IP Pool= 64
Primary DNS Server= 0.0.0.0
Secondary DNS Server= 0.0.0.0
Remote DHCP Server= N/A
TCP/IP Setup:
IP Address= 192.168.1.1
IP Subnet Mask= 255.255.255.0
RIP Direction= Both
Version= RIP-1
Multicast= None
IP Policies= 1,2
Edit IP Alias= No
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Figure 28-9 Applying IP Policies Example
IP Policy Routing 28-9
Prestige 660R ADSL 2+ Access Gateway
Chapter 29
Call Scheduling
Call scheduling (applicable for PPPoA or PPPoE encapsulation only) allows you to dictate when a remote node should be called and for how long.
29.1 Introduction
The call scheduling feature allows the Prestige to manage a remote node and dictate when a remote node should be called and for how long. This feature is similar to the scheduler in a videocassette recorder (you can specify a time period for the VCR to record). You can apply up to 4 schedule sets in
Menu 11.1 —
Remote Node Profile
. From the main menu, enter 26 to access
Menu 26 — Schedule Setup
as shown next.
Schedule
Set #
------
1
2
3
4
5
6
Name
-----------------
______________
______________
______________
______________
______________
______________
Menu 26 - Schedule Setup
Schedule
Set #
------
7
8
9
10
11
12
Name
------------------
______________
______________
______________
______________
______________
______________
Enter Schedule Set Number to Configure=
Edit Name=
Press ENTER to Confirm or ESC to Cancel:
Figure 29-1 Menu 26 Schedule Setup
Lower numbered sets take precedence over higher numbered sets thereby avoiding scheduling conflicts. For example, if sets 1, 2 ,3 and 4 in are applied in the remote node then set 1 will take precedence over set 2, 3 and 4 as the Prestige, by default, applies the lowest numbered set first. Set 2 will take precedence over set 3 and 4, and so on.
You can design up to 12 schedule sets but you can only apply up to four schedule sets for a remote node.
Call Scheduling 29-1
Prestige 660R ADSL 2+ Access Gateway
To delete a schedule set, enter the set number and press
[SPACE BAR]
and then
[ENTER]
(or delete) in the
Edit Name
field.
To setup a schedule set, select the schedule set you want to setup from menu 26 (1-12) and press [ENTER] to see
Menu 26.1 — Schedule Set Setup
as shown next.
Menu 26.1 - Schedule Set Setup
Active= Yes
Start Date(yyyy/mm/dd) = 2000 – 01 - 01
How Often= Once
Once:
Date(yyyy/mm/dd)= 2000 – 01 - 01
Weekdays:
Sunday= N/A
Monday= N/A
Tuesday= N/A
Wednesday= N/A
Thursday= N/A
Friday= N/A
Saturday= N/A
Start Time (hh:mm)= 00 : 00
Duration (hh:mm)= 00 : 00
Action= Forced On
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle
Figure 29-2 Menu 26.1 Schedule Set Setup
If a connection has been already established, your Prestige will not drop it. Once the connection is dropped manually or it times out, then that remote node can't be triggered up until the end of the
Duration
.
Table 29-1 Menu 26.1 Schedule Set Setup
FIELD DESCRIPTION EXAMPLE
Active
Start Date
How Often
Press [SPACE BAR] to select
Yes
or
No
[ENTER] to activate the schedule set.
. Choose
Yes
and press
Enter the start date when you wish the set to take effect in year -monthdate format. Valid dates are from the present to 2036-February-5.
Should this schedule set recur weekly or be used just once only? Press the [SPACE BAR] and then [ENTER] to select
Once
or
Weekly
. Both these options are mutually exclusive. If
Once
is selected, then all weekday settings are
N/A
. When
Once
is selected, the schedule rule deletes automatically after the scheduled time elapses.
Yes
2000-01-01
Once
29-2 Call Scheduling
Prestige 660R ADSL 2+ Access Gateway
Table 29-1 Menu 26.1 Schedule Set Setup
FIELD DESCRIPTION EXAMPLE
Once:
Date
If you selected
Once
in the
How Often
field above, then enter the date the set should activate here in year-month-date format.
2000-01-01
Weekday:
Day
If you selected
Weekly
in the
How Often
field above, then select the day(s) when the set should activate (and recur) by going to that day(s) and pressing [SPACE BAR] to select
Yes
, then press [ENTER].
Yes
No
N/A
Start Time
Duration
Enter the start time when you wish the schedule set to take effect in hour-minute format.
The duration determines how long the Prestige is to apply the action configured in the
Action
field. Enter the maximum length of time in hour-minute format.
09:00
08:00
Action
Forced On
means that the connection is maintained whether or not there is a demand call on the line and will persist for the time period specified in the
Duration
field.
Forced Down
means that the connection is blocked whether or not there is a demand call on the line.
Enable Dial-On-Demand
means that this schedule permits a demand call on the line.
Disable Dial-On-Demand
means that this schedule prevents a demand call on the line.
Forced On
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
Once your schedule sets are configured, you must then apply them to the desired remote node(s). Enter 11 from the
Main Menu
and then enter the target remote node index. Using [SPACE BAR] , select
PPPoE
or
PPPoA
in the
Encapsulation
field and then press [ENTER] to make the schedule sets field available as shown next.
Call Scheduling 29-3
Prestige 660R ADSL 2+ Access Gateway
Menu 11.1 - Remote Node Profile
Rem Node Name= ChangeMe Route= IP
Active= Yes Bridge= No
Encapsulation= PPPoE Edit IP/Bridge= No
Multiplexing=VC-based
Service Name=
Incoming
Rem Login=
Rem Password= ********
Outgoing= Nailed-Up Connection= No
My Login=?
My Password= ********
Edit ATM Options= No
Telco Option:
Allocated Budget(min)= 0
Period(hr)= 0
Schedules= 1,2,3,4
Session Options:
Authen= CHAP/PAP Edit Filter Sets= No
Idle Timeout(sec)= 100
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Apply your schedule sets here.
Figure 29-3 Applying Schedule Set(s) to a Remote Node (PPPoE)
You can apply up to four schedule sets, separated by commas, for one remote node. Change the schedule set numbers to your preference(s).
29-4 Call Scheduling
Part VIII:
Appendices and Index
This part contains additional background information and an index or key terms.
VIII
Prestige 660R ADSL 2+ Access Gateway
Appendix A
Troubleshooting
This chapter covers potential problems and the corresponding remedies.
Problems Starting Up the Prestige
Chart A-1 Troubleshooting the Start-Up of Your Prestige
None of the
LEDs turn on when I turn on the Prestige.
Make sure that the Prestige’s power adaptor is connected to the Prestige and plugged in to an appropriate power source. Check that the Prestige and the power source are both turned on.
Turn the Prestige off and on.
If the error persists, you may have a hardware problem. In this case, you should contact your vendor.
Problems with the LAN LED
Chart A-2 Troubleshooting the LAN LED
The LAN LEDs do not turn on.
Check your Ethernet cable connections and type (refer to the
Read Me First
for details).
Check for faulty Ethernet cables.
Make sure your computer’s Ethernet Card is working properly.
Troubleshooting A-1
Prestige 660R ADSL 2+ Access Gateway
Problems with the DSL LED
Chart A-3 Troubleshooting the DSL LED
The xDSL LED is off. Check the telephone wire and connections between the Prestige DSL port and the wall jack.
Make sure that the telephone company has checked your phone line and set it up for
DSL service.
Reset your ADSL line to reinitialize your link to the DSLAM. For details, refer to the
Maintenance
chapter (web configurator) or the System Information and Diagnosis chapter (SMT).
Problems with the LAN Interface
Chart A-4 Troubleshooting the LAN Interface
I cannot access the
Prestige from the
LAN.
I cannot ping any computer on the
LAN.
If the 10M/100M LEDs on the front panel are both off, refer to
Chart A-2
Troubleshooting the LAN LED
.
Make sure that the IP address and the subnet mask of the Prestige and your computer(s) are on the same subnet.
If the 10M/100M LEDs on the front panel are both off, refer to
Chart A-2
Troubleshooting the LAN LED
.
Make sure that the IP address and the subnet mask of the Prestige and the computers are on the same subnet.
Problems with the WAN Interface
Chart A-5 Troubleshooting the WAN Interface
I cannot get a WAN
IP address from the
ISP.
The ISP provides the WAN IP address after authenticating you. Authentication may be through the user name and password, the MAC address or the host name.
The username and password apply to PPPoE and PPoA encapsulation only. Make sure that you have entered the correct
Service Type
,
User Name
and
Password
(be sure to use the correct casing). Refer to the
WAN Setup
chapter (web configurator) or the
Internet Access
chapter (SMT).
Prestige 660R ADSL 2+ Access Gateway
Problems with Internet Access
Chart A-6 Troubleshooting Internet Access
I cannot access the Internet.
Internet connection disconnects.
Make sure the Prestige is turned on and connected to the network.
If the DSL LED is off, refer to
Chart A-3 Troubleshooting the DSL LED
.
Verify your WAN settings. Refer to the
WAN Setup
chapter (web configurator) or the
Internet Access
chapter (SMT).
Make sure you entered the correct user name and password.
If you use PPPoE pass through, make sure that bridge is turned on. See the
Menu 1
General Setup
chapter for details.
For wireless stations, check that both the Prestige and wireless station(s) are using the same ESSID, channel and WEP keys (if WEP encryption is activated).
Check the schedule rules. Refer to the
Call Scheduling
chapter (SMT).
If you use PPPoA or PPPoE encapsulation, check the idle time-out setting. Refer to the
WAN
chapter (web configurator) or the
Remote Node Configuration
chapter (SMT).
Contact your ISP.
Problems with the Password
Chart A-7 Troubleshooting the Password
I cannot access the
Prestige.
The username is “admin”. The default password is “1234”. The
Password
and
Username
fields are case-sensitive. Make sure that you enter the correct password and username using the proper casing.
If you have changed the password and have now forgotten it, you will need to upload the default configuration file (Refer to the
Resetting the Prestige
section in the
Introducing the Web Configurator
chapter). This restores all of the factory defaults including the password.
Troubleshooting A-3
Prestige 660R ADSL 2+ Access Gateway
Problems with the Web Configurator
Chart A-8 Troubleshooting the Web Configurator
I cannot access the web configurator.
Refer to
Chart A-7 Troubleshooting the Password
.
Make sure that there is not an SMT console session running.
Check that you have enabled web service access. If you have configured a secured client IP address, your computer’s IP address must match it. Refer to the chapter on remote management for details.
For WAN access, you must configure remote management to allow server access from the Wan (or all). Refer to the chapters on remote management for details.
Your computer’s and the Prestige’s IP addresses must be on the same subnet for
LAN access.
If you changed the Prestige’s LAN IP address, then enter the new one as the URL.
Remove any filters in SMT menu 3.1 (LAN) or menu 11.5 (WAN) that block web service.
See also the
Problems with Remote Management
section.
Problems with Remote Management
Chart A-9 Troubleshooting Remote Management
I cannot remotely manage the
Prestige from the
LAN or WAN.
Refer to the
Remote Management Limitations
section in the
Firmware and
Configuration File Management
chapter (SMT) for scenarios when remote management may not be possible.
Use the Prestige’s WAN IP address when configuring from the WAN.
Use the Prestige’s LAN IP address when configuring from the LAN.
Refer to
Chart A-4 Troubleshooting the LAN Interface
for instructions on checking your LAN connection.
Refer to the
Problems with the WAN Interface
section for instructions on checking your WAN connection.
See also the
Problems with the Web Configurator
section.
Prestige 660R ADSL 2+ Access Gateway
Appendix B
IP Subnetting
IP Addressing
Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID.
IP Classes
An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example,
192.168.1.1. IP addresses are categorized into different classes. The class of an address depends on the value of its first octet.
Class “A” addresses have a 0 in the left most bit. In a class “A” address the first octet is the network number and the remaining three octets make up the host ID.
Class “B” addresses have a 1 in the left most bit and a 0 in the next left most bit. In a class “B” address the first two octets make up the network number and the two remaining octets make up the host ID.
Class “C” addresses begin (starting from the left) with 1 1 0. In a class “C” address the first three octets make up the network number and the last octet is the host ID.
Class “D” addresses begin with 1 1 1 0. Class “D” addresses are used for multicasting. (There is also a class “E” address. It is reserved for future use.)
IP ADDRESS:
Class A
Class B
Class C
0
10
110
Chart B-1 Classes of IP Addresses
OCTET 1
Network number
Network number
Network number
OCTET 2
Host ID
Network number
Network number
OCTET 3
Host ID
Host ID
Network number
OCTET 4
Host ID
Host ID
Host ID
Host IDs of all zeros or all ones are not allowed.
Therefore:
A class “C” network (8 host bits) can have 2
8
–2 or 254 hosts.
A class “B” address (16 host bits) can have 2
16
–2 or 65534 hosts.
IP Subnetting B-1
Prestige 660R ADSL 2+ Access Gateway
A class “A” address (24 host bits) can have 2
24
–2 hosts (approximately 16 million hosts).
Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127.
Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B” address has a valid range of 128 to 191. The first octet of a class “C” address begins with “110”, and therefore has a range of 192 to 223.
Chart B-2 Allowed IP Address Range By Class
CLASS
Class A
Class B
Class C
ALLOWED RANGE OF FIRST OCTET
(BINARY)
0
0000000 to
0
1111111
10
000000 to
10
111111
110
00000 to
110
11111
ALLOWED RANGE OF FIRST OCTET
(DECIMAL)
0 to 127
128 to 191
192 to 223
Class D
Subnet Masks
1110
0000 to
1110
1111 224 to 239
A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). A subnet mask has 32 bits; each bit of the mask corresponds to a bit of the IP address. If a bit in the subnet mask is a “1” then the corresponding bit in the IP address is part of the network number. If a bit in the subnet mask is “0” then the corresponding bit in the IP address is part of the host ID.
Subnet masks are expressed in dotted decimal notation just as IP addresses are. The “natural” masks for class
A, B and C IP addresses are as follows.
Chart B-3 “Natural” Masks
A 255.0.0.0
B 255.255.0.0
C 255.255.255.0
Subnetting
With subnetting, the class arrangement of an IP address is ignored. For example, a class C address no longer has to have 24 bits of network number and 8 bits of host ID. With subnetting, some of the host ID bits are converted into network number bits. By convention, subnet masks always consist of a continuous sequence
Prestige 660R ADSL 2+ Access Gateway of ones beginning from the left most bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits.
Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/” followed by the number of bits in the mask after the address.
For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with mask 255.255.255.128.
The following table shows all possible subnet masks for a class “C” address using both notations.
Chart B-4 Alternative Subnet Mask Notation
SUBNET MASK IP ADDRESS SUBNET MASK “1” BITS
255.255.255.0 /24
255.255.255.128 /25
255.255.255.192 /26
255.255.255.224 /27
255.255.255.240 /28
255.255.255.248 /29
LAST OCTET BIT VALUE
255.255.255.252 /30
The first mask shown is the class “C” natural mask. Normally if no mask is specified it is understood that the natural mask is being used.
Example: Two Subnets
As an example, you have a class “C” address 192.168.1.0 with subnet mask of 255.255.255.0.
NETWORK NUMBER HOST ID
IP Address
IP Address (Binary)
Subnet Mask
192.168.1. 0
11000000.10101000.00000001. 00000000
255.255.255. 0
Subnet Mask (Binary) 11111111.11111111.11111111. 00000000
The first three octets of the address make up the network number (class “C”). You want to have two separate networks.
IP Subnetting B-3
Prestige 660R ADSL 2+ Access Gateway
Divide the network 192.168.1.0 into two separate subnets by converting one of the host ID bits of the IP address to a network number bit. The “borrowed” host ID bit can be either “0” or “1” thus giving two subnets; 192.168.1.0 with mask 255.255.255.128 and 192.168.1.128 with mask 255.255.255.128.
In the following charts, shaded/bolded last octet bit values indicate host ID bits
“borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have on each subnet.
Chart B-5 Subnet 1
IP Address
IP Address (Binary)
Subnet Mask
Subnet Mask (Binary)
Subnet Address: 192.168.1.0
Broadcast Address: 192.168.1.127
NETWORK NUMBER
192.168.1.
11000000.10101000.00000001.
255.255.255.
11111111.11111111.11111111.
LAST OCTET BIT VALUE
0
0
1
0000000
128
0000000
Lowest Host ID: 192.168.1.1
Highest Host ID: 192.168.1.126
Chart B-6 Subnet 2
IP Address
NETWORK NUMBER
192.168.1.
LAST OCTET BIT VALUE
128
IP Address (Binary)
Subnet Mask
11000000.10101000.00000001.
255.255.255.
1
0000000
128
Subnet Mask (Binary) 11111111.11111111.11111111.
1
0000000
Subnet Address: 192.168.1.128 Lowest
Broadcast Address: 192.168.1.255 Highest Host ID: 192.168.1.254
The remaining 7 bits determine the number of hosts each subnet can have. Host IDs of all zeros represent the subnet itself and host IDs of all ones are the broadcast address for that subnet, so the actual number of hosts available on each subnet in the example above is 2
7
– 2 or 126 hosts for each subnet.
192.168.1.0 with mask 255.255.255.128 is the subnet itself, and 192.168.1.127 with mask 255.255.255.128 is the directed broadcast address for the first subnet. Therefore, the lowest IP address that can be assigned to an
Prestige 660R ADSL 2+ Access Gateway actual host for the first subnet is 192.168.1.1 and the highest is 192.168.1.126. Similarly the host ID range for the second subnet is 192.168.1.129 to 192.168.1.254.
Example: Four Subnets
The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits
(11111111.11111111.11111111.
11
000000) or 255.255.255.192. Each subnet contains 6 host ID bits, giving
2
6
-2 or 62 hosts for each subnet (all 0’s is the subnet itself, all 1’s is the broadcast address on the subnet).
Chart B-7 Subnet 1
IP Address
IP Address (Binary)
Subnet Mask (Binary)
Subnet Address: 192.168.1.0
Broadcast Address: 192.168.1.63
NETWORK NUMBER
192.168.1.
11000000.10101000.00000001.
11111111.11111111.11111111.
0
LAST OCTET BIT VALUE
00
11
000000
000000
Lowest Host ID: 192.168.1.1
Highest Host ID: 192.168.1.62
Chart B-8 Subnet 2
IP Address
IP Address (Binary)
Subnet Mask (Binary)
Subnet Address: 192.168.1.64
Broadcast Address: 192.168.1.127
NETWORK NUMBER LAST OCTET BIT VALUE
192.168.1.
11000000.10101000.00000001.
64
01
000000
11111111.11111111.11111111.
11
000000
Lowest Host ID: 192.168.1.65
Highest Host ID: 192.168.1.126
Chart B-9 Subnet 3
IP Address
IP Address (Binary)
NETWORK NUMBER
192.168.1.
11000000.10101000.00000001.
LAST OCTET BIT VALUE
128
10
000000
Subnet Mask (Binary) 11111111.11111111.11111111.
11
000000
Subnet Address: 192.168.1.128 Lowest
Broadcast Address: 192.168.1.191 Highest Host ID: 192.168.1.190
IP Subnetting B-5
Prestige 660R ADSL 2+ Access Gateway
Chart B-10 Subnet 4
IP Address
NETWORK NUMBER
192.168.1.
LAST OCTET BIT VALUE
192
IP Address (Binary)
Subnet Mask (Binary)
11000000.10101000.00000001.
11111111.11111111.11111111.
11
11
000000
000000
Subnet Address: 192.168.1.192 Lowest
Broadcast Address: 192.168.1.255 Highest Host ID: 192.168.1.254
Example Eight Subnets
Similarly use a 27-bit mask to create 8 subnets (001, 010, 011, 100, 101, 110).
The following table shows class C IP address last octet values for each subnet.
Chart B-11 Eight Subnets
SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS
1 0 1 30
2 32 33 62
3 64 65 94
31
63
95
4 96 97 126
5 128 129 158
6 160 161 190
7 192 193 222
127
159
191
223
255 8 224 223 254
The following table is a summary for class “C” subnet planning.
Prestige 660R ADSL 2+ Access Gateway
Chart B-12 Class C Subnet Planning
NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET
1 255.255.255.128 126
2 255.255.255.192 62
3 255.255.255.224 30
4 255.255.255.240 14
5 255.255.255.248 6
6 255.255.255.252 2
7 255.255.255.254 1
Subnetting With Class A and Class B Networks.
For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID.
A class “B” address has two host ID octets available for subnetting and a class “A” address has three host ID octets (see
Chart B-1
) available for subnetting.
The following table is a summary for class “B” subnet planning.
Chart B-13 Class B Subnet Planning
NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET
1 255.255.128.0 32766
2 255.255.192.0 16382
3 255.255.224.0 8190
4 255.255.240.0 4094
5 255.255.248.0 2046
6 255.255.252.0 1022
7 255.255.254.0 510
8 255.255.255.0 254
9 255.255.255.128
(/25)
512 126
IP Subnetting B-7
Prestige 660R ADSL 2+ Access Gateway
Chart B-13 Class B Subnet Planning
NO. “BORROWED” HOST BITS SUBNET MASK
(/25)
NO. SUBNETS NO. HOSTS PER SUBNET
(/26)
(/27)
12 255.255.255.240
(/28)
4096 14
13 255.255.255.248
(/29)
8192 6
(/30)
(/31)
Prestige 660R ADSL 2+ Access Gateway
Appendix C
PPPoE
PPPoE in Action
An ADSL modem bridges a PPP session over Ethernet (PPP over Ethernet, RFC 2516) from your PC to an
ATM PVC (Permanent Virtual Circuit) that connects to a xDSL Access Concentrator where the PPP session terminates (see the next figure). One PVC can support any number of PPP sessions from your LAN. PPPoE provides access control and billing functionality in a manner similar to dial-up services using PPP.
Benefits of PPPoE
PPPoE offers the following benefits:
1. It provides you with a familiar dial-up networking (DUN) user interface.
2. It lessens the burden on the carriers of provisioning virtual circuits all the way to the ISP on multiple switches for thousands of users. For GSTN (PSTN and ISDN), the switching fabric is already in place.
3. It allows the ISP to use the existing dial-up model to authenticate and (optionally) to provide differentiated services.
Traditional Dial-up Scenario
The following diagram depicts a typical hardware configuration where the PCs use traditional dial-up networking.
Diagram C-1 Single-PC per Router Hardware Configuration
PPPoE C-1
Prestige 660R ADSL 2+ Access Gateway
How PPPoE Works
The PPPoE driver makes the Ethernet appear as a serial link to the PC and the PC runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC). Between the AC and an ISP, the AC is acting as a L2TP (Layer 2 Tunneling Protocol) LAC (L2TP Access Concentrator) and tunnels the PPP frames to the ISP. The L2TP tunnel is capable of carrying multiple PPP sessions.
With PPPoE, the VC (Virtual Circuit) is equivalent to the dial-up connection and is between the modem and the AC, as opposed to all the way to the ISP. However, the PPP negotiation is between the PC and the ISP.
Prestige as a PPPoE Client
When using the Prestige as a PPPoE client, the PCs on the LAN see only Ethernet and are not aware of
PPPoE. This alleviates the administrator from having to manage the PPPoE clients on the individual PCs.
Diagram C-2 Prestige as a PPPoE Client
Prestige 660R ADSL 2+ Access Gateway
Appendix D
Virtual Circuit Topology
ATM is a connection-oriented technology, meaning that it sets up virtual circuits over which end systems communicate. The terminology for virtual circuits is as follows:
•
Virtual Channel
•
Virtual Path
•
Virtual Circuit
Logical connections between ATM switches
A bundle of virtual channels
A series of virtual paths between circuit end points
Diagram D-1 Virtual Circuit Topology
Think of a virtual path as a cable that contains a bundle of wires. The cable connects two points and wires within the cable provide individual circuits between the two points. In an ATM cell header, a VPI (Virtual
Path Identifier) identifies a link formed by a virtual path; a VCI (Virtual Channel Identifier) identifies a channel within a virtual path.
The VPI and VCI identify a virtual path, that is, termination points between ATM switches. A series of virtual paths make up a virtual circuit.
Your service provider should supply you with VPI/VCI numbers.
Virtual Circuit Topology D-1
Prestige 660R ADSL 2+ Access Gateway
Appendix E
Setting up Your Computer’s IP Address
All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed.
Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of
UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.
Windows 3.1 requires the purchase of a third-party TCP/IP application package.
TCP/IP should already be installed on computers using Windows NT/2000/XP, Macintosh OS 7 and later operating systems.
After the appropriate TCP/IP components are installed, configure the TCP/IP settings in order to
"communicate" with your network.
If you manually assign IP information instead of using dynamic assignment, make sure that your computers have IP addresses that place them in the same subnet as the Prestige's LAN port.
Windows 95/98/Me
Click
Start
,
Settings
,
Control Panel
and double-click the
Network
icon to open the
Network
window.
Setting up Your Computer’s IP Address E-1
Prestige 660R ADSL 2+ Access Gateway
Installing Components
The
Network
window
Configuration
tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks.
If you need the adapter: a. In the
Network
window, click
Add
. b. c.
Select
Adapter
and then click
Add
.
Select the manufacturer and model of your network adapter and then click
OK
.
If you need TCP/IP: a. In the
Network
window, click
Add
.
Select
Protocol
and then click
Add
. b. c. d.
Select
Microsoft
from the list of
manufacturers
.
Select
TCP/IP
from the list of network protocols and then click
OK
.
If you need Client for Microsoft Networks: a. Click
Add
. b. c. d. e.
Select
Client
and then click
Add
.
Select
Microsoft
from the list of manufacturers.
Select
Client for Microsoft Networks
from the list of network clients and then click
OK
.
Restart your computer so the changes you made take effect.
Configuring
1. In the
Network
window
Configuration
tab, select your network adapter's TCP/IP entry and click
Properties
.
E-2 Setting up Your Computer’s IP Address
2. Click the
IP Address
tab.
-If your IP address is dynamic, select
Obtain an
IP address automatically
.
-If you have a static IP address, select
Specify an IP address
and type your information into the
IP Address
and
Subnet Mask
fields.
Prestige 660R ADSL 2+ Access Gateway
3. Click the
DNS
Configuration tab.
-If you do not know your DNS information, select
Disable DNS
.
-If you know your DNS information, select
Enable DNS
and type the information in the fields below (you may not need to fill them all in).
Setting up Your Computer’s IP Address E-3
Prestige 660R ADSL 2+ Access Gateway
4. Click the
Gateway
tab.
-If you do not know your gateway’s IP address, remove previously installed gateways.
-If you have a gateway IP address, type it in the
New gateway field
and click
Add
.
1.
2.
3.
5. Click
OK
to save and close the
TCP/IP Properties
window.
6. Click
OK
to close the
Network
window. Insert the Windows CD if prompted.
7. Turn on your Prestige and restart your computer when prompted.
Verifying Settings
Click
Start
and then
Run
.
In the
Run
window, type "winipcfg" and then click
OK
to open the
IP Configuration
window.
Select your network adapter. You should see your computer's IP address, subnet mask and default gateway.
E-4 Setting up Your Computer’s IP Address
Windows 2000/NT/XP
1. For Windows XP, click
start
,
Control Panel
. In
Windows 2000/NT, click
Start
,
Settings
,
Control
Panel
.
Prestige 660R ADSL 2+ Access Gateway
2. For Windows XP, click
Network
Connections
. For Windows 2000/NT, click
Network and Dial-up Connections
.
3. Right-click
Local Area Connection
and then click
Properties
.
Setting up Your Computer’s IP Address E-5
Prestige 660R ADSL 2+ Access Gateway
4. Select
Internet Protocol (TCP/IP)
(under the
General
tab in Win XP) and click
Properties
.
5. The
Internet Protocol TCP/IP Properties
window opens (the
General tab
in Windows XP).
-If you have a dynamic IP address click
Obtain an IP address automatically
.
-If you have a static IP address click
Use the following IP Address
and fill in the
IP address
,
Subnet mask
, and
Default gateway
fields.
Click
Advanced
.
E-6 Setting up Your Computer’s IP Address
Prestige 660R ADSL 2+ Access Gateway
6. -If you do not know your gateway's IP address, remove any previously installed gateways in the
IP Settin
gs tab and click
OK
.
Do one or more of the following if you want to configure additional IP addresses:
-In the
IP Settings
tab, in IP addresses, click
Add
.
-In
TCP/IP Address
, type an IP address in
IP address
and a subnet mask in
Subnet mask
, and then click
Add
.
-Repeat the above two steps for each IP address you want to add.
-Configure additional default gateways in the
IP
Settings
tab by clicking
Add
in
Default gateways
.
-In
TCP/IP Gateway Address
, type the IP address of the default gateway in
Gateway
. To manually configure a default metric (the number of transmission hops), clear the
Automatic metric
check box and type a metric in
Metric
.
-Click
Add
.
-Repeat the previous three steps for each default gateway you want to add.
-Click
OK
when finished.
Setting up Your Computer’s IP Address E-7
Prestige 660R ADSL 2+ Access Gateway
7. In the
Internet Protocol TCP/IP Properties
window (the
General tab
in Windows XP):
-Click
Obtain DNS server address automatically
if you do not know your DNS server IP address(es).
-If you know your DNS server IP address(es), click
Use the following DNS server addresses
, and type them in the
Preferred DNS server
and
Alternate DNS server
fields.
If you have previously configured DNS servers, click
Advanced
and then the
DNS
tab to order them.
8. Click
OK
to close the
Internet Protocol (TCP/IP) Properties
window.
9. Click
OK
to close the
Local Area Connection Properties
window.
10. Turn on your Prestige and restart your computer (if prompted).
Verifying Settings
1. Click
Start
,
All Programs
,
Accessories
and then
Command Prompt
.
2. In the
Command Prompt
window, type "ipconfig" and then press [ENTER]. You can also open
Network Connections
, right-click a network connection, click
Status
and then click the
Support
tab.
E-8 Setting up Your Computer’s IP Address
Macintosh OS 8/9
1. Click the
Apple
menu,
Control Panel
and double-click
TCP/IP
to open the
TCP/IP Control Panel
.
Prestige 660R ADSL 2+ Access Gateway
2. Select
Ethernet built-in
from the
Connect via
list.
Setting up Your Computer’s IP Address E-9
Prestige 660R ADSL 2+ Access Gateway
3. For dynamically assigned settings, select
Using DHCP Server
from the
Configure:
list.
4. For statically assigned settings, do the following:
-From the
Configure
box, select
Manually
.
-Type your IP address in the
IP Address
box.
-Type your subnet mask in the
Subnet mask
box.
-Type the IP address of your Prestige in the
Router address
box.
5. Close the
TCP/IP Control Panel
.
6. Click
Save
if prompted, to save changes to your configuration.
7. Turn on your Prestige and restart your computer (if prompted).
Verifying Settings
Check your TCP/IP properties in the
TCP/IP Control Panel
window.
Macintosh OS X
1.
Click the
Apple
menu, and click
System Preferences
to open the
System Preferences
window.
E-10 Setting up Your Computer’s IP Address
2.
Click
Network
in the icon bar.
- Select
Automatic
from the
Location
list.
- Select
Built-in Ethernet
from the
Show
list.
- Click the
TCP/IP
tab.
Prestige 660R ADSL 2+ Access Gateway
3.
For dynamically assigned settings, select
Using DHCP
from the
Configure
list.
4. For statically assigned settings, do the following:
-From the
Configure
box, select
Manually
.
-Type your IP address in the
IP Address
-Type your subnet mask in the
box.
Subnet mask
box.
-Type the IP address of your Prestige in the
Router address
box.
5. Click
Apply Now
and close the window.
6. Turn on your Prestige and restart your computer (if prompted).
Verifying Settings
Check your TCP/IP properties in the
Network
window.
Setting up Your Computer’s IP Address E-11
Prestige 660R ADSL 2+ Access Gateway
Appendix F
Splitters and Microfilters
This appendix tells you how to install a POTS splitter or a telephone microfilter.
Connecting a POTS Splitter
When you use the Full Rate (G.dmt) ADSL standard, you can use a POTS (Plain Old Telephone Service) splitter to separate the telephone and ADSL signals. This allows simultaneous Internet access and telephone service on the same line. A splitter also eliminates the destructive interference conditions caused by telephone sets.
Install the POTS splitter at the point where the telephone line enters your residence, as shown in the following figure.
Diagram F-1 Connecting a POTS Splitter
Step 1.
Connect the side labeled “Phone” to your telephone.
Step 2.
Connect the side labeled “Modem” to your Prestige.
Step 3.
Connect the side labeled “Line” to the telephone wall jack.
Telephone Microfilters
Telephone voice transmissions take place in the lower frequency range, 0 - 4KHz, while ADSL transmissions take place in the higher bandwidth range, above 4KHz. A microfilter acts as a low-pass filter, for your telephone, to ensure that ADSL transmissions do not interfere with your telephone voice transmissions. The use of a telephone microfilter is optional.
Step 1.
Connect a phone cable from the wall jack to the single jack end of the Y- Connector.
Splitters and Microfilters F-1
Prestige 660R ADSL 2+ Access Gateway
Step 2.
Connect a cable from the double jack end of the Y-Connector to the “wall side” of the microfilter.
Step 3.
Connect another cable from the double jack end of the Y-Connector to the Prestige.
Step 4.
Connect the “phone side” of the microfilter to your telephone as shown in the following figure.
Diagram F-2 Connecting a Microfilter
Prestige With ISDN
This section relates to people who use their Prestige with ADSL over ISDN (digital telephone service) only.
The following is an example installation for the Prestige with ISDN.
F-2
Diagram F-3 Prestige with ISDN
Splitters and Microfilters
Prestige 660R ADSL 2+ Access Gateway
Appendix G
Log Descriptions
This appendix provides descriptions of example log messages
1
.
Chart G-1 System Maintenance Logs
LOG MESSAGE
Time calibration is successful
Time calibration failed
DHCP client gets %s
DHCP client IP expired
DHCP server assigns
%s
SMT Login
Successfully
SMT Login Fail
WEB Login
Successfully
WEB Login Fail
TELNET Login
Successfully
TELNET Login Fail
FTP Login
Successfully
FTP Login Fail
DESCRIPTION
The router has adjusted its time based on information from the time server.
The router failed to get information from the time server.
A DHCP client got a new IP address from the DHCP server.
A DHCP client's IP address has expired.
The DHCP server assigned an IP address to a client.
Someone has logged on to the router's SMT interface.
Someone has failed to log on to the router's SMT interface.
Someone has logged on to the router's web configurator interface.
Someone has failed to log on to the router's web configurator interface.
Someone has logged on to the router via telnet.
Someone has failed to log on to the router via telnet.
Someone has logged on to the router via ftp.
Someone has failed to log on to the router via ftp.
1
At the time of writing, the Prestige did not support the generation of all of the logs shown here.
Log Descriptions G-1
Prestige 660R ADSL 2+ Access Gateway
Access logs may include the following information:
(Protocol) is the protocol of the packet (for example TCP or UDP) that triggered the log.
(Direction) is the direction in which the packet was traveling (for example LAN to WAN or WAN to LAN)
Chart G-2 Access Logs
LOG MESSAGE
ICMP Source Quench
ICMP Time Exceed
ICMP Destination
Unreachable
DESCRIPTION
The Prestige sent or received an ICMP source quench packet to tell a host to slow down data transmission.
The Prestige sent or received an ICMP Time Exceed packet because a packet with zero Time To Live (TTL) was dropped.
The Prestige sent or received an ICMP Destination Unreachable packet when a packet was dropped because the target port was not open.
The router blocked a packet that did not have a corresponding NAT table entry.
Packet without a NAT table entry blocked
(Protocol)
Out of order TCP handshake packet blocked (Protocol)
Unsupported/out-oforder ICMP (Protocol)
The router blocked a TCP handshake packet that came out of the proper order
The Prestige generates this log after it drops an ICMP packet due to one of the following two reasons:
1. The Prestige does not support the ICMP packet's protocol.
2. The ICMP packet is an echo reply for which there was no corresponding echo request.
Remote access denied The router blocked a remote access attempt.
TYPE CODE
0 Echo Reply
Chart G-3 ICMP Notes
DESCRIPTION
3 Destination Unreachable
TYPE CODE
Prestige 660R ADSL 2+ Access Gateway
Chart G-3 ICMP Notes
DESCRIPTION
4
Fragment (DF)
4 Source Quench
0 needed to queue the datagrams for output to the next network on the route to the destination network.
5 Redirect
8 Echo
11 Time Exceeded
12 Parameter Problem
13 Timestamp
14 Timestamp Reply
Log Descriptions G-3
Prestige 660R ADSL 2+ Access Gateway
Chart G-3 ICMP Notes
TYPE CODE
15 Information Request
DESCRIPTION
16 Information Reply
A
Address Assignment ........................................ 5-2
ADSL, what is it?............................................ xxii
Alternative Subnet Mask Notation.................. B-3
AT command ................................................. 25-1
Authentication.......................................18-4, 18-5 auto-negotiation ............................................... 1-2
B
Backup ........................................................... 25-2
Bridging ......................................................... 16-2
Ether Address ............................................ 20-4
Ethernet...................................................... 20-1
Ethernet Addr Timeout .............................. 20-3
Remote Node ............................................. 20-1
Static Route Setup...................................... 20-3
Budget Management .............................26-2, 26-3
C
Call Filtering .................................................. 22-1
Call Filters
Built-In....................................................... 22-1
User-Defined ............................................. 22-1
Call Scheduling.............................................. 29-1
Maximum Number of Schedule Sets ......... 29-1
PPPoE ........................................................ 29-3
Precedence ................................................. 29-1
Precedence Example.................
See
precedence
CDR ............................................................... 24-7
CDR (Call Detail Record).............................. 24-6
CHAP............................................................. 18-4
Classes of IP Addresses .................................. B-1
Collision......................................................... 24-3
Command Interpreter Mode........................... 26-1
Prestige 660R ADSL 2+ Access Gateway
Appendix H
Index
Community .................................................... 23-2
Computer Name............................................. 14-1
Conditions that prevent TFTP and FTP from working over WAN ................................... 25-4
Configuration........................................ 3-11, 12-6
Copyright .............................................................ii
Cost Of Transmission ........................... 18-7, 19-3
Country Code................................................. 24-4
CPU Load ...................................................... 24-3
Customer Support ................................................v
D
Data Filtering................................................. 22-1
Device Filter rules........................................ 22-14
DHCP .................... 1-3, 3-11, 5-2, 8-1, 12-6, 24-4
Diagnostic Tools............................................ 24-1
Digital Subscriber Line Access Multiplexer.... 1-6
DNS ............................................................... 16-3
Domain Name........................................... 5-2, 7-5
Domain Name System ..................................... 5-1
DSL (Digital Subscriber Line).........................xxii
DSL, What Is It? ..............................................xxii
DSLAM .........
See
Digital Subscriber Line Access
Multiplexer
Dynamic DNS..................................1-3, 8-1, 14-2
DYNDNS Wildcard......................................... 8-1
E
ECHO .............................................................. 7-5
Encapsulation..........................1-4, 3-1, 17-5, 18-2
ENET ENCAP............................................. 3-1
PPP over Ethernet........................................ 3-1
PPPoA ......................................................... 3-1
RFC 1483 .................................................... 3-2
Error Log ....................................................... 24-5
Index H-1
Prestige 660R ADSL 2+ Access Gateway
Error/Information Messages
Sample....................................................... 24-6
Ethernet Traffic............................................ 22-18
F
Factory LAN Defaults ..................................... 5-2
FCC.................................................................... iii
Filename Conventions ................................... 25-1
Filter .............................................................. 16-1
Applying Filters....................................... 22-17
Ethernet traffic......................................... 22-18
Ethernet Traffic ....................................... 22-18
Filter Rules ................................................ 22-6
Filter Structure........................................... 22-4
Generic Filter Rule .................................. 22-12
Remote Node............................................. 18-8
Remote Node Filter ................................... 18-9
Remote Node Filters................................ 22-18
Sample..................................................... 22-16
SUA......................................................... 22-14
TCP/IP Filter Rule..................................... 22-7
Filter Log .............................................. 24-7, 24-8
Filter Rule ...................................................... 22-8
Filter Rule Process......................................... 22-3
Filter Rule Setup ............................................ 22-7
Filter Rules Summary
Sample..................................................... 22-17
Filter Set
Class .......................................................... 22-7
Filter Set Configuration ................................. 22-4
Filtering ................................................ 22-1, 22-7
Filtering Process
Outgoing Packets....................................... 22-2
Finger............................................................... 7-5
Firmware File
Maintenance .............................................. 12-9
Frame Relay..................................................... 1-6
FTP .........................................7-5, 8-1, 10-1, 27-2
Restrictions................................................ 27-2
FTP File Transfer........................................... 25-7
FTP Restrictions ................................... 10-1, 25-4
FTP Server....................................................21-14
Full Rate .......................................................... F-1
G
Gateway..........................................................19-3
Gateway Node ................................................20-4
General Setup .................................................14-1
H
Hidden Menus ................................................13-3
Hop Count ............................................ 18-7, 19-3
Host ..................................................................4-2
Host IDs........................................................... B-1
HTTP................................................................7-5
I
IANA................................................................3-5
IGMP................................................................5-3
IGMP support .................................................18-7
Install UPnP....................................................11-3
Windows Me ..............................................11-3
Windows XP ..............................................11-4
Interactive Applications..................................28-1
Internet access ................................................17-1
Internet Access1-2, 1-5, 1-6, 16-2, 17-1, 17-4, 17-
5
Internet Access Setup .............................A-3, 21-1
Internet Assigned Numbers Authority...
See
IANA
IP Address3-4, 5-3, 7-5, 7-7, 12-6, 16-4, 19-3, 20-
4, 22-9, 24-4, 24-9, 28-3
IP Address Assignment ....................................3-4
ENET ENCAP .............................................3-5
PPPoA or PPPoE..........................................3-5
RFC 1483 .....................................................3-5
IP Addressing .................................................. B-1
IP Alias Setup.................................................17-2
IP Classes ........................................................ B-1
IP Filter.........................................................22-11
Logic Flow ...............................................22-10
IP mask...........................................................22-9
IP Packet.......................................................22-12
H-2 Index
IP Policies ...................................................... 28-5
IP Policy Routing (IPPR)........................1-4, 17-1
Applying an IP Policy................................ 28-5
Ethernet IP Policies.................................... 28-5
Gateway ..................................................... 28-5
IP Pool Setup.................................................. 3-12
IP Protocol ..................................................... 28-4
IP Routing Policy (IPPR)............................... 28-1
Benefits...................................................... 28-1
Cost Savings .............................................. 28-1
Criteria ....................................................... 28-1
Load Sharing.............................................. 28-1
Setup .......................................................... 28-2
IP Static Route ............................................... 19-1
IP Static Route Setup ..................................... 19-2
ISDN ................................................................F-2
L
LAN ......................................................24-2, 24-3
LAN Setup ................................................5-1, 6-1
LAN TCP/IP .................................................... 5-2
Link type ........................................................ 24-2
LLC-based Multiplexing.............................. 18-12
Log and Trace ................................................ 24-6
Log Descriptions............................................. G-1
Log Facility.................................................... 24-7
Logging Option...................................22-9, 22-13
Login.............................................................. 18-4
M
MAC address ................................................. 20-4
Main Menu..................................................... 13-3
Management Information Base (MIB)........... 23-2
MBS ..............................
See
Maximum Burst Size
Media Access Control.................................... 20-1
Message Logging ........................................... 24-5
Metric.............................................6-1, 18-7, 19-3
Multicast .................................................5-3, 18-7
Multiplexing
LLC-based ................................................... 3-2
VC-based ..................................................... 3-2
Prestige 660R ADSL 2+ Access Gateway
Multiplexing ...........................1-4, 3-2, 17-5, 18-2
Multiprotocol Encapsulation............................ 3-2
My WAN Address ......................................... 18-7
N
Nailed-Up Connection .....................................
3-6
NAT........................................3-4, 7-5, 7-6, 22-14
Application .................................................. 7-3
Applying NAT in the SMT Menus............ 21-1
Configuring ............................................... 21-3
Definitions................................................... 7-1
Examples ................................................. 21-11
How NAT Works ........................................ 7-2
Mapping Types............................................ 7-3
Non NAT Friendly Application Programs21-17
Ordering Rules .......................................... 21-6
What NAT does........................................... 7-2
NAT Traversal............................................... 11-1
Network Address Translation ........................ 17-6
Network Address Translation (NAT) ............ 21-1
Network Management .............................. 1-4, 7-6
NNTP............................................................... 7-6
P
Packet
Error .......................................................... 24-2
Received .................................................... 24-3
Transmitted................................................ 24-3
Packet Triggered............................................ 24-7
Packets........................................................... 24-2
PAP................................................................ 18-4
Password..................... 4-1,
13-1
, 13-5, 18-4, 23-2
Ping................................................................ 24-9
Point-to-Point...................................................xxii
Point-to-Point Tunneling Protocol................... 7-6 policy-based routing ...................................... 28-1
POP3................................................................ 7-6
Port Numbers................................................... 7-5
PPP Encapsulation ....................................... 18-12
PPP Log ................................................ 24-7, 24-8
PPPoA............................................................ 18-2
Index H-3
Prestige 660R ADSL 2+ Access Gateway
PPTP ................................................................ 7-6
Precedence ............................................ 28-1, 28-4
Private................................................... 18-7, 19-4
Protocol.......................................................... 22-8
Protocol Filter Rules .................................... 22-14
Q
Quality of Service .......................................... 28-1
R
RAS ...................................................... 24-4, 28-2
Rate
Receiving................................................... 24-2
Transmission ............................................. 24-2
Read Me First .................................................. 2-1
Read Me First ...................................................xix
Related Documentation.....................................xix
Remote DHCP Server.................................... 16-4
Remote Management and NAT ..................... 10-2
Remote Management Limitations......... 10-1, 27-2
Remote Management Setup ........................... 27-1
Remote Node ........................................ 18-1, 24-2
Remote Node Profile ................................. 18-3
Remote Node Setup.......................... 18-1, 18-2
Remote Node Index Number ......................... 24-2
Remote Node Traffic ................................... 22-19
Required fields............................................... 13-3
Restore Configuration.................................... 25-6
RFC-1483 ...................................................... 18-2
RFC-2364 ............................................. 18-2, 18-3
RIP.16-4, 18-7.
See
Routing Information Protocol
Routing Information Protocol.......................... 5-3
Direction...................................................... 5-3
Version ........................................................ 5-3
Routing Policy ............................................... 28-1
S
Sample IP Addresses ..................................... 18-8
Schedule Sets
Duration..................................................... 29-2
SCR......................................
See
Sustain Cell Rate
Server
7-4
, 21-3, 21-4, 21-5, 21-8, 21-9, 21-10, 21-
12, 21-13, 26-5
Service................................................................iv
Service Type....................................................A-3
Services ............................................................7-5 setup a schedule..............................................29-2
SMT Menu Overview.....................................13-2
SMTP ...............................................................7-5
SNMP ...............................................................7-6
Community.................................................23-3
Configuration .............................................23-2
Get..............................................................23-2
Manager .....................................................23-2
MIBs ..........................................................23-2
Trap ............................................................23-2
Trusted Host...............................................23-3
Source-Based Routing ....................................28-1
Splitters............................................................ F-1
Static Route Setup ..........................................19-1
Static Routing Topology.................................19-1
SUA................................................... 1-6, 7-5, 7-6
SUA (Single User Account) ...
See
NAT.
See
NAT
Subnet Mask ........ 3-4, 5-3, 16-4, 18-6, 19-3, 24-4
Subnet Masks .................................................. B-2
Subnetting........................................................ B-2
Supporting Disk................................................xix
Syntax Conventions........................................... xx
Syslog .............................................................24-6
Syslog IP Address ..........................................24-7
Syslog Server..................................................24-6
System
Console Port Speed ....................................24-5
Diagnostic ..................................................24-8
Log and Trace ............................................24-5
Syslog and Accounting ..............................24-6
System Information....................................24-3
System Status .............................................24-1
System Information ........................................24-3
System Information & Diagnosis ...................24-1
System Maintenance....24-1, 24-3, 25-2, 25-4, 25-
10, 26-1, 26-2, 26-4, 26-5
H-4 Index
System Management Terminal ...................... 13-3
System Status ................................................. 24-2
System Timeout ....................................10-2, 27-3
T
TCP/IP .......................................10-2, 22-14, 24-9
Telephone Microfilters.....................................F-1
Telnet ............................................................. 10-2
Telnet Configuration ...................................... 10-2
TFTP
And FTP Over WAN} ............................... 27-2
Restrictions ................................................ 27-2
TFTP and FTP over WAN Will Not Work
When…...................................................... 25-4
TFTP and FTP Over WAN} .......................... 10-1
TFTP File Transfer......................................... 25-9
TFTP Restrictions .................................10-1, 25-4
Time and Date Setting...........................26-4, 26-5
Time Zone...................................................... 26-5
Timeout.......................................................... 15-2
TOS (Type of Service)................................... 28-1
Trace Records ................................................ 24-5
Traffic Redirect.........................................6-7, 6-8
Setup .......................................................... 15-2
Transmission Rates .......................................... 1-2
Type of Service
....................
28-1
, 28-3, 28-4, 28-5
U
Universal Plug and Play................................. 11-1
Application ................................................ 11-1
Prestige 660R ADSL 2+ Access Gateway
Security issues ........................................... 11-1
Universal Plug and Play Forum ..................... 11-2
UNIX Syslog ........................................ 24-5, 24-6
UNIX syslog parameters................................ 24-6
Upload Firmware ........................................... 25-7
UPnP.........................
See
Universal Plug and Play
User Name ....................................................... 8-2
V
VC-based Multiplexing ................................. 18-2
VPI & VCI....................................................... 3-2
W
WAN Setup.................................................... 15-1
Web Configurator ..............................2-1, 2-2, 2-3
Wizard Setup ................................................... 3-1
X
XMODEM protocol....................................... 25-2
Z
ZyNOS.................................................. 25-1, 25-2
ZyNOS F/W Version ..................................... 25-1
ZyXEL Limited Warranty
Note ................................................................iv
Index H-5
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 1 P660R
- 2 Copyright
- 3 FCC Interference Statement
- 4 ZyXEL Limited Warranty
- 5 Customer Support
- 7 Table of Contents
- 12 List of Figures
- 16 List of Tables
- 18 List of Charts
- 19 Preface
- 22 Introduction to DSL
- 23 Part I Getting Started
- 25 1. Getting To Know Your Prestige
- 25 Introducing the Prestige
- 26 Features of the Prestige
- 29 Applications for the Prestige
- 31 2. Introducing the Web Configurator
- 31 Web Configurator Overview
- 31 Accessing the Prestige Web Configurator
- 32 Resetting the Prestige
- 32 Navigating the Prestige Web Configurator
- 35 3. Wizard Setup
- 35 Wizard Setup Introduction
- 35 Encapsulation
- 36 Multiplexing
- 36 VPI and VCI
- 36 Wizard Setup Configuration: First Screen
- 38 IP Address and Subnet Mask
- 38 IP Address Assignment
- 40 Nailed-Up Connection (PPP)
- 40 NAT
- 40 Wizard Setup Configuration: Second Screen
- 45 DHCP Setup
- 46 Wizard Setup Configuration: Third Screen
- 48 Wizard Setup Configuration: Connection Tests
- 49 Test Your Internet Connection
- 51 Part II Password, LAN and WAN
- 53 4. Password Setup
- 53 Password Overview
- 53 Configuring Password
- 55 5. LAN Setup
- 55 LAN Overview
- 55 DNS Server Address
- 56 DNS Server Address Assignment
- 56 LAN TCP/IP
- 58 Configuring LAN
- 61 6. WAN Setup
- 61 WAN Overview
- 61 Metric
- 61 PPPoE Encapsulation
- 62 Traffic Shaping
- 63 Configuring WAN Setup
- 67 Traffic Redirect
- 68 Configuring WAN Backup
- 73 Part III NAT, Dynamic DNS and Time and Date
- 75 7. Network Address Translation (NAT) Screens
- 75 NAT Overview
- 78 SUA (Single User Account) Versus NAT
- 79 SUA Server
- 80 Selecting the NAT Mode
- 81 Configuring SUA Server
- 83 Configuring Address Mapping
- 85 Editing an Address Mapping Rule
- 87 8. Dynamic DNS Setup
- 87 Dynamic DNS
- 87 Configuring Dynamic DNS
- 89 9. Time and Date
- 89 Configuring Time and Date
- 93 Part IV Remote Management and UPnP
- 95 10. Remote Management Configuration
- 95 Remote Management Overview
- 96 Telnet
- 96 FTP
- 96 Web
- 97 Configuring Remote Management
- 99 11. Universal Plug-and-Play (UPnP)
- 99 Introducing Universal Plug and Play
- 100 UPnP and ZyXEL
- 101 Installing UPnP in Windows Example
- 103 Using UPnP in Windows XP Example
- 107 Part V Maintenance
- 109 12. Maintenance
- 109 Maintenance Overview
- 109 System Status Screen
- 114 DHCP Table Screen
- 115 Diagnostic Screens
- 117 Firmware Screen
- 121 Part VI SMT General Configuration
- 123 13. Introducing the SMT
- 123 SMT Introduction
- 125 Navigating the SMT Interface
- 127 Changing the System Password
- 129 14. Menu 1 General Setup
- 129 General Setup
- 129 Procedure To Configure Menu 1
- 133 15. Menu 2 WAN Backup Setup
- 133 Introduction to WAN Backup Setup
- 133 Configuring Dial Backup in Menu 2
- 137 16. Menu 3 LAN Setup
- 137 LAN Setup
- 138 Protocol Dependent Ethernet Setup
- 138 TCP/IP Ethernet Setup and DHCP
- 141 17. Internet Access
- 141 Internet Access Overview
- 141 IP Policies
- 141 IP Alias
- 142 IP Alias Setup
- 144 Route IP Setup
- 144 Internet Access Configuration
- 147 18. Remote Node Configuration
- 147 Remote Node Setup Overview
- 147 Remote Node Setup
- 152 Remote Node Network Layer Options
- 154 Remote Node Filter
- 158 Editing ATM Layer Options
- 161 19. Static Route Setup
- 161 IP Static Route Overview
- 162 Configuration
- 165 20. Bridging Setup
- 165 Bridging in General
- 165 Bridge Ethernet Setup
- 169 21. Network Address Translation (NAT)
- 169 Using NAT
- 169 Applying NAT
- 171 NAT Setup
- 177 Configuring a Server behind NAT
- 179 General NAT Examples
- 187 Part VII SMT Advanced Management
- 189 22. Filter Configuration
- 189 About Filtering
- 192 Configuring a Filter Set for the Prestige
- 194 Filter Rules Summary Menus
- 195 Configuring a Filter Rule
- 202 Filter Types and NAT
- 202 Example Filter
- 205 Applying Filters and Factory Defaults
- 209 23. SNMP Configuration
- 209 About SNMP
- 210 Supported MIBs
- 210 SNMP Configuration
- 212 SNMP Traps
- 213 24. System Information and Diagnosis
- 213 System Status
- 215 System Information
- 217 Log and Trace
- 219 Diagnostic
- 223 25. Firmware and Configuration File Maintenance
- 223 Filename Conventions
- 224 Backup Configuration
- 228 Restore Configuration
- 229 Uploading Firmware and Configuration Files
- 233 26. System Maintenance
- 233 Command Interpreter Mode
- 234 Call Control Support
- 236 Time and Date Setting
- 239 27. Remote Management
- 239 Remote Management Overview
- 239 Remote Management
- 241 Remote Management and NAT
- 241 System Timeout
- 243 28. IP Policy Routing
- 243 IP Policy Routing Overview
- 243 Benefits of IP Policy Routing
- 243 Routing Policy
- 244 IP Routing Policy Setup
- 247 Applying an IP Policy
- 248 IP Policy Routing Example
- 253 29. Call Scheduling
- 253 Introduction
- 257 Part VIII Appendices and Index
- 259 A. Troubleshooting
- 263 B. IP Subnetting
- 271 C. PPPoE
- 273 D. Virtual Circuit Topology
- 275 E. Setting up Your Computer’s IP Address
- 287 F. Splitters and Microfilters
- 289 G. Log Descriptions
- 293 H. Index