Prestige 2602HWL-D3A Support Notes Version 3.40 Oct.
Prestige 2602HWL-D3A Support Notes INDEX APPLICATION NOTES .............................................................................................................................................................. 8 GENERAL APPLICATION NOTES .......................................................................................................................................................... 8 INTERNET CONNECTION ........................................................................................
Prestige 2602HWL-D3A Support Notes Call Hold setup .................................................................................................................................................................. 143 Call Waiting setup............................................................................................................................................................. 143 Three Way Conference setup ......................................................................................
Prestige 2602HWL-D3A Support Notes Will the Prestige work with my Internet connection? ...................................................................................................... 175 What do I need to use the Prestige? ................................................................................................................................. 175 What is PPPoE? ....................................................................................................................................
Prestige 2602HWL-D3A Support Notes Can I receive incoming PSTN call through P2602HWL- 6xC? ............................................................................................ 183 Can I make an outgoing PSTN call through P2602HWL – 6xC? ........................................................................................ 184 VOIP FAQ ....................................................................................................................................................................
Prestige 2602HWL-D3A Support Notes How can I protect against IP spoofing attacks?................................................................................................................ 192 CONTENT FILTER FAQ ................................................................................................................................................................. 193 IPSEC FAQ ......................................................................................................................
Prestige 2602HWL-D3A Support Notes Can Prestige behave as a NAT router supporting IPSec passthrough and an IPSec gateway simultaneously? ................ 203 WIRELESS FAQ .......................................................................................................................................................................... 203 What is a Wireless LAN ? ............................................................................................................................................
Prestige 2602HWL-D3A Support Notes What is the difference between Open System and Shared Key of Authentication Type ? ................................................ 210 What is 802.1x ? ............................................................................................................................................................... 210 What is the difference between No authentication required, No access allowed and Authentication required ? ........... 211 What is AAA ? ......................
Prestige 2602HWL-D3A Support Notes Before you begin The Prestige is shipped with the following factory default: 1. IP address = 192.168.1.1, subnet mask = 255.255.255.0 (24 bits) 2. DHCP server enabled with IP pool starting from 192.168.1.33 3. Default SMT menu password = 1234 Setting up the PC (Windows OS) 1. Ethernet connection All PCs must have an Ethernet adapter card installed.
Prestige 2602HWL-D3A Support Notes In the Select Network Protocol windows, select Microsoft from the manufacturers, then select TCP/IP from the Network Protocols and click OK. 3. TCP/IP Configuration Follow these steps to configure Windows TCP/IP: In the Control Panel/Network window, click the TCP/IP entry to select it and click Properties button. In the TCP/IP Properties window, select obtain an IP address automatically.
Prestige 2602HWL-D3A Support Notes 3. Configure Prestige for Internet access by using WIZARD SETUP The Web screen shown below takes PPPoE as the example. 11 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Setup the Prestige as a DHCP Relay What is DHCP Relay? DHCP stands for Dynamic Host Configuration Protocol. In addition to the DHCP server feature, the P2602 supports the DHCP relay function. When it is configured as DHCP server, it assigns the IP addresses to the 12 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes LAN clients. When it is configured as DHCP relay, it is reponsable for forwarding the requests and responses negotiating between the DHCP clients and the server. See figure 1. Setup the Prestige as a DHCP Client 1. Toggle the DHCP to Relay in menu 3.2 and enter the IP address of the DHCP server in the 'Relay Server Address' field. Menu 3.
Prestige 2602HWL-D3A Support Notes Edit IP Alias= No Press ENTER to Confirm or ESC to Cancel: Configure an Internal Server Behind SUA Introduction If you wish, you can make internal servers (e.g., Web, ftp or mail server) accessible for outside users, even though SUA makes your LAN appear as a single machine to the outside world. A service is identified by the port number.
Prestige 2602HWL-D3A Support Notes To make a server visible to the outside world, specify the port number of the service and the inside address of the server in 'Menu 15.2.1', Multiple Server Configuration. The outside users can access the local server using the Prestige's WAN IP address which can be obtained from menu 24.1. For example (Configuring an internal Web server for outside access) : Menu 15.2 - NAT Server Setup Rule Start Port No. End Port No.
Prestige 2602HWL-D3A Support Notes DNS (Domain Name Server) 53 www-http (Web) 80 Configure a PPTP server Behind SUA Introduction PPTP is a tunneling protocol defined by the PPTP forum that allows PPP packets to be encapsulated within Internet Protocol (IP) packets and forwarded over any IP network, including the Internet itself. In order to run the Windows 9x PPTP client, you must be able to establish an IP connection with a tunnel server such as the Windows NT Server 4.0 Remote Access Server.
Prestige 2602HWL-D3A Support Notes Since PPTP encapsulates its data stream in the PPP protocol, the VPN requires a second dial-up adapter. This second dial-up adapter for VPN is added during the installation phase of the Upgrade in addition to the first dial-up adapter that provides PPP support for the analog or ISDN modem. The PPTP is supported in Windows NT and Windows 98 already. For Windows 95, it needs to be upgraded by the Dial-Up Networking 1.2 upgrade.
Prestige 2602HWL-D3A Support Notes o PPTP client setup (Win9x) Add one VPN connection from Dial-Up Networking by entering the correct username & password and the IP address of the Prestige's Internet IP address for logging to NT RAS server. Set the Internet gateway to the router that is connecting to ISP o Prestige router setup Before making a VPN connection from Win9x to WinNT server, you need to connect Prestige router to your ISP first.
Prestige 2602HWL-D3A Support Notes Internet. If the Internet connection between two LANs is achieve, you can place a VPN call from the remote Win9x client. For example: C:\ping 203.66.113.2 When a dial-up connection to ISP is established, a default gateway is assigned to the router traffic through that connection. Therefore, the output below shows the default gateway of the Win9x client after the dial-up connection has been established.
Prestige 2602HWL-D3A Support Notes Using NAT / Multi-NAT What is Multi-NAT? NAT (Network Address Translation-NAT RFC 1631) is the translation of an Internet Protocol address used within one network to a different IP address known within another network. One network is designated the inside network and the other is the outside.
Prestige 2602HWL-D3A Support Notes 1. NAT Mapping Types NAT supports five types of IP/port mapping. They are: 2. One to One In One-to-One mode, the Prestige maps one ILA to one IGA. 3. Many to One In Many-to-One mode, the Prestige maps multiple ILA to one IGA. This is equivalent to SUA (i.e., PAT, port address translation), ZyXEL's Single User Account feature that previous ZyNOS routers supported (the SUA only option in today's routers). 4.
Prestige 2602HWL-D3A Support Notes The following table summarizes these types. NAT Type IP Mapping Mapping Direction One-to-One ILA1<--->IGA1 Both Many-to-One (SUA/PAT) ILA1---->IGA1 ILA2---->IGA1 ... Outgoing Many-to-Many Overload ILA1---->IGA1 ILA2---->IGA2 ILA3---->IGA1 ILA4---->IGA2 ... Outgoing ILA1---->IGA1 Many-to-Many No ILA2---->IGA3 Overload ILA3---->IGA2 (Allocate by Connections) ILA4---->IGA4 Outgoing ...
Prestige 2602HWL-D3A Support Notes You apply NAT via menus 4 and 11.3 as displayed next. The next figure how you apply NAT for Internet access in menu 4. Enter 4 from the Main Menu to go to Menu 4-Internet Access Setup.
Prestige 2602HWL-D3A Support Notes Overload mapping. Select Full Feature when you require other mapping types. It is a convenient, pre-configured, read only, Many-to-One mapping set, sufficient for most purposes and helpful to people already familiar with SUA in previous ZyNOS versions. Note that there is also a Server type whose IGA is 0.0.0.0 in this set. Table: Applying NAT in Menu 4 and Menu 11.3 2. Configuring NAT To configure NAT, enter 15 from the Main Menu to bring up the following screen.
Prestige 2602HWL-D3A Support Notes Menu 15.1 - Address Mapping Sets 1. 2. 3. 4. 5. 6. 7. 8. 255. SUA (read only) Enter Set Number to Edit: Let's first look at Option 255. Option 255 is equivalent to SUA in previous ZyXEL routers. The fields in this menu cannot be changed. Entering 255 brings up this screen. Menu 15.1.
Prestige 2602HWL-D3A Support Notes The following table explains the fields in this screen. Please note that the fields in this menu are read-only. Field Description Option/Example Set Name This is the name of the set you selected in Menu 15.1 or enter SUA the name of a new set you want to create. Idx This is the index or rule number. 1 0.0.0.0 Local Start IP This is the starting local IP address (ILA). for the Many-to-One type. This is the starting local IP address (ILA).
Prestige 2602HWL-D3A Support Notes 9. 10. Action= Edit , Select Rule= 0 Press ENTER to Confirm or ESC to Cancel: We will just look at the differences from the previous menu. Note that, this screen is not read only, so we have extra Action and Select Rule fields. Not also that the [?] in the Set Name field means that this is a required field and you must enter a name for the set. The description of the other fields is as described above. The Type, Local and Global Start/End IPs are configured in Menu 15.
Prestige 2602HWL-D3A Support Notes Local IP: Start= 0.0.0.0 End = N/A Global IP: Start= 0.0.0.0 End = N/A Press ENTER to Confirm or ESC to Cancel: The following table describes the fields in this screen. Field Description Type One-to-One Many-to-One Press [SPACEBAR] to toggle through a total of 5 types. These Many-to-Many Overload are the mapping types discussed above plus a server type. Some Many-to-Many No examples follow to clarify these a little more.
Prestige 2602HWL-D3A Support Notes The NAT Server Set is a list of LAN side servers mapped to external ports (similar to the old SUA menu of before). If you wish, you can make inside servers for different services, e.g., Web or FTP, visible to the outside users, even though NAT makes your network appears as a single machine to the outside world. A server is identified by the port number, e.g., Web service is on port 80 and FTP on port 21.
Prestige 2602HWL-D3A Support Notes 2. 21 21 192.168.1.33 3. 80 80 192.168.1.36 4. 0 0 0.0.0.0 5. 0 0 0.0.0.0 6. 0 0 0.0.0.0 7. 0 0 0.0.0.0 8. 0 0 0.0.0.0 9. 0 0 0.0.0.0 10. 0 0 0.0.0.0 11. 0 0 0.0.0.0 12. 0 0 0.0.0.0 Press ENTER to Confirm or ESC to Cancel: The most often used port numbers are shown in the following table. Please refer RFC 1700 for further information about port numbers.
Prestige 2602HWL-D3A Support Notes Menu 4 - Internet Access Setup ISP's Name= MyISP Encapsulation= PPPoE Multiplexing= LLC-based VPI #= 0 VCI #= 33 ATM QoS Type= UBR Peak Cell Rate (PCR)= 0 Sustain Cell Rate (SCR)= 0 Maximum Burst Size (MBS)= 0 My Login= cso@zyxel My Password= ******** Idle Timeout (sec)= 0 IP Address Assignment= Dynamic IP Address= N/A Network Address Translation= SUA Only Address Mapping Set= 1 Press ENTER to Confirm or ESC to Cancel: 31 All contents copyright (c) 2007 ZyXEL Communica
Prestige 2602HWL-D3A Support Notes From Menu 4 shown above simply choose the SUA Only option from the NAT field. This is the Many-to-One mapping discussed earlier. The SUA read only option from the NAT field in menu 4 and 11.3 is specifically pre-configured to handle this case. 2. Internet Access with an Internal Server In this case, we do exactly as above (use the convenient pre-configured SUA Only set) and also go to Menu 15.
Prestige 2602HWL-D3A Support Notes 8. 0 0 0.0.0.0 9. 0 0 0.0.0.0 10. 0 0 0.0.0.0 11. 0 0 0.0.0.0 12. 0 0 0.0.0.0 Press ENTER to Confirm or ESC to Cancel: 3.Using Multiple Global IP addresses for clients and servers (One-to-One, Many-to-One, Server Set mapping types are used) In this case we have 3 IGAs (IGA1, IGA2 and IGA3) from the ISP. We have two very busy internal FTP servers and also an internal general server for the web and mail.
Prestige 2602HWL-D3A Support Notes Step 1: In this case, we need to configure Address Mapping Set 1 from Menu 15.1-Address Mapping Sets. Therefore we must choose the Full Feature option from the NAT field in menu 4 or menu 11.3, and assign IGA3 to Prestige WAN IP Address.
Prestige 2602HWL-D3A Support Notes Start= 192.168.1.10 End = N/A Global IP: Start= [Enter IGA1] End = N/A Press ENTER to Confirm or ESC to Cancel: Rule 2 Setup: Selecting One-to-One type to map the FTP Server 2 with ILA2 (192.168.1.11) to IGA2. Menu 15.1.1.2 - - Rule 2 Type: One-to-One Local IP: Start= 192.168.1.11 End = N/A Global IP: Start= [Enter IGA2] End = N/A Press ENTER to Confirm or ESC to Cancel: Rule 3 Setup: Select Many-to-One type to map the other clients to IGA3. Menu 15.1.1.
Prestige 2602HWL-D3A Support Notes Press ENTER to Confirm or ESC to Cancel: Rule 4 Setup: Select Server type to map our web server and mail server with ILA3 (192.168.1.20) to IGA3. Menu 15.1.1.4 - - Rule 4 Type: Server Local IP: Start= N/A End = N/A Global IP: Start= [Enter IGA3] End = N/A Press ENTER to Confirm or ESC to Cancel: When we have configured all four rules Menu 15.1.1 should look as follows. Menu 15.1.
Prestige 2602HWL-D3A Support Notes 9. 10. Press ESC or RETURN to Exit: Step 3: Now we configure all other incoming traffic to go to our web server aand mail server from Menu 15.2 - NAT Server Setup (not Set 1, Set 1 is used for SUA Only case). Menu 15.2 - NAT Server Setup Rule Start Port No. End Port No. IP Address --------------------------------------------------1. Default Default 0.0.0.0 2. 80 80 192.168.1.20 3. 25 25 192.168.1.20 4. 0 0 0.0.0.0 5. 0 0 0.0.0.0 6. 0 0 0.0.0.
Prestige 2602HWL-D3A Support Notes Some servers providing Internet applications such as some mIRC servers do not allow users to login using the same IP address. In this case it is better to use Many-to-Many No Overload or One-to-One NAT mapping types, thus each user login to the server using a unique global IP address. The following figure illustrates this. One rule configured for using Many-to-Many No Overload mapping type is shown below. Menu 15.1.1.
Prestige 2602HWL-D3A Support Notes Local IP: Start= 192.168.1.10 End = N/A Global IP: Start= [Enter IGA1] End = N/A Press ENTER to Confirm or ESC to Cancel: Menu 15.1.1.2 - - Rule 2 Type: One-to-One Local IP: Start= 192.168.1.11 End = N/A Global IP: Start= [Enter IGA2] End = N/A Press ENTER to Confirm or ESC to Cancel: Menu 15.1.1.3 - - Rule 3 Type: One-to-One Local IP: Start= 192.168.1.
Prestige 2602HWL-D3A Support Notes Press ENTER to Confirm or ESC to Cancel: Prestige supports multiple type of NAT mapping rules SUA One to One Many to One Many to Many overload Many One to One Server The following table summarizes these types. NAT Type IP Mapping One-to-One ILA1<--->IGA1 Many-to-One ILA1<--->IGA1 ILA2<--->IGA1 (SUA/PAT) Many-to-Many Overload ...
Prestige 2602HWL-D3A Support Notes ... Server (SUA) Server 1 IP<--->IGA1 Server 2 IP<--->IGA1 About Filter & Filter Examples How does ZyXEL filter work? Filter Structure The Prestige allows you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system. You can apply up to four filter sets to a particular port to block multiple types of packets.
Prestige 2602HWL-D3A Support Notes Filter Types and SUA Conceptually, there are two categories of filter rules: device and protocol. The Generic filter rules belong to the device category; they act on the raw data from/to LAN and WAN. The IP and IPX filter rules belong to the protocol category; they act on the IP and IPX packets. 42 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes In order to allow users to specify the local network IP address and port number in the filter rules with SUA connections, the TCP/IP filter function has to be executed before SUA for WAN outgoing packets and after the SUA for WAN incoming IP packets. But at the same time, the Generic filter rules must be applied at the point when the Prestige is receiving and sending the packets; i.e. the ISDN interface. So, the execution sequence has to be changed.
Prestige 2602HWL-D3A Support Notes same error if you try to activate a Generic filter rule in a filter set that has already had one or more active TCP/IP (or IPX) filter rules. Menu 21.1.1: Menu 21.1.1 - Generic Filter Rule Filter #: 1,1 Filter Type= Generic Filter Rule Active= Yes Offset= 0 Length= 0 Mask= N/A Value= N/A More= No Log= None Action Matched= Check Next Rule Action Not Matched= Check Next Rule Menu 21.1.2: Menu 21.1.
Prestige 2602HWL-D3A Support Notes More= No Log= None Action Matched= Check Next Rule Action Not Matched= Check Next Rule Press ENTER to Confirm or ESC to Cancel: Saving to ROM. Please wait... Protocol and device rule cannot be active together To separate the device and protocol filter categories; two new menus, Menu 11.5 and Menu 13.1, have been added, as well as some changes made to the Menu 3.1, Menu 11.1, and Menu 13. The new fields are shown below. Menu 3.1: Menu 3.
Prestige 2602HWL-D3A Support Notes Outgoing: Session Options: My Login= testt Edit Filter Sets= Yes My Password= ***** Authen= CHAP/PAP Press ENTER to Confirm or ESC to Cancel: Menu 11.5: Menu 11.5 - Remote Node Filter Input Filter Sets: protocol filters= device filters= Output Filter Sets: protocol filters= device filters= SMT will also prevent you from entering a protocol filter set configured in Menu 21 to the device filters field in Menu 3.1, 11.
Prestige 2602HWL-D3A Support Notes 1. The outbound packet type (protocol & port number) 2. The source IP address Generally, the outbound packets for Web service could be as following: a. HTTP packet, TCP (06) protocol with port number 80 b. DNS packet, TCP (06) protocol with port number 53 or c. DNS packet, UDP (17) protocol with port number 53 For all workstation on the LAN, the source IP address will be 0.0.0.0. Otherwise, you have to enter an IP Address for the workstation you want to block.
Prestige 2602HWL-D3A Support Notes 2. Rule one for (a). http packet, TCP(06)/Port number 80 Menu 21.1.1 - TCP/IP Filter Rule Filter #: 1,1 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 6 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 80 Port # Comp= Equal Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= Port # Comp= None TCP Estab= No More= No Log= None Action Matched= Drop Action Not Matched= Check Next Rule Press ENTER to Confirm or ESC to Cancel: 3.
Prestige 2602HWL-D3A Support Notes Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= Port # Comp= None TCP Estab= No More= No Log= None Action Matched= Drop Action Not Matched= Check Next Rule Press ENTER to Confirm or ESC to Cancel: 4. Rule 3 for (c). DNS packet UDP(17)/Port number 53 Menu 21.1.2 - TCP/IP Filter Rule Filter #: 1,2 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 17 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.
Prestige 2602HWL-D3A Support Notes Menu 21.1 - Filter Rules Summary # A Type Filter Rules M m n - - ---- -------------------------------------- - - 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=80 N D N 2 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=53 N D N 3 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0,DP=53 N D F 6. Apply the filter set to the 'Output Protocol Filter Set' in the remote node setup. A filter for blocking a specific client Configuration 1. Create a filter set in Menu 21, e.g.
Prestige 2602HWL-D3A Support Notes 2. One rule for blocking all packets from this client Menu 21.1.1 - TCP/IP Filter Rule Filter #: 1,1 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 0 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= Port # Comp= None Source: IP Addr= 192.168.1.5 IP Mask= 255.255.255.
Prestige 2602HWL-D3A Support Notes This configuration example shows you how to use a Generic Filter to block a specific MAC address of the LAN. Before you Begin Before you configure the filter, you need to know the MAC address of the client first. The MAC address can be provided by the NICs. If there is the LAN packet passing through the Prestige you can identify the uninteresting MAC address from the Prestige's LAN packet trace.
Prestige 2602HWL-D3A Support Notes + Internet Protocol - Version (MSB 4 bits): 4 - Header length (LSB 4 bits): 5 - Service type: Precd=Routine, Delay=Normal, Thrput=Normal, Reli=Normal - Total length: 60 (Octets) - Fragment ID: 60172 - Flags: May be fragmented, Last fragment, Offset=0 (0x00) - Time to live: 32 seconds/hops - IP protocol type: ICMP (0x01) - Checksum: 0xE3EA - IP address 202.132.155.93 (Source IP address) ----> 202.132.155.
Prestige 2602HWL-D3A Support Notes Menu 21.1.
Prestige 2602HWL-D3A Support Notes Action Matched= Enter the action you want if the masked packet matches the 'Value'. In this case, we will drop it. Action Not Matched= Enter the action you want if the masked packet does not match the 'Value'. In this case, we will forward it. If you want to configure more rules please select 'Check Next Rule' to start configuring the next new rule. However, please note that the 'Filter Type' must be also 'Generic Filter Rule' but not others.
Prestige 2602HWL-D3A Support Notes A filter for blocking the NetBIOS packets Introduction The NETBIOS protocol is used to share a Microsoft comupter of a workgroup. For the security concern, the NetBIOS connection to a outside host is blocked by Prestige router as factory defaults. Users can remove the filter sets applied to menu 3.1 and menu 4.1 for activating the NetBIOS services. The details of the filter settings are described as follows.
Prestige 2602HWL-D3A Support Notes Set # ------ Comments ----------------- Set # Comments ------ ----------------- 1 NetBIOS_WAN 7 _______________ 2 NetBIOS_LAN 8 _______________ 3 _______________ 9 _______________ 4 _______________ 10 _______________ 5 _______________ 11 _______________ 6 _______________ 12 _______________ Enter Filter Set Number to Configure= 1 Edit Comments= Press ENTER to Confirm or ESC to Cancel: Configure the first filter set 'NetBIOS_WAN' by selecting
Prestige 2602HWL-D3A Support Notes Rule 2-Destination port number 137 with protocol number 17 (UDP) Menu 21.1.2 - TCP/IP Filter Rule Filter #: 1,2 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 17 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 137 Port # Comp= Equal Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.
Prestige 2602HWL-D3A Support Notes IP Protocol= 6 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 138 Port # Comp= Equal Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 0 Port # Comp= None TCP Estab= No More= No Log= None Action Matched= Drop Action Not Matched= Check Next Rule Press ENTER to Confirm or ESC to Cancel: Rule 4-Destination port number 138 with protocol number 17 (UDP) Menu 21.1.
Prestige 2602HWL-D3A Support Notes Action Matched= Drop Action Not Matched= Check Next Rule Press ENTER to Confirm or ESC to Cancel: Rule 5-Destination port number 139 with protocol number 6 (TCP) Menu 21.1.5 - TCP/IP Filter Rule Filter #: 1,5 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 6 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 139 Port # Comp= Equal Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.
Prestige 2602HWL-D3A Support Notes Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 17 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 139 Port # Comp= Equal Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 0 Port # Comp= None TCP Estab= N/A More= No Log= None Action Matched= Drop Action Not Matched= Forward Press ENTER to Confirm or ESC to Cancel: After the first filter set is finished, you will get the complete rules summary as below. Menu 21.
Prestige 2602HWL-D3A Support Notes Apply the first filter set 'NetBIOS_WAN' to the 'Output Protocol Filter' in the remote node setup. Configure the second filter set 'NetBIOS_LAN' by selecting the Filter Set number 2. Rule 1-Source port number 137, Destination port number 53 with protocol number 6 (TCP) Menu 21.2.1 - TCP/IP Filter Rule Filter #: 2,1 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 6 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.
Prestige 2602HWL-D3A Support Notes IP Protocol= 17 IP Source Route= No Destination: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 53 Port # Comp= Equal Source: IP Addr= 0.0.0.0 IP Mask= 0.0.0.0 Port #= 137 Port # Comp= Equal TCP Estab= N/A More= No Log= None Action Matched= Drop Action Not Matched= Forward Press ENTER to Confirm or ESC to Cancel: 1. After the first filter set is finished, you will get the complete rules summary as below. Menu 21.
Prestige 2602HWL-D3A Support Notes protocol filters= 2 device filters= Output Filter Sets: protocol filters= device filters= Using the Dynamic DNS (DDNS) 1. What is DDNS? The DDNS service, an IP Registry provides a public central database where information such as email addresses, hostnames, IPs etc. can be stored and retrieved. This solves the problems if your DNS server uses an IP associated with dynamic IPs.
Prestige 2602HWL-D3A Support Notes Menu 1 - General Setup System Name= Prestige Location= Contact Person's Name= Domain Name= Edit Dynamic DNS= Yes Route IP= Yes Bridge= No Menu 1.1 - Configure Dynamic DNS Service Provider= WWW.DynDNS.ORG Active= Yes Host=[the local server's host name] EMAIL= USER= Password= ******** Enable Wildcard= No Key Settings for using DDNS function: Option Description Service Provider Enter the DDNS server WWW.DYNDNS.ORG. Active Toggle to 'Yes'.
Prestige 2602HWL-D3A Support Notes Password Enter the password that the DDNS server gives to you. Enable Wildcard Enter the hostname for the wildcard function that the WWW.DYNDNS.ORG supports. Note that Wildcard option is available only when the provider is WWW.DYNDNS.ORG. Network Management Using SNMP 1. SNMP Overview The Simple Network Management Protocol (SNMP) is an applications-layer protocol used to exchange the management information between network devices (e.g., routers).
Prestige 2602HWL-D3A Support Notes The current Internet-standard MIB, MIB-II, is defined in RFC 1213 and contains 171 objects. These objects are grouped by protocol (including TCP, IP, UDP, SNMP, and other categories, including 'system' and 'interface.' The Internet Management Model is as shown in figure 1. Interactions between the NMS and managed devices can be any of four different types of commands: 6.
Prestige 2602HWL-D3A Support Notes 2. SNMPv1 Operations SNMP itself is a simple request/response protocol. 4 SNMPv1 operations are defined as below. Get Allows the NMS to retrieve an object variable from the agent. GetNext Allows the NMS to retrieve the next object variable from a table or list within an agent. In SNMPv1, when a NMS wants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext operations.
Prestige 2602HWL-D3A Support Notes so on) and the object values involved in the operation. The following figure shows the SNMPv1 message format. The SNMP PDU contains the following fields: PDU type Specifies the type of PDU. Request ID Associates requests with responses. Error status Indicates an error and an error type. Error index Associates the error with a particular object variable. Variable-bindings Associates particular object with their value. 3.
Prestige 2602HWL-D3A Support Notes warmStart (defined in RFC-1215) : If the machine warmstarts, the trap will be sent after booting. linkDown (defined in RFC-1215) : If any link of IDSL or WAN is down, the trap will be sent with the port number . The port number is its interface index under the interface group. linkUp (defined in RFC-1215) : If any link of IDSL or WAN is up, the trap will be sent with the port number . The port number is its interface index under the interface group.
Prestige 2602HWL-D3A Support Notes 4. Configure the Prestige for SNMP The SNMP related settings in Prestige are configured in menu 22, SNMP Configuration. The following steps describe a simple setup procedure for configuring all SNMP settings. Menu 22 - SNMP Configuration SNMP: Get Community= public Set Community= public Trusted Host= 192.168.1.33 71 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Trap: Community= public Destination= 192.168.1.33 Press ENTER to Confirm or ESC to Cancel: Key Settings: Option Descriptions Get Community Enter the correct Get Community. This Get Community must match the 'Get-' and 'GetNext' community requested from the NMS. The default is 'public'. Set Community Enter the correct Set Community. This Set Community must match the 'Set-community requested from the NMS. The default is 'public'. Enter the IP address of the NMS.
Prestige 2602HWL-D3A Support Notes Configuration: 1. Active, use the space bar to turn on the syslog option. 2. Syslog IP Address, enter the IP address of the UNIX server that you wish to send the syslog. 3. Log Facility, use the space bar to toggle between the 7 different local options. UNIX Setup 1. Make sure that your syslogd starts with -r argument. -r, this option will enable the facility to receive message from the network using an Internet domain socket with the syslog services.
Prestige 2602HWL-D3A Support Notes L02 Call Terminated C02 Call Terminated Example: Feb 14 16:57:17 192.168.1.1 ZyXEL Communications Corp.: board 0 line 0 channel 0, call 18, C01 Incoming Call OK Feb 14 17:07:18 192.168.1.1 ZyXEL Communications Corp.
Prestige 2602HWL-D3A Support Notes prot: Protocol (TCP,UDP,ICMP) spo: Source port dpo: Destination port Example: Jul 19 14:44:09 192.168.1.1 ZyXEL Communications Corp.: IP[Src=202.132.154.1 Dst=192.168.1.33 UDP spo=0035 dpo=05d4]}S03>R01mF Jul 19 14:44:13 192.168.1.1 ZyXEL Communications Corp.: IP[Src=192.168.1.33 Dst=202.132.154.
Prestige 2602HWL-D3A Support Notes Using IP Alias What is IP Alias ? In a typical environment, a LAN router is required to connect two local networks. The Prestige can connect three local networks to the ISP or a remote node, we call this function as 'IP Alias'. In this case, an internal router is not required. For example, the network manager can divide the local network into three networks and connect them to the Internet using Prestige's single user account. See the figure below.
Prestige 2602HWL-D3A Support Notes Two new protocol filter interfaces in menu 3.2.1 allow you to accept or deny LAN packets from/to the IP alias 1 and IP alias 2 go through the Prestige. The filter set in menu 3.1 is used for main network configured in menu 3.2. IP Alias Setup 1. Edit the first network in menu 3.2 by configuring the Prestige's first LAN IP address. Menu 3.2 - TCP/IP and DHCP Setup DHCP Setup DHCP= Server Client IP Pool Starting Address= 192.168.1.
Prestige 2602HWL-D3A Support Notes Edit IP Alias Toggle to 'Yes' to enter menu 3.2.1 for setting up the second and third networks. 2. Edit the second and third networks in menu 3.2.1 by configuring the Prestige's second and third LAN IP addresses. Menu 3.2.1 - IP Alias Setup IP Alias 1= Yes IP Address= 192.168.2.1 IP Subnet Mask= 255.255.255.0 RIP Direction= None Version= RIP-1 Incoming protocol filters= Outgoing protocol filters= IP Alias 2= Yes IP Address= 192.168.3.1 IP Subnet Mask= 255.255.255.
Prestige 2602HWL-D3A Support Notes Call scheduling enables the mechanisim for the Prestige to run the remote node connection according to the pre-defined schedule.This feature is just like the scheduler ina video recorder which records the program according to the specified time. Users can apply at most 4 schedule sets in Menu 11 ( Remote Node Setup), and configure each schedule in Menu 26(Schedule Setup).
Prestige 2602HWL-D3A Support Notes 4 _______________ 10 _______________ 5 _______________ 11 _______________ 6 _______________ 12 _______________ Enter Schedule Set Number to Configure= 1 Edit Name= ZyXEL Press ENTER to Confirm or ESC to Cancel: 3. The Menu 26.1 Schedule Set Setup is as follows: Menu 26.
Prestige 2602HWL-D3A Support Notes Start Date Start date of this schedule rule. It can be unmatched with weekday setting. For example, if Start Date is 2004/10/02(Monday), but Monday setting in weekday can be No. How Often If once is selected, all weekday settings will ne marked as N/A. After the rule is completely, it will be deleted automatically. Forced On The node will always keep up during the setting period. It is equivalent to diable the idel timeout.
Prestige 2602HWL-D3A Support Notes Session Options: Edit Filter Sets= No Idle Timeout(sec)= 100 Edit Traffic Redirect= No Press ENTER to Confirm or ESC to Cancel: Time Service in Prestige There is no RTC (Real-Time Clock) chip so the Prestige should launch a mechanism to get current time and date from external server in boot time. Time service is implemented by the Daytime protocol(RFC-867), Time protocol(RFC-868), and NTP protocol(RFC-1305).
Prestige 2602HWL-D3A Support Notes Press ENTER to Confirm or ESC to Cancel: Using IP Multicast What is IP Multicast ? Traditionally, IP packets are transmitted in two ways - unicast or broadcast. Multicast is a third way to deliver IP packets to a group of hosts. Host groups are identified by class D IP addresses, i.e., those with "1110" as their higher-order bits. In dotted decimal notation, host group addresses range from 224.0.0.0 to 239.255.255.255. Among them, 224.0.0.
Prestige 2602HWL-D3A Support Notes IP Subnet Mask= 255.255.255.0 RIP Direction= Both Version= RIP-2B Multicast= IGMP-v2 IP Policies= Edit IP Alias= No Press ENTER to Confirm or ESC to Cancel: Enable IGMP in Prestige's remote node in menu 11.3: Menu 11.3 - Remote Node Network Layer Options IP Options: Bridge Options: IP Address Assignment = Dynamic Ethernet Addr Timeout(min)= N/A Rem IP Addr = 0.0.0.0 Rem Subnet Mask= 0.0.0.
Prestige 2602HWL-D3A Support Notes Using Prestige traffic redirect What is Traffic Redirect ? Traffic redirect forwards WAN traffic to a backup gateway when Prestige cannot connect to the Internet through it's normal gateway. Thus make your backup gateway as an auxiliary backup of your WAN connection. Once Prestige detects it's WAN connectivity is broken, Prestige will try to forward outgoing traffic to backup gateway that users specify in traffic redirect configuration menu.
Prestige 2602HWL-D3A Support Notes Check Mechanism = DSL Link Check WAN IP Address1 = 0.0.0.0 Check WAN IP Address2 = 0.0.0.0 Check WAN IP Address3 = 0.0.0.0 KeepAlive Fail Tolerance = 5 Recovery Interval(sec) = 60 ICMP Timeout(sec) = 0 Traffic Redirect = Yes Key Settings: Label Description Backup Select the method that the Prestige uses to check the DSL connection. Type Select DSL Link to have the Prestige check if the connection to the DSLAM is up.
Prestige 2602HWL-D3A Support Notes Label Description Redirect Active Select this check box to have the Prestige use traffic redirect if the normal WAN connection goes down. If you activate traffic redirect, you must configure at least one Check WAN IP Address. Metric This field sets this route's priority among the routes the Prestige uses. The metric represents the "cost of transmission". A router determines the best route for transmission by choosing a path with the lowest "cost".
Prestige 2602HWL-D3A Support Notes Devices: Network devices, such as networking gateways, TV, refrigerators, printers...etc, which provides services. Services: Services are provided by devices, such as time services provided by alarm clocks. In UPnP, services are described in XML format. Control points can set/get services information from devices.
Prestige 2602HWL-D3A Support Notes Eventing: Devices can send event message to notify control points if there is any update on services provided. Presentation: Each device can provide their own control interface by URL link. So that users can go to the device's presentation web page by the URL to control this device. 2. Using UPnP in ZyXEL devices In this example, we will introduce how to enable UPnP function in ZyXEL devices.
Prestige 2602HWL-D3A Support Notes Go to Advanced->UPnP, check two boxes, Active UPnP feature and Allow users to make configuration changes through UPnP. The first check box enables UPnP function in this device. The second check box allows users' application to change configuration in this device. For instance, if you enable this item, then user's MSN application can assign dynamic port mapping to the router. So that network administrator don't need to setup SUA port mapping in the router. 2.
Prestige 2602HWL-D3A Support Notes 3. Start a Video conversation with one online user. 4. On the opposite side, your partner selects Accept to accept your conversation request. 91 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes 5. Finally, your video conversation is achieved. 92 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Wireless Application Notes Infrastructure mode What is Infrastructure mode? Infrastructure mode, sometimes referred to as Access Point mode, is an operating mode of an 802.11b/Wi-Fi client unit. In infrastructure mode, the client unit can associate with an 802.11b/Wi-Fi Access Point and communicate with other clients in infrastructure mode through that access point. 93 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Configuration Prestige Wireless using SMT. To configure Infrastructure mode of your Prestige wireless VoIP IAD please follow the steps below. 1. From the SMT main menu, enter 3 to display Menu 3 – LAN Setup. 2. Enter 5 to display Menu 3.5 – Wireless LAN Setup. Menu 3.5- Wireless LAN Setup ESSID= Wireless Hide ESSID= No Channel ID= CH07 2442MHz RTS Threshold= 2432 Frag.
Prestige 2602HWL-D3A Support Notes Edit MAC Address Filter= No Press ENTER to Confirm or ESC to Cancel: 3. Configure ESSID, Channel ID, WEP, Default Key and Keys as yo desire. Configuration Wireless Access Point to Infrastructure mode using Web configurator. To configure Infrastructure mode of your Prestige wireless VoIP IAD please follow the steps below. 1. From the web configurator main menu, click Network->wireless LAN to display –Wireless LAN. 3.
Prestige 2602HWL-D3A Support Notes Configuration Wireless Station to Infrastructure mode To configure Infrastructure mode on your ZyAIR B-100/B-200/B-300 wireless NIC card please follow the following steps. 1. Double click on the utility icon in your windows task bar the utility will pop up on your windows screen. 2. Select configuration tab. 3.
Prestige 2602HWL-D3A Support Notes 5. Double click on the AP you want to associated with. 97 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes 6. After the client have associated with the selected AP. The linked AP's channel, current linkup rate, SSID, link quality, and signal strength will show on the Link Info page. You now successfully associate with the selected AP with Infrastructure Mode. Wireless MAC address filtering MAC Filter Overview Users can use MAC Filter as a method to restrict unauthorized stations from accessing the APs.
Prestige 2602HWL-D3A Support Notes not knowing what your MAC address is, please enter a command "ipconfig /all" after DOS prompt to get the MAC (physical) address of your wireless client. If you use SMT management, the MAC Address Filter configuration are as shown below. Enter the MAC Addresses of wireless cards in the filter set to allow or deny association from these cards. Menu 3.5.
Prestige 2602HWL-D3A Support Notes MAC Address This field specifies those MAC Addresses that you want to add in the list. If you use WEB configuration, the MAC Address Filter configuration are as shown below. 1. Using a web browser, login AP by giving the LAN IP address of AP in URL field. Default LAN IP is 192.168.1.1, default password to login web configurator is 1234. 2. Click Network, and click Wireless LAN tab on the left. 3. 4. 5. 6.
Prestige 2602HWL-D3A Support Notes WEP configuration (Wired Equivalent Privacy) Introduction The 802.11 standard describes the communication that occurs in wireless LANs. The Wired Equivalent Privacy (WEP) algorithm is used to protect wireless communication from eavesdropping, because wireless transmissions are easier to intercept than transmissions over wired networks, and wireless is a shared medium, everything that is transmitted or received over a wireless network can be intercepted.
Prestige 2602HWL-D3A Support Notes Setting up the Access Point Most access points and clients have the ability to hold up to 4 WEP keys simultaneously. You need to specify one of the 4 keys as default Key for data encryption.
Prestige 2602HWL-D3A Support Notes You can set up the Access Point by SMT or Web configurator Setting up the Access Point from SMT Menu 3.5 B1000 hold up to 4 WEP Keys. You have to specify one of the 4 keys as default Key which be used to encrypt wireless data transmission. For example, 3.5- Wireless LAN Setup ESSID= Wireless Hide ESSID= No Channel ID= CH07 2442MHz RTS Threshold= 2432 Frag.
Prestige 2602HWL-D3A Support Notes Key3= 0x3456789ABC Key4= 0x456789ABCD 128-bit WEP with 13 characters 128-bit WEP with 26 hexadecimal digits ('0-9', 'A-F') Key1= 2e3f4w345ytre Key2= 5y7jse8r4i038 Key3= 24fg70okx3fr7 Key4= 98jui2wss35u4 Key1= 0x112233445566778899AABBCDEF Key2= 0x2233445566778899AABBCCDDEE Key3= 0x3344556677889900AABBCCDDFF Key4= 0x44556677889900AABBCCDDEEFF Select one of the WEP key as default Key to encrypt wireless data transmission.
Prestige 2602HWL-D3A Support Notes Key settings Enter exactly 5, 13 or 29 characters to match the security strength 40/64bit, 128-bit, 256-nit respectively. Setting up the Station 1. Double click on the utility icon in your windows task bar or right click the utility icon then select 'Show Config Utility'. The utility will pop up on your windows screen. 105 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Note: If the utility icon doesn't exist in your task bar, click Start -> Programs -> IEEE802.11b WLAN Card -> IEEE802.11b WLAN Card. 2. Select the 'Encryption' tab. Select encryption type corresponds with access point. Set up 4 Keys which correspond with the WEP Keys of access point. And select on WEP key as default key to encrypt wireless data transmission. 106 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes 107 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Key settings The WEP Encryption type of station has to equal to the access point. Check 'ASCII' field for characters WEP key or uncheck 'ASCII' field for Hexadecimal digits WEP key. Hexadecimal digits don't need to preceded by '0x'. For example, 64-bits with characters WEP key : Key1= 2e3f4 Key2= 5y7js Key3= 24fg7 Key4= 98jui 64-bits with hexadecimal digits WEP key : Key1= 123456789A Key2= 23456789AB Key3= 3456789ABC Key4= 456789ABCD Configuring 802.1x IEEE 802.
Prestige 2602HWL-D3A Support Notes IEEE 802.1x authentication is a client-server architecture delivered with EAPOL (Extensible Authentication Protocol over LAN). The authentication server authenticates each client connected to a Access Point (For Wireless LAN) or switch port (for Ethernet) before accessing any services offered by the Wireless AP. 802.1x contains tree major components : 1. Authenticator : The device (i.e.
Prestige 2602HWL-D3A Support Notes The device (i.e. RADIUS server) provides an authentication service to an authenticator. This service determines, from the credentials provided by the supplicant, whether the supplicant is authorized to access the services provided by the authenticator. The authentication server performs the actual authentication of the client. It validates the identity of the supplicant.
Prestige 2602HWL-D3A Support Notes 1. Force Authorized : Disables 802.1x and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.1x-based authentication of the client. This is the default port control setting. While AP is setup as Force Authorized, Wireless client (supported 802.1x client or none-802.1x client) can always access the network. 2.
Prestige 2602HWL-D3A Support Notes The EAP protocol can support multiple authentication mechanisms, such as MD5-challenge, One-Time Passwords, Generic Token Card, TLS and TTLS etc. Typically, the authenticator will send an initial Identity Request followed by one or more Requests for authentication information. When supplicant receive the EAP request, it will reply associated EAP response.
Prestige 2602HWL-D3A Support Notes The EAPOL packet contains the following fields: protocol version, packet type, packet body length and packet body. Most of the fields are obvious. The packet type can have four different values, and these values are described below: 113 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes EAP-Packet : Both the supplicant and the authenticator send this packet when authentication is taking place. This is the packet that contains either the MD5-Challenge or TLS information required for authentication. EAPOL-Start : This supplicant sends this packet when it wants to initiate the authentication process. EAPOL-Logoff : The supplicant sends this packet when it wants to terminate its 802.1x session.
Prestige 2602HWL-D3A Support Notes Menu 23.4 - System Security - IEEE802.1x Wireless Port Control= No Authentication Required ReAuthentication Timer (in second)= N/A Idle Timeout (in second)= N/A Key Management Protocol= N/A Dynamic WEP Key Exchange= N/A PSK= N/A WPA Mixed Mode= N/A Data Privacy for Broadcast/Multicast packets= N/A WPA Broadcast/Multicast Key Update Timer= N/A Authentication Databases= N/A Press ENTER to Confirm or ESC to Cancel: If you use WEB Configuration, 1.
Prestige 2602HWL-D3A Support Notes Using Internal Authentication Server ZyXEL Wireless Access Point has an internal authentication server for authenticating the wireless 802.1x client users. It builds total 32-users database and allows up to 32 authorized users to login to the Wireless AP simultaneously. When you use internal authentication server, ZyXEL wireless AP is acted as Authenticator and Authentication Server. By storing wireless 802.
Prestige 2602HWL-D3A Support Notes 2. ________ 3. ________ 4. ________ 5. ________ 6. ________ 7. ________ 8. ________ 10. ________ 11. ________ 12. ________ 13. ________ 14. ________ 15. ________ 16. ________ 18. ________ 19. ________ 20. ________ 21. ________ 22. ________ 23. ________ 24. ________ 26. ________ 27. ________ 28. ________ 29. ________ 30. ________ 31. ________ 32. ________ Enter Menu Selection Number: 2. Type a number and press [Enter] to edit the wireless 802.
Prestige 2602HWL-D3A Support Notes Using External RADIUS Authentication Server In addition to the internal authentication server inside ZyXEL AP, you can use external RADIUS authentication server to centrally manage the user account profile. RADIUS is based on a client-server model that supports authentication, authorization and accounting. The wireless AP is the client and the server is the RADIUS server.
Prestige 2602HWL-D3A Support Notes between the supplicant and the authentication server until authentication succeeds or fails. If the authentication succeeds, the switch port becomes authorized. The specific exchange of EAP frames depends on the authentication method being used. The figure below shows a message exchange initiated by the client using the MD5 Challenge authentication method with a RADIUS server. 1. From the SMT main menu, enter Menu 23.
Prestige 2602HWL-D3A Support Notes Shared Secret= ***** Accounting Server: Active= Yes Server Address= 192.168.1.100 Port #= 1813 Shared Secret= ****** Press ENTER to Confirm or ESC to Cancel: Key settings for authentication server: Option Descriptions User Name Enter a username up to 31 alphanumeric characters long. Active Press [SPACE BAR] to select Yes and press [Enter] to enable 802.1x user authentication through an external RADIUS authentication server.
Prestige 2602HWL-D3A Support Notes Site Survey Introduction What is Site Survey? An RF site survey is a MAP to RF contour of RF coverage in a particular facility. With wireless system it is very difficult to predict the propagation of radio waves and detect the presence of interfering signals. Walls, doors, elevator shafts, and other obstacles offer different degree of attenuation. This will cause the RF coverage pattern be irregular and hard to predict.
Prestige 2602HWL-D3A Support Notes 3. Identify user's area, when doing so ask a question where is wireless coverage needed and where does not, and note and take note on the diagram this is information is needed to determine the number of AP required. 4. Determine the preliminary access point location on the facility diagram base on the service area needed, obstacles, power wall jack considerations. Survey on Site 1. With the diagram with all information you gathered in the preparation phase.
Prestige 2602HWL-D3A Support Notes 5. When you reach the farthest point of connection mark the spot. Now you move the access point to this new spot as have already determine the farthest point of the access point installation spot if wireless service is required from corner of the room. 6. Repeat step 1~5 and now you should be able to mark an RF coverage area as illustrated in above picutre. 7.
Prestige 2602HWL-D3A Support Notes Note: If there are more than one access point is needed be sure to make the adjacent access point service area over lap one another. So the wireless station are able to roam. For more information please refer to roaming at PSTN Lifeline Application Notes Usage of PSTN Lifeline By using the PSTN lifeline function, you can make and receive regular PSTN phone calls in coexistence with VoIP service on the same set of phone.
Prestige 2602HWL-D3A Support Notes Furthermore, when the P2602HWL – D3A experience power loss such as in case of earthquake and other natural hazard that cause power loss, it will automatically switch to PSTN line and you can dial a regular phone number without dialing a prefix number. This can be applied on the emergency situation such as for contacting police, fire or emergency medical services when is powerless situation.
Prestige 2602HWL-D3A Support Notes Relay to PSTN The Relay to PSTN field can be found under PSTN configuration WEB GUI in Relay to PSTN section. This field is used to specify phone numbers to which the Prestige will always send calls through the regular PSTN phone service without pushing prefix. In other words, numbers which specify on this field do not need to dial prefix number to be dialed out.
Prestige 2602HWL-D3A Support Notes 1. The P2602HWL-D3A includes a DSL cable and a RJ-11 cable. Connect the DSL cable to the DSL port and connect RJ-11 to Lifeline port. 2. Connect the RJ11 to the splitter phone jack or a telephone wall jack 3. Connect the DSL cable to the splitter modem jack or ADSL line 4. Connect the splitter jack where it label Line to ADSL line from the ISP. Figure 2 Splitterless type 1. 2. 3. 4. 5. The P2602HWL-D3A includes a DSL cable and a RJ-11 cable.
Prestige 2602HWL-D3A Support Notes Setup SIP Account VoIP is the sending of voice signals over the Internet Protocol. This allows you to make phone calls and send faxes over the Internet at a fraction of the cost of using the traditional circuit-switched telephone network. The Session Initiation Protocol (SIP) is an application-layer control (signaling) protocol that handles the setting up, altering and tearing down of voice and multimedia sessions over the Internet.
Prestige 2602HWL-D3A Support Notes Step 1. Open the web browser from your workstation to connect to the Prestige by entering the Management IP address of the Prestige (LAN IP address). The default management IP of Prestige is 192.168.1.1. Step 2. Enter the administrator password appear on the page of login and click on login. The default is '1234' Step 3. On the left column click on VoIP to bring you to VoIP configuration menu than click on SIP.
Prestige 2602HWL-D3A Support Notes Address SIP Server Enter the SIP server’s listening port for SIP in this field. Leave this field set to the default if your VoIP service provider did not give you a local port number Port for SIP. REGISTER Server Address A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your user name and password when you register. Enter the SIP register server’s address in this field.
Prestige 2602HWL-D3A Support Notes Phone port settings Prestige allows you to configure the volume and echo cancellation setting for each individual phone port. To configure the phone port setting, please follow the below step. Step 1. Open the web browser from your workstation to connect to the Prestige by entering the Management IP address of the Prestige. The default management IP of Prestige is 192.168.1.1. Step 2. Enter the administrator password appear on the page of login and click on login.
Prestige 2602HWL-D3A Support Notes Label Description Speaking Volume Use this field to set the loudness that the Prestige uses for the speech signal that it sends to the peer device. -1 is the quietest and 1 is the loudest. Listening Volume Use this field to set the loudness that the Prestige uses for the speech signal that it receives from the peer device and sends to your phone. -1 is the quietest and 1 is the loudest. G.
Prestige 2602HWL-D3A Support Notes Each field's detail description of the page is listed below. Label Description SIP Account This read-only field displays the number of the SIP account that you are configuring. The changes that you save in this page affect the Prestige’s settings with the SIP account displayed here.. 133 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes URL Type Select SIP to have the Prestige include the domain name with the SIP number in the SIP messages that it sends. Select TEL to have the Prestige use the SIP number without a domain name in the SIP messages that it sends. Expiration Duration This field sets how long an entry remains registered with the SIP register server. After this time period expires, the SIP register server deletes the Prestige’s entry from the database of registered SIP numbers.
Prestige 2602HWL-D3A Support Notes Select RFC 2833 to send the DTMF tones in RTP packets. Select PCM (Pulse Code Modulation) to include the DTMF tones in the voice data stream. This method works best when you are using a codec that does not use compression (like G.711). Codecs that use compression (like G.729) could distort the tones. Select SIP INFO to send the DTMF tones in SIP messages.
Prestige 2602HWL-D3A Support Notes To configure phone book for speed dial please follow the below step. Step 1. Open the web browser from your workstation to connect to the Prestige by entering the Management IP address of the Prestige. The default management IP of Prestige is 192.168.1.1. Step 2. Enter the administrator password appear on the page of login and click on login. The default is '1234' Step 3.
Prestige 2602HWL-D3A Support Notes Label Description Speed Dial Select a speed dial key combination from the drop-down list box. SIP Number Enter the SIP number of the party that you will call (use the number or text that comes before the @ symbol in a full SIP URI). You can use up to 127 ASCII characters. Name Enter a descriptive name to identify the party that you will use this entry to call. You can use up to 127 ASCII characters.
Prestige 2602HWL-D3A Support Notes Voice – Common Settings Click VoIP -> Phone -> Common to display the following screen. Use this screen to configure Immediate Dial Click VoIP -> Phone -> Region to display the following screen. Use this screen to configure VoIP Common Settings. Label Description Region Settings Use the drop-down list box to select the country where your Prestige is located.
Prestige 2602HWL-D3A Support Notes phones). Use this field to set how the Prestige handles supplementary phone services (call hold, call waiting, call transfer and three-way conference calls). Select the mode that your voice service provider supports. Select Europe Type to use the supplementary phone services in European mode. Call Service Mode Select USA Type to use the supplementary phone services American mode. See your User's Guide for supplementary phone service details.
Prestige 2602HWL-D3A Support Notes Each field's detail description of the page is listed below. Label Description SIP TOS Priority Type a priority for voice transmissions. The Prestige applies Type of Service priority tags with this priority to voice traffic that it transmits. RTP TOS Priority Type a priority for voice transmissions. The Prestige applies Type of Service priority tags with this priority to RTP traffic that it transmits.
Prestige 2602HWL-D3A Support Notes Unconditional Forward to Number Enable this feature to have the Prestige forward incoming calls to the number that you configure. Busy Forward to Number Enable this feature to have the Prestige forward incoming calls to the number that you configure when your SIP account has a call connected.
Prestige 2602HWL-D3A Support Notes Label Description Table Number Select which call forwarding table you want to configure. You can configure a different call forwarding table for each SIP account or use the same call forwarding table for both. The following applies to the number fields in this screen. For a SIP number, use the number or text that comes before the @ symbol in a full SIP URI.
Prestige 2602HWL-D3A Support Notes Number specify here. Condition Select under what circumstances you want the Prestige to use this call forwarding entry. Select Unconditional to have the Prestige immediately forward any calls from the number specified in the Incoming Call Number field to the number in the Forward to Number field.
Prestige 2602HWL-D3A Support Notes telephone number. If there is a second call to your telephone number, you will hear a call waiting tone. Scenario A calls B and start conversation C calls A In this scenario, there are 3 kinds of action available: The call flow graphs below might help you better understand the call waiting working mechanism. Scenario 1: If A presses flash key + 0, A will reject C. 144 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Scenario 2: If A presses flash key + 1, A will disconnect B and answer C. Scenario 3: If A presses flash key + 2, A will put B on hold and answer C. 145 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Three Way Conference setup Three Way Conference function makes it possible to set up a conference call with three subscribers all able to participate at the same time. To configure Three Way Conference, please follow the steps below: Step 1. A is on the phone talking with C, A press the flash key to put the caller on hold and get a dial tone. Step 2. Dial B phone number directly to make another call. Step 3.
Prestige 2602HWL-D3A Support Notes Call Transfer setup This feature allows transfer an incoming call (that you have answered) to another phone. Note: The primary call between user A and user B must be answered before transfer can be initiated. Three kinds of call transfer service available: Blind Transfer Consult On - Hold Transfer Attendant Transfer Application scenario 1: Blind Transfer A dial to B B off hook A and B conversation 147 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes If user A does not want to communicate with user B or user C after call transfer, user A could choose Blind Transfer. To active Blind Transfer please follow the steps below: Step 1: A flash, B MOH (Music On Hold). Step 2: A dial *98# + C’s number.
Prestige 2602HWL-D3A Support Notes To active Consult On - hold Transfer please follow the steps below: Step 1: A flash, B MOH (Music On Hold). Step 2: A dial *98# + C’s Number. Step 3: C rings, A hears the ring back tone. Step 4: C off hook, A and C start conversation. Step 5: A on-hook. Step 6: B and C start conversation.
Prestige 2602HWL-D3A Support Notes To active Attendant Transfer please follow the steps below: Step Step Step Step Step Step 1: 2: 3: 4: 5: 6: A flash, B MOH (Music On Hold). A dial to C. C rings, A hears the ring back tone. C off hook, A and C start Conversation. A flash + *98#. B and C start conversation, A hears the busy tone. Internal Call This feature is ZyXEL’s proprietary implementation.
Prestige 2602HWL-D3A Support Notes phone calls to PSTN network if the DSL line is unplugged or SIP account cannot be registered, or relay outgoing calls to IP network when PSTN line is unplugged. You may set up Call Fallback easily on web GUI: VoIP > Phone > Common Call Park / Call Pickup Call Park/Pickup function allows you to place a call on hold first. Then it can be retrieved from another phone in the system.
Prestige 2602HWL-D3A Support Notes Phone Configuration: Press *97# + park number to park the call Press #97# + park number to pick-up the call Call Park Call Flow When a call has been established between A and the caller: To Call Park the call please follow the steps below: Step Step 1: User A Press *97# + park number (5000) to park the call 2: Then A hangs up the phone 152 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Call Pickup Call Flow To pick up the call, you only need to input #97# and the park number: In the graph below, user B presses #97# + park number (5000) to pick up the call. Call Return With call return, you can place a call to the last number that called you (either answered or missed). The last incoming call can be through either SIP or PSTN. Two application scenarios: 1. A missed a call from B. 2. A made a successful call with B.
Prestige 2602HWL-D3A Support Notes In both scenarios, user A only needs to pick up the phone and press “*66#”, and B will ring automatically. Distinctive Ringing With the distinctive ring feature, you can assign different ringing tones to different incoming calls, based either on the number that calls you or from where the call originates (SIP, PSTN or internal). Use this feature to let you know where a call comes from before you answer it. Application Scenario: 1.
Prestige 2602HWL-D3A Support Notes Each filed is described in the following table: 155 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Do Not Disturb (DND) This feature allows you to set your phone not to ring when someone calls you. You can set each phone independently using its keypad, or configure global setting for all phones using the command line. How do you configure DND on phone keypad? *95# Enable Do Not Disturb #95# Disable Do not Disturb *95#SIP Number*Active Timer# 156 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes For example, if you need to block the call from 3333 (SIP Number) for 2 hours, you just need to input *95#3333*2# on the phone keypad, and it will implement this feature. Hot Line (Auto Dial) This feature enables the device to make a call to a predefined number as soon as the phone is off hook. Application Scenario: 1. Configure the Hot Line setting first. 2. A lifts phone. 3. A will automatically dial the preconfigured number.
Prestige 2602HWL-D3A Support Notes ras> voice config fxs save 1 Music on hold This feature allows you to put a call on hold and have the other person hear a piece of audio (music, speech, etc.) you previously recorded. Application Scenarios: When one side (A) presses flash or reserve key to put a call on hold, the peer side (B) will receive INVITE packet with zero IP address in SDP to inform there is no need to send RTP out any more (RFC2543) or change the attribute field in SDP to recvonly (RFC3261).
Prestige 2602HWL-D3A Support Notes Trunking VoIP trunking connects an IP network (like the Internet) and the Public Switched Telephone Network (PSTN). PSTN includes the world’s circuit-switched telephone network which is composed of fixed and mobile telephones. VoIP trunking allows you to create VoIP links which PSTN (Public Switched Telephone Network) callers can use to: * Make phone calls via the Internet - Make a PSTN call to the ZyXEL Device and it forwards the call to any SIP based VoIP phone.
Prestige 2602HWL-D3A Support Notes Note: VoIP Trunking requires the following additional configuration in the VoIP > SIP > SIP Setting > Advanced Setup screen: Voice Compression field needs to be set to G.729 and DTMF Mode field needs to be set to SIP INFO.
Prestige 2602HWL-D3A Support Notes Phone 3 number: 103, it is a PTSN phone. In this graph, User X uses Phone 1 to make a Speed Dial to call user Y who is located in the another side PSTN network. Once dials #01 on phone 1, phone 3 will ring. Configuration details Note: In order for remote device to forward calls, an outgoing authentication account must match an incoming authentication account's username and password.
Prestige 2602HWL-D3A Support Notes On Device B: Step 1: Choose “Activate Trunking”in P2602HWL-D3A web GUI: VoIP > Trunking > General, then click the “Apply” button. Step 2: In P2602HWL-D3A web GUI: VoIP > Trunking > Peer Call, Set Outgoing Authentication account 1, name Test, username 103 and password 1234, peer IP 172.25.24.131, peer port 5060, then click the “Apply” button. 162 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Step 3: In P2602HWL-D3A web GUI: VoIP > Phone Book > Speed Dial, Choose #01, input number 103, name 103, choose Non-Proxy in Type and input IP 172.25.24.131, then click the “Add” button. 163 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes Trunking: SIP to FXO User X uses phone 1 (SIP number: 33333) to make a call to the ZyXEL Device A via VoIP. A forwards the call to User Y PSTN phone (103). Application Scenario: Device A is P2602HWL-D3A, WAN IP: 172.25.24.131, SIP 2 number: 22222. Device B is P2602HWL-D3A, SIP1 number: 33333. Phone 1 number: 33333, it is an analog phone, which connects to P2602HWL-D3A phone 1 port. Phone 2 number: 22222. Phone 3 number: 103, it is a PTSN phone.
Prestige 2602HWL-D3A Support Notes On Device B: No special configuration needed. Trunking: FXO to SIP User Y uses PSTN phone (103) to make a call to the ZyXEL Device A FXO (101). Device A connects B over IP network. Application Scenario: Device A is P2602HWL-D3A, WAN IP: 172.25.24.131, SIP 2 number: 22222, Life line phone 165 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes number 101. Device B is P2602HWL-D3A, SIP1 number: 33333. Phone 1 number: 33333, it is an analog phone, which connects to P2602HWL-D3A phone 1 port. Phone 2 number: 22222. Phone 3 number: 103, it is a PTSN phone. In this graph, user Y use PSTN Phone (103) to dial P2602HWL-D3A FXO number 101, after hears the “alter tone”, then dials User X SIP phone number 33333 and inputs password 123456, and user X SIP phone (33333) will ring.
Prestige 2602HWL-D3A Support Notes Trunking: FXO to FXO User X uses PSTN phone (203) to make a call to the Device B FXO (201), Device B connects to a peer device A over Internet, and A forwards the call to User Y PSTN phone (103). Application Scenario: Device A is P2602HWL-D3A, WAN IP: 172.25.24.131, SIP 2 number: 22222, Life line phone number 101. Device B is P2602HWL-D3A, SIP1 number: 33333, Life line phone number 201. Phone 1 number: 203, it is a PSTN phone.
Prestige 2602HWL-D3A Support Notes Configuration details On Device A: Step Step 1: Choose “Activate Trunking”on P2602HWL-D3A web GUI: VoIP > Trunking > General. 2: Set Auto Attendant Timeout 10 sec, Dialing Interval 3 sec on P2602HWL-D3A web GUI: VoIP > Trunking > General. Step 3: Choose Active Auto Attendant Authentication and set password 123456 on P2602HWL-D3A web GUI: VoIP > Trunking > General, then click the “Apply” button.
Prestige 2602HWL-D3A Support Notes On Device B: Step 1: Choose “Activate Trunking” on P2602HWL-D3A web GUI: VoIP > Trunking > General, then click the “Apply” button. Step 2: Set an Outgoing Authentication account. It consists of the IP address of a remote peer device, the port number to communicate over as well as a username and password to use for authentication.
Prestige 2602HWL-D3A Support Notes Step 3: Create a Call Rule. This rule tells P2602HWL-D3A which remote peer device it should connect to in order to complete the call. On P2602HWL-D3A web GUI: VoIP > Trunking > Call Rule, in Peer Call Outgoing Table, item 1, set Pattern 103, and choose Account Test, then click the “Apply” button. Set Outgoing Authentication account 1, name “Test”, username 103 and password 1234, peer IP 172.25.24.131, peer port 5060, then click the “Apply” button.
Prestige 2602HWL-D3A Support Notes The Web configurator a user friendly configuration interface via user's web browser, which can be access by typing in the LAN IP address of the Prestige in users web browser. To access the Prestige's web configurator via web browser, the configuration PC must be in the same IP segment of Prestige and Prestige must be reachable to the configuration station. (By default the Prestige LAN IP is 192.168.1.
Prestige 2602HWL-D3A Support Notes How do I upload or backup ROMFILE via web configurator? In some situations, you may need to upload the ROMFILE, restore to previous saved configuration, orthe need of resetting SMT to factory default. The procedure for uploading ROMFILE via the web configurator is as follows. a. b. c. d. Log on into the web configurator. Press "MAINTENANCE" from the left menu. Press "Configuration" tab.
Prestige 2602HWL-D3A Support Notes c. The default filter rule 3 (Telnet_FTP_WAN) is applied in the Input Protocol field in menu 11.5. What should I do if I forget the system password? In case you forget the system password. You can reset the unit back to factory default. You can reset the unit by using a sharp pointed object such as a pen and press and hold down the “reset” button for 5 second or until the power LED starts to blink than release. The unit is than reset back to factory default.
Prestige 2602HWL-D3A Support Notes The design goal of ZyXEL's SUA is to minimize the Internet access cost in a small office environment by using a single IP address to represent the multiple hosts inside. It does more than IP address translation, so that multiple hosts on the LAN can access the Internet at the same time. How many network users can the SUA/NAT support? The Prestige does not limit the number of the users but the number of the sessions.
Prestige 2602HWL-D3A Support Notes Will the Prestige work with my Internet connection? The Prestige is designed to be compatible major ISP utilize ADSL as a broadband service. Prestige IAD offers an Ethernet port to connect to your computer so the Prestige is placed in the line between the computer and your ISP. If your ISP supports PPPoE/PPPoA you can also use the Prestige, because PPPoE/PPPoA had been supported in the Prestige.
Prestige 2602HWL-D3A Support Notes Why does my provider use PPPoE? PPPoE emulates a familiar Dial-Up connection. It allows your ISP to provide services using their existing network configuration over the broadband connections. Besides, PPPoE supports a broad range of existing applications and service including authentication, accounting, secure access and configuration management.
Prestige 2602HWL-D3A Support Notes How does e-mail work through the Prestige? It depends on what kind of IP you have: Static or Dynamic. If your company has a domain name, it means that you have a static IP address. Suppose your company's e-mail address is xxx@mycompany.com. Joe and Debbie will be able to send e-mail through Prestige Internet Access Device using jane@mycompany.com and debbie@mycompany.com respectively as their e-mail addresses.
Prestige 2602HWL-D3A Support Notes What network interface does the new Prestige series support? The new Prestige series support auto MDX/MDIX 10/100M Ethernet LAN port to connect to the computer or Switch on LAN and ADSL port on WAN. How does the Prestige support TFTP? In addition to the direct console port connection, the Prestige supports the uploading/download of the firmware and configuration file using TFTP (Trivial File Transfer Protocol) over LAN.
Prestige 2602HWL-D3A Support Notes To create the appearance of faster network access, service companies plan to store or "cache" frequently requested web sites and Usenet newsgroups on a server at their head-end. Storing data locally will remove some of the bottleneck at the backbone connection. How fast can they go? In a perfect world (or lab) they can receive data at speeds up to 30 Mbps. In the real world, with cost conscious cable companies running the systems, the speed will probably fall to about 1.
Prestige 2602HWL-D3A Support Notes What IP/Port mapping does Multi-NAT support? NAT supports five types of IP/port mapping. They are: One to One, Many to One, Many to Many Overload, Many to Many No Overload and Server. The details of the mapping between ILA and IGA are described as below.Here we define the local IP addresses as the Internal Local Addresses (ILA) and the global IP addresses as the Inside Global Address (IGA), 1. One to One In One-to-One mode, the Prestige maps one ILA to one IGA. 2.
Prestige 2602HWL-D3A Support Notes Overload ILA2<--->IGA2 ILA3<--->IGA1 ILA4<--->IGA2 ... ILA1<--->IGA1 ILA2<--->IGA2 Many-to-Many No ILA3<--->IGA3 Overload ILA4<--->IGA4 ... Server Server 1 IP<--->IGA1 Server 2 IP<--->IGA1 What is the difference between SUA and Multi-NAT? SUA (Single User Account) in previous ZyNOS versions is a NAT set with 2 rules, Many-to-One and Server. The Prestige now has Full Feature NAT support to map global IP addresses to local IP addresses of clients or servers.
Prestige 2602HWL-D3A Support Notes (e.g., www.zyxel.com.tw) for your server (e.g., Web server) from a DDNS server. The outside users can always access the web server using the www.zyxel.com.tw regardless of the WAN IP of the 312. When the ISP assigns the Prestige a new IP, the Prestige updates this IP to DDNS server so that the server can update its IP-to-DNS entry. Once the IP-to-DNS table in the DDNS server is updated, the DNS name for your web server (i.e., www.zyxel.com.tw) is still usable.
Prestige 2602HWL-D3A Support Notes How do I setup my Prestige for routing IPsec packets over SUA? For outgoing IPsec tunnels, no extra setting is required. For forwarding the inbound IPsec ESP tunnel, A 'Default' server set in menu 15 is required. It is because SUA makes your LAN appear as a single machine to the outside world. LAN users are invisible to outside users. So, to make an internal server for outside access, we must specify the service port and the LAN IP of this server in Menu 15.
Prestige 2602HWL-D3A Support Notes Can I make an outgoing PSTN call through P2602HWL – 6xC? Yes, P2602HWL – 6xC allows you to make outgoing PSTN call via a prefix number that is defined in the configurable lifeline table. It allows you to store up to 9 pre-stored numbers. If P2602HWL- 6xC lost power it will by pass to PSTN line to allow you to call out as you where on regular PSTN phone.
Prestige 2602HWL-D3A Support Notes What advantage does Voice over IP can provide? The advantage of VoIP is it can provide advance services such as joining e-mail, instant messaging, video, voice mail all together. Where current circuit switching (PSTN) can not. What is the difference between H.323 and SIP? H.323 and SIP are proposed by different group Session Initiation Protocol (SIP) is a standard introduced by the Internet Engineering Task Force in 1999 to carry voice over IP.
Prestige 2602HWL-D3A Support Notes What is the relation of codec and VoIP? As VoIP is a general term send voice information in digital form in discrete packets over digital network and this digital network is public network, thus there maybe other packet such data packet uses network at the same time. The codec choose is related to how much bandwidth voice packet will consume. In bandwidthwise aspect the smaller amount of bandwidth used the better. But in voice aspect the higher quality the better.
Prestige 2602HWL-D3A Support Notes Unable to register with the SIP server? If you are unable to register with SIP server. 1. Make sure the Internet is reachable and the SIP register server is reachable. If your register server uses domain name make sure DNS name can be resolved. If you are using static WAN IP make sure DNS server is configured correctly on your Prestige. 2. Make sure the SIP account is correct and the password is key in correctly. 3. Check if there is NAT router before it.
Prestige 2602HWL-D3A Support Notes 1. Serial number of the device. 2. SIP Call server type and vendor. 3. Your device firmware version and romfile with password. 4. Detail information what you have tried to resolve the problem. I suspect there is a hardware problem with my Prestige what should I do? Please follow the troubleshooting section in the user’s guide for brief hardware troubleshooting and diagnostic tips.
Prestige 2602HWL-D3A Support Notes Packet Filtering Firewalls generally make their decisions based on the header information in individual packets. These header information include the source, destination addresses and ports of the packets. Application-level Firewalls generally are hosts running proxy servers, which permit no traffic directly between networks, and which perform logging and auditing of traffic passing through them.
Prestige 2602HWL-D3A Support Notes What is Denials of Service (DoS)attack? Denial of Service (DoS) attacks are aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources. There are four types of DoS attacks: 1. Those that exploits bugs in a TCP/IP implementation such as Ping of Death and Teardrop. 2.
Prestige 2602HWL-D3A Support Notes What is LAND attack? In a LAN attack, hackers flood SYN packets to the network with a spoofed source IP address of the targeted system. This makes it appear as if the host computer sent the packets to itself, making the system unavailable while the target system tries to respond to itself.
Prestige 2602HWL-D3A Support Notes How can I protect against IP spoofing attacks? The Prestige's firewall will automatically detect the IP spoofing and drop it if the firewall is turned on. If the firewall is not turned on we can configure a filter set to block the IP spoofing attacks.
Prestige 2602HWL-D3A Support Notes Content Filter FAQ What types of content filter does Prestige provide? Can I have different policies in effect for different times of the day or week? Yes, but only one blocking period of time is supported currently on ZyXEL appliance. Can I override (block or allow) certain URLs by wording? Yes, you can use key word blocking to achieve this. How many URL keywords does Prestige support? 64 keywords are supported.
Prestige 2602HWL-D3A Support Notes With encryption, VPN guarantees the confidentiality of the original user data. Cost 1). Cut long distance phone charges Because users typically dial the their local ISP for VPN, thus, long distance phone charge is reduced than making a long direct connection to the remote office. 2).
Prestige 2602HWL-D3A Support Notes provides cryptographic security services. These services allow for authentication, integrity, access control, and confidentiality. IPSec allows for the information exchanged between remote sites to be encrypted and verified. You can create encrypted tunnels (VPNs), or just do encryption between computers. Since you have so many options, IPSec is truly the most extensible and complete network security solution.
Prestige 2602HWL-D3A Support Notes What is Pre-Shared Key? A pre-shared key identifies a communicating party during a phase 1 IKE negotiation. It is called 'Pre-shared' because you have to share it with another party before you can communicate with them over a secure connection. What are the differences between IKE and manual key VPN? The only difference between IKE and manual key is how the encryption keys and SPIs are determined.
Prestige 2602HWL-D3A Support Notes E-mail support@zyxel.com.tw Please note that, in Prestige, if "DNS" or "E-mail" type is choosen, you can still use a random string as the content, such as "this_is_Prestige". It's not neccessary to follow the format exactly. By default, Prestige takes IP as phase 1 ID type for itself and it's remote peer. But if it's remote peer is using DNS or E-mail, you have to ajust the settings to pass phase 1 ID checking.
Prestige 2602HWL-D3A Support Notes What VPN protocols are supported by Prestige? All Prestige series support ESP (protocol number 50) and AH (protocol number 51). What types of encryption does Prestige VPN support? Prestige supports 56-bit DES and 168-bit 3DES and AES. What types of authentication does Prestige VPN support? VPN vendors support a number of different authentication methods. Prestige VPN supports both SHA1 and MD5.
Prestige 2602HWL-D3A Support Notes 172.16.0.0 - 172.31.255.255 (these address ranges are reserved by internet standard for private LAN numberings behind NAT devices). It is usually a static IP so that we can pre-configure it in Prestige for making VPN connections. If it is a dynamic IP given by ISP, you still can configure this IP address after the remote Prestige is on-line and its WAN IP is available from ISP.
Prestige 2602HWL-D3A Support Notes Windows 2000, Windows XP IPSec Will ZyXEL support Secure Remote Management? Yes, we will support it and we are working on it currently. Does Prestige VPN support NetBIOS broadcast? The current 3.50 firmware release does not support it. But it is in our wish list.
Prestige 2602HWL-D3A Support Notes If I have NAT router between two VPN gateways, and I would like to use IP type as Phase 1 ID, what should I know? We presume your environment may look like this, 201 All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2602HWL-D3A Support Notes VPN client: 10.1.33.33 NAT router WAN IP: 202.132.154.2 Prestige WAN: 202.132.154.3 Since the VPN client is behind a NAT router, it must have a private IP address in most case. This may cause the VPN client to send it's private IP address as the content of it's phase 1 ID. So you have to configure Prestige's secure gateway's phase 1 ID as the private IP address of the VPN client.
Prestige 2602HWL-D3A Support Notes Can Prestige behave as a NAT router supporting IPSec passthrough and an IPSec gateway simultaneously? No, Prestige can't support them simultaneously. You need to choose either one. If Prestige is to support IPSec passthrough, you have to disable the VPN function on Prestige. To disable it, you can either deactivate each VPN rule or issue a CI command, "ipsec switch off" from SMT menu 24.8. You can get into SMT menu via either telnet or console connection.
Prestige 2602HWL-D3A Support Notes LAN hardware, overall installation expenses and life-cycle costs can be significantly lower. Long-term cost benefits are greatest in dynamic environments requiring frequent moves and changes. e. Scalability: Wireless LAN systems can be configured in a variety of topologies to meet the needs of specific applications and installations.
Prestige 2602HWL-D3A Support Notes What is 802.11b ? 802.11b is the first revision of 802.11 standard allowing data rates up to 11Mbps in the 2.4GHz ISM band. Also known as 802.11 High-Rate and Wi-Fi. 802.11b only uses DSSS, the maximum speed of 11Mbps has fallbacks to 5.5, 2 and 1Mbps. How fast is 802.11b ? The IEEE 802.11b standard has a nominal speed of 11 megabits per second (Mbps).
Prestige 2602HWL-D3A Support Notes What is Wi-Fi ? The Wi-Fi logo signifies that a product is interoperable with wireless networking equipment from other vendors. A Wi-Fi logo product has been tested and certified by the Wireless Ethernet Compatibility Alliance (WECA). The Socket Wireless LAN Card is Wi-Fi certified, and that means that it will work (interoperate) with any brand of Access Point that is also Wi-Fi certified. What types of devices use the 2.
Prestige 2602HWL-D3A Support Notes Solution : 1.Minimizing the number of walls and ceilings 2.Antenna is positioned for best reception 3.Keep WLAN products away from electrical devices, eg: microwaves, monitors, electric motors,…, etc. 4. Add additional APs if necessary. What's the difference between a WLAN and a WWAN ? WLANs are generally privately owned, wireless systems that are deployed in a corporation, warehouse, hospital, or educational campus setting.
Prestige 2602HWL-D3A Support Notes bit-pattern at the sending station into a higher data rate bit sequence using a "chipping" code. The chipping code (also known as processing gain) introduces redundancy which allows data recovery if certain bit errors occur during transmission. The FCC rules the minimum processing gain should be 10, typical systems use processing gains of 20. IEEE 802.11b specifies the use of DSSS.
Prestige 2602HWL-D3A Support Notes How do I secure the data across an Access Point's radio link ? Enable Wired Equivalency Protocol (WEP) or Wi-Fi Protected Access (WPA) to encrypt the payload of packets sent across a radio link. What is WEP ? Wired Equivalent Privacy. WEP is a security mechanism defined within the 802.11 standard and designed to make the security of the wireless medium equal to that of a cable (wire).
Prestige 2602HWL-D3A Support Notes WEP is turned on. The SSID goes over the air in clear text. This makes obtaining the SSID easy by sniffing 802.11 wireless traffic. By turning off the broadcast of SSID, can someone still sniff the SSID ? Many APs by default have broadcasting the SSID turned on. Sniffers typically will find the SSID in the broadcast beacon packets.
Prestige 2602HWL-D3A Support Notes users' access to IEEE 802 networks such as Ethernet (IEEE 802.3) and Wireless LAN (IEEE 802.11). For IEEE 802.11 WLAN, IEEE 802.1x authentication can be based on username/password or digital certificate. What is the difference between No authentication required, No access allowed and Authentication required ? No authentication required—disables 802.1X and causes the port to transition to the authorized state without any authentication exchange required.
Prestige 2602HWL-D3A Support Notes What is WPA-PSK? WPA-PSK (Wi-Fi Protected Access Pre-Shared Key) can be used if user do not have a Radius server but still want to benefit from it. Because WPA-PSK only requires a single password to be entered on wireless AP/gateway and wireless client. As long as the passwords match, a client will be granted access to the WLAN.
Prestige 2602HWL-D3A Support Notes Online Trace 1. Trace LAN packet 2. Trace WAN packet 1. Trace LAN packet 1.1 Disable to capture the WAN packet by entering: sys trcp channel enet1 none 1.2 Enable to capture the LAN packet by entering: sys trcp channel enet0 bothway 1.3 Enable the trace log by entering: sys trcp sw on & sys trcl sw on 1.4 Display the brief trace online by entering: sys trcd brief or 1.
Prestige 2602HWL-D3A Support Notes Frame Type: TCP 192.168.1.2:1116->192.31.7.130:80 Ethernet Header: Destination MAC Addr = 00A0C5921311 Source MAC Addr = 0080C84CEA63 Network Type = 0x0800 (TCP/IP) IP Header: IP Version = 4 Header Length = 20 Type of Service = 0x00 (0) Total Length = 0x0030 (48) Idetification = 0x330B (13067) Flags = 0x02 Fragment Offset = 0x00 Time to Live = 0x80 (128) Protocol = 0x06 (TCP) Header Checksum = 0x3E71 (15985) Source IP = 0xC0A80102 (192.168.1.
Prestige 2602HWL-D3A Support Notes 0020: 07 82 04 5C 00 50 00 BD-15 A7 00 00 00 00 70 02 0030: 20 00 BE C3 00 00 02 04-05 B4 01 01 04 02 ...\.P........p. ............. ---<0001>---------------------------------------------------------------LAN Frame: ENET0-XMIT Size: 58/ 58 Time: 12090.020 sec Frame Type: TCP 192.31.7.130:80->192.168.1.
Prestige 2602HWL-D3A Support Notes RAW DATA: 0000: 00 80 C8 4C EA 63 00 A0-C5 92 13 11 08 00 45 00 ...L.c........E. 0010: 00 2C 57 F3 40 00 ED 06-AC 8C C0 1F 07 82 C0 A8 .,W.@........... 0020: 01 02 00 50 04 5C 4A D3-B5 7F 00 BD 15 A8 60 12 ...P.\J.......`. 0030: FA F0 F8 77 00 00 02 04-05 B4 ...w...... ---<0002>---------------------------------------------------------------LAN Frame: ENET0-RECV Size: 60/ 60 Time: 12090.210 sec Frame Type: TCP 192.168.1.2:1116->192.31.7.
Prestige 2602HWL-D3A Support Notes Urgent Ptr = 0x0000 (0) TCP Data: (Length=6, Captured=6) 0000: 20 20 20 20 20 20 RAW DATA: 0000: 00 A0 C5 92 13 11 00 80-C8 4C EA 63 08 00 45 00 .........L.c..E. 0010: 00 28 35 0B 40 00 80 06-3C 79 C0 A8 01 02 C0 1F .(5.@...
Prestige 2602HWL-D3A Support Notes LAN Frame: ENET1-RECV Size:1181/ 96 Time: 12387.260 sec Frame Type: TCP 192.31.7.130:80->202.132.155.
Prestige 2602HWL-D3A Support Notes RAW DATA: 0000: 00 A0 C5 92 13 12 00 A0-C5 01 23 45 08 00 45 00 ..........#E..E. 0010: 04 8B B1 39 40 00 EE 06-A9 AB C0 1F 07 82 CA 84 ...9@........... 0020: 9B 61 00 50 28 1E D3 E9-59 85 00 C1 8F 63 50 19 .a.P(...Y....cP. 0030: FA F0 37 35 00 00 DF 33-AF 62 58 37 52 3D 79 99 ..75...3.bX7R=y. 0040: A5 3C 2B 59 E2 78 A7 98-8F 3F A9 09 E4 0F 26 14 .<+Y.x...?....&. 0050: 9C 58 3E 95 3E E7 FC 2A-4C 2F FB BE 2F FE EF D0 .X>.>..*L/../...
Prestige 2602HWL-D3A Support Notes Window Size = 0x1DD5 (7637) Checksum = 0x7A12 (31250) Urgent Ptr = 0x0000 (0) RAW DATA: 0000: 00 A0 C5 01 23 45 00 A0-C5 92 13 12 08 00 45 00 ....#E........E. 0010: 00 28 7A 0C 40 00 7F 06-54 3C CA 84 9B 61 C0 1F .(z.@...T<...a.. 0020: 07 82 28 1E 00 50 00 C1-8F 63 D3 E9 5D E9 50 10 ..(..P...c..].P. 0030: 1D D5 7A 12 00 00 ..z... ---<0002>---------------------------------------------------------------LAN Frame: ENET1-XMIT Size: 54/ 54 Time: 12387.
Prestige 2602HWL-D3A Support Notes Header Length = 20 Flags = 0x11 (.A...F) Window Size = 0x1DD5 (7637) Checksum = 0x7A11 (31249) Urgent Ptr = 0x0000 (0) RAW DATA: 0000: 00 A0 C5 01 23 45 00 A0-C5 92 13 12 08 00 45 00 ....#E........E. 0010: 00 28 7B 0C 40 00 7F 06-53 3C CA 84 9B 61 C0 1F .({.@...S<...a.. 0020: 07 82 28 1E 00 50 00 C1-8F 63 D3 E9 5D E9 50 11 ..(..P...c..].P. 0030: 1D D5 7A 11 00 00 ..z... Prestige> Offline Trace 1. Trace LAN packet 2. Trace WAN packet 1.
Prestige 2602HWL-D3A Support Notes Prestige> sys trcl sw on Prestige> sys trcp sw off Prestige> sys trcl sw off Prestige> sys trcp brief 0 10855.790 ENET0-T[0141] TCP 192.31.7.130:80->192.168.1.2:1102 1 10855.800 ENET0-R[0060] TCP 192.168.1.2:1102->192.31.7.130:80 2 10855.810 ENET0-R[0062] TCP 192.168.1.2:1103->192.31.7.130:80 3 10855.840 ENET0-R[0062] TCP 192.168.1.2:1104->192.31.7.130:80 4 10856.020 ENET0-T[0054] TCP 192.31.7.130:80->192.168.1.2:1102 5 10856.030 ENET0-T[0058] TCP 192.31.7.
Prestige 2602HWL-D3A Support Notes TCP Header: Source Port = 0x0050 (80) Destination Port = 0x044F (1103) Sequence Number = 0xD91B1826 (3642431526) Ack Number = 0x00AA405F (11157599) Header Length = 24 Flags = 0x12 (.A..S.) Window Size = 0xFAF0 (64240) Checksum = 0xDCEF (56559) Urgent Ptr = 0x0000 (0) Options = 0000: 02 04 05 B4 RAW DATA: 0000: 00 80 C8 4C EA 63 00 A0-C5 92 13 11 08 00 45 00 ...L.c........E. 0010: 00 2C 7F 02 40 00 ED 06-85 7D C0 1F 07 82 C0 A8 .,..@....}......
Prestige 2602HWL-D3A Support Notes Prestige> sys trcp sw off Prestige> sys trcp brief 0 12864.800 ENET1-T[0411] TCP 202.132.155.97:10278->204.217.0.2:80 1 12864.890 ENET1-R[0247] TCP 204.217.0.2:80->202.132.155.97:10282 2 12864.900 ENET1-T[0416] TCP 202.132.155.97:10282->204.217.0.2:80 3 12865.120 ENET1-R[0247] TCP 204.217.0.2:80->202.132.155.97:10278 4 12865.130 ENET1-T[0411] TCP 202.132.155.97:10278->204.217.0.2:80 5 12865.220 ENET1-R[0247] TCP 204.217.0.2:80->202.132.155.
Prestige 2602HWL-D3A Support Notes Header Length = 20 Flags = 0x18 (.AP...) Window Size = 0x2238 (8760) Checksum = 0xAB57 (43863) Urgent Ptr = 0x0000 (0) TCP Data: (Length=193, Captured=42) 0000: 48 54 54 50 2F 31 2E 31-20 33 30 34 20 4E 6F 74 HTTP/1.1 304 Not 0010: 20 4D 6F 64 69 66 69 65-64 0D 0A 44 61 74 65 3A Modified..Date: 0020: 20 57 65 64 2C 20 30 37-20 4A Wed, 07 J RAW DATA: 0000: 00 A0 C5 92 13 12 00 A0-C5 59 12 84 08 00 45 00 .........Y....E.
Prestige 2602HWL-D3A Support Notes Header Checksum = 0xD59C (54684) Source IP = 0xCA849B61 (202.132.155.97) Destination IP = 0xCCD90002 (204.217.0.2) TCP Header: Source Port = 0x2826 (10278) Destination Port = 0x0050 (80) Sequence Number = 0x00C8C015 (13156373) Ack Number = 0x4D713E47 (1299267143) Header Length = 20 Flags = 0x18 (.AP...
Prestige 2602HWL-D3A Support Notes The Prestige supports traces when there is problem to connect your ISP using PPPoE protocol. Please follow the procedure below to collect the trace for our troubleshooting. 1. 2. 3. 4. Remove the LAN cable attached on the Prestige Enter SMT using console port Enter Menu 24.
Prestige 2602HWL-D3A Support Notes poePut1SrvcName: '' len 0 host-uniq 31303030 len 4 putPoeHdr: ver 1 type 1 code x09 sess-id 0 len 12(x000C) ### Hit any key to continue.### $$$ DIALING dev=6 ch=0..........
Prestige 2602HWL-D3A Support Notes r0= 0xE3F045C4 r1= 0x0001FFC0 r2= 0x000000E5 r3= 0x56FF54FF r4= 0xE3F045C4 r5= 0xE5BDBFEC r6= 0x0001C468 r7= 0x60000093 r8= 0x00000000 r9= 0xE3550000 r12=0x56FF54FF sp= 0x0001EDBC r10=0xE3550000 lr= 0x00004F64 fp= 0x00000000 pc= 0x00013954 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F e5bdbfe0: e2 8f 00 06 e5 d5 20 06 e5 d5 20 0a e5 d5 20 0e ...b...f...j...n e5bdbff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2b ...b...f...j...
Prestige 2602HWL-D3A Support Notes ........................................ done VC5402 Init...OK Press ENTER to continue... Enter Password : XXXX LAN/WAN Packet Trace The Prestige packet trace records and analyzes packets running on LAN and WAN interfaces. It is designed for users with technical backgrounds who are interested in the details of the packet flow on LAN or WAN end of Prestige.
Prestige 2602HWL-D3A Support Notes 1.1 Disable to capture the WAN packet by entering: sys trcp channel mpoa00 none 1.2 Enable to capture the LAN packet by entering: sys trcp channel enet0 bothway 1.3 Enable the trace log by entering: sys trcp sw on & sys trcl sw on 1.4 Display the brief trace online by entering: sys trcd brief or 1.
Prestige 2602HWL-D3A Support Notes Header Length = 20 Type of Service = 0x00 (0) Total Length = 0x0030 (48) Idetification = 0x330B (13067) Flags = 0x02 Fragment Offset = 0x00 Time to Live = 0x80 (128) Protocol = 0x06 (TCP) Header Checksum = 0x3E71 (15985) Source IP = 0xC0A80102 (192.168.1.2) Destination IP = 0xC01F0782 (192.31.7.
Prestige 2602HWL-D3A Support Notes Network Type = 0x0800 (TCP/IP) IP Header: IP Version = 4 Header Length = 20 Type of Service = 0x00 (0) Total Length = 0x002C (44) Idetification = 0x57F3 (22515) Flags = 0x02 Fragment Offset = 0x00 Time to Live = 0xED (237) Protocol = 0x06 (TCP) Header Checksum = 0xAC8C (44172) Source IP = 0xC01F0782 (192.31.7.130) Destination IP = 0xC0A80102 (192.168.1.
Prestige 2602HWL-D3A Support Notes Ethernet Header: Destination MAC Addr = 00A0C5921311 Source MAC Addr = 0080C84CEA63 Network Type = 0x0800 (TCP/IP) IP Header: IP Version = 4 Header Length = 20 Type of Service = 0x00 (0) Total Length = 0x0028 (40) Idetification = 0x350B (13579) Flags = 0x02 Fragment Offset = 0x00 Time to Live = 0x80 (128) Protocol = 0x06 (TCP) Header Checksum = 0x3C79 (15481) Source IP = 0xC0A80102 (192.168.1.2) Destination IP = 0xC01F0782 (192.31.7.
Prestige 2602HWL-D3A Support Notes 0030: 22 38 E8 ED 00 00 20 20-20 20 20 20 "8.... 2. Trace WAN packet 1.1 Disable the capture of the LAN packet by entering: sys trcp channel enet0 none 1.2 Enable to capture the WAN packet by entering: sys trcp channel mpoa00 bothway 1.3 Enable the trace log by entering: sys trcp sw on & sys trcl sw on 1.4 Display the brief trace online by entering: sys trcd brief or 1.
Prestige 2602HWL-D3A Support Notes Fragment Offset = 0x00 Time to Live = 0xEE (238) Protocol = 0x06 (TCP) Header Checksum = 0xA9AB (43435) Source IP = 0xC01F0782 (192.31.7.130) Destination IP = 0xCA849B61 (202.132.155.97) TCP Header: Source Port = 0x0050 (80) Destination Port = 0x281E (10270) Sequence Number = 0xD3E95985 (3555285381) Ack Number = 0x00C18F63 (12685155) Header Length = 20 Flags = 0x19 (.AP..
Prestige 2602HWL-D3A Support Notes 1. Trace LAN packet 1.1 Disable the capture of the WAN packet by entering: sys trcp channel mpoa00 none 1.2 Enable the capture of the LAN packet by entering: sys trcp channel enet0 bothway 1.3 Enable the trace log by entering: sys trcp sw on & sys trcl sw on 1.4 Wait for packet passing through the Prestige over LAN 1.5 Disable the trace log by entering: sys trcp sw off & sys trcl sw off 1.6 Display the trace briefly by entering: sys trcp brief 1.
