User Guide
Page 9
... 6-1 6.1 Telecommuting 6-1 6.2 LAN-to-LAN Application 6-3 6.3 Default Dial-In Setup 6-4 6.4 Dial-In Users Setup 6-8 6.5 CLID Authentication 6-10 6.6 Callback ...6-10 Chapter 7 Filter Configuration...7-1 7.1 Configuring a Filter Set 7-3 7.1.1 Filter Rules Summary Menu 7-4 7.2 Configuring a Filter Rule 7-6 7.2.1 TCP/IP Filter Rule 7-7 7.2.2 Generic Filter Rule 7-10 Chapter 8 System Password ...8-1 8.1 Configure the System Password 8-1 Chapter 9 Telnet Configuration and Capabilities 9-1 9.1 About Telnet Configuration 9-1 9.2 Single Administrator...
... 6-1 6.1 Telecommuting 6-1 6.2 LAN-to-LAN Application 6-3 6.3 Default Dial-In Setup 6-4 6.4 Dial-In Users Setup 6-8 6.5 CLID Authentication 6-10 6.6 Callback ...6-10 Chapter 7 Filter Configuration...7-1 7.1 Configuring a Filter Set 7-3 7.1.1 Filter Rules Summary Menu 7-4 7.2 Configuring a Filter Rule 7-6 7.2.1 TCP/IP Filter Rule 7-7 7.2.2 Generic Filter Rule 7-10 Chapter 8 System Password ...8-1 8.1 Configure the System Password 8-1 Chapter 9 Telnet Configuration and Capabilities 9-1 9.1 About Telnet Configuration 9-1 9.2 Single Administrator...
User Guide
Page 12
...Firmware 10-13 Menu 24.7.1 - Blacklist 10-17 Menu 24.9.3 - Figure 10-3. Menu 12 - Dial-in User 6-8 Outgoing Packet Filtering Process 7-2 Menu 21 - TCP/IP Filter Rule 7-7 Menu 21.1.2 - System Maintenance - System Maintenance - Upload ROM File 10-15 Menu 24.9 - Figure 7-1. Figure 10...-7. Figure 10-11. Figure 10-16. Generic Filter Rule 7-10 Telnet Configuration on a TCP/IP Network 9-1 Menu 24 - System Maintenance - Budget Management 10-18 xii List of Figures Figure...
...Firmware 10-13 Menu 24.7.1 - Blacklist 10-17 Menu 24.9.3 - Figure 10-3. Menu 12 - Dial-in User 6-8 Outgoing Packet Filtering Process 7-2 Menu 21 - TCP/IP Filter Rule 7-7 Menu 21.1.2 - System Maintenance - System Maintenance - Upload ROM File 10-15 Menu 24.9 - Figure 7-1. Figure 10...-7. Figure 10-11. Figure 10-16. Generic Filter Rule 7-10 Telnet Configuration on a TCP/IP Network 9-1 Menu 24 - System Maintenance - Budget Management 10-18 xii List of Figures Figure...
User Guide
Page 13
...-in Users/Remote Nodes Comparison Chart 6-1 Default Dial-in Setup Fields 6-5 Edit Dial-in User Menu Fields 6-9 Abbreviations Used in the Filter Rules Summary Menu 7-4 Abbreviations Used If Filter Type Is IP 7-5 Abbreviations Used If Filter Type Is GEN 7-6 TCP/IP Filter Rule Menu Fields 7-8 Generic Filter Rule Menu Fields 7-11 List of Tables xiii
...-in Users/Remote Nodes Comparison Chart 6-1 Default Dial-in Setup Fields 6-5 Edit Dial-in User Menu Fields 6-9 Abbreviations Used in the Filter Rules Summary Menu 7-4 Abbreviations Used If Filter Type Is IP 7-5 Abbreviations Used If Filter Type Is GEN 7-6 TCP/IP Filter Rule Menu Fields 7-8 Generic Filter Rule Menu Fields 7-11 List of Tables xiii
User Guide
Page 17
... 3 Internet Access Application Chapter 6 Dial-in Server Applications LAN-TO-LAN APPLICATIONS Chapter 4 Remote Node Configuration Chapter 5 Remote Node TCP/IP Configuration 4 MANAGEMENT & MAINTENANCE Chapter 7 Filter Configuration Chapter 8 System Password 5 TROUBLESHOOTING Chapter 11 Troubleshooting Chapter 9 Telnet Configuration and Capabilities Chapter 10 System Maintenance Preface xvii
... 3 Internet Access Application Chapter 6 Dial-in Server Applications LAN-TO-LAN APPLICATIONS Chapter 4 Remote Node Configuration Chapter 5 Remote Node TCP/IP Configuration 4 MANAGEMENT & MAINTENANCE Chapter 7 Filter Configuration Chapter 8 System Password 5 TROUBLESHOOTING Chapter 11 Troubleshooting Chapter 9 Telnet Configuration and Capabilities Chapter 10 System Maintenance Preface xvii
User Guide
Page 36
... setup static routes. Prestige has eight remote dial-in Figure 2-4. Copyright (c) 1994 - 1998 ZyXEL Communications Corp. Ethernet Setup 4. System Maintenance Advanced Applications 11. Static Routing Setup 13. Filter Set Configuration 23. System Password 24. Dial-in Setup 14. Default Dial-in User Setup ... this menu to setup default dial-in parameters so that your Prestige can be used as shown in users. 21 Filter Set Configuration Setup filters to provide security, call control, etc. 23 System Password Access this menu to the blank screen. 2.7 Changing the...
... setup static routes. Prestige has eight remote dial-in Figure 2-4. Copyright (c) 1994 - 1998 ZyXEL Communications Corp. Ethernet Setup 4. System Maintenance Advanced Applications 11. Static Routing Setup 13. Filter Set Configuration 23. System Password 24. Dial-in Setup 14. Default Dial-in User Setup ... this menu to setup default dial-in parameters so that your Prestige can be used as shown in users. 21 Filter Set Configuration Setup filters to provide security, call control, etc. 23 System Password Access this menu to the blank screen. 2.7 Changing the...
User Guide
Page 46
... may be useful to Menu 3.1 -General Ethernet Setup. If you have a need for your Prestige to function properly. General Ethernet Setup Filters are not required for filters, read about Chapter 7 - Ethernet Setup, enter 1 to go to block certain packets, reduce traffic, and prevent a security breach on ...your Ethernet. Prestige 100WH Internet Access Router The General Setup menu allows you to define the filter sets that you do not change them, unless your ISP or network administrator assigns you a block of 255.255.255.0 (Class C). It...
... may be useful to Menu 3.1 -General Ethernet Setup. If you have a need for your Prestige to function properly. General Ethernet Setup Filters are not required for filters, read about Chapter 7 - Ethernet Setup, enter 1 to go to block certain packets, reduce traffic, and prevent a security breach on ...your Ethernet. Prestige 100WH Internet Access Router The General Setup menu allows you to define the filter sets that you do not change them, unless your ISP or network administrator assigns you a block of 255.255.255.0 (Class C). It...
User Guide
Page 54
... you do not configure a server. l SUA can be used to connect to remote networks other than the Internet. All incoming inquiries will be filtered out by the ISP (or another remote TCP/IP network. l SUA can be routed. For more information on IP address translation, refer to ... If you do not set a server IP address, SUA offers the additional benefit of firewall protection. With SUA, all incoming inquiries will be filtered out by translating the internal LAN IP addresses to a single address that is supported. For example, this address sharing by your Prestige, protecting ...
... you do not configure a server. l SUA can be used to connect to remote networks other than the Internet. All incoming inquiries will be filtered out by the ISP (or another remote TCP/IP network. l SUA can be routed. For more information on IP address translation, refer to ... If you do not set a server IP address, SUA offers the additional benefit of firewall protection. With SUA, all incoming inquiries will be filtered out by translating the internal LAN IP addresses to a single address that is supported. For example, this address sharing by your Prestige, protecting ...
User Guide
Page 62
... Submenu 11.1. - Menu 11.1 - My Password= ? Edit IP = No Edit Script Options= No Telco Option: Allocated Budget(min)= 0 Period(hr)= 0 Session Options: Input Filter Sets= Output Filter Sets= Call Filter Sets= Idle Timeout(sec)= 300 Press ENTER to CONFIRM or ESC to CANCEL: Press Space Bar to eight characters. Table 4-1. Prestige 100WH Internet...
... Submenu 11.1. - Menu 11.1 - My Password= ? Edit IP = No Edit Script Options= No Telco Option: Allocated Budget(min)= 0 Period(hr)= 0 Session Options: Input Filter Sets= Output Filter Sets= Call Filter Sets= Idle Timeout(sec)= 300 Press ENTER to CONFIRM or ESC to CANCEL: Press Space Bar to eight characters. Table 4-1. Prestige 100WH Internet...
User Guide
Page 65
...Telco Options: Allocated Budget (min) This field sets a budget outgoing call budget control. Session Options: Input Filter Sets, Output Filter Sets and Call Filter Sets In these fields, select which filter set(s) you would like to apply to reset the above outgoing call time for details. This will bring...to the incoming and outgoing traffic between this field, use the space bar to the TCP/IP protocol. This will bring you to 4 filter sets together for further customization (for this field is , no budget control. In addition, you to Menu 11.2 - remote node PPP...
...Telco Options: Allocated Budget (min) This field sets a budget outgoing call budget control. Session Options: Input Filter Sets, Output Filter Sets and Call Filter Sets In these fields, select which filter set(s) you would like to apply to reset the above outgoing call time for details. This will bring...to the incoming and outgoing traffic between this field, use the space bar to the TCP/IP protocol. This will bring you to 4 filter sets together for further customization (for this field is , no budget control. In addition, you to Menu 11.2 - remote node PPP...
User Guide
Page 80
... node, your Prestige will describe how to configure the protocol-independent fields in User= Yes IP Pool= No IP Start Addr= N/A Session Options: Input Filter Sets= Output Filter Sets= Idle Timeout= 300 Callback Budget Management: Allocated Budget(min)= Period(hr)= Press ENTER to CONFIRM or ESC to CANCEL: Press Space Bar to...
... node, your Prestige will describe how to configure the protocol-independent fields in User= Yes IP Pool= No IP Start Addr= N/A Session Options: Input Filter Sets= Output Filter Sets= Idle Timeout= 300 Callback Budget Management: Allocated Budget(min)= Period(hr)= Press ENTER to CONFIRM or ESC to CANCEL: Press Space Bar to...
User Guide
Page 83
... spaces and [-] symbol, are accepted in user. Session Options: Idle Timeout The Idle Timeout sets the limit on customizing your filter sets, see Chapter 7 - Chapter 6 Dial-in user. Default Dial-in Setup, press [Enter] at the message [Press ENTER to Confirm...] to...13 - Keep in users but not the remote nodes. Default Dial-in Setup Fields (continued) Field Description Session Options: Input Filter Sets Output Filter Sets In these fields, select the filter set (s) will be used when the Prestige calls back to cancel. The default is traffic from 12 different...
... spaces and [-] symbol, are accepted in user. Session Options: Idle Timeout The Idle Timeout sets the limit on customizing your filter sets, see Chapter 7 - Chapter 6 Dial-in user. Default Dial-in Setup, press [Enter] at the message [Press ENTER to Confirm...] to...13 - Keep in users but not the remote nodes. Default Dial-in Setup Fields (continued) Field Description Session Options: Input Filter Sets Output Filter Sets In these fields, select the filter set (s) will be used when the Prestige calls back to cancel. The default is traffic from 12 different...
User Guide
Page 87
... 11 and delete it in the remote node's call should be placed. Prestige 100WH Internet Access Router Chapter 7 Filter Configuration About Filtering Your Prestige uses filters to decide whether or not to allow passage of filters involved: l Incoming Data Filters l Outgoing Data Filters l Call Filters. Chapter 7 Filter Configuration 7-1 Your Prestige has built-in your ISP remote node that...
... 11 and delete it in the remote node's call should be placed. Prestige 100WH Internet Access Router Chapter 7 Filter Configuration About Filtering Your Prestige uses filters to decide whether or not to allow passage of filters involved: l Incoming Data Filters l Outgoing Data Filters l Call Filters. Chapter 7 Filter Configuration 7-1 Your Prestige has built-in your ISP remote node that...
User Guide
Page 88
...to six rules, you can configure up to twelve filter sets with each set having up to four of 24 rules active for a single filtering application. 7-2 Chapter 7 Filter Configuration Therefore, with six rules in Call Filters No match User-defined Call Filters (if applicable) Match Match No match Active Data...if line not up Or Drop packet if line not up to 72 filter rules (12 x 6). The following sections describe how to use. The Filter Structure of the Prestige You can have a maximum of the filter sets together to screen the data packet. Prestige 100WH Internet Access Router...
...to six rules, you can configure up to twelve filter sets with each set having up to four of 24 rules active for a single filtering application. 7-2 Chapter 7 Filter Configuration Therefore, with six rules in Call Filters No match User-defined Call Filters (if applicable) Match Match No match Active Data...if line not up Or Drop packet if line not up to 72 filter rules (12 x 6). The following sections describe how to use. The Filter Structure of the Prestige You can have a maximum of the filter sets together to screen the data packet. Prestige 100WH Internet Access Router...
User Guide
Page 89
... (no. 1-12), then press [Enter]. The new information will bring you to the Edit Comments field. Filter Set Configuration Comments Filter Set # -----7 8 9 10 11 12 Comments Enter Filter Set Number to Configure= Edit Comments= Press ENTER to CONFIRM or ESC to CANCEL: Figure 7-2. Step 2. ...field. Whatever the comments are for that filter set. Filter Set Configuration Chapter 7 Filter Configuration 7-3 Select the filter set you can edit these Comments in the following way: Step 1. Once you wish to use to identify that filter set will be displayed in the read-only...
... (no. 1-12), then press [Enter]. The new information will bring you to the Edit Comments field. Filter Set Configuration Comments Filter Set # -----7 8 9 10 11 12 Comments Enter Filter Set Number to Configure= Edit Comments= Press ENTER to CONFIRM or ESC to CANCEL: Figure 7-2. Step 2. ...field. Whatever the comments are for that filter set. Filter Set Configuration Chapter 7 Filter Configuration 7-3 Select the filter set you can edit these Comments in the following way: Step 1. Once you wish to use to identify that filter set will be displayed in the read-only...
User Guide
Page 90
... Menu 21.1. A Refers to Configure: Figure 7-3. Prestige 100WH Internet Access Router Step 4. Filter Rules Summary # A Type Filter Rules Mm n 1 N 2 N 3 N 4 N 5 N 6 N Enter Filter Rule Number (1-6) to Active. [Y] means the filter rule is active. [N] means the filter rule is read-only. Table 7-1. Abbreviations Used in the Filter Rules Summary Menu Abbreviations Description # Refers to confirm your changes, Menu 21...
... Menu 21.1. A Refers to Configure: Figure 7-3. Prestige 100WH Internet Access Router Step 4. Filter Rules Summary # A Type Filter Rules Mm n 1 N 2 N 3 N 4 N 5 N 6 N Enter Filter Rule Number (1-6) to Active. [Y] means the filter rule is active. [N] means the filter rule is read-only. Table 7-1. Abbreviations Used in the Filter Rules Summary Menu Abbreviations Description # Refers to confirm your changes, Menu 21...
User Guide
Page 91
... Is IP Abbreviation Description Pr Protocol SA Source Address SP Source Port number DA Destination Address DP Destination Port number Chapter 7 Filter Configuration 7-5 m Refers to Action Matched. [F] means to forward the packet. [D] means to check. n Refers to Action Not Matched ...[F] means to forward the packet. [D] means to drop the packet. [N] means check the next rule. The protocol dependent filter rules abbreviation are more rules to check. [N] means there aren't more rules to drop the packet. [N] means check the next rule. Abbreviations...
... Is IP Abbreviation Description Pr Protocol SA Source Address SP Source Port number DA Destination Address DP Destination Port number Chapter 7 Filter Configuration 7-5 m Refers to Action Matched. [F] means to forward the packet. [D] means to check. n Refers to Action Not Matched ...[F] means to forward the packet. [D] means to drop the packet. [N] means check the next rule. The protocol dependent filter rules abbreviation are more rules to check. [N] means there aren't more rules to drop the packet. [N] means check the next rule. Abbreviations...
User Guide
Page 92
...be used. This will take you wish to the next section. Some of the filter rule (1-6) you to select the appropriate type (by pressing SPACE bar) under the Filter Type field and press [Enter]. TCP/IP Filter Rule in Table 7-3 will bring you need to Menu 21.1.1 - When you... first enter the Filter Rule Menu, you can configure. If you wish to configure another type of filter rules that you will differ depending on configuring the filter rule parameters, refer to configure and press [Enter]. This will be presented ...
...be used. This will take you wish to the next section. Some of the filter rule (1-6) you to select the appropriate type (by pressing SPACE bar) under the Filter Type field and press [Enter]. TCP/IP Filter Rule in Table 7-3 will bring you need to Menu 21.1.1 - When you... first enter the Filter Rule Menu, you can configure. If you wish to configure another type of filter rules that you will differ depending on configuring the filter rule parameters, refer to configure and press [Enter]. This will be presented ...
User Guide
Page 93
Figure 7-4. Menu 21.1.1 - TCP/IP Filter Rule Chapter 7 Filter Configuration 7-7 Figure 7-4 displays Menu 21.1.1 TCP/IP Filter Rule. Menu 21.1.1 - Prestige 100WH Internet Access Router 7.2.1 TCP/IP Filter Rule This section will show you how to Toggle. TCP/IP Filter Rule Filter #: 1,1 Filter Type= TCP/IP Filter Rule Active= No IP Protocol= 0 IP Source Route= No Destination: IP Addr... Matched= Check Next Rule Action Not Matched= Check Next Rule Press ENTER to Confirm or ESC to Cancel: Press Space Bar to configure a TCP/IP filter rule for your Prestige.
Figure 7-4. Menu 21.1.1 - TCP/IP Filter Rule Chapter 7 Filter Configuration 7-7 Figure 7-4 displays Menu 21.1.1 TCP/IP Filter Rule. Menu 21.1.1 - Prestige 100WH Internet Access Router 7.2.1 TCP/IP Filter Rule This section will show you how to Toggle. TCP/IP Filter Rule Filter #: 1,1 Filter Type= TCP/IP Filter Rule Active= No IP Protocol= 0 IP Source Route= No Destination: IP Addr... Matched= Check Next Rule Action Not Matched= Check Next Rule Press ENTER to Confirm or ESC to Cancel: Press Space Bar to configure a TCP/IP filter rule for your Prestige.
User Guide
Page 94
...as a.b.c.d where a, b, c, and d are two options: [Yes] - In this field you wish to apply to apply the filter. There are numbers between 0 and 255. filter match only established TCP connections. [No] - IP Protocol Specify the upper layer protocol number. Source: IP Addr Enter the source ...destination IP Address of this field is usually written in Destination: Comp Port #. Source: IP Mask Enter the mask that you wish to filter. Source: Port # Comp Select the comparison you wish to the value given in Destination: IP Addr. Destination: Port # Enter the ...
...as a.b.c.d where a, b, c, and d are two options: [Yes] - In this field you wish to apply to apply the filter. There are numbers between 0 and 255. filter match only established TCP connections. [No] - IP Protocol Specify the upper layer protocol number. Source: IP Addr Enter the source ...destination IP Address of this field is usually written in Destination: Comp Port #. Source: IP Mask Enter the mask that you wish to filter. Source: Port # Comp Select the comparison you wish to the value given in Destination: IP Addr. Destination: Port # Enter the ...
User Guide
Page 95
...will be logged. Action Not Matched Specify what to log the results of the filter rule. TCP/IP Filter Rule Menu Fields (continued) Field Description More Specify if you want to pass the packet to cancel. Filter Rules Summary. Only packets that match the rule parameters will be logged. The choices..., press [Enter] at the message [Press ENTER to Confirm...] to save your configuration, or press [Esc] to the next filter rule before an action is [Yes], then Action Matched and Action Not Matched will be N/A. Prestige 100WH Internet Access Router Table 7-4. Log ...
...will be logged. Action Not Matched Specify what to log the results of the filter rule. TCP/IP Filter Rule Menu Fields (continued) Field Description More Specify if you want to pass the packet to cancel. Filter Rules Summary. Only packets that match the rule parameters will be logged. The choices..., press [Enter] at the message [Press ENTER to Confirm...] to save your configuration, or press [Esc] to the next filter rule before an action is [Yes], then Action Matched and Action Not Matched will be N/A. Prestige 100WH Internet Access Router Table 7-4. Log ...