User Guide
Page 14
... ...131 7.9.1 ToS (Type of Service) and WMM QoS 131 7.9.2 Application Priority Configuration 132 7.10 Multiple SSID (P-662HW-D Models only 133 7.10.1 Multiple SSID Commands 134 7.10.2 Multiple SSID Example 135 Chapter 8 DMZ ...137 8.1...Port Forwarding ...145 9.4.1 Default Server IP Address 146 9.4.2 Port Forwarding: Services and Port Numbers 146 9.4.3 Configuring Servers Behind Port Forwarding (Example 146 9.5 Configuring Port Forwarding 147 9.5.1 Port Forwarding Rule Edit 148 9.6 Address Mapping ...149 9.6.1 Address Mapping Rule Edit 150 9.7 Trigger Port ...151 9.8 Edit Trigger Port...
... ...131 7.9.1 ToS (Type of Service) and WMM QoS 131 7.9.2 Application Priority Configuration 132 7.10 Multiple SSID (P-662HW-D Models only 133 7.10.1 Multiple SSID Commands 134 7.10.2 Multiple SSID Example 135 Chapter 8 DMZ ...137 8.1...Port Forwarding ...145 9.4.1 Default Server IP Address 146 9.4.2 Port Forwarding: Services and Port Numbers 146 9.4.3 Configuring Servers Behind Port Forwarding (Example 146 9.5 Configuring Port Forwarding 147 9.5.1 Port Forwarding Rule Edit 148 9.6 Address Mapping ...149 9.6.1 Address Mapping Rule Edit 150 9.7 Trigger Port ...151 9.8 Edit Trigger Port...
User Guide
Page 25
... Servers Behind NAT Example 146 Figure 85 NAT Port Forwarding ...147 Figure 86 Port Forwarding Rule Setup 148 Figure 87 Address Mapping Rules ...149 Figure 88 Edit Address Mapping Rule 150 Figure 89 Trigger Port ...152 Figure 90 Trigger Port Edit ...153 Figure 91 Firewall Application ...159 ...: Customized Services 178 Figure 100 Firewall: Configure Customized Services 179 Figure 101 Firewall Example: Rules ...180 Figure 102 Edit Custom Port Example 180 Figure 103 Firewall Example: Edit Rule: Destination Address 181 Figure 104 Firewall Example: Edit Rule: Select Customized Services 182...
... Servers Behind NAT Example 146 Figure 85 NAT Port Forwarding ...147 Figure 86 Port Forwarding Rule Setup 148 Figure 87 Address Mapping Rules ...149 Figure 88 Edit Address Mapping Rule 150 Figure 89 Trigger Port ...152 Figure 90 Trigger Port Edit ...153 Figure 91 Firewall Application ...159 ...: Customized Services 178 Figure 100 Firewall: Configure Customized Services 179 Figure 101 Firewall Example: Rules ...180 Figure 102 Edit Custom Port Example 180 Figure 103 Firewall Example: Edit Rule: Destination Address 181 Figure 104 Firewall Example: Edit Rule: Select Customized Services 182...
User Guide
Page 32
... 135 Table 49 DMZ ...138 Table 50 NAT Definitions ...141 Table 51 NAT Mapping Types ...144 Table 52 NAT General ...145 Table 53 NAT Port Forwarding ...147 Table 54 Port Forwarding Rule Setup 148 Table 55 Address Mapping Rules ...150 Table 56 Edit Address Mapping Rule 151 Table 57 Trigger... Port ...152 Table 58 Trigger Port Edit ...153 Table 59 Common IP Ports ...159 Table 60 ICMP Commands That Trigger Alerts 162 Table 61 Legal NetBIOS Commands 162 Table 62 ...
... 135 Table 49 DMZ ...138 Table 50 NAT Definitions ...141 Table 51 NAT Mapping Types ...144 Table 52 NAT General ...145 Table 53 NAT Port Forwarding ...147 Table 54 Port Forwarding Rule Setup 148 Table 55 Address Mapping Rules ...150 Table 56 Edit Address Mapping Rule 151 Table 57 Trigger... Port ...152 Table 58 Trigger Port Edit ...153 Table 59 Common IP Ports ...159 Table 60 ICMP Commands That Trigger Alerts 162 Table 61 Legal NetBIOS Commands 162 Table 62 ...
User Guide
Page 48
...WAN connections. More Connections Use this screen to configure the ZyXEL Device to block access to configure LAN DHCP settings. NAT General Use this screen to devices or block the devices from accessing the ZyXEL Device. Port Forwarding Use this screen to enable NAT. DHCP Setup Use ...this screen to configure the threshold for servers behind the ZyXEL Device. This screen allows you to partition your LAN interface into subnets...
...WAN connections. More Connections Use this screen to configure the ZyXEL Device to block access to configure LAN DHCP settings. NAT General Use this screen to devices or block the devices from accessing the ZyXEL Device. Port Forwarding Use this screen to enable NAT. DHCP Setup Use ...this screen to configure the threshold for servers behind the ZyXEL Device. This screen allows you to partition your LAN interface into subnets...
User Guide
Page 92
...VC carries multiple protocols with protocol identifying information being contained in the More Connections Edit screen. NAT SUA only is not fixed; The ZyXEL Device will try to you have a dynamic IP address; A dynamic IP address is available only when you connect to display the More... Connections Advanced screen and edit more details of your ZyXEL Device's advanced WAN settings. Enter the VPI assigned to bring up all protocols. Select SUA Only if you . Click Edit to go to the Port Forwarding screen to disable NAT.
...VC carries multiple protocols with protocol identifying information being contained in the More Connections Edit screen. NAT SUA only is not fixed; The ZyXEL Device will try to you have a dynamic IP address; A dynamic IP address is available only when you connect to display the More... Connections Advanced screen and edit more details of your ZyXEL Device's advanced WAN settings. Enter the VPI assigned to bring up all protocols. Select SUA Only if you . Click Edit to go to the Port Forwarding screen to disable NAT.
User Guide
Page 96
... the Internet. Metric This field sets this backup connection. Port Speed Select the speed of the IP addresses in the Fail Tolerance field. Advanced Setup Click this to activate dial up backup. Traffic Redirect Traffic redirect forwards traffic to a backup gateway when the ZyXEL Device cannot connect to save the changes. Password Enter...
... the Internet. Metric This field sets this backup connection. Port Speed Select the speed of the IP addresses in the Fail Tolerance field. Advanced Setup Click this to activate dial up backup. Traffic Redirect Traffic redirect forwards traffic to a backup gateway when the ZyXEL Device cannot connect to save the changes. Password Enter...
User Guide
Page 139
... this check box to forward NetBIOS packets from the LAN to the DMZ and from the DMZ to the ZyXEL Device. The public IP addresses of the DMZ and WAN ports are in another subnet. Lower case letters represent public IP addresses (like a.b.c.d for example). The LAN port and connected computers (A ...you also need to enable the default DMZ to LAN firewall rule that are in one subnet. The DMZ port and connected servers (D through C) use public IP addresses that forwards NetBIOS traffic.Clear this check box to block all NetBIOS packets going from the LAN to the DMZ and...
... this check box to forward NetBIOS packets from the LAN to the DMZ and from the DMZ to the ZyXEL Device. The public IP addresses of the DMZ and WAN ports are in another subnet. Lower case letters represent public IP addresses (like a.b.c.d for example). The LAN port and connected computers (A ...you also need to enable the default DMZ to LAN firewall rule that are in one subnet. The DMZ port and connected servers (D through C) use public IP addresses that forwards NetBIOS traffic.Clear this check box to block all NetBIOS packets going from the LAN to the DMZ and...
User Guide
Page 142
...network and make them accessible to the outside host is never changed. It replaces the original IP source address (and TCP or UDP source port numbers for the inside host. For outgoing packets, the ILA (Inside Local Address) is the source address on the LAN, and the ...) to another (the inside LANs (logical LANs using IP Alias) behind the ZyXEL Device can communicate with hosts on other networks. The following figure illustrates a possible NAT application, where three inside global address) before forwarding it to the Internet. Note that the IP address (either static or dynamically...
...network and make them accessible to the outside host is never changed. It replaces the original IP source address (and TCP or UDP source port numbers for the inside host. For outgoing packets, the ILA (Inside Local Address) is the source address on the LAN, and the ...) to another (the inside LANs (logical LANs using IP Alias) behind the ZyXEL Device can communicate with hosts on other networks. The following figure illustrates a possible NAT application, where three inside global address) before forwarding it to the Internet. Note that the IP address (either static or dynamically...
User Guide
Page 145
... world. Each NAT session establishes a corresponding firewall session. Use this number to ensure no additional NAT sessions can establish through the ZyXEL Device. If you can raise this check box to enable NAT. If your network has a large number of users using peer to...such as a single computer to the outside world even though NAT makes your changes back to the ZyXEL Device. Cancel Click Cancel to return to the previous configuration. 9.4 Port Forwarding A port forwarding set is exhausting all of clients using peer to peer applications, you can establish. Table 52 NAT...
... world. Each NAT session establishes a corresponding firewall session. Use this number to ensure no additional NAT sessions can establish through the ZyXEL Device. If you can raise this check box to enable NAT. If your network has a large number of users using peer to...such as a single computer to the outside world even though NAT makes your changes back to the ZyXEL Device. Cancel Click Cancel to return to the previous configuration. 9.4 Port Forwarding A port forwarding set is exhausting all of clients using peer to peer applications, you can establish. Table 52 NAT...
User Guide
Page 146
...ZyXEL Device discards all packets received for specified services, NAT supports a default server IP address. Figure 84 Multiple Servers Behind NAT Example 146 P-662H/HW-D Series User's Guide Your ISP may periodically check for example, web service is on port 80 and FTP on commonly used port numbers. 9.4.3 Configuring Servers Behind Port Forwarding... if it might be forwarded, and the local IP address of 192.168.1.35 to a third (C in the remote management setup. 9.4.2 Port Forwarding: Services and Port Numbers Use the Port Forwarding screen to forward incoming service requests to the...
...ZyXEL Device discards all packets received for specified services, NAT supports a default server IP address. Figure 84 Multiple Servers Behind NAT Example 146 P-662H/HW-D Series User's Guide Your ISP may periodically check for example, web service is on port 80 and FTP on commonly used port numbers. 9.4.3 Configuring Servers Behind Port Forwarding... if it might be forwarded, and the local IP address of 192.168.1.35 to a third (C in the remote management setup. 9.4.2 Port Forwarding: Services and Port Numbers Use the Port Forwarding screen to forward incoming service requests to the...
User Guide
Page 147
... A default server receives packets from the drop-down list box. Click Network > NAT > Port Forwarding to the table below. Port Forwarding Service Name Select a service from ports that are not specified here or in this button to add a rule to open the following... screen. Chapter 9 Network Address Translation (NAT) Screens 9.5 Configuring Port Forwarding " The Port Forwarding screen is available only when you do not assign a Default Server IP address, the ZyXEL Device discards all packets received for ports that are not specified in the remote management setup. " If ...
... A default server receives packets from the drop-down list box. Click Network > NAT > Port Forwarding to the table below. Port Forwarding Service Name Select a service from ports that are not specified here or in this button to add a rule to open the following... screen. Chapter 9 Network Address Translation (NAT) Screens 9.5 Configuring Port Forwarding " The Port Forwarding screen is available only when you do not assign a Default Server IP address, the ZyXEL Device discards all packets received for ports that are not specified in the remote management setup. " If ...
User Guide
Page 148
... a service's name. Modify Click the Edit icon to go to edit a port forwarding rule, click the rule's edit icon in the Start Port field above . Click the Delete icon to the ZyXEL Device. Note that begins with the port number in the Start Port field above and then enter it again in a series that subsequent rules...
... a service's name. Modify Click the Edit icon to go to edit a port forwarding rule, click the rule's edit icon in the Start Port field above . Click the Delete icon to the ZyXEL Device. Note that begins with the port number in the Start Port field above and then enter it again in a series that subsequent rules...
User Guide
Page 149
Now if you select Full Feature in the NAT > General screen. Chapter 9 Network Address Translation (NAT) Screens Table 54 Port Forwarding Rule Setup (continued) LABEL DESCRIPTION Server IP Address Enter the inside IP address of empty rules. Ordering your rules is available ... specify. Back Click Back to return to begin configuring this screen afresh. 9.6 Address Mapping " The Address Mapping screen is important because the ZyXEL Device applies the rules in your configured rule will be pushed up by that you configure rule number 9. Cancel Click Cancel to the previous ...
Now if you select Full Feature in the NAT > General screen. Chapter 9 Network Address Translation (NAT) Screens Table 54 Port Forwarding Rule Setup (continued) LABEL DESCRIPTION Server IP Address Enter the inside IP address of empty rules. Ordering your rules is available ... specify. Back Click Back to return to begin configuring this screen afresh. 9.6 Address Mapping " The Address Mapping screen is important because the ZyXEL Device applies the rules in your configured rule will be pushed up by that you configure rule number 9. Cancel Click Cancel to the previous ...
User Guide
Page 151
... the LAN to begin configuring this screen. This is set a forwarding port in NAT to forward a service (coming in the forwarding port with a specific port number and protocol ("incoming" port), the ZyXEL Device forwards the traffic P-662H/HW-D Series User's Guide 151 This field is for Server port mapping. Trigger port forwarding solves this problem by allowing computers on the WAN) to...
... the LAN to begin configuring this screen. This is set a forwarding port in NAT to forward a service (coming in the forwarding port with a specific port number and protocol ("incoming" port), the ZyXEL Device forwards the traffic P-662H/HW-D Series User's Guide 151 This field is for Server port mapping. Trigger port forwarding solves this problem by allowing computers on the WAN) to...
User Guide
Page 152
...two hours with the "incoming" port range of 6970-7170. 3 The Real Audio server responds using a port number ranging between 6970-7170. 4 The ZyXEL Device forwards the traffic to Jane's computer IP address. 5 Only Jane can use the application. Use this port (or range of ports) to the client computer on ...IP address of the computer that a server on the WAN uses when it sends out a particular service. The ZyXEL Device forwards the traffic with this screen to add and view trigger port rules configured on the LAN can connect to the Real Audio server until the connection is a "trigger...
...two hours with the "incoming" port range of 6970-7170. 3 The Real Audio server responds using a port number ranging between 6970-7170. 4 The ZyXEL Device forwards the traffic to Jane's computer IP address. 5 Only Jane can use the application. Use this port (or range of ports) to the client computer on ...IP address of the computer that a server on the WAN uses when it sends out a particular service. The ZyXEL Device forwards the traffic with this screen to add and view trigger port rules configured on the LAN can connect to the Real Audio server until the connection is a "trigger...
User Guide
Page 153
... to 15 characters) for identification purposes. Service Name Type a unique name (up to change your ZyXEL Device's trigger port settings. including spaces. The ZyXEL Device forwards the traffic with this check box to delete the port forwarding rule. Trigger Port This is a port (or a range of the LAN computer that a server on the WAN uses when it sends...
... to 15 characters) for identification purposes. Service Name Type a unique name (up to change your ZyXEL Device's trigger port settings. including spaces. The ZyXEL Device forwards the traffic with this check box to delete the port forwarding rule. Trigger Port This is a port (or a range of the LAN computer that a server on the WAN uses when it sends...
User Guide
Page 226
... either transport or tunnel mode). • Use IKE keying mode. • Enable NAT traversal on both IPSec endpoints. • Set the NAT router to forward UDP port 500 to access computers that DNS server. Finally, NAT is compatible with ESP in tunnel mode because integrity checks are created from...the LAN or from the ISP since these DNS servers cannot resolve domain names to private IP addresses on the headquarters (HQ) network, the ZyXEL Device at branch office 1 uses the Intranet DNS server in the following figure depicts an example where three VPN tunnels are performed over the ...
... either transport or tunnel mode). • Use IKE keying mode. • Enable NAT traversal on both IPSec endpoints. • Set the NAT router to forward UDP port 500 to access computers that DNS server. Finally, NAT is compatible with ESP in tunnel mode because integrity checks are created from...the LAN or from the ISP since these DNS servers cannot resolve domain names to private IP addresses on the headquarters (HQ) network, the ZyXEL Device at branch office 1 uses the Intranet DNS server in the following figure depicts an example where three VPN tunnels are performed over the ...
User Guide
Page 230
...down list box. You can have more protection so it is ESP. In order to the remote IPSec router behind your ZyXEL Device. 230 P-662H/HW-D Series User's Guide Select Yes to have to forward UDP port 500 packets to have the same configured local or remote IP address, but the... ZyXEL Device drops trailing spaces. The remote IPSec router must also enable NAT traversal, and the NAT routers have the ZyXEL Device automatically reinitiate the SA after the...
...down list box. You can have more protection so it is ESP. In order to the remote IPSec router behind your ZyXEL Device. 230 P-662H/HW-D Series User's Guide Select Yes to have to forward UDP port 500 packets to have the same configured local or remote IP address, but the... ZyXEL Device drops trailing spaces. The remote IPSec router must also enable NAT traversal, and the NAT routers have the ZyXEL Device automatically reinitiate the SA after the...
User Guide
Page 304
...password to display the screen shown next. For security reasons, the ZyXEL Device allows multicast messages on page 303 for examples of installing and using NAT traversal, UPnP applications automatically reserve a NAT forwarding port in this check box to activate UPnP. Disable UPnP if this ...the need to communicate with another UPnP enabled device; See the following table describes the fields in order to manually configure port forwarding for example by using UPnP. 22.2.1 Configuring UPnP Click Advanced > UPnP to access the web configurator). Allow users to make ...
...password to display the screen shown next. For security reasons, the ZyXEL Device allows multicast messages on page 303 for examples of installing and using NAT traversal, UPnP applications automatically reserve a NAT forwarding port in this check box to activate UPnP. Disable UPnP if this ...the need to communicate with another UPnP enabled device; See the following table describes the fields in order to manually configure port forwarding for example by using UPnP. 22.2.1 Configuring UPnP Click Advanced > UPnP to access the web configurator). Allow users to make ...
User Guide
Page 349
VPN passthrough Port Forwarding If you have its own unique IP address. Static Routes Static routes tell the ZyXEL Device how to forward IP traffic when you connect and turn on the ZyXEL Device, it from the ISP and makes the necessary configuration changes. Zero Configuration Internet Access ...IP parameters manually. 16 IP and 4 Bridge Traffic Redirect Traffic redirect forwards WAN traffic to a backup gateway when the ZyXEL Device cannot connect to the Internet, thus acting as an auxiliary if your ZyXEL Device to check web sites against an external database. In cases where...
VPN passthrough Port Forwarding If you have its own unique IP address. Static Routes Static routes tell the ZyXEL Device how to forward IP traffic when you connect and turn on the ZyXEL Device, it from the ISP and makes the necessary configuration changes. Zero Configuration Internet Access ...IP parameters manually. 16 IP and 4 Bridge Traffic Redirect Traffic redirect forwards WAN traffic to a backup gateway when the ZyXEL Device cannot connect to the Internet, thus acting as an auxiliary if your ZyXEL Device to check web sites against an external database. In cases where...