Home » ZyXEL Manuals » Networking » ZyXEL P-660HW-T1 v2 » Manual Viewer

ZyXEL P-660HW-T1 v2 User Guide - Page 235

Table 100, Table 99

Get ZyXEL P-660HW-T1 v2 PDF manuals and user guides

View all ZyXEL P-660HW-T1 v2 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 235 highlights

P-660HW-T v2 User's Guide Table 99 Attack Logs (continued) LOG MESSAGE DESCRIPTION ip spoofing - WAN ICMP (type:%d, code:%d) icmp echo: ICMP (type:%d, code:%d) syn flood TCP ports scan TCP teardrop TCP teardrop UDP teardrop ICMP (type:%d, code:%d) illegal command TCP NetBIOS TCP ip spoofing - no routing entry [TCP | UDP | IGMP | ESP | GRE | OSPF] ip spoofing - no routing entry ICMP (type:%d, code:%d) vulnerability ICMP (type:%d, code:%d) traceroute ICMP (type:%d, code:%d) The firewall detected an ICMP IP spoofing attack on the WAN port. For type and code details, see Table 106 on page 242. The firewall detected an ICMP echo attack. For type and code details, see Table 106 on page 242. The firewall detected a TCP syn flood attack. The firewall detected a TCP port scan attack. The firewall detected a TCP teardrop attack. The firewall detected an UDP teardrop attack. The firewall detected an ICMP teardrop attack. For type and code details, see Table 106 on page 242. The firewall detected a TCP illegal command attack. The firewall detected a TCP NetBIOS attack. The firewall classified a packet with no source routing entry as an IP spoofing attack. The firewall classified an ICMP packet with no source routing entry as an IP spoofing attack. The firewall detected an ICMP vulnerability attack. For type and code details, see Table 106 on page 242. The firewall detected an ICMP traceroute attack. For type and code details, see Table 106 on page 242. Table 100 IPSec Logs LOG MESSAGE DESCRIPTION Discard REPLAY packet The router received and discarded a packet with an incorrect sequence number. Inbound packet authentication failed The router received a packet that has been altered. A third party may have altered or tampered with the packet. Receive IPSec packet, but no corresponding tunnel exists The router dropped an inbound packet for which SPI could not find a corresponding phase 2 SA. Rule idle time out, disconnect The router dropped a connection that had outbound traffic and no inbound traffic for a certain time period. You can use the "ipsec timer chk_conn" CI command to set the time period. The default value is 2 minutes. WAN IP changed to The router dropped all connections with the "MyIP" configured as "0.0.0.0" when the WAN IP address changed. Chapter 18 Logs 235

Section	Page
P-660HW-T v2	1
User’s Guide	1
Copyright	3
Certifications	4
Safety Warnings	6
ZyXEL Limited Warranty	8
Customer Support	9
Table of Contents	11
List of Figures	21
List of Tables	27
Preface	31
Getting To Know Your ZyXEL Device	33
1.1 Introducing the ZyXEL Device	33
1.2 Features	33
1.2.1 Wireless Features	36
1.3 Applications for the ZyXEL Device	37
1.3.1 Protected Internet Access	37
1.3.2 LAN to LAN Application	38
1.4 Front Panel LEDs	38
1.5 Hardware Connection	39
Introducing the Web Configurator	41
2.1 Web Configurator Overview	41
2.2 Accessing the Web Configurator	41
2.3 Resetting the ZyXEL Device	43
2.3.1 Using the Reset Button	43
2.4 Navigating the Web Configurator	43
2.4.1 Navigation Panel	43
2.4.2 Status Screen	46
2.4.3 Status: Any IP Table	49
2.4.4 Status: WLAN Status	49
2.4.5 Status: Bandwidth Status	50
2.4.6 Status: Packet Statistics	51
2.4.7 Changing Login Password	52
Wizard Setup for Internet Access	55
3.1 Introduction	55
3.2 Internet Access Wizard Setup	55
3.2.1 Automatic Detection	57
3.2.2 Manual Configuration	57
3.3 Wireless Connection Wizard Setup	62
3.3.1 Manually assign a WPA-PSK key	65
3.3.2 Manually assign a WEP key	66
Bandwidth Management Wizard	69
4.1 Introduction	69
4.2 Predefined Media Bandwidth Management Services	69
4.3 Bandwidth Management Wizard Setup	70
WAN Setup	75
5.1 WAN Overview	75
5.1.1 Encapsulation	75
5.1.2 Multiplexing	76
5.1.3 Encapsulation and Multiplexing Scenarios	76
5.1.4 VPI and VCI	77
5.1.5 IP Address Assignment	77
5.1.6 Nailed-Up Connection (PPP)	78
5.1.7 NAT	78
5.2 Metric	78
5.3 Traffic Shaping	79
5.3.1 ATM Traffic Classes	80
5.4 Zero Configuration Internet Access	80
5.5 Internet Connection	81
5.5.1 Configuring Advanced Internet Connection Setup	83
5.6 Configuring More Connections	84
5.6.1 More Connections Edit	85
5.6.2 Configuring More Connections Advanced Setup	88
5.7 Traffic Redirect	89
5.8 Configuring WAN Backup	90
Wireless LAN	93
6.1 Wireless Network Overview	93
6.2 Wireless Security Overview	94
6.2.1 SSID	94
6.2.2 MAC Address Filter	94
6.2.3 User Authentication	95
6.2.4 Encryption	95
6.2.5 One-Touch Intelligent Security Technology (OTIST)	96
6.3 Wireless Performance Overview	96
6.4 General Wireless LAN Screen	96
6.4.1 No Security	98
6.4.2 WEP Encryption	98
6.4.3 WPA-PSK/WPA2-PSK	99
6.4.4 WPA/WPA2	101
6.4.5 Wireless LAN Advanced Setup	103
6.5 OTIST	105
6.5.1 Enabling OTIST	105
6.5.2 Starting OTIST	107
6.5.3 Notes on OTIST	108
6.6 MAC Filter	108
LAN Setup	111
7.1 LAN Overview	111
7.1.1 LANs, WANs and the ZyXEL Device	111
7.1.2 DHCP Setup	112
7.1.3 DNS Server Address	112
7.1.4 DNS Server Address Assignment	113
7.2 LAN TCP/IP	113
7.2.1 IP Address and Subnet Mask	113
7.2.2 RIP Setup	114
7.2.3 Multicast	115
7.2.4 Any IP	115
7.3 Configuring LAN IP	117
7.3.1 Configuring Advanced LAN Setup	117
7.4 DHCP Setup	119
7.5 LAN Client List	120
7.6 LAN IP Alias	121
Network Address Translation (NAT) Screens	125
8.1 NAT Overview	125
8.1.1 NAT Definitions	125
8.1.2 What NAT Does	126
8.1.3 How NAT Works	126
8.1.4 NAT Application	127
8.1.5 NAT Mapping Types	127
8.2 SUA (Single User Account) Versus NAT	128
8.3 NAT General Setup	128
8.4 Port Forwarding	129
8.4.1 Default Server IP Address	130
8.4.2 Port Forwarding: Services and Port Numbers	130
8.4.3 Configuring Servers Behind Port Forwarding (Example)	131
8.5 Configuring Port Forwarding	131
8.5.1 Port Forwarding Rule Edit	132
8.6 Address Mapping	133
8.6.1 Address Mapping Rule Edit	135
Firewalls	137
9.1 Firewall Overview	137
9.2 Types of Firewalls	137
9.2.1 Packet Filtering Firewalls	137
9.2.2 Application-level Firewalls	138
9.2.3 Stateful Inspection Firewalls	138
9.3 Introduction to ZyXEL’s Firewall	138
9.3.1 Denial of Service Attacks	139
9.4 Denial of Service	139
9.4.1 Basics	139
9.4.2 Types of DoS Attacks	140
9.5 Stateful Inspection	143
9.5.1 Stateful Inspection Process	144
9.5.2 Stateful Inspection and the ZyXEL Device	144
9.5.3 TCP Security	145
9.5.4 UDP/ICMP Security	145
9.5.5 Upper Layer Protocols	146
9.6 Guidelines for Enhancing Security with Your Firewall	146
9.6.1 Security In General	146
9.7 Packet Filtering Vs Firewall	147
9.7.1 Packet Filtering:	147
9.7.2 Firewall	148
Firewall Configuration	149
10.1 Access Methods	149
10.2 Firewall Policies Overview	149
10.3 Rule Logic Overview	150
10.3.1 Rule Checklist	150
10.3.2 Security Ramifications	150
10.3.3 Key Fields For Configuring Rules	151
10.4 Connection Direction	151
10.4.1 LAN to WAN Rules	152
10.4.2 Alerts	152
10.5 General Firewall Policy	152
10.6 Firewall Rules Summary	153
10.6.1 Configuring Firewall Rules	155
10.6.2 Customized Services	158
10.6.3 Configuring a Customized Service	159
10.7 Example Firewall Rule	159
10.8 Predefined Services	163
10.9 Anti-Probing	165
10.10 DoS Thresholds	166
10.10.1 Threshold Values	166
10.10.2 Half-Open Sessions	167
10.10.3 Configuring Firewall Thresholds	168
Content Filtering	171
11.1 Content Filtering Overview	171
11.2 Configuring Keyword Blocking	171
11.3 Configuring the Schedule	172
11.4 Configuring Trusted Computers	173
Static Route	175
12.1 Static Route	175
12.2 Configuring Static Route	175
12.2.1 Static Route Edit	176
Bandwidth Management	179
13.1 Bandwidth Management Overview	179
13.2 Application-based Bandwidth Management	179
13.3 Subnet-based Bandwidth Management	179
13.4 Application and Subnet-based Bandwidth Management	180
13.5 Scheduler	180
13.5.1 Priority-based Scheduler	180
13.5.2 Fairness-based Scheduler	181
13.6 Maximize Bandwidth Usage	181
13.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic	181
13.6.2 Maximize Bandwidth Usage Example	182
13.6.3 Bandwidth Management Priorities	183
13.7 Over Allotment of Bandwidth	184
13.8 Configuring Summary	184
13.9 Bandwidth Management Rule Setup	185
13.9.1 Rule Configuration	187
13.10 Bandwidth Monitor	189
Dynamic DNS Setup	191
14.1 Dynamic DNS Overview	191
14.1.1 DYNDNS Wildcard	191
14.2 Configuring Dynamic DNS	191
Remote Management Configuration	195
15.1 Remote Management Overview	195
15.1.1 Remote Management Limitations	195
15.1.2 Remote Management and NAT	196
15.1.3 System Timeout	196
15.2 WWW	196
15.3 Telnet	197
15.4 Configuring Telnet	197
15.5 Configuring FTP	198
15.6 SNMP	199
15.6.1 Supported MIBs	200
15.6.2 SNMP Traps	201
15.6.3 Configuring SNMP	201
15.7 Configuring DNS	202
15.8 Configuring ICMP	203
15.9 TR-069	204
Universal Plug-and-Play (UPnP)	207
16.1 Introducing Universal Plug and Play	207
16.1.1 How do I know if I'm using UPnP?	207
16.1.2 NAT Traversal	207
16.1.3 Cautions with UPnP	208
16.2 UPnP and ZyXEL	208
16.2.1 Configuring UPnP	208
16.3 Installing UPnP in Windows Example	209
16.3.1 Installing UPnP in Windows Me	209
16.3.2 Installing UPnP in Windows XP	211
16.4 Using UPnP in Windows XP Example	212
16.4.1 Auto-discover Your UPnP-enabled Network Device	212
16.4.2 Web Configurator Easy Access	215
System	219
17.1 General Setup	219
17.1.1 General Setup and System Name	219
17.1.2 General Setup	219
17.2 Time Setting	221
Logs	225
18.1 Logs Overview	225
18.1.1 Alerts and Logs	225
18.2 Viewing the Logs	225
18.3 Configuring Log Settings	226
18.3.1 Example E-mail Log	228
18.4 Log Descriptions	229
Tools	245
19.1 Firmware Upgrade	245
19.2 Configuration Screen	247
19.2.1 Backup Configuration	247
19.2.2 Restore Configuration	248
19.2.3 Back to Factory Defaults	249
19.3 Restart	249
Diagnostic	251
20.1 General Diagnostic	251
20.2 DSL Line Diagnostic	252
Troubleshooting	253
21.1 Problems Starting Up the ZyXEL Device	253
21.2 Problems with the LAN	253
21.3 Problems with the WAN	254
21.4 Problems Accessing the ZyXEL Device	255
Product Specifications	257
About ADSL	261
Internal SPTGEN	263
Wall-mounting Instructions	279
Setting up Your Computer’s IP Address	281
IP Subnetting	297
Command Interpreter	305
Firewall Commands	309
NetBIOS Filter Commands	315
Splitters and Microfilters	317
Wireless LANs	321
Pop-up Windows, JavaScripts and Java Permissions	335
Triangle Route	343
Index	345
Numerics	345
A	345
B	345
C	345
D	346
E	346
F	347
G	347
H	347
I	347
L	348
M	348
N	348
O	348
P	348
Q	349
R	349
S	349
T	350
U	350
V	351
W	351

Match case Limit results 1 per page

P-660HW-T v2 User’s Guide

Chapter 18 Logs

235

ip spoofing - WAN ICMP

(type:%d, code:%d)

The firewall detected an ICMP IP spoofing attack on the WAN port.

For type and code details, see

Table 106 on page 242

icmp echo: ICMP (type:%d,

code:%d)

The firewall detected an ICMP echo attack. For type and code

details, see

Table 106 on page 242

syn flood TCP

The firewall detected a TCP syn flood attack.

ports scan TCP

The firewall detected a TCP port scan attack.

teardrop TCP

The firewall detected a TCP teardrop attack.

teardrop UDP

The firewall detected an UDP teardrop attack.

teardrop ICMP (type:%d,

code:%d)

The firewall detected an ICMP teardrop attack. For type and code

details, see

Table 106 on page 242

illegal command TCP

The firewall detected a TCP illegal command attack.

NetBIOS TCP

The firewall detected a TCP NetBIOS attack.

ip spoofing - no routing

entry [TCP | UDP | IGMP |

ESP | GRE | OSPF]

The firewall classified a packet with no source routing entry as an

IP spoofing attack.

ip spoofing - no routing

entry ICMP (type:%d,

code:%d)

The firewall classified an ICMP packet with no source routing entry

as an IP spoofing attack.

vulnerability ICMP

(type:%d, code:%d)

The firewall detected an ICMP vulnerability attack. For type and

code details, see

Table 106 on page 242

traceroute ICMP (type:%d,

code:%d)

The firewall detected an ICMP traceroute attack. For type and

code details, see

Table 106 on page 242

Table 100

IPSec Logs

LOG MESSAGE

DESCRIPTION

Discard REPLAY packet

The router received and discarded a packet with an incorrect

sequence number.

Inbound packet

authentication failed

The router received a packet that has been altered. A third party may

have altered or tampered with the packet.

Receive IPSec packet,

but no corresponding

tunnel exists

The router dropped an inbound packet for which SPI could not find a

corresponding phase 2 SA.

Rule <%d> idle time out,

disconnect

The router dropped a connection that had outbound traffic and no

inbound traffic for a certain time period. You can use the "ipsec timer

chk_conn" CI command to set the time period. The default value is 2

minutes.

WAN IP changed to <IP>

The router dropped all connections with the “MyIP” configured as

“0.0.0.0” when the WAN IP address changed.

Table 99

Attack Logs (continued)

LOG MESSAGE

DESCRIPTION