Home » ZyXEL Manuals » Networking » ZyXEL MAX-306 » Manual Viewer

ZyXEL MAX-306 User Guide - Page 234

Table 97, Access Control Logs, TCP Reset Logs, System Maintenance Logs continued

Get ZyXEL MAX-306 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 234 highlights

Chapter 19 The Logs Screens Table 96 System Maintenance Logs (continued) LOG MESSAGE DESCRIPTION Connect to NTP server fail The device was not able to connect to the NTP server. Too large ICMP packet has been dropped The device dropped an ICMP packet that was too large. Configuration Change: PC = 0x%x, Task ID = 0x%x The device is saving configuration changes. Table 97 Access Control Logs LOG MESSAGE Firewall default policy: [ TCP | UDP | IGMP | ESP | GRE | OSPF ] Firewall rule [NOT] match:[ TCP | UDP | IGMP | ESP | GRE | OSPF ] , Triangle route packet forwarded: [ TCP | UDP | IGMP | ESP | GRE | OSPF ] Packet without a NAT table entry blocked: [ TCP | UDP | IGMP | ESP | GRE | OSPF ] Router sent blocked web site message: TCP Exceed maximum sessions per host (%d). Firewall allowed a packet that matched a NAT session: [ TCP | UDP ] DESCRIPTION Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access matched the default policy and was blocked or forwarded according to the default policy's setting. Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access matched (or did not match) a configured firewall rule (denoted by its number) and was blocked or forwarded according to the rule. The firewall allowed a triangle route session to pass through. The router blocked a packet that didn't have a corresponding NAT table entry. The router sent a message to notify a user that the router blocked access to a web site that the user requested. The device blocked a session because the host's connections exceeded the maximum sessions per host. A packet from the WAN (TCP or UDP) matched a cone NAT session and the device forwarded it to the LAN. 234 Table 98 TCP Reset Logs LOG MESSAGE Under SYN flood attack, sent TCP RST Exceed TCP MAX incomplete, sent TCP RST Peer TCP state out of order, sent TCP RST DESCRIPTION The router sent a TCP reset packet when a host was under a SYN flood attack (the TCP incomplete count is per destination host.) The router sent a TCP reset packet when the number of TCP incomplete connections exceeded the user configured threshold. (the TCP incomplete count is per destination host.) The router sent a TCP reset packet when a TCP connection state was out of order.Note: The firewall refers to RFC793 Figure 6 to check the TCP state. User's Guide

Section	Page
MAX-306HW2 Series	1
About This User's Guide	3
Document Conventions	4
Safety Warnings	6
Contents Overview	9
Table of Contents	11
List of Figures	19
List of Tables	25
Introduction and Wizards	29
Getting Started	31
1.1 Overview	31
1.1.1 Wi-Fi Access Point	32
1.1.2 WiMAX Internet Access	32
1.1.3 Make Calls via Internet Telephony Service Provider	33
1.2 WiMAX Device Hardware	34
1.2.1 LEDs	34
1.3 Good Habits for Managing the WiMAX Device	35
Introducing the Web Configurator	37
2.1 Overview	37
2.1.1 Accessing the Web Configurator	37
2.1.2 The Reset Button	40
2.2 The Main Screen	40
Internet Connection Wizard	47
3.1 Overview	47
3.1.1 Welcome to the ZyXEL Setup Wizard	47
3.1.2 System Information	48
3.1.3 Wireless LAN	49
3.1.4 Authentication Settings	54
3.1.5 IP Address	56
3.1.6 Setup Complete	58
VoIP Connection Wizard	59
4.1 Overview	59
4.2 Welcome to the ZyXEL Setup Wizard	59
4.2.1 First Voice Account Settings	60
4.2.2 Setup Complete	63
Basic Screens	65
The Setup Screens	67
5.1 Overview	67
5.1.1 What You Can Do in This Chapter	67
5.1.2 What You Need to Know	67
5.1.3 Before You Begin	68
5.2 Set IP Address	68
5.3 DHCP Client	69
5.4 Time Setting	70
5.4.1 Pre-Defined NTP Time Servers List	71
5.4.2 Resetting the Time	72
Advanced Screens	73
The LAN Configuration Screens	75
6.1 Overview	75
6.1.1 What You Can Do in This Chapter	75
6.1.2 What You Need to Know	75
6.2 DHCP Setup	76
6.3 Static DHCP	78
6.4 IP Alias	79
6.5 IP Static Route	81
6.5.1 IP Static Route Setup	82
6.6 Other Settings	83
6.7 Technical Reference	84
6.7.1 IP Address and Subnet Mask	84
6.7.2 DHCP Setup	85
6.7.3 LAN TCP/IP	85
6.7.4 DNS Server Address	86
6.7.5 RIP Setup	86
6.7.6 Multicast	87
The WAN Configuration Screens	89
7.1 Overview	89
7.1.1 What You Can Do in This Chapter	89
7.1.2 What You Need to Know	89
7.2 Internet Connection	93
7.3 WiMAX Configuration	95
7.3.1 Frequency Ranges	97
7.3.2 Configuring Frequency Settings	97
7.3.3 Using the WiMAX Frequency Screen	98
7.4 Traffic Redirect	99
7.5 Advanced	101
The Wi-Fi Configuration Screens	103
8.1 Overview	103
8.1.1 What You Can Do in This Chapter	103
8.1.2 What You Need to Know	103
8.2 General	104
8.3 MAC Filter	109
8.4 Advanced	110
The VPN Transport Screens	113
9.1 Overview	113
9.1.1 What You Can Do in This Chapter	114
9.1.2 What You Need to Know	114
9.1.3 Before You Begin	115
9.2 General	116
9.3 Customer Interface	116
9.3.1 Multi-Protocol Label Switching	117
9.3.2 Generic Routing Encapsulation	117
9.3.3 Customer Interface Options	118
9.3.4 Customer Interface Setup	120
9.4 Ethernet Pseudowire	121
9.4.1 Ethernet Pseudowire Setup	123
9.5 Statistics	124
The NAT Configuration Screens	125
10.1 Overview	125
10.1.1 What You Can Do in This Chapter	125
10.2 General	125
10.3 Port Forwarding	126
10.3.1 Port Forwarding Options	127
10.3.2 Port Forwarding Rule Setup	129
10.4 Trigger Port	130
10.4.1 Trigger Port Forwarding Example	131
10.5 ALG	132
The System Configuration Screens	135
11.1 Overview	135
11.1.1 What You Can Do in This Chapter	135
11.1.2 What You Need to Know	135
11.2 General	137
11.3 Dynamic DNS	138
11.4 Firmware	140
11.4.1 The Firmware Upload Process	141
11.5 Configuration	142
11.5.1 The Restore Configuration Process	143
11.6 Restart	143
11.6.1 The Restart Process	144
Voice Screens	145
The Service Configuration Screens	147
12.1 Overview	147
12.1.1 What You Can Do in This Chapter	147
12.1.2 What You Need to Know	147
12.1.3 Before you Begin	149
12.2 SIP Settings	149
12.2.1 Advanced SIP Settings	151
12.3 QoS	158
12.4 Technical Reference	159
12.4.1 SIP Call Progression	159
12.4.2 SIP Client Server	160
12.4.3 SIP User Agent	160
12.4.4 SIP Proxy Server	160
12.4.5 SIP Redirect Server	161
12.4.6 NAT and SIP	162
12.4.7 DiffServ	162
12.4.8 DSCP and Per-Hop Behavior	163
The Phone Screens	165
13.1 Overview	165
13.1.1 What You Can Do in This Chapter	165
13.1.2 What You Need to Know	165
13.2 Analog Phone	166
13.2.1 Advanced Analog Phone Setup	168
13.3 Common	169
13.4 Region	170
13.5 Technical Reference	170
13.5.1 The Flash Key	170
13.5.2 Europe Type Supplementary Phone Services	171
13.5.3 USA Type Supplementary Services	173
The Phone Book Screens	175
14.1 Overview	175
14.1.1 What You Can Do in This Chapter	175
14.1.2 What You Need to Know	175
14.2 Incoming Call Policy	176
14.3 Speed Dial	178
Tools & Status Screens	181
The Certificates Screens	183
15.1 Overview	183
15.1.1 What You Can Do in This Chapter	183
15.1.2 What You Need to Know	183
15.2 My Certificates	184
15.2.1 My Certificates Create	186
15.2.2 My Certificate Edit	189
15.2.3 My Certificate Import	192
15.3 Trusted CAs	193
15.3.1 Trusted CA Edit	195
15.3.2 Trusted CA Import	197
15.4 Technical Reference	198
15.4.1 Certificate Authorities	198
15.4.2 Verifying a Certificate	200
The Firewall Screens	203
16.1 Overview	203
16.1.1 What You Can Do in This Chapter	203
16.1.2 What You Need to Know	203
16.2 Firewall Setting	204
16.2.1 Firewall Rule Directions	204
16.2.2 Triangle Route	205
16.2.3 Firewall Setting Options	206
16.3 Service Setting	207
16.4 Technical Reference	208
16.4.1 Stateful Inspection Firewall.	208
16.4.2 Guidelines For Enhancing Security With Your Firewall	209
16.4.3 The “Triangle Route” Problem	209
Content Filter	213
17.1 Overview	213
17.1.1 What You Can Do in This Chapter	213
17.2 Filter	214
17.3 Schedule	216
The Remote Management Screens	217
18.1 Overview	217
18.1.1 What You Can Do in This Chapter	217
18.1.2 What You Need to Know	218
18.2 WWW	219
18.3 Telnet	220
18.4 FTP	220
18.5 SNMP	221
18.5.1 SNMP Traps	222
18.5.2 SNMP Options	223
18.6 DNS	224
18.7 Security	225
The Logs Screens	227
19.1 Overview	227
19.1.1 What You Can Do in This Chapter	227
19.1.2 What You Need to Know	227
19.2 View Logs	229
19.3 Log Settings	231
19.4 Log Message Descriptions	233
The UPnP Screen	243
20.1 Overview	243
20.1.1 What You Can Do in This Chapter	243
20.1.2 What You Need to Know	243
20.2 UPnP	244
20.3 Technical Reference	245
20.3.1 Installing UPnP in Windows XP	245
20.3.2 Web Configurator Easy Access	249
The Status Screen	253
21.1 Overview	253
21.2 Status Screen	253
21.2.1 Packet Statistics	258
21.2.2 WiMAX Site Information	259
21.2.3 DHCP Table	260
21.2.4 VoIP Statistics	261
21.2.5 WiMAX Profile	263
Troubleshooting and Specifications	265
Troubleshooting	267
22.1 Power, Hardware Connections, and LEDs	267
22.2 WiMAX Device Access and Login	268
22.3 Internet Access	270
22.4 Phone Calls and VoIP	272
22.5 Reset the WiMAX Device to Its Factory Defaults	273
22.5.1 Pop-up Windows, JavaScripts and Java Permissions	273
Product Specifications	275
Appendices and Index	277
WiMAX Security	279
Setting Up Your Computer’s IP Address	283
Wireless LANs	311
Pop-up Windows, JavaScripts and Java Permissions	327
IP Addresses and Subnetting	337
Importing Certificates	349
SIP Passthrough	381
Common Services	383
Legal Information	387
Customer Support	391

Match case Limit results 1 per page

Chapter 19 The Logs Screens

User’s Guide

234

Connect to NTP server fail

The device was not able to connect to the NTP server.

Too large ICMP packet has

been dropped

The device dropped an ICMP packet that was too

large.

Configuration Change: PC =

0x%x, Task ID = 0x%x

The device is saving configuration changes.

Table 97

Access Control Logs

LOG MESSAGE

DESCRIPTION

Firewall default policy: [ TCP |

UDP | IGMP | ESP | GRE | OSPF ]

Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access

matched the default policy and was blocked or

forwarded according to the default policy’s

setting.

Firewall rule [NOT] match:[ TCP

| UDP | IGMP | ESP | GRE | OSPF

] <Packet Direction>, <rule:%d>

Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access

matched (or did not match) a configured firewall

rule (denoted by its number) and was blocked or

forwarded according to the rule.

Triangle route packet forwarded:

[ TCP | UDP | IGMP | ESP | GRE |

OSPF ]

The firewall allowed a triangle route session to

pass through.

Packet without a NAT table entry

blocked: [ TCP | UDP | IGMP |

ESP | GRE | OSPF ]

The router blocked a packet that didn't have a

corresponding NAT table entry.

Router sent blocked web site

message: TCP

The router sent a message to notify a user that

the router blocked access to a web site that the

user requested.

Exceed maximum sessions per host

(%d).

The device blocked a session because the host's

connections exceeded the maximum sessions per

host.

Firewall allowed a packet that

matched a NAT session: [ TCP |

UDP ]

A packet from the WAN (TCP or UDP) matched a

cone NAT session and the device forwarded it to

the LAN.

Table 98

TCP Reset Logs

LOG MESSAGE

DESCRIPTION

Under SYN flood attack,

sent TCP RST

The router sent a TCP reset packet when a host was

under a SYN flood attack (the TCP incomplete count is per

destination host.)

Exceed TCP MAX

incomplete, sent TCP RST

The router sent a TCP reset packet when the number of

TCP incomplete connections exceeded the user configured

threshold. (the TCP incomplete count is per destination

host.)

Peer TCP state out of

order, sent TCP RST

The router sent a TCP reset packet when a TCP

connection state was out of order.Note: The firewall

refers to RFC793 Figure 6 to check the TCP state.

Table 96

System Maintenance Logs (continued)

LOG MESSAGE

DESCRIPTION