Home » ZyXEL Manuals » Networking » ZyXEL P-660H-T1 v2 » Manual Viewer

ZyXEL P-660H-T1 v2 User Guide - Page 292

Function, Command, Description

Get ZyXEL P-660H-T1 v2 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 292 highlights

Appendix F Firewall Commands Table 124 Firewall Commands (continued) FUNCTION COMMAND DESCRIPTION Config edit firewall set tcp-idle-timeout This command sets how long ZyXEL Device lets an inactive TCP connection remain open before considering it closed. Rules Config edit firewall set log This command sets whether or not the ZyXEL Device creates logs for packets that match the firewall's default rule set. Config edit firewall set rule permit This command sets whether packets that match this rule are dropped or allowed through. Config edit firewall set rule active This command sets whether a rule is enabled or not. Config edit firewall set rule protocol This command sets the protocol specification number made in this rule for ICMP. Config edit firewall set rule log This command sets the ZyXEL Device to log traffic that matches the rule, doesn't match, both or neither. Config edit firewall set rule alert This command sets whether or not the ZyXEL Device sends an alert e-mail when a DOS attack or a violation of a particular rule occurs. config edit firewall set rule srcaddrsingle This command sets the rule to have the ZyXEL Device check for traffic with this individual source address. config edit firewall set rule srcaddrsubnet This command sets a rule to have the ZyXEL Device check for traffic from a particular subnet (defined by IP address and subnet mask). config edit firewall set rule srcaddr-range This command sets a rule to have the ZyXEL Device check for traffic from this range of addresses. 292 P-660H-Tx v2 User's Guide

Section	Page
User’s Guide	1
About This User's Guide	3
Document Conventions	4
Safety Warnings	6
Contents Overview	9
Table of Contents	11
List of Figures	19
List of Tables	25
Introduction	29
Introducing the ZyXEL Device	31
1.1 Overview	31
1.2 Ways to Manage the ZyXEL Device	32
1.3 Good Habits for Managing the ZyXEL Device	33
1.4 LEDs	33
1.5 Splitters and Microfilters	34
1.5.1 Connecting a POTS Splitter	34
1.5.2 Telephone Microfilters	35
1.6 Hardware Connections	35
Introducing the Web Configurator	37
2.1 Web Configurator Overview	37
2.2 Accessing the Web Configurator	37
2.2.1 User Access	38
2.2.2 Administrator Access	38
2.3 Resetting the ZyXEL Device	40
2.3.1 Using the Reset Button	40
2.4 Navigating the Web Configurator	40
2.4.1 Navigation Panel	40
2.4.2 Status Screen	43
2.4.3 Status: Any IP Table	45
2.4.4 Status: Bandwidth Status	46
2.4.5 Status: Packet Statistics	47
2.4.6 Changing Login Password	48
Wizards	49
Wizard Setup for Internet Access	51
3.1 Introduction	51
3.2 Internet Access Wizard Setup	51
3.2.1 Automatic Detection	53
3.2.2 Manual Configuration	53
Bandwidth Management Wizard	59
4.1 Introduction	59
4.2 Predefined Media Bandwidth Management Services	59
4.3 Bandwidth Management Wizard Setup	60
Network	65
WAN Setup	67
5.1 WAN Overview	67
5.1.1 Encapsulation	67
5.1.2 Multiplexing	68
5.1.3 Encapsulation and Multiplexing Scenarios	68
5.1.4 VPI and VCI	69
5.1.5 IP Address Assignment	69
5.1.6 Nailed-Up Connection (PPP)	69
5.1.7 NAT	70
5.2 Metric	70
5.3 Traffic Shaping	70
5.3.1 ATM Traffic Classes	71
5.4 Zero Configuration Internet Access	72
5.5 Internet Connection	72
5.5.1 Configuring Advanced Internet Connection Setup	74
5.6 Configuring More Connections	76
5.6.1 More Connections Edit	77
5.6.2 Configuring More Connections Advanced Setup	80
5.7 Traffic Redirect	81
5.8 Configuring WAN Backup	82
LAN Setup	85
6.1 LAN Overview	85
6.1.1 LANs, WANs and the ZyXEL Device	85
6.1.2 DHCP Setup	86
6.1.3 DNS Server Address	86
6.2 LAN TCP/IP	86
6.2.1 IP Address and Subnet Mask	86
6.2.2 RIP Setup	88
6.2.3 Multicast	88
6.2.4 Any IP	89
6.3 Configuring LAN IP	90
6.3.1 Configuring Advanced LAN Setup	91
6.4 DHCP Setup	92
6.5 LAN Client List	93
6.6 LAN IP Alias	94
Network Address Translation (NAT) Screens	97
7.1 NAT Overview	97
7.1.1 NAT Definitions	97
7.1.2 What NAT Does	98
7.1.3 How NAT Works	98
7.1.4 NAT Application	98
7.1.5 NAT Mapping Types	99
7.2 SUA (Single User Account) Versus NAT	100
7.3 SIP ALG	100
7.4 NAT General Setup	101
7.5 Port Forwarding	102
7.5.1 Default Server IP Address	102
7.5.2 Port Forwarding: Services and Port Numbers	102
7.5.3 Configuring Servers Behind Port Forwarding (Example)	103
7.6 Configuring Port Forwarding	103
7.6.1 Port Forwarding Rule Edit	104
7.7 Address Mapping	105
7.7.1 Address Mapping Rule Edit	107
Security	109
Firewalls	111
8.1 Firewall Overview	111
8.2 Types of Firewalls	111
8.2.1 Packet Filtering Firewalls	111
8.2.2 Application-level Firewalls	112
8.2.3 Stateful Inspection Firewalls	112
8.3 Introduction to ZyXEL’s Firewall	112
8.3.1 Denial of Service Attacks	113
8.4 Denial of Service	113
8.4.1 Basics	113
8.4.2 Types of DoS Attacks	114
8.5 Stateful Inspection	116
8.5.1 Stateful Inspection Process	117
8.5.2 Stateful Inspection and the ZyXEL Device	118
8.5.3 TCP Security	118
8.5.4 UDP/ICMP Security	119
8.5.5 Upper Layer Protocols	119
8.6 Guidelines for Enhancing Security with Your Firewall	120
8.6.1 Security In General	120
8.7 Packet Filtering Vs Firewall	121
8.7.1 Packet Filtering:	121
8.7.2 Firewall	121
Firewall Configuration	123
9.1 Access Methods	123
9.2 Firewall Policies Overview	123
9.3 Rule Logic Overview	124
9.3.1 Rule Checklist	124
9.3.2 Security Ramifications	124
9.3.3 Key Fields For Configuring Rules	125
9.4 Connection Direction	125
9.4.1 LAN to WAN Rules	126
9.4.2 Alerts	126
9.5 General Firewall Policy	126
9.6 Firewall Rules Summary	127
9.6.1 Configuring Firewall Rules	129
9.6.2 Customized Services	132
9.6.3 Configuring a Customized Service	132
9.7 Example Firewall Rule	133
9.8 Predefined Services	137
9.9 Anti-Probing	139
9.10 DoS Thresholds	140
9.10.1 Threshold Values	140
9.10.2 Half-Open Sessions	141
9.10.3 Configuring Firewall Thresholds	141
Content Filtering	145
10.1 Content Filtering Overview	145
10.2 Configuring Keyword Blocking	145
10.3 Configuring the Schedule	146
10.4 Configuring Trusted Computers	147
Advanced Setup	149
Static Route	151
11.1 Static Route	151
11.2 Configuring Static Route	151
11.2.1 Static Route Edit	152
Bandwidth Management	155
12.1 Bandwidth Management Overview	155
12.2 Application-based Bandwidth Management	155
12.3 Subnet-based Bandwidth Management	155
12.4 Application and Subnet-based Bandwidth Management	156
12.5 Scheduler	156
12.5.1 Priority-based Scheduler	156
12.5.2 Fairness-based Scheduler	157
12.6 Maximize Bandwidth Usage	157
12.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic	157
12.6.2 Maximize Bandwidth Usage Example	157
12.6.3 Bandwidth Management Priorities	159
12.7 Over Allotment of Bandwidth	159
12.8 Configuring Summary	159
12.9 Bandwidth Management Rule Setup	160
12.9.1 Rule Configuration	162
12.10 Bandwidth Monitor	164
Dynamic DNS Setup	165
13.1 Dynamic DNS Overview	165
13.1.1 DYNDNS Wildcard	165
13.2 Configuring Dynamic DNS	165
Remote Management Configuration	169
14.1 Remote Management Overview	169
14.1.1 Remote Management Limitations	170
14.1.2 Remote Management and NAT	170
14.1.3 System Timeout	170
14.2 WWW	170
14.3 Telnet	171
14.4 Configuring Telnet	171
14.5 Telnet Login	172
14.6 Configuring FTP	173
14.7 SNMP	174
14.7.1 Supported MIBs	175
14.7.2 SNMP Traps	175
14.7.3 Configuring SNMP	175
14.8 Configuring DNS	177
14.9 Configuring ICMP	177
14.10 TR-069	178
Universal Plug-and-Play (UPnP)	181
15.1 Introducing Universal Plug and Play	181
15.1.1 How do I know if I'm using UPnP?	181
15.1.2 NAT Traversal	181
15.1.3 Cautions with UPnP	181
15.2 UPnP and ZyXEL	182
15.2.1 Configuring UPnP	182
15.3 Installing UPnP in Windows Example	183
15.3.1 Installing UPnP in Windows Me	183
15.3.2 Installing UPnP in Windows XP	184
15.4 Using UPnP in Windows XP Example	185
15.4.1 Auto-discover Your UPnP-enabled Network Device	186
15.4.2 Web Configurator Easy Access	189
Maintenance and Troubleshooting	193
System	195
16.1 General Setup	195
16.1.1 General Setup and System Name	195
16.1.2 General Setup	195
16.2 Time Setting	197
Tools	201
17.1 Firmware Upgrade	201
17.2 Configuration Screen	203
17.2.1 Backup Configuration	203
17.2.2 Restore Configuration	204
17.2.3 Back to Factory Defaults	205
17.3 Restart	205
Diagnostic	207
18.1 General Diagnostic	207
18.2 DSL Line Diagnostic	208
Logs	209
19.1 Logs Overview	209
19.1.1 Alerts and Logs	209
19.2 Viewing the Logs	209
19.3 Configuring Log Settings	210
19.3.1 Example E-mail Log	212
19.4 Log Descriptions	213
Troubleshooting	227
20.1 Power, Hardware Connections, and LEDs	227
20.2 ZyXEL Device Access and Login	228
20.3 Internet Access	230
Appendices and Index	231
Product Specifications	233
Internal SPTGEN	241
Setting up Your Computer’s IP Address	257
IP Addresses and Subnetting	273
Pop-up Windows, JavaScripts and Java Permissions	283
Firewall Commands	289
NetBIOS Filter Commands	295
Triangle Route	297
Legal Information	299
Customer Support	303