Home » ZyXEL Manuals » Networking » ZyXEL P-663HN-51 » Manual Viewer

ZyXEL P-663HN-51 User Guide - Page 63

Advanced Setup > WAN > Add 3: PPPoA continued, Table 15 - firewall

Get ZyXEL P-663HN-51 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 63 highlights

Chapter 5 WAN Setup Table 15 Advanced Setup > WAN > Add (3: PPPoA) (continued) LABEL DESCRIPTION Authentication Method The ZyXEL Device supports PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol). CHAP is more secure than PAP; however, PAP is readily available on more platforms. Use the drop-down list box to select an authentication protocol for outgoing calls. Options are: AUTO - Your ZyXEL Device accepts either CHAP, PAP, or MSCHAP when requested by this remote node. CHAP - Your ZyXEL Device accepts CHAP only. PAP - Your ZyXEL Device accepts PAP only. Enable NAT Enable Fullcone NAT MSCHAP - Your ZyXEL Device accepts MSCHAP (Microsoft CHAP) only. Turn on NAT to translate IP addresses between two different networks (so you can have a private LAN with IP addresses that are different from the public IP addresses on the WAN. See Chapter 7 on page 83 for more details. This field displays when you enable NAT. In full cone NAT, all requests from the same private IP address and port are mapped to the same public source IP address and port. Someone on the Internet only needs to know the mapping scheme in order to send packets to a device behind the ZyXEL Device. Enable Firewall Dial on demand The ZyXEL Device uses restricted cone NAT when you disable full cone NAT. Select this to turn on the ZyXEL Device's Stateful Packet Inspection (SPI) firewall. By default the firewall blocks traffic originating from the WAN from going to the LAN. See Chapter 8 on page 93 for how to configure firewall rules. Select Dial on demand when you don't want the connection up all the time and specify an idle time-out (in seconds) in the Inactivity Timeout field. PPP IP extension Clear the Dial on demand option to keep the connection up all the time. The ZyXEL Device will try to bring up the connection automatically if it is disconnected. Only select this option if your service provider requires it. The following conditions apply to a connection using PPP IP extension. • Only one computer can be connected on the LAN. • The ISP only assigns a single public IP address and the LAN computer uses it on its LAN interface. • The firewall and NAT features are disabled. • The ZyXEL Device uses DHCP to tell the LAN computer that the ZyXEL Device is its default gateway and DNS server. • The ZyXEL Device extends the ISP's IP subnet to the LAN computer. • The ZyXEL Device bridges packets between the DSL and LAN interface, except for packets destined for the ZyXEL Device's LAN IP address. P-663HN-51 User's Guide 63

Section	Page
P-663HN-51	1
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
Introduction	19
Introducing the ZyXEL Device	21
1.1 Overview	21
1.2 Ways to Manage the ZyXEL Device	22
1.3 Good Habits for Managing the ZyXEL Device	23
1.4 Hardware Connections	23
1.4.1 Connecting POTS Splitters	23
1.4.2 Telephone Microfilters	24
1.5 System Startup and LEDs	25
Introducing the Web Configurator	27
2.1 Web Configurator Overview	27
2.2 Accessing the Web Configurator	27
2.2.1 User Access	28
2.2.2 Administrator Access	29
2.3 Resetting the ZyXEL Device	29
2.3.1 Using the Reset Button	29
2.4 Navigating the Web Configurator	30
Initial Configuration	35
3.1 WAN Configuration	35
3.2 QoS Configuration	36
3.3 Changing the Login Password	36
Device Information	37
4.1 Device Information Summary	37
4.2 WAN Information	39
4.3 LAN Statistics	40
4.4 WAN Statistics	41
4.5 ATM Statistics	42
4.6 ADSL Statistics	44
4.7 ADSL BER Test	46
4.8 Route Info	47
4.9 ARP Info	48
4.9.1 DHCP Table	48
Advanced	51
WAN Setup	53
5.1 WAN Overview	53
5.1.1 VPI and VCI	53
5.1.2 Multiplexing	53
5.2 Traffic Shaping	54
5.2.1 ATM Traffic Classes	54
5.3 WAN	55
5.4 WAN ATM PVC Configuration and QoS	57
5.5 Connection Types	58
5.5.1 PPPoA	58
5.5.2 PPPoE	59
5.5.3 MER	59
5.5.4 IPoA	59
5.5.5 Bridging	59
5.6 Encapsulation	59
5.6.1 LLC-based Encapsulation	60
5.6.2 VC-based Encapsulation	60
5.7 WAN Connection Type and Encapsulation Mode	60
5.8 NAT	61
5.9 Nailed-Up Connection (PPP)	61
5.10 PPPoA WAN Connection Setup	62
5.11 PPPoE WAN Connection Setup	65
5.12 MER WAN Connection Setup	68
5.13 IPoA WAN Connection Setup	69
5.14 Bridge WAN Connection Setup	70
5.15 IGMP Multicast	70
5.16 NAT, IGMP Multicast, and WAN Service	72
5.17 WAN Setup Summary	73
LAN Setup	75
6.1 LAN Overview	75
6.1.1 LAN, WAN and the ZyXEL Device	75
6.1.2 DHCP Setup	76
6.2 LAN TCP/IP	76
6.2.1 IP Address and Subnet Mask	76
6.3 Multicast	77
6.4 Introducing Universal Plug and Play	78
6.4.1 How do I know if I'm using UPnP?	78
6.4.2 NAT Traversal	78
6.4.3 Cautions with UPnP	79
6.5 LAN Setup	80
6.6 The DHCP Static Lease Screen	82
Network Address Translation (NAT) Screens	83
7.1 NAT Overview	83
7.2 NAT Virtual Servers	83
7.2.1 Virtual Server: Services and Port Numbers	84
7.2.2 Virtual Servers Example	84
7.3 Configuring Virtual Servers	84
7.3.1 Virtual Server Rule Add	86
7.4 Port Triggering	87
7.5 Port Triggering Add	89
7.6 DMZ Host	90
Security	93
8.1 Outgoing IP Filtering	93
8.2 Adding Outgoing IP Filtering Rules	94
8.3 Incoming IP Filtering	95
8.4 Adding Incoming IP Filtering Rules	96
Parental Control (Blocking Schedule)	99
9.1 Adding Parental Control (Blocking Schedule) Entries	100
Quality of Service (QoS)	103
10.1 QoS Overview	103
10.1.1 IEEE 802.1Q Tag	103
10.1.2 IP Precedence	104
10.1.3 DiffServ	104
10.2 Configuring QoS General Screen	105
10.3 Queue Configuration	107
10.4 Adding a Queue	108
10.5 Class Setup	109
10.5.1 Configuring a QoS Class	110
Routing	115
11.1 Default Gateway Setup	115
11.2 Static Route	116
11.3 Configuring Static Route	117
11.3.1 Static Route Add	117
RIP	119
12.1 RIP Setup	119
DNS Setup	121
13.1 DNS Server Address	121
13.2 DNS Setup	122
Dynamic DNS Setup	123
14.1 Dynamic DNS Overview	123
14.1.1 DYNDNS Wildcard	123
14.2 Dynamic DNS	124
14.3 Configuring Dynamic DNS	125
DSL Setup	127
15.1 DSL Setup	127
Interface Group	129
16.1 Interface Groups Overview	129
16.2 Interface Groups Setup	129
16.3 Adding an Interface Group	131
Certificates	133
17.1 Overview	133
17.1.1 What You Can Do in the Certificates Screens	133
17.1.2 What You Need to Know About Certificates	133
17.2 Trusted CA Certificates Screen	134
17.2.1 Trusted CA Details	136
17.2.2 Trusted CA Import	137
17.3 Certificates Technical Reference	137
17.3.1 Certificates Overview	138
17.3.2 Private-Public Certificates	139
17.3.3 Verifying a Trusted Remote Host’s Certificate	139
Wireless LAN	141
18.1 Overview	141
18.1.1 What You Can Do in this Chapter	141
18.2 What You Need to Know	142
18.3 Before You Begin	144
18.4 Wireless Basic	144
18.5 Wireless Security	147
18.6 The MAC Filter Screen	152
18.6.1 The MAC Filter Add Screen	153
18.7 Wireless Bridge Screen	154
18.8 The Advanced Setup Screen	155
18.9 Wireless Station Info	159
18.10 Technical Reference	160
18.10.1 Wireless Network Overview	160
18.10.2 Additional Wireless Terms	161
18.10.3 Wireless Security Overview	161
18.10.4 WiFi Protected Setup	164
18.10.5 Vista as a WPS External Registrar	170
Diagnostics and Management	173
Diagnostics	175
19.1 Diagnostics	175
Settings	177
20.1 Backup Configuration Using the Web Configurator	177
20.2 Restore Configuration Using the Web Configurator	178
20.3 Restoring Factory Defaults	179
Logs	181
21.1 Logs Overview	181
21.2 System Log	181
21.3 Viewing the System Log	182
21.4 Configuring Log Settings	183
SNMP	185
22.1 SNMP Overview	185
22.1.1 Supported MIBs	186
22.2 SNMP Screen	187
TR-069 Client	189
23.1 TR-069 Client Screen	189
Time	191
24.1 Time Setup	191
Access Control	193
25.1 Access Control Screen	193
25.2 Service Access Control Screen	193
25.3 IP Addresses	194
25.4 Adding IP Addresses	195
25.5 Passwords	195
25.6 Authentication	197
Update Software	199
26.1 Uploading Firmware	199
Save/Reboot and Logout	201
27.1 Save/Reboot	201
27.2 Logout	201
Troubleshooting and Specifications	203
Troubleshooting	205
28.1 Power, Hardware Connections, and LEDs	205
28.2 ZyXEL Device Access and Login	206
28.3 Internet Access	207
Product Specifications	209
29.1 DSL Connector Pin Assignments	213
29.2 Power Adaptor Specifications	214
Appendices and Index	215
Setting Up Your Computer’s IP Address	217
Pop-up Windows, JavaScripts and Java Permissions	243
IP Addresses and Subnetting	253
Wireless LANs	265
Common Services	281
Open Software Announcements	285
Legal Information	291

Match case Limit results 1 per page

Chapter 5 WAN Setup

P-663HN-51 User’s Guide

Authentication

Method

The ZyXEL Device supports PAP (Password Authentication Protocol)

and CHAP (Challenge Handshake Authentication Protocol). CHAP is

more secure than PAP; however, PAP is readily available on more

platforms.

Use the drop-down list box to select an authentication protocol for

outgoing calls. Options are:

AUTO

- Your ZyXEL Device accepts either CHAP, PAP, or MSCHAP

when requested by this remote node.

CHAP

- Your ZyXEL Device accepts CHAP only.

PAP

- Your ZyXEL Device accepts PAP only.

MSCHAP

- Your ZyXEL Device accepts MSCHAP (Microsoft CHAP)

only.

Enable NAT

Turn on NAT to translate IP addresses between two different networks

(so you can have a private LAN with IP addresses that are different

from the public IP addresses on the WAN. See

Chapter 7 on page 83

for more details.

Enable Fullcone

NAT

This field displays when you enable NAT. In full cone NAT, all requests

from the same private IP address and port are mapped to the same

public source IP address and port. Someone on the Internet only

needs to know the mapping scheme in order to send packets to a

device behind the ZyXEL Device.

The ZyXEL Device uses restricted cone NAT when you disable full cone

NAT.

Enable Firewall

Select this to turn on the ZyXEL Device’s Stateful Packet Inspection

(SPI) firewall. By default the firewall blocks traffic originating from the

WAN from going to the LAN. See

Chapter 8 on page 93

for how to

configure firewall rules.

Dial on demand

Select

Dial on demand

when you don't want the connection up all

the time and specify an idle time-out (in seconds) in the

Inactivity

Timeout

field.

Clear the

Dial on demand

option

to keep the connection up all the

time. The ZyXEL Device will try to bring up the connection

automatically if it is disconnected.

PPP IP extension

Only select this option if your service provider requires it. The

following conditions apply to a connection using PPP IP extension.

•

Only one computer can be connected on the LAN.

•

The ISP only assigns a single public IP address and the LAN

computer uses it on its LAN interface.

•

The firewall and NAT features are disabled.

•

The ZyXEL Device uses DHCP to tell the LAN computer that the

ZyXEL Device is its default gateway and DNS server.

•

The ZyXEL Device extends the ISP’s IP subnet to the LAN

computer.

•

The ZyXEL Device bridges packets between the DSL and LAN

interface, except for packets destined for the ZyXEL Device's LAN

IP address.

Table 15

Advanced Setup > WAN > Add (3: PPPoA) (continued)

LABEL

DESCRIPTION