Home » ZyXEL Manuals » Networking » ZyXEL P-794H » Manual Viewer

ZyXEL P-794H User Guide - Page 179

Security, 15.1 Overview, 15.1.1 What You Need to Know

Get ZyXEL P-794H PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 179 highlights

CHAPTER 15 Security 15.1 Overview This chapter shows you how to enable and configure the P-794H's security settings such as firewall, NAT, and firewall policies. 15.1.1 What You Need to Know DMZ Demilitarized Zone (DMZ) allows one IP address to be exposed to the Internet. This is useful for special-purpose services such as Internet gaming or video conferencing. However, as any user on the Internet can access in/out data from the DMZ host, care should be taken when using this feature to minimize security issues. Port Filter A port filtering set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world. Tigger Port Some services use a dedicated range of ports on the client side and a dedicated range of ports on the server side. With regular port forwarding you set a forwarding port in NAT to forward a service (coming in from the server on the WAN) to the IP address of a computer on the client side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP address. In order to use the same service on a different LAN computer, you have to manually replace the LAN computer's IP address in the forwarding port with another LAN computer's IP address. Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns using the service. The P-794H records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific P-794H User's Guide 179

Section	Page
P-794H	1
About This User's Guide	3
Document Conventions	6
Safety Warnings	8
Contents Overview	9
Table of Contents	11
User’s Guide	19
Introduction	21
1.1 Overview	21
1.1.1 High-speed Internet Access with G.SHDSL	21
1.1.2 High-speed Point-to-point Connections	22
1.2 Ways to Manage the Device	23
1.3 Good Habits for Managing the Device	23
1.4 LEDs	23
1.5 Turning the Power On/Off	24
1.6 The Reset Switch	24
1.6.1 Using the Reset Switch	24
Introducing the Web Configurator	27
2.1 Overview	27
2.2 Accessing the Web Configurator	27
2.3 The Web Configurator Layout	28
2.3.1 Title Bar	29
2.3.2 Navigation Panel	29
2.3.3 Main Window	31
Tutorials	33
3.1 Overview	33
3.2 Configuring Point-to-Point Connection	33
3.2.1 Set Up the CO	34
3.2.2 Set Up the CPE	35
3.2.3 Connect the P-794Hs	36
3.3 Configuring Static Route for Routing to Another Network	36
Technical Reference	39
Status Screens	41
4.1 Overview	41
4.2 The Status Screen	41
4.3 DHCP Client List	43
4.4 Packet Statistics	43
4.5 The Physical Port Screen	45
4.5.1 Basic SHDSL Port Configuration Screen	45
4.5.2 Advanced SHDSL Port Configuration Screen	48
4.5.3 Basic Ethernet Port Configuration Screen	49
4.5.4 Advanced Ethernet Port Configuration Screen	50
4.6 Routing Table Screen	51
4.7 Interface Statistics/Flushing Screen	52
4.8 VLAN Port Screen	52
4.9 Event Log Screen	53
System Settings	55
5.1 Overview	55
5.1.1 What You Can Do	55
5.2 The Save Config Screen	55
5.3 The Authentication Screen	56
5.3.1 Editing an Existing User Account	57
5.3.2 Adding a New User Account	58
5.4 The SNMP Config Screen	58
5.4.1 About SNMP	58
5.4.2 Supported MIBs	60
5.4.3 SNMP Traps	60
5.4.4 Configuring SNMP	60
5.4.5 Creating SNMP Community	62
5.4.6 Creating SNMP Trap Community	63
5.5 The Prompt Screen	64
5.6 The Firmware Update Screen	65
5.7 The Backup/Restore Screen	67
5.8 The Restart Screen	68
LAN Setup	71
6.1 Overview	71
6.1.1 What You Need To Know	71
6.2 The LAN Connections Screen	73
6.2.1 Delete a LAN Connection	74
6.3 Create an Ethernet Routed LAN Connection	75
6.4 Create Virtual Interface	76
6.5 Create an Ethernet Bridged LAN Connection	78
6.6 Change the LAN Port IP Address	79
6.7 Advanced LAN Settings	81
6.7.1 Edit IP Interface	81
6.7.2 Edit TCP MSS Clamp	82
6.7.3 Edit RIP Versions	83
6.7.4 Edit NAT	84
6.8 LAN Technical Reference	85
6.8.1 LANs, WANs and the ZyXEL Device	85
6.8.2 DHCP Setup	85
6.8.3 DNS Server Addresses	85
6.8.4 LAN TCP/IP	86
WAN Setup	89
7.1 Overview	89
7.1.1 What You Need to Know	89
7.1.2 Before You Begin	90
7.2 The WAN Connections Screen	91
7.3 Delete a WAN Connection	92
7.4 Create a WAN Connection	92
7.4.1 Add a RFC 1483 Routed WAN Connection	93
7.4.2 Add a RFC 1483 Bridged WAN Connection	94
7.4.3 Add a MER (IPoEoA) WAN Connection	94
7.4.4 Add a PPPoA Routed WAN Connection	96
7.4.5 Add a PPPoA Bridged WAN Connection	97
7.4.6 Add an IPoA Routed WAN Connection	98
7.4.7 Add a PPPoE Routed WAN Connection	99
7.5 Edit a WAN Connection	100
7.5.1 Edit a RFC 1483 Routed/MER WAN Connection	101
7.5.2 Edit a RFC 1483 Bridged WAN Connection	108
7.5.3 Edit a PPPoA Routed WAN Connection	111
7.5.4 Edit a PPPoA Bridged WAN Connection	117
7.5.5 Edit a IPoA Routed WAN Connection	118
7.5.6 Edit a PPPoE Routed WAN Connection	120
7.6 WAN Technical Reference	127
7.6.1 Encapsulation	127
7.6.2 Multiplexing	128
7.6.3 VPI and VCI	129
7.6.4 IP Address Assignment	129
7.7 Traffic Redirect	130
7.8 Traffic Shaping	131
7.8.1 ATM Traffic Classes	131
7.8.2 Spanning Tree Protocol (STP)	132
DHCP Server	135
8.1 DHCP Overview	135
8.1.1 DHCP Modes	135
8.1.2 DHCP Configuration Options	135
8.2 Enable DHCP Server	136
8.3 DHCP Server Interfaces	136
8.4 Existing DHCP Server Subnets	138
8.4.1 Add/Edit DHCP Server Subnet	139
DHCP Relay	143
9.1 Enable DHCP Relay	143
9.2 DHCP Relay Interfaces	144
9.3 Edit DHCP Server List	145
9.4 Add New DHCP Server	145
DNS Client	147
10.1 Overview	147
10.2 The DNS Client Screen	147
DNS Relay	149
11.1 Overview	149
11.2 The DNS Relay Screen	149
11.3 DNS Relay Local LAN Database	150
11.4 Create New DNS Relay Local LAN Database Entry	151
11.4.1 Edit Aliases	152
SNTP Client	155
12.1 Overview	155
12.2 The SNTP Client Screen	156
IGMP Snooping	159
13.1 Overview	159
13.1.1 What You Need to Know	159
13.2 The IGMP Snooping Screen	160
Quality of Service (QoS)	163
14.1 Overview	163
14.1.1 What You Need to Know	163
14.2 The Classifier Configuration Screen	165
14.2.1 Edit QoS Classifier	166
14.3 The Meter Configuration Screen	167
14.4 The ALD Configuration Screen	168
14.5 The Scheduler Configuration Screen	169
14.5.1 Edit a Priority Queuing Scheduler Profile	171
14.5.2 Edit a Fair Weight Queuing Scheduler Profile	171
14.6 Transport Classifier & Scheduler Configuration	172
14.7 Technical Reference	173
14.7.1 DiffServ	173
14.7.2 IEEE 802.1Q Tag	174
14.7.3 Token Bucket	174
14.7.4 Single Rate Three Color Marker	175
14.7.5 Two Rate Three Color Marker	176
14.7.6 QoS Meter Types	176
Security	179
15.1 Overview	179
15.1.1 What You Need to Know	179
15.2 The Security Interface Configuration Screen	180
15.2.1 Security State and Level	180
15.2.2 Add Security Interface	182
15.2.3 Edit Security Interface	182
15.2.4 Policies, Triggers, Intrusion Detection, Logging	186
15.3 Technical Reference	194
15.3.1 NAT Definitions	194
15.3.2 What NAT Does	195
15.3.3 How NAT Works	195
15.3.4 Port Scanning	196
15.3.5 ICMP Flood Attack	196
15.3.6 Smurf Attack	196
15.3.7 TCP SYN Flood Attack	197
15.3.8 LAND Attack	198
IP Routes	199
16.1 Overview	199
16.2 The IP Route Configuration Screen	199
16.2.1 Add/Edit IP Route	201
Bridge	203
17.1 Global Bridge Configuration	204
17.2 Bridge Interfaces	206
17.2.1 Priority Map	206
17.2.2 User Priority to Regenerated Priority Map	207
17.2.3 Regenerated Priority to Traffic Class Map	208
17.3 VLANs	208
17.3.1 Edit Tagged Ports	209
17.3.2 Edit Untagged Ports	210
17.3.3 Create New VLAN	211
17.3.4 MGMT VLAN Configuration	211
17.4 Spanning Tree Configuration	212
17.5 Destination Based Unicast Filtering	213
17.5.1 Edit Egress Ports	214
17.5.2 Add Unicast Entry	215
17.6 Multicast Filtering	215
17.6.1 Edit Egress Ports	217
17.6.2 Add Multicast Entry	218
17.7 Forward All/Unregistered Entries	219
SHDSL Configuration	221
Troubleshooting	223
19.1 Power, Hardware Connections, and LEDs	223
19.2 P-794H Access and Login	224
19.3 Internet Access	225
Product Specifications	227
Setting up Your Computer’s IP Address	233
Pop-up Windows, JavaScript and Java Permissions	257
IP Addresses and Subnetting	267
Services	277
Legal Information	281