ZyXEL Router Prestige 334 User Manual
Have a look at the manual ZyXEL Router Prestige 334 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 3 ZyXEL manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Prestige 334 User’s Guide Chapter 13 Remote Management Screens 140 Figure 48 Remote Management: WWW The following table describes the labels in this screen. 13.3 Configuring Telnet You can configure your Prestige for remote Telnet access as shown next. The administrator uses Telnet from a computer on a remote network to access the Prestige. Table 38 Remote Management: WWW LABELDESCRIPTION Server PortYou may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Server AccessSelect the interface(s) through which a computer may access the Prestige using this service. Secured Client IP AddressA secured client is a “trusted” computer that is allowed to communicate with the Prestige using this service. Select All to allow any computer to access the Prestige using this service. Choose Selected to just allow the computer with the IP address that you specify to access the Prestige using this service. ApplyClick Apply to save your customized settings and exit this screen. ResetClick Reset to begin configuring this screen afresh.
Prestige 334 User’s Guide 141 Chapter 13 Remote Management Screens Figure 49 Telnet Configuration on a TCP/IP Network 13.4 Configuring TELNET Click REMOTE MGMT and the TELNET tab to display the screen as shown. Figure 50 Remote Management: Telnet The following table describes the labels in this screen. Table 39 Remote Management: Telnet LABELDESCRIPTION Server PortYou may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Server AccessSelect the interface(s) through which a computer may access the Prestige using this service. Secured Client IP AddressA secured client is a “trusted” computer that is allowed to communicate with the Prestige using this service. Select All to allow any computer to access the Prestige using this service. Choose Selected to just allow the computer with the IP address that you specify to access the Prestige using this service.
Prestige 334 User’s Guide Chapter 13 Remote Management Screens 142 13.5 Configuring FTP You can upload and download the Prestige’s firmware and configuration files using FTP, please see the chapter on firmware and configuration file maintenance for details. To use this feature, your computer must have an FTP client. To change your Prestige’s FTP settings, click REMOTE MGMT, then the FTP tab. The screen appears as shown. Figure 51 Remote Management: FTP The following table describes the labels in this screen. ApplyClick Apply to save your customized settings and exit this screen. ResetClick Reset to begin configuring this screen afresh. Table 39 Remote Management: Telnet LABELDESCRIPTION Table 40 Remote Management: FTP LABELDESCRIPTION Server PortYou may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Server AccessSelect the interface(s) through which a computer may access the Prestige using this service. Secured Client IP AddressA secured client is a “trusted” computer that is allowed to communicate with the Prestige using this service. Select All to allow any computer to access the Prestige using this service. Choose Selected to just allow the computer with the IP address that you specify to access the Prestige using this service. ApplyClick Apply to save your customized settings and exit this screen. ResetClick Reset to begin configuring this screen afresh.
Prestige 334 User’s Guide 143 Chapter 13 Remote Management Screens 13.6 SNMP Simple Network Management Protocol (SNMP) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your Prestige supports SNMP agent functionality, which allows a manager station to manage and monitor the Prestige through the network. The Prestige supports SNMP version one (SNMPv1) and version two (SNMPv2). The next figure illustrates an SNMP management operation. SNMP is only available if TCP/IP is configured. Figure 52 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the Prestige). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions. It executes applications that control and monitor managed devices. The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include such as number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects. Note: SNMP is only available if TCP/IP is configured.
Prestige 334 User’s Guide Chapter 13 Remote Management Screens 144 SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations: • Get - Allows the manager to retrieve an object variable from the agent. • GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent. In SNMPv1, when a manager wants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext operations. • Set - Allows the manager to set values for object variables within an agent. • Trap - Used by the agent to inform the manager of some events. 13.6.1 Supported MIBs The Prestige supports MIB II that is defined in RFC-1213 and RFC-1215. The focus of the MIBs is to let administrators collect statistical data and monitor status and performance. 13.6.2 SNMP Traps The Prestige will send traps to the SNMP manager when any one of the following events occurs: 13.6.3 Configuring SNMP To change your Prestige’s SNMP settings, click REMOTE MGMT, then the SNMP tab. The screen appears as shown. Table 41 SNMP Traps TRAP #TRAP NAMEDESCRIPTION 0coldStart (defined in RFC-1215)A trap is sent after booting (power on). 1warmStart (defined in RFC-1215)A trap is sent after booting (software reboot). 4authenticationFailure (defined in RFC-1215)A trap is sent to the manager when receiving any SNMP get or set requirements with the wrong community (password). 6whyReboot (defined in ZYXEL- MIB)A trap is sent with the reason of restart before rebooting when the system is going to restart (warm start). 6aFor intentional reboot :A trap is sent with the message System reboot by user! if reboot is done intentionally, (for example, download new files, CI command sys reboot, etc.). 6bFor fatal error : A trap is sent with the message of the fatal code if the system reboots because of fatal errors.
Prestige 334 User’s Guide 145 Chapter 13 Remote Management Screens Figure 53 Remote Management: SNMP The following table describes the labels in this screen. Table 42 Remote Management: SNMP LABELDESCRIPTION SNMP Configuration Get CommunityEnter the Get Community, which is the password for the incoming Get and GetNext requests from the management station. The default is public and allows all requests. Set CommunityEnter the Set community, which is the password for incoming Set requests from the management station. The default is public and allows all requests. Trusted HostIf you enter a trusted host, your Prestige will only respond to SNMP messages from this address. A blank (default) field means your Prestige will respond to all SNMP messages it receives, regardless of source. Trap CommunityType the trap community, which is the password sent with each trap to the SNMP manager. The default is public and allows all requests. DestinationType the IP address of the station to send your SNMP traps to. SNMP Service PortYou may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Service AccessSelect the interface(s) through which a computer may access the Prestige using this service.
Prestige 334 User’s Guide Chapter 13 Remote Management Screens 146 13.7 Configuring DNS Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Refer to the chapter on Wizard Setup for background information. To change your Prestige’s DNS settings, click REMOTE MGMT, then the DNS tab. The screen appears as shown. Figure 54 Remote Management: DNS The following table describes the labels in this screen. Secured Client IP AddressA secured client is a “trusted” computer that is allowed to communicate with the Prestige using this service. Select All to allow any computer to access the Prestige using this service. Choose Selected to just allow the computer with the IP address that you specify to access the Prestige using this service. ApplyClick Apply to save your customized settings and exit this screen. ResetClick Reset to begin configuring this screen afresh. Table 42 Remote Management: SNMP LABELDESCRIPTION Table 43 Remote Management: DNS LABELDESCRIPTION Server PortThe DNS service port number is 53 and cannot be changed here. Server AccessSelect the interface(s) through which a computer may send DNS queries to the Prestige. Secured Client IP AddressA secured client is a “trusted” computer that is allowed to send DNS queries to the Prestige. Select All to allow any computer to send DNS queries to the Prestige. Choose Selected to just allow the computer with the IP address that you specify to send DNS queries to the Prestige.
Prestige 334 User’s Guide 147 Chapter 13 Remote Management Screens 13.8 Configuring Security To change your Prestige’s security settings, click REMOTE MGMT, then the Security tab. The screen appears as shown. If an outside user attempts to probe an unsupported port on your Prestige, an ICMP response packet is automatically returned. This allows the outside user to know the Prestige exists. Your Prestige supports anti-probing, which prevents the ICMP response packet from being sent. This keeps outsiders from discovering your Prestige when unsupported ports are probed. Figure 55 Security The following table describes the labels in this screen. ApplyClick Apply to save your customized settings and exit this screen. ResetClick Reset to begin configuring this screen afresh. Table 43 Remote Management: DNS LABELDESCRIPTION Table 44 Security LABELDESCRIPTION ICMPInternet Control Message Protocol is a message control and error-reporting protocol between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams, but the messages are processed by the TCP/IP software and directly apparent to the application user. Respond to Ping onThe Prestige will not respond to any incoming Ping requests when Disable is selected. Select LAN to reply to incoming LAN Ping requests. Select WAN to reply to incoming WAN Ping requests. Otherwise select LAN & WAN to reply to both incoming LAN and WAN Ping requests.
Prestige 334 User’s Guide Chapter 13 Remote Management Screens 148 Do not respond to requests for unauthorized servicesSelect this option to prevent hackers from finding the Prestige by probing for unused ports. If you select this option, the Prestige will not respond to port request(s) for unused ports, thus leaving the unused ports and the Prestige unseen. By default this option is not selected and the Prestige will reply with an ICMP Port Unreachable packet for a port probe on its unused UDP ports, and a TCP Reset packet for a port probe on its unused TCP ports. Note that the probing packets must first traverse the Prestiges firewall mechanism before reaching this anti-probing mechanism. Therefore if the firewall mechanism blocks a probing packet, the Prestige reacts based on the firewall policy, which by default, is to send a TCP reset packet for a blocked TCP packet. You can use the command sys firewall tcprst rst [on|off] to change this policy. When the firewall mechanism blocks a UDP packet, it drops the packet without sending a response packet. ApplyClick Apply to save your customized settings and exit this screen. ResetClick Reset to begin configuring this screen afresh. Table 44 Security LABELDESCRIPTION
Prestige 334 User’s Guide 149 Chapter 13 Remote Management Screens