ZyXEL Router Prestige 334 User Manual
Have a look at the manual ZyXEL Router Prestige 334 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 3 ZyXEL manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Prestige 334 User’s Guide Preface30 Preface Congratulations on your purchase of the Prestige 334 Broadband Router with Firewall. This manual is designed to guide you through the configuration of your Prestige for its various applications. This manual may refer to the Prestige 334 or Broadband Router with Firewall as the Prestige. About This Users Guide This User’s Guide is designed to guide you through the configuration of your Prestige using the web configurator or the SMT. The web configurator parts of this guide contain background information on features configurable by web configurator. The SMT parts of this guide contain background information solely on features not configurable by web configurator Related Documentation • Supporting Disk Refer to the included CD for support documents. • Compact Guide The Compact Guide is designed to help you get up and running right away. They contain connection information and instructions on getting started. • Web Configurator Online Help Embedded web help for descriptions of individual screens and supplementary information. • ZyXEL Glossary and Web Site Please refer to www.zyxel.com for an online glossary of networking terms and additional support documentation. Note: Use the web configurator, System Management Terminal (SMT) or command interpreter interface to configure your Prestige. Not all features can be configured through all interfaces. Note: Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. Note: Use the web configurator, System Management Terminal (SMT) or command interpreter interface to configure your Prestige. Not all features can be configured through all interfaces.
Prestige 334 User’s Guide 31Preface User Guide Feedback Help us help you! E-mail all User Guide-related comments, questions or suggestions for improvement to [email protected] or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you! Syntax Conventions • “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choices. • The SMT menu titles and labels are in Bold Times New Roman font. Predefined field choices are in Bold Arial font. Command and arrow keys are enclosed in square brackets. [ENTER] means the Enter, or carriage return key; [ESC] means the Escape key and [SPACE BAR] means the Space Bar. • Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control Panels and then Modem” means first click the Apple icon, then point your mouse pointer to Control Panels and then click Modem. • For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in other words” throughout this manual. Graphics Icons Key PrestigeComputerNotebook computer ServerDSLAMFirewall ModemSwitchRouter
Prestige 334 User’s Guide Chapter 1 Getting to Know Your Prestige 32 CHAPTER1 Getting to Know Your Prestige This chapter introduces the main features and applications of the Prestige. 1.1 Prestige Internet Security Gateway Overview The Prestige is the ideal secure gateway for all data passing between the Internet and LAN’s. By integrating NAT, firewall, media bandwidth management and VPN capability, ZyXEL’s Prestige is a complete security solution that protects your Intranet and efficiently manages data traffic on your network. The embedded web configurator is easy to operate. 1.2 Prestige Features The following sections describe Prestige features. 1.2.1 Physical Features 1.2.1.1 10/100M Auto-negotiating Ethernet/Fast Ethernet Interface(s) This auto-negotiation feature allows the Prestige to detect the speed of incoming transmissions and adjust appropriately without manual intervention. It allows data transfer of either 10 Mbps or 100 Mbps in either half-duplex or full-duplex mode depending on your Ethernet network. 1.2.1.2 Auto-crossover 10/100 Mbps Ethernet Interface(s) These interfaces automatically adjust to either a crossover or straight-through Ethernet cable. 1.2.1.3 4-Port Switch A combination of switch and router makes your Prestige a cost-effective and viable network solution. You can add up to four computers to the Prestige without the cost of a hub. Add more than four computers to your LAN by using a hub. 1.2.1.4 Time and Date The Prestige allows you to get the current time and date from an external server when you turn on your Prestige. You can also set the time manually.
Prestige 334 User’s Guide 33 Chapter 1 Getting to Know Your Prestige 1.2.1.5 Reset Button The Prestige reset button is built into the rear panel. Use this button to restore the factory default password to 1234; IP address to 192.168.1.1, subnet mask to 255.255.255.0 and DHCP server enabled with a pool of 32 IP addresses starting at 192.168.1.33. 1.2.2 Non-Physical Features 1.2.2.1 Trend Micro Security Services Trend Micro Security Services (TMSS) are a range of services including virus protection and parental controls, designed to address the security needs of computers on a network that access the Internet via broadband routers. Computers that are connected to the Internet via broadband connection increase the risk of attacks such as viruses, hackers, spyware and spam. When TMSS is enabled you can configure how often the TMSS Web page displays and select the computers in your network that you want this service to apply. 1.2.2.2 IPSec VPN Capability Establish a Virtual Private Network (VPN) to connect with business partners and branch offices using data encryption and the Internet to provide secure communications without the expense of leased site-to-site lines. The Prestige VPN is based on the IPSec standard and is fully interoperable with other IPSec-based VPN products. 1.2.2.3 Firewall The Prestige is a stateful inspection firewall with DoS (Denial of Service) protection. By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the LAN. The Prestige firewall supports TCP/UDP inspection, DoS detection and prevention, real time alerts, reports and logs. 1.2.2.4 Content Filtering The Prestige can also block access to web sites containing keywords that you specify. You can define time periods and days during which content filtering is enabled and include or exclude a range of users on the LAN from content filtering. 1.2.2.5 Brute-Force Password Guessing Protection The Prestige has a special protection mechanism to discourage brute-force password guessing attacks on the Prestige’s management interfaces. You can specify a wait-time that must expire before entering a fourth password after three incorrect passwords have been entered. Please see the appendices for details about this feature. 1.2.2.6 Packet Filtering The packet filtering mechanism blocks unwanted traffic from entering/leaving your network.
Prestige 334 User’s Guide Chapter 1 Getting to Know Your Prestige 34 1.2.2.7 Universal Plug and Play (UPnP) Using the standard TCP/IP protocol, the Prestige and other UPnP enabled devices can dynamically join a network, obtain an IP address and convey its capabilities to other devices on the network. 1.2.2.8 Call Scheduling Configure call time periods to restrict and allow access for users on remote nodes. 1.2.2.9 PPPoE PPPoE facilitates the interaction of a host with an Internet modem to achieve access to high- speed data networks via a familiar dial-up networking user interface. 1.2.2.10 PPTP Encapsulation Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using a TCP/IP-based network. PPTP supports on-demand, multi-protocol and virtual private networking over public networks, such as the Internet. The Prestige supports one PPTP server connection at any given time. 1.2.2.11 Dynamic DNS Support With Dynamic DNS (Domain Name System) support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register for this service with a Dynamic DNS service provider. 1.2.2.12 IP Multicast Deliver IP packets to a specific group of hosts using IP multicast. IGMP (Internet Group Management Protocol) is the protocol used to support multicast groups. The latest version is version 2 (see RFC 2236); the Prestige supports both versions 1 and 2. 1.2.2.13 IP Alias IP Alias allows you to partition a physical network into logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physical Ethernet LAN interface with the Prestige itself as the gateway for each LAN network.
Prestige 334 User’s Guide 35 Chapter 1 Getting to Know Your Prestige 1.2.2.14 SNMP SNMP (Simple Network Management Protocol) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your Prestige supports SNMP agent functionality, which allows a manager station to manage and monitor the Prestige through the network. The Prestige supports SNMP version one (SNMPv1) and version two (SNMPv2). 1.2.2.15 Network Address Translation (NAT) Network Address Translation (NAT) allows the translation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet). 1.2.2.16 Traffic Redirect Traffic Redirect forwards WAN traffic to a backup gateway on the LAN when the Prestige cannot connect to the Internet, thus acting as an auxiliary backup when your regular WAN connection fails. 1.2.2.17 Port Forwarding Use this feature to forward incoming service requests to a server on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. 1.2.2.18 DHCP (Dynamic Host Configuration Protocol) DHCP (Dynamic Host Configuration Protocol) allows the individual client computers to obtain the TCP/IP configuration at start-up from a centralized DHCP server. The Prestige has built-in DHCP server capability, enabled by default, which means it can assign IP addresses, an IP default gateway and DNS servers to all systems that support the DHCP client. 1.2.2.19 Full Network Management The embedded web configurator is an all-platform web-based utility that allows you to easily access the Prestige’s management settings and configure the firewall. Most functions of the Prestige are also software configurable via the SMT (System Management Terminal) interface. The SMT is a menu-driven interface that you can access over a telnet connection. 1.2.2.20 RoadRunner Support In addition to standard cable modem services, the Prestige supports Time Warner’s RoadRunner Service. 1.2.2.21 Logging and Tracing • Built-in message logging and packet tracing.
Prestige 334 User’s Guide Chapter 1 Getting to Know Your Prestige 36 • Unix syslog facility support. • Firewall logs. • Content filtering logs. 1.2.2.22 Upgrade Prestige Firmware via LAN The firmware of the Prestige can be upgraded via the LAN (refer to Maintenance- F/W Upload Screen). 1.2.2.23 Embedded FTP and TFTP Servers The Prestige’s embedded FTP and TFTP Servers enable fast firmware upgrades as well as configuration file backups and restoration. 1.3 Applications for the Prestige Here are some examples of what you can do with your Prestige. 1.3.1 Secure Broadband Internet Access via Cable or DSL Modem You can connect a cable modem, DSL or wireless modem to the Prestige for broadband Internet access via an Ethernet or a wireless port on the modem. The Prestige guarantees not only high speed Internet access, but secure internal network protection and traffic management as well. Figure 1 Secure Internet Access via Cable, DSL or Wireless Modem 1.3.2 VPN Application Prestige VPN is an ideal cost-effective way to connect branch offices and business partners over the Internet without the need (and expense) for leased lines between sites.
Prestige 334 User’s Guide 37 Chapter 1 Getting to Know Your Prestige Figure 2 VPN Application
Prestige 334 User’s Guide Chapter 2 Introducing the Web Configurator 38 CHAPTER2 Introducing the Web Configurator This chapter describes how to access the Prestige web configurator and provides an overview of its screens. 2.1 Web Configurator Overview The embedded web configurator allows you to manage the Prestige from anywhere through a browser such as Microsoft Internet Explorer or Netscape Navigator. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions with JavaScript enabled. It is recommended that you set your screen resolution to 1024 by 768 pixels. The screens you see in the web configurator may vary somewhat from the ones shown in this document due to differences between individual Prestige models or firmware versions. 2.2 Accessing the Prestige Web Configurator 1Make sure your Prestige hardware is properly connected and prepare your computer/ computer network to connect to the Prestige (refer to the Quick Start Guide). 2Launch your web browser. 3Type 192.168.1.1 as the URL. 4Type 1234 (default) as the password and click Login. In some versions, the default password appears automatically - if this is the case, click Login. 5You should see a screen asking you to change your password (highly recommended) as shown next. Type a new password (and retype it to confirm) and click Apply or click Ignore.
Prestige 334 User’s Guide 39 Chapter 2 Introducing the Web Configurator Figure 3 Change Password Screen You should now see the MAIN MENU screen) 2.3 Resetting the Prestige If you forget your password or cannot access the web configurator, you will need to use the RESET button at the back of the Prestige to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to “1234”. 2.3.1 Procedure To Use The Reset Button 1Make sure the PWR LED is on (not blinking). 2Press the RESET button for ten seconds or until the PWR LED begins to blink and then release it. When the PWR LED begins to blink, the defaults have been restored and the Prestige restarts. 2.3.2 Navigating the Prestige Web Configurator The following summarizes how to navigate the web configurator from the SITE MAP screen. • Click WIZARD for initial configuration including general setup, ISP parameters for Internet Access and WAN IP/DNS Server/MAC address assignment. • Click a link under ADVANCED to configure advanced Prestige features. Note: The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes). Simply log back into the Prestige if this happens to you