P-2602R/RL-DxA Series User’s Guide Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
Page 5
P-2602R/RL-DxA Series User’s Guide Certifications...
P-2602R/RL-DxA Series User’s Guide For your safety, be sure to read and follow all warning notices and instructions. • To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord. • Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks.
P-2602R/RL-DxA Series User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever...
+7-3272-590-689 1-800-255-4101 www.us.zyxel.com +1-714-632-0882 +1-714-632-0858 ftp.us.zyxel.com +47-22-80-61-80 www.zyxel.no +47-22-80-61-81 REGULAR MAIL ZyXEL Communications Corp. 6 Innovation Road II Science Park Hsinchu 300 Taiwan ZyXEL Communications Czech s.r.o. Modranská 621 143 01 Praha 4 - Modrany Ceská Republika ZyXEL Communications A/S...
Page 9
Poland ZyXEL Russia Ostrovityanova 37a Str. Moscow, 117279 Russia ZyXEL Communications Arte, 21 5ª planta 28033 Madrid Spain ZyXEL Communications A/S Sjöporten 4, 41764 Göteborg Sweden ZyXEL Ukraine 13, Pimonenko Str. Kiev, 04050 Ukraine ZyXEL Communications UK Ltd.,11 The Courtyard,...
Page 10
P-2602R/RL-DxA Series User’s Guide Customer Support...
Copyright ... 3 Certifications ... 4 Safety Warnings ... 6 ZyXEL Limited Warranty... 7 Customer Support... 8 Table of Contents ... 11 List of Figures ... 23 List of Tables ... 29 Preface ... 33 Chapter 1 Getting To Know the ZyXEL Device... 35 1.1 Introducing the P-2602RL-DxA Series ...35 1.2 Features ...36 1.3 Applications for the ZyXEL Device ...40...
Page 12
P-2602R/RL-DxA Series User’s Guide Chapter 3 Internet Setup Wizard ... 53 3.1 Introduction ...53 3.2 Internet Access Wizard Setup ...53 3.2.1 Manual Configuration ...55 Chapter 4 VoIP Wizard And Example ... 61 4.1 Introduction ...61 4.2 VoIP Wizard Setup ...61 Chapter 5 Bandwidth Management Wizard ...
Page 13
7.3 Traffic Shaping ...84 7.3.1 ATM Traffic Classes ...85 7.3.1.1 Constant Bit Rate (CBR) ...85 7.3.1.2 Variable Bit Rate (VBR) ...85 7.3.1.3 Unspecified Bit Rate (UBR) ...86 7.4 Zero Configuration Internet Access ...86 7.5 Internet Access Setup ...86 7.5.1 Advanced Internet Access Setup...89 7.6 WAN More Connections ...90 7.7 Traffic Redirect ...91 7.8 WAN Backup Setup ...93...
Page 14
P-2602R/RL-DxA Series User’s Guide 9.4 Port Forwarding ...113 9.4.1 Default Server IP Address ...114 9.4.2 Port Forwarding: Services and Port Numbers ...114 9.4.3 Configuring Servers Behind Port Forwarding (Example) ...115 9.5 Configuring Port Forwarding ...115 9.5.1 Port Forwarding Rule Edit ...116 9.5.2 SIP ALG ...117 Chapter 10 Voice ...
Page 15
10.11.2 Voice Activity Detection/Silence Suppression ...133 10.11.3 Comfort Noise Generation ...133 10.11.4 Echo Cancellation ...134 10.12 Analog Phone ...134 10.13 Advanced Analog Phone Setup Screen ...135 10.13.1 Common Phone Settings Screen ...136 10.14 Supplementary Phone Services Overview ...137 10.14.1 The Flash Key ...138 10.14.2 Europe Type Supplementary Phone Services ...138 10.14.2.1 European Call Hold ...138 10.14.2.2 European Call Waiting ...139...
Page 16
P-2602R/RL-DxA Series User’s Guide 12.4.1 Basics ...151 12.4.2 Types of DoS Attacks ...152 12.4.2.1 ICMP Vulnerability ...154 12.4.2.2 Illegal Commands (NetBIOS and SMTP) ...154 12.4.2.3 Traceroute ...155 12.5 Stateful Inspection ...155 12.5.1 Stateful Inspection Process ...156 12.5.2 Stateful Inspection on Your ZyXEL Device ...156 12.5.3 TCP Security ...157 12.5.4 UDP/ICMP Security ...157 12.5.5 Upper Layer Protocols ...158...
Page 19
Chapter 22 Tools ... 235 22.1 Introduction ...235 22.2 Filename Conventions ...235 22.3 File Maintenance Over WAN ...236 22.4 Firmware Upgrade Screen ...236 22.5 Backup and Restore ...238 22.5.1 Backup Configuration ...239 22.5.2 Restore Configuration ...239 22.5.3 Reset to Factory Defaults ...240 22.6 Restart ...241 22.7 Using FTP or TFTP to Back Up Configuration ...241 22.7.1 Using the FTP Commands to Back Up Configuration ...241...
Page 20
P-2602R/RL-DxA Series User’s Guide 24.6.1 Outgoing Calls ...264 24.6.2 Incoming Calls ...265 Appendix A Product Specifications ... 267 Appendix B Splitters and Microfilters ... 271 Connecting a POTS Splitter ... 271 Telephone Microfilters ... 271 Appendix C Setting up Your Computer’s IP Address... 273 Windows 95/98/Me...
Page 21
The Ideal Setup... 299 The “Triangle Route” Problem... 299 The “Triangle Route” Solutions ... 300 IP Aliasing ... 300 Gateways on the WAN Side... 301 Appendix H Log Descriptions... 303 Log Commands... 312 Configuring What You Want the ZyXEL Device to Log... 312 Displaying Logs ...
Page 22
P-2602R/RL-DxA Series User’s Guide Table of Contents...
P-2602R/RL-DxA Series User’s Guide List of Figures Figure 1 Internet Access Application ... 40 Figure 2 Internet Telephony Service Provider Application ... 41 Figure 3 Peer-to-peer Calling ... 41 Figure 4 Firewall Application ... 42 Figure 5 LEDs ... 42 Figure 6 Password Screen ...
Page 24
P-2602R/RL-DxA Series User’s Guide Figure 39 Advanced Internet Access Setup ... 89 Figure 40 WAN More Connections ... 91 Figure 41 Traffic Redirect Example ... 92 Figure 42 Traffic Redirect LAN Setup ... 93 Figure 43 LAN and WAN IP Addresses ... 95 Figure 44 Any IP Example ...
Page 27
P-2602R/RL-DxA Series User’s Guide Figure 167 Macintosh OS 8/9: TCP/IP ... 282 Figure 168 Macintosh OS X: Apple Menu ... 283 Figure 169 Macintosh OS X: Network ... 283 Figure 170 Ideal Setup ... 299 Figure 171 “Triangle Route” Problem ... 300 Figure 172 IP Alias ...
Page 28
P-2602R/RL-DxA Series User’s Guide List of Figures...
Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to [email protected] or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.
Page 34
P-2602R/RL-DxA Series User’s Guide • The P-2602R/RL-DxA may be referred to as the ZyXEL Device in this user’s guide. Graphics Icons Key ZyXEL Device Server Telephone Firewall Computer Notebook computer Switch Router DSLAM Trunking gateway Wireless signal Preface...
Getting To Know the ZyXEL This chapter describes the key features and applications of your device Introducing the P-2602RL-DxA Series The P-2602R/RL-DxA series are Integrated Access Devices (IADs) that combine an ADSL2+ router with Voice over IP (VoIP) communication capabilities to allow you to use a traditional analog telephone to make Internet calls.
P-2602R/RL-DxA Series User’s Guide The web browser-based Graphical User Interface (GUI) provides easy management. 1.2 Features The following sections introduce your device’s key features. Ethernet Port The 10/100 Mbps auto-negotiating Ethernet port allows the device to detect the speed of incoming transmissions and adjust appropriately without manual intervention.
Zero Configuration Internet Access Once you connect and turn on the device, it automatically detects the Internet connection settings (such as the VCI/VPI numbers and the encapsulation method) from the ISP and makes the necessary configuration changes. In cases where additional account information (such as an Internet account user name and password) is required or the ZyXEL Device cannot connect to the ISP, you will be redirected to web screen(s) for information input or troubleshooting.
Page 38
P-2602R/RL-DxA Series User’s Guide Multiple SIP Accounts You can simultaneously use multiple voice (SIP) accounts and assign them to one or both telephone ports. Multiple Voice Channels Your device can simultaneously handle multiple voice channels (telephone calls). Additionally you can answer an incoming phone call on a VoIP account, even while someone else is using the account for a phone call.
Other PPPoE Features • PPPoE idle time out • PPPoE dial on demand Dynamic DNS Support With Dynamic DNS support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register for this service with a Dynamic DNS service provider.
P-2602R/RL-DxA Series User’s Guide 1.3 Applications for the ZyXEL Device Here are some example uses for which the ZyXEL Device is well suited. 1.3.1 Internet Access Your device is the ideal high-speed Internet access solution. It supports the TCP/IP protocol, which the Internet uses exclusively.
Figure 2 Internet Telephony Service Provider Application 1.3.3 Make Peer-to-peer Calls You can call directly to someone’s IP address without using a SIP proxy server. Peer-to-peer calls are also called “Point to Point” or “IP-to-IP” calls. You must know the peer’s IP address in order to do this.
P-2602R/RL-DxA Series User’s Guide Figure 4 Firewall Application 1.3.5 LEDs The LED display can help you determine the status of your ZyXEL Device. Look on either side of your ZyXEL Device to see the LEDs. Figure 5 LEDs Chapter 1 Getting To Know the ZyXEL Device...
The following table describes your device’s LEDs. Table 3 LEDs COLOR POWER Green None ETHERNET Green None Green None INTERNET Green None PHONE 1, 2 Green Orange None Refer to the Quick Start Guide for information on hardware connections. Chapter 1 Getting To Know the ZyXEL Device P-2602R/RL-DxA Series User’s Guide STATUS DESCRIPTION...
Page 44
P-2602R/RL-DxA Series User’s Guide Chapter 1 Getting To Know the ZyXEL Device...
This chapter describes how to access and navigate the web configurator. 2.1 Web Configurator Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions.
P-2602R/RL-DxA Series User’s Guide Figure 6 Password Screen 5 The following screen displays if you have not yet changed your password. It is highly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Ignore to proceed to the main menu if you do not want to change the password now.
Note: For security reasons, the ZyXEL Device automatically logs you out if you do not use the web configurator for five minutes. If this happens, log in again. Figure 8 Wizard or Advanced Screen 2.1.2 The RESET Button If you forget your password or cannot access the web configurator, you will need to use the RESET button to reload the factory-default configuration file.
P-2602R/RL-DxA Series User’s Guide 2.2 Web Configurator Main Screen Figure 9 Main Screen As illustrated above, the main screen is divided into these parts: • A - title bar • B - navigation panel • C - main window • D - status bar 2.2.1 Title Bar The title bar allows you to change the language and provides some icons in the upper right corner.
The icons provide the following functions. Table 4 Web Configurator Icons in the Title Bar ICON DESCRIPTION Wizards: Click this icon to go to the configuration wizards. See for more information. Logout: Click this icon to log out of the web configurator. 2.2.2 Navigation Panel Use the menu items on the navigation panel to open screens to configure ZyXEL Device features.
Page 50
P-2602R/RL-DxA Series User’s Guide Table 5 Navigation Panel Summary LINK Phone Book Speed Dial Incoming Call Policy PSTN Line General Security Firewall General Rules Anti Probing Threshold Content Filter Keyword Schedule Trusted Advanced Static Route Static Route Bandwidth Summary MGMT Rule Setup Monitor Dynamic DNS...
Table 5 Navigation Panel Summary LINK System General Time Setting Logs View Log Log Settings Tools Firmware Configuration Restart Diagnostic General DSL Line 2.2.3 Main Window The main window displays information and configuration fields. It is discussed in the rest of this document.
Page 52
P-2602R/RL-DxA Series User’s Guide Chapter 2 Introducing the Web Configurator...
This chapter provides information on the Wizard Setup screens for Internet access in the web configurator. 3.1 Introduction Use the wizard setup screens to configure your system for Internet access with the information given to you by your ISP. Note: See the advanced menu chapters for background information on these fields. 3.2 Internet Access Wizard Setup 1 After you enter the password to access the web configurator, select Go to Wizard setup and click Apply.
P-2602R/RL-DxA Series User’s Guide Figure 11 Wizard Welcome 3 Your ZyXEL device attempts to detect your DSL connection and your connection type. The following screen appears if a connection is not detected. Check your hardware connections and click Restart the Internet/Wireless Setup Wizard to return to the wizard welcome screen.
Figure 13 Auto-Detection: PPPoE The following screen appears if the ZyXEL device detects a connection but not the connection type. Click Next and refer to how to manually configure the ZyXEL Device for Internet access. Figure 14 Auto Detection: Failed 3.2.1 Manual Configuration 1 If the ZyXEL Device fails to detect your DSL connection type but the physical line is connected, enter your Internet access information in the wizard screen exactly as your...
P-2602R/RL-DxA Series User’s Guide Figure 15 Internet Access Wizard Setup: ISP Parameters The following table describes the fields in this screen. Table 6 Internet Access Wizard Setup: ISP Parameters LABEL DESCRIPTION Mode From the Mode drop-down list box, select Routing (default) if your ISP allows multiple computers to share an Internet account.
2 The next wizard screen varies depending on what mode and encapsulation type you use. All screens shown are with routing mode. Configure the fields and click Apply to continue. Figure 16 Internet Connection with PPPoE The following table describes the fields in this screen. Table 7 Internet Connection with PPPoE LABEL...
P-2602R/RL-DxA Series User’s Guide Figure 17 Internet Connection with RFC 1483 The following table describes the fields in this screen. Table 8 Internet Connection with RFC 1483 LABEL DESCRIPTION IP Address This field is available if you select Routing in the Mode field. Type your ISP assigned IP address in this field.
The following table describes the fields in this screen. Table 9 Internet Connection with ENET ENCAP LABEL DESCRIPTION Obtain an IP A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not Address fixed;...
P-2602R/RL-DxA Series User’s Guide Table 10 Internet Connection with PPPoA (continued) LABEL DESCRIPTION Back Click Back to go back to the previous wizard screen. Apply Click Apply to save your changes back to the ZyXEL Device. Exit Click Exit to close the wizard screen without saving your changes. •...
VoIP Wizard And Example This chapter shows you how to configure your SIP account(s) and make a VoIP phone call. 4.1 Introduction The ZyXEL Device has Voice over IP (VoIP) communication capabilities that allow you to use a traditional analog telephone to make Internet calls. You can configure the ZyXEL Device to use up to two SIP based VoIP accounts.
P-2602R/RL-DxA Series User’s Guide Figure 22 Select a Mode 2 Click VOICE OVER INTERNET SETUP to configure your SIP settings. Figure 23 Wizard: Welcome Chapter 4 VoIP Wizard And Example...
3 Fill in the VOICE OVER INTERNET SETUP wizard screen with the information provided by your VoIP service provider. Your VoIP service provider supplies you with the following information. When you are finished, click Apply. Table 11 Sample SIP Account Information INFORMATION FROM VOIP SERVICE PROVIDER...
P-2602R/RL-DxA Series User’s Guide Table 12 VoIP Wizard Configuration LABEL SIP Service Domain User Name Password Check here to set up SIP2 settings. Back Apply Exit 4 Your ZyXEL Device will attempt to register your SIP account with your VoIP service provider.
Figure 26 VoIP Wizard Fail 6 This screen displays if your SIP account registration was successful. Click Return to Wizard Main Page if you want to use another configuration wizard. Click Go to Advanced Setup page or Finish to close the wizard and go to the main web configurator screens.
Page 66
P-2602R/RL-DxA Series User’s Guide Chapter 4 VoIP Wizard And Example...
Bandwidth Management Wizard This chapter shows you how to configure basic bandwidth management using the wizard screens. 5.1 Introduction Bandwidth management allows you to control the amount of bandwidth going out through the ZyXEL Device’s WAN port and prioritize the distribution of the bandwidth according to service bandwidth requirements.
P-2602R/RL-DxA Series User’s Guide Table 13 Media Bandwidth Management Setup: Services (continued) SERVICE DESCRIPTION NetMeeting A multimedia communications product from Microsoft that enables groups to (H.323) teleconference and videoconference over the Internet. NetMeeting supports VoIP, text chat sessions, a whiteboard, and file transfers and application sharing. NetMeeting uses H.323.
Figure 28 Select a Mode 2 Click BANDWIDTH MANAGEMENT SETUP. Figure 29 Wizard: Welcome 3 Activate bandwidth management and select to allocate bandwidth to packets based on the packet size or services. Figure 30 Bandwidth Management Wizard: General Information Chapter 5 Bandwidth Management Wizard P-2602R/RL-DxA Series User’s Guide...
P-2602R/RL-DxA Series User’s Guide The following fields describe the label in this screen. Table 14 Bandwidth Management Wizard: General Information LABEL DESCRIPTION Active Select the Active check box to have the ZyXEL Device apply bandwidth management to traffic going out through the ZyXEL Device’s WAN or LAN port. Select Auto Classifier to automatically allocate bandwidth to packets based on the packet size or Services Setup to allocate bandwidth based on the service requirements.
Table 15 Bandwidth Management Wizard: Service Configuration LABEL DESCRIPTION Priority Select High, Mid or Low priority for each service to have your ZyXEL Device use a priority for traffic that matches that service. A service with High priority is given as much bandwidth as it needs. If you select services as having the same priority, then bandwidth is divided equally amongst those services.
Use the Status screens to look at the current status of the device, system resources, interfaces (LAN and WAN), and SIP accounts. You can also register and unregister SIP accounts. The Status screen also provides detailed information from Any IP and DHCP and statistics from VoIP, bandwidth management, and traffic.
P-2602R/RL-DxA Series User’s Guide Each field is described in the following table. Table 16 Status Screen LABEL DESCRIPTION Refresh Interval Enter how often you want the ZyXEL Device to update this screen. Apply Click this to update this screen immediately. Device Information Host Name This field displays the ZyXEL Device system name.
Page 75
Table 16 Status Screen LABEL DESCRIPTION System This field displays how long the ZyXEL Device has been running since it last Uptime started up. The ZyXEL Device starts up when you plug it in, when you restart it (Maintenance > Tools > Restart), or when you reset it (see 47).
P-2602R/RL-DxA Series User’s Guide Table 16 Status Screen LABEL DESCRIPTION Registration This field displays the current registration status of the SIP account. You have to register SIP accounts with a SIP server to use VoIP. If the SIP account is already registered with the SIP server, •...
Table 17 Any IP Table LABEL DESCRIPTION MAC Address This field displays the MAC address of the computer that is using the ZyXEL Device but is in a different subnet than the ZyXEL Device. Refresh Click this to update this screen. 6.3 Packet Statistics Click Status >...
P-2602R/RL-DxA Series User’s Guide Table 18 Packet Statistics (continued) LABEL DESCRIPTION WAN IP Address This is the IP address of the ZyXEL Device’s WAN port. Upstream Speed This is the upstream speed of your ZyXEL Device. Downstream Speed This is the downstream speed of your ZyXEL Device. Node-Link This field displays the remote node index number and link type.
Figure 36 VoIP Statistics Each field is described in the following table. Table 19 VoIP Statistics LABEL DESCRIPTION SIP Status Account This column displays each SIP account in the ZyXEL Device. Registration This field displays the current registration status of the SIP account. You can change this in the Status screen.
Page 80
P-2602R/RL-DxA Series User’s Guide Table 19 VoIP Statistics LABEL DESCRIPTION Phone This field displays each phone port in the ZyXEL Device. Hook This field indicates whether the phone is on the hook or off the hook. On - The phone is hanging up or already hung up. Off - The phone is dialing, calling, or connected.
This chapter describes how to configure WAN settings. 7.1 WAN Overview A WAN (Wide Area Network) is an outside connection to another network or the Internet. 7.1.1 Encapsulation Be sure to use the encapsulation method required by your ISP. The ZyXEL Device supports the following methods.
P-2602R/RL-DxA Series User’s Guide By implementing PPPoE directly on the ZyXEL Device (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the ZyXEL Device does that part of the task. Furthermore, with NAT, all of the LANs’ computers will have access.
7.1.4 IP Address Assignment A static IP is a fixed IP that your ISP gives you. A dynamic IP is not fixed; the ISP assigns you a different one each time. The Single User Account feature can be enabled or disabled if you have either a dynamic or static IP.
P-2602R/RL-DxA Series User’s Guide 7.2 Metric The metric represents the "cost of transmission". A router determines the best route for transmission by choosing a path with the lowest "cost". RIP routing uses hop count as the measurement of cost, with a minimum of "1" for directly connected networks. The number must be between "1"...
Maximum Burst Size (MBS) is the maximum number of cells that can be sent at the PCR. After MBS is reached, cell rates fall below SCR until cell rate averages to the SCR again. At this time, more cells (up to the MBS) can be sent at the PCR again. If the PCR, SCR or MBS is set to the default of "0", the system will assign a maximum value that correlates to your upstream line rate.
P-2602R/RL-DxA Series User’s Guide The VBR-nRT (non real-time Variable Bit Rate) type is used with bursty connections that do not require closely controlled delay and delay variation. It is commonly used for "bursty" traffic typical on LANs. PCR and MBS define the burst levels, SCR defines the minimum level.
Figure 38 Internet Access Setup (PPPoE) The following table describes the labels in this screen. Table 20 Internet Access Setup LABEL General Mode Encapsulation User Name Password Chapter 7 WAN Setup DESCRIPTION Select Routing (default) from the drop-down list box if your ISP allows multiple computers to share an Internet account.
Page 88
P-2602R/RL-DxA Series User’s Guide Table 20 Internet Access Setup (continued) LABEL Service Name Multiplexing Virtual Circuit ID IP Address IP Address Subnet Mask (ENET ENCAP encapsulation only) Gateway IP address (ENET ENCAP encapsulation only) DNS Server First DNS Server Second DNS Server Third DNS Server Connection (PPPoA and PPPoE...
Table 20 Internet Access Setup (continued) LABEL Connect on Demand Select Connect on Demand when you don't want the connection up all the time Max Idle Timeout Apply Cancel Advanced Setup 7.5.1 Advanced Internet Access Setup To edit your ZyXEL Device's advanced WAN settings, click the Advanced Setup button in the Internet Access Setup screen.
P-2602R/RL-DxA Series User’s Guide Table 21 Advanced Internet Access Setup (continued) LABEL DESCRIPTION ATM QoS Type Select CBR (Continuous Bit Rate) to specify fixed (always-on) bandwidth for voice or data traffic. Select UBR (Unspecified Bit Rate) for applications that are non-time sensitive, such as e-mail.
Figure 40 WAN More Connections The following table describes the labels in this screen. Table 22 Advanced Internet Access Setup LABEL DESCRIPTION This is an index number indicating the number of the corresponding connection. Active This field indicates whether the connection is active or not. Name This is the name you gave to the Internet connection.
P-2602R/RL-DxA Series User’s Guide Figure 41 Traffic Redirect Example The following network topology allows you to avoid triangle route security issues when the backup gateway is connected to the LAN. Use IP alias to configure the LAN into two or three logical networks with the ZyXEL Device itself as the gateway for each LAN network.
Figure 42 Traffic Redirect LAN Setup 7.8 WAN Backup Setup To configure your ZyXEL Device’s WAN backup, click Network > WAN > WAN Backup Setup. Chapter 7 WAN Setup P-2602R/RL-DxA Series User’s Guide...
P-2602R/RL-DxA Series User’s Guide The following table describes the labels in this screen. Table 23 WAN Backup Setup LABEL DESCRIPTION Backup Type Select the method that the ZyXEL Device uses to check the DSL connection. Select DSL Link to have the ZyXEL Device check if the connection to the DSLAM is up.
This chapter describes how to configure LAN settings. 8.1 LAN Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is a computer network limited to the immediate area, usually the same building or floor of a building.
P-2602R/RL-DxA Series User’s Guide 8.1.2 DHCP Setup DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the ZyXEL Device as a DHCP server or disable it. When configured as a server, the ZyXEL Device provides the TCP/IP configuration for the clients.
8.1.4 DNS Server Address Assignment Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. There are two ways that an ISP disseminates the DNS server addresses.
P-2602R/RL-DxA Series User’s Guide 8.2.1.1 Private IP Addresses Every machine on the Internet must have a unique address. If your networks are isolated from the Internet, for example, only between your two branch offices, you can assign any IP addresses to the hosts without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks: •...
8.2.3 Multicast Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of hosts on the network - not everybody and not just 1. IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data.
P-2602R/RL-DxA Series User’s Guide Figure 44 Any IP Example The Any IP feature does not apply to a computer using either a dynamic IP address or a static IP address that is in the same subnet as the ZyXEL Device’s IP address. Note: You must enable NAT/SUA to use the Any IP feature on the ZyXEL Device.
After all the routing information is updated, the computer can access the ZyXEL Device and the Internet as if it is in the same subnet as the ZyXEL Device. 8.3 Configuring LAN IP Click Network > LAN to open the IP screen. See information.
P-2602R/RL-DxA Series User’s Guide Figure 46 Advanced LAN Setup The following table describes the labels in this screen. Table 25 Advanced LAN Setup LABEL DESCRIPTION RIP & Multicast Setup RIP Direction Select the RIP direction from None, Both, In Only and Out Only. RIP Version Select the RIP version from RIP-1, RIP-2B and RIP-2M.
8.4 DHCP Setup Click Network > DHCP Setup to open this screen. Use this screen to configure the DNS server information that the ZyXEL Device sends to the DHCP client devices on the LAN. Figure 47 DHCP Setup The following table describes the labels in this screen. Table 26 DHCP Setup LABEL DHCP Setup...
P-2602R/RL-DxA Series User’s Guide Table 26 DHCP Setup LABEL First DNS Server Second DNS Server Third DNS Server Apply Cancel 8.5 LAN Client List This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Media Access Control) address.
Figure 48 LAN Client List The following table describes the labels in this screen. Table 27 LAN Client List LABEL DESCRIPTION IP Address Enter the IP address that you want to assign to the computer on your LAN with the MAC address that you will also specify.
P-2602R/RL-DxA Series User’s Guide 8.6 LAN IP Alias IP alias allows you to partition a physical network into different logical networks over the same Ethernet interface. The ZyXEL Device supports three logical LAN interfaces via its single physical Ethernet interface with the ZyXEL Device itself as the gateway for each LAN network.
The following table describes the labels in this screen. Table 28 LAN IP Alias LABEL DESCRIPTION IP Alias 1, 2 Select the check box to configure another LAN network for the ZyXEL Device. IP Address Enter the IP address of your ZyXEL Device in dotted decimal notation. Alternatively, click the right mouse button to copy and/or paste the IP address.
Page 108
P-2602R/RL-DxA Series User’s Guide Chapter 8 LAN Setup...
Network Address Translation This chapter discusses how to configure NAT on the ZyXEL Device. 9.1 NAT Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
P-2602R/RL-DxA Series User’s Guide 9.1.2 What NAT Does In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host.
9.1.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP Alias) behind the ZyXEL Device can communicate with three distinct WAN networks. Figure 52 NAT Application With IP Alias 9.1.5 NAT Mapping Types NAT supports five types of IP/port mapping.
P-2602R/RL-DxA Series User’s Guide Port numbers do NOT change for One-to-One and Many-to-Many No Overload NAT mapping types. The following table summarizes these types. Table 30 NAT Mapping Types TYPE One-to-One Many-to-One (SUA/PAT) Many-to-Many Overload Many-to-Many No Overload Server 9.2 SUA (Single User Account) Versus NAT SUA (Single User Account) is a ZyNOS implementation of a subset of NAT that supports two types of mapping, Many-to-One and Server.
Figure 53 NAT General The following table describes the labels in this screen. Table 31 NAT General LABEL DESCRIPTION Active Select this check box to enable NAT. Network Address Translation (NAT) SUA Only Select this radio button if you have just one public WAN IP address for your ZyXEL Device.
P-2602R/RL-DxA Series User’s Guide You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one server can support more than one service (for example both FTP and web service), it might be better to specify a range of port numbers.
9.4.3 Configuring Servers Behind Port Forwarding (Example) Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example).
P-2602R/RL-DxA Series User’s Guide The following table describes the fields in this screen. Table 33 Port Forwarding LABEL Default Server Setup Default Server In addition to the servers for specified services, NAT supports a default server. A default server receives packets from ports that are not specified in this screen. If you do not assign a Default Server IP address, the ZyXEL Device discards all packets received for ports that are not specified here or in the remote management setup.
The following table describes the fields in this screen. Table 34 Port Forwarding Rule Setup LABEL Active Click this check box to enable the rule. Service Name Enter a name to identify this port-forwarding rule. Start Port Enter a port number in this field. To forward only one port, enter the port number again in the End Port field.
P-2602R/RL-DxA Series User’s Guide Figure 57 Network > NAT > ALG Each field is described in the following table. Table 35 Network > NAT > ALG LABEL DESCRIPTION Enable SIP ALG Select this to make sure SIP (VoIP) works correctly with port-forwarding and address-mapping rules.
This chapter provides background information on VoIP and SIP and explains how to configure your device’s voice settings. 10.1 Introduction to VoIP VoIP is the sending of voice signals over the Internet Protocol. This allows you to make phone calls and send faxes over the Internet at a fraction of the cost of using the traditional circuit- switched telephone network.
P-2602R/RL-DxA Series User’s Guide 10.2.1.2 SIP Service Domain The SIP service domain of the VoIP service provider is the domain name in a SIP URI. For example, if the SIP address is [email protected], then “VoIP-provider.com” is the SIP service domain. 10.2.2 SIP Call Progression The following figure displays the basic steps in the setup and tear down of a SIP call.
10.2.3.1 SIP User Agent A SIP user agent can make and receive VoIP telephone calls. This means that SIP can be used for peer-to-peer communications even though it is a client-server protocol. In the following figure, either A or B can act as a SIP user agent client to initiate a call. A and B can also both act as a SIP user agent to receive the call.
P-2602R/RL-DxA Series User’s Guide Figure 59 SIP Proxy Server 10.2.3.3 SIP Redirect Server A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends the translated IP address back to the device that sent the request. Then the client device that originally sent the request can send requests to the IP address that it received back from the redirect server.
Figure 60 SIP Redirect Server 10.2.3.4 SIP Register Server A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your user name and password when you register. 10.2.3.5 Multiple SIP Accounts You can set up 2 SIP accounts on your ZyXEL Device and your ZyXEL Device is equipped with 2 phone ports.
P-2602R/RL-DxA Series User’s Guide Figure 61 SIP > SIP Settings Each field is described in the following table. Table 37 SIP > SIP Settings LABEL DESCRIPTION SIP Account Select the SIP account you want to see in this screen. If you change this field, the screen automatically refreshes.
Table 37 SIP > SIP Settings LABEL DESCRIPTION SIP Service Enter the SIP service domain name. In the full SIP URI, this is the part after the @ Domain symbol. You can use up to 127 printable ASCII Extended set characters. Send Caller ID Select this if you want to send identification when you make VoIP phone calls.
P-2602R/RL-DxA Series User’s Guide 10.6 PSTN Call Setup Signaling Dual-Tone MultiFrequency (DTMF) signaling uses pairs of frequencies (one lower frequency and one higher frequency) to set up calls. It is also known as Touch Tone®. Each of the keys on a DTMF telephone corresponds to a different pair of frequencies. Pulse dialing sends a series of clicks to the local phone office in order to dial numbers.
4 You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are done. 10.8.0.2 Listening to Custom Tones Do the following to listen to a custom tone: 1 Pick up the phone and press “****” on your phone’s keypad and wait for the message that says you are in the configuration menu.
Each field is described in the following table. Table 39 VoIP > SIP Settings > Advanced LABEL DESCRIPTION SIP Account This field displays the SIP account you see in this screen. SIP Server Settings URL Type Select whether or not to include the SIP service domain name when the ZyXEL Device sends the SIP number.
Page 130
P-2602R/RL-DxA Series User’s Guide Table 39 VoIP > SIP Settings > Advanced LABEL DESCRIPTION DTMF Mode Control how the ZyXEL Device handles the tones that your telephone makes when you push its buttons. You should use the same mode your VoIP service provider uses.
Table 39 VoIP > SIP Settings > Advanced LABEL DESCRIPTION Back Click this to return to the SIP Settings screen without saving your changes. Apply Click this to save your changes and to apply them to the ZyXEL Device. Cancel Click this to set every field in this screen to its last-saved value.
P-2602R/RL-DxA Series User’s Guide Figure 63 DiffServ: Differentiated Service Field DSCP (6-bit) The DSCP value determines the forwarding behavior, the PHB (Per-Hop Behavior), that each packet gets across the DiffServ network. Based on the marking rule, different kinds of traffic can be marked for different priorities of forwarding.
Table 40 SIP > QoS LABEL DESCRIPTION Voice VLAN ID Select this if the ZyXEL Device has to be a member of a VLAN to communicate with the SIP server. Ask your network administrator, if you are not sure. Enter the VLAN ID provided by your network administrator in the field on the right.
P-2602R/RL-DxA Series User’s Guide 10.11.4 Echo Cancellation G.168 is an ITU-T standard for eliminating the echo caused by the sound of your voice reverberating in the telephone receiver while you talk. 10.12 Analog Phone Use this screen to control which SIP accounts and PSTN line each phone uses. To configure your analog phone settings, click VoIP >...
Table 41 Phone > Analog Phone LABEL DESCRIPTION PSTN Line (“L” Select this if you want to receive phone calls from the PSTN line (that do not use models only) the Internet) on this phone port. If you select more than one source for incoming calls, there is no way to distinguish between them when you receive phone calls.
P-2602R/RL-DxA Series User’s Guide Table 42 Phone > Analog Phone > Advanced LABEL DESCRIPTION Speaking Volume Enter the loudness that the ZyXEL Device uses for speech that it sends to the peer device. -1 is the quietest, and 1 is the loudest. Listening Volume Enter the loudness that the ZyXEL Device uses for speech that it receives from the peer device.
Figure 67 Phone > Common Each field is described in the following table. Table 43 Phone > Common LABEL DESCRIPTION Active Immediate Select this if you want to use the pound key (#) to tell the ZyXEL Device to make Dial the phone call immediately, instead of waiting the number of seconds you selected in the Dialing Interval Select in VoIP >...
P-2602R/RL-DxA Series User’s Guide 10.14.1 The Flash Key Flashing means to press the hook for a short period of time (a few hundred milliseconds) before releasing it. On newer telephones, there should be a "flash" key (button) that generates the signal electronically. If the flash key is not available, you can tap (press and immediately release) the hook by hand to achieve the same effect.
If you hang up the phone but a caller is still on hold, there will be a remind ring. 10.14.2.2 European Call Waiting This allows you to place a call on hold while you answer another incoming call on the same telephone (directory) number.
P-2602R/RL-DxA Series User’s Guide After pressing the flash key, if you do not issue the sub-command before the default sub- command timeout (2 seconds) expires or issue an invalid sub-command, the current operation will be aborted. Table 45 USA Flash Key Commands COMMAND SUB-COMMAND Flash...
3 When party B answers the second call, press the flash key to create a three-way conversation. 4 Hang up the phone to drop the connection. 5 If you want to separate the activated three-way conference into two individual connections (with party A on-line and party B on hold), press the flash key. 6 If you want to go back to the three-way conversation, press the flash key again.
P-2602R/RL-DxA Series User’s Guide 10.16.1 Peer-to-Peer Calls You can call another VoIP device directly without going through a SIP server. You must set up a speed dial entry in the phone book in order to do this. Select Non-Proxy (Use IP or URL) in the Type column and enter the callee’s IP address or domain name.
Table 47 Phone Book > Speed Dial LABEL DESCRIPTION Number Enter the SIP number you want the ZyXEL Device to call when you dial the speed- dial number. Name Enter a name to identify the party you call when you dial the speed-dial number. You can use up to 127 printable ASCII characters.
P-2602R/RL-DxA Series User’s Guide Figure 70 Phone Book > Incoming Call Policy You can create two sets of call-forwarding rules. Each one is stored in a call-forwarding table. Each field is described in the following table. Table 48 Phone Book > Incoming Call Policy LABEL DESCRIPTION Table Number...
Table 48 Phone Book > Incoming Call Policy LABEL DESCRIPTION Advanced Setup The ZyXEL Device checks these rules before it checks the rules in the Forward to Number section. This field is a sequential value, and it is not associated with a specific rule. The sequence is important, however.
P-2602R/RL-DxA Series User’s Guide Figure 71 PSTN Line > General Each field is described in the following table. Table 49 PSTN Line > General LABEL DESCRIPTION PSTN Line Pre-fix Enter 1 - 7 numbers you dial before you dial the phone number, if you want to Number make a regular phone call while one of your SIP accounts is registered.
This chapter describes how to use a phone connected to your ZyXEL Device for basic tasks. 11.1 Dialing a Telephone Number The PHONE LED turns green when your SIP account is registered. Dial a SIP number like “12345” on your phone’s keypad. Use speed dial entries (see that use letters.
P-2602R/RL-DxA Series User’s Guide 11.5 Auto Firmware Upgrade During auto-provisioning, the ZyXEL Device checks to see if there is a newer firmware version. If newer firmware is available, the ZyXEL Device plays a recording when you pick up your phone’s handset. Press “*99#”...
This chapter gives some background information on firewalls and introduces the ZyXEL Device firewall. 12.1 Firewall Overview Originally, the term firewall referred to a construction technique designed to prevent the spread of fire from one room to another. The networking term “firewall” is a system or group of systems that enforces an access-control policy between two networks.
P-2602R/RL-DxA Series User’s Guide 12.2.2 Application-level Firewalls Application-level firewalls restrict access by serving as proxies for external servers. Since they use programs written for specific Internet services, such as HTTP, FTP and telnet, they can evaluate network packets for valid application-specific data. Application-level gateways have a number of general advantages over the default mode of permitting application traffic directly to internal hosts: Information hiding prevents the names of internal systems from being made known via DNS...
• The LAN (Local Area Network) port attaches to a network of computers, which needs security from the outside world. These computers will have access to Internet services such as e-mail, FTP, and the World Wide Web. However, “inbound access” will not be allowed unless you configure remote management or create a firewall rule to allow a remote host to use a specific service.
P-2602R/RL-DxA Series User’s Guide Some of the most common IP ports are: Table 50 Common IP Ports Telnet SMTP 12.4.2 Types of DoS Attacks There are four types of DoS attacks: 1 Those that exploit bugs in a TCP/IP implementation. 2 Those that exploit weaknesses in the TCP/IP specification.
Under normal circumstances, the application that initiates a session sends a SYN (synchronize) packet to the receiving server. The receiver sends back an ACK (acknowledgment) packet and its own SYN, and then the initiator responds with an ACK (acknowledgment). After this handshake, a connection is established. •...
P-2602R/RL-DxA Series User’s Guide Figure 75 Smurf Attack 12.4.2.1 ICMP Vulnerability ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types trigger an alert: Table 51 ICMP Commands That Trigger Alerts REDIRECT TIMESTAMP_REQUEST TIMESTAMP_REPLY ADDRESS_MASK_REQUEST ADDRESS_MASK_REPLY 12.4.2.2 Illegal Commands (NetBIOS and SMTP) The only legal NetBIOS commands are the following - all others are illegal.
12.4.2.3 Traceroute Traceroute is a utility used to determine the path a packet takes between two endpoints. Sometimes when a packet filter firewall is configured incorrectly an attacker can traceroute the firewall gaining knowledge of the network topology inside the firewall. Often, many DoS attacks also employ a technique known as "IP Spoofing"...
P-2602R/RL-DxA Series User’s Guide The previous figure shows the ZyXEL Device’s default firewall rules in action as well as demonstrates how stateful inspection works. User A can initiate a Telnet session from within the LAN and responses to this request are allowed. However other Telnet traffic initiated from the WAN is blocked.
• Allow certain types of traffic from the Internet to specific hosts on the LAN. • Allow access to a Web server to everyone but competitors. • Restrict use of certain protocols, such as Telnet, to authorized users on the LAN. These custom rules work by evaluating the network traffic’s Source IP address, Destination IP address, IP protocol type, and comparing these to rules set by the administrator.
P-2602R/RL-DxA Series User’s Guide A similar situation exists for ICMP, except that the ZyXEL Device is even more restrictive. Specifically, only outgoing echoes will allow incoming echo replies, outgoing address mask requests will allow incoming address mask replies, and outgoing timestamp requests will allow incoming timestamp replies.
• Encourage your company or organization to develop a comprehensive security plan. Good network administration takes into account what hackers can do and prepares against attacks. The best defense against hackers and crackers is information. Educate all employees about the importance of security and how to minimize risk. Produce lists like this one! •...
P-2602R/RL-DxA Series User’s Guide 12.7.1.1 When To Use Filtering • To block/allow LAN packets by their MAC addresses. • To block/allow special IP packets which are neither TCP nor UDP, nor ICMP packets. • To block/allow both inbound (WAN to LAN) and outbound (LAN to WAN) traffic between the specific inside host/network "A"...
This chapter shows you how to enable and configure the ZyXEL Device firewall. 13.1 Access Methods The web configurator is, by far, the most comprehensive firewall configuration tool your ZyXEL Device has to offer. For this reason, it is recommended that you configure your firewall using the web configurator.
P-2602R/RL-DxA Series User’s Guide Note: If you configure firewall rules without a good understanding of how they work, you might inadvertently introduce security risks to the firewall and to the protected network. Make sure you test your rules after you configure them. For example, you may create rules to: •...
4 Does a rule that allows Internet users access to resources on the LAN create a security vulnerability? For example, if FTP ports (TCP 20, 21) are allowed from the Internet to the LAN, Internet users may be able to connect to computers with running FTP servers. 5 Does this rule conflict with any existing rules? 6 Once these questions have been answered, adding rules is simply a matter of plugging the information into the correct fields in the web configurator screens.
P-2602R/RL-DxA Series User’s Guide 13.4.1 LAN to WAN Rules The default rule for LAN to WAN traffic is that all users on the LAN are allowed non- restricted access to the WAN. When you configure a LAN to WAN rule, you in essence want to limit some or all users from accessing certain services on the WAN.
The following table describes the labels in this screen. Table 54 Firewall: General LABEL DESCRIPTION Active Firewall Select this check box to activate the firewall. The ZyXEL Device performs access control and protects against Denial of Service (DoS) attacks when the firewall is activated.
P-2602R/RL-DxA Series User’s Guide Figure 78 Firewall Rules The following table describes the labels in this screen. Table 55 Firewall Rules LABEL DESCRIPTION Firewall Rules This read-only bar shows how much of the ZyXEL Device's memory for recording Storage Space firewall rules it is currently using.
Table 55 Firewall Rules (continued) LABEL DESCRIPTION This field shows you whether a log is created when packets match this rule (Yes) or not (No). Modify Click the Edit icon to go to the screen where you can edit the rule. Click the Remove icon to delete an existing firewall rule.
The following table describes the labels in this screen. Table 56 Firewall: Edit Rule LABEL DESCRIPTION Active Select this option to enable this firewall rule. Action for Matched Use the drop-down list box to select what the firewall is to do with packets that Packet match this rule.
P-2602R/RL-DxA Series User’s Guide Table 56 Firewall: Edit Rule (continued) LABEL DESCRIPTION Apply Click Apply to save your customized settings and exit this screen. Cancel Click Cancel to exit this screen without saving. 13.6.2 Customized Services Configure customized services and port numbers not predefined by the ZyXEL Device. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website.
13.6.3 Configuring A Customized Service Click a rule number in the Firewall Customized Services screen to create a new custom port or edit an existing one. This action displays the following screen. Refer to Section 12.1 on page 149 Figure 81 Firewall: Configure Customized Services The following table describes the labels in this screen.
P-2602R/RL-DxA Series User’s Guide Figure 82 Firewall Example: Rules 3 In the Rules screen, select the index number after that you want to add the rule. For example, if you select “6”, your new rule becomes number 7 and the previous rule 7 (if there is one) becomes rule 8.
P-2602R/RL-DxA Series User’s Guide Figure 84 Firewall Example: Edit Rule: Destination Address 9 Use the Add >> and Remove buttons between Available Services and Selected Services list boxes to configure it as follows. Click Apply when you are done. Note: Custom services show up with an “*” before their names in the Services list box and the Rules list box.
P-2602R/RL-DxA Series User’s Guide Figure 85 Firewall Example: Edit Rule: Select Customized Services On completing the configuration procedure for this Internet firewall rule, the Rules screen should look like the following. Rule 1 allows a “MyService” connection from the WAN to IP addresses 10.0.0.10 through 10.0.0.15 on the LAN.
Figure 86 Firewall Example: Rules: MyService 13.8 DoS Thresholds For DoS attacks, the ZyXEL Device uses thresholds to determine when to drop sessions that do not become fully established. These thresholds apply globally to all sessions. You can use the default threshold values, or you can change them to values more suitable to your security requirements.
P-2602R/RL-DxA Series User’s Guide You should make any changes to the threshold values before you continue configuring firewall rules. 13.8.2 Half-Open Sessions An unusually high number of half-open sessions (either an absolute number or measured as the arrival rate) could indicate that a Denial of Service attack is occurring. For TCP, "half- open"...
13.8.3 Configuring Firewall Thresholds The ZyXEL Device also sends alerts whenever TCP Maximum Incomplete is exceeded. The global values specified for the threshold and timeout apply to all TCP connections. Click Firewall, and Threshold to bring up the next screen. Figure 87 Firewall: Threshold The following table describes the labels in this screen.
Page 178
P-2602R/RL-DxA Series User’s Guide Table 59 Firewall: Threshold (continued) LABEL DESCRIPTION Maximum This is the number of existing half-open Incomplete Low sessions that causes the firewall to stop deleting half-open sessions. The ZyXEL Device continues to delete half-open requests as necessary, until the number of existing half-open sessions drops below this number.
This chapter covers how to configure content filtering. 14.1 Content Filtering Overview Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering gives you the ability to block web sites that contain key words (that you specify) in the URL.
P-2602R/RL-DxA Series User’s Guide The following table describes the labels in this screen. Table 60 Content Filter: Keyword LABEL Active Keyword Blocking Block Websites that contain these keywords in the URL: Delete Clear All Keyword Add Keyword Apply Cancel 14.3 Configuring the Schedule To set the days and times for the ZyXEL Device to perform content filtering, click Security >...
The following table describes the labels in this screen. Table 61 Content Filter: Schedule LABEL DESCRIPTION Schedule Select Active Everyday to Block to make the content filtering active everyday. Otherwise, select Edit Daily to Block and configure which days of the week (or everyday) and which time of the day you want the content filtering to be active.
Page 182
P-2602R/RL-DxA Series User’s Guide Chapter 14 Content Filtering...
This chapter shows you how to configure static routes for your ZyXEL Device. 15.1 Static Route Each remote node specifies only the network to which the gateway is directly connected, and the ZyXEL Device has no knowledge of the networks beyond. For instance, the ZyXEL Device knows about network N2 in the following figure through remote node Router 1.
P-2602R/RL-DxA Series User’s Guide Figure 92 Static Route The following table describes the labels in this screen. Table 63 Static Route LABEL DESCRIPTION This is the number of an individual static route. Active This field shows whether this static route is active (Yes) or not (No). Name This is the name that describes or identifies this route.
15.2.1 Static Route Edit Select a static route index number and click Edit. The screen shown next appears. Use this screen to configure the required information for a static route. Figure 93 Static Route Edit The following table describes the labels in this screen. Table 64 Static Route Edit LABEL DESCRIPTION...
Page 186
P-2602R/RL-DxA Series User’s Guide Chapter 15 Static Route...
Bandwidth Management This chapter contains information about configuring bandwidth management, editing rules and viewing the ZyXEL Device’s bandwidth management logs. 16.1 Bandwidth Management Overview ZyXEL’s Bandwidth Management allows you to specify bandwidth management rules based on an application and/or subnet. You can allocate specific amounts of bandwidth capacity (bandwidth budgets) to different bandwidth rules.
P-2602R/RL-DxA Series User’s Guide Figure 94 Subnet-based Bandwidth Management Example 16.4 Application and Subnet-based Bandwidth Management You could also create bandwidth classes based on a combination of a subnet and an application. The following example table shows bandwidth allocations for application specific traffic from separate LAN subnets.
16.6 Maximize Bandwidth Usage The maximize bandwidth usage option (see to divide up any available bandwidth on the interface (including unallocated bandwidth and any allocated bandwidth that a class is not using) among the bandwidth classes that require more bandwidth. When you enable maximize bandwidth usage, the ZyXEL Device first makes sure that each bandwidth class gets up to its bandwidth allotment.
P-2602R/RL-DxA Series User’s Guide The ZyXEL Device divides up the unbudgeted 2048 kbps among the classes that require more bandwidth. If the administration department only uses 1024 kbps of the budgeted 2048 kbps, the ZyXEL Device also divides the remaining 1024 kbps among the classes that require more bandwidth.
• Each class gets up to its budgeted bandwidth. The administration class only uses 1024 kbps of its budgeted 2048 kbps. • The ZyXEL Device divides the total 3072 kbps total of unbudgeted and unused bandwidth equally among the other classes. 1024 kbps extra goes to each so the other classes each get a total of 3072 kbps.
P-2602R/RL-DxA Series User’s Guide The following table describes the labels in this screen. Table 70 Media Bandwidth Management: Summary LABEL DESCRIPTION Interface These read-only labels represent the physical interfaces. Select an interface’s check box to enable bandwidth management on that interface. Bandwidth management applies to all traffic flowing out of the router through the interface, regardless of the traffic’s source.
Figure 96 Bandwidth Management: Rule Setup The following table describes the labels in this screen. Table 71 Bandwidth Management: Rule Setup LABEL Direction Service Priority Bandwidth (kbps) Active Rule Name Destination Port Priority Bandwidth (kbps) Modify Chapter 16 Bandwidth Management DESCRIPTION Select LAN to apply bandwidth management to traffic that the ZyXEL Device forwards to the LAN.
P-2602R/RL-DxA Series User’s Guide Table 71 Bandwidth Management: Rule Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to begin configuring this screen afresh. 16.8.1 Rule Configuration Click the Edit icon or User define in the Service field to configure a bandwidth management rule.
Page 195
Table 72 Bandwidth Management Rule Configuration (continued) LABEL BW Budget Priority Use All Managed Bandwidth Filter Configuration Service Destination Address Enter the destination IP address in dotted decimal notation. Destination Subnet Netmask Destination Port Source Address Source Subnet Netmask Source Port Protocol Back Chapter 16 Bandwidth Management...
P-2602R/RL-DxA Series User’s Guide Table 72 Bandwidth Management Rule Configuration (continued) LABEL Apply Cancel 16.9 Bandwidth Monitor To view the ZyXEL Device’s bandwidth usage and allotments, click Advanced > Bandwidth MGMT > Monitor. The screen appears as shown. Select an interface from the drop-down list box to view the bandwidth usage of its bandwidth rules.
This chapter discusses how to configure your ZyXEL Device to use Dynamic DNS. 17.1 Dynamic DNS Overview Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
P-2602R/RL-DxA Series User’s Guide Figure 99 Dynamic DNS The following table describes the fields in this screen. Table 73 Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Active Dynamic Select this check box to use dynamic DNS. Service Provider This is the name of your Dynamic DNS service provider. Dynamic DNS Select the type of service that you are registered for from your Dynamic DNS Type...
Page 199
Table 73 Dynamic DNS (continued) LABEL DESCRIPTION Dynamic DNS Select this option only when there are one or more NAT routers between the ZyXEL server auto Device and the DDNS server. This feature has the DDNS server automatically detect IP detect and use the IP address of the NAT router that has a public IP address.
Page 200
P-2602R/RL-DxA Series User’s Guide Chapter 17 Dynamic DNS Setup...
This chapter provides information on configuring remote management. 18.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which ZyXEL Device interface (if any) from which computers. Note: When you configure remote management to allow management from the WAN, you still need to configure a firewall rule to allow access.
P-2602R/RL-DxA Series User’s Guide • The IP address in the Secured Client IP field does not match the client IP address. If it does not match, the ZyXEL Device will disconnect the session immediately. • There is already another remote management session with an equal or higher priority running.
The following table describes the labels in this screen. Table 74 Remote Management: WWW LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Access Status Select the interface(s) through which a computer may access the ZyXEL Device using this service.
P-2602R/RL-DxA Series User’s Guide Figure 102 Remote Management: Telnet The following table describes the labels in this screen. Table 75 Remote Management: Telnet LABEL Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
Figure 103 Remote Management: FTP The following table describes the labels in this screen. Table 76 Remote Management: FTP LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Access Status Select the interface(s) through which a computer may access the ZyXEL Device using this service.
P-2602R/RL-DxA Series User’s Guide Figure 104 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the ZyXEL Device). An agent translates the local management information from the managed device into a form compatible with SNMP.
18.6.1 Supported MIBs The ZyXEL Device supports MIB II that is defined in RFC-1213 and RFC-1215. The focus of the MIBs is to let administrators collect statistical data and monitor status and performance. 18.6.2 SNMP Traps The ZyXEL Device will send traps to the SNMP manager when any one of the following events occurs: Table 77 SNMP Traps TRAP #...
P-2602R/RL-DxA Series User’s Guide Figure 105 Remote Management: SNMP The following table describes the labels in this screen. Table 78 Remote Management: SNMP LABEL SNMP Port Access Status Secured Client IP SNMP Configuration Get Community Set Community Trap Community Destination Apply Cancel DESCRIPTION...
18.7 Configuring DNS Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Refer to Chapter 8 on page 95 To change your ZyXEL Device’s DNS settings, click Advanced > Remote MGMT > DNS. The screen appears as shown.
P-2602R/RL-DxA Series User’s Guide If an outside user attempts to probe an unsupported port on your ZyXEL Device, an ICMP response packet is automatically returned. This allows the outside user to know the ZyXEL Device exists. Your ZyXEL Device supports anti-probing, which prevents the ICMP response packet from being sent.
Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configurator. 19.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network.
P-2602R/RL-DxA Series User’s Guide 19.1.3 Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. All UPnP-enabled devices may communicate freely with each other without additional configuration.
The following table describes the fields in this screen. Table 81 Configuring UPnP LABEL Active the Universal Plug and Play (UPnP) Feature Allow users to make configuration changes through UPnP Allow UPnP to pass through Firewall Apply Cancel 19.3 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP.
P-2602R/RL-DxA Series User’s Guide Figure 109 Add/Remove Programs: Windows Setup: Communication 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box. Figure 110 Add/Remove Programs: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted.
Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections. 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components ….
P-2602R/RL-DxA Series User’s Guide 5 In the Networking Services window, select the Universal Plug and Play check box. Figure 113 Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 19.4 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP.
P-2602R/RL-DxA Series User’s Guide Figure 114 Network Connections 3 In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Chapter 19 Universal Plug-and-Play (UPnP)
P-2602R/RL-DxA Series User’s Guide Figure 115 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings. Chapter 19 Universal Plug-and-Play (UPnP)
Figure 116 Internet Connection Properties: Advanced Settings Figure 117 Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
P-2602R/RL-DxA Series User’s Guide Figure 118 System Tray Icon 7 Double-click on the icon to display your current Internet connection status. Figure 119 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first.
Figure 120 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator login screen displays. Chapter 19 Universal Plug-and-Play (UPnP) P-2602R/RL-DxA Series User’s Guide...
P-2602R/RL-DxA Series User’s Guide Figure 121 Network Connections: My Network Places 6 Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device. Figure 122 Network Connections: My Network Places: Properties: Example Chapter 19 Universal Plug-and-Play (UPnP)
Use this screen to configure the ZyXEL Device’s time and date settings. 20.1 General Setup and System Name General Setup contains administrative and system-related information. System Name is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name".
P-2602R/RL-DxA Series User’s Guide Figure 123 System General Setup The following table describes the labels in this screen. Table 82 System General Setup LABEL DESCRIPTION General Setup System Name Choose a descriptive name for identification purposes. It is recommended you enter your computer’s “Computer name”...
20.2 Time Setting To change your ZyXEL Device’s time and date, click Maintenance > System > Time Setting. The screen appears as shown. Use this screen to configure the ZyXEL Device’s time based on your local time zone. Figure 124 System Time Setting The following table describes the fields in this screen.
Page 226
P-2602R/RL-DxA Series User’s Guide Table 83 System Time Setting (continued) LABEL DESCRIPTION New Time This field displays the last updated time from the time server or the last time configured manually. (hh:mm:ss) When you set Time and Date Setup to Manual, enter the new time in this field and then click Apply.
Page 227
Table 83 System Time Setting (continued) LABEL DESCRIPTION End Date Configure the day and time when Daylight Saving Time ends if you selected Enable Daylight Saving. The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the last Sunday of October.
Page 228
P-2602R/RL-DxA Series User’s Guide Chapter 20 System...
This chapter contains information about configuring general log settings and viewing the ZyXEL Device’s logs. Refer to the appendix for example log message explanations. 21.1 Logs Overview The web configurator allows you to choose which categories of events and/or alerts to have the ZyXEL Device log and then display the logs or have the ZyXEL Device send them to an administrator (as e-mail) or to a syslog server.
P-2602R/RL-DxA Series User’s Guide Figure 125 View Log The following table describes the fields in this screen. Table 84 View Log LABEL DESCRIPTION Display The categories that you select in the Log Settings screen display in the drop-down list box. Select a category of logs to view;...
Alerts are e-mailed as soon as they happen. Logs may be e-mailed as soon as the log is full. Selecting many alert and/or log categories (especially Access Control) may result in many e- mails being sent. Figure 126 Log Settings The following table describes the fields in this screen.
Page 232
P-2602R/RL-DxA Series User’s Guide Table 85 Log Settings LABEL DESCRIPTION Mail Subject Type a title that you want to be in the subject line of the log e-mail message that the ZyXEL Device sends. Not all ZyXEL Device models have this field. Send Log to The ZyXEL Device sends logs to the e-mail address specified in this field.
21.4 SMTP Error Messages If there are difficulties in sending e-mail the following error message appears. “SMTP action request failed. ret= ??". The “??"are described in the following table. Table 86 SMTP Error Messages -1 means ZyXEL Device out of socket -2 means tcp SYN fail -3 means smtp server OK fail -4 means HELO fail...
This chapter explains how to upload new firmware, manage configuration files and restart your ZyXEL Device. Note: Do not interrupt the file transfer process as this may PERMANENTLY DAMAGE YOUR ZyXEL Device. 22.1 Introduction Use the instructions in this chapter to change the device’s configuration file or upgrade its firmware.
P-2602R/RL-DxA Series User’s Guide This is a sample FTP session saving the current configuration to the computer file “ ”. config.cfg If your (T)FTP client does not allow you to have a destination filename different than the source, you will need to rename them as the ZyXEL Device only recognizes “rom-0” and “ras”.
Figure 128 Firmware Upgrade The following table describes the labels in this screen. Table 88 Firmware Upgrade LABEL DESCRIPTION Current Firmware This is the present Firmware version and the date created. Version File Path Type in the location of the file you want to upload in this field or click Browse ... to find it.
P-2602R/RL-DxA Series User’s Guide The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 130 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen. If the upload was not successful, the following screen will appear.
Figure 132 Configuration 22.5.1 Backup Configuration Backup Configuration allows you to back up (save) the ZyXEL Device’s current configuration to a file on your computer. Once your ZyXEL Device is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes.
P-2602R/RL-DxA Series User’s Guide After you see a “restore configuration successful” screen, you must then wait one minute before logging into the ZyXEL Device again. Figure 133 Configuration Upload Successful The ZyXEL Device automatically restarts in this time causing a temporary network disconnect.
Figure 136 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your ZyXEL Device. Refer to 22.6 Restart System restart allows you to reboot the ZyXEL Device without turning the power off. Click Maintenance >...
P-2602R/RL-DxA Series User’s Guide 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default is “1234”). 5 Enter “ ” to set transfer mode to binary. 6 Use “ ” to transfer files from the ZyXEL Device to the computer, for example, “ rom-0 config.rom computer and renames it “...
22.7.4 Backup Configuration Using TFTP The ZyXEL Device supports the up/downloading of the firmware and the configuration file using TFTP (Trivial File Transfer Protocol) over LAN. Although TFTP should work over WAN as well, it is not recommended. To use TFTP, your computer must have both telnet and TFTP clients. To backup the configuration file, follow the procedure shown next.
P-2602R/RL-DxA Series User’s Guide 22.7.6 Configuration Backup Using GUI-based TFTP Clients The following table describes some of the fields that you may see in GUI-based TFTP clients. Table 91 General Commands for GUI-based TFTP Clients COMMAND DESCRIPTION Host Enter the IP address of the ZyXEL Device. 192.168.1.1 is the ZyXEL Device’s default IP address when shipped.
22.8.1 Restore Using FTP Session Example Figure 139 Restore Using FTP Session Example ftp> put config.rom rom-0 200 Port command okay 150 Opening data connection for STOR rom-0 226 File received OK 221 Goodbye for writing flash ftp: 16384 bytes sent in 0.06Seconds 273.07Kbytes/sec. ftp>quit Refer to Section 22.3 on page 236...
P-2602R/RL-DxA Series User’s Guide 22.9.2 FTP Session Example of Firmware File Upload Figure 140 FTP Session Example of Firmware File Upload 331 Enter PASS command Password: 230 Logged in ftp> bin 200 Type I OK ftp> put firmware.bin ras 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp: 1103936 bytes sent in 1.10Seconds...
22.9.4 TFTP Upload Command Example The following is an example TFTP command: tftp [-i] host put firmware.bin ras Where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the device’s IP address, “put” transfers the file source on the computer (firmware.bin –...
Page 248
P-2602R/RL-DxA Series User’s Guide Chapter 22 Tools...
These read-only screens display information to help you identify problems with the ZyXEL Device. 23.1 General Diagnostic Click Maintenance > Diagnostic to open the screen shown next. Figure 141 Diagnostic: General The following table describes the fields in this screen. Table 92 Diagnostic: General LABEL DESCRIPTION...
P-2602R/RL-DxA Series User’s Guide Figure 142 Diagnostic: DSL Line The following table describes the fields in this screen. Table 93 Diagnostic: DSL Line LABEL ATM Status Click this button to view your DSL connection’s Asynchronous Transfer Mode (ATM) statistics. ATM is a networking technology that provides high-speed data transfer. ATM uses fixed-size packets of information called cells.
Page 251
Table 93 Diagnostic: DSL Line (continued) LABEL DSL Line Status Click this button to view statistics about the DSL connections. noise margin downstream is the signal to noise ratio for the downstream part of the connection (coming into the ZyXEL Device from the ISP). It is measured in decibels.
Page 252
P-2602R/RL-DxA Series User’s Guide Chapter 23 Diagnostic...
This chapter covers potential problems and the corresponding remedies. 24.1 Problems Starting Up the ZyXEL Device Table 94 Troubleshooting Starting Up Your Device PROBLEM CORRECTIVE ACTION None of the Make sure that the ZyXEL Device’s power adaptor is connected to the ZyXEL Device lights turn on and plugged in to an appropriate power source.
P-2602R/RL-DxA Series User’s Guide 24.3 Problems with the WAN Table 96 Troubleshooting the WAN PROBLEM CORRECTIVE ACTION The DSL light is Check the telephone wire and connections between the ZyXEL Device DSL port off. and the wall jack. Make sure that the telephone company has checked your phone line and set it up for DSL service.
24.4 Problems Accessing the ZyXEL Device Table 97 Troubleshooting Accessing Your Device PROBLEM CORRECTIVE ACTION I cannot The username is “admin”. The default password is “1234”. The Password and access the Username fields are case-sensitive. Make sure that you enter the correct password ZyXEL Device.
P-2602R/RL-DxA Series User’s Guide • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. 24.4.1.1 Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device. Either disable pop-up blocking (enabled by default in Windows XP SP (Service Pack) 2) or allow pop-up blocking and create an exception for your device’s IP address.
Figure 144 Internet Options 3 Click Apply to save this setting. 24.4.1.1.2 Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab. 2 Select Settings…to open the Pop-up Blocker Settings screen.
P-2602R/RL-DxA Series User’s Guide Figure 145 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites. Chapter 24 Troubleshooting...
Figure 146 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 24.4.1.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab.
P-2602R/RL-DxA Series User’s Guide Figure 147 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). 6 Click OK to close the window.
Figure 148 Security Settings - Java Scripting 24.4.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
P-2602R/RL-DxA Series User’s Guide Figure 149 Security Settings - Java 24.4.1.3.1 JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for
Figure 150 Java (Sun) 24.5 Telephone Problems Table 98 Troubleshooting Telephone PROBLEM CORRECTIVE ACTION The telephone port Check the telephone connections and telephone wire. won’t work or the Make sure you have the VoIP SIP Settings screen properly configured. telephone lacks a dial tone.
P-2602R/RL-DxA Series User’s Guide 24.6 Problems With Multiple SIP Accounts You can set up two SIP accounts on your ZyXEL Device and your ZyXEL Device is equipped with two phone ports. By default your ZyXEL Device uses SIP account 1 with both phone ports for outgoing calls and it uses SIP accounts 1 and 2 for incoming calls.
Figure 152 Outgoing Calls: Individual SIP Accounts 24.6.2 Incoming Calls The following figure represents the default behavior of your ZyXEL Device when two SIP accounts are configured and you are using two phones. When a call comes in from your SIP account 1, the phones connected to both phone port 1 and phone port 2 ring.
See also Chapter 1 on page 35 Specification Tables Table 99 Device Specifications Default IP Address Default Subnet Mask Default Password DHCP Server IP Pool Static DHCP Addresses Dimensions Weight Power Specification Ethernet PHONE Ports LINE Port RESET Button Operation Temperature Storage Temperature Operation Humidity Storage Humidity...
Table 100 Firmware Specifications (continued) NAT/SUA Content Filtering Static Routes Voice Features Other Features Power Adaptor Specifications Table 101 ZyXEL Device Power Adaptor Specifications NORTH AMERICAN PLUG STANDARDS AC Power Adapter Model Input Power Output Power Appendix A Product Specifications P-2602R/RL-DxA Series User’s Guide Port Forwarding 512 NAT sessions per host...
Page 270
P-2602R/RL-DxA Series User’s Guide Table 101 ZyXEL Device Power Adaptor Specifications (continued) Power Consumption Safety Standards AC Power Adapter Model Input Power Output Power Power Consumption Safety Standards CHINA PLUG STANDARDS AC Power Adapter Model Input Power Output Power Power Consumption Safety Standards EUROPEAN PLUG STANDARDS AC Power Adapter Model...
This appendix tells you how to install a POTS splitter or a telephone microfilter. Connecting a POTS Splitter When you use the Full Rate (G.dmt) ADSL standard, you can use a POTS (Plain Old Telephone Service) splitter to separate the telephone and ADSL signals. This allows simultaneous Internet access and telephone service on the same line.
P-2602R/RL-DxA Series User’s Guide 1 Connect a phone cable from the wall jack to the single jack end of the Y- Connector. 2 Connect a cable from the double jack end of the Y-Connector to the “wall side” of the microfilter.
Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.
P-2602R/RL-DxA Series User’s Guide Figure 157 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add.
3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click 5 Restart your computer so the changes you made take effect. Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab.
P-2602R/RL-DxA Series User’s Guide Figure 159 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • • 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your ZyXEL Device and restart your computer when prompted.
Figure 160 Windows XP: Start Menu 2 For Windows XP, click Network Connections. For Windows 2000/NT, click Network and Dial-up Connections. Figure 161 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. Appendix C Setting up Your Computer’s IP Address P-2602R/RL-DxA Series User’s Guide...
P-2602R/RL-DxA Series User’s Guide Figure 162 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. Figure 163 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
• Figure 164 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
P-2602R/RL-DxA Series User’s Guide 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • • Figure 165 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click OK to close the Local Area Connection Properties window. 10Turn on your ZyXEL Device and restart your computer (if prompted).
Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. Figure 166 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Appendix C Setting up Your Computer’s IP Address P-2602R/RL-DxA Series User’s Guide...
P-2602R/RL-DxA Series User’s Guide Figure 167 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: • • • • 5 Close the TCP/IP Control Panel. 6 Click Save if prompted, to save changes to your configuration.
Figure 168 Macintosh OS X: Apple Menu 2 Click Network in the icon bar. • • • 3 For dynamically assigned settings, select Using DHCP from the Configure list. Figure 169 Macintosh OS X: Network 4 For statically assigned settings, do the following: •...
P-2602R/RL-DxA Series User’s Guide • 5 Click Apply Now and close the window. 6 Turn on your ZyXEL Device and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the Network window. Type the IP address of your ZyXEL Device in the Router address box.
IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1.
P-2602R/RL-DxA Series User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B”...
Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/”...
P-2602R/RL-DxA Series User’s Guide Note: In the following charts, shaded/bold last octet bit values indicate host ID bits “borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have on each subnet.
Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192.
P-2602R/RL-DxA Series User’s Guide Table 112 Subnet 4 IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.192 Broadcast Address: 192.168.1.255 Example Eight Subnets Similarly use a 27-bit mask to create 8 subnets (001, 010, 011, 100, 101, 110). The following table shows class C IP address last octet values for each subnet.
Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID. A class “B” address has two host ID octets available for subnetting and a class “A” address has three host ID octets (Table 102 on page The following table is a summary for class “B”...
Page 292
P-2602R/RL-DxA Series User’s Guide Appendix D IP Subnetting...
The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service. If this is TCP/UDP, then the service uses the same port number with TCP and UDP.
Page 294
P-2602R/RL-DxA Series User’s Guide Table 116 Examples of Services (continued) NAME HTTPS ICMP IGMP (MULTICAST) IMAP4 IMAP4S MSN Messenger NetBIOS NEW-ICQ NEWS NNTP PING POP3 POP3S PPTP PPTP_TUNNEL (GRE) RCMD PROTOCOL PORT(S) DESCRIPTION HTTPS is a secured http session often used in e-commerce.
Page 295
Table 116 Examples of Services (continued) NAME REAL_AUDIO REXEC RLOGIN ROADRUNNER RTELNET RTSP SFTP SMTP SMTPS SNMP SNMP-TRAPS SQL-NET SSDP STRM WORKS SYSLOG TACACS TELNET TFTP VDOLIVE Appendix E Services P-2602R/RL-DxA Series User’s Guide PROTOCOL PORT(S) DESCRIPTION 7070 A streaming audio service that enables real time sound over the web.
Page 296
P-2602R/RL-DxA Series User’s Guide Appendix E Services...
Sys Firewall Commands The following describes the firewall commands. See the Command Interpreter appendix for information on the command structure. these commands must be preceded by them. For example, type firewall. Table 117 Sys Firewall Command disp active disp clear pktdump dynamicrule...
Page 298
P-2602R/RL-DxA Series User’s Guide Appendix F Firewall Commands...
The Ideal Setup When the firewall is on, your ZyXEL Device acts as a secure gateway between your LAN and the Internet. In an ideal network topology, all incoming and outgoing network traffic passes through the ZyXEL Device to protect your LAN against attacks. Figure 170 Ideal Setup The “Triangle Route”...
P-2602R/RL-DxA Series User’s Guide Figure 171 “Triangle Route” Problem The “Triangle Route” Solutions This section presents you two solutions to the “triangle route” problem. IP Aliasing IP alias allows you to partition your network into logical sections over the same Ethernet interface.
Gateways on the WAN Side A second solution to the “triangle route” problem is to put all of your network gateways on the WAN side as the following figure shows. This ensures that all incoming network traffic passes through your ZyXEL Device to your LAN. Therefore your LAN is protected. Figure 173 Gateways on the WAN Side Appendix G Triangle Route P-2602R/RL-DxA Series User’s Guide...
Page 302
P-2602R/RL-DxA Series User’s Guide Appendix G Triangle Route...
This appendix provides descriptions of example log messages. Table 118 System Maintenance Logs LOG MESSAGE Time calibration is successful Time calibration failed WAN interface gets IP: %s DHCP client IP expired DHCP server assigns %s Successful WEB login WEB login failed Successful TELNET login TELNET login failed Successful FTP login...
P-2602R/RL-DxA Series User’s Guide Table 118 System Maintenance Logs (continued) LOG MESSAGE Successful HTTPS login HTTPS login failed Table 119 System Error Logs LOG MESSAGE %s exceeds the max. number of session per host! setNetBIOSFilter: calloc error readNetBIOSFilter: calloc error WAN connection is down.
Table 121 TCP Reset Logs LOG MESSAGE Under SYN flood attack, sent TCP RST Exceed TCP MAX incomplete, sent TCP RST Peer TCP state out of order, sent TCP RST Firewall session time out, sent TCP RST Exceed MAX incomplete, sent TCP RST Access block, sent TCP Table 122 Packet Filter Logs...
Table 129 802.1X Logs (continued) LOG MESSAGE No Server to authenticate user. Local User Database does not find user`s credential. Table 130 ACL Setting Notes PACKET DIRECTION (L to W) (W to L) (L to L/ZyXEL Device) (W to W/ZyXEL Device) Table 131 ICMP Notes TYPE...
Figure 175 Displaying Log Parameters Example ras> sys logs category access Usage: [0:none/1:log/2:alert/3:both] ras> 4 Use sys logs category record. Use 0 to not record logs for that category, 1 to record only logs for that category, 2 to record only alerts for that category, and 3 to record both logs and alerts for that category. Not every parameter is available with every category.
P-2602R/RL-DxA Series User’s Guide Log Command Example This example shows how to set the ZyXEL Device to record the access logs and alerts and then view the results. Figure 176 Log Command Example ras> sys logs load ras> sys logs category access 3 ras>...
The following describes how to use the command interpreter. Telnet to the ZyXEL Device and enter the password to use the commands. See the included disk or zyxel.com for more detailed information on these commands. Note: Use of undocumented commands or misconfiguration can damage the unit and possibly render it unusable.
Page 316
P-2602R/RL-DxA Series User’s Guide Appendix I Command Interpreter...
Internal SPTGEN Overview Internal SPTGEN (System Parameter Table Generator) is a configuration text file useful for efficient configuration of multiple ZyXEL Devices. Internal SPTGEN lets you configure, save and upload multiple menus at the same time using just one configuration text file – eliminating the need to navigate and configure individual screens for each ZyXEL Device.
P-2602R/RL-DxA Series User’s Guide Some parameters are dependent on others. For example, if you disable the Configured field in menu 1 (see Figure 177 on page If you enter a parameter that is invalid in the Input column, the ZyXEL Device will not save the configuration and the command line will display the Field Identification Number.
Figure 180 Internal SPTGEN FTP Download Example c:\ftp 192.168.1.1 220 PPP FTP version 1.0 ready at Sat Jan 1 03:22:12 2000 User (192.168.1.1:(none)): 331 Enter PASS command Password: 230 Logged in ftp>bin 200 Type I OK ftp> get rom-t ftp>bye c:\edit rom-t (edit the rom-t text file by a text editor and save it) Note: You can rename your “...
P-2602R/RL-DxA Series User’s Guide Table 139 Abbreviations Used in the Example Internal SPTGEN Screens Table ABBREVIATION MEANING Parameter Values Allowed INPUT An example of what you may enter Applies to the ZyXEL Device. The following are the Internal SPTGEN menus. Table 140 Menu 1 General Setup / Menu 1 General Setup 10000000 =...
Page 321
Table 141 Menu 3 30200001 = DHCP 30200002 = Client IP Pool Starting Address 30200003 = Size of Client IP Pool 30200004 = Primary DNS Server 30200005 = Secondary DNS Server 30200006 = Remote DHCP Server 30200008 = IP Address 30200009 = IP Subnet Mask 30200010 =...
Page 322
P-2602R/RL-DxA Series User’s Guide Table 141 Menu 3 30201008 = IP Alias #1 Incoming protocol filters Set 3 30201009 = IP Alias #1 Incoming protocol filters Set 4 30201010 = IP Alias #1 Outgoing protocol filters Set 1 30201011 = IP Alias #1 Outgoing protocol filters Set 2 30201012 =...
Table 142 Menu 4 Internet Access Setup (continued) 40000032= RIP Version 40000033= Nailed-up Connection Table 143 Menu 12 / Menu 12.1.1 IP Static Route Setup 120101001 = IP Static Route set #1, Name 120101002 = IP Static Route set #1, Active 120101003 = IP Static Route set #1, Destination IP address...
Page 326
P-2602R/RL-DxA Series User’s Guide Table 143 Menu 12 (continued) / Menu 12.1.4 IP Static Route Setup 120104001 = IP Static Route set #4, Name 120104002 = IP Static Route set #4, Active 120104003 = IP Static Route set #4, Destination IP address 120104004 = IP Static Route set #4, Destination...
Page 327
Table 143 Menu 12 (continued) 120107006 = IP Static Route set #7, Metric 120107007 = IP Static Route set #7, Private / Menu 12.1.8 IP Static Route Setup 120108001 = IP Static Route set #8, Name 120108002 = IP Static Route set #8, Active 120108003 = IP Static Route set #8, Destination IP address...
Page 328
P-2602R/RL-DxA Series User’s Guide Table 143 Menu 12 (continued) 120111004 = IP Static Route set #11, Destination IP subnetmask 120111005 = IP Static Route set #11, Gateway 120111006 = IP Static Route set #11, Metric 120111007 = IP Static Route set #11, Private */ Menu 12.1.12 IP Static Route Setup 120112001 = IP Static Route set #12, Name...
Table 143 Menu 12 (continued) 120115002 = IP Static Route set #15, Active 120115003 = IP Static Route set #15, Destination IP address 120115004 = IP Static Route set #15, Destination IP subnetmask 120115005 = IP Static Route set #15, Gateway 120115006 = IP Static Route set #15, Metric 120115007 =...
Page 330
P-2602R/RL-DxA Series User’s Guide Table 144 Menu 15 SUA Server Setup (continued) 150000014 = SUA Server #4 Port Start 150000015 = SUA Server #4 Port End 150000016 = SUA Server #4 Local IP address 150000017 = SUA Server #5 Active 150000018 = SUA Server #5 Protocol 150000019 =...
Table 144 Menu 15 SUA Server Setup (continued) 150000048 = SUA Server #11 Protocol 150000049 = SUA Server #11 Port Start 150000050 = SUA Server #11 Port End 150000051 = SUA Server #11 Local IP address 150000052 = SUA Server #12 Active 150000053 = SUA Server #12 Protocol 150000054 =...
Page 332
P-2602R/RL-DxA Series User’s Guide Table 145 Menu 21.1 Filter Set #1 (continued) / Menu 21.1.1.2 set #1, rule #2 210102001 = IP Filter Set 1,Rule 2 Type 210102002 = IP Filter Set 1,Rule 2 Active 210102003 = IP Filter Set 1,Rule 2 Protocol 210102004 = IP Filter Set 1,Rule 2 Dest IP address 210102005 =...
Page 333
Table 145 Menu 21.1 Filter Set #1 (continued) 210103013 = IP Filter Set 1,Rule 3 Act Match 210103014 = IP Filter Set 1,Rule 3 Act Not Match / Menu 21.1.1.4 set #1, rule #4 210104001 = IP Filter Set 1,Rule 4 Type 210104002 = IP Filter Set 1,Rule 4 Active 210104003 =...
P-2602R/RL-DxA Series User’s Guide Table 145 Menu 21.1 Filter Set #1 (continued) 210105009 = IP Filter Set 1,Rule 5 Src Subnet Mask 210105010 = IP Filter Set 1,Rule 5 Src Port 210105011 = IP Filter Set 1,Rule 5 Src Port Comp 210105013 = IP Filter Set 1,Rule 5 Act Match 210105014 =...
Page 335
Table 146 Menu 21.1 Filer Set #2, (continued) / Menu 21.1.2.1 Filter set #2, rule #1 210201001 = IP Filter Set 2, Rule 1 Type 210201002 = IP Filter Set 2, Rule 1 Active 210201003 = IP Filter Set 2, Rule 1 Protocol 210201004 = IP Filter Set 2, Rule 1 Dest IP address...
Page 336
P-2602R/RL-DxA Series User’s Guide Table 146 Menu 21.1 Filer Set #2, (continued) 210202009 = IP Filter Set 2, Rule 2 Src Subnet Mask 210202010 = IP Filter Set 2,Rule 2 Src Port 210202011 = IP Filter Set 2, Rule 2 Src Port Comp 210202013 = IP Filter Set 2, Rule 2 Act Match...
Page 337
Table 146 Menu 21.1 Filer Set #2, (continued) 210204002 = IP Filter Set 2, Rule 4 Active 210204003 = IP Filter Set 2, Rule 4 Protocol 210204004 = IP Filter Set 2, Rule 4 Dest IP address 210204005 = IP Filter Set 2, Rule 4 Dest Subnet Mask 210204006 = IP Filter Set 2, Rule 4 Dest Port...
Page 338
P-2602R/RL-DxA Series User’s Guide Table 146 Menu 21.1 Filer Set #2, (continued) 210205011 = IP Filter Set 2, Rule 5 Src Port Comp 210205013 = IP Filter Set 2, Rule 5 Act Match 210205014 = IP Filter Set 2, Rule 5 Act Not Match / Menu 21.1.2.6 Filter set #2, rule #6 210206001 =...
Table 147 Menu 23 System Menus */ Menu 23.1 System Password Setup 230000000 = System Password */ Menu 23.2 System security: radius server 230200001 = Authentication Server Configured 230200002 = Authentication Server Active 230200003 = Authentication Server IP Address 230200004 = Authentication Server Port 230200005 = Authentication Server Shared...
P-2602R/RL-DxA Series User’s Guide Table 147 Menu 23 System Menus (continued) 230400008 = WPA Mixed Mode 230400009 = Data Privacy for Broadcast/ Multicast packets 230400010 = WPA Broadcast/Multicast Key Update Timer Table 148 Menu 24.11 Remote Management Control / Menu 24.11 Remote Management Control 241100001 = TELNET Server Port 241100002 =...
AAL5 Address Assignment Address Resolution Protocol (ARP) ADSL Standards ADSL2 38, 117 Alternative Subnet Mask Notation Analysis-by-Synthesis Any IP How it works note Any IP Setup Application Layer Gateway 38, 117 Application-level Firewalls Asynchronous Transfer Mode ATM AAL5 ATM Adaptation Layer 5 (AAL5) ATM Adaptation Layer type 5 Attack Alert Attack Types...
Page 344
P-2602R/RL-DxA Series User’s Guide DHCP Server diagnostic Differentiated Services DiffServ DiffServ Code Point (DSCP) DiffServ Code Points DiffServ Marking Rule Disclaimer DNS (Domain Name System) Domain Name 97, 114, 223 Basics Types DoS (Denial of Service) DoS (Denial of Service), firewall DoS attacks, types of DS Field DSCPs...
Page 345
Half-Open Sessions Host Host IDs Housing HTTP 114, 151, 152 HTTP (Hypertext Transfer Protocol) HTTP, firewall Humidity IAD (Integrated Access Device) IANA IANA (Internet Assigned Number Authority) ICMP echo Icons Key IEEE 802.1Q VLAN IGMP IGMP Proxy IGMP v1 IGMP v2 Install UPnP Windows Me Windows XP...
Page 346
P-2602R/RL-DxA Series User’s Guide 97, 114, 115 Application Definitions How it works Mapping Types Server Mode What it does What NAT does NAT (Network Address Translation) 37, 109 NAT mode NAT Sessions NAT Traversal NetBIOS commands Network Management NNTP Notebook Computer One-Minute High Operation Humidity Operation Temperature...
Page 347
RFC 3261 RIP, See Routing Information Protocol Romfile Router Routing Information Protocol Direction Version RTCP RTP (Real Time Transport Protocol) Rules Checklist Key Fields LAN to WAN Logic Safety Warnings Saving the State Scheduler Seamless Rate Adaptation Security In General Security Ramifications Server 34, 226...
Page 348
P-2602R/RL-DxA Series User’s Guide TCP Maximum Incomplete 176, 177 TCP Security TCP/IP 151, 152 Teardrop Telephone Telnet Temperature Text File Format TFTP File Upload TFTP and FTP over WAN TFTP Restrictions 201, 236 Three-Way Conference 139, 140 Three-Way Handshake Threshold Values Traceroute Traffic Redirect 91, 92, 93, 94...