Configuration

  1. How do I configure the firewall?
  2. How do I prevent others from configuring my firewall?
  3. Can I use a browser to configure my Prestige?
  4. Why can't I configure my router using Telnet over WAN?
  5. Why can't I upload the firmware and configuration file using FTP over WAN?
  6. Why can't I configure my router using Telnet over LAN?
  7. Why can't I upload the firmware and configuration file using FTP over LAN?

1. How do I configure the firewall?

Prestige supports a embedded web server so that you can use the web brower to configure it from any OS platform.

2. How do I prevent others from configuring my firewall?

There are several ways to protect others from touching the settings of your firewall.

  1. Change the default password since it is required when setting up the firewall using Telnet, Console or Web browser.
  2. Limit who can Telnet to your router. You can enter the IP address of the secured LAN host in SMT Menu 24.11 to allow Telnet to your Prestige. The default value in this field is 0.0.0.0, which means you do not care which host is trying to Telnet your Prestige.

3. Can I use a browser to configure my Prestige?

Yes, you can use a web browser to configure the Prestige.

4. Why can't I configure my router using Telnet over WAN?

There are three reasons that Telnet from WAN is blocked.

  1. When the firewall is turned on, all connections from WAN to LAN are blocked by the default ACL rule. To enable Telnet from WAN, you must turn the firewall off (Menu 21.2) or create a firewall rule to allow Telnet connection from WAN. The WAN-to-LAN ACL summary will look like as shown below.

Source IP= Telnet host
Destination IP= router' WAN IP
Service= TCP/23
Action=Forward

  1. You have disabled Telnet service in Menu 24.11.
  2. Telnet service is enabled but your host IP is not the secured host entered in Menu 24.11. In this case, the error message 'Client IP is not allowed!' is appeared on the Telnet screen.
  3. The default filter rule 3 (Telnet_FTP_WAN) is applied in the Input Protocol field in menu 11.5.
  4. The console port is in use.

5. Why can't I upload the firmware and configuration file using FTP over WAN?

  1. When the firewall is turned on, all connections from WAN to LAN are blocked by the default ACL rule. To enable FTP from WAN, you must turn the firewall off (Menu 21.2) or create a firewall rule to allow FTP connection from WAN. The WAN-to-LAN ACL summary will look like as shown below.

Source IP= FTP host
Destination IP= Prestige's WAN IP
Service= FTP TCP/21, TCP/20
Action=Forward

  1. You have disabled FTP service in Menu 24.11.
  2. The default filter rule 3 (Telnet_FTP_WAN) is applied in the Input Protocol field in menu 11.5.

6. Why can't I configure my router using Telnet over LAN?

  1. You have disabled Telnet service in Menu 24.11.
  2. Telnet service is enabled but your host IP is not the secured host entered in Menu 24.11. In this case, the error message 'Client IP is not allowed!' is appeared on the Telnet screen.
  3. The default filter rule 3 (Telnet_FTP_LAN) is applied in the Input Protocol field in menu 3.1.
  4. The console port is in use.

7. Why can't I upload the firmware and configuration file using FTP over LAN?

  1. 1. You have disabled FTP service in Menu 24.11.
  2. The default filter rule 3 (Telnet_FTP_LAN) is applied in the Input Protocol field in menu 3.1.

¡@


All contents copyright (c) 2000 ZyXEL Communications Corporation