Filter
Top Products
Prestige 2602H-6xC Support Notes
All contents copyright (c) 2005 ZyXEL Communications Corporation.
132
If the VPN connection is initiated from the security gateway behind Prestige, no configuration is
necessary for NAT nor Firewall.
If the VPN connection is initiated from the security gateway outside of Prestige, NAT port forwarding
and Firewall forwarding are necessary.
To configure NAT port forwarding, please go to WEB interface, Setup/ "SUA/NAT", put the secure
gateway's IP address in default server.
To configure Firewall forwarding, please go to WEB interface, Setup/Firewall, select Packet Direction to
WAN to LAN, and create a firewall rule the forwards IKE(UDP:500).
Can Prestige behave as a NAT router supporting IPSec passthrough and an IPSec
gateway simultaneously?
No, Prestige can't support them simultaneously. You need to choose either one. If Prestige is to support IPSec
passthrough, you have to disable the VPN function on Prestige. To disable it, you can either deactivate each
VPN rule or issue a CI command, "ipsec switch off" from SMT menu 24.8. You can get into SMT menu via
either telnet or console connection.
Trouble Shooting
For general device installation or basic trouble shooting please refer to the device user’s guide
Using Embedded Packet Trace
Embedded Packet Trace
The Prestige packet trace records and analyzes packets running on LAN and WAN interfaces. It is designed for
users with technical backgrounds who are interested in the details of the packet flow on LAN or WAN end of
Prestige. It is also very helpful for diagnostics if you have compatibility problems with your ISP or if you want
to know the details of a packet for configuring a filter rule.
The format of the display is as following:
Packet: