Prestige 2602HWNLI-D7A Support Notes
All contents copyright (c) 2007 ZyXEL Communications Corporation.
191
(e.g., www.zyxel.com.tw) for your server (e.g., Web server) from a DDNS server. The outside users can always
access the web server using the www.zyxel.com.tw regardless of the WAN IP of the 312.
When the ISP assigns the Prestige a new IP, the Prestige updates this IP to DDNS server so that the server can
update its IP-to-DNS entry. Once the IP-to-DNS table in the DDNS server is updated, the DNS name for your
web server (i.e., www.zyxel.com.tw) is still usable.
When do I need DDNS service?
When you want your internal server to be accessed by using DNS name rather than using the dynamic IP
address we can use the DDNS service. The DDNS server allows to alias a dynamic IP address to a static
hostname. Whenever the ISP assigns you a new IP, the Prestige sends this IP to the DDNS server for its
updates.
What DDNS servers does the Prestige support?
The DDNS servers the Prestige supports currently is WWW.DYNDNS.ORG where you apply the DNS from
and update the WAN IP to.
What is DDNS wildcard?
Some DDNS servers support the wildcard feature which allows the hostname, *.yourhost.dyndns.org, to be
aliased to the same IP address as yourhost.dyndns.org. This feature is useful when there are multiple servers
inside and you want users to be able to use things such as www.yourhost.dyndns.org and still reach your
hostname.
Does the Prestige support DDNS wildcard?
Yes, the Prestige supports DDNS wildcard that WWW.DynDNS.ORG supports. When using wildcard, you
simply enter yourhost.dyndns.org in the Host field in Menu 1.1.
Can the Prestige SUA handle IPsec packets sent by the VPN gateway behind Prestige?
Yes, the Prestige's SUA can handle IPsec ESP Tunneling mode. We know when packets go through SUA, SUA
will change the source IP address and source port for the host. To pass IPsec packets, SUA must understand the
ESP packet with protocol number 50, replace the source IP address of the IPsec gateway to the router's WAN IP
address. However, SUA should not change the source port of the UDP packets which are used for key
managements. Because the remote gateway checks this source port during connections, the port thus is not
allowed to be changed.