('binary' encoding is not supported, stored as-is) In-Reply-To: <20020617171357.GA728at_private> Dear Friends, This is a ZyXEL technical support engineer. We got you report from our custom.To avoid internal user to access Prestige, the administrator has to add a extra filter rule to block destination IP= Prestige IP. Assuem that Prestige LAN IP = 192.168.1.1 WAN IP = 200.1.1.1 The filter rule should be looked like this in Menu 21: # A Type Filter Rules M m n - - ---- -------------------------------------------------------- 1 Y IP Pr=6, SA=0.0.0.0, DA=192.168.1.1, DP=21 N D N 2 Y IP Pr=6, SA=0.0.0.0, DA=192.168.1.1, DP=23 N D N 3 N IP Pr=6, SA=0.0.0.0, DA=200.1.1.1, DP=21 N D N 4 N IP Pr=6, SA=0.0.0.0, DA=200.1.1.1, DP=23 N D F Rule 1 and 2, block access to LAN IP. Rule 3 and 4, block access to WAN IP. And then apply this filter rule in Menu 3.1 Input Protocol Filter. For our new model, such as P643 and P5650 series, there is a feature named "Remote Management Control" in SMT Menu 24.11. Remote Management Control is for telnet, web and ftp service in Prestige. You can customize the service port, access interface and the secured client ip address to enhance the security and flexibility. We have to say sorry that P642 will not support this function due to lack of memory size. Menu 24.11 - Remote Management Control TELNET Server: Server Port = 23 Server Access = Disable/ ALL/ LAN only/ WAN only Secured Client IP = 192.168.1.33 FTP Server: Server Port = 21 Server Access = Disable Secured Client IP = 0.0.0.0 Web Server: Server Port = 80 Server Access = LAN only Secured Client IP = 0.0.0.0
This archive was generated by hypermail 2b30 : Tue Jun 25 2002 - 06:16:33 PDT