('binary' encoding is not supported, stored as-is) In-Reply-To: <20020617171357.GA728fast.net>

Dear Friends,

This is a ZyXEL technical support engineer. We got you report from our
custom.To avoid internal user to access Prestige, the administrator has to
add a extra filter rule to block destination IP= Prestige IP.

Assuem that Prestige LAN IP = 192.168.1.1 WAN IP = 200.1.1.1
The filter rule should be looked like this in Menu 21:

# A Type Filter Rules M m n

 - - ---- --------------------------------------------------------
  1 Y IP Pr=6, SA=0.0.0.0, DA=192.168.1.1, DP=21 N D N
  2 Y IP Pr=6, SA=0.0.0.0, DA=192.168.1.1, DP=23 N D N
  3 N IP Pr=6, SA=0.0.0.0, DA=200.1.1.1, DP=21 N D N
  4 N IP Pr=6, SA=0.0.0.0, DA=200.1.1.1, DP=23 N D F

Rule 1 and 2, block access to LAN IP.
Rule 3 and 4, block access to WAN IP.

And then apply this filter rule in Menu 3.1 Input Protocol Filter.

For our new model, such as P643 and P5650 series, there is a feature
named "Remote Management Control" in SMT Menu 24.11. Remote Management
Control is for telnet, web and ftp service in Prestige. You can customize
the service port, access interface and the secured client ip address to
enhance the security and flexibility. We have to say sorry that P642 will
not support this function due to lack of memory size.

                     Menu 24.11 - Remote Management Control

  TELNET Server:
     Server Port = 23 Server Access = Disable/ ALL/ LAN only/ WAN only
     Secured Client IP = 192.168.1.33

  FTP Server:
     Server Port = 21 Server Access = Disable
     Secured Client IP = 0.0.0.0

   Web Server:
     Server Port = 80 Server Access = LAN only
     Secured Client IP = 0.0.0.0

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]