speedguide.net
ZyXEL Prestige 310
Introduction Maybe you've had a broadband connection for a while, and want to expand, or maybe you're just getting set up. Either way, you may find yourself wanting to hook a couple of computers together
Features The Good Cable modems authenticate by a couple of different means. One of the more popular methods is to use the hardware address of a network card in your computer to identify the user to the network. This way, passwords don't have to be sent and the process appears to be transparent to the user. What the ZyXEL P310 can do, is grab this address from a computer, and then pass this ID to the network authenticator. There are other methods as well, and the ZyXEL does address those. It has support for hardware authentication, But wait, there's more. The ZyXEL has a very configurable on-board firewall. The firewall allows you to assign up to 12 rules per filter, and up to 6 filters, for a total of 72 rules. You can apply as many as 24 rules to a single port (i.e. port 80 or http access.) When you set up a filter, you are telling the router what to do with packets under what conditions. Sound complicated? It can be, and that's the major problem I see with this router, but I'll come back to that. The ability to customize is also this routers greatest strength. Within it's price class, it's very hard to name any other router that has all the potential of the P310. This is because the firewall will let you open ports individually, so that if you want to run a particular service, you can. You can also have the firewall deliberately stop all undesireable types of traffic along unusual or rarely used ports or to certain machines. The firewall will also let you open multiple public servers (known as DMZ servers), so that you could have your own email, web servers, databases or other publicly accessible servers (like a game server maybe?) all running across the router at the same time. Nice. The P310 will do your inside addressing for you, if you'd like. Dynamic Host Control Protocol, or DHCP, is the assignment of network addresses as needed. As devices come onto or leave the network, they're assigned an address from a pool of numbers. Should they leave the network for a The router also does Network Address Translation, or NAT. NAT, allows you to use private addresses inside of your network, and public addresses on the outside. This adds a layer of security, and standing alone or better yet combined with the built-in firewall, can prevent intrusions into your network. The P310 combines this with something ZyXEL calls SUA or "Single User Account". SUA, allows multiple inside addresses, to be mapped to one public address. It may sound complicated, but the bottom line is that you can use a bunch of computers inside your network, but they'll all be seen as coming from the one public address given to you by your xDSL or cable company. This even works across DHCP! The router will also let you group computers. This is called subnetting, and the router allows you to subnet into three groups, each consisting of up to 253 devices, for a total of 759 potential addresses/devices. You can use this in conjunction with the firewall to keep certain devices from ever talking to the internet, or each other if you'd like. You can do it by function, location, or department, it's entirely up to you. Thought we were done? Think again! One VERY cool feature of this router is that the P310 will let you run Dynamic DNS, which is a way of associating a domain name, like www.whatever.com, with a dynamically addressed system. A DDNS server will "hold" an ip number for whatever.com, and then authenticates you when you log on, and then re-routes all requests for whatever.com to your new dynamic address. If you go away and come back later with a different ID, you just re-authenticate, and requests are redirected to the new address. It's a slick idea, in that it lets folks with dynamic addresses do their own The router can be setup to interface with your office securely via PPTP. Point-To-Point Tunneling Protocol, is a way of setting up an *encrypted* link between you and another site. With PPTP, you can set up a Virtual Private Network, which would allow you to communicate directly with your office LAN, via the internet, very securely. At this point, it will only act as a PPTP VPN gateway with certain French xDSL devices, though it will pass PPTP traffic back and forth using any system. All these features combined could easily cost you upwards of a few thousand dollars on another router, and ZyXEL has done very well to pack so much, into such a small router. The Bad The ZyXEL P310 does have one bad side though, and it's not even really the fault In my case, I have a very basic setup, consisting of one machine connected to the router, and I use the hardware authentication described earlier. In order for me to get my setup working, it was necessary to: A) Unplug the cable modem power, Wait for it to all sync up, and voile', I'm back in business. It seems pretty straightforward, except that NO WHERE in the manual does it spell these steps out. You have to figure out not only the correct programming for your type of connection, but also the proper sequence of events to get it running correctly. This can be a huge drawback if you're not comfortable with experimenting and spending some time troubleshooting trying to find the correct path and sequence of events. You can avoid some of this, by doing pre-installation research and talking to your cable or xDSL company to see what kinds of settings you will need. This is not an intuitive setup though and trying to feel your way through will make for a very frustrating experience. Configuration Software I finally got the windows software loaded after I had upgraded the firmware for the router to the latest version, and downloaded the latest software. It's important to note that once you upgrade the router firmware, any configuration you may have is wiped out, so you'll need to write down all the settings you had and reconfigure the router. The windows software is nice looking graphically, but is rather basic, and really only covers simple setup and monitoring. Any real customizing currently has to be done through the serial interface. I sincerely hope they add the ability to configure the firewalls and other services through a graphic interface as soon as Support Issues ZyXEL tech support is decent, usually responding to emails the same or next business day. It took some searching through their support area, but I did finally find some sample firewall configurations to look at, and that made it easier to understand how the firewall setup occurs in the ZyXEL. I really wish they'd included this with the printed manual, and would really push for them to add it to any future releases of that manual. Without those kinds of instructions at hand, and information from your service provider about the type of connection and authentication they do, router setup can be a daunting task. I cannot really speak to speeds across the WAN port, primarily because I have a 1.5mbps cable connection so I'll never reach 10mbps or anything near it. I've not seen any noticeable slowdown in downloads or uploads as a result of the router now being between me and the my cable connection, and various bandwidth speed tests did not seem to suffer at all, so I feel confident I'm reaching at least 1.5mbps across the WAN. As to latency, the router seems to add between a 5-10ms delay, which is very little for the amount of work it's doing, and worth the extra security it adds. Interface
Final Thoughts: When looking at any router for purchase, you really need to look forward in order to be cost effective. You must not only consider what you're doing now, but what you would like to be doing in the future. To that end, even though it's configuration can be somewhat of a trial and error experience, and even though the documentation is not as thorough as I might like, the router has grown on me, and I've no problem in recommending the router to SOHO users, or to anyone who's looking for an expandable solution that allows them to run DMZ, e-commerce or web/game servers across a DHCP Dynamic Connection using DDNS. Best Wishes,
Copyright © 1998 - 2003 Speed Guide, Inc. All rights reserved. All trademarks and logos are © of their respective owners. |