ZyXEL Communications ZyWall ATP series User Manual page 709

Table 311 Configuration > System > WWW > Service Control (continued)
LABEL DESCRIPTION
Server Port The HTTPS server listens on port 443 by default. If you change the HTTPS server port to a
different number on the Zyxel Device, for example 8443, then you must notify people who
need to access the Zyxel Device Web Configurator to use "https://Zyxel Device IP
Address:8443" as the URL.
Authenticate Client Select Authenticate Client Certificates (optional) to require the SSL client to authenticate
Certificates itself to the Zyxel Device by sending the Zyxel Device a certificate. To do that the SSL client
must have a CA-signed certificate from a CA that has been imported as a trusted CA on
the Zyxel Device (see
Server Certificate Select a certificate the HTTPS server (the Zyxel Device) uses to authenticate itself to the
HTTPS client. You must have certificates already configured in the My Certificates screen.
Redirect HTTP to HTTPS To allow only secure Web Configurator access, select this to redirect all HTTP connection
requests to the HTTPS server.
Admin/User Service Admin Service Control specifies from which zones an administrator can use HTTPS to
Control manage the Zyxel Device (using the Web Configurator). You can also specify the IP
addresses from which the administrators can manage the Zyxel Device.
User Service Control specifies from which zones a user can use HTTPS to log into the Zyxel
Device (to log into SSL VPN for example). You can also specify the IP addresses from which
the users can access the Zyxel Device.
Add Click this to create a new entry. Select an entry and click Add to create a new entry after
the selected entry.
Edit Double-click an entry or select it and click Edit to be able to modify the entry's settings.
Remove To remove an entry, select it and click Remove. The Zyxel Device confirms you want to
remove it before doing so. Note that subsequent entries move up by one when you take
this action.
Move To change an entry's position in the numbered list, select the method and click Move to
display a field to type a number for where you want to put it and press [ENTER] to move
the rule to the number that you typed.
# This is the index number of the service control rule.
The entry with a hyphen (-) instead of a number is the Zyxel Device's (non-configurable)
default policy. The Zyxel Device applies this to traffic that does not match any other
configured rule. It is not an editable rule. To apply other behavior, configure a rule that
traffic will match so the Zyxel Device will not have to use the default policy.
Zone This is the zone on the Zyxel Device the user is allowed or denied to access.
Address This is the object name of the IP address(es) with which the computer is allowed or denied
to access.
Action This displays whether the computer with the IP address specified above can access the
Zyxel Device zone(s) configured in the Zone field (Accept) or not (Deny).
HTTP
Enable Select the check box to allow or disallow the computer with the IP address that matches
the IP address(es) in the Service Control table to access the Zyxel Device Web
Configurator using HTTP connections.
Server Port You may change the server port number for a service if needed, however you must use
the same port number in order to use that service to access the Zyxel Device.
Admin/User Service Admin Service Control specifies from which zones an administrator can use HTTP to
Control manage the Zyxel Device (using the Web Configurator). You can also specify the IP
addresses from which the administrators can manage the Zyxel Device.
User Service Control specifies from which zones a user can use HTTP to log into the Zyxel
Device (to log into SSL VPN for example). You can also specify the IP addresses from which
the users can access the Zyxel Device.
Add Click this to create a new entry. Select an entry and click Add to create a new entry after
the selected entry.
Chapter 37 System
Section 37.7.7.5 on page 718
ZyWALL ATP Series User's Guide
709
on importing certificates for details).