Remote Management Limitations; System Timeout; Www (Http And Https) - ZyXEL Communications ZYWALL 2 PLUS User Manual

Chapter 21 Remote Management
3 Telnet
4 HTTPS and HTTP

21.1.1 Remote Management Limitations

Remote management does not work when:
1 You have not enabled that service on the interface in the corresponding remote
management screen.
2 You have disabled that service in one of the remote management screens.
3 The IP address in the Secure Client IP Address field does not match the client IP
address. If it does not match, the ZyWALL will disconnect the session immediately.
4 There is already another remote management session with an equal or higher priority
running. You may only have one remote management session running at one time.
5 There is a firewall rule that blocks it.
6 A filter is applied (through the SMT or the commands) to block a Telnet, FTP or Web
service.

21.1.2 System Timeout

There is a default system management idle timeout of five minutes (three hundred seconds).
The ZyWALL automatically logs you out if the management session remains idle for longer
than this timeout period. The management session does not time out when a statistics screen is
polling. You can change the timeout period in the MAINTENANCE > General screen.

21.2 WWW (HTTP and HTTPS)

You can set the ZyWALL to use HTTP or HTTPS (HTTPS adds security) for web
configurator sessions. Specify which interfaces allow web configurator access and from which
IP address the access can come.
HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web
protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application-
level protocol that enables secure transactions of data by ensuring confidentiality (an
unauthorized party cannot read the transferred data), authentication (one party can identify the
other party) and data integrity (you know if data has been changed).
It relies upon certificates, public keys, and private keys (see
information).
HTTPS on the ZyWALL is used so that you may securely access the ZyWALL using the web
configurator. The SSL protocol specifies that the SSL server (the ZyWALL) must always
authenticate itself to the SSL client (the computer which requests the HTTPS connection with
the ZyWALL), whereas the SSL client only should authenticate itself when the SSL server
requires it to do so (select Authenticate Client Certificates in the REMOTE MGMT >
WWW screen). Authenticate Client Certificates is optional and if selected means the SSL-
client must send the ZyWALL a certificate. You must apply for a certificate for the browser
from a CA that is a trusted CA on the ZyWALL.
Please refer to the following figure.
356
Chapter 15 on page 275 for more
ZyWALL 2 Plus User's Guide