Sign In
Upload
Manuals
Brands
ZyXEL Communications Manuals
Gateway
5 Series
ZyXEL Communications 5 Series Manuals
Manuals and User Guides for ZyXEL Communications 5 Series. We have
1
ZyXEL Communications 5 Series manual available for free PDF download: User Manual
ZyXEL Communications 5 Series User Manual (824 pages)
Internet Security Appliance
Brand:
ZyXEL Communications
| Category:
Gateway
| Size: 16.15 MB
Table of Contents
About this User's Guide
3
Document Conventions
4
Safety Warnings
6
Contents Overview
9
Table of Contents
9
Table of Contents
11
List of Figures
29
List of Tables
41
Introduction
49
PART I Introduction
49
Chapter 1 Getting to Know Your Zywall
51
Zywall Internet Security Appliance Overview
51
Zywall Features
51
Applications for the Zywall
52
Secure Broadband Internet Access Via Cable or DSL Modem
52
Figure 1 Secure Internet Access Via Cable, DSL or Wireless Modem
52
Table 1 Zywall Model Specific Features
52
VPN Application
53
WAN Application (Zywall 5 Only)
53
Figure 2 VPN Application
53
Figure 3 3G WAN Application
53
Ways to Manage the Zywall
54
Good Habits for Managing the Zywall
54
Chapter 2 Hardware Installation
55
General Installation Instructions
55
Desktop Installation
55
Rack-Mounted Installation Requirements
56
Figure 4 Attaching Rubber Feet
56
Rack-Mounted Installation
57
Figure 5 Attaching Mounting Brackets and Screws
57
Figure 6 Rack Mounting
57
Card, WLAN Card and Zywall Turbo Card Installation
58
Figure 7 WLAN Card Installation
58
Front Panel Lights
59
Figure 8 Zywall 70 Front Panel
59
Figure 9 Zywall 35 Front Panel
59
Figure 10 Zywall 5 Front Panel
59
Table 2 Front Panel Lights
59
Chapter 3 Introducing the Web Configurator
61
Web Configurator Overview
61
Accessing the Zywall Web Configurator
61
Figure 11 Change Password Screen
62
Figure 12 Replace Certificate Screen
62
Resetting the Zywall
63
Procedure to Use the Reset Button
63
Uploading a Configuration File Via Console Port
63
Figure 13 Example Xmodem Upload
63
Navigating the Zywall Web Configurator
64
Title Bar
64
Figure 14 HOME Screen
64
Table 3 Title Bar: Web Configurator Icons
64
Main Window
65
HOME Screen: Router Mode
65
Figure 15 Web Configurator HOME Screen in Router Mode (Zywall 5)
65
Table 4 Web Configurator HOME Screen in Router Mode
65
HOME Screen: Bridge Mode
71
Figure 16 Web Configurator HOME Screen in Bridge Mode
71
Table 5 Web Configurator HOME Screen in Bridge Mode
71
Navigation Panel
74
Table 6 Bridge and Router Mode Features Comparison
74
Table 7 Screens Summary
75
Port Statistics
80
Figure 17 HOME > Port Statistics
80
Table 8 HOME > Port Statistics
80
Show Statistics: Line Chart
81
Figure 18 HOME > Show Statistics > Line Chart
81
DHCP Table
82
Figure 19 HOME > Show DHCP Table
82
Table 9 HOME > Show Statistics > Line Chart
82
Table 10 HOME > Show DHCP Table
82
VPN Status
83
Figure 20 HOME > VPN Status
83
Table 11 HOME > VPN Status
83
Bandwidth Monitor
84
Figure 21 Home > Bandwidth Monitor
84
Table 12 ADVANCED > BW MGMT > Monitor
84
Wizard Setup
87
Chapter 4 Wizard Setup
87
Wizard Setup Overview
87
Figure 22 Wizard Setup Welcome
87
Internet Access
88
ISP Parameters
88
Figure 23 ISP Parameters: Ethernet Encapsulation
88
Table 13 ISP Parameters: Ethernet Encapsulation
88
Figure 24 ISP Parameters: Pppoe Encapsulation
89
Table 14 ISP Parameters: Pppoe Encapsulation
90
Figure 25 ISP Parameters: PPTP Encapsulation
91
Table 15 ISP Parameters: PPTP Encapsulation
91
Internet Access Wizard: Second Screen
92
Figure 26 Internet Access Wizard: Second Screen
92
Internet Access Wizard: Registration
93
Figure 27 Internet Access Setup Complete
93
Figure 28 Internet Access Wizard: Registration
93
Internet Access Wizard: Status
94
Figure 29 Internet Access Wizard: Registration in Progress
94
Table 16 Internet Access Wizard: Registration
94
Internet Access Wizard: Service Activation
95
Figure 30 Internet Access Wizard: Status
95
Figure 31 Internet Access Wizard: Registration Failed
95
Figure 32 Internet Access Wizard: Registered Device
95
VPN Wizard Gateway Setting
96
Figure 33 Internet Access Wizard: Activated Services
96
Figure 34 VPN Wizard: Gateway Setting
96
Table 17 VPN Wizard: Gateway Setting
96
VPN Wizard Network Setting
97
Figure 35 VPN Wizard: Network Setting
98
Table 18 VPN Wizard: Network Setting
98
VPN Wizard IKE Tunnel Setting (IKE Phase 1)
99
Figure 36 VPN Wizard: IKE Tunnel Setting
99
VPN Wizard Ipsec Setting (IKE Phase 2)
100
Table 19 VPN Wizard: IKE Tunnel Setting
100
Figure 37 VPN Wizard: Ipsec Setting
101
Table 20 VPN Wizard: Ipsec Setting
101
VPN Wizard Status Summary
102
Figure 38 VPN Wizard: VPN Status
102
Table 21 VPN Wizard: VPN Status
103
VPN Wizard Setup Complete
104
Anti-Spam Wizard: Email Server Location Setting
104
Figure 39 VPN Wizard Setup Complete
104
Anti-Spam Wizard: Direction Recommendations
105
Figure 40 Anti-Spam Wizard: Email Server Location Setting
105
Table 22 Anti-Spam Wizard: Email Server Location Setting
105
Anti-Spam Wizard: Direction Configuration
106
Figure 41 Anti-Spam Wizard: Direction Recommendations
106
Figure 42 Anti-Spam Wizard: Direction Configuration
107
Table 23 Anti-Spam Wizard: Direction Configuration
107
Anti-Spam Wizard: Setup Complete
108
Figure 43 Anti-Spam Wizard: Setup Complete
108
Chapter 5 Tutorials
109
Dynamic VPN Rule Configuration
109
Figure 44 Dynamic VPN Rule Example
109
Table 24 Dynamic VPN Rule Tutorial Settings
109
Configure Bob's User Account
110
VPN Gateway and Network Policy Configuration
110
Figure 45 VPN Gateway Policy Edit Screens
112
Figure 46 SECURITY > VPN > Add Network Policy (Zywall A)
113
Figure 47 VPN Network Policy Edit Screens
114
Figure 48 Activate VPN Rule (Zywall B)
115
Configure Zero Configuration Mode on Zywall B
116
Figure 49 Tutorial: VPN Summary Screens Comparison Example
116
Figure 50 Check the Telecommuter's Computer IP Address
117
Testing Your VPN Configuration
117
Figure 51 Telecommuter Pinging a Network X IP Address Example
118
Using the Dynamic VPN Rule for more VPN Tunnels
119
Security Settings for VPN Traffic
119
Figure 52 Additional Dynamic VPN Rules Example
119
Figure 53 IDP for from VPN Traffic
120
IDP for from VPN Traffic Example
120
Figure 54 IDP Configuration for Traffic from VPN
121
Figure 55 IDP for to VPN Traffic
121
IDP for to VPN Traffic Example
121
Firewall Rule for VPN Example
122
Figure 56 IDP Configuration for to VPN Traffic
122
Configuring the VPN Rule
123
Figure 57 Firewall Rule for VPN
123
Figure 58 SECURITY > VPN > VPN Rules (IKE)
123
Figure 59 SECURITY > VPN > VPN Rules (IKE)> Add Gateway Policy
124
Figure 60 SECURITY > VPN > VPN Rules (IKE): with Gateway Policy Example
125
Figure 61 SECURITY > VPN > VPN Rules (IKE)> Add Network Policy
126
Configuring the Firewall Rules
127
Figure 62 SECURITY > FIREWALL > Rule Summary
127
Figure 63 SECURITY > FIREWALL > Rule Summary > Edit: Allow
128
Figure 64 SECURITY > FIREWALL > Rule Summary: Allow
129
How to Set up a 3G WAN Connection
130
Inserting a 3G Card
130
Figure 65 SECURITY > FIREWALL > Default Rule: Block from VPN to LAN
130
Configuring 3G WAN Settings
131
Figure 66 Tutorial: NETWORK > WAN > 3G (WAN2)
131
Checking WAN Connections
132
Configuring Load Balancing
132
Figure 67 Tutorial: Home
132
Configuring Content Filtering
133
Enable Content Filtering
133
Figure 68 Tutorial: NETWORK > WAN > General
133
Block Categories of Web Content
134
Figure 69 SECURITY > CONTENT FILTER > General
134
Figure 70 SECURITY > CONTENT FILTER > Policy
135
Figure 71 SECURITY > CONTENT FILTER > Policy > External Database (Default)
135
Assign Bob's Computer a Specific IP Address
136
Create a Content Filter Policy for Bob
136
Figure 72 HOME > Show DHCP Table
136
Figure 73 SECURITY > CONTENT FILTER > Policy
136
Set the Content Filter Schedule
137
Figure 74 SECURITY > CONTENT FILTER > Policy > Insert
137
Figure 75 SECURITY > CONTENT FILTER > Policy
137
Block Categories of Web Content for Bob
138
Figure 76 SECURITY > CONTENT FILTER > Policy > Schedule (Bob)
138
Figure 77 SECURITY > CONTENT FILTER > Policy
138
Figure 78 SECURITY > CONTENT FILTER > Policy > External Database (Bob)
139
Chapter 6 Registration Screens
141
Overview
141
What You Can Do in the Registration Screens
141
What You Need to Know about Registration
141
The Registration Screen
142
Figure 79 REGISTRATION > Registration
143
Table 25 REGISTRATION > Registration
143
The Service Screen
144
Figure 80 REGISTRATION > Registration: Registered Device
144
Figure 81 REGISTRATION > Service
145
Table 26 REGISTRATION > Service
145
Network
147
Part II: Network
147
LAN Screens
149
Chapter 7 LAN Screens
149
Overview
149
What You Can Do in the LAN Screens
149
Figure 82 LAN and WAN
149
What You Need to Know about LAN
150
The LAN Screen
152
Figure 83 NETWORK > LAN
153
Table 27 NETWORK > LAN
153
The LAN Static DHCP Screen
155
The LAN IP Alias Screen
156
Figure 84 NETWORK > LAN > Static DHCP
156
Table 28 NETWORK > LAN > Static DHCP
156
Figure 85 Physical Network & Partitioned Logical Networks
157
Figure 86 NETWORK > LAN > IP Alias
157
The LAN Port Roles Screen
158
Table 29 NETWORK > LAN > IP Alias
158
Figure 87 NETWORK > LAN > Port Roles
159
Figure 88 Port Roles Change Complete
159
Table 30 NETWORK > LAN > Port Roles
159
Bridge Screens
161
Chapter 8 Bridge Screens
161
Overview
161
What You Can Do in the Bridge Screens
161
Figure 89 Bridge Mode
161
Figure 90 Router Mode
161
What You Need to Know about Bridging
162
Figure 91 Bridge Loop: Bridge Connected to Wired LAN
162
The Bridge Screen
163
Figure 92 NETWORK > Bridge
163
Table 31 NETWORK > Bridge
163
The Bridge Port Roles Screen
164
Figure 93 NETWORK > Bridge > Port Roles
165
Figure 94 Port Roles Change Complete
165
Table 32 NETWORK > Bridge > Port Roles
165
Bridge Technical Reference
166
Table 33 STP Path Costs
166
Table 34 STP Port States
167
WAN Screens
169
Chapter 9 WAN Screens
169
Overview
169
Figure 95 LAN and WAN (Multiple)
169
Figure 96 LAN and WAN (Multiple)
169
What You Can Do in the WAN Screens
170
What You Need to Know about WAN
170
Before You Begin
172
The General Screen
172
Configuring the General Screen
173
Figure 97 Incorrect WAN IP
173
Figure 98 NETWORK > WAN > General
174
Table 35 NETWORK > WAN > General
175
Configuring Load Balancing
177
Least Load First
177
Figure 99 Least Load First Example
177
Figure 100 Load Balancing: Least Load First
178
Table 36 Least Load First: Example 1
178
Table 37 Least Load First: Example 2
178
Weighted Round Robin
179
Table 38 Load Balancing: Least Load First
179
Spillover
180
Figure 101 Weighted Round Robin Algorithm Example
180
Figure 102 Load Balancing: Weighted Round Robin
180
Table 39 Load Balancing: Weighted Round Robin
180
Figure 103 Spillover Algorithm Example
181
Figure 104 Load Balancing: Spillover
181
Table 40 Load Balancing: Spillover
181
The WAN1 and WAN2 Screen
182
Table 41 Private IP Address Ranges
182
WAN Ethernet Encapsulation
183
Figure 105 NETWORK > WAN > WAN (Ethernet Encapsulation)
184
Table 42 NETWORK > WAN > WAN (Ethernet Encapsulation)
184
Pppoe Encapsulation
186
Figure 106 NETWORK > WAN > WAN (Pppoe Encapsulation)
187
Table 43 NETWORK > WAN > WAN (Pppoe Encapsulation)
187
PPTP Encapsulation
189
Figure 107 NETWORK > WAN > WAN (PPTP Encapsulation)
190
Table 44 NETWORK > WAN > WAN (PPTP Encapsulation)
190
The 3G (WAN2) Screen
192
Figure 108 NETWORK > WAN > 3G (WAN 2)
194
Table 45 NETWORK > WAN > 3G (WAN 2)
194
The Traffic Redirect Screen
197
Figure 109 Traffic Redirect WAN Setup
197
Configuring the Traffic Redirect Screen
198
Figure 110 Traffic Redirect LAN Setup
198
Figure 111 NETWORK > WAN > Traffic Redirect
198
Table 46 NETWORK > WAN > Traffic Redirect
198
The Dial Backup Screen
199
Figure 112 NETWORK > WAN > Dial Backup
199
Table 47 NETWORK > WAN > Dial Backup
200
The Advanced Modem Setup Screen
201
Configuring the Advanced Modem Setup Screen
202
Figure 113 NETWORK > WAN > Dial Backup > Edit
203
Table 48 NETWORK > WAN > Dial Backup > Edit
203
WAN Technical Reference
204
Table 49 2G, 2.5G, 2.75G, 3G and 3.5G Wireless Technologies
204
DMZ Screens
207
Chapter 10 DMZ Screens
207
Overview
207
What You Can Do in the DMZ Screens
207
Figure 114 DMZ Overview
207
What You Need to Know about DMZ
208
DMZ Public IP Address Example
208
DMZ Private and Public IP Address Example
209
Figure 115 DMZ Public Address Example
209
The DMZ Screen
210
Figure 116 DMZ Private and Public Address Example
210
Figure 117 NETWORK > DMZ
211
Table 50 NETWORK > DMZ
211
The Static DHCP Screen
213
The IP Alias Screen
214
Figure 118 NETWORK > DMZ > Static DHCP
214
Table 51 NETWORK > DMZ > Static DHCP
214
Figure 119 NETWORK > DMZ > IP Alias
215
Table 52 NETWORK > DMZ > IP Alias
215
The DMZ Port Roles Screen
216
Figure 120 NETWORK > DMZ > Port Roles
216
Table 53 NETWORK > DMZ > Port Roles
216
WLAN Screens
219
Chapter 11 WLAN Screens
219
Overview
219
What You Can Do in the WLAN Screens
219
Figure 121 WLAN Overview
219
What You Need to Know about WLAN
220
The WLAN Screen
220
Figure 122 NETWORK > WLAN
221
Table 54 NETWORK > WLAN
221
WLAN Static DHCP
223
WLAN IP Alias
224
Figure 123 NETWORK > WLAN > Static DHCP
224
Table 55 NETWORK > WLAN > Static DHCP
224
Figure 124 NETWORK > WLAN > IP Alias
225
Table 56 NETWORK > WLAN > IP Alias
225
WLAN Port Roles
226
Figure 125 WLAN Port Role Example
226
Figure 126 NETWORK > WLAN > Port Roles
227
Figure 127 NETWORK > WLAN > Port Roles: Change Complete
227
Table 57 NETWORK > WLAN > Port Roles
227
Chapter 12 Wireless Screens
229
Overview
229
What You Can Do in the Wireless Screens
229
What You Need to Know
229
Figure 128 WLAN Overview
229
Figure 129 Zywall Wireless Security Levels
230
Wireless Card
232
Figure 130 WIRELESS > Wi-Fi > Wireless Card: no Security
232
Table 58 WIRELESS > Wi-Fi > Wireless Card: no Security
233
Static WEP
234
Figure 131 WIRELESS > Wi-Fi > Wireless Card: Static WEP
235
Table 59 WIRELESS > Wi-Fi > Wireless Card: Static WEP
235
Wpa-Psk
235
Figure 132 WIRELESS > Wi-Fi > Wireless Card: WPA-PSK
236
Table 60 WIRELESS > Wi-Fi > Wireless Card: WPA-PSK
236
Figure 133 WIRELESS > Wi-Fi > Wireless Card: WPA
237
Table 61 WIRELESS > Wi-Fi > Wireless Card: WPA
237
Wpa
237
Figure 134 WIRELESS > Wi-Fi > Wireless Card: 802.1X + Dynamic WEP
238
IEEE 802.1X + Dynamic WEP
238
Table 62 WIRELESS > Wi-Fi > Wireless Card: 802.1X + Dynamic WEP
238
Figure 135 WIRELESS > Wi-Fi > Wireless Card: 802.1X + Static WEP
239
IEEE 802.1X + Static WEP
239
Table 63 WIRELESS > Wi-Fi > Wireless Card: 802.1X + Static WEP
239
IEEE 802.1X + no WEP
240
Figure 136 WIRELESS > Wi-Fi > Wireless Card: 802.1X + no WEP
241
No Access 802.1X + Static WEP
241
Table 64 WIRELESS > Wi-Fi > Wireless Card: 802.1X + no WEP
241
Figure 137 WIRELESS > Wi-Fi > Wireless Card: no Access 802.1X + Static WEP
242
No Access 802.1X + no WEP
242
Table 65 WIRELESS > Wi-Fi > Wireless Card: no Access 802.1X + Static WEP
242
MAC Filter
243
Figure 138 WIRELESS > Wi-Fi > MAC Filter
243
Table 66 WIRELESS > Wi-Fi > MAC Filter
243
Technical Reference
244
Figure 139 EAP Authentication
245
Figure 140 WPA-PSK Authentication
246
Figure 141 WPA with RADIUS Application Example
247
Security
249
Part III: Security
249
Firewall Screens
251
Chapter 13 Firewall Screens
251
Overview
251
Figure 142 Default Firewall Action
251
Before You Begin
252
What You Can Do Using the Firewall Screens
252
What You Need to Know about the Zywall Firewall
252
Firewall Rules Example
252
Figure 143 Blocking All LAN to WAN IRC Traffic Example
253
Table 67 Blocking All LAN to WAN IRC Traffic Example
253
The Firewall Default Rule Screen
254
Figure 144 Limited LAN to WAN IRC Traffic Example
254
Table 68 Limited LAN to WAN IRC Traffic Example
254
Figure 145 SECURITY > FIREWALL > Default Rule (Router Mode)
255
Table 69 SECURITY > FIREWALL > Default Rule (Router Mode)
255
The Firewall Default Rule (Bridge Mode) Screen
256
Figure 146 SECURITY > FIREWALL > Default Rule (Bridge Mode)
257
Table 70 SECURITY > FIREWALL > Default Rule (Bridge Mode)
257
The Firewall Rule Summary Screen
259
Figure 147 SECURITY > FIREWALL > Rule Summary
259
Table 71 SECURITY > FIREWALL > Rule Summary
259
The Firewall Edit Rule Screen
260
Figure 148 SECURITY > FIREWALL > Rule Summary > Edit
261
Table 72 SECURITY > FIREWALL > Rule Summary > Edit
262
The Anti-Probing Screen
263
Figure 149 SECURITY > FIREWALL > Anti-Probing
263
The Firewall Thresholds Screen
264
Figure 150 SECURITY > FIREWALL > Threshold
264
Table 73 SECURITY > FIREWALL > Anti-Probing
264
Table 74 SECURITY > FIREWALL > Threshold
265
The Firewall Services Screen
266
Figure 151 SECURITY > FIREWALL > Service
266
Table 75 SECURITY > FIREWALL > Service
266
Figure 152 SECURITY > FIREWALL > Service > Add
267
Table 76 SECURITY > FIREWALL > Service > Add
267
The Firewall Edit Custom Service Screen
267
Figure 153 My Service Firewall Rule Example: Service
268
Figure 154 My Service Firewall Rule Example: Edit Custom Service
268
My Service Firewall Rule Example
268
Figure 155 My Service Firewall Rule Example: Rule Summary
269
Figure 156 My Service Firewall Rule Example: Rule Edit
269
Figure 157 My Service Firewall Rule Example: Rule Configuration
270
Technical Reference
271
Figure 158 My Service Firewall Rule Example: Rule Summary
271
Figure 159 from LAN to VPN Example
273
Figure 160 from VPN to LAN Example
273
Figure 161 from VPN to VPN Example
274
Figure 162 Using IP Alias to Solve the Triangle Route Problem
275
Figure 163 Three-Way Handshake
275
Security Considerations
276
Chapter 14 Intrusion Detection and Prevention (IDP) Screens
277
Overview
277
What You Can Do Using the IDP Screens
277
Figure 164 Network Intrusions
277
What You Need to Know about the Zywall IDP
278
Figure 165 Applying IDP to Interfaces
278
Before You Begin
279
The General Setup Screen
279
Figure 166 SECURITY > IDP > General
279
Table 77 SECURITY > IDP > General Setup
280
The Signatures Screen
281
Attack Types
281
Table 78 SECURITY > IDP > Signature: Attack Types
281
Intrusion Severity
282
Signature Actions
282
Table 79 SECURITY > IDP > Signature: Intrusion Severity
282
Table 80 SECURITY > IDP > Signature: Actions
282
Configuring the IDP Signatures Screen
283
Figure 167 SECURITY > IDP > Signature: Group View
283
Table 81 SECURITY > IDP > Signature: Group View
283
The Query View Screen
284
Figure 168 SECURITY > IDP > Signature: Query View
285
Table 82 SECURITY > IDP > Signature: Query View
285
Figure 169 SECURITY > IDP > Signature: Query by Partial Name
287
Figure 170 SECURITY > IDP > Signature: Query by Complete ID
288
The Anomaly Screen
289
Figure 171 Signature Query by Attribute
289
Figure 172 SECURITY > IDP > Anomaly
290
Table 83 SECURITY > IDP > Anomaly
290
The Update Screen
291
Mysecurityzone
291
Configuring the IDP Update Screen
292
Figure 173 SECURITY > IDP > Update
292
Table 84 SECURITY > IDP > Update
292
The Backup and Restore Screen
293
Technical Reference
294
Figure 174 SECURITY > IDP > Backup & Restore
294
Example Intrusions
295
Host Idp
295
Ids and Idp
295
Network Idp
295
Chapter 15 Anti-Virus Screens
299
Overview
299
What You Can Do in the Antivirus Screens
299
Figure 175 Zywall Anti-Virus Overview
299
What You Need to Know about Antivirus
300
The General Screen
301
Figure 176 SECURITY > ANTI-VIRUS > General
302
Table 85 SECURITY > ANTI-VIRUS > General
302
The Signature Screen
303
Figure 177 SECURITY > ANTI-VIRUS > Signature: Query View
304
Table 86 SECURITY > ANTI-VIRUS > Signature: Query View
304
Figure 178 Query Example Search Criteria
305
Signature Search Example
305
The Update Screen
306
Figure 179 Query Example Search Results
306
Configuring Anti-Virus Update
307
Figure 180 SECURITY > ANTI-VIRUS > Update
307
Mysecurityzone
307
The Backup and Restore Screen
309
Figure 181 SECURITY > ANTI-VIRUS > Backup and Restore
309
Technical Reference
310
Table 87 Common Computer Virus Types
310
Chapter 16 Anti-Spam Screens
313
Overview
313
What You Can Do in the Antispam Screens
313
Figure 182 Anti-Spam Overview
313
What You Need to Know about Antispam
314
The General Screen
315
Figure 183 SECURITY > ANTI-SPAM > General
316
Table 88 SECURITY > ANTI-SPAM > General
316
The External DB Screen
318
Figure 184 SECURITY > ANTI-SPAM > External DB
319
Table 89 SECURITY > ANTI-SPAM > External DB
319
The Lists Screen
320
Figure 185 SECURITY > ANTI-SPAM > Lists
321
Table 90 SECURITY > ANTI-SPAM > Lists
321
Anti-Spam Lists Edit Screen
322
Figure 186 SECURITY > ANTI-SPAM > Lists > Edit
322
Table 91 SECURITY > ANTI-SPAM > Lists > Edit
323
Technical Reference
324
Spamcontent Engine
325
Spamtricks Engine
325
Chapter 17 Content Filtering Screens
327
Overview
327
What You Can Do in the Content Filtering Screens
327
What You Need to Know about Content Filtering
327
General Screen
328
Figure 187 Content Filtering Lookup Procedure
328
Figure 188 SECURITY > CONTENT FILTER > General
329
Table 92 SECURITY > CONTENT FILTER > General
329
The Policy Screen
331
Figure 189 SECURITY > CONTENT FILTER > Policy
331
Content Filter Policy: General
332
Table 93 SECURITY > CONTENT FILTER > Policy
332
Figure 190 SECURITY > CONTENT FILTER > Policy > General
333
Table 94 SECURITY > CONTENT FILTER > Policy > General
333
Content Filter Policy: External Database
334
Figure 191 SECURITY > CONTENT FILTER > Policy > External Database
334
Table 95 SECURITY > CONTENT FILTER > Policy > External Database
335
Content Filter Policy: Customization
341
Figure 192 SECURITY > CONTENT FILTER > Policy > Customization
341
Content Filter Policy: Schedule
342
Table 96 SECURITY > CONTENT FILTER > Policy > Customization
342
Content Filter Object
343
Figure 193 SECURITY > CONTENT FILTER > Policy > Schedule
343
Table 97 SECURITY > CONTENT FILTER > Policy > Schedule
343
Figure 194 SECURITY > CONTENT FILTER > Object
344
Table 98 SECURITY > CONTENT FILTER > Object
345
Content Filtering Cache
346
Figure 195 SECURITY > CONTENT FILTER > Cache
346
Table 99 SECURITY > CONTENT FILTER > Cache
346
Chapter 18 Content Filtering Reports
349
Overview
349
Checking Content Filtering Activation
349
Viewing Content Filtering Reports
349
Figure 196 Myzyxel.com: Login
350
Figure 197 Myzyxel.com: Welcome
350
Figure 198 Myzyxel.com: Service Management
351
Figure 199 Blue Coat: Login
351
Figure 200 Content Filtering Reports Main Screen
352
Figure 201 Blue Coat: Report Home
352
Figure 202 Global Report Screen Example
353
Web Site Submission
354
Figure 203 Requested Urls Example
354
Figure 204 Web Page Review Process Screen
355
Ipsec VPN
357
Chapter 19 Ipsec VPN
357
Overview
357
What You Can Do in the Ipsec VPN Screens
357
Figure 205 VPN: Example
357
What You Need to Know about Ipsec VPN
358
Figure 206 VPN: IKE SA and Ipsec SA
358
Figure 207 Gateway and Network Policies
359
Figure 208 Ipsec Fields Summary
359
The VPN Rules (IKE) Screen
360
Figure 209 SECURITY > VPN > VPN Rules (IKE)
360
Table 100 SECURITY > VPN > VPN Rules (IKE)
360
The VPN Rules (IKE) Gateway Policy Edit Screen
361
Figure 210 SECURITY > VPN > VPN Rules (IKE) > Edit Gateway Policy
362
Table 101 SECURITY > VPN > VPN Rules (IKE) > Edit Gateway Policy
363
The Network Policy Edit Screen
367
Figure 211 SECURITY > VPN > VPN Rules (IKE) > Edit Network Policy
368
Table 102 SECURITY > VPN > VPN Rules (IKE) > Edit Network Policy
369
The Network Policy Edit: Port Forwarding Screen
372
Figure 212 SECURITY > VPN > VPN Rules (IKE) > Edit Network Policy > Port Forwarding
373
Table 103 SECURITY > VPN > VPN Rules (IKE) > Edit Network Policy > Port Forwarding
373
The Network Policy Move Screen
374
Figure 213 SECURITY > VPN > VPN Rules (IKE) > Move Network Policy
374
Table 104 SECURITY > VPN > VPN Rules (IKE) > Move Network Policy
374
The VPN Rules (Manual) Screen
375
Figure 214 SECURITY > VPN > VPN Rules (Manual)
375
Table 105 SECURITY > VPN > VPN Rules (Manual)
375
The VPN Rules (Manual): Edit Screen
376
Figure 215 SECURITY > VPN > VPN Rules (Manual) > Edit
376
Table 106 SECURITY > VPN > VPN Rules (Manual) > Edit
377
The VPN SA Monitor Screen
379
The VPN Global Setting Screen
379
Figure 216 SECURITY > VPN > SA Monitor
379
Table 107 SECURITY > VPN > SA Monitor
379
Figure 217 Overlap in a Dynamic VPN Rule
380
Figure 218 Overlap in IP Alias and VPN Remote Networks
381
Figure 219 SECURITY > VPN > Global Setting
381
Table 108 SECURITY > VPN > Global Setting
381
Telecommuter Vpn/Ipsec Examples
382
Telecommuters Sharing One VPN Rule Example
383
Telecommuters Using Unique VPN Rules Example
383
Figure 220 Telecommuters Sharing One VPN Rule Example
383
Table 109 Telecommuters Sharing One VPN Rule Example
383
Figure 221 Telecommuters Using Unique VPN Rules Example
384
Table 110 Telecommuters Using Unique VPN Rules Example
384
VPN and Remote Management
385
Hub-And-Spoke VPN
385
Figure 222 VPN for Remote Management Example
385
Figure 223 VPN Topologies
386
Hub-And-Spoke VPN Example
386
Figure 224 Hub-And-Spoke VPN Example
387
Hub-And-Spoke Example VPN Rule Addresses
387
Hub-And-Spoke VPN Requirements and Suggestions
387
Ipsec VPN Background Information
388
Figure 225 IKE SA: Main Negotiation Mode, Steps 1 - 2: IKE SA Proposal
388
Figure 226 IKE SA: Main Negotiation Mode, Steps 3 - 4: DH Key Exchange
389
Figure 227 IKE SA: Main Negotiation Mode, Steps 5 - 6: Authentication
389
Table 111 VPN Example: Matching ID Type and Content
390
Table 112 VPN Example: Mismatching ID Type and Content
390
Figure 228 VPN/NAT Example
392
Figure 229 Virtual Mapping of Local and Remote Network IP Addresses
394
Figure 230 VPN: Transport and Tunnel Mode Encapsulation
394
Ipsec Sa Proposal and Perfect Forward Secrecy
395
Ipsec Sa Using Manual Keys
395
Additional Ipsec Vpn Topics
396
Figure 231 Ipsec High Availability
397
Chapter 20 Certificates
399
Overview
399
What You Can Do in the Certificate Screens
399
What You Need to Know about Certificates
399
Verifying a Certificate
400
Figure 232 Certificates on Your Computer
400
The My Certificates Screen
401
Figure 233 Certificate Details
401
Figure 234 SECURITY > CERTIFICATES > My Certificates
402
Table 113 SECURITY > CERTIFICATES > My Certificates
402
The My Certificate Details Screen
403
Figure 235 SECURITY > CERTIFICATES > My Certificates > Details
404
Table 114 SECURITY > CERTIFICATES > My Certificates > Details
404
The My Certificate Export Screen
406
Figure 236 SECURITY > CERTIFICATES > My Certificates > Export
406
Table 115 SECURITY > CERTIFICATES > My Certificates > Export
406
The My Certificate Import Screen
407
Using the My Certificate Import Screen
407
Figure 237 SECURITY > CERTIFICATES > My Certificates > Import
408
Figure 238 SECURITY > CERTIFICATES > My Certificates > Import: PKCS#12
408
Table 116 SECURITY > CERTIFICATES > My Certificates > Import
408
Table 117 SECURITY > CERTIFICATES > My Certificates > Import: PKCS#12
408
The My Certificate Create Screen
409
Figure 239 SECURITY > CERTIFICATES > My Certificates > Create (Basic)
409
Figure 240 SECURITY > CERTIFICATES > My Certificates > Create (Advanced)
410
Table 118 SECURITY > CERTIFICATES > My Certificates > Create
410
The Trusted Cas Screen
413
Figure 241 SECURITY > CERTIFICATES > Trusted Cas
414
Table 119 SECURITY > CERTIFICATES > Trusted Cas
414
The Trusted CA Details Screen
415
Figure 242 SECURITY > CERTIFICATES > Trusted Cas > Details
416
Table 120 SECURITY > CERTIFICATES > Trusted Cas > Details
416
The Trusted CA Import Screen
418
The Trusted Remote Hosts Screen
419
Figure 243 SECURITY > CERTIFICATES > Trusted Cas > Import
419
Table 121 SECURITY > CERTIFICATES > Trusted Cas Import
419
Figure 244 SECURITY > CERTIFICATES > Trusted Remote Hosts
420
Table 122 SECURITY > CERTIFICATES > Trusted Remote Hosts
420
The Trusted Remote Hosts Import Screen
421
Figure 245 SECURITY > CERTIFICATES > Trusted Remote Hosts > Import
421
Table 123 SECURITY > CERTIFICATES > Trusted Remote Hosts > Import
421
The Trusted Remote Host Certificate Details Screen
422
Figure 246 SECURITY > CERTIFICATES > Trusted Remote Hosts > Details
422
Table 124 SECURITY > CERTIFICATES > Trusted Remote Hosts > Details
423
The Directory Servers Screen
424
Figure 247 SECURITY > CERTIFICATES > Directory Servers
424
The Directory Server Add or Edit Screen
425
Figure 248 SECURITY > CERTIFICATES > Directory Server > Add
425
Table 125 SECURITY > CERTIFICATES > Directory Servers
425
Table 126 SECURITY > CERTIFICATES > Directory Server > Add
426
Chapter 21 Authentication Server Screens
427
Overview
427
What You Can Do in the Authentication Server Screens
427
What You Need to Know about Authentication Server
427
The Local User Database Screen
428
Figure 249 SECURITY > AUTH SERVER > Local User Database
429
The RADIUS Screen
430
Figure 250 SECURITY > AUTH SERVER > RADIUS
430
Table 127 SECURITY > AUTH SERVER > Local User Database
430
Table 128 SECURITY > AUTH SERVER > RADIUS
430
Advanced
433
Chapter 22 Network Address Translation (NAT)
435
Overview
435
What You Can Do Using the NAT Screens
435
What You Need to Know about NAT
435
Before You Begin
436
The NAT Overview Screen
436
Table 129 NAT Mapping Types
436
Figure 251 ADVANCED > NAT > NAT Overview
437
Table 130 ADVANCED > NAT > NAT Overview
437
The NAT Address Mapping Screen
438
Figure 252 ADVANCED > NAT > Address Mapping
439
Table 131 ADVANCED > NAT > Address Mapping
439
Figure 253 ADVANCED > NAT > Address Mapping > Edit
440
NAT Address Mapping Edit
440
The Port Forwarding Screen
441
Default Server IP Address
441
Table 132 ADVANCED > NAT > Address Mapping > Edit
441
Port Forwarding: Services and Port Numbers
442
Configuring Servers Behind Port Forwarding (Example)
442
NAT and Multiple WAN
442
Figure 254 Multiple Servers Behind NAT Example
442
Port Translation
443
Configuring the Port Forwarding Screen
443
Figure 255 Port Translation Example
443
Figure 256 ADVANCED > NAT > Port Forwarding
444
Table 133 ADVANCED > NAT > Port Forwarding
444
The Port Triggering Screen
445
Figure 257 Trigger Port Forwarding Process: Example
445
Configuring Port Triggering
446
Figure 258 ADVANCED > NAT > Port Triggering
446
Table 134 ADVANCED > NAT > Port Triggering
446
Technical Reference
447
Figure 259 NAT Overview
448
Figure 260 NAT Application with IP Alias
449
Figure 261 Port Restricted Cone NAT Example
450
Static Route Screens
451
Chapter 23 Static Route Screens
451
Overview
451
What You Can Do in the Static Route Screens
451
Figure 262 Example of Static Routing Topology
451
The IP Static Route Screen
452
Figure 263 ADVANCED > STATIC ROUTE > IP Static Route
453
Table 135 ADVANCED > STATIC ROUTE > IP Static Route
453
Figure 264 ADVANCED > STATIC ROUTE > IP Static Route > Edit
454
Table 136 ADVANCED > STATIC ROUTE > IP Static Route > Edit
454
The IP Static Route Edit Screen
454
Chapter 24 Policy Route Screens
457
Overview
457
What You Can Do in the Policy Route Screens
457
What You Need to Know about Policy Route
457
The Policy Route Summary Screen
458
Figure 265 ADVANCED > POLICY ROUTE > Policy Route Summary
459
Table 137 ADVANCED > POLICY ROUTE > Policy Route Summary
459
The Policy Route Edit Screen
460
Figure 266 ADVANCED > POLICY ROUTE > Edit
461
Table 138 ADVANCED > POLICY ROUTE > Edit
461
Chapter 25 Bandwidth Management Screens
465
Overview
465
What You Can Do in the Bandwidth Management Screens
465
What You Need to Know about Bandwidth Management
465
Application and Subnet-Based Bandwidth Management Example
466
Figure 267 Subnet-Based Bandwidth Management Example
466
Table 139 Application and Subnet-Based Bandwidth Management Example
466
Over Allotment of Bandwidth Example
467
Maximize Bandwidth Usage with Bandwidth Borrowing Example
467
The Summary Screen
467
Table 140 over Allotment of Bandwidth Example
467
Figure 268 ADVANCED > BW MGMT > Summary
468
Table 141 ADVANCED > BW MGMT > Summary
469
Maximize Bandwidth Usage Example
470
Table 142 Maximize Bandwidth Usage Example
470
Table 143 Priority-Based Allotment of Unused and Unbudgeted Bandwidth Example
470
Reserving Bandwidth for Non-Bandwidth Class Traffic
471
The Class Setup Screen
471
Table 144 Fairness-Based Allotment of Unused and Unbudgeted Bandwidth Example
471
Figure 269 ADVANCED > BW MGMT > Class Setup
472
Table 145 ADVANCED > BW MGMT > Class Setup
472
Bandwidth Manager Class Configuration
473
Figure 270 ADVANCED > BW MGMT > Class Setup > Add Sub-Class
474
Table 146 ADVANCED > BW MGMT > Class Setup > Add Sub-Class
474
Bandwidth Borrowing Example
476
Table 147 Bandwidth Borrowing Example
476
Bandwidth Management Statistics
477
Figure 271 ADVANCED > BW MGMT > Class Setup > Statistics
477
The Monitor Screen
478
Figure 272 ADVANCED > BW MGMT > Monitor
478
Chapter 26 DNS Screens
479
Overview
479
What You Can Do in the DNS Screens
479
What You Need to Know about DNS
479
The System Screen
481
Figure 273 Private DNS Server Example
481
Figure 274 ADVANCED > DNS > System DNS
482
Figure 275 ADVANCED > DNS > Add (Address Record)
483
The Add Address Record Screen
483
Figure 276 ADVANCED > DNS > Insert (Name Server Record)
484
Table 148 ADVANCED > DNS > Add (Address Record)
484
The Insert Name Server Record Screen
484
The DNS Cache Screen
485
Figure 277 ADVANCED > DNS > Cache
486
The DHCP Screen
487
Figure 278 ADVANCED > DNS > DHCP
487
The DDNS Screen
488
Configuring the Dynamic DNS Screen
489
Figure 279 ADVANCED > DNS > DDNS
489
Chapter 27 Remote Management Screens
491
Overview
491
What You Can Do in the Remote Management Screens
491
Figure 280 Secure and Insecure Remote Management from the WAN
491
What You Need to Know about Remote Management
492
HTTPS Example
493
Internet Explorer Warning Messages
493
Netscape Navigator Warning Messages
493
Figure 281 Security Alert Dialog Box (Internet Explorer)
493
Avoiding the Browser Warning Messages
494
Figure 282 Security Certificate 1 (Netscape)
494
Figure 283 Security Certificate 2 (Netscape)
494
Login Screen
495
Figure 284 Example: Lock Denoting a Secure Connection
495
Figure 285 Replace Certificate
495
Enrolling and Importing SSL Client Certificates (Example)
496
Figure 286 Device-Specific Certificate
496
Figure 287 Common Zywall Certificate
496
Installing the Ca's Certificate (Example)
497
Figure 288 Zywall Trusted CA Screen
497
Installing Your Personal Certificate(S) (Example)
498
Figure 289 CA Certificate Example
498
Figure 290 Personal Certificate Import Wizard 1
499
Figure 291 Personal Certificate Import Wizard 2
499
Figure 292 Personal Certificate Import Wizard 3
500
Figure 293 Personal Certificate Import Wizard 4
500
Using a Certificate When Accessing the Zywall (Example)
501
Figure 294 Personal Certificate Import Wizard 5
501
Figure 295 Personal Certificate Import Wizard 6
501
Figure 296 Access the Zywall Via HTTPS
501
Secure Telnet Using SSH Examples
502
Figure 297 SSL Client Authentication
502
Figure 298 Secure Web Configurator Login Screen
502
Figure 299 SSH Example 1: Store Host Key
503
Figure 300 SSH Example 2: Test
503
Figure 301 SSH Example 2: Log in
503
The WWW Screen
504
Figure 302 Secure FTP: Firmware Upload Example
504
Configuring the WWW Screen
505
Figure 303 HTTPS Implementation
505
Figure 304 ADVANCED > REMOTE MGMT > WWW
506
Table 149 ADVANCED > REMOTE MGMT > WWW
506
The SSH Screen
507
Configuring the SSH Screen
507
Figure 305 SSH Communication over the WAN Example
507
The Telnet Screen
508
Figure 306 ADVANCED > REMOTE MGMT > SSH
508
Table 150 ADVANCED > REMOTE MGMT > SSH
508
The FTP Screen
509
Figure 307 ADVANCED > REMOTE MGMT > Telnet
509
Table 151 ADVANCED > REMOTE MGMT > Telnet
509
The SNMP Screen
510
Figure 308 ADVANCED > REMOTE MGMT > FTP
510
Table 152 ADVANCED > REMOTE MGMT > FTP
510
Figure 309 SNMP Management Model
511
Configuring the SNMP Screen
512
Figure 310 ADVANCED > REMOTE MGMT > SNMP
512
Table 153 SNMP Traps
512
The DNS Screen
513
Table 154 ADVANCED > REMOTE MGMT > SNMP
513
The CNM Screen
514
Configuring the CNM Screen
514
Figure 311 ADVANCED > REMOTE MGMT > DNS
514
Table 155 ADVANCED > REMOTE MGMT > DNS
514
Figure 312 ADVANCED > REMOTE MGMT > CNM
515
Table 156 ADVANCED > REMOTE MGMT > CNM
515
Remote Management Technical Reference
516
Figure 313 How SSH Works
516
Chapter 28 Upnp Screens
519
Overview
519
What You Can Do in the Upnp Screens
519
What You Need to Know about Upnp
519
Upnp Examples
520
Installing Upnp in Windows Example
520
Using Upnp in Windows XP Example
522
The Upnp Screen
526
Figure 314 ADVANCED > Upnp
526
Table 157 ADVANCED > Upnp
526
The Ports Screen
527
Figure 315 ADVANCED > Upnp > Ports
527
Table 158 ADVANCED > Upnp > Ports
527
Chapter 29 Custom Application Screen
529
Overview
529
What You Can Do in the Custom Application Screen
529
What You Need to Know about Custom Application
529
The Custom Application Screen
529
Figure 316 ADVANCED > Custom APP
530
Table 159 ADVANCED > Custom APP
530
ALG Screen
531
Chapter 30 ALG Screen
531
Overview
531
What You Need to Know about ALG
531
Figure 317 H.323 ALG Example
533
Figure 318 H.323 with Multiple WAN IP Addresses
533
Figure 319 H.323 Calls from the WAN with Multiple Outgoing Calls
534
Figure 320 SIP ALG Example
535
The ALG Screen
535
Figure 321 ADVANCED > ALG
536
Table 160 ADVANCED > ALG
536
Reports, Logs and Maintenance
537
Part V: Reports, Logs and Maintenance
537
Chapter 31 Reports Screens
539
Overview
539
What You Can Do in the Reports Screens
539
The Traffic Statistics Screen
539
Figure 322 REPORTS > Traffic Statistics
540
Table 161 REPORTS > Traffic Statistics
540
Viewing Web Site Hits
541
Figure 323 REPORTS > Traffic Statistics: Web Site Hits Example
542
Table 162 REPORTS > Traffic Statistics: Web Site Hits Report
542
Viewing Host IP Address
542
Figure 324 REPORTS > Traffic Statistics: Host IP Address Example
543
Table 163 REPORTS > Traffic Statistics: Host IP Address
543
Viewing Protocol/Port
543
Figure 325 REPORTS > Traffic Statistics: Protocol/Port Example
544
Table 164 REPORTS > Traffic Statistics: Protocol/ Port
544
System Reports Specifications
545
The IDP Screen
545
Figure 326 REPORTS > IDP
545
Table 165 Report Specifications
545
Table 166 REPORTS > IDP
546
The Anti-Virus Screen
547
Figure 327 REPORTS > IDP > Source
547
Figure 328 REPORTS > IDP > Destination
547
Figure 329 REPORTS > Anti-Virus
547
Figure 330 REPORTS > Anti-Virus > Source
548
Table 167 REPORTS > Anti-Virus
548
The Anti-Spam Screen
549
Figure 331 REPORTS > Anti-Virus > Destination
549
Figure 332 REPORTS > Anti-Spam
549
Table 168 REPORTS > Anti-Spam
549
The E-Mail Report Screen
551
Figure 333 REPORTS > Anti-Spam > Source
551
Figure 334 REPORTS > Anti-Spam > Score Distribution
551
Figure 335 REPORTS > E-Mail Report
552
Table 169 REPORTS > E-Mail Report
552
Chapter 32 Logs Screens
555
Overview
555
What You Can Do in the Log Screens
555
What You Need to Know about Logs
555
The View Log Screen
555
Log Description Example
556
Figure 336 LOGS > View Log
556
Table 170 LOGS > View Log
556
About the Certificate Not Trusted Log
557
Table 171 Log Description Example
557
The Log Settings Screen
558
Figure 337 Myzyxel.com: Download Center
558
Figure 338 Myzyxel.com: Certificate Download
558
Figure 339 LOGS > Log Settings
559
Table 172 LOGS > Log Settings
559
Technical Reference
561
Table 173 System Maintenance Logs
561
Table 174 System Error Logs
563
Table 175 Access Control Logs
563
Table 176 TCP Reset Logs
564
Table 177 Packet Filter Logs
565
Table 178 ICMP Logs
565
Table 179 CDR Logs
566
Table 180 PPP Logs
566
Table 181 3G Logs
566
Table 182 Upnp Logs
567
Table 183 Content Filtering Logs
568
Table 184 Attack Logs
568
Table 185 Remote Management Logs
570
Table 186 Wireless Logs
570
Table 187 Ipsec Logs
571
Table 188 IKE Logs
571
Table 189 PKI Logs
574
Table 190 802.1X Logs
576
Table 191 ACL Setting Notes
577
Table 192 ICMP Notes
578
Table 193 IDP Logs
579
Table 194 AV Logs
579
Table 195 as Logs
581
Table 196 Syslog Logs
583
Table 197 RFC-2408 ISAKMP Payload Types
584
Chapter 33 Maintenance Screens
585
Overview
585
What You Can Do in the Maintenance Screens
585
The General Setup Screen
585
The Password Screen
586
Figure 340 MAINTENANCE > General Setup
586
Table 198 MAINTENANCE > General Setup
586
The Time and Date Screen
587
Figure 341 MAINTENANCE > Password
587
Table 199 MAINTENANCE > Password
587
Figure 342 MAINTENANCE > Time and Date
588
Table 200 MAINTENANCE > Time and Date
588
Figure 343 Synchronization in Process
590
Figure 344 Synchronization Is Successful
590
Time Server Synchronization Example
590
The Device Mode Screen
591
Figure 345 Synchronization Fail
591
Table 201 MAC-Address-To-Port Mapping Table
591
Configuring the Device Mode Screen (Router)
592
Configuring the Device Mode Screen (Bridge)
593
Figure 346 MAINTENANCE > Device Mode (Router Mode)
593
Table 202 MAINTENANCE > Device Mode (Router Mode)
593
Figure 347 MAINTENANCE > Device Mode (Bridge Mode)
594
Table 203 MAINTENANCE > Device Mode (Bridge Mode)
594
The F/W Upload Screen
595
Figure 348 MAINTENANCE > Firmware Upload
595
Table 204 MAINTENANCE > Firmware Upload
595
Figure 349 Firmware Upload in Process
596
Figure 350 Network Temporarily Disconnected
596
Figure 351 Firmware Upload Error
596
The Backup and Restore Screen
597
Figure 352 MAINTENANCE > Backup and Restore
597
Table 205 Restore Configuration
597
Figure 353 Configuration Upload Successful
598
Figure 354 Network Temporarily Disconnected
598
Figure 355 Configuration Upload Error
598
The Restart Screen
599
The Diagnostics Screen
599
Figure 356 Reset Warning Message
599
Figure 357 MAINTENANCE > Restart
599
Figure 358 MAINTENANCE > Diagnostics
600
Table 206 MAINTENANCE > Diagnostics
600
Smt
603
Part VI: SMT
603
Chapter 34 Introducing the SMT
605
Introduction to the SMT
605
Accessing the SMT Via the Console Port
605
Initial Screen
605
Entering the Password
606
Navigating the SMT Interface
606
Figure 359 Initial Screen
606
Figure 360 Password Screen
606
Table 207 Main Menu Commands
606
Figure 361 Main Menu (Router Mode)
607
Main Menu
607
Figure 362 Main Menu (Bridge Mode)
608
Table 208 Main Menu Summary
608
SMT Menus Overview
609
Table 209 SMT Menus Overview
609
Changing the System Password
610
Resetting the Zywall
611
Figure 363 Menu 23: System Password
611
Chapter 35 SMT Menu 1 - General Setup
613
Introduction to General Setup
613
Configuring General Setup
613
Figure 364 Menu 1: General Setup (Router Mode)
613
Table 210 Menu 1: General Setup (Router Mode)
613
Figure 365 Menu 1: General Setup (Bridge Mode)
614
Table 211 Menu 1: General Setup (Bridge Mode)
614
Configuring Dynamic DNS
615
Figure 366 Menu 1.1: Configure Dynamic DNS
615
Table 212 Menu 1.1: Configure Dynamic DNS
615
Figure 367 Menu 1.1.1: DDNS Host Summary
616
Table 213 Menu 1.1.1: DDNS Host Summary
616
Figure 368 Menu 1.1.1: DDNS Edit Host
617
Table 214 Menu 1.1.1: DDNS Edit Host
617
Chapter 36 WAN and Dial Backup Setup
619
Introduction to WAN and Dial Backup Setup
619
WAN Setup
619
Figure 369 MAC Address Cloning in WAN Setup
619
Dial Backup
620
Configuring Dial Backup in Menu 2
620
Table 215 MAC Address Cloning in WAN Setup
620
Advanced WAN Setup
621
Figure 370 Menu 2: Dial Backup Setup
621
Table 216 Menu 2: Dial Backup Setup
621
Figure 371 Menu 2.1: Advanced WAN Setup
622
Table 217 Advanced WAN Port Setup: at Commands Fields
622
Remote Node Profile (Backup ISP)
623
Figure 372 Menu 11.3: Remote Node Profile (Backup ISP)
623
Table 218 Advanced WAN Port Setup: Call Control Parameters
623
Table 219 Menu 11.3: Remote Node Profile (Backup ISP)
624
Editing TCP/IP Options
625
Figure 373 Menu 11.3.2: Remote Node Network Layer Options
625
Table 220 Menu 11.3.2: Remote Node Network Layer Options
625
Editing Login Script
626
Figure 374 Menu 11.3.3: Remote Node Script
627
Remote Node Filter
628
Figure 375 Menu 11.3.4: Remote Node Filter
628
Table 221 Menu 11.3.3: Remote Node Script
628
Modem Setup
629
Figure 376 3G Modem Setup in WAN Setup (Zywall 5)
629
Table 222 3G Modem Setup in WAN Setup (Zywall 5)
629
Remote Node Profile (3G WAN)
630
Figure 377 Menu 11.2: Remote Node Profile (3G WAN)
630
Table 223 Menu 11.2: Remote Node Profile (3G WAN)
630
Chapter 37 LAN Setup
633
Introduction to LAN Setup
633
Accessing the LAN Menus
633
LAN Port Filter Setup
633
Figure 378 Menu 3: LAN Setup
633
TCP/IP and DHCP Ethernet Setup Menu
634
Figure 379 Menu 3.1: LAN Port Filter Setup
634
Figure 380 Menu 3: TCP/IP and DHCP Setup
634
Figure 381 Menu 3.2: TCP/IP and DHCP Ethernet Setup
635
Table 224 Menu 3.2: DHCP Ethernet Setup Fields
635
Table 225 Menu 3.2: LAN TCP/IP Setup Fields
635
Figure 382 Menu 3.2.1: IP Alias Setup
636
IP Alias Setup
636
Table 226 Menu 3.2.1: IP Alias Setup
637
Internet Access
639
Chapter 38 Internet Access
639
Introduction to Internet Access Setup
639
Ethernet Encapsulation
639
Figure 383 Menu 4: Internet Access Setup (Ethernet)
640
Table 227 Menu 4: Internet Access Setup (Ethernet)
640
Configuring the PPTP Client
641
Configuring the Pppoe Client
642
Figure 384 Internet Access Setup (PPTP)
642
Table 228 New Fields in Menu 4 (PPTP) Screen
642
Basic Setup Complete
643
Figure 385 Internet Access Setup (Pppoe)
643
Table 229 New Fields in Menu 4 (Pppoe) Screen
643
Chapter 39
645
DMZ Setup
645
Configuring DMZ Setup
645
DMZ Port Filter Setup
645
Figure 386 Menu 5: DMZ Setup
645
Figure 387 Menu 5.1: DMZ Port Filter Setup
645
TCP/IP Setup
646
IP Address
646
Figure 388 Menu 5: DMZ Setup
646
Figure 389 Menu 5.2: TCP/IP and DHCP Ethernet Setup
646
IP Alias Setup
647
Figure 390 Menu 5.2.1: IP Alias Setup
647
Route Setup
649
Chapter 40 Route Setup
649
Configuring Route Setup
649
Route Assessment
649
Figure 391 Menu 6: Route Setup
649
Figure 392 Menu 6.1: Route Assessment
649
Traffic Redirect
650
Figure 393 Menu 6.2: Traffic Redirect
650
Table 230 Menu 6.1: Route Assessment
650
Table 231 Menu 6.2: Traffic Redirect
650
Route Failover
651
Figure 394 Menu 6.3: Route Failover
651
Table 232 Menu 6.3: Route Failover
651
Wireless Setup
653
Chapter 41 Wireless Setup
653
Wireless LAN Setup
653
Figure 395 Menu 7.1: Wireless Setup
653
Table 233 Menu 7.1: Wireless Setup
654
Figure 396 Menu 7.1.1: WLAN MAC Address Filter
655
MAC Address Filter Setup
655
TCP/IP Setup
656
IP Address
656
Figure 397 Menu 7: WLAN Setup
656
Table 234 Menu 7.1.1: WLAN MAC Address Filter
656
IP Alias Setup
657
Figure 398 Menu 7.2: TCP/IP and DHCP Ethernet Setup
657
Figure 399 Menu 7.2.1: IP Alias Setup
658
Chapter 42 Remote Node Setup
659
Introduction to Remote Node Setup
659
Figure 400 Menu 11: Remote Node Setup
659
Remote Node Profile Setup
660
Ethernet Encapsulation
660
Figure 401 Menu 11.1: Remote Node Profile for Ethernet Encapsulation
660
Table 235 Menu 11.1: Remote Node Profile for Ethernet Encapsulation
660
Pppoe Encapsulation
661
Figure 402 Menu 11.1: Remote Node Profile for Pppoe Encapsulation
662
PPTP Encapsulation
663
Table 236 Fields in Menu 11.1 (Pppoe Encapsulation Specific)
663
Edit IP
664
Figure 403 Menu 11.1: Remote Node Profile for PPTP Encapsulation
664
Table 237 Menu 11.1: Remote Node Profile for PPTP Encapsulation
664
Figure 404 Menu 11.1.2: Remote Node Network Layer Options for Ethernet Encapsulation
665
Table 238 Remote Node Network Layer Options Menu Fields
665
Remote Node Filter
666
Figure 405 Menu 11.1.4: Remote Node Filter (Ethernet Encapsulation)
667
Figure 406 Menu 11.1.4: Remote Node Filter (Pppoe or PPTP Encapsulation)
667
IP Static Route Setup
669
Chapter 43 IP Static Route Setup
669
Figure 407 Menu 12: IP Static Route Setup
670
Figure 408 Menu 12. 1: Edit IP Static Route
670
Table 239 Menu 12. 1: Edit IP Static Route
670
Network Address Translation (NAT)
673
Using NAT
673
SUA (Single User Account) Versus NAT
673
Applying NAT
673
Chapter 44 Network Address Translation (NAT)
674
Figure 409 Menu 4: Applying NAT for Internet Access
674
Figure 410 Menu 11.1.2: Applying NAT to the Remote Node
674
Figure 411 Menu 15: NAT Setup
675
Table 240 Applying NAT in Menus 4 & 11.1.2
675
Address Mapping Sets
676
Figure 412 Menu 15.1: Address Mapping Sets
676
Figure 413 Menu 15.1.255: SUA Address Mapping Rules
676
Table 241 SUA Address Mapping Rules
677
Figure 414 Menu 15.1.1: First Set
678
Table 242 Fields in Menu 15.1.1
679
Figure 415 Menu 15.1.1.1: Editing/Configuring an Individual Rule in a Set
680
Table 243 Menu 15.1.1.1: Editing/Configuring an Individual Rule in a Set
680
NAT Setup
675
Configuring a Server Behind NAT
681
Figure 416 Menu 15.2: NAT Server Sets
681
Figure 417 Menu 15.2.X: NAT Server Sets
681
Figure 418 15.2.X.X: NAT Server Configuration
682
Table 244 15.2.X.X: NAT Server Configuration
682
General NAT Examples
683
Internet Access Only
683
Figure 419 Menu 15.2.1: NAT Server Setup
683
Figure 420 Server Behind NAT Example
683
Figure 421 NAT Example 1
684
Figure 422 Menu 4: Internet Access & NAT Example
684
Example 2: Internet Access with a Default Server
685
Example 3: Multiple Public IP Addresses with Inside Servers
685
Figure 423 NAT Example 2
685
Figure 424 Menu 15.2.1: Specifying an Inside Server
685
Figure 425 NAT Example 3
686
Figure 426 Example 3: Menu 11.1.2
687
Figure 427 Example 3: Menu 15.1.1.1
687
Figure 428 Example 3: Final Menu 15.1.1
688
Figure 429 Example 3: Menu 15.2.1
688
Example 4: NAT Unfriendly Application Programs
689
Figure 430 NAT Example 4
689
Figure 431 Example 4: Menu 15.1.1.1: Address Mapping Rule
689
Trigger Port Forwarding
690
Two Points to Remember about Trigger Ports
690
Figure 432 Example 4: Menu 15.1.1: Address Mapping Rules
690
Figure 433 Menu 15.3.1: Trigger Port Setup
691
Table 245 Menu 15.3.1: Trigger Port Setup
691
Chapter 45 Introducing the Zywall Firewall
693
Using Zywall SMT Menus
693
Activating the Firewall
693
Figure 434 Menu 21: Filter and Firewall Setup
693
Figure 435 Menu 21.2: Firewall Setup
694
Filter Configuration
695
Chapter 46 Filter Configuration
695
Introduction to Filters
695
Figure 436 Outgoing Packet Filtering Process
695
The Filter Structure of the Zywall
696
Figure 437 Filter Rule Process
697
Configuring a Filter Set
698
Figure 438 Menu 21: Filter and Firewall Setup
698
Figure 439 Menu 21.1: Filter Set Configuration
698
Configuring a Filter Rule
699
Table 246 Abbreviations Used in the Filter Rules Summary Menu
699
Table 247 Rule Abbreviations Used
699
Configuring a TCP/IP Filter Rule
700
Figure 440 Menu 21.1.1.1: TCP/IP Filter Rule
700
Table 248 Menu 21.1.1.1: TCP/IP Filter Rule
700
Configuring a Generic Filter Rule
702
Figure 441 Executing an IP Filter
702
Figure 442 Menu 21.1.1.1: Generic Filter Rule
703
Table 249 Generic Filter Rule Menu Fields
703
Example Filter
704
Figure 443 Telnet Filter Example
704
Figure 444 Example Filter: Menu 21.1.3.1
705
Figure 445 Example Filter Rules Summary: Menu 21.1.3
705
Filter Types and NAT
706
Firewall Versus Filters
706
Packet Filtering
706
Figure 446 Protocol and Device Filter Sets
706
Firewall
707
Applying a Filter
707
Applying LAN Filters
708
Applying DMZ Filters
708
Figure 447 Filtering LAN Traffic
708
Figure 448 Filtering DMZ Traffic
708
Applying Remote Node Filters
709
Figure 449 Filtering Remote Node Traffic
709
SNMP Configuration
711
Chapter 47 SNMP Configuration
711
Figure 450 Menu 22: SNMP Configuration
711
Table 250 SNMP Configuration Menu Fields
711
SNMP Traps
712
Table 251 SNMP Traps
712
Chapter 48 System Information & Diagnosis
713
Introduction to System Status
713
System Status
713
Figure 451 Menu 24: System Maintenance
713
Figure 452 Menu 24.1: System Maintenance: Status
714
Table 252 System Maintenance: Status Menu Fields
714
System Information and Console Port Speed
715
System Information
715
Figure 453 Menu 24.2: System Information and Console Port Speed
715
Console Port Speed
716
Figure 454 Menu 24.2.1: System Maintenance: Information
716
Table 253 Fields in System Maintenance: Information
716
Log and Trace
717
Viewing Error Log
717
Figure 455 Menu 24.2.2: System Maintenance: Change Console Port Speed
717
Figure 456 Menu 24.3: System Maintenance: Log and Trace
717
Syslog Logging
718
Figure 457 Examples of Error and Information Messages
718
Figure 458 Menu 24.3.2: System Maintenance: Syslog Logging
718
Table 254 System Maintenance Menu Syslog Parameters
718
Call-Triggering Packet
721
Diagnostic
722
Figure 459 Call-Triggering Packet Example
722
Figure 460 Menu 24.4: System Maintenance: Diagnostic (Zywall 5)
723
Figure 461 WAN & LAN DHCP
723
Wan Dhcp
723
Table 255 System Maintenance Menu Diagnostic
724
Chapter 49 Firmware and Configuration File Maintenance
725
Introduction
725
Filename Conventions
725
Firmware and Configuration File Maintenance
726
Backup Configuration
726
Table 256 Filename Conventions
726
Example of FTP Commands from the Command Line
727
Figure 462 Telnet into Menu 24.5
727
Figure 463 FTP Session Example
727
Using the FTP Command from the Command Line
727
Backup Configuration Using TFTP
728
File Maintenance over WAN
728
GUI-Based FTP Clients
728
Table 257 General Commands for GUI-Based FTP Clients
728
Backup Via Console Port
729
GUI-Based TFTP Clients
729
Table 258 General Commands for GUI-Based TFTP Clients
729
TFTP Command Example
729
Restore Configuration
730
Figure 464 System Maintenance: Backup Configuration
730
Figure 465 System Maintenance: Starting Xmodem Download Screen
730
Figure 466 Backup Configuration Example
730
Figure 467 Successful Backup Confirmation Screen
730
Figure 468 Telnet into Menu 24.6
731
Restore Using FTP
731
Figure 469 Restore Using FTP Session Example
732
Figure 470 System Maintenance: Restore Configuration
732
Figure 471 System Maintenance: Starting Xmodem Download Screen
732
Figure 472 Restore Configuration Example
732
Restore Using FTP Session Example
732
Restore Via Console Port
732
Uploading Firmware and Configuration Files
733
Firmware File Upload
733
Figure 473 Successful Restoration Confirmation Screen
733
Configuration File Upload
734
Figure 474 Telnet into Menu 24.7.1: Upload System Firmware
734
Figure 475 Telnet into Menu 24.7.2: System Maintenance
734
FTP File Upload Command from the DOS Prompt Example
735
FTP Session Example of Firmware File Upload
735
TFTP File Upload
735
Figure 476 FTP Session Example of Firmware File Upload
735
TFTP Upload Command Example
736
Uploading Via Console Port
736
Uploading Firmware File Via Console Port
736
Example Xmodem Firmware Upload Using Hyperterminal
737
Uploading Configuration File Via Console Port
737
Figure 477 Menu 24.7.1 as Seen Using the Console Port
737
Figure 478 Example Xmodem Upload
737
Example Xmodem Configuration Upload Using Hyperterminal
738
Figure 479 Menu 24.7.2 as Seen Using the Console Port
738
Figure 480 Example Xmodem Upload
738
Chapter 50 System Maintenance Menus 8 to 10
739
Command Interpreter Mode
739
Figure 481 Command Mode in Menu 24
739
Call Control Support
740
Budget Management
740
Figure 482 Call Control
740
Figure 483 Budget Management
740
Call History
741
Figure 484 Call History
741
Table 259 Budget Management
741
Table 260 Call History
741
Time and Date Setting
742
Figure 485 Menu 24: System Maintenance
742
Figure 486 Menu 24.10 System Maintenance: Time and Date Setting
743
Table 261 Menu 24.10 System Maintenance: Time and Date Setting
743
Chapter 51 Remote Management
745
Figure 487 Menu 24.11 - Remote Management Control
746
Table 262 Menu 24.11 - Remote Management Control
746
Remote Management Limitations
747
IP Policy Routing
749
Chapter 52 IP Policy Routing
749
IP Routing Policy Summary
749
Figure 488 Menu 25: Sample IP Routing Policy Summary
749
Table 263 Menu 25: Sample IP Routing Policy Summary
749
IP Routing Policy Setup
750
Table 264 IP Routing Policy Setup
750
Figure 489 Menu 25.1: IP Routing Policy Setup
751
Table 265 Menu 25.1: IP Routing Policy Setup
751
Applying Policy to Packets
752
IP Policy Routing Example
753
Figure 490 Menu 25.1.1: IP Routing Policy Setup
753
Table 266 Menu 25.1.1: IP Routing Policy Setup
753
Figure 491 Example of IP Policy Routing
754
Figure 492 IP Routing Policy Example 1
754
Figure 493 IP Routing Policy Example 2
755
Call Scheduling
757
Chapter 53 Call Scheduling
757
Introduction to Call Scheduling
757
Figure 494 Schedule Setup
757
Figure 495 Schedule Set Setup
758
Table 267 Schedule Set Setup
758
Figure 496 Applying Schedule Set(S) to a Remote Node (Pppoe)
759
Figure 497 Applying Schedule Set(S) to a Remote Node (PPTP)
760
Part VII: Troubleshooting and Product Specifications
761
Troubleshooting
763
Troubleshooting and Product Specifications
761
Chapter 54 Troubleshooting
763
Power, Hardware Connections, and Leds
763
Zywall Access and Login
764
Internet Access
766
Wireless Router/Ap Troubleshooting
767
Upnp
768
Chapter 55 Product Specifications
769
Table 268 Hardware Specifications
769
Table 269 Firmware Specifications
770
Table 270 Feature and Performance Specifications
771
Table 271 Compatible Zyxel WLAN Cards and Security Features
772
Compatible 3G Cards
773
Table 272 3G Features Supported by Compatible 3G Cards
773
Table 273 3G Features Supported by Additional Compatible 3G Cards
773
Table 274 3G Features Supported by Additional Compatible 3G Cards
774
Power Adaptor Specifications
775
Table 275 North American Plug Standards
775
Table 276 European Plug Standards
775
Table 277 United Kingdom Plug Standards
775
Table 278 Australia and New Zealand Plug Standards
775
Table 279 Japan Plug Standards
775
Figure 498 Console/Dial Backup Port Pin Layout
776
Table 280 China Plug Standards
776
Table 281 Console/Dial Backup Port Pin Assignments
776
Table 282 Ethernet Cable Pin Assignments
777
Part VIII: Appendices and Index
779
Appendices and Index
779
Appendix A Removing and Installing a Fuse
781
Appendix A Removing and Installing a Fuse
782
Appendix B Common Services
783
Table 283 Commonly Used Services
783
Appendix C Wireless Lans
787
Figure 499 Peer-To-Peer Communication in an Ad-Hoc Network
787
Figure 500 Basic Service Set
788
Figure 501 Infrastructure WLAN
789
Figure 502 RTS/CTS
790
Table 284 IEEE 802.11G
791
Table 285 Wireless Security Levels
792
Types of Eap Authentication
793
Table 286 Comparison of EAP Authentication Types
795
Figure 503 WPA(2) with RADIUS Application Example
797
Figure 504 WPA(2)-PSK Authentication
798
Table 287 Wireless Security Relational Matrix
798
Antenna Characteristics
799
Types of Antennas for Wlan
799
Positioning Antennas
800
Appendix D Windows 98 Se/Me Requirements for Anti-Virus Message Display
801
Figure 505 Windows 98 SE: Winpopup
801
Figure 506 Windows 98 SE: Program Task Bar
802
Figure 507 Windows 98 SE: Task Bar Properties
802
Figure 508 Windows 98 SE: Startup
803
Figure 509 Windows 98 SE: Startup: Create Shortcut
803
Figure 510 Windows 98 SE: Startup: Select a Title for the Program
804
Figure 511 Windows 98 SE: Startup: Shortcut
804
Appendix E Legal Information
805
Appendix E Legal Information
806
Zyxel Limited Warranty
807
Appendix F Customer Support
809
Appendix F Customer Support
810
Index
815
Advertisement
Advertisement
Related Products
ZyXEL Communications ZYWALL 5 - V4.04
ZyXEL Communications Omni 56K
ZyXEL Communications Omni 56K II
ZyXEL Communications Omni 56K II, 56K Plus II
ZyXEL Communications ZyXEL ZyWALL 5
ZyXEL Communications ZYWALL 5 - V4.03
ZyXEL Communications 56K Plus Series
ZyXEL Communications OMNI 56K COM PLUS
ZyXEL Communications OMNI 56K USB MODEM
ZyXEL Communications ZyXEL ZyWALL 50
ZyXEL Communications Categories
Gateway
Network Router
Switch
Wireless Router
Adapter
More ZyXEL Communications Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL