Sign In
Upload
Manuals
Brands
ZyXEL Communications Manuals
Gateway
ZYWALL 1050 - V2.00 EDITION 1
ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1 Manuals
Manuals and User Guides for ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1. We have
1
ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1 manual available for free PDF download: User Manual
ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1 User Manual (772 pages)
Internet Security Gateway
Brand:
ZyXEL Communications
| Category:
Gateway
| Size: 22.1 MB
Table of Contents
About this User's Guide
3
Document Conventions
5
Safety Warnings
7
Table of Contents
9
Introduction
49
Introducing the Zywall
51
Chapter 1 Introducing the Zywall ........................................................................................................
51
Overview and Key Default Settings
51
Front Panel Leds
51
Figure 1 Zywall 1050 Front Panel
51
Management Overview
52
Figure 2 Managing the Zywall: Web Configurator
52
Table 1 Front Panel Leds
52
Table 2 Managing the Zywall: Console Port
53
Table 3 Starting and Stopping the Zywall
53
Features and Applications
55
Packet Flow
56
Table 4 Packet Flow Key
56
Chapter 2 Features and Applications ..................................................................................................... 55
57
Interface to Interface (to VPN Tunnel)
57
Applications
58
SSL VPN Network Access
58
Figure 3 Applications: VPN Connectivity
58
User-Aware Access Control
59
Figure 4 Network Access Mode: Reverse Proxy
59
Figure 5 Network Access Mode: Full Tunnel Mode
59
Device HA
60
Figure 6 Applications: User-Aware Access Control
60
Figure 7 Applications: Multiple WAN Interfaces
60
Figure 8 Applications: Device HA
61
Web Configurator
63
Web Configurator Requirements
63
Figure 9 Login Screen
64
Figure 10 Update Admin Info Screen
64
Web Configurator Main Screen
65
Title Bar
65
Figure 11 Main Screen
65
Table 5 Title Bar: Web Configurator Icons
65
Navigation Panel
66
Table 6 Navigation Panel Summary
66
Main Window
69
Message Bar
69
Figure 12 Message Bar
70
Figure 13 Warning Messages
70
Figure 14 CLI Messages
71
Wizard Setup
73
Wizard Setup Overview
73
Figure 15 Wizard Setup Welcome
74
Chapter 4 Wizard Setup ........................................................................................................................... 73
74
Installation Setup, One ISP
74
Figure 16 Internet Access: Step 1
75
Step 1 Internet Access
75
Table 7 Internet Access: Step 1
75
Ethernet: Auto IP Address Assignment
76
Ethernet: Static IP Address Assignment
76
Figure 17 Ethernet Encapsulation: Auto: Finish
76
Figure 18 Ethernet Encapsulation: Static
77
Table 8 Ethernet Encapsulation: Static
77
Figure 19 Ethernet Encapsulation: Static: Finish
78
Step 2 Internet Access Ethernet
78
Figure 20 Pppoe Encapsulation: Auto
79
Pppoe: Auto IP Address Assignment
79
Table 9 Pppoe Encapsulation: Auto
79
Figure 21 Pppoe Encapsulation: Auto: Finish
80
Pppoe: Static IP Address Assignment
80
Figure 22 Pppoe Encapsulation: Static
81
Table 10 Pppoe Encapsulation: Static
81
Step 2 Internet Access Pppoe
82
Figure 23 Pppoe Encapsulation: Static: Finish
83
PPTP: Auto IP Address Assignment
83
Figure 24 PPTP Encapsulation: Auto
84
Table 11 PPTP Encapsulation: Auto
84
Figure 25 PPTP Encapsulation: Auto: Finish
85
Figure 26 PPTP Encapsulation: Static
86
PPTP: Static IP Address Assignment
86
Table 12 PPTP Encapsulation: Static
86
Step 2 Internet Access PPTP
87
Figure 27 PPTP Encapsulation: Static: Finish
88
Step 4 Internet Access - Finish
89
Device Registration
89
Figure 28 Registration
90
Table 13 Registration
90
Installation Setup, Two Internet Service Providers
91
Figure 29 Registration: Registered Device
91
Figure 30 Internet Access: Step 1: First WAN Interface
92
Figure 31 Internet Access: Step 3: Second WAN Interface
92
Internet Access Wizard Setup Complete
93
VPN Setup
93
Figure 32 Internet Access: Finish
93
VPN Wizards
94
Figure 33 VPN Wizard: Wizard Type
94
Table 14 VPN Wizard: Step 1: Wizard Type
94
VPN Express Wizard
95
VPN Express Wizard - Remote Gateway
95
Figure 34 VPN Express Wizard: Step 2
95
Table 15 VPN Express Wizard: Step 2
95
Figure 35 VPN Express Wizard: Step 3
96
Table 16 VPN Express Wizard: Step 3
96
Figure 36 VPN Express Wizard: Step 4
97
Table 17 VPN Express Wizard: Step 4
97
VPN Express Wizard - Policy Setting
97
Figure 37 VPN Express Wizard: Step 6
98
VPN Express Wizard - Summary
98
VPN Advanced Wizard
99
VPN Express Wizard - Finish
99
Figure 38 VPN Advanced Wizard: Step 2
100
Table 18 VPN Advanced Wizard: Step 2
100
VPN Advanced Wizard - Remote Gateway
101
Figure 39 VPN Advanced Wizard: Step 3
102
Table 19 VPN Advanced Wizard: Step 3
102
VPN Advanced Wizard - Phase 1
103
Figure 40 VPN Advanced Wizard: Step 4
104
Table 20 VPN Advanced Wizard: Step 4
104
VPN Advanced Wizard - Phase 2
105
Figure 41 VPN Advanced Wizard: Step 5
106
Table 21 VPN Advanced Wizard: Step 5
106
VPN Advanced Wizard - Summary
106
VPN Advanced Wizard - Finish
107
Figure 42 VPN Wizard: Step 6: Advanced
107
Configuration Basics
109
Chapter 5
109
Granular Configuration
109
Terminology in the Zywall
110
Table 22 Zywall Terminology that Is Different than Zynos
110
Table 23 Zywall Terminology that Might be Different than Other Products
110
Table 24 NAT: Differences between the Zywall and Zynos
110
Table 25 Bandwidth Management: Differences between the Zywall and Zynos
110
Table 26 Physical Ports, Interfaces, and Zones
110
Network Topology Example
111
Feature Configuration Overview
112
Figure 43 Interfaces and Zones: Example
112
Objects
119
Table 27
120
System Management and Maintenance
121
Tutorials
123
Chapter 6 Tutorials .................................................................................................................................
123
Interfaces and Zones
123
Set up Port Grouping
123
Table 29 Interfaces and Zones Example
123
Figure 44 Network > Interface > Port Grouping, Initial
124
Figure 45 Network > Interface > Port Grouping, Drag-And-Drop
124
Figure 46 Status: Interface Status Summary after Port Grouping
125
Figure 47 Network > Interface > Ethernet, Initial
125
Set up Ethernet Interfaces
125
Table 30 Ethernet Interfaces Example
125
Figure 48 Network > Interface > Ethernet > Ge4
126
Figure 49 Network > Interface > Ethernet > Ge5 > IP Address Assignment
126
Figure 50 Network > Interface > Ethernet > Ge5 > DHCP Setting
126
Figure 51 Status > Interface Status Summary, after Ethernet Interface Edits
127
Figure 52 Network > Interface > Trunk, Initial
127
Figure 53 Network > Interface > Trunk > Edit, Initial
127
WAN Trunk
127
Table 31 Trunk Example
127
Figure 54 Network > Interface > Trunk > Edit > Member
128
Figure 55 Network > Zone, Initial
128
Zones
128
Table 32 Zones Example
128
Figure 56 Network > Zone > DMZ, Remove Ge4
129
Figure 57 Network > Zone > WAN, Add Ge4
129
Figure 58 Status: Interface Status Summary after Zone Edits
129
Ipsec VPN
130
Set up the Ethernet Interfaces and Zones
130
Set up the VPN Gateway
130
Figure 59 VPN Example
130
Figure 60 VPN > Ipsec VPN > VPN Gateway > Add
131
Figure 61 Object > Address > Address > Add
131
Set up the VPN Connection
131
Figure 62 VPN > Ipsec VPN > VPN Connection > Add
132
Figure 63 Network > Routing > Policy Route
132
Set up the Policy Route for the VPN Tunnel
132
Figure 64 Network > Routing > Policy Route > Add
133
Figure 65 Network > Zone > Add
133
Set up the Zone for the VPN Tunnel
133
Device HA
134
Set up DNS for the Virtual Router
134
Set up the VRRP Groups on the Master
134
Figure 66 Device HA Example
134
Figure 67 Device HA > VRRP Group > Add: Ge1
135
Figure 68 Status: Interface Status Summary: Device HA Master Configured
135
Figure 69 Network > Device HA > VRRP Group > Add: Ge4
136
Figure 70 Device HA > Synchronize
136
Set up the Password for Synchronization
136
Figure 71 Device HA > VRRP Group > Add
137
Finish Configuring the Master
137
Set up the Ethernet Interfaces on the Backup
137
Set up the VRRP Groups on the Backup
137
Figure 72 Status: Interface Status Summary
137
Figure 73 Device HA > Synchronize
138
Table 33 User-Aware Access Control Example
138
User-Aware Access Control
138
Figure 74 User/Group > User > Add
139
Figure 75 User/Group > Group > Add
139
Set up User Accounts
139
Set up User Groups
139
Figure 76 Object > AAA Server > RADIUS > Default
140
Figure 77 Object > Auth. Method > Add
140
Figure 78 System > WWW > Authentication
140
Set up User Authentication Using the Radius Server
140
Figure 79 Object > User/Group > Setting > Add (Force User Authentication Policy)
141
Figure 80 Apppatrol > Http
141
Set up Web Surfing Policies with Bandwidth Restrictions
141
Figure 81 Apppatrol > Http > Edit Default
142
Figure 82 Apppatrol > Http > Edit Default
142
Set up MSN Policies
142
Figure 83 Object > Schedule > Recurring > Add
143
Figure 84 Firewall > LAN > DMZ > Edit
143
Set up LAN-To-DMZ Policies
143
Figure 85 Firewall > LAN > DMZ > Add
144
Trunks
144
Set up Available Bandwidth on Ethernet Interfaces
144
Figure 86 Trunk Example
144
Figure 87 Network > Interface > Ethernet > Edit > Ge2
145
Figure 88 Network > Interface > Trunk > WAN_TRUNK > Edit
145
Change WAN Trunk Algorithm
145
NAT 1:1 Example
145
NAT 1:1 Address Objects
146
Figure 89 NAT 1:1 Example Network Topology
146
Figure 90 Create Address Objects
146
Figure 91 Address Objects
146
NAT 1:1 Virtual Server
147
NAT 1:1 Policy Route
147
Figure 92 NAT 1:1 Example Virtual Server
147
Figure 93 Create a Virtual Server
147
NAT 1:1 Firewall Rule
148
Figure 94 NAT 1:1 Example Policy Route
148
Figure 95 Create a Policy Route
148
Figure 96 Create a Firewall Rule
149
Figure 97 LAN Computer Queries the DNS Server
149
Figure 98 NAT Loopback Virtual Server
150
Figure 99 Create a Virtual Server
150
Figure 100 Triangle Route
151
Figure 101 NAT Loopback Policy Route
151
Figure 102 Create a Policy Route
152
Figure 103 NAT Loopback Successful
152
Figure 104 Status
153
Status
153
Table 34 Status
154
Chapter 7
156
VPN Status
156
Figure 105 Status > VPN Status
157
Table 35 Status > VPN Status
157
DHCP Table
157
Figure 106 Status > DHCP Table
158
Table 36 Status > DHCP Table
158
Port Statistics
158
Figure 107 Status > Port Statistics
159
Table 37 Status > Port Statistics
159
Current Users
159
Figure 108 Status > Current Users
160
Table 38 Status > Current Users
160
Registration
161
Chapter 8 Registration ...........................................................................................................................
161
Myzyxel.com Overview
161
Subscription Services Available on the Zywall
161
Figure 109 Licensing > Registration
162
Table 39 Licensing > Registration
163
Figure 110 Licensing > Registration: Registered Device
164
Figure 111 Licensing > Registration > Service
164
Table 40 Licensing > Registration > Service
164
Update
167
Figure 112 Licensing > Update >Anti-Virus
167
Updating Anti-Virus Signatures
167
Chapter 9 Update .................................................................................................................................... 167
168
Updating IDP and Application Patrol Signatures
168
Figure 113 Licensing > Update > Idp/Apppatrol
169
Table 41 Licensing > Update > Idp/Apppatrol
169
Updating System Protect Signatures
170
Figure 114 Downloading IDP Signatures
170
Figure 115 Successful IDP Signature Download
170
Figure 116 Licensing > Update > System Protect
171
Table 42 Licensing > Update > System Protect
171
Figure 117 Downloading System Protect Signatures
172
Figure 118 Successful System Protect Signature Download
172
Network
173
Interface
175
Chapter 10 Interface ................................................................................................................................. 175
176
IP Address Assignment
176
Table 43 Ethernet, VLAN, Bridge, Pppoe/Pptp, and Virtual Interfaces Characteristics
176
Figure 119 Example: Entry in the Routing Table Derived from Interfaces
177
Table 44 Example: Routing Table Entries for Interfaces
177
Table 45 Example: Routing Table Entry for a Gateway
177
DHCP Settings
178
Table 46 Example: Assigning IP Addresses from a Pool
178
Ping Check Settings
179
Relationships between Interfaces
180
Ethernet Interfaces
180
Ethernet Interfaces Overview
180
Table 47 Relationships between Different Types of Interfaces
180
Interface Summary Screen
181
Figure 120 Network > Interface > Interface Summary
182
Table 48 Network > Interface > Interface Summary
182
Figure 121 Network > Interface > Ethernet
184
Ethernet Summary Screen
184
Table 49 Network > Interface > Ethernet
185
Ethernet Edit
185
Figure 122 Network > Interface > Ethernet > Edit
186
Table 50 Network > Interface > Ethernet > Edit
187
Figure 123 Network > Interface > Ethernet > Edit > Edit Static DHCP Table
190
Port Grouping
190
Port Grouping Overview
190
Figure 124 Port Grouping Example: Network
191
Figure 125 Port Grouping Example: Screen
191
Figure 126 Network > Interface > Port Grouping
192
Table 51 Network > Interface > Port Grouping
192
VLAN Interfaces
192
VLAN Overview
192
Figure 127 Example: before VLAN
193
Figure 128 Example: after VLAN
193
Figure 129 Network > Interface > VLAN
194
Table 52 Network > Interface > VLAN
194
VLAN Interfaces Overview
194
VLAN Summary Screen
194
VLAN Add/Edit
195
Figure 130 Network > Interface > VLAN > Edit
196
Table 53 Network > Interface > VLAN > Edit
197
Figure 131 Network > Interface > Edit > Edit Static DHCP Table
199
Bridge Interfaces
199
Bridge Overview
200
Table 54 Example: Bridge Table after Computer a Sends a Packet to Computer B
200
Table 55 Example: Bridge Table after Computer B Responds to Computer a
200
Figure 132 Network > Interface > Bridge
201
Bridge Interface Overview
201
Table 56 Example: Routing Table before and after Bridge Interface Br0 Is Created
201
Bridge Summary
201
Table 57 Network > Interface > Bridge
201
Bridge Add/Edit
202
Figure 133 Network > Interface > Bridge > Edit
203
Table 58 Network > Interface > Bridge > Edit
204
Figure 134 Network > Interface > Edit > Edit Static DHCP Table
206
Pppoe/Pptp Interfaces
206
Pppoe/Pptp Overview
206
Pppoe/Pptp Interfaces Overview
207
Figure 135 Example: Pppoe/Pptp Interfaces
207
Figure 136 Network > Interface > Pppoe/Pptp
208
Table 59 Network > Interface > Pppoe/Pptp
208
Figure 137 Network > Interface > Pppoe/Pptp > Edit
209
Table 60 Network > Interface > Pppoe/Pptp > Edit
210
Auxiliary Interface
211
Auxiliary Interface Overview
211
Figure 138 Network > Interface > Auxiliary
212
Table 61 Network > Interface > Auxiliary
212
Virtual Interfaces
213
Virtual Interfaces Add/Edit
213
Figure 139 Network > Interface > Add
214
Table 62 Network > Interface > Add
214
Chapter 11 Trunks ....................................................................................................................................
215
Trunks Overview
215
Trunks
215
Trunk Scenario Examples
215
Load Balancing Introduction
215
Load Balancing Algorithms
216
Least Load First
216
Figure 140 Least Load First Example 1
216
Table 63 Least Load First: Example 1
216
Weighted Round Robin
217
Spillover
217
Figure 141 Weighted Round Robin Algorithm Example
217
Trunk Summary
218
Figure 142 Spillover Algorithm Example
218
Figure 143 Network > Interface > Trunk
218
Configuring a Trunk
218
Table 64 Network > Interface > Trunk
218
Figure 144 Network > Interface > Trunk > Edit
219
Table 65 Network > Interface > Trunk > Edit
219
Policy and Static Routes
221
Policy Route
221
Chapter 12 Policy and Static Routes ......................................................................................................
221
Benefits
221
Routing Policy
221
NAT and SNAT
222
Port Triggering
222
Maximize Bandwidth Usage
223
Reserving Bandwidth for Non-Bandwidth Class Traffic
223
IP Routing Policy Setup
223
Figure 145 Trigger Port Forwarding Example
223
Figure 146 Network > Routing > Policy Route
224
Table 66 Network > Routing > Policy Route
224
Policy Route Edit
225
Figure 147 Network > Routing > Policy Route > Edit
226
Table 67 Network > Routing > Policy Route > Edit
226
IP Static Routes
228
Figure 148 Example of Static Routing Topology
228
Figure 149 Network > Routing > Static Route
229
Static Route Summary
229
Figure 150 Network > Routing > Static Route > Edit
229
Table 68 Network > Routing > Static Route
229
Table 69 Network > Routing > Static Route > Edit
230
Routing Protocols
231
Routing Protocols Overview
231
Chapter 13 Routing Protocols.................................................................................................................
231
RIP Overview
231
Table 70 OSPF Vs. RIP
231
Authentication Types
232
RIP Screen
232
Figure 151 Network > Routing > RIP
233
Table 71 Network > Routing Protocol > RIP
233
OSPF Overview
233
OSPF Areas
234
Figure 152 OSPF: Types of Areas
234
OSPF Routers
235
Table 72 OSPF: Redistribution from Other Sources to each Type of Area
235
Virtual Links
236
OSPF Configuration
236
Figure 153 OSPF: Types of Routers
236
Figure 154 OSPF: Virtual Link
236
Figure 155 Network > Routing > OSPF
237
Table 73 Network > Routing Protocol > OSPF
237
OSPF Screens
237
OSPF Summary
237
OSPF Area Add/Edit
238
Figure 156 Network > Routing > OSPF > Edit
239
Table 74 Network > Routing > OSPF > Edit
239
Chapter 14 Zones Overview
241
Zones
241
Effect of Zones on Different Types of Traffic
241
Figure 157 Example: Zones
241
Figure 158 Network > Zone
242
Table 75 Network > Zone
242
Zone Summary
242
Figure 159 Network > Zone > Edit
243
Table 76 Network > Zone > Edit
243
Ddns
245
Chapter 15 DDNS......................................................................................................................................
245
DYNDNS Wildcard
245
High Availability (HA)
246
Mail Exchanger
246
DDNS Screens
246
Figure 160 Network > DDNS
247
Table 77 Network > DDNS
247
DDNS Summary
247
Figure 161 Network > DDNS > Edit
248
Table 78 Network > DDNS > Edit
248
Dynamic DNS Add/Edit
248
Virtual Servers
251
Chapter 16 Virtual Servers.......................................................................................................................
251
Virtual Server Overview
251
Virtual Server Example
252
Virtual Server Screens
252
Figure 162 Multiple Servers Behind NAT Example
252
Figure 163 Network > Virtual Server
253
Table 79 Network > Virtual Server
253
Figure 164 Network > Virtual Server > Edit
254
Table 80 Network > Virtual Server > Edit
254
HTTP Redirect
257
HTTP Redirect Overview
257
Chapter 17 Web Proxy Server
257
HTTP Redirect, Firewall and Policy Route
257
Configuring HTTP Redirect
258
Figure 165 HTTP Redirect Example
258
Figure 166 Network > HTTP Redirect
259
Figure 167 Network > HTTP Redirect > Edit
259
Table 81 Network > HTTP Redirect
259
Table 82 Network > HTTP Redirect > Edit
259
Alg
261
Chapter 18 ALG ........................................................................................................................................
261
ALG Introduction
261
Application Layer Gateway (ALG) and NAT
261
ALG and Trunks
261
Figure 168 H.323 ALG Example
263
Figure 169 SIP ALG Example
263
Peer-To-Peer Calls and the Zywall
264
Voip with Multiple WAN IP Addresses
264
ALG Screen
265
Figure 171 Voip with Multiple WAN IP Addresses
265
Figure 172 Network > ALG
265
Table 83 Network > ALG
266
WAN to LAN SIP Peer-To-Peer Calls Example
267
Figure 173 WAN to LAN H.323 Peer-To-Peer Calls Example
267
Figure 174 Network > Virtual Server > Add
267
Figure 175 Firewall > WAN to LAN
268
Figure 176 Firewall > WAN > LAN > Add
268
Figure 177 Object > Address > Add
268
Figure 178 Firewall > WAN > LAN > Add
269
Firewall and VPN
271
Firewall
273
Figure 179 Default Firewall Action
273
Chapter 19 Firewall Rules
274
Rule Directions
274
Table 84 Default Firewall Rules
275
Firewall and VPN Traffic
276
Firewall Rule Example Applications
276
Figure 180 Blocking All LAN to WAN IRC Traffic Example
276
Figure 181 Limited LAN to WAN IRC Traffic Example
277
Table 85 Blocking All LAN to WAN IRC Traffic Example
277
Alerts
278
Asymmetrical Routes
278
Table 86 Limited LAN to WAN IRC Traffic Example 1
278
Table 87 Limited LAN to WAN IRC Traffic Example 2
278
Virtual Interfaces and Asymmetrical Routes
279
Configuring the Firewall
279
Figure 182 Triangle Route: Using Virtual Interfaces
279
Figure 183 Firewall
280
Table 88 Firewall
280
Edit a Firewall Rule
282
Figure 184 Firewall > Edit
282
Table 89 Firewall > Edit
282
Firewall Rule Configuration Example
283
Figure 185 Firewall Example: Select the Traveling Direction of Traffic
284
Figure 186 Firewall Example: Edit a Firewall Rule 1
284
Figure 187 Firewall Example: Create an Address Object
285
Figure 188 Firewall Example: Create a Service Object
285
Figure 189 Firewall Example: Edit a Firewall Rule
285
Figure 190 Firewall Example: Myservice Example Rule in Summary
286
Figure 191 VPN: Example
287
Ipsec VPN
287
Ipsec VPN Overview
287
Chapter 20 Ipsec VPN.............................................................................................................................. 287
288
Ipsec SA Overview
288
Figure 192 VPN: IKE SA and Ipsec SA
288
Figure 193 VPN: Transport and Tunnel Mode Encapsulation
289
Additional Topics for Ipsec SA
290
Figure 194 VPN Example: NAT for Inbound and Outbound Traffic
291
VPN Related Configuration
292
Figure 195 VPN > Ipsec VPN > VPN Connection
293
VPN Connection Screens
293
VPN Connection Summary
293
Table 90 VPN > Ipsec VPN > VPN Connection
294
VPN Connection Add/Edit IKE
294
Figure 196 VPN > Ipsec VPN > VPN Connection > Edit (IKE)
295
Table 91 VPN > Ipsec VPN > VPN Connection > Edit
295
VPN Connection Add/Edit Manual Key
298
Figure 197 VPN > Ipsec VPN > VPN Connection > Manual Key > Edit
299
Table 92 VPN > Ipsec VPN > VPN Connection > Manual Key > Edit
299
VPN Gateway Screens
302
IKE SA Overview
302
Figure 198 IKE SA: Main Negotiation Mode, Steps 1 - 2: IKE SA Proposal
303
Figure 199 IKE SA: Main Negotiation Mode, Steps 3 - 4: DH Key Exchange
304
Figure 200 IKE SA: Main Negotiation Mode, Steps 5 - 6: Authentication
305
Additional Topics for IKE SA
306
Table 93 VPN Example: Matching ID Type and Content
306
Table 94 VPN Example: Mismatching ID Type and Content
306
Figure 201 VPN/NAT Example
307
Figure 202 VPN > Ipsec VPN > VPN Gateway
308
Table 95 VPN > Ipsec VPN > VPN Gateway
308
VPN Gateway Summary
308
VPN Gateway Add/Edit
309
Figure 203 VPN > Ipsec VPN > VPN Gateway > Edit
310
Table 96 VPN > Ipsec VPN > VPN Gateway > Edit
310
VPN Concentrator
314
Figure 204 VPN Topologies
314
Figure 205 VPN > Ipsec VPN > Concentrator
315
Figure 206 VPN > Ipsec VPN > Concentrator > Edit
315
Table 97 VPN > Ipsec VPN > Concentrator
315
VPN Concentrator Summary
315
Figure 207 Network > Ipsec VPN > Concentrator > Edit > Member
316
Table 98 VPN > Ipsec VPN > Concentrator > Edit
316
SA Monitor Screen
316
Figure 208 VPN > Ipsec VPN > SA Monitor
317
Table 99 VPN > Ipsec VPN > SA Monitor
317
Regular Expressions in Searching Ipsec Sas by Name or Policy
318
Ssl Vpn
319
Chapter 21 SSL VPN.................................................................................................................................
319
SSL Access Policy
319
SSL Access Policy Objects
319
Table 100 Objects
319
SSL Access Policy Limitations
320
Figure 209 VPN > SSL VPN > Access Privilege
320
Table 101 VPN > SSL VPN > Access Privilege
320
Figure 210 VPN > SSL VPN > Access Privilege > Add/Edit
321
Table 102 VPN > SSL VPN > Access Privilege > Add/Edit
321
Creating/Editing an SSL Access Policy
321
SSL Connection Monitor
322
Figure 211 VPN > SSL VPN > Connection Monitor
323
Table 103 VPN > SSL VPN > Connection Monitor
323
Configuring SSL Global Setting
323
Figure 212 VPN > SSL VPN > Global Setting
324
Table 104 VPN > SSL VPN > Global Setting
324
Uploading a Custom Logo
325
Establishing an SSL VPN Connection
325
Figure 213 Example Logo Graphic Display
325
Figure 214 SSL VPN Client Portal Screen Example
326
SSL User Screens
327
Chapter 22 SSL User Screens .................................................................................................................
327
Network Resource Access Methods
327
System Requirements
327
Figure 215 Network Example
327
Figure 216 Enter the Address in a Web Browser
328
Information You Need
328
Remote User Login
328
Figure 217 Login Security Screen
329
Figure 218 Login Screen
329
Figure 219 Secuextender Progress
329
Figure 220 Remote User Screen
330
SSL VPN User Screens
330
Table 105 Remote User Screen Overview
330
Figure 221 Add Favorite
331
Bookmark
331
Logout
331
Figure 222 Logout: Prompt
331
Figure 223 Logout: Connection Termination Progress
331
SSL User Application Screens
333
Chapter 24 SSL User File Sharing Screens ........................................................................................... 335
327
Overview
327
Chapter 23 SSL User Application Screens ............................................................................................
333
Overview
333
The Application Screen
333
Figure 224 Application
333
SSL User File Sharing Screens
335
Overview
335
Main File Sharing Screen
335
Opening a File or Folder
336
Figure 225 File Sharing
336
Figure 226 File Sharing: Enter Access User Name and Password
336
Downloading a File
337
Figure 227 File Sharing: Open a Word File
337
Saving a File
337
Creating a New Folder
338
Renaming a File or Folder
338
Figure 228 File Sharing: Save a Word File
338
Figure 229 File Sharing: Save a Word File
338
Deleting a File or Folder
339
Figure 230 File Sharing: Rename
339
Figure 231 File Sharing: Rename
339
Figure 232 File Sharing: Delete Prompt
339
Uploading a File
340
Figure 233 File Sharing: File Upload
340
Figure 234 L2TP VPN Overview
341
L2Tp Vpn
341
Chapter 25 L2TP VPN............................................................................................................................... 341
342
Using the Default L2TP VPN Connection
342
Policy Route
342
Figure 235 Policy Route for L2TP VPN
342
Figure 236 VPN > L2TP VPN
343
Table 106 VPN > Ipsec VPN > VPN Connection
343
L2TP VPN Configuration
343
Figure 237 VPN > L2TP VPN > Session Monitor
344
Table 107 VPN > L2TP VPN > Session Monitor
344
L2TP VPN Example
347
Chapter 26 L2TP VPN Example ...............................................................................................................
347
Configuring the Default L2TP VPN Gateway Example
347
Figure 238 L2TP VPN Example
347
Figure 239 VPN > Ipsec VPN > VPN Gateway > Edit
348
Figure 240 VPN > Ipsec VPN > VPN Gateway (Enable)
348
Figure 241 VPN > Ipsec VPN > VPN Connection > Edit
349
Configuring the Default L2TP VPN Connection Example
349
Figure 242 VPN > Ipsec VPN > VPN Connection (Enable)
350
Figure 243 VPN > L2TP VPN Example
350
Configuring the L2TP VPN Settings Example
350
Configuring the Policy Route for L2TP Example
350
Figure 244 Routing > Add: L2TP VPN Example
351
Configuring L2TP VPN in Windows XP and 2000
351
Configuring L2TP in Windows XP
352
Figure 245 New Connection Wizard: Network Connection Type
352
Figure 246 New Connection Wizard: Network Connection
352
Figure 247 New Connection Wizard: Connection Name
353
Figure 248 New Connection Wizard: Public Network
353
Figure 249 New Connection Wizard: VPN Server Selection
354
Figure 250 Connect L2TP to Zywall
354
Figure 251 Connect L2TP to Zywall: Security
355
Figure 252 Connect Zywall L2TP: Security > Advanced
355
Figure 253 L2TP to Zywall Properties > Security
356
Figure 254 L2TP to Zywall Properties > Security > Ipsec Settings
356
Figure 255 L2TP to Zywall Properties: Networking
356
Configuring L2TP in Windows 2000
357
Figure 256 Connect L2TP to Zywall
357
Figure 257 Zywall-L2TP System Tray Icon
357
Figure 258 Zywall-L2TP Status: Details
357
Figure 259 Starting the Registry Editor
358
Figure 260 Registry Key
358
Figure 261 New DWORD Value
358
Figure 262 Prohibitipsec DWORD Value
359
Figure 263 Run MMC
359
Figure 264 Console > Add/Remove Snap-In
359
Figure 265 Add > IP Security Policy Management > Finish
360
Figure 266 Create IP Security Policy
360
Figure 267 IP Security Policy: Name
361
Figure 268 IP Security Policy: Request for Secure Communication
361
Figure 269 IP Security Policy: Completing the IP Security Policy Wizard
361
Figure 270 IP Security Policy Properties > Add
362
Figure 271 IP Security Policy Properties: Tunnel Endpoint
362
Figure 272 IP Security Policy Properties: Network Type
363
Figure 273 IP Security Policy Properties: Authentication Method
363
Figure 274 IP Security Policy Properties: IP Filter List
364
Figure 275 IP Security Policy Properties: IP Filter List > Add
364
Figure 276 Filter Properties: Addressing
365
Figure 277 Filter Properties: Protocol
365
Figure 278 IP Security Policy Properties: IP Filter List
366
Figure 279 IP Security Policy Properties: IP Filter List
366
Figure 280 Console: L2TP to Zywall Assign
366
Figure 281 Start New Connection Wizard
367
Figure 282 New Connection Wizard: Network Connection Type
367
Figure 283 New Connection Wizard: Destination Address
368
Figure 284 New Connection Wizard: Connection Availability
368
Figure 285 New Connection Wizard: Naming the Connection
368
Figure 286 Connect L2TP to Zywall
369
Figure 287 Connect L2TP to Zywall: Security
369
Figure 288 Connect L2TP to Zywall: Security > Advanced
370
Figure 289 Connect L2TP to Zywall: Networking
370
Figure 290 Connect L2TP to Zywall
371
Figure 291 Zywall-L2TP System Tray Icon
371
Figure 292 L2TP to Zywall Status: Details
371
Application Patrol & Anti-X
373
Application Patrol
375
Application Patrol Overview
375
Chapter 27 Application Patrol .................................................................................................................
375
Classification of Applications
375
Configurable Application Policies
376
Bandwidth Management
376
Outbound and Inbound Bandwidth Limits
377
Figure 293 LAN to WAN Connection and Packet Directions
377
Bandwidth Management Priority
378
Maximize Bandwidth Usage
378
Bandwidth Management Behavior
378
Figure 294 LAN to WAN, Outbound 200 Kbps, Inbound 500 Kbps
378
Figure 295 Bandwidth Management Behavior
379
Table 108 Configured Rate Effect
379
Table 109 Priority Effect
379
Table 110 Maximize Bandwidth Usage Effect
379
Application Patrol Bandwidth Management Examples
380
Table 111 Priority and over Allotment of Bandwidth Effect
380
Setting the Interface's Bandwidth
381
SIP any to WAN Bandwidth Management Example
381
Figure 296 Application Patrol Bandwidth Management Example
381
SIP WAN to any Bandwidth Management Example
382
FTP WAN to DMZ Bandwidth Management Example
382
Figure 297 SIP any to WAN Bandwidth Management Example
382
Figure 298 HTTP any to WAN Bandwidth Management Example
382
Figure 299 FTP WAN to DMZ Bandwidth Management Example
383
Figure 300 FTP LAN to DMZ Bandwidth Management Example
383
Other Applications
384
Application Patrol Screens
384
Application Patrol General
384
Figure 301 Apppatrol > General
385
Table 112 Apppatrol > General
385
Figure 302 Apppatrol > Common
386
Table 113 Apppatrol > Common
386
Application Patrol Applications
386
Application Patrol Edit
386
Figure 303 Application Edit
387
Table 114 Application Edit
387
Application Patrol Policy Edit
389
Figure 304 Application Policy Edit
389
Table 115 Application Policy Edit
389
Figure 305 Apppatrol > Other
391
Table 116 Apppatrol > Other
391
Other Protocol Screen
391
Other Configuration Add/Edit
392
Figure 306 Apppatrol > Other > Edit
393
Table 117 Apppatrol > Other > Edit
393
Application Patrol Statistics
394
Application Patrol Statistics: General Setup
394
Figure 307 Apppatrol > Statistics: General Setup
395
Figure 308 Apppatrol > Statistics: Bandwidth Statistics
395
Table 118 Apppatrol > Statistics: General Setup
395
Application Patrol Statistics: Bandwidth Statistics
395
Figure 309 Apppatrol > Statistics: Protocol Statistics
396
Table 119 Apppatrol > Statistics: Protocol Statistics
396
Application Patrol Statistics: Protocol Statistics
396
Anti-Virus
399
Anti-Virus Overview
399
Chapter 28 Anti-Virus ...............................................................................................................................
399
Types of Computer Viruses
399
Computer Virus Infection and Prevention
399
Table 120 Common Computer Virus Types
399
Types of Anti-Virus Scanner
400
Introduction to the Zywall Anti-Virus Scanner
400
How the Zywall Anti-Virus Scanner Works
400
Figure 310 Zywall Anti-Virus Example
401
Notes about the Zywall Anti-Virus
401
Figure 311 Anti-X > Anti-Virus > Summary
402
Table 121 Anti-X > Anti-Virus > Summary
403
Figure 312 Anti-X > Anti-Virus > Summary > Edit
404
Table 122 Anti-X > Anti-Virus > Summary > Edit
404
Figure 313 Anti-X > Anti-Virus > Setting
406
Table 123 Anti-X > Anti-Virus > Setting
407
Figure 314 Anti-X > Anti-Virus > Setting > White List Add
408
Table 124 Anti-X > Anti-Virus > Setting > White List Add
408
Figure 315 Anti-X > Anti-Virus > Setting > Black List Add
409
Table 125 Anti-X > Anti-Virus > Setting > Black List Add
409
Signature Searching
409
Figure 316 Anti-X > Anti-Virus > Signature: Search by Severity
410
Table 126 Anti-X > Anti-Virus > Signature
410
Idp
413
Chapter 29 Introduction to IDP
413
Host Intrusions
413
Network Intrusions
413
IDP on the Zywall
413
Signatures
414
Traffic Directions and Profiles
414
Configuring IDP General
414
Figure 317 Anti-X > IDP > General
415
Table 127 Anti-X > IDP > General
415
Configuring IDP Bindings
416
Figure 318 Anti-X > IDP > General > Add
417
Table 128 Anti-X > IDP > General > Add
417
Introducing IDP Profiles
417
Profile Summary Screen
418
Figure 319 Base Profiles
418
Table 129 Base Profiles
418
Creating New Profiles
419
Figure 320 Anti-X > IDP > Profile
419
Procedure to Create a New Profile
419
Table 130 Anti-X > IDP > Profile
419
Profiles: Packet Inspection
420
Figure 321 Anti-X > IDP > Profile > Edit : Group View
421
Table 131 Anti-X > IDP > Profile > Group View
422
Table 132 Policy Types
423
Table 133 IDP Service Groups
424
Figure 322 Anti-X > IDP > Profile > Edit > IDP Service Group
425
Figure 323 Anti-X > IDP > Profile: Query View
426
Table 134 Anti-X > IDP > Profile: Query View
426
Query Example
427
Figure 324 Query Example Search Criteria
427
Introducing IDP Custom Signatures
428
IP Packet Header
428
Figure 325 Query Example Search Results
428
Figure 326 IP V4 Packet Headers
429
Table 135 IP V4 Packet Headers
429
Figure 327 Anti-X > IDP > Custom Signatures
430
Configuring Custom Signatures
430
Creating or Editing a Custom Signature
431
Table 136 Anti-X > IDP > Custom Signatures
431
Figure 328 Anti-X > IDP > Custom Signatures > Add/Edit
432
Table 137 Anti-X > IDP > Custom Signatures > Add/Edit
433
Custom Signature Example
435
Figure 329 Custom Signature Example Pattern 1
436
Figure 330 Custom Signature Example Pattern 2
436
Figure 331 Custom Signature Example Patterns 3 and 4
436
Figure 332 Example Custom Signature
437
Applying Custom Signatures
438
Figure 333 Example: Custom Signature in IDP Profile
438
Verifying Custom Signatures
438
Figure 334 Custom Signature Log
439
Table 138 Zywall - Snort Equivalent Terms
439
Adp
441
Chapter 30 Introduction to ADP
441
Host Intrusions
441
Network Intrusions
441
Figure 335 Anti-X > ADP > General
442
ADP on the Zywall
442
Traffic Directions and Profiles
442
Configuring ADP General
442
Table 139 Anti-X > ADP > General
443
Configuring Anomaly Profile Bindings
443
Figure 336 Anti-X > ADP > General > Add
444
Table 140 Anti-X > ADP > General > Add
444
Introducing ADP Profiles
444
Base Profiles
444
Figure 337 Base Profiles
445
Figure 338 Anti-X > ADP > Profile
445
Profile Summary Screen
445
Table 141 Base Profiles
445
Table 142 Anti-X > ADP > Profile
445
Procedure to Create a New Profile
446
Creating New Profiles
446
Profiles: Traffic Anomaly
446
Port Scanning
447
Flood Detection
448
Figure 339 Smurf Attack
448
Figure 340 TCP Three-Way Handshake
449
Figure 341 SYN Flood
449
Figure 342 Profiles: Traffic Anomaly
451
Table 143 ADP > Profile > Traffic Anomaly
452
Profiles: Protocol Anomaly
452
Table 144 HTTP Inspection and TCP/UDP/ICMP Decoders
453
Protocol Anomaly Configuration
455
Figure 343 Profiles: Protocol Anomaly
456
Table 145 ADP > Profile > Protocol Anomaly
457
Content Filter Screens
459
Chapter 31 Content Filter Screens..........................................................................................................
459
Content Filter Overview
459
Content Filter Policies
459
Content Filter Profiles
459
Content Filter Configuration Guidelines
460
Figure 344 Anti-X > Content Filter > General
460
Table 146 Anti-X > Content Filter > General
460
Figure 345 Anti-X > Content Filter > General > Add L
462
Content Filter Policy Screen
462
Figure 346 Anti-X > Content Filter > Filtering Profile
463
Table 147 Anti-X > Content Filter > General > Add
463
Table 148 Anti-X > Content Filter > Filtering Profile
463
External Web Filtering Service
464
Figure 347 Content Filter Lookup Procedure
464
Content Filter Categories Screen
465
Figure 348 Anti-X > Content Filter > Filtering Profile > Add
466
Table 149 Anti-X > Content Filter > Filtering Profile > Add
466
Content Filter Customization Screen
473
Figure 349 Anti-X > Content Filter > Filtering Profiles > Customization
474
Table 150 Anti-X > Content Filter > Filtering Profiles > Customization
474
Keyword Blocking URL Checking
476
Content Filter Cache Screen
476
Figure 350 Anti-X > Content Filter > Cache
477
Table 151 Anti-X > Content Filter > Cache
477
Content Filter Reports
479
Figure 351 Myzyxel.com: Login
479
Viewing Content Filter Reports
479
Figure 352 Myzyxel.com: Welcome
480
Figure 353 Myzyxel.com: Service Management
480
Figure 354 Blue Coat: Login
481
Figure 355 Blue Coat Content Filter Reports Main Screen
481
Figure 356 Blue Coat: Report Home
482
Figure 357 Global Report Screen Example
483
Chapter 32 Content Filter Reports ..........................................................................................................479
484
Web Site Submission
484
Figure 358 Requested Urls Example
484
Figure 359 Web Page Review Process Screen
485
Device HA & Objects
487
Device HA
489
Chapter 33 Virtual Router Redundancy Protocol (VRRP) Overview
489
Figure 360 Example: VRRP, Normal Operation
489
Figure 361 Example: VRRP, Master Becomes Unavailable
490
Figure 362 Example: VRRP, no Preempt
490
Additional VRRP Notes
491
VRRP Group Overview
491
Link Monitoring and Remote Management
492
Device HA Screens
492
VRRP Group Summary
492
Figure 363 Device HA > VRRP Group
493
Table 152 Device HA > VRRP Group
493
Figure 364 Device HA > VRRP Group > Edit
494
Table 153 Device HA > VRRP Group > Edit
494
Synchronization Overview
496
Synchronization and Subscription Services
496
Figure 365 Network > Device HA > Synchronize
497
Table 154 Network > Device HA > Synchronize
497
Synchronize Screen
497
User/Group
499
Chapter 34 User Account Overview
499
User Types
499
Table 155 Types of User Accounts
499
Ext-User Accounts
500
Figure 366 LDAP Example: Keywords for User Attributes
500
Table 156 LDAP/RADIUS: Keywords for User Attributes
500
Access Users and the Zywall
501
Figure 367 RADIUS Example: Keywords for User Attributes
501
Force User Authentication Policy
501
User Groups
501
User Summary
502
Figure 368 User/Group
502
Table 157 User/Group
502
Figure 369 User/Group > User > Edit
503
Table 158 User/Group > User > Edit
503
Figure 370 User/Group > Group
504
Group Summary
504
Table 159 Reserved User Names
504
Table 160 User/Group > Group
504
Figure 371 User/Group > Group > Add
505
Table 161 User/Group > Group > Add
505
Figure 372 User/Group > Setting
506
Table 162 User/Group > Setting
506
Setting Screen
506
Figure 373 User/Group > Setting > Force User Authentication Policy > Add/Edit
508
Table 163 User/Group > Setting > Force User Authentication Policy > Add/Edit
508
Figure 374 Web Configurator for Non-Admin Users
509
Table 164 Web Configurator for Non-Admin Users
510
Addresses
511
Chapter 35 Address Screens
511
Address Summary
511
Figure 375 Object > Address > Address
512
Figure 376 Object > Address > Address > Edit
512
Table 165 Object > Address > Address
512
Address Add/Edit
512
Figure 377 Object > Address > Address Group
513
Table 166 Object > Address > Address > Edit
513
Table 167 Object > Address > Address Group
513
Address Group Screens
513
Address Group Summary
513
Figure 378 Object > Address > Address Group > Add
514
Table 168 Object > Address > Address Group > Add
514
Services
515
Chapter 36 Services .................................................................................................................................
515
IP Protocols
515
Service Objects and Service Groups
515
Figure 379 Object > Service > Service
516
Table 169 Object > Service > Service
516
Service Summary Screen
516
Figure 380 Object > Service > Service > Edit
517
Service Add/Edit
517
Table 170 Object > Service > Service > Edit
517
Figure 381 Object > Service > Service Group
518
Table 171 Object > Service > Service Group
518
Service Group Summary Screen
518
Service Group Add/Edit
518
Figure 382 Object > Service > Service Group > Edit
519
Table 172 Object > Service > Service Group > Edit
519
Schedules
521
Chapter 37 Schedules ..............................................................................................................................
521
Schedule Overview
521
Schedule Screens
521
Schedule Summary
521
Figure 383 Object > Schedule
522
Table 173 Object > Schedule
522
One-Time Schedule Add/Edit
522
Figure 384 Object > Schedule > Edit (One Time)
523
Table 174 Object > Schedule > Edit (One Time)
523
Recurring Schedule Add/Edit
523
Figure 385 Object > Schedule > Edit (Recurring)
524
Table 175 Object > Schedule > Edit (Recurring)
524
AAA Server
525
AAA Server Overview
525
Chapter 38
525
Asas
525
User Authentication Method
526
Directory Service (AD/LDAP) Overview
526
Figure 386 Example: Directory Service Client and Server
526
Configuring Active Directory or LDAP Default Server Settings
527
Distinguished Name (DN)
527
Figure 387 Basic Directory Structure
527
Figure 388 Object > AAA Server > Active Directory (or LDAP) > Default
528
Table 176 Object > AAA Server > Active Directory (or LDAP) > Default
528
Active Directory or LDAP Group Summary
528
Creating an Active Directory or LDAP Group
529
Figure 389 Object > AAA Server > Active Directory (or LDAP) > Group
529
Figure 390 Object > AAA Server > Active Directory (or LDAP) > Group > Add
529
Table 177 Object > AAA Server > Active Directory (or LDAP) > Group
529
Table 178 Object > AAA Server > Active Directory (or LDAP) > Group > Add
530
RADIUS Server
530
Figure 391 RADIUS Server Network Example
531
Figure 392 Object > AAA Server > RADIUS > Default
531
Table 179 Object > AAA Server > RADIUS > Default
531
Figure 393 Object > AAA Server > RADIUS > Group
532
Figure 394 Object > AAA Server > RADIUS > Group > Add
532
Table 180 Object > AAA Server > RADIUS > Group
532
Configuring a Group of RADIUS Servers
532
Adding a RADIUS Server Member
532
Table 181 Object > AAA Server > RADIUS > Group > Add
533
Authentication Objects
535
Authentication Objects Overview
535
Figure 395 Object > Auth. Method
535
Table 182 Object > Auth. Method
535
Viewing Authentication Objects
535
Figure 396 Object > Auth. Method > Add
536
Chapter 39 Creating an Authentication Object
536
Table 183 Object > Auth. Method > Add
537
Example: Selecting a VPN Authentication Method
537
Figure 397 Example: Using Authentication Method in VPN
538
Certificates
539
Chapter 40 Certificates ............................................................................................................................ 539
540
Advantages of Certificates
540
Self-Signed Certificates
540
Factory Default Certificate
540
Certificate File Formats
540
Certificate Configuration Screens Summary
541
Verifying a Certificate
541
Checking the Fingerprint of a Certificate on Your Computer
541
Figure 398 Remote Host Certificates
541
My Certificates Screen
542
Figure 399 Certificate Details
542
Figure 400 Object > Certificate > My Certificates
542
My Certificates Add Screen
543
Table 184 Object > Certificate > My Certificates
543
Figure 401 Object > Certificate > My Certificates > Add
544
Table 185 Object > Certificate > My Certificates > Add
544
My Certificate Edit Screen
546
Figure 402 Object > Certificate > My Certificates > Edit
547
Table 186 Object > Certificate > My Certificates > Edit
547
Figure 403 Object > Certificate > My Certificates > Import
549
My Certificate Import Screen
549
Figure 404 Object > Certificate > Trusted Certificates
550
Table 187 Object > Certificate > My Certificates > Import
550
Table 188 Object > Certificate > Trusted Certificates
550
Trusted Certificates Screen
550
Ocsp
550
Trusted Certificates Edit Screen
551
Figure 405 Object > Certificate > Trusted Certificates > Edit
552
Table 189 Object > Certificate > Trusted Certificates > Edit
552
Trusted Certificates Import Screen
554
Figure 406 Object > Certificate > Trusted Certificates > Import
555
Table 190 Object > Certificate > Trusted Certificates > Import
555
Figure 407 Object > ISP Account
557
ISP Account Summary
557
ISP Accounts Overview
557
Table 191 Object > ISP Account
557
ISP Accounts
557
Figure 408 Object > ISP Account > Edit
558
Table 192 Object > ISP Account > Edit
558
Figure 409 Object > SSL Application
561
SSL Application
561
SSL Application Overview
561
Chapter 41 ISP Accounts ......................................................................................................................... 557
561
Chapter 42 SSL Application ....................................................................................................................
561
Application Types
561
Remote User Screen Links
561
SSL Application Configuration
561
Figure 410 Object > SSL Application > Add/Edit: Web Application
562
Table 193 Object > SSL Application
562
Creating/Editing an SSL Application
562
Web-Based Application
562
Table 194 Object > SSL Application > Add/Edit: Web Application
563
Example: Specifying a Web Site for Access
563
Configuring File Sharing
564
Figure 411 Example: SSL Application: Specifying a Web Site for Access
564
Figure 412 Object > SSL Application > Add/Edit: File Sharing
564
Table 195 Object > SSL Application > Add/Edit: Web Application
564
System
567
System
569
Figure 413 System > Host Name
569
Table 196 System > Host Name
569
System Overview
569
Figure 414 System > Date and Time
570
Table 197 System > Date and Time
570
Chapter 43
572
Pre-Defined NTP Time Servers List
572
Time Server Synchronization
572
Table 198 Default Time Servers
572
Figure 415 Synchronization in Process
573
Figure 416 System > Console Port Speed
574
Table 199 System > Console Port Speed
574
DNS Overview
574
DNS Server Address Assignment
574
DNS Servers
574
Configuring DNS
574
Figure 417 System > DNS
575
Table 200 System > DNS
575
Adding an Address/Ptr Record
577
Figure 418 System > DNS > Address/Ptr Record Edit
577
PTR Record
577
Table 201 System > DNS > Address/Ptr Record Edit
577
Figure 419 System > DNS > Domain Zone Forwarder Edit
578
Table 202 System > DNS > Domain Zone Forwarder Edit
578
Adding a Domain Zone Forwarder
578
Figure 420 System > DNS > MX Record Edit
579
MX Record
579
Figure 421 System > DNS > Service Control Rule Edit
579
Adding a MX Record
579
Table 203 System > DNS > MX Record Edit
579
Table 204 System > DNS > Service Control Rule Edit
580
System Remote Management
581
Chapter 44 Remote Management Overview
581
Figure 422 Secure and Insecure Remote Management from the WAN
581
Remote Management Limitations
582
System Timeout
582
Https
582
Configuring WWW
583
Figure 423 HTTP/HTTPS Implementation
583
Figure 424 System > WWW
584
Table 205 System > WWW
584
Figure 425 System > Service Control Rule Edit
586
Service Control Rules
586
HTTPS Example
586
Internet Explorer Warning Messages
586
Table 206 Edit Service Control Rule
586
Netscape Navigator Warning Messages
587
Figure 426 Security Alert Dialog Box (Internet Explorer)
587
Figure 427 Security Certificate 1 (Netscape)
587
Avoiding Browser Warning Messages
588
Login Screen
588
Figure 428 Security Certificate 2 (Netscape)
588
Figure 429 Login Screen (Internet Explorer)
588
Enrolling and Importing SSL Client Certificates
589
Figure 430 Zywall Trusted CA Screen
589
Figure 431 CA Certificate Example
590
Figure 432 Personal Certificate Import Wizard 1
590
Figure 433 Personal Certificate Import Wizard 2
591
Figure 434 Personal Certificate Import Wizard 3
591
Figure 435 Personal Certificate Import Wizard 4
592
Figure 436 Personal Certificate Import Wizard 5
592
Figure 437 Personal Certificate Import Wizard 6
592
Using a Certificate When Accessing the Zywall Example
593
Figure 438 Access the Zywall Via HTTPS
593
Figure 439 SSL Client Authentication
593
Figure 440 Secure Web Configurator Login Screen
593
How SSH Works
594
Figure 441 SSH Communication over the WAN Example
594
Figure 442 How SSH V1 Works Example
594
Figure 443 System > SSH
595
SSH Implementation on the Zywall
595
Requirements for Using SSH
595
Configuring SSH
595
Table 207 System > SSH
596
Secure Telnet Using SSH Examples
596
Example 1: Microsoft Windows
596
Example 2: Linux
597
Figure 444 SSH Example 1: Store Host Key
597
Figure 445 SSH Example 2: Test
597
Figure 446 SSH Example 2: Log in
597
Figure 447 System > Telnet
598
Table 208 System > Telnet
598
Configuring Telnet
598
Figure 448 System > FTP
599
Table 209 System > FTP
599
Configuring FTP
599
Snmp
600
Figure 449 SNMP Management Model
600
Configuring SNMP
601
Supported Mibs
601
Table 210 SNMP Traps
601
Figure 450 System > SNMP
602
Table 211 System > SNMP
602
Dial-In Management
603
AT Command Strings
603
DTR Signal
603
Response Strings
603
Dial-In Mgmt Configuration
603
Figure 451 System > Dial-In Mgmt
604
Table 212 System > Dial-In Mgmt
604
Vantage CNM
604
Figure 452 System > Vantage CNM
605
Table 213 System > Vantage CNM
605
Configuring Vantage CNM
605
Figure 453 System > Language
606
Table 214 System > Language
606
Language Screen
606
Maintenance & Troubleshooting
607
File Manager
609
Chapter 45 File Manager ..........................................................................................................................
609
Configuration Files and Shell Scripts Overview
609
Figure 454 Configuration File / Shell Script: Example
609
Comments in Configuration Files or Shell Scripts
610
Table 215 Configuration Files and Shell Scripts in the Zywall
610
Configuration File Flow at Restart
611
Errors in Configuration Files or Shell Scripts
611
Zywall Configuration File Details
611
Figure 455 Maintenance > File Manager > Configuration File
612
Configuration File Screen
612
Figure 456 Maintenance > File Manager > Configuration File > Copy
613
Figure 457 Maintenance > File Manager > Configuration File > Rename
613
Table 216 Maintenance > File Manager > Configuration File
613
Firmware Package Screen
614
Figure 458 Maintenance > File Manager > Firmware Package
615
Table 217 Maintenance > File Manager > Firmware Package
615
Shell Script Screen
616
Figure 459 Firmware Upload in Process
616
Figure 460 Network Temporarily Disconnected
616
Figure 461 Firmware Upload Error
616
Figure 462 Maintenance > File Manager > Shell Script
617
Figure 463 Maintenance > File Manager > Shell Script > Copy
617
Table 218 Maintenance > File Manager > Shell Script
617
Figure 464 Maintenance > File Manager > Shell Script > Rename
618
Logs
619
Table 219 Specifications: Logs
619
Figure 465 Maintenance > Log > View Log
620
Table 220 Maintenance > Log > View Log
620
Chapter 46
621
Log Settings Screens
621
Figure 466 Maintenance > Log > Log Setting
622
Table 221 Maintenance > Log > Log Setting
622
Log Settings Summary
622
Log Settings Edit E-Mail
623
Figure 467 Maintenance > Log > Log Setting > E-Mail > Edit
624
Table 222 Maintenance > Log > Log Setting > E-Mail > Edit
625
Log Settings Edit Syslog
626
Figure 468 Maintenance > Log > Log Setting > Remote Server > Edit
627
Table 223 Maintenance > Log > Log Setting > Remote Server > Edit
628
Active Log Summary
628
Figure 469 Active Log Summary
629
Table 224 Maintenance > Log > Log Setting > Active Log Summary
629
Reports
631
Chapter 47
631
Traffic Screen
631
Figure 470 Maintenance > Report > Traffic
632
Table 225 Maintenance > Report > Traffic
632
Session Screen
634
Table 226 Maximum Values for Reports
634
Figure 471 Maintenance > Report > Session
635
Table 227 Maintenance > Report > Session
635
Figure 472 Maintenance > Report > Anti-Virus: Virus Name
636
Table 228 Maintenance > Report > Anti-Virus
636
Figure 473 Maintenance > Report > Anti-Virus: Source
637
Figure 474 Maintenance > Report > Anti-Virus: Destination
637
IDP Report Screen
637
Figure 475 Maintenance > Report > IDP: Signature Name
638
Table 229 Maintenance > Report > IDP
638
Figure 476 Maintenance > Report > IDP: Source
639
Figure 477 Maintenance > Report > IDP: Destination
639
Diagnostics
641
Figure 478 Maintenance > Diagnostics
641
Table 230 Maintenance > Diagnostics
641
Figure 479 Maintenance > Reboot
643
Reboot
643
Troubleshooting
645
Chapter 50 Troubleshooting
646
Getting more Troubleshooting Help
646
Resetting the Zywall
646
Appendices and Index
647
Table 231 Default Login Information
649
Table 232 Hardware Specifications
649
Table 233 Feature Specifications
650
Table 234 Standards Referenced by Features
652
Table 235 Content Filter Logs
655
Table 236 Forward Web Site Logs
655
Table 237 Blocked Web Site Logs
655
Table 238 User Logs
657
Table 239 Myzyxel.com Logs
658
Table 240 IDP Logs
662
Table 241 Application Patrol Logs
665
Table 242 IKE Logs
667
Table 243 Ipsec Logs
671
Table 244 Firewall Logs
672
Table 245 Sessions Limit Logs
672
Table 246 Policy Route Logs
672
Table 247 Built-In Services Logs
674
Table 248 System Logs
677
Table 249 Connectivity Check Logs
681
Table 250 Device HA Logs
682
Table 251 Routing Protocol Logs
685
Table 252 NAT Logs
687
Table 253 PKI Logs
688
Table 254 Interface Logs
691
Table 255 Account Logs
693
Table 256 Port Grouping Logs
693
Table 257 Force Authentication Logs
694
Table 258 File Manager Logs
694
Table 259 Commonly Used Services
695
Figure 480 Windows XP: Opening the Services Window
699
Figure 481 Windows XP: Starting the Messenger Service
700
Figure 482 Windows 2000: Opening the Services Window
700
Figure 483 Windows 2000: Starting the Messenger Service
701
Figure 484 Windows 98 SE: Winpopup
701
Figure 485 Windows 98 SE: Program Task Bar
701
Figure 486 Windows 98 SE: Task Bar Properties
702
Figure 487 Windows 98 SE: Startup
702
Figure 488 Windows 98 SE: Startup: Create Shortcut
703
Figure 489 Windows 98 SE: Startup: Select a Title for the Program
703
Figure 490 Windows 98 SE: Startup: Shortcut
704
Figure 491 Security Certificate
705
Figure 492 Login Screen
706
Figure 493 Certificate General Information before Import
706
Figure 494 Certificate Import Wizard 1
707
Figure 495 Certificate Import Wizard 2
707
Figure 496 Certificate Import Wizard 3
708
Figure 497 Root Certificate Store
708
Figure 498 Certificate General Information after Import
709
Legal Information
747
Zyxel Limited Warranty
748
Customer Support
751
Appendix a Product Specifications
757
Appendix B Log Descriptions
757
Appendix C Common Services
757
Appendix D Displaying Anti-Virus Alert Messages in Windows
757
Appendix E Importing Certificates
757
Appendix F Open Software Announcements
757
Appendix G Legal Information
757
Appendix H Customer Support
757
Index
757
Advertisement
Advertisement
Related Products
ZyXEL Communications Unified Security Gateway ZyWALL 1000
ZyXEL Communications Internet Security Gateway 10~100 Series
ZyXEL Communications ZyWALL 10/10
ZyXEL Communications 10 Series
ZyXEL Communications 100 Series
ZyXEL Communications ZyWALL 10/10 II/50
ZyXEL Communications ZyWALL 1050
ZyXEL Communications ZYWALL 1050 - V1.00 EDITION 1
ZyXEL Communications USG FLEX 100H
ZyXEL Communications 100251
ZyXEL Communications Categories
Gateway
Network Router
Switch
Wireless Router
Adapter
More ZyXEL Communications Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL