Sign In
Upload
Manuals
Brands
ZyXEL Communications Manuals
Gateway
ZyXEL ZyWALL 2WE
ZyXEL Communications ZyXEL ZyWALL 2WE Manuals
Manuals and User Guides for ZyXEL Communications ZyXEL ZyWALL 2WE. We have
5
ZyXEL Communications ZyXEL ZyWALL 2WE manuals available for free PDF download: User Manual, Compact Manual, Specifications
ZyXEL Communications ZyXEL ZyWALL 2WE User Manual (614 pages)
Internet Security Gateway
Brand:
ZyXEL Communications
| Category:
Gateway
| Size: 17.01 MB
Table of Contents
Information for Canadian Users
4
Zyxel Limited Warranty
5
Customer Support
6
Warranty Information
6
Table of Contents
7
List of Figures
15
Preface
26
Related Documentation
26
Syntax Conventions
26
Getting Started
29
Chapter 1 Getting to Know Your Zywall
31
Introducing the Zywall
31
Features
31
Table 1-1 Model Specific Features
31
Reset Button
32
Content Filtering
33
Pptp Encapsulation
34
Dynamic Dns Support
34
Traffic Redirect
35
Port Forwarding
35
Applications for the Zywall
36
Figure 1-1 Secure Internet Access Via Cable, DSL or Wireless Modem
36
Figure 1-2 Secure Internet Access and VPN Application
37
Chapter 2 Introducing the Web Configurator
39
Web Configurator Overview
39
Accessing the Zywall Web Configurator
39
Figure 2-1 Change Password Screen
39
Resetting the Zywall
40
Figure 2-2 Replace Certificate Screen
40
Navigating the Zywall Web Configurator
41
Figure 2-3 Example Xmodem Upload
41
Figure 2-4 the MAIN MENU Screen of the Web Configurator
42
Table 2-1 Web Configurator Screens Summary
42
Chapter 3 Wizard Setup
47
Wizard Setup Overview
47
General Setup and System Name
47
Internet Access
48
Figure 3-1 Wizard 1
48
Figure 3-2 Wizard 2: Ethernet Encapsulation
49
Table 3-1 Ethernet Encapsulation
49
Pppoe Encapsulation
50
Figure 3-3 Wizard2: Pppoe Encapsulation
51
Table 3-2 Pppoe Encapsulation
51
Figure 3-4 Wizard 2: PPTP Encapsulation
53
Table 3-3 PPTP Encapsulation
53
WAN and DNS
54
Table 3-4 Private IP Address Ranges
54
Dns Server Address Assignment
55
Ip Address and Subnet Mask
55
Table 3-5 Example of Network Properties for LAN Servers with Fixed IP Addresses
56
Figure 3-5 Wizard 3
57
Table 3-6 Wizard 3
57
Basic Setup Complete
58
Figure 3-6 Internet Access Wizard Setup Complete
59
System and LAN
61
Chapter 4 System Screens
63
System Overview
63
Configuring General Setup
63
Figure 4-1 System General Setup
63
Table 4-1 System General Setup
64
Dynamic DNS
65
Configuring Dynamic DNS
65
Figure 4-2 DDNS
66
Table 4-2 DDNS
66
Configuring Password
67
Pre-Defined NTP Time Servers List
68
Figure 4-3 Password
68
Table 4-3 Password
68
Configuring Time Setting
69
Table 4-4 Default Time Servers
69
Figure 4-4 Time Setting
70
Table 4-5 Time Setting
70
Chapter 5 LAN Screens
73
LAN Overview
73
DHCP Setup
73
IP Address and Subnet Mask
73
DNS Server Address Assignment
74
Lan Tcp/Ip
74
Configuring IP
75
Figure 5-1 IP
76
Table 5-1 IP
76
Configuring Static DHCP
78
Configuring IP Alias
79
Figure 5-2 Static DHCP
79
Table 5-2 Static DHCP
79
Figure 5-3 Physical Network Figure 5-4 Partitioned Logical Networks
80
Figure 5-5 IP Alias
80
Table 5-3 IP Alias
81
WAN and Wireless LAN
83
Chapter 6 WAN Screens
85
WAN Overview
85
TCP/IP Priority (Metric)
85
WAN IP Address Assignment
85
Configuring Route
86
Table 6-1 Private IP Address Ranges
86
Table 6-2 Example of Network Properties for LAN Servers with Fixed IP Addresses
86
Configuring WAN ISP
87
Figure 6-1 WAN Setup: Route
87
Table 6-3 WAN Setup: Route
87
Figure 6-2 Ethernet Encapsulation
88
Table 6-4 Ethernet Encapsulation
88
Figure 6-3 Pppoe Encapsulation
90
Table 6-5 Pppoe Encapsulation
90
Figure 6-4 PPTP Encapsulation
92
Table 6-6 PPTP Encapsulation
92
Configuring WAN IP
93
Figure 6-5 IP Setup
94
Table 6-7 IP Setup
94
Configuring WAN MAC
97
Figure 6-6 MAC Setup
97
Traffic Redirect
98
Figure 6-7 Traffic Redirect Setup Example
98
Configuring Traffic Redirect
99
Figure 6-8 Traffic Redirect LAN Setup
99
Figure 6-9 Traffic Redirect
100
Table 6-8 Traffic Redirect
100
Configuring Dial Backup
101
Figure 6-10 Dial Backup Setup
102
Table 6-9 Dial Backup Setup
103
Advanced Modem Setup
106
Configuring Advanced Modem Setup
107
Figure 6-11 Advanced Setup
108
Table 6-10 Advanced Setup
108
Chapter 7 Wireless LAN Screens
111
Wireless LAN Overview
111
Wireless LAN Basics
111
Figure 7-1 RTS Threshold
112
Wireless Security
113
Figure 7-2 Zywall Wireless Security Levels
113
Configuring Wireless LAN
114
Figure 7-3 Wireless
114
Table 7-1 Wireless
115
Configuring MAC Filter
116
Figure 7-4 MAC Address Filter
116
Overview
117
Table 7-2 MAC Address Filter
117
Eap Authentication Overview
118
Local User Database
119
Configuring 802.1X
119
Figure 7-5 EAP Authentication
119
Figure 7-6 802.1X Authentication
120
Table 7-3 802.1X Authentication
120
NAT and Static Route
121
Chapter 8 Network Address Translation (NAT)
123
NAT Overview
123
Table 8-1 NAT Definitions
123
Figure 8-1 How NAT Works
124
Figure 8-2 NAT Application with IP Alias
125
Using NAT
126
Table 8-2 NAT Mapping Types
126
SUA Server
127
Table 8-3 Services and Port Numbers
127
Figure 8-3 Multiple Servers Behind NAT Example
128
Figure 17-22 SNMP
128
Configuring SUA Server
129
Figure 8-4 SUA Server
129
Configuring Address Mapping
130
Table 8-4 SUA Server
130
Figure 8-5 Address Mapping
131
Table 8-5 Address Mapping
131
Figure 8-6 Address Mapping Rule
132
Configuring Trigger Port
133
Table 8-6 Address Mapping Rule
133
Figure 8-7 Trigger Port Forwarding Example
134
Figure 8-8 Trigger Port
135
Table 8-7 Trigger Port
135
Chapter 9 Static Route Screens
137
Static Route Overview
137
Configuring IP Static Route
137
Figure 9-1 Example of Static Routing Topology
137
Figure 9-2 Static Route Screen
138
Table 9-1 IP Static Route Summary
138
Figure 9-3 Edit IP Static Route
139
Table 9-2 Edit IP Static Route
139
Firewall and Content Filters
141
Chapter 10 Firewalls
143
Firewall Overview
143
Types of Firewalls
143
Introduction to Nortel Networks Firewall
144
Denial of Service
145
Figure 10-1 Zywall Firewall Application
145
Table 10-1 Common IP Ports
146
Figure 10-2 Three-Way Handshake
147
Figure 10-3 SYN Flood
147
Figure 10-4 Smurf Attack
148
Table 10-2 ICMP Commands that Trigger Alerts
148
Stateful Inspection
149
Table 10-3 Legal Netbios Commands
149
Table 10-4 Legal SMTP Commands
149
Figure 10-5 Stateful Inspection
150
Stateful Inspection and the Zywall
151
Tcp Security
152
Guidelines for Enhancing Security with Your Firewall
153
Packet Filtering Vs Firewall
153
When to Use Filtering
154
When to Use the Firewall
154
Chapter 11 Firewall Screens
157
Access Methods
157
Firewall Policies Overview
157
Rule Logic Overview
158
Connection Direction Examples
159
Figure 11-1 LAN to WAN Traffic
160
Alerts
161
Configuring Firewall
161
Figure 11-2 WAN to LAN Traffic
161
Figure 11-3 Enabling the Firewall
162
Table 11-1 Firewall Rules Summary: First Screen
163
Configuring Firewall Rules
164
Figure 11-4 Creating/Editing a Firewall Rule
165
Table 11-2 Creating/Editing a Firewall Rule
166
Figure 11-5 Adding/Editing Source and Destination Addresses
167
Figure 11-6 Creating/Editing a Custom Port
168
Table 11-3 Adding/Editing Source and Destination Addresses
168
Example Firewall Rule
169
Table 11-4 Creating/Editing a Custom Port
169
Figure 11-7 Firewall IP Config Screen
170
Figure 11-8 Firewall Rule Edit IP Example
171
Figure 11-9 Edit Custom Port Example
171
Figure 11-10 Myservice Rule Configuration
172
Figure 11-11 My Service Example Rule Summary
173
Predefined Services
174
Table 11-5 Predefined Services
174
Configuring Attack Alert
176
Threshold Values
177
Figure 11-12 Attack Alert
178
Table 11-6 Attack Alert
179
Chapter 12 Content Filtering Screens
181
Introduction to Content Filtering
181
General Content Filter Configuration
181
Figure 12-1 Content Filter : General
182
Table 12-1 Content Filter : General
183
Content Filtering with an External Server
184
Figure 12-2 Content Filtering Lookup Procedure
184
Checking Content Filtering Activation
185
Configuring Categories
185
Figure 12-3 Content Filter : Categories
186
Table 12-2 Content Filter : Categories
187
Configuring Customization
194
Figure 12-4 Content Filter : Customization
195
Table 12-3 Content Filter : Customization
196
Vpn/Ipsec
199
Chapter 13 Introduction to Ipsec
201
VPN Overview
201
Figure 13-1 Encryption and Decryption
202
Ipsec Architecture
203
Figure 13-2 Ipsec Architecture
203
Encapsulation
204
Figure 13-3 Transport and Tunnel Mode Ipsec Encapsulation
204
Ipsec and NAT
205
Table 13-1 VPN and NAT
205
Chapter 14 VPN Screens
207
Vpn/Ipsec Overview
207
Ipsec Algorithms
207
My IP Address
208
Secure Gateway Address
208
Table 14-1 AH and ESP
208
Summary Screen
209
Figure 14-1 Ipsec Summary Fields
209
Figure 14-2 VPN Rules
210
Table 14-2 VPN Rules
210
Keep Alive
211
NAT Traversal
212
Figure 14-3 NAT Router between Ipsec Routers
212
Figure 14-4 VPN Host Using Intranet DNS Server Example
213
ID Type and Content
214
Table 14-3 Local ID Type and Content Fields
214
Table 14-4 Peer ID Type and Content Fields
215
Table 14-5 Matching ID Type and Content Configuration Example
215
Table 14-6 Mismatching ID Type and Content Configuration Example
215
Pre-Shared Key
216
VPN Implementation
216
Figure 14-5 Client-To-Site VPN Example
216
Configuring Basic IKE VPN Rule Setup
217
Figure 14-6 Site-To-Site VPN Example
217
Figure 14-7 Basic IKE VPN Rule Edit
218
Table 14-7 Basic IKE VPN Rule Edit
219
IKE Phases
227
Figure 14-8 Two Phases to Set up the Ipsec SA
228
Negotiation Mode
229
Configuring Advanced IKE Setup
230
Figure 14-9 Advanced IKE VPN Rule Setup
231
Table 14-8 Advanced IKE VPN Rule Setup
232
Manual Key Setup
234
Configuring Edit Manual Setup
234
Figure 14-10 Manual VPN Rule Setup
235
Table 14-9 VPN Manual Setup
236
SA Monitor
239
Figure 14-11 VPN SA Monitor
239
Global Settings
240
Figure 14-12 VPN Global Setting
240
Table 14-10 VPN SA Monitor
240
Telecommuter Vpn/Ipsec Examples
241
Table 14-11 VPN Global Setting
241
Figure 14-13 Telecommuters Sharing One VPN Rule Example
242
Table 14-12 Telecommuters Sharing One VPN Rule Example
242
Figure 14-14 Telecommuters Using Unique VPN Rules Example
243
Table 14-13 Telecommuters Using Unique VPN Rules Example
243
VPN and Remote Management
244
Certificates
245
Chapter 15 Certificates
247
Certificates Overview
247
Self-Signed Certificates
248
Configuration Summary
248
Figure 15-1 Certificate Configuration Overview
248
My Certificates
249
Figure 15-2 My Certificates
249
Table 15-1 My Certificates
250
Certificate File Formats
251
Importing a Certificate
252
Figure 15-3 My Certificate Import
252
Table 15-2 My Certificate Import
252
Creating a Certificate
253
Figure 15-4 My Certificate Create
253
Table 15-3 My Certificate Create
254
My Certificate Details
256
Figure 15-5 My Certificate Details
257
Table 15-4 My Certificate Details
258
Trusted Cas
260
Figure 15-6 Trusted Cas
261
Table 15-5 Trusted Cas
261
Importing a Trusted Ca's Certificate
262
Trusted CA Certificate Details
263
Figure 15-7 Trusted CA Import
263
Table 15-6 Trusted CA Import
263
Figure 15-8 Trusted CA Details
264
Table 15-7 Trusted CA Details
265
Trusted Remote Hosts
267
Figure 15-9 Trusted Remote Hosts
268
Table 15-8 Trusted Remote Hosts
268
Verifying a Trusted Remote Host's Certificate
269
Importing a Trusted Remote Host's Certificate
270
Table 15-9 Remote Host Certificates
270
Table 15-10 Certificate Details
270
Trusted Remote Host Certificate Details
271
Figure 15-10 Trusted Remote Host Import
271
Table 15-11 Trusted Remote Host Import
271
Figure 15-11 Trusted Remote Host Details
272
Table 15-12 Trusted Remote Host Details
273
Directory Servers
275
Figure 15-12 Directory Servers
275
Table 15-13 Directory Servers
275
Add or Edit a Directory Server
276
Figure 15-13 Directory Server Add
276
Table 15-14 Directory Server Add
277
Authentication Server, Remote Management and Upnp
279
Chapter 16 Authentication Server
281
Authentication Server Overview
281
Local User Database
281
Configuring Local User Database
281
Figure 16-1 Local User Database
282
Configuring RADIUS
283
Table 16-1 Local User Database
283
Figure 16-2 RADIUS
284
Table 16-2 RADIUS
284
Chapter 17 Remote Management Screens
287
Remote Management Overview
287
Introduction to HTTPS
288
Figure 17-1 HTTPS Implementation
289
Configuring WWW
290
Figure 17-2 WWW
290
Table 17-1 WWW
291
HTTPS Example
292
Figure 17-3 Security Alert Dialog Box (Internet Explorer)
292
Figure 17-4 Security Certificate 1 (Netscape)
293
Figure 17-5 Security Certificate 2 (Netscape)
294
Login Screen
295
Figure 17-6 Login Screen (Internet Explorer)
296
Figure 17-7 Login Screen (Netscape)
297
Figure 17-8 Replace Certificate
298
Figure 17-9 Device-Specific Certificate
298
SSH Overview
299
Figure 17-10 Common Zywall Certificate
299
How SSH Works
300
Figure 17-11 SSH Communication Example
300
Figure 17-12How SSH Works
300
SSH Implementation on the Zywall
301
Configuring SSH
301
Figure 17-13 SSH
301
Secure Telnet Using SSH Examples
302
Table 17-2 SSH
302
Figure 17-14 SSH Example 1: Store Host Key
303
Figure 17-15 SSH Example 2: Test
303
Secure FTP Using SSH Example
304
Figure 17-16SSH Example 2: Log in
304
Telnet
305
Figure 17-17 Secure FTP: Firmware Upload Example
305
Figure 17-18 Telnet Configuration on a TCP/IP Network
305
Configuring TELNET
306
Figure 17-19 Telnet
306
Table 17-3 Telnet
306
Configuring FTP
307
Figure 17-20 FTP
307
Table 17-4 FTP
307
Configuring SNMP
308
Figure 17-21 SNMP Management Model
309
Table 17-5 SNMP Traps
310
Configuring DNS
312
Table 17-6 SNMP
312
Figure 17-23 DNS
313
Table 17-7 DNS
313
Configuring Security
314
Figure 17-24 Security
314
Table 17-8 Security
314
Chapter 18 Upnp
317
Universal Plug and Play Overview
317
Upnp Implementation
318
Configuring Upnp
318
Figure 18-1 Configuring Upnp
319
Table 18-1 Configuring Upnp
319
Displaying Upnp Port Mapping
320
Figure 18-2 Upnp Ports
320
Table 18-2 Upnp Ports
320
Installing Upnp in Windows Example
321
Installing Upnp in Windows Xp
322
Using Upnp in Windows XP Example
324
Web Configurator Easy Access
326
Logs
327
Chapter 19 Logs Screens
329
Configuring View Log
329
Figure 19-1 View Log
330
Table 19-1 View Log
330
Configuring Log Settings
331
Figure 19-2 Log Settings
332
Table 19-2 Log Settings
333
Configuring Reports
334
Figure 19-3 Reports
335
Table 19-3 Reports
335
Figure 19-4 Web Site Hits Report Example
336
Figure 19-5 Protocol/Port Report Example
337
Table 19-4 Web Site Hits Report
337
Figure 19-6 LAN IP Address Report Example
338
Table 19-5 Protocol/ Port Report
338
Table 19-6 LAN IP Address Report
339
Table 19-7 Report Specifications
339
Maintenance
341
Chapter 20 Maintenance
343
Maintenance Overview
343
Status Screen
343
Figure 20-1 System Status
343
Table 20-1 System Status
344
Figure 20-2 System Status: Show Statistics
345
Table 20-2 System Status: Show Statistics
345
DHCP Table Screen
346
Figure 20-3 DHCP Table
346
Table 20-3 DHCP Table
346
F/W Upload Screen
347
Figure 20-4 Firmware Upload
347
Figure 20-5 Firmware Upload
348
Figure 20-6 Firmware Upload in Process
348
Configuration Screen
349
Figure 20-7 Network Temporarily Disconnected
349
Figure 20-8 Firmware Upload Error
349
Figure 20-9 Configuration
350
Figure 20-10 Configuration Upload Successful
351
Figure 20-11 Network Temporarily Disconnected
351
Table 20-4 Restore Configuration
351
Figure 20-12 Configuration Upload Error
352
Figure 20-13 Reset Warning Message
352
Restart Screen
353
Figure 20-14 Restart Screen
353
SMT General Configuration
355
Chapter 21 Introducing the SMT
357
Introduction to the SMT
357
Accessing the SMT Via the Console Port
357
Figure 21-1 Initial Screen
357
Navigating the SMT Interface
358
Figure 21-2 Password Screen
358
Table 21-1 Main Menu Commands
358
Figure 21-3 Main Menu
359
Table 21-2 Main Menu Summary
360
Figure 21-4 Zywall 2 SMT Menu Overview Example
361
Changing the System Password
362
Resetting the Zywall
362
Figure 21-5 Menu 23: System Password
362
Chapter 22 SMT Menu 1 - General Setup
363
Introduction to General Setup
363
Configuring General Setup
363
Figure 22-1 Menu 1: General Setup
363
Table 22-1 Menu 1: General Setup
363
Figure 22-2 Configure Dynamic DNS
365
Table 22-2 Configure Dynamic DNS
365
Chapter 23 WAN and Dial Backup Setup
367
Introduction to WAN
367
Figure 23-1 MAC Address Cloning in WAN Setup
367
Table 23-1 MAC Address Cloning in WAN Setup
367
Dial Backup
368
Configuring Dial Backup in Menu 2
368
Figure 23-2 Menu 2: Dial Backup Setup
368
Advanced WAN Setup
369
Table 23-2 Menu 2: Dial Backup Setup
369
Figure 23-3 Menu 2.1 Advanced WAN Setup
370
Table 23-3 Advanced WAN Port Setup: at Commands Fields
370
Remote Node Profile (Backup ISP)
371
Table 23-4 Advanced WAN Port Setup: Call Control Parameters
371
Figure 23-4 Menu 11.1 Remote Node Profile (Backup ISP)
372
Table 23-5 Menu 11.1 Remote Node Profile (Backup ISP)
372
Editing PPP Options
374
Figure 23-5 Menu 11.2: Remote Node PPP Options
374
Figure 23-6 Menu 11.2: Remote Node PPP Options
374
Editing TCP/IP Options
375
Figure 23-7 Menu 11.3: Remote Node Network Layer Options
375
Table 23-6 Menu 11.3: Remote Node Network Layer Options
375
Editing Login Script
377
Remote Node Filter
378
Figure 23-8 Menu 11.4: Remote Node Script
378
Table 23-7 Menu 11.4: Remote Node Script
378
Figure 23-9 Menu 11.5: Dial Backup Remote Node Filter
379
Advertisement
ZyXEL Communications ZyXEL ZyWALL 2WE User Manual (433 pages)
ZyXEL Internet Security Gateway User's Guide
Brand:
ZyXEL Communications
| Category:
Gateway
| Size: 10.63 MB
Table of Contents
Copyright
2
Information for Canadian Users
4
Online Registration
5
Zyxel Limited Warranty
5
Customer Support
6
Table of Contents
7
List of Figures
16
Preface
27
Related Documentation
27
Syntax Conventions
27
Overview
29
Chapter 1 Getting to Know Your Zywall
31
Introducing the Zywall 2/2WE Internet Security Gateway
31
Features
31
Auxiliary Port
32
Reset Button
32
Wireless Lan Mac Address Filtering
33
Content Filtering
33
Packet Filtering
33
Dynamic Dns Support
34
Port Forwarding
34
Applications for the Zywall
35
Figure 1-1 Secure Internet Access and VPN Application
36
Figure 1-2 Zywall 2WE Wireless LAN Application
36
Chapter 2 Hardware Installation
37
Introduction to Hardware Installation
37
Front Panels Leds
37
Figure 2-1 Zywall 2WE Front Panel
37
LED Descriptions
38
Figure 2-2 Zywall 2 Front Panel
38
Table 2-1 LED Descriptions
38
Zywall Rear Panels and Connections
39
Hardware Connections
39
Figure 2-3 Zywall 2WE Rear Panel
39
Figure 2-4 Zywall 2 Rear Panel
39
Connecting the Console Port
40
Hardware Mounting Options
41
Additional Installation Requirements for Using 802.1X
41
Turning on Your Zywall
41
Table 2-2 Zywall Wireless LAN Coverage
41
Initial Setup and Configuration
43
Chapter 3 Introducing the Web Configurator
45
Introduction to the Web Configurator
45
Accessing the Zywall Web Configurator
45
Figure 3-1 Change Password Screen
45
Web Configurator Navigation
46
Figure 3-2 Web Configurator Main Menu
46
Chapter 4 Introducing the SMT
47
Introduction to the SMT
47
Accessing the Console Port Via the Console Port
47
Figure 4-1 Initial Screen
47
Navigating the SMT Interface
48
Figure 4-2 Password Screen
48
System Management Terminal Interface Summary
49
Table 4-1 Main Menu Summary
49
Smt Menus at a Glance
50
Figure 4-4 Getting Started and Advanced Applications SMT Menus (Zywall 2WE)
51
Figure 4-5 Advanced Management SMT Menus
52
Changing the System Password
53
Figure 4-6 Schedule Setup and Ipsec VPN Configuration SMT Menus
53
Figure 4-7 Menu 23: System Password
53
Resetting the Zywall
54
Figure 4-8 Example Xmodem Upload
54
Procedure to Use the Reset Button
55
Chapter 5 SMT Menu 1 - General Setup
57
Introduction to General Setup
57
System Name
57
Dynamic DNS
57
General Setup
58
Figure 5-1 Menu 1: General Setup
58
Table 5-1 General Setup Menu Field
58
Configuring Dynamic Dns
59
Figure 5-2 Configure Dynamic DNS
59
Table 5-2 Configure Dynamic DNS Menu Fields
59
Chapter 6 WAN Setup
63
Introduction to WAN Setup
63
Cloning the MAC Address
63
WAN Setup
63
Figure 6-1 MAC Address Cloning in WAN Setup
63
Table 6-1 MAC Address Cloning in WAN Setup
64
Chapter 7 LAN Setup
65
Introduction to LAN Setup
65
Accessing the LAN Menus
65
LAN Port Filter Setup
65
Figure 7-1 Menu 3: LAN Setup
65
TCP/IP and LAN DHCP
66
Figure 7-2 Menu 3.1: LAN Port Filter Setup
66
Ip Address and Subnet Mask
67
Private Ip Addresses
67
Table 7-1 Example of Network Properties for LAN Servers with Fixed IP Addresses
67
Rip Setup
68
Table 7-2 Private IP Address Ranges
68
TCP/IP and DHCP Ethernet Setup Menu
69
Figure 7-3 Physical Network
69
Figure 7-4 Partitioned Logical Networks
69
Figure 7-5 Menu 3: TCP/IP and DHCP Setup
70
Figure 7-6 Menu 3.2: TCP/IP and DHCP Ethernet Setup
70
Table 8-1 Wireless LAN
70
Table 7-3 DHCP Ethernet Setup Menu Fields
71
Table 7-4 LAN TCP/IP Setup Menu Fields
71
Ip Alias Setup
72
Figure 7-7 Menu 3.2.1: IP Alias Setup
73
Table 7-5 IP Alias Setup Menu Fields
73
Wireless LAN
74
Wireless LAN Setup
75
Figure 7-8 RTS Threshold
75
Figure 7-9 Menu 3.5 - Wireless LAN Setup
76
Table 7-6 Wireless LAN Setup Menu Fields
76
Chapter 8 Wireless LAN Security Setup
79
Introduction to Wireless LAN Security
79
Levels of Security
79
Figure 8-1 Zywall Wireless Security Levels
79
Data Encryption with WEP
80
Figure 8-2 Wireless LAN
80
Network Authentication
81
Table 8-1 Wireless Lan
81
Types of Radius Messages
82
Figure 8-3 Sequence for EAP Authentication
83
Figure 8-4 Wireless LAN 802.1X Authentication
84
Table 8-2 Wireless LAN 802.1X Authentication
84
Figure 8-5 Authentication RADIUS
85
Table 8-3 Authentication RADIUS
85
Local User Authentication
86
Figure 8-6 Local User Database
87
MAC Address Filtering
88
Figure 8-7 WLAN MAC Address Filter
88
Table 8-4 Local User Database
88
Table 8-5 WLAN MAC Address Filter
89
Chapter 9 Internet Access
91
Introduction to Internet Access Setup
91
Ethernet Encapsulation
91
Table 9-1 Menu 4: Internet Access Setup Menu Fields
91
PPTP Encapsulation
92
Pppoe Encapsulation
93
Figure 9-2 Internet Access Setup (PPTP)
93
Table 9-2 New Fields in Menu 4 (PPTP) Screen
93
Configuring the Pppoe Client
94
Figure 9-3 Internet Access Setup (Pppoe)
94
Table 9-3 New Fields in Menu 4 (Pppoe) Screen
94
Basic Setup Complete
95
Advanced Applications
97
Chapter 10 Remote Node Setup
99
Introduction to Remote Node Setup
99
Remote Node Setup
99
Figure 10-1 Menu 11 Remote Node Setup
99
Remote Node Profile Setup
100
Figure 10-2 Menu 11.1: Remote Node Profile for Ethernet Encapsulation
100
Outgoing Authentication Protocol
102
Figure 10-3 Menu 11.1: Remote Node Profile for Pppoe Encapsulation
102
Table 10-2 Fields in Menu 11.1 (Pppoe Encapsulation Specific)
103
Figure 10-4 Menu 11.1: Remote Node Profile for PPTP Encapsulation
104
Table 10-3 Fields in Menu 11.1 (Pptp Encapsulation)
104
Edit IP
105
Figure 10-5 Menu 11.3: Remote Node Network Layer Options for Ethernet Encapsulation
105
Table 10-4 Remote Node Network Layer Options Menu Fields
106
Remote Node Filter
107
Figure 10-6 Menu 11.5: Remote Node Filter (Ethernet Encapsulation)
107
Traffic Redirect
108
Figure 10-7 Menu 11.5: Remote Node Filter (Pppoe or PPTP Encapsulation)
108
Figure 10-8 Traffic Redirect WAN Setup
108
Figure 10-9 Traffic Redirect LAN Setup
109
Figure 10-10 Menu 11.1: Remote Node Profile
109
Figure 10-11 Menu 11.6: Traffic Redirect Setup
110
Table 10-5 Menu 11.1: Remote Node Profile (Traffic Redirect Field)
110
Table 10-6 Traffic Redirect Setup
110
Chapter 11 IP Static Route Setup
113
Introduction to Static Route
113
IP Static Route Setup
113
Figure 11-1 Example of Static Routing Topology
113
Figure 11-2 Menu 12: IP Static Route Setup
114
Figure 11-3 Menu 12. 1: Edit IP Static Route
115
Table 11-1 IP Static Route Menu Fields
115
Chapter 12 Network Address Translation (NAT)
117
Introduction to NAT
117
Table 12-1 NAT Definitions
117
How Nat Works
118
What Nat Does
118
Figure 12-1 How NAT Works
119
Figure 12-2 NAT Application with IP Alias
120
Nat Mapping Types
120
Table 12-2 NAT Mapping Types
121
Using NAT
122
Figure 12-3 Menu 4: Applying NAT for Internet Access
123
NAT Setup
124
Figure 12-4 Menu 11.3: Applying NAT to the Remote Node
124
Figure 12-5 Menu 15: NAT Setup
125
Figure 12-6 Menu 15.1: Address Mapping Sets
125
Figure 12-7 Menu 15.1.255: SUA Address Mapping Rules
126
Table 12-4 SUA Address Mapping Rules
126
Figure 12-8 Menu 15.1.1: First Set
127
Figure 12-9 Menu 15.1.1.1: Editing/Configuring an Individual Rule in a Set
129
Table 12-6 Menu 15.1.1.1: Editing/Configuring an Individual Rule in a Set
129
NAT Server Sets - Port Forwarding
130
Table 12-7 Services & Port Numbers
130
Configuring a Server Behind Nat
131
Figure 12-10 Menu 15.2: NAT Server Setup
132
Figure 12-11 Multiple Servers Behind NAT Example
132
General NAT Examples
133
Figure 12-13 Menu 4: Internet Access & NAT Example
133
Figure 12-15 Menu 15.2: Specifying an Inside Server
135
Figure 12-17 Example 3: Menu
137
Figure 12-18 Example 3: Menu
137
Trigger Port Forwarding
140
Figure 12-22 Example 4: Menu 15.1.1.1: Address Mapping Rule
140
Figure 12-23 Example 4: Menu 15.1.1: Address Mapping Rules
140
Figure 12-24 Trigger Port Forwarding Process: Example
141
Figure 12-25 Menu 15.3-Trigger Port Setup
142
Two Points to Remember about Trigger Ports
142
Table 12-8 Menu 15.3-Trigger Port Setup Description
143
Firewall and Content Filters
145
Chapter 13 Firewalls
147
Introduction to Firewalls
147
Types of Firewalls
147
Introduction to Zyxel's Firewall
148
Denial of Service
149
Figure 13-1 Zywall Firewall Application
149
Types of Dos Attacks
150
Table 13-1 Common IP Ports
150
Figure 13-2 Three-Way Handshake
151
Figure 13-3 SYN Flood
151
Figure 13-4 Smurf Attack
152
Table 13-2 ICMP Commands that Trigger Alerts
152
Stateful Inspection
153
Table 13-3 Legal Netbios Commands
153
Table 13-4 Legal SMTP Commands
153
Stateful Inspection Process
154
Figure 13-5 Stateful Inspection
154
Stateful Inspection and the Zywall
155
Tcp Security
156
Guidelines for Enhancing Security with Your Firewall
157
Packet Filtering Vs Firewall
158
Chapter 14 Introducing the Zywall Firewall
161
Introduction to the Zywall Firewall
161
Remote Management and the Firewall
161
Access Methods
161
Using Zywall SMT Menus
161
Figure 14-1 Menu 21: Filter and Firewall Setup
161
Activating the Firewall
162
Figure 14-2 Menu 21.2: Firewall Setup
162
Chapter 15 Firewall Configuration
163
Introduction to Firewall Configuration
163
Enabling the Firewall
163
Figure 15-1 Enabling the Firewall
164
Attack Alert
165
Figure 15-2 Attack Alert
167
Table 15-1 Attack Alert
167
Chapter 16 Creating Custom Rules
171
Introduction to Custom Rules
171
Rule Logic Overview
172
Connection Direction Examples
173
Figure 16-1 LAN to WAN Traffic
174
Figure 16-2 WAN to LAN Traffic
174
Wan to Lan Rules
174
Rule Summary
175
Figure 16-3 Firewall Rules Summary: First Screen
175
Table 16-1 Firewall Rules Summary: First Screen
175
Predefined Services
177
Table 16-2 Predefined Services
177
Figure 16-4 Creating/Editing a Firewall Rule
181
Table 16-3 Creating/Editing a Firewall Rule
181
Figure 16-5 Adding/Editing Source and Destination Addresses
183
Table 16-4 Adding/Editing Source and Destination Addresses
183
Custom Ports
184
Creating/Editing a Custom Port
184
Figure 16-6 Creating/Editing a Custom Port
184
Example Firewall Rule
185
Table 16-5 Creating/Editing a Custom Port
185
Figure 16-7 Firewall Rule Configuration Screen Example
186
Figure 16-8 Firewall IP Config Screen Example
187
Figure 16-9 Custom Port Example
188
Figure 16-10 Rule Configuration Example
189
Figure 16-11 Rule Summary Example
190
Chapter 17 Content Filtering
191
Introduction to Content Filtering
191
Restrict Web Features
191
Days and Times
191
Configure Content Filtering
191
Figure 17-1Content Filter
192
Table 17-1 Content Filter
192
Logs, Filter Configuration, and SNMP Configuration
195
Chapter 18 Centralized Logs
197
Introduction to Centralized Logs
197
View Log
197
Figure 18-1 View Log
198
Table 18-1 View Log
198
Log Settings
199
Figure 18-2 Log Settings
200
Table 18-2 Log Settings
201
Reports
202
Figure 18-3 Reports
203
Table 18-3 Reports
204
Figure 18-4 Web Site Hits Report Example
205
Table 18-4 Web Site Hits Report
205
Figure 18-5 Protocol/Port Report Example
206
Table 18-5 Protocol/Port Report
206
Figure 18-6 LAN IP Address Report Example
207
Table 18-6 Protocol/Port Report
207
Table 18-7 Reports Specifications
208
Chapter 19 Filter Configuration
209
Introduction to Filters
209
The Filter Structure of the Zywall
210
Figure 19-1 Outgoing Packet Filtering Process
210
Figure 19-2 Filter Rule Process
211
Configuring a Filter Set
212
Figure 19-3 Menu 21: Filter and Firewall Setup
212
Figure 19-4 Menu 21.1: Filter Set Configuration
212
Table 19-1 Abbreviations Used in the Filter Rules Summary Menu
213
Configuring a Filter Rule
214
Table 19-2 Rule Abbreviations Used
214
Figure 19-5 Menu 21.1.1.1: TCP/IP Filter Rule
215
Table 19-3 TCP/IP Filter Rule Menu Fields
215
Figure 19-6 Executing an IP Filter
218
Figure 19-7 Menu 21.1.4.1: Generic Filter Rule
219
Table 19-4 Generic Filter Rule Menu Fields
220
Example Filter
221
Figure 19-8 Telnet Filter Example
221
Figure 19-9 Example Filter: Menu 21.1.3.1
222
Figure 19-10 Example Filter Rules Summary: Menu
223
Filter Types and SUA/NAT
224
Firewall Versus Filters
224
Figure 19-11 Protocol and Device Filter Sets
224
Applying a Filter and Factory Defaults
225
Figure 19-12 Filtering LAN Traffic
225
Figure 19-13 Filtering Remote Node Traffic
226
Chapter 20 SNMP Configuration
227
Introduction to SNMP
227
Figure 20-1 SNMP Management Model
228
Supported Mibs
229
SNMP Configuration
229
Figure 20-2 Menu 22: SNMP Configuration
229
Table 20-1 SNMP Configuration Menu Fields
229
SNMP Traps
230
Table 20-2 SNMP Traps
230
System Information and Diagnosis and Firmware and Configuration File Maintenance
231
Chapter 21 System Information & Diagnosis
233
Introduction to System Status
233
System Status
233
Figure 21-1 Menu 24: System Maintenance
233
Figure 21-2 Menu 24.1: System Maintenance: Status (Zywall 2WE)
234
Table 21-1 System Maintenance: Status Menu Fields
234
System Information and Console Port Speed
235
Figure 21-3 Menu 24.2: System Information and Console Port Speed
236
Figure 21-4 Menu 24.2.1: System Maintenance: Information
236
Figure 21-5 Menu 24.2.2: System Maintenance: Change Console Port Speed
237
Table 21-2 Fields in System Maintenance: Information
237
Log and Trace
238
Figure 21-6 Menu 24.3: System Maintenance: Log and Trace
238
Figure 21-7 Examples of Error and Information Messages
239
Figure 21-8 Menu 24.3.2: System Maintenance: UNIX Syslog
239
Table 21-3 System Maintenance Menu Syslog Parameters
240
Diagnostic
243
Figure 21-9 Call-Triggering Packet Example
243
Wan Dhcp
244
Figure 21-10 Menu 24.4: System Maintenance: Diagnostic
244
Figure 21-11 WAN & LAN DHCP
245
Table 21-4 System Maintenance Menu Diagnostic
245
ZyXEL Communications ZyXEL ZyWALL 2WE Compact Manual (42 pages)
Brand:
ZyXEL Communications
| Category:
Gateway
| Size: 1.63 MB
Table of Contents
Table of Contents
2
1 Introducing the Zywall
4
2 Hardware
4
Rear Panel
5
The Front Panel Leds
6
3 Setting up Your Computer's IP Address
7
Windows NT/2000/XP
7
4 Configuring Your Zywall
9
Accessing Your Zywall Via Web Configurator
9
Internet Access Using the Wizard
10
Test Your Internet Connection
13
Check Your WAN Setup
14
Common Screen Command Buttons
14
5 Advanced Configuration
15
Network Address Translation Overview
15
Configuring SUA Server
15
Wireless LAN Overview
17
Configuring Wireless
17
Configuring IEEE 802.1X Authentication
19
Local User Database and RADIUS Overview
20
Firewall Overview
20
Configuring Firewall
21
Procedure for Configuring Firewall Rules
24
Configuring Source and Destination Addresses
26
Content Filtering Overview
27
Restrict Web Features
27
Create a Filter List
27
Customize Web Site Access
28
General Content Filter Configuration
28
Content Filtering with an External Server
29
A Procedure to Enable External Database Content Filtering
29
Configuring for Registering and Categories
29
Configuring Customization
31
VPN Overview
32
Summary Screen
32
Configuring VPN Policies
35
X-Auth (Extended Authentication)
35
Viewing SA Monitor
39
Upnp Overview
40
Configuring Upnp
40
6 Troubleshooting
41
Advertisement
ZyXEL Communications ZyXEL ZyWALL 2WE Specifications (2 pages)
Internet Security Gateway with Wireless Embedded for Tele-Home
Brand:
ZyXEL Communications
| Category:
Gateway
| Size: 0.29 MB
ZyXEL Communications ZyXEL ZyWALL 2WE Specifications (2 pages)
ZyXEL Communications Network Hardware User Manual
Brand:
ZyXEL Communications
| Category:
Gateway
| Size: 0.2 MB
Advertisement
Related Products
ZyXEL Communications 2R-P1C
ZyXEL Communications Prestige 2304R-P1
ZyXEL Communications ADSL 2+ Security Gateway
ZyXEL Communications 802.11g ADSL 2+ 4-Port Security Gateway HW-D Series
ZyXEL Communications Prestige 2302R Series
ZyXEL Communications PRESTIGE 2302RL -
ZyXEL Communications ZYWALL 20W -
ZyXEL Communications ZyXEL ZyWALL 30W
ZyXEL Communications ZyXEL ZYWALL10
ZyXEL Communications ZyXEL ZyWALL IDP 10
ZyXEL Communications Categories
Gateway
Network Router
Switch
Wireless Router
Adapter
More ZyXEL Communications Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL