ZyXEL Communications ZYWALL SSL 10 User Manual
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Firewall
  5. ZyWALL SSL 10
  6. User manual
ZyXEL Communications ZYWALL SSL 10 User Manual

ZyXEL Communications ZYWALL SSL 10 User Manual

Integrated ssl-vpn appliance
Hide thumbs Also See for ZYWALL SSL 10:
Table of Contents

Advertisement

Quick Links

See also: User Manual

ZyWALL SSL 10

Integrated SSL-VPN Appliance
User's Guide
Version 1.00
12/2006
Edition 1
www.zyxel.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ZYWALL SSL 10 and is the answer not in the manual?

Questions and answers

Related Manuals for ZyXEL Communications ZYWALL SSL 10

Summary of Contents for ZyXEL Communications ZYWALL SSL 10

  • Page 1: Zywall Ssl

    ZyWALL SSL 10 Integrated SSL-VPN Appliance User’s Guide Version 1.00 12/2006 Edition 1 www.zyxel.com...

  • Page 3: About This User's Guide

    Embedded web help for descriptions of individual screens and supplementary information. • ZyXEL Web Site Please refer to www.zyxel.com for additional support documentation and product certifications. User Guide Feedback Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead.

  • Page 4: Document Conventions

    Syntax Conventions • The ZyWALL SSL 10 may be referred to as the “ZyWALL”, the “device”, the “system” or the “product” in this User’s Guide. • Product labels, screen names, field labels and field choices are all in bold font.
  • Page 5 Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The ZyWALL icon is not an exact representation of your device. ZyWALL Computer Notebook computer Server DSLAM Firewall Telephone Switch Router ZyWALL SSL 10 User’s Guide...
  • Page 6 Document Conventions ZyWALL SSL 10 User’s Guide...

  • Page 7: Table Of Contents

    3.3 Opening a File or Folder ...................... 26 3.3.1 Downloading a File ..................... 27 3.3.2 Saving a File ......................27 3.4 Creating a New Folder ......................28 3.5 Renaming a File or Folder ....................28 ZyWALL SSL 10 User’s Guide...
  • Page 8 Part II: Troubleshooting, Appendices and Index ........ 31 Chapter 4 Troubleshooting........................33 Appendix A Setting up Your Computer’s IP Address.............. 37 Appendix B Importing Certificates ..................53 Appendix C Legal Information ....................63 Appendix D Customer Support....................65 ZyWALL SSL 10 User’s Guide...

  • Page 9: List Of Figures

    Figure 35 Windows XP: Internet Protocol (TCP/IP) Properties .............. 45 Figure 36 Macintosh OS 8/9: Apple Menu ....................46 Figure 37 Macintosh OS 8/9: TCP/IP ..................... 46 Figure 38 Macintosh OS X: Apple Menu ....................47 ZyWALL SSL 10 User’s Guide...
  • Page 10 Figure 63 Personal Certificate Import Wizard 5 ..................61 Figure 64 Personal Certificate Import Wizard 6 ..................61 Figure 65 Access the ZyWALL Via HTTPS .................... 62 Figure 66 SSL Client Authentication ....................... 62 Figure 67 ZyWALL Secure Login Screen ....................62 ZyWALL SSL 10 User’s Guide...

  • Page 11: Part I: Remote User Access

    Remote User Access • Introduction (13) • Application (21) • File Sharing (25)

  • Page 13: Chapter 1 Introduction

    With the thin clients, you can access servers, remote desktops and manage files as if you were on the local network. 1.1.2 System Requirements The following lists the browser and computer system requirements for remote user access. ZyWALL SSL 10 User’s Guide...

  • Page 14: Required Information You Need

    1 Open a web browser and enter the web site address or IP address of the ZyWALL. For example, “http://sslvpn.mycompany.com”. Figure 2 Enter the Address in a Web Browser 2 Click OK or Yes if a security screen displays. ZyWALL SSL 10 User’s Guide...

  • Page 15: Figure 3 Login Security Screen

    ZyWALL. This may take up to two minutes. 7 Download the installation software if you are prompted to upgrade the JVM. Click the link to access the Sun Java software web site. It is recommended you select the Offline Installation option. ZyWALL SSL 10 User’s Guide...

  • Page 16: Figure 5 Software Upgrade Prompt

    ZyWALL. Figure 7 VPN Connection Network Icon 10 When the list of available resources displays in the Application screen, you have successfully logged into the network. See Figure 8 on page ZyWALL SSL 10 User’s Guide...

  • Page 17: Remote User Screen

    This part of the screen displays a list of the resources available to you. In the Application screen, click on a link to access or display the access method. In the File Sharing screen, click on a link to open a file or directory. ZyWALL SSL 10 User’s Guide...

  • Page 18: Bookmark

    2 A prompt window displays. Click OK to continue. Figure 10 Logout: Prompt 3 An information screen displays. This indicates that all connections have been successfully terminated. Figure 11 Logout: Information Window 4 The login screen displays with the “Logged out successfully!” message. ZyWALL SSL 10 User’s Guide...

  • Page 19: Figure 12 Logout: Successful

    Chapter 1 Introduction Figure 12 Logout: Successful ZyWALL SSL 10 User’s Guide...
  • Page 20 Chapter 1 Introduction ZyWALL SSL 10 User’s Guide...

  • Page 21: Chapter 2 Application

    The Type field displays Web Application to indicate a web-based application or Application for a non-web based application. You can move your mouse over a link to display help information on how to access an application. The following shows an example. Figure 13 Application ZyWALL SSL 10 User’s Guide...

  • Page 22: Accessing Web-Based Application

    The following example shows you how to establish an FTP connection to a switch for device management. 1 In the Application screen, move your mouse over a link to display the pop-up information window. ZyWALL SSL 10 User’s Guide...

  • Page 23: Figure 15 Application: Access Non-Web Based Application

    Chapter 2 Application Figure 15 Application: Access Non-Web based Application 2 Launch an FTP application and connect to the IP address provided. The following figure shows an example using Windows Command Prompt. Figure 16 Application: Telnet Example ZyWALL SSL 10 User’s Guide...
  • Page 24 Chapter 2 Application ZyWALL SSL 10 User’s Guide...

  • Page 25: Chapter 3 File Sharing

    3.2 Main File Sharing Screen The first File Sharing screen displays the name(s) of the shared folder(s) available. The following figure shows an example with three file shares. ZyWALL SSL 10 User’s Guide...

  • Page 26: Opening A File Or Folder

    3 If an access user name and password are required, a screen displays as shown in the following figure. Enter the account information and click Login to continue. Figure 18 File Sharing: Enter Access User Name and Password ZyWALL SSL 10 User’s Guide...

  • Page 27: Downloading A File

    3.3.2 Saving a File After you have opened a file in a web browser, you can save a copy of the file by clicking File > Save As and follow the on-screen instruction. ZyWALL SSL 10 User’s Guide...

  • Page 28: Creating A New Folder

    Make sure the length of the folder name does not exceed the maximum allowed on the file server. Figure 21 File Sharing: Save a Word File 3.5 Renaming a File or Folder To rename a file or folder, click the Rename icon next to the file/folder. ZyWALL SSL 10 User’s Guide...

  • Page 29: Deleting A File Or Folder

    You may not be able to open a file if you change the file extension. Figure 23 File Sharing: Rename 3.6 Deleting a File or Folder To delete a file or folder, click the Delete icon next to the file/folder and then OK in a prompt screen that displays. ZyWALL SSL 10 User’s Guide...

  • Page 30: Uploading A File

    4 After the file is uploaded successfully, you should see the name of the file and the message in the screen. Figure 25 File Sharing: File Upload Uploading a files with the same name and file extension replaces the existing file on the file server. No warning message is displayed. ZyWALL SSL 10 User’s Guide...

  • Page 31: Part Ii: Troubleshooting, Appendices And Index

    Troubleshooting, Appendices and Index • Troubleshooting (33) • Setting up Your Computer’s IP Address (37) • Importing Certificates (53) • Legal Information (63) • Customer Support (65)
  • Page 33 • You cannot log in to the web configurator if someone has already logged in using the same user account. In this case, inform that person to log out or contact your network administrator for assistance. ZyWALL SSL 10 User’s Guide...

  • Page 34: Chapter 4 Troubleshooting

    • If your web browser cannot open a file, you are prompted to download it to your computer. You can then launch the appropriate application to open the file. I cannot rename/delete/upload a file and/or folder. ZyWALL SSL 10 User’s Guide...
  • Page 35 Chapter 4 Troubleshooting • You must have read/write access rights for the file share. Check with your network administrator for this information. ZyWALL SSL 10 User’s Guide...
  • Page 36 Chapter 4 Troubleshooting ZyWALL SSL 10 User’s Guide...

  • Page 37: Appendix A Setting Up Your Computer's Ip Address

    If you manually assign IP information instead of using dynamic assignment, make sure that your computers have IP addresses that place them in the same subnet as the ZyWALL’s LAN port. Windows 95/98/Me Click Start, Settings, Control Panel and double-click the Network icon to open the Network window. ZyWALL SSL 10 User’s Guide...

  • Page 38: Figure 26 Windows 95/98/Me: Network: Configuration

    2 Select Client and then click Add. 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click 5 Restart your computer so the changes you made take effect. ZyWALL SSL 10 User’s Guide...

  • Page 39: Figure 27 Windows 95/98/Me: Tcp/Ip Properties: Ip Address

    • If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in). ZyWALL SSL 10 User’s Guide...

  • Page 40: Figure 28 Windows 95/98/Me: Tcp/Ip Properties: Dns Configuration

    3 Select your network adapter. You should see your computer's IP address, subnet mask and default gateway. Windows 2000/NT/XP The following example figures use the default Windows XP GUI theme. 1 Click start (Start in Windows 2000/NT), Settings, Control Panel. ZyWALL SSL 10 User’s Guide...

  • Page 41: Figure 29 Windows Xp: Start Menu

    Figure 29 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 30 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. ZyWALL SSL 10 User’s Guide...

  • Page 42: Figure 31 Windows Xp: Control Panel: Network Connections: Properties

    • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. • Click Advanced. ZyWALL SSL 10 User’s Guide...

  • Page 43: Figure 33 Windows Xp: Internet Protocol (Tcp/Ip) Properties

    To manually configure a default metric (the number of transmission hops), clear the Automatic metric check box and type a metric in Metric. • Click Add. • Repeat the previous three steps for each default gateway you want to add. • Click OK when finished. ZyWALL SSL 10 User’s Guide...

  • Page 44: Figure 34 Windows Xp: Advanced Tcp/Ip Properties

    • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields. If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. ZyWALL SSL 10 User’s Guide...

  • Page 45: Figure 35 Windows Xp: Internet Protocol (Tcp/Ip) Properties

    Network Connections, right-click a network connection, click Status and then click the Support tab. Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. ZyWALL SSL 10 User’s Guide...

  • Page 46: Figure 36 Macintosh Os 8/9: Apple Menu

    2 Select Ethernet built-in from the Connect via list. Figure 37 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: • From the Configure box, select Manually. ZyWALL SSL 10 User’s Guide...

  • Page 47: Figure 38 Macintosh Os X: Apple Menu

    2 Click Network in the icon bar. • Select Automatic from the Location list. • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list. ZyWALL SSL 10 User’s Guide...

  • Page 48: Figure 39 Macintosh Os X: Network

    Check your TCP/IP properties in the Network window. Linux This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux 9.0. Procedure, screens and file location may vary depending on your Linux distribution and release version. ZyWALL SSL 10 User’s Guide...

  • Page 49: Figure 40 Red Hat 9.0: Kde: Network Configuration: Devices

    Figure 40 Red Hat 9.0: KDE: Network Configuration: Devices 2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 41 Red Hat 9.0: KDE: Ethernet Device: General ZyWALL SSL 10 User’s Guide...

  • Page 50: Figure 42 Red Hat 9.0: Kde: Network Configuration: Dns

    Ethernet card). Open the eth0 eth0 configuration file with any plain text editor. • If you have a dynamic IP address, enter in the field. The dhcp BOOTPROTO= following figure shows an example. ZyWALL SSL 10 User’s Guide...

  • Page 51: Figure 44 Red Hat 9.0: Dynamic Ip Address Setting In Ifconfig-Eth0

    Figure 47 Red Hat 9.0: Restart Ethernet Card [root@localhost init.d]# network restart Shutting down interface eth0: [OK] Shutting down loopback interface: [OK] Setting network parameters: [OK] Bringing up loopback interface: [OK] Bringing up interface eth0: [OK] ZyWALL SSL 10 User’s Guide...

  • Page 52: Figure 48 Red Hat 9.0: Checking Tcp/Ip Properties

    Bcast:172.23.19.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:717 errors:0 dropped:0 overruns:0 frame:0 TX packets:13 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:730412 (713.2 Kb) TX bytes:1570 (1.5 Kb) Interrupt:10 Base address:0x1000 [root@localhost]# ZyWALL SSL 10 User’s Guide...

  • Page 53: Appendix B Importing Certificates

    The following example procedure shows how to import the ZyWALL’s (self-signed) server certificate into your operating system as a trusted certification authority. 1 In Internet Explorer, double click the lock shown in the following screen. ZyWALL SSL 10 User’s Guide...

  • Page 54: Figure 50 Login Screen

    Appendix B Importing Certificates Figure 50 Login Screen 2 Click Install Certificate to open the Install Certificate wizard. Figure 51 Certificate General Information before Import 3 Click Next to begin the Install Certificate wizard. ZyWALL SSL 10 User’s Guide...

  • Page 55: Figure 52 Certificate Import Wizard 1

    Figure 52 Certificate Import Wizard 1 4 Select where you would like to store the certificate and then click Next. Figure 53 Certificate Import Wizard 2 5 Click Finish to complete the Import Certificate wizard. ZyWALL SSL 10 User’s Guide...

  • Page 56: Figure 54 Certificate Import Wizard 3

    Appendix B Importing Certificates Figure 54 Certificate Import Wizard 3 6 Click Yes to add the ZyWALL certificate to the root store. Figure 55 Root Certificate Store ZyWALL SSL 10 User’s Guide...

  • Page 57: Figure 56 Certificate General Information After Import

    You must have imported at least one trusted CA to the ZyWALL in order for the Authenticate Client Certificates to be active (see the Certificates chapter for details). Apply for a certificate from a Certification Authority (CA) that is trusted by the ZyWALL (see the ZyWALL’s Trusted CA web configurator screen). ZyWALL SSL 10 User’s Guide...

  • Page 58: Figure 57 Zywall Trusted Ca Screen

    The CA sends you a package containing the CA’s trusted certificate(s), your personal certificate(s) and a password to install the personal certificate(s). Installing the CA’s Certificate 1 Double click the CA’s trusted certificate to produce a screen similar to the one shown next. ZyWALL SSL 10 User’s Guide...

  • Page 59: Figure 58 Ca Certificate Example

    Double-click the personal certificate given to you by the CA to produce a screen similar to the one shown next 1 Click Next to begin the wizard. Figure 59 Personal Certificate Import Wizard 1 ZyWALL SSL 10 User’s Guide...

  • Page 60: Figure 60 Personal Certificate Import Wizard 2

    Figure 61 Personal Certificate Import Wizard 3 4 Have the wizard determine where the certificate should be saved on your computer or select Place all certificates in the following store and choose a different location. ZyWALL SSL 10 User’s Guide...

  • Page 61: Figure 62 Personal Certificate Import Wizard 4

    5 Click Finish to complete the wizard and begin the import process. Figure 63 Personal Certificate Import Wizard 5 6 You should see the following screen when the certificate is correctly installed on your computer. Figure 64 Personal Certificate Import Wizard 6 ZyWALL SSL 10 User’s Guide...

  • Page 62: Figure 65 Access The Zywall Via Https

    ZyWALL. This screen displays even if you only have a single certificate as in the example. Figure 66 SSL Client Authentication 3 You next see the ZyWALL login screen. Figure 67 ZyWALL Secure Login Screen ZyWALL SSL 10 User’s Guide...

  • Page 63: Appendix C Legal Information

    Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others.

  • Page 64: Zyxel Limited Warranty

    Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.

  • Page 65: Appendix D Customer Support

    • Telephone: +506-2017878 • Fax: +506-2015098 • Web Site: www.zyxel.co.cr • FTP Site: ftp.zyxel.co.cr • Regular Mail: ZyXEL Costa Rica, Plaza Roble Escazú, Etapa El Patio, Tercer Piso, San José, Costa Rica Czech Republic • E-mail: info@cz.zyxel.com • Telephone: +420-241-091-350 •...
  • Page 66 • E-mail: info@zyxel.fr • Telephone: +33-4-72-52-97-97 • Fax: +33-4-72-52-19-20 • Web Site: www.zyxel.fr • Regular Mail: ZyXEL France, 1 rue des Vergers, Bat. 1 / C, 69760 Limonest, France Germany • Support E-mail: support@zyxel.de • Sales E-mail: sales@zyxel.de • Telephone: +49-2405-6909-0 •...
  • Page 67 • Sales E-mail: sales@zyxel.com • Telephone: +1-800-255-4101, +1-714-632-0882 • Fax: +1-714-632-0858 • Web Site: www.us.zyxel.com • FTP Site: ftp.us.zyxel.com • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 92806- 2001, U.S.A. Norway • Support E-mail: support@zyxel.no • Sales E-mail: sales@zyxel.no •...
  • Page 68 Appendix D Customer Support • Web Site: www.zyxel.es • Regular Mail: ZyXEL Communications, Arte, 21 5ª planta, 28033 Madrid, Spain Sweden • Support E-mail: support@zyxel.se • Sales E-mail: sales@zyxel.se • Telephone: +46-31-744-7700 • Fax: +46-31-744-7701 • Web Site: www.zyxel.se • Regular Mail: ZyXEL Communications A/S, Sjöporten 4, 41764 Göteborg, Sweden Ukraine •...

Table of Contents