Sign In
Upload
Manuals
Brands
ZyXEL Communications Manuals
Gateway
ZYWALL2 ET 2WE
ZyXEL Communications ZYWALL2 ET 2WE Manuals
Manuals and User Guides for ZyXEL Communications ZYWALL2 ET 2WE. We have
1
ZyXEL Communications ZYWALL2 ET 2WE manual available for free PDF download: User Manual
ZyXEL Communications ZYWALL2 ET 2WE User Manual (614 pages)
Internet Security Gateway
Brand:
ZyXEL Communications
| Category:
Gateway
| Size: 17.01 MB
Table of Contents
Information for Canadian Users
4
Zyxel Limited Warranty
5
Customer Support
6
Warranty Information
6
Table of Contents
7
List of Figures
15
Preface
26
Related Documentation
26
Syntax Conventions
26
Getting Started
29
Chapter 1 Getting to Know Your Zywall
31
Introducing the Zywall
31
Features
31
Table 1-1 Model Specific Features
31
Reset Button
32
Content Filtering
33
Pptp Encapsulation
34
Dynamic Dns Support
34
Traffic Redirect
35
Port Forwarding
35
Applications for the Zywall
36
Figure 1-1 Secure Internet Access Via Cable, DSL or Wireless Modem
36
Figure 1-2 Secure Internet Access and VPN Application
37
Chapter 2 Introducing the Web Configurator
39
Web Configurator Overview
39
Accessing the Zywall Web Configurator
39
Figure 2-1 Change Password Screen
39
Resetting the Zywall
40
Figure 2-2 Replace Certificate Screen
40
Navigating the Zywall Web Configurator
41
Figure 2-3 Example Xmodem Upload
41
Figure 2-4 the MAIN MENU Screen of the Web Configurator
42
Table 2-1 Web Configurator Screens Summary
42
Chapter 3 Wizard Setup
47
Wizard Setup Overview
47
General Setup and System Name
47
Internet Access
48
Figure 3-1 Wizard 1
48
Figure 3-2 Wizard 2: Ethernet Encapsulation
49
Table 3-1 Ethernet Encapsulation
49
Pppoe Encapsulation
50
Figure 3-3 Wizard2: Pppoe Encapsulation
51
Table 3-2 Pppoe Encapsulation
51
Figure 3-4 Wizard 2: PPTP Encapsulation
53
Table 3-3 PPTP Encapsulation
53
WAN and DNS
54
Table 3-4 Private IP Address Ranges
54
Dns Server Address Assignment
55
Ip Address and Subnet Mask
55
Table 3-5 Example of Network Properties for LAN Servers with Fixed IP Addresses
56
Figure 3-5 Wizard 3
57
Table 3-6 Wizard 3
57
Basic Setup Complete
58
Figure 3-6 Internet Access Wizard Setup Complete
59
System and LAN
61
Chapter 4 System Screens
63
System Overview
63
Configuring General Setup
63
Figure 4-1 System General Setup
63
Table 4-1 System General Setup
64
Dynamic DNS
65
Configuring Dynamic DNS
65
Figure 4-2 DDNS
66
Table 4-2 DDNS
66
Configuring Password
67
Pre-Defined NTP Time Servers List
68
Figure 4-3 Password
68
Table 4-3 Password
68
Configuring Time Setting
69
Table 4-4 Default Time Servers
69
Figure 4-4 Time Setting
70
Table 4-5 Time Setting
70
Chapter 5 LAN Screens
73
LAN Overview
73
DHCP Setup
73
IP Address and Subnet Mask
73
DNS Server Address Assignment
74
Lan Tcp/Ip
74
Configuring IP
75
Figure 5-1 IP
76
Table 5-1 IP
76
Configuring Static DHCP
78
Configuring IP Alias
79
Figure 5-2 Static DHCP
79
Table 5-2 Static DHCP
79
Figure 5-3 Physical Network Figure 5-4 Partitioned Logical Networks
80
Figure 5-5 IP Alias
80
Table 5-3 IP Alias
81
WAN and Wireless LAN
83
Chapter 6 WAN Screens
85
WAN Overview
85
TCP/IP Priority (Metric)
85
WAN IP Address Assignment
85
Configuring Route
86
Table 6-1 Private IP Address Ranges
86
Table 6-2 Example of Network Properties for LAN Servers with Fixed IP Addresses
86
Configuring WAN ISP
87
Figure 6-1 WAN Setup: Route
87
Table 6-3 WAN Setup: Route
87
Figure 6-2 Ethernet Encapsulation
88
Table 6-4 Ethernet Encapsulation
88
Figure 6-3 Pppoe Encapsulation
90
Table 6-5 Pppoe Encapsulation
90
Figure 6-4 PPTP Encapsulation
92
Table 6-6 PPTP Encapsulation
92
Configuring WAN IP
93
Figure 6-5 IP Setup
94
Table 6-7 IP Setup
94
Configuring WAN MAC
97
Figure 6-6 MAC Setup
97
Traffic Redirect
98
Figure 6-7 Traffic Redirect Setup Example
98
Configuring Traffic Redirect
99
Figure 6-8 Traffic Redirect LAN Setup
99
Figure 6-9 Traffic Redirect
100
Table 6-8 Traffic Redirect
100
Configuring Dial Backup
101
Figure 6-10 Dial Backup Setup
102
Table 6-9 Dial Backup Setup
103
Advanced Modem Setup
106
Configuring Advanced Modem Setup
107
Figure 6-11 Advanced Setup
108
Table 6-10 Advanced Setup
108
Chapter 7 Wireless LAN Screens
111
Wireless LAN Overview
111
Wireless LAN Basics
111
Figure 7-1 RTS Threshold
112
Wireless Security
113
Figure 7-2 Zywall Wireless Security Levels
113
Configuring Wireless LAN
114
Figure 7-3 Wireless
114
Table 7-1 Wireless
115
Configuring MAC Filter
116
Figure 7-4 MAC Address Filter
116
Overview
117
Table 7-2 MAC Address Filter
117
Eap Authentication Overview
118
Local User Database
119
Configuring 802.1X
119
Figure 7-5 EAP Authentication
119
Figure 7-6 802.1X Authentication
120
Table 7-3 802.1X Authentication
120
NAT and Static Route
121
Chapter 8 Network Address Translation (NAT)
123
NAT Overview
123
Table 8-1 NAT Definitions
123
Figure 8-1 How NAT Works
124
Figure 8-2 NAT Application with IP Alias
125
Using NAT
126
Table 8-2 NAT Mapping Types
126
SUA Server
127
Table 8-3 Services and Port Numbers
127
Figure 8-3 Multiple Servers Behind NAT Example
128
Figure 17-22 SNMP
128
Configuring SUA Server
129
Figure 8-4 SUA Server
129
Configuring Address Mapping
130
Table 8-4 SUA Server
130
Figure 8-5 Address Mapping
131
Table 8-5 Address Mapping
131
Figure 8-6 Address Mapping Rule
132
Configuring Trigger Port
133
Table 8-6 Address Mapping Rule
133
Figure 8-7 Trigger Port Forwarding Example
134
Figure 8-8 Trigger Port
135
Table 8-7 Trigger Port
135
Chapter 9 Static Route Screens
137
Static Route Overview
137
Configuring IP Static Route
137
Figure 9-1 Example of Static Routing Topology
137
Figure 9-2 Static Route Screen
138
Table 9-1 IP Static Route Summary
138
Figure 9-3 Edit IP Static Route
139
Table 9-2 Edit IP Static Route
139
Firewall and Content Filters
141
Chapter 10 Firewalls
143
Firewall Overview
143
Types of Firewalls
143
Introduction to Nortel Networks Firewall
144
Denial of Service
145
Figure 10-1 Zywall Firewall Application
145
Table 10-1 Common IP Ports
146
Figure 10-2 Three-Way Handshake
147
Figure 10-3 SYN Flood
147
Figure 10-4 Smurf Attack
148
Table 10-2 ICMP Commands that Trigger Alerts
148
Stateful Inspection
149
Table 10-3 Legal Netbios Commands
149
Table 10-4 Legal SMTP Commands
149
Figure 10-5 Stateful Inspection
150
Stateful Inspection and the Zywall
151
Tcp Security
152
Guidelines for Enhancing Security with Your Firewall
153
Packet Filtering Vs Firewall
153
When to Use Filtering
154
When to Use the Firewall
154
Chapter 11 Firewall Screens
157
Access Methods
157
Firewall Policies Overview
157
Rule Logic Overview
158
Connection Direction Examples
159
Figure 11-1 LAN to WAN Traffic
160
Alerts
161
Configuring Firewall
161
Figure 11-2 WAN to LAN Traffic
161
Figure 11-3 Enabling the Firewall
162
Table 11-1 Firewall Rules Summary: First Screen
163
Configuring Firewall Rules
164
Figure 11-4 Creating/Editing a Firewall Rule
165
Table 11-2 Creating/Editing a Firewall Rule
166
Figure 11-5 Adding/Editing Source and Destination Addresses
167
Figure 11-6 Creating/Editing a Custom Port
168
Table 11-3 Adding/Editing Source and Destination Addresses
168
Example Firewall Rule
169
Table 11-4 Creating/Editing a Custom Port
169
Figure 11-7 Firewall IP Config Screen
170
Figure 11-8 Firewall Rule Edit IP Example
171
Figure 11-9 Edit Custom Port Example
171
Figure 11-10 Myservice Rule Configuration
172
Figure 11-11 My Service Example Rule Summary
173
Predefined Services
174
Table 11-5 Predefined Services
174
Configuring Attack Alert
176
Threshold Values
177
Figure 11-12 Attack Alert
178
Table 11-6 Attack Alert
179
Chapter 12 Content Filtering Screens
181
Introduction to Content Filtering
181
General Content Filter Configuration
181
Figure 12-1 Content Filter : General
182
Table 12-1 Content Filter : General
183
Content Filtering with an External Server
184
Figure 12-2 Content Filtering Lookup Procedure
184
Checking Content Filtering Activation
185
Configuring Categories
185
Figure 12-3 Content Filter : Categories
186
Table 12-2 Content Filter : Categories
187
Configuring Customization
194
Figure 12-4 Content Filter : Customization
195
Table 12-3 Content Filter : Customization
196
Vpn/Ipsec
199
Chapter 13 Introduction to Ipsec
201
VPN Overview
201
Figure 13-1 Encryption and Decryption
202
Ipsec Architecture
203
Figure 13-2 Ipsec Architecture
203
Encapsulation
204
Figure 13-3 Transport and Tunnel Mode Ipsec Encapsulation
204
Ipsec and NAT
205
Table 13-1 VPN and NAT
205
Chapter 14 VPN Screens
207
Vpn/Ipsec Overview
207
Ipsec Algorithms
207
My IP Address
208
Secure Gateway Address
208
Table 14-1 AH and ESP
208
Summary Screen
209
Figure 14-1 Ipsec Summary Fields
209
Figure 14-2 VPN Rules
210
Table 14-2 VPN Rules
210
Keep Alive
211
NAT Traversal
212
Figure 14-3 NAT Router between Ipsec Routers
212
Figure 14-4 VPN Host Using Intranet DNS Server Example
213
ID Type and Content
214
Table 14-3 Local ID Type and Content Fields
214
Table 14-4 Peer ID Type and Content Fields
215
Table 14-5 Matching ID Type and Content Configuration Example
215
Table 14-6 Mismatching ID Type and Content Configuration Example
215
Pre-Shared Key
216
VPN Implementation
216
Figure 14-5 Client-To-Site VPN Example
216
Configuring Basic IKE VPN Rule Setup
217
Figure 14-6 Site-To-Site VPN Example
217
Figure 14-7 Basic IKE VPN Rule Edit
218
Table 14-7 Basic IKE VPN Rule Edit
219
IKE Phases
227
Figure 14-8 Two Phases to Set up the Ipsec SA
228
Negotiation Mode
229
Configuring Advanced IKE Setup
230
Figure 14-9 Advanced IKE VPN Rule Setup
231
Table 14-8 Advanced IKE VPN Rule Setup
232
Manual Key Setup
234
Configuring Edit Manual Setup
234
Figure 14-10 Manual VPN Rule Setup
235
Table 14-9 VPN Manual Setup
236
SA Monitor
239
Figure 14-11 VPN SA Monitor
239
Global Settings
240
Figure 14-12 VPN Global Setting
240
Table 14-10 VPN SA Monitor
240
Telecommuter Vpn/Ipsec Examples
241
Table 14-11 VPN Global Setting
241
Figure 14-13 Telecommuters Sharing One VPN Rule Example
242
Table 14-12 Telecommuters Sharing One VPN Rule Example
242
Figure 14-14 Telecommuters Using Unique VPN Rules Example
243
Table 14-13 Telecommuters Using Unique VPN Rules Example
243
VPN and Remote Management
244
Certificates
245
Chapter 15 Certificates
247
Certificates Overview
247
Self-Signed Certificates
248
Configuration Summary
248
Figure 15-1 Certificate Configuration Overview
248
My Certificates
249
Figure 15-2 My Certificates
249
Table 15-1 My Certificates
250
Certificate File Formats
251
Importing a Certificate
252
Figure 15-3 My Certificate Import
252
Table 15-2 My Certificate Import
252
Creating a Certificate
253
Figure 15-4 My Certificate Create
253
Table 15-3 My Certificate Create
254
My Certificate Details
256
Figure 15-5 My Certificate Details
257
Table 15-4 My Certificate Details
258
Trusted Cas
260
Figure 15-6 Trusted Cas
261
Table 15-5 Trusted Cas
261
Importing a Trusted Ca's Certificate
262
Trusted CA Certificate Details
263
Figure 15-7 Trusted CA Import
263
Table 15-6 Trusted CA Import
263
Figure 15-8 Trusted CA Details
264
Table 15-7 Trusted CA Details
265
Trusted Remote Hosts
267
Figure 15-9 Trusted Remote Hosts
268
Table 15-8 Trusted Remote Hosts
268
Verifying a Trusted Remote Host's Certificate
269
Importing a Trusted Remote Host's Certificate
270
Table 15-9 Remote Host Certificates
270
Table 15-10 Certificate Details
270
Trusted Remote Host Certificate Details
271
Figure 15-10 Trusted Remote Host Import
271
Table 15-11 Trusted Remote Host Import
271
Figure 15-11 Trusted Remote Host Details
272
Table 15-12 Trusted Remote Host Details
273
Directory Servers
275
Figure 15-12 Directory Servers
275
Table 15-13 Directory Servers
275
Add or Edit a Directory Server
276
Figure 15-13 Directory Server Add
276
Table 15-14 Directory Server Add
277
Authentication Server, Remote Management and Upnp
279
Chapter 16 Authentication Server
281
Authentication Server Overview
281
Local User Database
281
Configuring Local User Database
281
Figure 16-1 Local User Database
282
Configuring RADIUS
283
Table 16-1 Local User Database
283
Figure 16-2 RADIUS
284
Table 16-2 RADIUS
284
Chapter 17 Remote Management Screens
287
Remote Management Overview
287
Introduction to HTTPS
288
Figure 17-1 HTTPS Implementation
289
Configuring WWW
290
Figure 17-2 WWW
290
Table 17-1 WWW
291
HTTPS Example
292
Figure 17-3 Security Alert Dialog Box (Internet Explorer)
292
Figure 17-4 Security Certificate 1 (Netscape)
293
Figure 17-5 Security Certificate 2 (Netscape)
294
Login Screen
295
Figure 17-6 Login Screen (Internet Explorer)
296
Figure 17-7 Login Screen (Netscape)
297
Figure 17-8 Replace Certificate
298
Figure 17-9 Device-Specific Certificate
298
SSH Overview
299
Figure 17-10 Common Zywall Certificate
299
How SSH Works
300
Figure 17-11 SSH Communication Example
300
Figure 17-12How SSH Works
300
SSH Implementation on the Zywall
301
Configuring SSH
301
Figure 17-13 SSH
301
Secure Telnet Using SSH Examples
302
Table 17-2 SSH
302
Figure 17-14 SSH Example 1: Store Host Key
303
Figure 17-15 SSH Example 2: Test
303
Secure FTP Using SSH Example
304
Figure 17-16SSH Example 2: Log in
304
Telnet
305
Figure 17-17 Secure FTP: Firmware Upload Example
305
Figure 17-18 Telnet Configuration on a TCP/IP Network
305
Configuring TELNET
306
Figure 17-19 Telnet
306
Table 17-3 Telnet
306
Configuring FTP
307
Figure 17-20 FTP
307
Table 17-4 FTP
307
Configuring SNMP
308
Figure 17-21 SNMP Management Model
309
Table 17-5 SNMP Traps
310
Configuring DNS
312
Table 17-6 SNMP
312
Figure 17-23 DNS
313
Table 17-7 DNS
313
Configuring Security
314
Figure 17-24 Security
314
Table 17-8 Security
314
Chapter 18 Upnp
317
Universal Plug and Play Overview
317
Upnp Implementation
318
Configuring Upnp
318
Figure 18-1 Configuring Upnp
319
Table 18-1 Configuring Upnp
319
Displaying Upnp Port Mapping
320
Figure 18-2 Upnp Ports
320
Table 18-2 Upnp Ports
320
Installing Upnp in Windows Example
321
Installing Upnp in Windows Xp
322
Using Upnp in Windows XP Example
324
Web Configurator Easy Access
326
Logs
327
Chapter 19 Logs Screens
329
Configuring View Log
329
Figure 19-1 View Log
330
Table 19-1 View Log
330
Configuring Log Settings
331
Figure 19-2 Log Settings
332
Table 19-2 Log Settings
333
Configuring Reports
334
Figure 19-3 Reports
335
Table 19-3 Reports
335
Figure 19-4 Web Site Hits Report Example
336
Figure 19-5 Protocol/Port Report Example
337
Table 19-4 Web Site Hits Report
337
Figure 19-6 LAN IP Address Report Example
338
Table 19-5 Protocol/ Port Report
338
Table 19-6 LAN IP Address Report
339
Table 19-7 Report Specifications
339
Maintenance
341
Chapter 20 Maintenance
343
Maintenance Overview
343
Status Screen
343
Figure 20-1 System Status
343
Table 20-1 System Status
344
Figure 20-2 System Status: Show Statistics
345
Table 20-2 System Status: Show Statistics
345
DHCP Table Screen
346
Figure 20-3 DHCP Table
346
Table 20-3 DHCP Table
346
F/W Upload Screen
347
Figure 20-4 Firmware Upload
347
Figure 20-5 Firmware Upload
348
Figure 20-6 Firmware Upload in Process
348
Configuration Screen
349
Figure 20-7 Network Temporarily Disconnected
349
Figure 20-8 Firmware Upload Error
349
Figure 20-9 Configuration
350
Figure 20-10 Configuration Upload Successful
351
Figure 20-11 Network Temporarily Disconnected
351
Table 20-4 Restore Configuration
351
Figure 20-12 Configuration Upload Error
352
Figure 20-13 Reset Warning Message
352
Restart Screen
353
Figure 20-14 Restart Screen
353
SMT General Configuration
355
Chapter 21 Introducing the SMT
357
Introduction to the SMT
357
Accessing the SMT Via the Console Port
357
Figure 21-1 Initial Screen
357
Navigating the SMT Interface
358
Figure 21-2 Password Screen
358
Table 21-1 Main Menu Commands
358
Figure 21-3 Main Menu
359
Table 21-2 Main Menu Summary
360
Figure 21-4 Zywall 2 SMT Menu Overview Example
361
Changing the System Password
362
Resetting the Zywall
362
Figure 21-5 Menu 23: System Password
362
Chapter 22 SMT Menu 1 - General Setup
363
Introduction to General Setup
363
Configuring General Setup
363
Figure 22-1 Menu 1: General Setup
363
Table 22-1 Menu 1: General Setup
363
Figure 22-2 Configure Dynamic DNS
365
Table 22-2 Configure Dynamic DNS
365
Chapter 23 WAN and Dial Backup Setup
367
Introduction to WAN
367
Figure 23-1 MAC Address Cloning in WAN Setup
367
Table 23-1 MAC Address Cloning in WAN Setup
367
Dial Backup
368
Configuring Dial Backup in Menu 2
368
Figure 23-2 Menu 2: Dial Backup Setup
368
Advanced WAN Setup
369
Table 23-2 Menu 2: Dial Backup Setup
369
Figure 23-3 Menu 2.1 Advanced WAN Setup
370
Table 23-3 Advanced WAN Port Setup: at Commands Fields
370
Remote Node Profile (Backup ISP)
371
Table 23-4 Advanced WAN Port Setup: Call Control Parameters
371
Figure 23-4 Menu 11.1 Remote Node Profile (Backup ISP)
372
Table 23-5 Menu 11.1 Remote Node Profile (Backup ISP)
372
Editing PPP Options
374
Figure 23-5 Menu 11.2: Remote Node PPP Options
374
Figure 23-6 Menu 11.2: Remote Node PPP Options
374
Editing TCP/IP Options
375
Figure 23-7 Menu 11.3: Remote Node Network Layer Options
375
Table 23-6 Menu 11.3: Remote Node Network Layer Options
375
Editing Login Script
377
Remote Node Filter
378
Figure 23-8 Menu 11.4: Remote Node Script
378
Table 23-7 Menu 11.4: Remote Node Script
378
Figure 23-9 Menu 11.5: Dial Backup Remote Node Filter
379
Chapter 24 LAN Setup
381
Introduction to LAN Setup
381
Accessing the LAN Menus
381
LAN Port Filter Setup
381
Figure 24-1 Menu 3: LAN Setup
381
TCP/IP and DHCP Ethernet Setup Menu
382
Figure 24-2 Menu 3.1: LAN Port Filter Setup
382
Figure 24-3 Menu 3: TCP/IP and DHCP Setup
382
Figure 24-4 Menu 3.2: TCP/IP and DHCP Ethernet Setup
383
Table 24-1 DHCP Ethernet Setup Menu Fields
383
Table 24-2 LAN TCP/IP Setup Menu Fields
384
Figure 24-7 Menu 3.2.1: IP Alias Setup
385
Table 24-3 Menu 3.2.1: IP Alias Setup
385
Wireless LAN Setup
386
Figure 24-8 Menu 3.5: Wireless LAN Setup
387
Table 24-4 Menu 3.5: Wireless LAN Setup
387
Figure 24-9 Menu 3.5.1: WLAN MAC Address Filter
389
Table 24-5 Menu 3.5.1: WLAN MAC Address Filter
389
Chapter 25 Internet Access
391
Introduction to Internet Access Setup
391
Ethernet Encapsulation
391
Figure 25-1 Menu 4: Internet Access Setup (Ethernet)
391
Table 25-1 Menu 4: Internet Access Setup (Ethernet)
391
PPTP Encapsulation
393
Figure 25-2 Internet Access Setup (PPTP)
393
Pppoe Encapsulation
394
Table 25-2 New Fields in Menu 4 (PPTP) Screen
394
Basic Setup Complete
395
Figure 25-3 Internet Access Setup (Pppoe)
395
Table 25-3 New Fields in Menu 4 (Pppoe) Screen
395
SMT Advanced Applications
397
Chapter 26 Remote Node Setup
399
Introduction to Remote Node Setup
399
Remote Node Setup
399
Figure 26-1Menu 11.1: Remote Node Profile for Ethernet Encapsulation
400
Table 26-1 Menu 11.1: Remote Node Profile for Ethernet Encapsulation
400
Figure 26-2 Menu 11.1: Remote Node Profile for Pppoe Encapsulation
402
Table 26-2 Fields in Menu 11.1 (Pppoe Encapsulation Specific)
403
Figure 26-3 Menu 11.1: Remote Node Profile for PPTP Encapsulation
404
Table 26-3 Fields in Menu 11.1 (PPTP Encapsulation)
404
Edit IP
405
Figure 26-4 Menu 11.3: Remote Node Network Layer Options for Ethernet Encapsulation
405
Table 26-4 Remote Node Network Layer Options Menu Fields
405
Remote Node Filter
407
Figure 26-5 Menu 11.5: Remote Node Filter (Ethernet Encapsulation)
407
Traffic Redirect
408
Figure 26-6 Menu 11.5: Remote Node Filter (Pppoe or PPTP Encapsulation)
408
Figure 26-7 Menu 11.1: Remote Node Profile
408
Figure 26-8 Menu 11.6: Traffic Redirect Setup
409
Table 26-5 Menu 11.1: Remote Node Profile (Traffic Redirect Field)
409
Table 26-6 Menu 11.6: Traffic Redirect Setup
410
Chapter 27 IP Static Route Setup
413
IP Static Route Setup
413
Figure 27-1 Menu 12: IP Static Route Setup
413
Figure 27-2 Menu 12. 1: Edit IP Static Route
414
Table 27-1 Menu 12. 1: Edit IP Static Route
414
Chapter 28 Network Address Translation (NAT)
415
Using NAT
415
Figure 28-1 Menu 4: Applying NAT for Internet Access
416
Figure 28-2 Menu 11.3: Applying NAT to the Remote Node
416
NAT Setup
417
Figure 28-3 Menu 15: NAT Setup
417
Table 28-1 Applying NAT in Menus 4 & 11.3
417
Figure 28-4 Menu 15.1: Address Mapping Sets
418
Figure 28-5 Menu 15.1.255: SUA Address Mapping Rules
418
Table 28-2 SUA Address Mapping Rules
419
Figure 28-6 Menu 15.1.1: First Set
420
Figure 28-7 Menu 15.1.1.1: Editing/Configuring an Individual Rule in a Set
421
Table 28-3 Fields in Menu 15.1.1
421
Configuring a Server Behind NAT
422
Table 28-4 Menu 15.1.1.1: Editing/Configuring an Individual Rule in a Set
422
General NAT Examples
423
Figure 28-8 Menu 15.2: NAT Server Setup
423
Figure 28-9 Multiple Servers Behind NAT Example
423
Figure 28-10 NAT Example 1
424
Figure 28-11 Menu 4: Internet Access & NAT Example
424
Figure 28-12 NAT Example 2
425
Figure 28-13 Menu 15.2: Specifying an Inside Server
425
Figure 28-14 NAT Example 3
426
Figure 28-15 Example 3: Menu 11.3
427
Figure 28-16 Example 3: Menu 15.1.1.1
427
Figure 28-17 Example 3: Final Menu 15.1.1
428
Figure 28-18 Example 3: Menu 15.2
428
Figure 28-19 NAT Example 4
429
Trigger Port Forwarding
430
Figure 28-20 Example 4: Menu 15.1.1.1: Address Mapping Rule
430
Figure 28-21 Example 4: Menu 15.1.1: Address Mapping Rules
430
Figure 28-22 Trigger Port Forwarding Process: Example
431
Figure 28-23 Menu 15.3: Trigger Port Setup
432
Table 28-5 Menu 15.3: Trigger Port Setup
433
Chapter 29 Introducing the Firewall
435
Using SMT Menus
435
Figure 29-1 Menu 21: Filter and Firewall Setup
435
Figure 29-2 Menu 21.2: Firewall Setup
436
Chapter 30 Filter Configuration
437
Introduction to Filters
437
Figure 30-1 Outgoing Packet Filtering Process
438
Figure 30-2 Filter Rule Process
439
Configuring a Filter Set
440
Figure 30-3 Menu 21: Filter and Firewall Setup
440
Figure 30-4 Menu 21.1: Filter Set Configuration
440
Table 30-1 Abbreviations Used in the Filter Rules Summary Menu
441
Table 30-2 Rule Abbreviations Used
442
Figure 30-5 Menu 21.1.1.1: TCP/IP Filter Rule
443
Table 30-3 TCP/IP Filter Rule Menu Fields
443
Figure 30-6 Executing an IP Filter
446
Figure 30-7 Menu 21.1.1.1: Generic Filter Rule
447
Table 30-4 Menu 21.1.1.1: Generic Filter Rule
447
Example Filter
449
Figure 30-8 Telnet Filter Example
449
Figure 30-9 Example Filter: Menu 21.1.3.1
450
Figure 30-10 Example Filter Rules Summary: Menu 21.1.3
451
Filter Types and NAT
452
Firewall Versus Filters
452
Figure 30-11 Protocol and Device Filter Sets
452
Applying a Filter
453
Figure 30-12 Filtering LAN Traffic
453
Figure 30-13 Filtering Remote Node Traffic
454
Chapter 31 SNMP Configuration
455
SNMP Configuration
455
Figure 31-1 Menu 22: SNMP Configuration
455
Table 31-1 Menu 22: SNMP Configuration
455
SNMP Traps
456
Table 31-2 SNMP Traps
456
SMT System Maintenance
457
Chapter 32 System Information & Diagnosis
459
Introduction to System Status
459
System Status
459
Figure 32-1 Menu 24: System Maintenance
459
Figure 32-2 Menu 24.1: System Maintenance: Status
460
Table 32-1 System Maintenance: Status Menu Fields
460
System Information and Console Port Speed
461
Figure 32-3 Menu 24.2: System Information and Console Port Speed
462
Figure 32-4 Menu 24.2.1: System Maintenance: Information
462
Table 32-2 Fields in System Maintenance: Information
462
Log and Trace
463
Figure 32-5 Menu 24.2.2: System Maintenance: Change Console Port Speed
463
Figure 32-6 Menu 24.3: System Maintenance: Log and Trace
464
Figure 32-7 Menu 24.3.2: System Maintenance: UNIX Syslog
464
Table 32-3 System Maintenance Menu Syslog Parameters
464
Filter Log
465
Firewall Log
466
Figure 32-8 Call-Triggering Packet Example
467
Figure 32-9 Menu 24.4: System Maintenance: Diagnostic
468
Figure 32-10 WAN & LAN DHCP
469
Table 32-4 System Maintenance Menu Diagnostic
469
Chapter 33 Firmware and Configuration File Maintenance
471
Introduction
471
Filename Conventions
471
Backup Configuration
472
Table 33-1 Filename Conventions
472
Figure 33-1 Telnet into Menu 24.5
473
Figure 33-2 FTP Session Example
474
Table 33-2 General Commands for GUI-Based FTP Clients
474
Backup Configuration Using Tftp
475
File Maintenance over Wan
475
Table 33-3 General Commands for GUI-Based TFTP Clients
476
Figure 33-3 System Maintenance: Backup Configuration
477
Figure 33-4 System Maintenance: Starting Xmodem Download Screen
477
Figure 33-5 Backup Configuration Example
477
Figure 33-6 Successful Backup Confirmation Screen
477
Restore Configuration
478
Figure 33-7 Telnet into Menu 24.6
478
Figure 33-8 Restore Using FTP Session Example
479
Figure 33-9 System Maintenance: Restore Configuration
480
Figure 33-10 System Maintenance: Starting Xmodem Download Screen
480
Figure 33-11 Restore Configuration Example
480
Figure 33-12 Successful Restoration Confirmation Screen
480
Uploading Firmware and Configuration Files
481
Figure 33-13 Telnet into Menu 24.7.1: Upload System Firmware
481
Figure 33-14 Telnet into Menu 24.7.2: System Maintenance
482
Configuration File Upload
482
Figure 33-15 FTP Session Example of Firmware File Upload
483
Tftp Upload Command Example
484
Uploading Via Console Port
484
Figure 33-16 Menu 24.7.1 as Seen Using the Console Port
485
Figure 33-17 Example Xmodem Upload
486
Figure 33-18 Menu 24.7.2 as Seen Using the Console Port
487
Figure 33-19 Example Xmodem Upload
488
Chapter 34 System Maintenance Menus 8 to 10
489
Command Interpreter Mode
489
Figure 34-1 Command Mode in Menu 24
489
Figure 34-2 Valid Commands
490
Table 34-1 Valid Commands
490
Call Control Support
491
Figure 34-3 Call Control
491
Figure 34-4 Budget Management
492
Table 34-2 Budget Management
492
Time and Date Setting
493
Figure 34-5 Call History
493
Table 34-3 Call History Fields
493
Figure 34-6 Menu 24: System Maintenance
494
Figure 34-7 Menu 24.10 System Maintenance: Time and Date Setting
494
Table 34-4 Menu 24.10 System Maintenance: Time and Date Setting
495
Chapter 35 Remote Management
497
Remote Management
497
Figure 35-1 Menu 24.11 - Remote Management Control
498
Table 35-1 Menu 24.11 - Remote Management Control
498
Remote Management Limitations
499
SMT Advanced Management
501
Chapter 36 Call Scheduling
503
Introduction to Call Scheduling
503
Figure 36-1 Schedule Setup
503
Figure 36-2 Schedule Set Setup
504
Table 36-1 Schedule Set Setup
504
Figure 36-3 Applying Schedule Set(S) to a Remote Node (Pppoe)
506
Figure 36-4 Applying Schedule Set(S) to a Remote Node (PPTP)
506
Chapter 37 Vpn/Ipsec Setup
507
Introduction
507
Figure 37-1 VPN SMT Menu Tree
507
Ipsec Summary Screen
508
Figure 37-2 Menu 27: Vpn/Ipsec Setup
508
Figure 37-3 Menu 27.1: Ipsec Summary
508
Table 37-1 Menu 27.1: Ipsec Summary
508
Ipsec Setup
511
Figure 37-4 Menu 27.1.1: Ipsec Setup
512
Table 37-2 Menu 27.1.1: Ipsec Setup
512
IKE Setup
517
Figure 37-5 Menu 27.1.1.1: IKE Setup
518
Table 37-3 Menu 27.1.1.1: IKE Setup
518
Manual Setup
520
Table 37-4 Active Protocol: Encapsulation and Security Protocol
520
Figure 37-6 Menu 27.1.1.2: Manual Setup
521
Table 37-5 Menu 27.1.1.2: Manual Setup
521
Chapter 38 SA Monitor
523
Introduction
523
Using SA Monitor
523
Figure 38-1 Menu 27.2: SA Monitor
523
Table 38-1 Menu 27.2: SA Monitor
524
General Appendices
525
Appendix A Troubleshooting
527
Appendix B Setting up Your Computer's IP Address
531
Appendix C Triangle Route
543
Infrastructure Wireless Lan Configuration
548
Appendix D Wireless LAN and IEEE 802.11
551
Appendix E Wireless LAN with IEEE 802.1X
551
Radius Server Authentication Sequence
552
Appendix F Types of EAP Authentication
553
Appendix Gpppoe
555
Appendix Hpptp
557
Appendix I IP Subnetting
562
Appendix J Safety Warnings and Instructions
569
Command, Log Appendices and Index
571
Appendix K Command Interpreter
573
Appendix L Firewall Commands
575
Firewall Commands
577
Appendix M Netbios Filter Commands
581
Appendix N Boot Commands
585
Appendix O Log Descriptions
587
Vpn Responder Ipsec Log
598
Appendix P Brute-Force Password Guessing Protection
605
Appendix Q Index
607
Advertisement
Advertisement
Related Products
ZyXEL Communications ZYWALL 200
ZyXEL Communications ZyXEL ZYWALL10
ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0
ZyXEL Communications ZYWALL - CLI
ZyXEL Communications ZyWALL USG 50
ZyXEL Communications ZYWALL USG 20
ZyXEL Communications ZYWALL USG CLI
ZyXEL Communications ZyWALL 5 Series
ZyXEL Communications ZyWALL 35 Series
ZyXEL Communications ZyWALL 70 Series
ZyXEL Communications Categories
Gateway
Network Router
Switch
Wireless Router
Adapter
More ZyXEL Communications Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL