|
| Chapter 37 System |
|
|
|
| Table 184 Configuration > System > WWW > Service Control (continued) | |
| LABEL | DESCRIPTION |
| Authenticate Client | Select Authenticate Client Certificates (optional) to require the SSL client to |
| Certificates | authenticate itself to the ZyWALL by sending the ZyWALL a certificate. To do that the |
|
| SSL client must have a |
|
| trusted CA on the ZyWALL (see Section 37.7.7.5 on page 467 on importing |
|
| certificates for details). |
|
|
|
| Server Certificate | Select a certificate the HTTPS server (the ZyWALL) uses to authenticate itself to the |
|
| HTTPS client. You must have certificates already configured in the My Certificates |
|
| screen. |
|
|
|
| Redirect HTTP to | To allow only secure Web Configurator access, select this to redirect all HTTP |
| HTTPS | connection requests to the HTTPS server. |
|
|
|
| Admin/User Service | Admin Service Control specifies from which zones an administrator can use HTTPS |
| Control | to manage the ZyWALL (using the Web Configurator). You can also specify the IP |
|
| addresses from which the administrators can manage the ZyWALL. |
|
| User Service Control specifies from which zones a user can use HTTPS to log into |
|
| the ZyWALL (to log into SSL VPN for example). You can also specify the IP addresses |
|
| from which the users can access the ZyWALL. |
|
|
|
| Add | Click this to create a new entry. Select an entry and click Add to create a new entry |
|
| after the selected entry. |
|
|
|
| Edit | |
|
| settings. |
|
|
|
| Remove | To remove an entry, select it and click Remove. The ZyWALL confirms you want to |
|
| remove it before doing so. Note that subsequent entries move up by one when you |
|
| take this action. |
|
|
|
| Move | To change an entry’s position in the numbered list, select the method and click Move |
|
| to display a field to type a number for where you want to put it and press [ENTER] to |
|
| move the rule to the number that you typed. |
|
|
|
| # | This is the index number of the service control rule. |
|
| The entry with a hyphen |
|
| default policy. The ZyWALL applies this to traffic that does not match any other |
|
| configured rule. It is not an editable rule. To apply other behavior, configure a rule |
|
| that traffic will match so the ZyWALL will not have to use the default policy. |
|
|
|
| Zone | This is the zone on the ZyWALL the user is allowed or denied to access. |
|
|
|
| Address | This is the object name of the IP address(es) with which the computer is allowed or |
|
| denied to access. |
|
|
|
| Action | This displays whether the computer with the IP address specified above can access |
|
| the ZyWALL zone(s) configured in the Zone field (Accept) or not (Deny). |
|
|
|
| HTTP |
|
|
|
|
| Enable | Select the check box to allow or disallow the computer with the IP address that |
|
| matches the IP address(es) in the Service Control table to access the ZyWALL Web |
|
| Configurator using HTTP connections. |
|
|
|
| Server Port | You may change the server port number for a service if needed, however you must |
|
| use the same port number in order to use that service to access the ZyWALL. |
|
|
|
| Admin/User Service | Admin Service Control specifies from which zones an administrator can use HTTP to |
| Control | manage the ZyWALL (using the Web Configurator). You can also specify the IP |
|
| addresses from which the administrators can manage the ZyWALL. |
|
| User Service Control specifies from which zones a user can use HTTP to log into the |
|
| ZyWALL (to log into SSL VPN for example). You can also specify the IP addresses from |
|
| which the users can access the ZyWALL. |
|
|
|
| Add | Click this to create a new entry. Select an entry and click Add to create a new entry |
|
| after the selected entry. |
|
|
|
| 459 |
ZyWALL 110/310/1100 Series User’s Guide | |
|
|