Chapter 45 System

 

Table 218 Configuration > System > WWW > Service Control (continued)

 

LABEL

DESCRIPTION

 

Server Port

The HTTPS server listens on port 443 by default. If you change the

 

 

HTTPS server port to a different number on the ZyWALL, for example

 

 

8443, then you must notify people who need to access the ZyWALL

 

 

Web Configurator to use “https://ZyWALL IP Address:8443” as the

 

 

URL.

 

 

 

 

Authenticate Client

Select Authenticate Client Certificates (optional) to require the

 

Certificates

SSL client to authenticate itself to the ZyWALL by sending the

 

 

ZyWALL a certificate. To do that the SSL client must have a CA-

 

 

signed certificate from a CA that has been imported as a trusted CA

 

 

on the ZyWALL (see Section 45.6.7.5 on page 701 on importing

 

 

certificates for details).

 

 

 

 

Server Certificate

Select a certificate the HTTPS server (the ZyWALL) uses to

 

 

authenticate itself to the HTTPS client. You must have certificates

 

 

already configured in the My Certificates screen.

 

 

 

 

Redirect HTTP to

To allow only secure Web Configurator access, select this to redirect

 

HTTPS

all HTTP connection requests to the HTTPS server.

 

 

 

 

Admin/User

Admin Service Control specifies from which zones an administrator

 

Service Control

can use HTTPS to manage the ZyWALL (using the Web Configurator).

 

 

You can also specify the IP addresses from which the administrators

 

 

can manage the ZyWALL.

 

 

User Service Control specifies from which zones a user can use

 

 

HTTPS to log into the ZyWALL (to log into SSL VPN for example). You

 

 

can also specify the IP addresses from which the users can access

 

 

the ZyWALL.

 

 

 

 

Add

Click this to create a new entry. Select an entry and click Add to

 

 

create a new entry after the selected entry.

 

 

 

 

Edit

Double-click an entry or select it and click Edit to be able to modify

 

 

the entry’s settings.

 

 

 

 

Remove

To remove an entry, select it and click Remove. The ZyWALL

 

 

confirms you want to remove it before doing so. Note that

 

 

subsequent entries move up by one when you take this action.

 

 

 

 

Move

To change an entry’s position in the numbered list, select the method

 

 

and click Move to display a field to type a number for where you

 

 

want to put it and press [ENTER] to move the rule to the number

 

 

that you typed.

 

 

 

 

#

This is the index number of the service control rule.

 

 

The entry with a hyphen (-) instead of a number is the ZyWALL’s

 

 

(non-configurable) default policy. The ZyWALL applies this to traffic

 

 

that does not match any other configured rule. It is not an editable

 

 

rule. To apply other behavior, configure a rule that traffic will match

 

 

so the ZyWALL will not have to use the default policy.

 

 

 

 

Zone

This is the zone on the ZyWALL the user is allowed or denied to

 

 

access.

 

 

 

 

Address

This is the object name of the IP address(es) with which the

 

 

computer is allowed or denied to access.

 

 

 

 

Action

This displays whether the computer with the IP address specified

 

 

above can access the ZyWALL zone(s) configured in the Zone field

 

 

(Accept) or not (Deny).

 

 

 

 

693

ZyWALL USG 50 User’s Guide