Table of Contents

 

 

7.1 How to Configure Interfaces, Port Grouping, and Zones ....................................................

119

 

7.1.1 Configure a WAN Ethernet Interface ........................................................................

120

 

7.1.2 Configure Zones .......................................................................................................

120

 

7.1.3 Configure Port Grouping ..........................................................................................

121

 

7.2 How to Configure a Cellular Interface ................................................................................

122

 

7.3 How to Configure Load Balancing .....................................................................................

124

 

7.3.1 Set Up Available Bandwidth on Ethernet Interfaces ................................................

125

 

7.3.2 Configure the WAN Trunk ........................................................................................

126

 

7.4 How to Set Up an IPSec VPN Tunnel ................................................................................

127

 

7.4.1 Set Up the VPN Gateway .........................................................................................

128

 

7.4.2 Set Up the VPN Connection .....................................................................................

129

 

7.4.3 Configure Security Policies for the VPN Tunnel .......................................................

130

 

7.5 How to Configure a Hub-and-spoke IPSec VPN Without a VPN Concentrator .................

131

 

7.6 How to Configure User-aware Access Control ..................................................................

133

 

7.6.1 Set Up User Accounts ..............................................................................................

134

 

7.6.2 Set Up User Groups .................................................................................................

134

 

7.6.3 Set Up User Authentication Using the RADIUS Server ...........................................

135

 

7.6.4 Web Surfing Policies With Bandwidth Restrictions ..................................................

137

 

7.6.5 Set Up MSN Policies ................................................................................................

140

 

7.6.6 Set Up Firewall Rules ...............................................................................................

141

 

7.7 How to Use a RADIUS Server to Authenticate User Accounts based on Groups .............

142

 

7.8 How to Use Endpoint Security and Authentication Policies ...............................................

144

 

7.8.1 Configure the Endpoint Security Objects .................................................................

144

 

7.8.2 Configure the Authentication Policy .........................................................................

146

 

7.9 How to Configure Service Control .....................................................................................

147

 

7.9.1 Allow HTTPS Administrator Access Only From the LAN .........................................

148

 

7.10 How to Allow Incoming H.323 Peer-to-peer Calls ...........................................................

150

 

7.10.1 Turn On the ALG ....................................................................................................

151

 

7.10.2 Set Up a NAT Policy For H.323 ..............................................................................

151

 

7.10.3 Set Up a Firewall Rule For H.323 ..........................................................................

153

 

7.11 How to Allow Public Access to a Web Server ..................................................................

154

 

7.11.1 Create the Address Objects ...................................................................................

155

 

7.11.2 Configure NAT ........................................................................................................

155

 

7.11.3 Set Up a Firewall Rule ............................................................................................

156

 

7.12 How to Use an IPPBX on the DMZ ..................................................................................

157

 

7.12.1 Turn On the ALG ....................................................................................................

159

 

7.12.2 Create the Address Objects ...................................................................................

159

 

7.12.3 Setup a NAT Policy for the IPPBX .........................................................................

160

 

7.12.4 Set Up a WAN to DMZ Firewall Rule for SIP .........................................................

161

 

7.12.5 Set Up a DMZ to LAN Firewall Rule for SIP ...........................................................

162

 

7.13 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic ...............

163

 

7.13.1 Create the Public IP Address Range Object ..........................................................

163

 

7.13.2 Configure the Policy Route ....................................................................................

164

14

ZyWALL USG 2000 User’s Guide