Manuals / Brands / Computer Equipment / Network Router / ZyXEL Communications / Computer Equipment / Network Router

ZyXEL Communications USG 2000 manual 2

1 1081
Download 1081 pages, 25.59 Mb
Contents
Default Login Details www.zyxel.com Page About This User's Guide Page Page Document Conventions Page Safety Warnings Contents Overview Page Table of Contents Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Introducing the ZyWALL 1.1 Overview and Key Default Settings 1.2 Rack-mountedInstallation 1.2.1Rack-MountedInstallation Procedure 1.3 Front Panel 1.3.1 Dual Personality Interfaces 1.3.1.1 1000Base-TPorts 1.3.1.2Mini-GBICSlots Page Page 1.3.2 Maximizing Throughput 1.3.3Front Panel LEDs 1.4 Management Overview 1.5 Starting and Stopping the ZyWALL Page Features and Applications 2.1 Features Page 2.2 Applications 2.2.1 VPN Connectivity 2.2.2 SSL VPN Network Access 2.2.2.2 Full Tunnel Mode 2.2.3 User-AwareAccess Control 2.2.4 Multiple WAN Interfaces 2.2.5 Device HA Page Web Configurator 3.1 Web Configurator Requirements 3.2Web Configurator Access Page 3.3 Web Configurator Screens Overview 3.3.1 Title Bar 3.3.2 Navigation Panel 3.3.2.1 Dashboard 3.3.2.2 Monitor Menu 3.3.2.3 Configuration Menu Page Page Page 3.3.3 Main Window 3.3.3.1 Warning Messages 3.3.3.2 Site Map 3.3.3.3 Object Reference Page 3.3.4 Tables and Lists Page 3.3.4.2 Working with Table Entries 3.3.4.3 Working with Lists Installation Setup Wizard 4.1 Installation Setup Wizard Screens 4.1.1 Internet Access Setup - WAN Interface 4.1.2Internet Access: Ethernet Page 4.1.3 Internet Access: PPPoE 4.1.4 Internet Access: PPTP 4.1.5ISP Parameters 4.1.5.1PPTP Configuration 4.1.5.2WAN IP Address Assignments 4.1.6 Internet Access Setup - Second WAN Interface 4.1.7 Internet Access - Finish 4.2 Device Registration Page Page Quick Setup 5.1 Quick Setup Overview 5.2 WAN Interface Quick Setup 5.2.1 Choose an Ethernet Interface 5.2.2 Select WAN Type 5.2.3 Configure WAN Settings 5.2.4WAN and ISP Connection Settings Page 5.2.5 Quick Setup Interface Wizard: Summary 5.3 VPN Quick Setup 5.4 VPN Setup Wizard: Wizard Type 5.5 VPN Express Wizard - Scenario 5.5.1 VPN Express Wizard - Configuration 5.5.2 VPN Express Wizard - Summary 5.5.3 VPN Express Wizard - Finish 5.5.4 VPN Advanced Wizard - Scenario 5.5.5VPN Advanced Wizard - Phase 1 Settings Page 5.5.6 VPN Advanced Wizard - Phase 5.5.7VPN Advanced Wizard - Summary 5.5.8 VPN Advanced Wizard - Finish Configuration Basics 6.1Object-basedConfiguration 6.2 Zones, Interfaces, and Physical Ports 6.2.1 Interface Types 6.2.2 Default Interface and Zone Configuration 6.3Terminology in the ZyWALL 6.4 Packet Flow 6.4.1 ZLD 2.20 Packet Flow Enhancements 6.4.2 Routing Table Checking Flow Enhancements 6.4.3NAT Table Checking Flow 6.5Feature Configuration Overview 6.5.1 Feature 6.5.2 Licensing Registration 6.5.3 Licensing Update 6.5.4 Interface 6.5.5 Trunks 6.5.6 Policy Routes Page 6.5.7 Static Routes 6.5.8 Zones 6.5.9 DDNS 6.5.10 NAT 6.5.11 HTTP Redirect 6.5.12 ALG 6.5.13 Auth. Policy 6.5.14 Firewall 6.5.15 IPSec VPN 6.5.16 SSL VPN 6.5.17 L2TP VPN 6.5.18 Application Patrol 6.5.19 Anti-Virus 6.5.20 IDP 6.5.21 ADP 6.5.22 Content Filter 6.5.23 Anti-Spam 6.5.24 Device HA 6.6 Objects 6.6.1 User/Group 6.7 System 6.7.1DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-inMgmt, Vantage CNM 6.7.2Logs and Reports 6.7.3 File Manager 6.7.4 Diagnostics 6.7.5 Shutdown Page Page Tutorials 7.1How to Configure Interfaces, Port Grouping, and Zones 7.1.1 Configure a WAN Ethernet Interface 7.1.2 Configure Zones 7.1.3 Configure Port Grouping 7.2How to Configure a Cellular Interface Page 7.3How to Configure Load Balancing 7.3.1 Set Up Available Bandwidth on Ethernet Interfaces 7.3.2 Configure the WAN Trunk 7.4 How to Set Up an IPSec VPN Tunnel 7.4.1 Set Up the VPN Gateway 7.4.2 Set Up the VPN Connection 7.4.3Configure Security Policies for the VPN Tunnel 7.5How to Configure a Hub-and-spokeIPSec VPN Without a VPN Concentrator 7.5.0.1Hub-and-spokeVPN Requirements and Suggestions 7.6How to Configure User-awareAccess Control 7.6.1 Set Up User Accounts 7.6.2Set Up User Groups 7.6.3Set Up User Authentication Using the RADIUS Server Page 7.6.4 Web Surfing Policies With Bandwidth Restrictions Page Page 7.6.5 Set Up MSN Policies 7.6.6Set Up Firewall Rules 7.7How to Use a RADIUS Server to Authenticate User Accounts based on Groups Page 7.8How to Use Endpoint Security and Authentication Policies 7.8.1 Configure the Endpoint Security Objects Page 7.8.2 Configure the Authentication Policy 7.9 How to Configure Service Control 7.9.1 Allow HTTPS Administrator Access Only From the LAN Page 7.10How to Allow Incoming H.323 Peer-to-peer Calls 7.10.1 Turn On the ALG 7.10.2 Set Up a NAT Policy For H.323 Page 7.10.3 Set Up a Firewall Rule For H.323 7.11 How to Allow Public Access to a Web Server 7.11.1 Create the Address Objects 7.11.2 Configure NAT 7.11.3 Set Up a Firewall Rule 7.12 How to Use an IPPBX on the DMZ Page 7.12.1 Turn On the ALG 7.12.2 Create the Address Objects 7.12.3 Setup a NAT Policy for the IPPBX 7.12.4 Set Up a WAN to DMZ Firewall Rule for SIP 7.12.5 Set Up a DMZ to LAN Firewall Rule for SIP 7.13How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic 7.13.1 Create the Public IP Address Range Object 7.13.2 Configure the Policy Route 7.14 How to Use Active-PassiveDevice HA 7.14.1 Before You Start 7.14.2 Configure Device HA on the Master ZyWALL Page 7.14.3 Configure the Backup ZyWALL Page 7.14.4 Deploy the Backup ZyWALL 7.14.5 Check Your Device HA Setup L2TP VPN Example 8.1 L2TP VPN Example 8.2Configuring the Default L2TP VPN Gateway Example Page 8.3Configuring the Default L2TP VPN Connection Example 8.4Configuring the L2TP VPN Settings Example 8.5Configuring L2TP VPN in Windows Vista, XP, or 8.5.1Configuring L2TP in Windows Vista Page Page Page Page Page Page Page Page Page 8.5.2 Configuring L2TP in Windows XP Page Page Page Page Page 8.5.3Configuring L2TP in Windows Page 8.5.3.2 Configure the Windows 2000 IPSec Policy Page Page Page Page Page Page Page 8.5.3.3 Configure the Windows 2000 Network Connection Page Page Page Page Page Page Page Dashboard 9.1 Overview 9.1.1 What You Can Do in this Chapter 9.2The Dashboard Screen Page Page Page Page Page Page 9.2.1 The CPU Usage Screen 9.2.2 The Memory Usage Screen 9.2.3 The Session Usage Screen 9.2.4 The VPN Status Screen 9.2.5 The DHCP Table Screen 9.2.6 The Number of Login Users Screen Page Page Monitor 10.1 Overview 10.1.1 What You Can Do in this Chapter 10.2The Port Statistics Screen Page 10.2.1 The Port Statistics Graph Screen 10.3 Interface Status Screen Page Page 10.4 The Traffic Statistics Screen Page Page 10.5 The Session Monitor Screen Page Page 10.6 The DDNS Status Screen 10.7 IP/MAC Binding Monitor Page 10.8 The Login Users Screen 10.9 Cellular Status Screen Page 10.10 Application Patrol Statistics 10.10.1 Application Patrol Statistics: General Setup 10.10.2 Application Patrol Statistics: Bandwidth Statistics 10.10.3 Application Patrol Statistics: Protocol Statistics 10.10.4Application Patrol Statistics: Individual Protocol Statistics by Rule 10.11 The IPSec Monitor Screen Page 10.11.1 Regular Expressions in Searching IPSec SAs 10.12 The SSL Connection Monitor Screen 10.13 L2TP over IPSec Session Monitor Screen 10.14 The Anti-VirusStatistics Screen Page 10.15 The IDP Statistics Screen Page 10.16 The Content Filter Statistics Screen 10.17 Content Filter Cache Screen Page Page 10.18 The Anti-SpamStatistics Screen Page 10.19 The Anti-SpamStatus Screen 10.20 Log Screen Page Page Page Registration 11.1 Overview 11.1.1What You Can Do in this Chapter 11.1.2What you Need to Know Page 11.2 The Registration Screen Page 11.3 The Service Screen Page Signature Update 12.1 Overview 12.1.1What You Can Do in this Chapter 12.1.2What you Need to Know 12.2 The Antivirus Update Screen 12.3 The IDP/AppPatrol Update Screen Page 12.4 The System Protect Update Screen Page Interfaces 13.1 Interface Overview 13.1.1What You Can Do in this Chapter 13.1.2 What You Need to Know Page 13.2Port Grouping 13.2.1 Port Grouping Overview 13.2.2Port Grouping Screen 13.3 Ethernet Summary Screen Page 13.3.1 Ethernet Edit Page Page Page Page Page Page 13.3.2 Object References 13.4 PPP Interfaces 13.4.1 PPP Interface Summary Page 13.4.2 PPP Interface Add or Edit Page Page Page 13.5 Cellular Configuration Screen (3G) Page 13.5.1 Cellular Add/Edit Screen Page Page Page Page Page Page 13.6 VLAN Interfaces Page 13.6.1 VLAN Summary Screen 13.6.2 VLAN Add/Edit Page Page Page Page Page Page 13.7 Bridge Interfaces Page 13.7.1 Bridge Summary 13.7.2 Bridge Add/Edit Page Page Page Page Page 13.8 Auxiliary Interface 13.8.1 Auxiliary Interface Overview 13.8.2 Auxiliary Page 13.9 Virtual Interfaces 13.9.1 Virtual Interfaces Add/Edit 13.10 Interface Technical Reference Page Page Page Page Page Trunks 14.1 Overview 14.1.1What You Can Do in this Chapter 14.1.2What You Need to Know Page Page Page 14.2 The Trunk Summary Screen 14.3 Configuring a Trunk Page 14.4 Trunk Technical Reference Page Policy and Static Routes 15.1 Policy and Static Routes Overview 15.1.1What You Can Do in this Chapter 15.1.2What You Need to Know Page 15.2Policy Route Screen Page Page 15.2.1 Policy Route Edit Screen Page Page Page 15.3 IP Static Route Screen 15.3.1 Static Route Add/Edit Screen 15.4 Policy Routing Technical Reference NAT and SNAT Assured Forwarding (AF) PHB for DiffServ Port Triggering Maximize Bandwidth Usage Page Routing Protocols 16.1 Routing Protocols Overview 16.1.1What You Can Do in this Chapter 16.1.2What You Need to Know 16.2 The RIP Screen 16.3 The OSPF Screen Page Page Page 16.3.1 Configuring the OSPF Screen Page Page 16.3.2 OSPF Area Add/Edit Screen 16.3.3 Virtual Link Add/Edit Screen 16.4 Routing Protocol Technical Reference Page Page Zones 17.1 Zones Overview 17.1.1 What You Can Do in this Chapter 17.1.2 What You Need to Know 17.2 The Zone Screen 17.3 Zone Edit DDNS 18.1 DDNS Overview 18.1.1What You Can Do in this Chapter 18.1.2What You Need to Know 18.2 The DDNS Screen Page 18.2.1 The Dynamic DNS Add/Edit Screen Page Page NAT 19.1 NAT Overview 19.1.1 What You Can Do in this Chapter 19.1.2 What You Need to Know 19.2The NAT Screen Page 19.2.1 The NAT Add/Edit Screen Page Page 19.3 NAT Technical Reference NAT Loopback Page Page Page HTTP Redirect 20.1 Overview LAN1 20.1.1 What You Can Do in this Chapter 20.1.2 What You Need to Know 20.2 The HTTP Redirect Screen 20.2.1 The HTTP Redirect Edit Screen ALG 21.1 ALG Overview 21.1.1 What You Can Do in this Chapter 21.1.2 What You Need to Know Page Page 21.1.3Before You Begin 21.2 The ALG Screen Page 21.3 ALG Technical Reference Page IP/MAC Binding 22.1 IP/MAC Binding Overview 22.1.1What You Can Do in this Chapter 22.1.2 What You Need to Know 22.2 IP/MAC Binding Summary 22.2.1 IP/MAC Binding Edit 22.2.2 Static DHCP Edit 22.3 IP/MAC Binding Exempt List Page Authentication Policy 23.1 Overview 23.1.1 What You Can Do in this Chapter 23.1.2 What You Need to Know 23.2 Authentication Policy Screen Page Page 23.2.1 Creating/Editing an Authentication Policy Page Page Page Firewall 24.1 Overview 24.1.1What You Can Do in this Chapter 24.1.2 What You Need to Know Page 24.1.3Firewall Rule Example Applications Page Page 24.1.4 Firewall Rule Configuration Example Page 24.2 The Firewall Screen 24.2.1 Configuring the Firewall Screen Page Page 24.2.2 The Firewall Add/Edit Screen 24.3 The Session Limit Screen Page 24.3.1 The Session Limit Add/Edit Screen Page Page IPSec VPN 25.1 IPSec VPN Overview 25.1.1What You Can Do in this Chapter 25.1.2What You Need to Know Page 25.1.3Before You Begin 25.2The VPN Connection Screen Page 25.2.1 The VPN Connection Add/Edit (IKE) Screen Page Page Page Page Page Page 25.2.2 The VPN Connection Add/Edit Manual Key Screen Page Page 25.3 The VPN Gateway Screen 25.3.1 The VPN Gateway Add/Edit Screen Page Page Page Page Page Page Page 25.4 VPN Concentrator 25.4.1 IPSec VPN Concentrator Example Page 25.4.1.1VPN Concentrator Requirements and Suggestions 25.4.2VPN Concentrator Screen 25.4.3 The VPN Concentrator Add/Edit Screen 25.5 IPSec VPN Background Information IKE SA Overview Page Page Page Page Page IPSec SA Overview Page Page Page Page SSL VPN 26.1 Overview 26.1.1What You Can Do in this Chapter 26.1.2What You Need to Know Page Page 26.2 The SSL Access Privilege Screen Page 26.2.1 The SSL Access Policy Add/Edit Screen Page 26.3 The SSL Global Setting Screen Page 26.3.1 How to Upload a Custom Logo 26.4 Establishing an SSL VPN Connection Page SSL User Screens 27.1 Overview 27.1.1 What You Need to Know 27.2 Remote User Login Page Page Page Page 27.3 The SSL VPN User Screens 27.4 Bookmarking the ZyWALL 27.5Logging Out of the SSL VPN User Screens Page Page SSL User Application Screens 28.1 SSL User Application Screens Overview 28.2 The Application Screen Page SSL User File Sharing 29.1 Overview 29.1.1 What You Need to Know 29.2 The Main File Sharing Screen 29.3 Opening a File or Folder Page 29.3.1 Downloading a File 29.3.2 Saving a File 29.4 Creating a New Folder 29.5 Renaming a File or Folder 29.6 Deleting a File or Folder 29.7 Uploading a File Page ZyWALL SecuExtender 30.1 The ZyWALL SecuExtender Icon 30.2 Statistics 30.3 View Log 30.4 Suspend and Resume the Connection 30.5 Stop the Connection 30.6 Uninstalling the ZyWALL SecuExtender L2TP VPN 31.1 Overview 31.1.1What You Can Do in this Chapter 31.1.2What You Need to Know Page 31.2L2TP VPN Screen Page Application Patrol 32.1 Overview 32.1.1What You Can Do in this Chapter 32.1.2 What You Need to Know Page Page Page Page 32.1.3Application Patrol Bandwidth Management Examples 32.1.3.1 Setting the Interface’s Bandwidth 32.1.3.2SIP Any to WAN Bandwidth Management Example 32.1.3.3 SIP WAN to Any Bandwidth Management Example 32.1.3.4HTTP Any to WAN Bandwidth Management Example 32.1.3.5FTP WAN to DMZ Bandwidth Management Example 32.1.3.6FTP LAN to DMZ Bandwidth Management Example 32.2 Application Patrol General Screen 32.3 Application Patrol Applications 32.3.1 The Application Patrol Edit Screen Page Page Page 32.3.2 The Application Patrol Policy Edit Screen Page Page 32.4 The Other Applications Screen Page Page 32.4.1 The Other Applications Add/Edit Screen Page Page Page Anti-Virus 33.1 Overview 33.1.1What You Can Do in this Chapter 33.1.2 What You Need to Know Page 33.1.3Before You Begin 33.2 Anti-VirusSummary Screen Page Page 33.2.1 Anti-VirusPolicy Add or Edit Screen Page 33.3 Anti-VirusBlack List 33.4 Anti-VirusBlack List or White List Add/Edit 33.5 Anti-VirusWhite List 33.6 Signature Searching Page Page 33.7 Anti-VirusTechnical Reference Page IDP 34.1 Overview 34.1.1What You Can Do in this Chapter 34.1.2What You Need To Know 34.1.3Before You Begin 34.2 The IDP General Screen Page 34.3 Introducing IDP Profiles 34.3.1 Base Profiles 34.4 The Profile Summary Screen 34.5 Creating New Profiles 34.5.1 Procedure To Create a New Profile 34.6 Profiles: Packet Inspection 34.6.1 Profile > Group View Screen Page Page 34.6.2 Policy Types 34.6.3 IDP Service Groups 34.6.4 Profile > Query View Screen Page Page 34.6.5 Query Example Page 34.7 Introducing IDP Custom Signatures 34.7.1 IP Packet Header 34.8 Configuring Custom Signatures Page 34.8.1 Creating or Editing a Custom Signature Page Page Page Page Page 34.8.2 Custom Signature Example 34.8.2.2 Analyze Packets 34.8.3 Applying Custom Signatures 34.8.4 Verifying Custom Signatures 34.9 IDP Technical Reference Page Page ADP 35.1 Overview 35.1.1 ADP and IDP Comparison 35.1.2What You Can Do in this Chapter 35.1.3What You Need To Know 35.1.4Before You Begin 35.2 The ADP General Screen 35.3 The Profile Summary Screen 35.3.1 Base Profiles 35.3.2 Configuring The ADP Profile Summary Screen 35.3.3 Creating New ADP Profiles 35.3.4 Traffic Anomaly Profiles Page Page 35.3.5 Protocol Anomaly Profiles 35.3.6 Protocol Anomaly Configuration Page Page Page 35.4 ADP Technical Reference Traffic Anomaly Background Information Page Page Page Protocol Anomaly Background Information Page Page Page Content Filtering 36.1 Overview 36.1.1What You Can Do in this Chapter 36.1.2What You Need to Know Page 36.1.3Before You Begin 36.2 Content Filter General Screen Page Page 36.3 Content Filter Policy Add or Edit Screen Page 36.4 Content Filter Profile Screen 36.5 Content Filter Categories Screen Page Page Page Page Page Page Page Page Page Page Page 36.5.1 Content Filter Blocked and Warning Messages 36.6 Content Filter Customization Screen Page 36.7 Content Filter Technical Reference External Content Filter Server Lookup Procedure Content Filter Reports 37.1 Overview 37.2 Viewing Content Filter Reports Page Page Page Page Page Page Page Anti-Spam 38.1 Overview 38.1.1What You Can Do in this Chapter 38.1.2What You Need to Know Page 38.2 Before You Begin 38.3 The Anti-SpamGeneral Screen Page 38.3.1 The Anti-SpamPolicy Add or Edit Screen Page 38.4 The Anti-SpamBlack List Screen Page 38.4.1 The Anti-SpamBlack or White List Add/Edit Screen 38.4.2 Regular Expressions in Black or White List Entries 38.5 The Anti-SpamWhite List Screen 38.6 The DNSBL Screen Page 38.7 Anti-SpamTechnical Reference Page Page Page Page Device HA 39.1 Overview 39.1.1What You Can Do in this Chapter 39.1.2What You Need to Know 39.1.3Before You Begin 39.2 Device HA General 39.3 The Active-PassiveMode Screen Page 39.3.1 Configuring Active-PassiveMode Device HA Page Page 39.4Configuring an Active-PassiveMode Monitored Interface Page 39.5 The Legacy Mode Screen 39.6 Configuring the Legacy Mode Screen Page Page Page 39.7 Device HA Technical Reference Active-PassiveMode Device HA with Bridge Interfaces Page Page Page Legacy Mode ZyWALL VRRP Application Synchronization Page User/Group 40.1 Overview 40.1.1What You Can Do in this Chapter 40.1.2What You Need To Know Page Page 40.2 User Summary Screen 40.2.1 User Add/Edit Screen Page Page 40.3 User Group Summary Screen 40.3.1 Group Add/Edit Screen 40.4 Setting Screen Page Page 40.4.1Default User Authentication Timeout Settings Edit Screens Page 40.4.2 User Aware Login Example 40.5 User /Group Technical Reference Page Addresses 41.1 Overview 41.1.1What You Can Do in this Chapter 41.1.2What You Need To Know 41.2Address Summary Screen Page 41.2.1 Address Add/Edit Screen 41.3 Address Group Summary Screen 41.3.1 Address Group Add/Edit Screen Page Services 42.1 Overview 42.1.1What You Can Do in this Chapter 42.1.2What You Need to Know 42.2The Service Summary Screen Page 42.2.1 The Service Add/Edit Screen 42.3 The Service Group Summary Screen Page 42.3.1 The Service Group Add/Edit Screen Schedules 43.1 Overview 43.1.1What You Can Do in this Chapter 43.1.2What You Need to Know 43.2The Schedule Summary Screen 43.2.1 The One-TimeSchedule Add/Edit Screen 43.2.2 The Recurring Schedule Add/Edit Screen Page Page AAA Server 44.1 Overview 44.1.1 Directory Service (AD/LDAP) 44.1.2 RADIUS Server 44.1.3 ASAS 44.1.4What You Can Do in this Chapter 44.1.5What You Need To Know Page 44.2Active Directory or LDAP Server Summary 44.2.1 Adding an Active Directory or LDAP Server Page 44.3 RADIUS Server Summary Page 44.3.1 Adding a RADIUS Server Page Authentication Method 45.1 Overview 45.1.1What You Can Do in this Chapter 45.1.2 Before You Begin 45.1.3 Example: Selecting a VPN Authentication Method 45.2Authentication Method Objects 45.2.1 Creating an Authentication Method Object Page Page Page Certificates 46.1 Overview 46.1.1What You Can Do in this Chapter 46.1.2What You Need to Know Page 46.1.3Verifying a Certificate Page 46.2 The My Certificates Screen 46.2.1 The My Certificates Add Screen Page Page Page Page 46.2.2 The My Certificates Edit Screen Page Page 46.2.3 The My Certificates Import Screen 46.3 The Trusted Certificates Screen 46.3.1 The Trusted Certificates Edit Screen Page Page Page 46.3.2 The Trusted Certificates Import Screen 46.4 Certificates Technical Reference OCSP Page ISP Accounts 47.1 Overview 47.1.1What You Can Do in this Chapter 47.2 ISP Account Summary 47.2.1 ISP Account Edit Page Page SSL Application 48.1 Overview 48.1.1What You Can Do in this Chapter 48.1.2What You Need to Know 48.1.3 Example: Specifying a Web Site for Access 48.2 The SSL Application Screen 48.2.1 Creating/Editing a Web-basedSSL Application Object Page 48.2.2 Creating/Editing a File Sharing SSL Application Object Page Page Endpoint Security 49.1 Overview 49.1.1 What You Can Do in this Chapter 49.1.2 What You Need to Know 49.2 Endpoint Security Screen Page 49.3 Endpoint Security Add/Edit Page Page Page Page Page System 50.1 Overview 50.1.1What You Can Do in this Chapter 50.2 Host Name 50.3 Date and Time Page 50.3.1 Pre-definedNTP Time Servers List 50.3.2 Time Server Synchronization 50.4Console Port Speed 50.5 DNS Overview 50.5.1 DNS Server Address Assignment 50.5.2Configuring the DNS Screen Page Page 50.5.3 Address Record 50.5.4 PTR Record 50.5.5 Adding an Address/PTR Record 50.5.6 Domain Zone Forwarder 50.5.7 Adding a Domain Zone Forwarder 50.5.8 MX Record 50.5.9 Adding a MX Record 50.5.10 Adding a DNS Service Control Rule 50.6 WWW Overview 50.6.1 Service Access Limitations 50.6.2 System Timeout 50.6.3 HTTPS 50.6.4 Configuring WWW Service Control Page Page Page 50.6.5 Service Control Rules 50.6.6 Customizing the WWW Login Page Page Page Page 50.6.7 HTTPS Example 50.6.7.2 Netscape Navigator Warning Messages 50.6.7.3 Avoiding Browser Warning Messages 50.6.7.4Login Screen 50.6.7.5 Enrolling and Importing SSL Client Certificates Page Page Page 50.6.7.6 Using a Certificate When Accessing the ZyWALL Example 50.7 SSH 50.7.1 How SSH Works 50.7.2 SSH Implementation on the ZyWALL 50.7.3 Requirements for Using SSH 50.7.4 Configuring SSH Page 50.7.5 Secure Telnet Using SSH Examples 50.8Telnet 50.8.1 Configuring Telnet 50.9 FTP 50.9.1 Configuring FTP Page 50.10 SNMP Page 50.10.1Supported MIBs 50.10.2 SNMP Traps 50.10.3 Configuring SNMP Page 50.11 Dial-inManagement 50.11.1 Configuring Dial-inMgmt 50.12 Vantage CNM 50.12.1 Configuring Vantage CNM Page 50.13 Language Screen Log and Report 51.1 Overview 51.1.1What You Can Do In this Chapter 51.2 Email Daily Report Page 51.3 Log Setting Screens 51.3.1 Log Setting Summary 51.3.2 Edit System Log Settings Page Page Page Page 51.3.3 Edit Remote Server Log Settings Page 51.3.4 Active Log Summary Screen Page Page File Manager 52.1 Overview 52.1.1What You Can Do in this Chapter 52.1.2What you Need to Know Page Page 52.2 The Configuration File Screen Page Page Page 52.3 The Firmware Package Screen Page 52.4 The Shell Script Screen Page Page Diagnostics 53.1 Overview 53.1.1What You Can Do in this Chapter 53.2 The Diagnostic Screen 53.3 The Packet Capture Screen Page 53.3.1 The Packet Capture Files Screen 53.3.2 Example of Viewing a Packet Capture File Page Reboot 54.1 Overview 54.1.1 What You Need To Know 54.2 The Reboot Screen Page Shutdown 55.1 Overview 55.1.1 What You Need To Know 55.2 The Shutdown Screen Page Troubleshooting Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page 56.1 Resetting the ZyWALL 56.2Changing a Power Module Page 56.3 Getting More Troubleshooting Help Page Product Specifications Page Page Page Page Page 57.1 3G PCMCIA Card Installation Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Windows XP Windows Windows 98 SE/Me Page Page Page Internet Explorer Page Page Page Page Page Page Page Page Firefox Page Page Page Page Opera Page Page Page Page Page Page Konqueror Page Page Page Page End-UserLicense Agreement for “ZyWALL USG 2000” Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Copyright Certifications (Class B) Page ZyXEL Limited Warranty Page Index