Manuals
/
Brands
/
Computer Equipment
/
Network Router
/
ZyXEL Communications
/
Computer Equipment
/
Network Router
ZyXEL Communications
ZyWALL5UTM 4.0 manual
1
1
803
803
Download
803 pages, 29.37 Mb
ZyWALL 5/35/70 Series
Internet Security Appliance
User’s Guide
Version 4.00
10/2005
Contents
Page
Disclaimer
Trademarks
Notice
Certifications
Page
Page
Note
Page
Page
Page
Copyright
Federal Communications Commission (FCC) Interference Statement
Safety Warnings
Table of Contents
List of Figures
Wizard Setup
Registration
DMZ Screens
Wireless LAN
Page
Intrusion Detection and Prevention (IDP)
Anti-Virus
Anti-Spam
Content Filtering Screens
Content Filtering Reports
Introduction to IPSec
Network Address Translation (NAT)
Static Route
Policy Route
Bandwidth Management
Page
Maintenance
Introducing the SMT
LAN Setup
Internet Access
DMZ Setup
Route Setup
Wireless Setup
Remote Node Setup
IP Static Route Setup
Introducing the ZyWALL Firewall
SNMP Configuration
Firmware and Configuration File Maintenance
System Maintenance Menus 8 to
Call Scheduling
Troubleshooting
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
About This User's Guide
Related Documentation
User Guide Feedback
Syntax Conventions
Graphics Icons Key
1.2 ZyWALL Features
LAN Port
DMZ Ports
WLAN Ports
Dual Auto-negotiating10/100 Mbps Ethernet WAN (single on the ZyWALL 5)
Dial Backup WAN
Time and Date
Reset Button
Dual PCMCIA and CardBus Slot
IEEE 802.11 b/g Wireless LAN
Load Balancing
Bandwidth Management
IPSec VPN Capability
X-Auth(Extended Authentication)
Certificates
SSH
Content Filtering
Anti-Spam
Anti-VirusScanner
Intrusion Detection and Prevention (IDP)
ZyWALL Turbo Card
IEEE 802.1x for Network Security
Wi-FiProtected Access
Wireless LAN MAC Address Filtering
WEP Encryption
Packet Filtering
Dynamic DNS Support
IP Multicast
IP Alias
IP Policy Routing
Central Network Management
Traffic Redirect
Port Forwarding
DHCP (Dynamic Host Configuration Protocol)
Full Network Management
RoadRunner Support
1.3 Applications for the ZyWALL
1.3.1Secure Broadband Internet Access via Cable or DSL Modem
1.3.3 Front Panel LEDs
Page
Page
2.1 Web Configurator Overview
2.2 Accessing the ZyWALL Web Configurator
2.3 Resetting the ZyWALL
2.4Navigating the ZyWALL Web Configurator
HOME
MAINTENANCE Device Mode
2.4.1 Router Mode
Page
2.4.2 Bridge Mode
Page
Page
2.4.3 Navigation Panel
Page
Page
Page
Page
2.4.4 System Statistics
2.4.5 Show Statistics: Line Chart
2.4.6 DHCP Table Screen
Show DHCP Table
Host Name
MAC Address
2.4.7 VPN Status
Page
3.1 Wizard Setup Overview
3.2 Internet Access
3.2.1.1 Ethernet
Page
3.2.1.2 PPPoE Encapsulation
3.2.1.3 PPTP Encapsulation
Page
3.2.2 Internet Access Wizard: Second Screen
Skip
Close
3.2.3 Internet Access Wizard: Registration
REGISTRATION Service
Close
Service Activation
3.3 VPN Wizard Gateway Setting
3.4 VPN Wizard Network Setting
Page
3.5 VPN Wizard IKE Tunnel Setting (IKE Phase 1)
Page
3.6 VPN Wizard IPSec Setting (IKE Phase 2)
3.7 VPN Wizard Status Summary
Page
Page
3.8 VPN Wizard Setup Complete
Page
4.1 myZyXEL.com overview
4.2 Registration
Service
4.3 Service
Table 21 Service
Page
5.1 LAN Overview
5.2 DHCP Setup
5.3 LAN TCP/IP
5.3.2 IP Address and Subnet Mask
5.3.3 RIP Setup
RIP Direction
Out Only
In Only
5.4 DNS Servers
5.5 LAN
Figure 35 LAN
Table 22 LAN
Page
5.6 LAN Static DHCP
5.7 LAN IP Alias
Page
5.8 LAN Port Roles
DMZ Port Roles
WLAN Port Roles
Return
Page
6.1 Bridge Loop
6.2 Spanning Tree Protocol (STP)
6.2.1 Rapid STP
6.2.2 STP Terminology
6.2.3 How STP Works
6.3 Bridge
Figure 43 Bridge
Table 28 Bridge
6.4 Bridge Port Roles
Page
Page
Page
7.1WAN Overview
7.2Multiple WAN
7.3 Load Balancing Introduction
7.4 Load Balancing Algorithms
7.4.1.1 Example
7.4.1.2 Example
7.4.2 Weighted Round Robin
7.4.3 Spillover
Route Priority
WAN General
7.5 TCP/IP Priority (Metric)
7.6 WAN General
Page
Page
7.7 Configuring Load Balancing
7.7.1 Least Load First
7.7.2 Weighted Round Robin
7.7.3 Spillover
Route Priority
7.8 WAN Route
Figure 54 WAN Route
Table 36 WAN Route
7.9 WAN IP Address Assignment
7.10 DNS Server Address Assignment
7.11WAN MAC Address
7.12 WAN
Page
Page
7.12.2 PPPoE Encapsulation
Page
Page
Page
7.12.3 PPTP Encapsulation
Page
Page
7.13 Traffic Redirect
7.14 Configuring Traffic Redirect
7.15 Configuring Dial Backup
Page
Page
Page
7.16 Advanced Modem Setup
7.17 Configuring Advanced Modem Setup
Page
Page
8.1 DMZ
8.2 Configuring DMZ
Figure 63 DMZ
Table 45 DMZ
Page
8.3 DMZ Static DHCP
Page
8.4 DMZ IP Alias
8.5 DMZ Public IP Address Example
8.6 DMZ Private and Public IP Address Example
8.7 DMZ Port Roles
Page
Page
Page
9.1 Wireless LAN Introduction
9.2 Configuring WLAN
Figure 70 WLAN
Table 49 WLAN
Page
9.3 WLAN Static DHCP
9.4 WLAN IP Alias
Page
9.5 WLAN Port Roles
Page
9.6 Wireless Security
9.6.1Encryption
9.6.2Authentication
9.7 Security Parameters Summary
9.8 WEP Encryption
9.9 802.1x Overview
9.9.1.1 Types of RADIUS Messages
9.10Dynamic WEP Key Exchange
9.11 Introduction to WPA
9.12 WPA-PSKApplication Example
9.13 Introduction to RADIUS
9.14 WPA with RADIUS Application Example
9.15 Wireless Client WPA Supplicants
9.16 Wireless Card
Page
9.16.1 Static WEP
WIRELESS CARD
Static WEP
9.16.2 WPA-PSK
Page
9.16.3 WPA
9.16.4 IEEE 802.1x + Dynamic WEP
802.1x + Dynamic WEP
9.16.5 IEEE 802.1x + Static WEP
802.1x + Static WEP
9.16.6 IEEE 802.1x + No WEP
802.1x + No WEP
9.16.7 No Access 802.1x + Static WEP
No Access 802.1x + Static WEP
9.17 MAC Filter
Page
10.1 Firewall Overview
10.2 Types of Firewalls
10.3 Introduction to ZyXEL’s Firewall
10.4 Denial of Service
10.4.2 Types of DoS Attacks
Ping of Death
Teardrop
SYN Flood
LAND
LAND Attack
brute-force
10.4.2.1 ICMP Vulnerability
10.4.2.2 Illegal Commands (NetBIOS and SMTP)
10.4.2.3 Traceroute
10.5.1 Stateful Inspection Process
Firewall Default Rule
10.5.2Stateful Inspection and the ZyWALL
10.5.3 TCP Security
10.5.4 UDP/ICMP Security
10.5.5 Upper Layer Protocols
10.6 Guidelines For Enhancing Security With Your Firewall
10.7Packet Filtering Vs Firewall
10.7.1.1 When To Use Filtering
10.7.2.1 When To Use The Firewall
11.1 Access Methods
11.2 Firewall Policies Overview
Page
11.3 Rule Logic Overview
11.3.3.1 Action
11.3.3.2 Service
11.3.3.3 Source Address
11.3.3.4 Destination Address
11.4 Connection Direction Examples
11.5 Alerts
11.6 Firewall Default Rule (Router Mode)
11.7 Firewall Default Rule (Bridge Mode)
Page
11.8 Firewall Rule Summary
11.8.1 Firewall Edit Rule
Firewall Edit Rule
Page
Page
11.9 Anti-Probing
11.10 Firewall Threshold
11.10.2.1 TCP Maximum Incomplete and Blocking Time
Page
11.11 Service
Page
11.11.1 Firewall Edit Custom Service
Custom Service
11.11.2 Predefined Services
Predefined Services
Service
DNS (UDP/TCP:53)
Page
11.12 Example Firewall Rule
Page
Any
Destination Address(es)
Delete
Edit Rule
Available Services
Services
Rule Summary
Page
12.1 Introduction to IDP
12.1.2 IDS and IDP
12.1.3 Host IDP
12.1.4 Network IDP
12.1.5.1 SQL Slammer Worm
12.1.5.2 Blaster W32.Worm
12.1.5.3 Nimda
12.1.5.4 MyDoom
13.1 Overview
13.2 General Setup
13.3 IDP Signatures
Page
Intrusion Severity
Signature Actions
13.3.4 Configuring IDP Signatures
Switch to query view
Backup & Restore
Page
13.3.5.1Query Example
Search
Go to Page
13.3.5.2 Query Example
13.4 Update
13.4.2 Configuring IDP Update
Auto-Update
Page
13.5 Backup and Restore
14.1 Anti-VirusOverview
14.2Introduction to the ZyWALL Anti-VirusScanner
14.2.1 How the ZyWALL Anti-VirusScanner Works
14.2.2 Notes About the ZyWALL Anti-Virus
14.3General Anti-VirusSetup
14.4 Signature Update
14.4.1 mySecurity Zone
14.4.2 Configuring Anti-virusUpdate
Page
Page
15.1 Anti-SpamOverview
15.1.1.1 SpamBulk Engine
15.1.1.2 SpamRepute Engine
15.1.1.3 SpamContent Engine
15.1.1.4 SpamTricks Engine
15.1.4 Whitelist
15.1.5 Blacklist
15.1.6 SMTP and POP3
15.2 Anti-SpamGeneral Screen
15.3 Anti-SpamExternal DB Screen
Page
15.4 Anti-SpamLists Screen
Page
15.5 Anti-SpamRule Edit Screen
Page
Page
16.1 Content Filtering Overview
16.2 Content Filter General
Page
16.3 Content Filtering with an External Database
16.4Content Filter Categories
Page
Page
Page
Page
Page
Page
16.5 Content Filter Customization
Page
16.6 Customizing Keyword Blocking URL Checking
16.7 Content Filtering Cache
Page
Page
17.1 Checking Content Filtering Activation
17.2Viewing Content Filtering Reports
Registered ZyXEL Products
Rename
Web Filter Home
Date Range
Allowed
Blocked
Action Taken
Run Report
URLs
17.3 Web Site Submission
Page
Page
18.1 VPN Overview
18.1.3.1 Encryption
18.1.3.2 Data Confidentiality
18.1.3.3 Data Integrity
18.1.3.4 Data Origin Authentication
18.1.4.1 Linking Two or More Private Networks Together
18.1.4.2 Accessing Network Resources When NAT Is Enabled
18.2 IPSec Architecture
18.3 Encapsulation
18.4IPSec and NAT
Page
Page
19.1 VPN/IPSec Overview
19.2 IPSec Algorithms
19.3 My ZyWALL
19.4 Remote Gateway Address
19.5 Nailed Up
19.6 NAT Traversal
19.7 ID Type and Content
19.7.1 ID Type and Content Examples
19.8 IKE Phases
19.8.1Negotiation Mode
Negotiation Mode
Main Mode
Aggressive Mode
Main Mode
19.9 X-Auth(Extended Authentication)
19.10 VPN Rules (IKE)
Page
19.11 VPN Rules (IKE) Gateway Policy Edit
Page
Page
Page
Page
Page
19.12 VPN Rules (IKE): Network Policy Edit
Page
Page
Page
19.13 VPN Rules (IKE): Network Policy Move
19.14 VPN Rules (Manual)
Page
19.15 VPN Rules (Manual): Edit
Page
Page
Page
19.16 VPN SA Monitor
19.17 VPN Global Setting
19.18 Telecommuter VPN/IPSec Examples
19.18.2 Telecommuters Using Unique VPN Rules Example
Page
19.19 VPN and Remote Management
Page
20.1 Certificates Overview
20.2Self-signedCertificates
20.3 Configuration Summary
20.4 My Certificates
Page
20.5 My Certificate Import
20.6 My Certificate Create
Page
Page
20.7 My Certificate Details
Page
Page
20.8 Trusted CAs
Figure 165 Trusted CAs
20.9 Trusted CA Import
20.10 Trusted CA Details
Page
Page
20.11 Trusted Remote Hosts
Page
20.12 Verifying a Trusted Remote Host’s Certificate
20.13 Trusted Remote Hosts Import
20.14 Trusted Remote Host Certificate Details
Page
Page
20.15 Directory Servers
20.16 Directory Server Add or Edit
Page
Page
21.1 Authentication Server Overview
21.2 Local User Database
Page
21.3 RADIUS
Table 123 RADIUS
22.1 NAT Overview
22.1.2 What NAT Does
22.1.3 How NAT Works
22.1.4 NAT Application
22.1.5 Port Restricted Cone NAT
22.1.6 NAT Mapping Types
One to One
Many to One
SUA
22.2 Using NAT
22.3 NAT Overview
22.4 NAT Address Mapping
Page
22.4.1 NAT Address Mapping Edit
NAT Address Mapping Edit
22.5 Port Forwarding
22.5.1 Default Server IP Address
Default Server
22.5.2 Port Forwarding: Services and Port Numbers
Port Forwarding
22.5.3 Configuring Servers Behind Port Forwarding (Example)
22.5.4 NAT and Multiple WAN
22.5.5 Port Translation
22.6 Port Forwarding
Page
22.7 Port Triggering
ADVANCED
NAT
Port Triggering
Page
Page
23.1 IP Static Route
23.2 IP Static Route
Page
23.2.1 IP Static Route Edit
Page
24.1 Policy Route
24.2Benefits
24.3Routing Policy
24.4 IP Routing Policy Setup
24.5 Policy Route Edit
Page
Page
Page
25.1 Bandwidth Management Overview
25.2 Bandwidth Classes and Filters
25.3 Proportional Bandwidth Allocation
25.4 Application-basedBandwidth Management
25.5 Subnet-basedBandwidth Management
25.6 Application and Subnet-basedBandwidth Management
25.7 Scheduler
25.7.4 Reserving Bandwidth for Non-BandwidthClass Traffic
Maximize Bandwidth Usage
25.7.5Maximize Bandwidth Usage Example
25.7.5.1 Priority-basedAllotment of Unused and Unbudgeted Bandwidth
25.7.5.2Fairness-basedAllotment of Unused and Unbudgeted Bandwidth
25.8 Bandwidth Borrowing
25.9Maximize Bandwidth Usage With Bandwidth Borrowing
25.10Configuring Summary
Page
25.11 Configuring Class Setup
25.11.1 Bandwidth Manager Class Configuration
Sub-Class
Page
H.323
SIP
25.11.2 Bandwidth Management Statistics
Bandwidth Management Statistics
Statistics
25.12 Configuring Monitor
Page
Page
26.1 DNS Overview
26.2 DNS Server Address Assignment
26.3DNS Servers
26.4 Address Record
26.5 Name Server Record
26.6 System Screen
Figure 200 System DNS
Table 147 System DNS
26.6.1 Adding an Address Record
System
26.6.2 Inserting a Name Server record
26.7 DNS Cache
26.8 Configure DNS Cache
26.9 Configuring DNS DHCP
Figure 204 DNS DHCP
Table 151 DNS DHCP
26.10 Dynamic DNS
26.11 Configuring Dynamic DNS
Figure 205 DDNS
Table 152 DDNS
Page
Page
27.1 Remote Management Overview
27.2 Introduction to HTTPS
27.3 WWW
Figure 207 WWW
Table 153 WWW
27.4 HTTPS Example
27.4.2 Netscape Navigator Warning Messages
Website Certified by an Unknown Authority
Examine Certificate
Accept this certificate permanently
27.4.3 Avoiding the Browser Warning Messages
Server Certificate
CERTIFICATES
Subject
27.4.4 Login Screen
Page
Replace Certificate
My Certificates
27.5 SSH
27.6 How SSH works
27.7SSH Implementation on the ZyWALL
27.8 Configuring SSH
27.9 Secure Telnet Using SSH Examples
27.10Secure FTP Using SSH Example
27.11 Telnet
27.12 Configuring TELNET
27.13 FTP
27.14 SNMP
Page
27.14.1 Supported MIBs
27.14.2 SNMP Traps
27.14.3 REMOTE MANAGEMENT: SNMP
SNMP
Figure 227 SNMP
Table 158 SNMP
27.15 DNS
27.16 Introducing Vantage CNM
27.17 Configuring CNM
Page
Page
28.1 Universal Plug and Play Overview
28.2 Configuring UPnP
28.3 Displaying UPnP Port Mapping
28.4 Installing UPnP in Windows Example
28.4.1 Installing UPnP in Windows Me
1Click Start, Settings and Control Panel. Double-click Add/Remove Programs
Windows Setup
Communication
Components
28.5Using UPnP in Windows XP Example
28.5.1Auto-discoverYour UPnP-enabledNetwork Device
Network Connections
Internet Gateway
Properties
28.5.2 Web Configurator Easy Access
1Click Start and then Control Panel
3Select My Network Places under Other Places
Local Network
Invoke
Page
29.1 ALG Introduction
29.2 FTP
29.4 RTP
Page
29.5SIP
29.6 ALG Screen
Figure 236 ALG
Table 163 ALG
30.1 Configuring View Log
30.2 Log Description Example
30.2.1 Certificate Not Trusted Log Note
2Click Download Center and then Certificate Download
Certificate Download
30.3 Configuring Log Settings
Page
Page
30.4 Configuring Reports
Figure 241 Reports
Table 167 Reports
30.4.1 Viewing Web Site Hits
Web Site Hits
Report Type
30.4.2 Viewing Protocol/Port
Protocol/Port
Page
30.4.3 Viewing Host IP Address
Host IP Address
30.4.4 Reports Specifications
31.1 Maintenance Overview
31.2 General Setup
31.3 Configuring Password
31.4 Time and Date
Page
Page
31.5 Pre-definedNTP Time Servers List
Page
31.6 Introduction To Transparent Bridging
31.7Transparent Firewalls
31.8 Configuring Device Mode (Router)
31.9 Configuring Device Mode (Bridge)
31.10 F/W Upload Screen
Firmware Upload in Process
31.11 Backup and Restore
31.11.1 Backup Configuration
31.11.2 Restore Configuration
Page
31.12 Restart Screen
32.1 Introduction to the SMT
32.2 Accessing the SMT via the Console Port
32.3 Navigating the SMT Interface
32.3.1 Main Menu
ZyWALL Main Menu
Page
32.3.2 SMT Menus Overview
Page
32.4 Changing the System Password
32.5 Resetting the ZyWALL
33.1 Introduction to General Setup
33.2 Configuring General Setup
Page
33.2.1.1 Editing DDNS Host
Menu 1.1.1 - DDNS Edit Host
Page
Page
34.1Introduction to WAN and Dial Backup Setup
34.2 WAN Setup
34.3 Dial Backup
34.4 Configuring Dial Backup in Menu
34.5 Advanced WAN Setup
Edit Advanced Setup
Menu 2 - WAN Setup
34.6 Remote Node Profile (Backup ISP)
Page
34.7 Editing PPP Options
34.8 Editing TCP/IP Options
Page
34.9 Editing Login Script
Page
34.10 Remote Node Filter
35.1 Introduction to LAN Setup
35.2 Accessing the LAN Menus
35.3 LAN Port Filter Setup
35.4 TCP/IP and DHCP Ethernet Setup Menu
Page
None
35.4.1 IP Alias Setup
Edit IP Alias
Menu 3.2.1 - IP Alias Setup
Page
36.1 Introduction to Internet Access Setup
36.2 Ethernet Encapsulation
My Login
My Password
Login Server
36.3 Configuring the PPTP Client
36.4 Configuring the PPPoE Client
36.5 Basic Setup Complete
37.1 Configuring DMZ Setup
37.2 DMZ Port Filter Setup
37.3 TCP/IP Setup
37.3.1 IP Address
2. TCP/IP and DHCP Setup
Menu 5.2
37.3.2 IP Alias Setup
Menu 5.2.1 - IP Alias Setup
Page
38.1 Configuring Route Setup
38.2 Route Assessment
38.3 Traffic Redirect
38.4 Route Failover
Page
39.1 Wireless LAN Setup
Page
39.1.1 MAC Address Filter Setup
2Enter 1 to display Menu 7.1 - Wireless Setup
Edit MAC Address Filter
[ENTER]. Menu 7.1.1 - WLAN MAC Address Filter displays as shown next
39.2 TCP/IP Setup
39.2.2IP Alias Setup
Menu 7.2.1 - IP Alias Setup
Page
40.1 Introduction to Remote Node Setup
40.2 Remote Node Setup
40.3 Remote Node Profile Setup
Page
40.3.2.1 Outgoing Authentication Protocol
40.3.2.2 Nailed-UpConnection
40.3.2.3 Metric
40.4 Edit IP
My WAN Addr
Gateway IP Addr
40.5 Remote Node Filter
40.6 Traffic Redirect
Page
41.1 IP Static Route Setup
Page
42.1 Using NAT
2Enter 1 to open Menu 11.1 - Remote Node Profile
[ENTER] to bring up Menu 11.1.2 - Remote Node Network Layer Options
42.2 NAT Setup
42.2.1.1 SUA Address Mapping Set
42.2.1.2 User-DefinedAddress Mapping Sets
42.2.1.3 Ordering Your Rules
Edit
Menu 15.1.1.1 - Address Mapping Rule
Local
Global Start/End IPs
42.3 Configuring a Server behind NAT
Menu 15.2.1.2 - NAT Server Configuration
Start Port
42.4 General NAT Examples
Page
42.4.2 Example 2: Internet Access with an Default Server
Default Server
42.4.3 Example 3: Multiple Public IP Addresses With Inside Servers
1 :
Many :
Menu 15.1 - Address Mapping Sets
Network Address Translation
Edit Action
Page
Page
42.4.4 Example 4: NAT Unfriendly Application Programs
Many-One-to-One
Many
42.5 Trigger Port Forwarding
Menu 15.3 - Trigger Ports
Menu 15.3.2 - Trigger Port Setup
Page
43.1 Using ZyWALL SMT Menus
Page
44.1 Introduction to Filters
44.1.1 The Filter Structure of the ZyWALL
Page
44.2 Configuring a Filter Set
44.2.1 Configuring a Filter Rule
44.2.2 Configuring a TCP/IP Filter Rule
TCP/IP Filter Rule
Filter Type
Menu 21.1.1.1 - TCP/IP Filter Rule
Page
44.2.3 Configuring a Generic Filter Rule
Offset
Length
Mask
Value
Generic Filter Rule
44.3 Example Filter
A = Y
Type = IP
Pr
DP
44.4Filter Types and NAT
44.5 Firewall Versus Filters
44.6 Applying a Filter
44.6.3 Applying Remote Node Filters
45.1 SNMP Configuration
45.2 SNMP Traps
46.1 Introduction to System Status
46.2 System Status
Menu 24.1 - System Maintenance - Status
46.3 System Information and Console Port Speed
46.3.2 Console Port Speed
Menu 24.2.2 – Console Port Speed
46.4 Log and Trace
46.4.2 Syslog Logging
Menu 24.3.2 - System Maintenance - Syslog Logging
Page
Page
46.5 Diagnostic
Menu 24.4 - System Maintenance - Diagnostic
46.5.1 WAN DHCP
IP Address Assignment
Encapsulation
None
WAN Release
Page
Page
47.1 Introduction
47.2 Filename Conventions
47.3 Backup Configuration
47.3.2 Using the FTP Command from the Command Line
47.3.3 Example of FTP Commands from the Command Line
47.3.4 GUI-basedFTP Clients
47.3.5 File Maintenance Over WAN
Secured Client IP
47.3.6Backup Configuration Using TFTP
Menu 24 – System Maintenance
47.3.7 TFTP Command Example
47.3.8 GUI-basedTFTP Clients
47.3.9 Backup Via Console Port
Transfer
Receive File
47.4Restore Configuration
Page
47.4.2 Restore Using FTP Session Example
47.4.3 Restore Via Console Port
Send File
47.5 Uploading Firmware and Configuration Files
47.5.2 Configuration File Upload
47.5.3 FTP File Upload Command from the DOS Prompt Example
47.5.4FTP Session Example of Firmware File Upload
47.5.5 TFTP File Upload
47.5.6 TFTP Upload Command Example
47.5.7 Uploading Via Console Port
47.5.8Uploading Firmware File Via Console Port
47.5.9Example Xmodem Firmware Upload Using HyperTerminal
47.5.10Uploading Configuration File Via Console Port
47.5.11Example Xmodem Configuration Upload Using HyperTerminal
Page
48.1 Command Interpreter Mode
48.1.2 Command Usage
48.2 Call Control Support
48.2.2 Call History
48.3 Time and Date Setting
Page
Page
Page
49.1 Remote Management
Page
49.1.1 Remote Management Limitations
Secure Client IP
Page
50.1 IP Routing Policy Summary
50.2 IP Routing Policy Setup
1Type 25 in the main menu to open Menu 25 - IP Routing Policy Summary
Menu 25.1 - IP Routing Policy Setup
50.2.1 Applying Policy to Packets
Menu 25.1: IP Routing Policy Setup
Edit policy to packets received from
Menu 25.1.1 - IP Routing Policy Setup
50.3 IP Policy Routing Example
1Create a rule in Menu 25.1 - IP Routing Policy Setup as shown next
Menu 25 - IP Routing Policy Summary
Page
Page
51.1 Introduction to Call Scheduling
Duration
Page
Page
52.1 Problems Starting Up the ZyWALL
52.2 Problems with the LAN Interface
52.3 Problems with the DMZ Interface
52.4 Problems with the WAN Interface
52.5 Problems Accessing the ZyWALL
52.5.1.1 Internet Explorer Pop-upBlockers
2Select Settings…to open the Pop-upBlocker Settings screen
Allowed sites
52.5.1.2JavaScripts
Custom Level
Scripting
Active scripting
Scripting of Java applets
52.5.1.3 Java Permissions
Advanced
2Make sure that Use Java 2 for <applet> under Java (Sun) is selected
52.6 Packet Flow
Page
Specification Tables
Page
Page
Page
Compatible ZyXEL WLAN Cards
WLAN Card and ZyWALL Turbo Card Installation
Cable Pin Assignments
Page
Page
General Installation Instructions
Desktop Installation
Rack-mountedInstallation Requirements
Rack-MountedInstallation
Page
Page
Removing a Fuse
Installing a Fuse
Page
Windows 95/98/Me
Installing Components
Adapter
Protocol
Microsoft
manufacturers
Configuring
Obtain an IP address automatically
Specify an IP address
Subnet Mask
Disable DNS
Windows 2000/NT/XP
3Right-click Local Area Connection and then click Properties
Internet Protocol (TCP/IP)
•Click Advanced
IP Settings
TCP/IP Address
IP address
Subnet mask
Use the following DNS server addresses
Preferred DNS server
Alternate DNS server
Macintosh OS 8/9
2Select Ethernet built-in from the Connect via list
Using DHCP Server
Configure:
Macintosh OS
Linux
Using the K Desktop Environment (KDE)
System Setting
Ethernet Device General
Automatically obtain IP address settings with
dhcp
Using Configuration Files
Page
Page
IP Addressing
IP Classes
Subnet Masks
Subnetting
Example: Two Subnets
Page
Example: Four Subnets
Example Eight Subnets
Subnetting With Class A and Class B Networks
Page
PPPoE in Action
Benefits of PPPoE
Traditional Dial-upScenario
How PPPoE Works
ZyWALL as a PPPoE Client
What is PPTP
PPTP and the ZyWALL
PPTP Protocol Overview
Control & PPP Connections
PPP Data Connection
Page
Wireless LAN Topologies
ESS
Channel
RTS/CTS
Fragmentation Threshold
Preamble Type
IEEE 802.11g Wireless LAN
IEEE
RADIUS
EAP Authentication
Types of Authentication
WEP Authentication Steps
Dynamic WEP Key Exchange
WPA
Security Parameters Summary
Roaming
Page
Requirements for Roaming
The Ideal Setup
The “Triangle Route” Problem
The “Triangle Route” Solutions
IP Aliasing
Gateways on the WAN Side
Configuring Triangle Route via Commands
Page
WinPopup
2Click the Start Menu Programs tab and click Advanced
Programs
StartUp
New
Shortcut
Create Shortcut
Command line
Finish
Page
General Notes
VPN Configuration
Page
BRANCH
Page
Page
Dialing the VPN Tunnel via Web Configurator
Figure 471 VPN Dial
VPN Troubleshooting
Page
IPSec Debug
Use a VPN Tunnel
Import ZyWALL Certificates into Netscape Navigator
Importing the ZyWALL’s Certificate into Internet Explorer
2Click Install Certificate to open the Install Certificate wizard
Install Certificate
Import Certificate
Page
Enrolling and Importing SSL Client Certificates
Installing the CA’s Certificate
Installing Your Personal Certificate(s)
File name
Place all certificates in the following store
Using a Certificate When Accessing the ZyWALL Example
Page
Page
Command Syntax
Command Usage
Page
Page
Page
Page
Page
Page
Page
Introduction
Display NetBIOS Filter Settings
NetBIOS Filter Configuration
Page
Page
Page
Page
Page
Page
Example
Page
Firmware and Configuration File Maintenance
Page
Page
Page
Page
Page
Table 280 ICMP Logs
Table 281 CDR Logs
Table 282 PPP Logs
Table 283 UPnP Logs
Page
Page
Table 288 IPSec Logs
Table 289 IKE Logs
Page
Page
Table 290 PKI Logs
Page
Page
Page
Table 295 IDP Logs
Table 296 AV Logs
Table 297 AS Logs
Page
Syslog Logs
Page
Log Commands
Log Command Example
Numerics
