| Section |
Page |
| ZyWALL USG 100/200 Series |
1 |
| About This User's Guide |
3 |
| Document Conventions |
6 |
| Safety Warnings |
8 |
| Contents Overview |
9 |
| Table of Contents |
11 |
| User’s Guide |
31 |
| Introducing the ZyWALL |
33 |
| 1.1 Overview and Key Default Settings |
33 |
| 1.2 Rack-mounted Installation |
34 |
| 1.2.1 Rack-Mounted Installation Procedure |
34 |
| 1.3 Front Panel |
35 |
| 1.3.1 Front Panel LEDs |
36 |
| 1.4 Management Overview |
36 |
| 1.5 Starting and Stopping the ZyWALL |
37 |
| Features and Applications |
39 |
| 2.1 Features |
39 |
| 2.2 Applications |
41 |
| 2.2.1 VPN Connectivity |
42 |
| 2.2.2 SSL VPN Network Access |
42 |
| 2.2.3 User-Aware Access Control |
44 |
| 2.2.4 Multiple WAN Interfaces |
44 |
| 2.2.5 Device HA |
45 |
| Web Configurator |
47 |
| 3.1 Web Configurator Requirements |
47 |
| 3.2 Web Configurator Access |
47 |
| 3.3 Web Configurator Screens Overview |
49 |
| 3.3.1 Title Bar |
50 |
| 3.3.2 Navigation Panel |
50 |
| 3.3.3 Main Window |
57 |
| 3.3.4 Tables and Lists |
59 |
| Installation Setup Wizard |
63 |
| 4.1 Installation Setup Wizard Screens |
63 |
| 4.1.1 Internet Access Setup - WAN Interface |
64 |
| 4.1.2 Internet Access: Ethernet |
64 |
| 4.1.3 Internet Access: PPPoE |
66 |
| 4.1.4 Internet Access: PPTP |
67 |
| 4.1.5 ISP Parameters |
68 |
| 4.1.6 Internet Access Setup - Second WAN Interface |
69 |
| 4.1.7 Internet Access - Finish |
70 |
| 4.2 Device Registration |
70 |
| Quick Setup |
73 |
| 5.1 Quick Setup Overview |
73 |
| 5.2 WAN Interface Quick Setup |
74 |
| 5.2.1 Choose an Ethernet Interface |
74 |
| 5.2.2 Select WAN Type |
74 |
| 5.2.3 Configure WAN Settings |
75 |
| 5.2.4 WAN and ISP Connection Settings |
76 |
| 5.2.5 Quick Setup Interface Wizard: Summary |
78 |
| 5.3 VPN Quick Setup |
79 |
| 5.4 VPN Setup Wizard: Wizard Type |
80 |
| 5.5 VPN Express Wizard - Scenario |
81 |
| 5.5.1 VPN Express Wizard - Configuration |
82 |
| 5.5.2 VPN Express Wizard - Summary |
83 |
| 5.5.3 VPN Express Wizard - Finish |
84 |
| 5.5.4 VPN Advanced Wizard - Scenario |
85 |
| 5.5.5 VPN Advanced Wizard - Phase 1 Settings |
86 |
| 5.5.6 VPN Advanced Wizard - Phase 2 |
88 |
| 5.5.7 VPN Advanced Wizard - Summary |
89 |
| 5.5.8 VPN Advanced Wizard - Finish |
90 |
| Configuration Basics |
91 |
| 6.1 Object-based Configuration |
91 |
| 6.2 Zones, Interfaces, and Physical Ports |
92 |
| 6.2.1 Interface Types |
93 |
| 6.2.2 Default Interface and Zone Configuration |
94 |
| 6.3 Terminology in the ZyWALL |
95 |
| 6.4 Packet Flow |
97 |
| 6.4.1 ZLD 2.20 Packet Flow Enhancements |
97 |
| 6.4.2 Routing Table Checking Flow Enhancements |
98 |
| 6.4.3 NAT Table Checking Flow |
99 |
| 6.5 Feature Configuration Overview |
100 |
| 6.5.1 Feature |
101 |
| 6.5.2 Licensing Registration |
101 |
| 6.5.3 Licensing Update |
101 |
| 6.5.4 Interface |
102 |
| 6.5.5 Trunks |
102 |
| 6.5.6 Policy Routes |
102 |
| 6.5.7 Static Routes |
104 |
| 6.5.8 Zones |
104 |
| 6.5.9 DDNS |
104 |
| 6.5.10 NAT |
104 |
| 6.5.11 HTTP Redirect |
105 |
| 6.5.12 ALG |
106 |
| 6.5.13 Auth. Policy |
106 |
| 6.5.14 Firewall |
106 |
| 6.5.15 IPSec VPN |
107 |
| 6.5.16 SSL VPN |
107 |
| 6.5.17 L2TP VPN |
108 |
| 6.5.18 Application Patrol |
108 |
| 6.5.19 Anti-Virus |
109 |
| 6.5.20 IDP |
109 |
| 6.5.21 ADP |
109 |
| 6.5.22 Content Filter |
109 |
| 6.5.23 Anti-Spam |
110 |
| 6.5.24 Device HA |
110 |
| 6.6 Objects |
111 |
| 6.6.1 User/Group |
111 |
| 6.7 System |
112 |
| 6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-in Mgmt, Vantage CNM |
112 |
| 6.7.2 Logs and Reports |
113 |
| 6.7.3 File Manager |
113 |
| 6.7.4 Diagnostics |
113 |
| 6.7.5 Shutdown |
113 |
| Tutorials |
115 |
| 7.1 How to Configure Interfaces, Port Roles, and Zones |
115 |
| 7.1.1 Configure a WAN Ethernet Interface |
116 |
| 7.1.2 Configure the OPT Interface for a Local Network |
117 |
| 7.1.3 Configure Zones |
118 |
| 7.1.4 Configure Port Roles |
119 |
| 7.2 How to Configure a Cellular Interface |
120 |
| 7.3 How to Configure Load Balancing |
122 |
| 7.3.1 Set Up Available Bandwidth on Ethernet Interfaces |
122 |
| 7.3.2 Configure the WAN Trunk |
123 |
| 7.4 How to Set Up a Wireless LAN |
125 |
| 7.4.1 Set Up User Accounts |
125 |
| 7.4.2 Create the WLAN Interface |
126 |
| 7.4.3 Set Up the Wireless Clients to Use the WLAN Interface |
129 |
| 7.5 How to Set Up an IPSec VPN Tunnel |
141 |
| 7.5.1 Set Up the VPN Gateway |
142 |
| 7.5.2 Set Up the VPN Connection |
142 |
| 7.5.3 Configure Security Policies for the VPN Tunnel |
144 |
| 7.6 How to Configure a Hub-and-spoke IPSec VPN Without a VPN Concentrator |
144 |
| 7.7 How to Configure User-aware Access Control |
146 |
| 7.7.1 Set Up User Accounts |
147 |
| 7.7.2 Set Up User Groups |
148 |
| 7.7.3 Set Up User Authentication Using the RADIUS Server |
148 |
| 7.7.4 Web Surfing Policies With Bandwidth Restrictions |
150 |
| 7.7.5 Set Up MSN Policies |
153 |
| 7.7.6 Set Up Firewall Rules |
154 |
| 7.8 How to Use a RADIUS Server to Authenticate User Accounts based on Groups |
155 |
| 7.9 How to Use Endpoint Security and Authentication Policies |
157 |
| 7.9.1 Configure the Endpoint Security Objects |
157 |
| 7.9.2 Configure the Authentication Policy |
159 |
| 7.10 How to Configure Service Control |
160 |
| 7.10.1 Allow HTTPS Administrator Access Only From the LAN |
161 |
| 7.11 How to Allow Incoming H.323 Peer-to-peer Calls |
163 |
| 7.11.1 Turn On the ALG |
164 |
| 7.11.2 Set Up a NAT Policy For H.323 |
164 |
| 7.11.3 Set Up a Firewall Rule For H.323 |
166 |
| 7.12 How to Allow Public Access to a Web Server |
167 |
| 7.12.1 Create the Address Objects |
168 |
| 7.12.2 Configure NAT |
168 |
| 7.12.3 Set Up a Firewall Rule |
169 |
| 7.13 How to Use an IPPBX on the DMZ |
170 |
| 7.13.1 Turn On the ALG |
172 |
| 7.13.2 Create the Address Objects |
172 |
| 7.13.3 Setup a NAT Policy for the IPPBX |
173 |
| 7.13.4 Set Up a WAN to DMZ Firewall Rule for SIP |
174 |
| 7.13.5 Set Up a DMZ to LAN Firewall Rule for SIP |
175 |
| 7.14 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic |
176 |
| 7.14.1 Create the Public IP Address Range Object |
176 |
| 7.14.2 Configure the Policy Route |
177 |
| 7.15 How to Use Active-Passive Device HA |
177 |
| 7.15.1 Before You Start |
178 |
| 7.15.2 Configure Device HA on the Master ZyWALL |
179 |
| 7.15.3 Configure the Backup ZyWALL |
181 |
| 7.15.4 Deploy the Backup ZyWALL |
183 |
| 7.15.5 Check Your Device HA Setup |
183 |
| L2TP VPN Example |
185 |
| 8.1 L2TP VPN Example |
185 |
| 8.2 Configuring the Default L2TP VPN Gateway Example |
185 |
| 8.3 Configuring the Default L2TP VPN Connection Example |
187 |
| 8.4 Configuring the L2TP VPN Settings Example |
188 |
| 8.5 Configuring L2TP VPN in Windows Vista, XP, or 2000 |
189 |
| 8.5.1 Configuring L2TP in Windows Vista |
189 |
| 8.5.2 Configuring L2TP in Windows XP |
199 |
| 8.5.3 Configuring L2TP in Windows 2000 |
205 |
| Technical Reference |
221 |
| Dashboard |
223 |
| 9.1 Overview |
223 |
| 9.1.1 What You Can Do in this Chapter |
223 |
| 9.2 The Dashboard Screen |
223 |
| 9.2.1 The CPU Usage Screen |
230 |
| 9.2.2 The Memory Usage Screen |
231 |
| 9.2.3 The Session Usage Screen |
232 |
| 9.2.4 The VPN Status Screen |
233 |
| 9.2.5 The DHCP Table Screen |
233 |
| 9.2.6 The Number of Login Users Screen |
234 |
| Monitor |
237 |
| 10.1 Overview |
237 |
| 10.1.1 What You Can Do in this Chapter |
237 |
| 10.2 The Port Statistics Screen |
238 |
| 10.2.1 The Port Statistics Graph Screen |
240 |
| 10.3 Interface Status Screen |
241 |
| 10.4 The Traffic Statistics Screen |
244 |
| 10.5 The Session Monitor Screen |
247 |
| 10.6 The DDNS Status Screen |
250 |
| 10.7 IP/MAC Binding Monitor |
250 |
| 10.8 The Login Users Screen |
252 |
| 10.9 WLAN Interface Station Monitor Screen |
252 |
| 10.10 Cellular Status Screen |
254 |
| 10.11 Application Patrol Statistics |
256 |
| 10.11.1 Application Patrol Statistics: General Setup |
256 |
| 10.11.2 Application Patrol Statistics: Bandwidth Statistics |
257 |
| 10.11.3 Application Patrol Statistics: Protocol Statistics |
258 |
| 10.11.4 Application Patrol Statistics: Individual Protocol Statistics by Rule |
259 |
| 10.12 The IPSec Monitor Screen |
260 |
| 10.12.1 Regular Expressions in Searching IPSec SAs |
262 |
| 10.13 The SSL Connection Monitor Screen |
263 |
| 10.14 L2TP over IPSec Session Monitor Screen |
264 |
| 10.15 The Anti-Virus Statistics Screen |
265 |
| 10.16 The IDP Statistics Screen |
267 |
| 10.17 The Content Filter Statistics Screen |
269 |
| 10.18 Content Filter Cache Screen |
270 |
| 10.19 The Anti-Spam Statistics Screen |
273 |
| 10.20 The Anti-Spam Status Screen |
275 |
| 10.21 Log Screen |
276 |
| Registration |
279 |
| 11.1 Overview |
279 |
| 11.1.1 What You Can Do in this Chapter |
279 |
| 11.1.2 What you Need to Know |
279 |
| 11.2 The Registration Screen |
281 |
| 11.3 The Service Screen |
283 |
| Signature Update |
285 |
| 12.1 Overview |
285 |
| 12.1.1 What You Can Do in this Chapter |
285 |
| 12.1.2 What you Need to Know |
285 |
| 12.2 The Antivirus Update Screen |
286 |
| 12.3 The IDP/AppPatrol Update Screen |
287 |
| 12.4 The System Protect Update Screen |
289 |
| Interfaces |
291 |
| 13.1 Interface Overview |
291 |
| 13.1.1 What You Can Do in this Chapter |
291 |
| 13.1.2 What You Need to Know |
292 |
| 13.2 Port Role |
295 |
| 13.3 Ethernet Summary Screen |
296 |
| 13.3.1 Ethernet Edit |
298 |
| 13.3.2 Object References |
306 |
| 13.4 PPP Interfaces |
307 |
| 13.4.1 PPP Interface Summary |
308 |
| 13.4.2 PPP Interface Add or Edit |
310 |
| 13.5 Cellular Configuration Screen (3G) |
314 |
| 13.5.1 Cellular Add/Edit Screen |
316 |
| 13.6 WLAN Interface General Screen |
323 |
| 13.6.1 WLAN Add/Edit Screen |
326 |
| 13.6.2 WLAN Add/Edit: WEP Security |
332 |
| 13.6.3 WLAN Add/Edit: WPA-PSK/WPA2-PSK Security |
333 |
| 13.6.4 WLAN Add/Edit: WPA/WPA2 Security |
334 |
| 13.7 WLAN Interface MAC Filter |
336 |
| 13.8 VLAN Interfaces |
338 |
| 13.8.1 VLAN Summary Screen |
340 |
| 13.8.2 VLAN Add/Edit |
341 |
| 13.9 Bridge Interfaces |
348 |
| 13.9.1 Bridge Summary |
350 |
| 13.9.2 Bridge Add/Edit |
351 |
| 13.10 Auxiliary Interface |
357 |
| 13.10.1 Auxiliary Interface Overview |
357 |
| 13.10.2 Auxiliary |
357 |
| 13.11 Virtual Interfaces |
359 |
| 13.11.1 Virtual Interfaces Add/Edit |
360 |
| 13.12 Interface Technical Reference |
361 |
| Trunks |
367 |
| 14.1 Overview |
367 |
| 14.1.1 What You Can Do in this Chapter |
367 |
| 14.1.2 What You Need to Know |
368 |
| 14.2 The Trunk Summary Screen |
372 |
| 14.3 Configuring a Trunk |
373 |
| 14.4 Trunk Technical Reference |
375 |
| Policy and Static Routes |
377 |
| 15.1 Policy and Static Routes Overview |
377 |
| 15.1.1 What You Can Do in this Chapter |
377 |
| 15.1.2 What You Need to Know |
378 |
| 15.2 Policy Route Screen |
380 |
| 15.2.1 Policy Route Edit Screen |
383 |
| 15.3 IP Static Route Screen |
387 |
| 15.3.1 Static Route Add/Edit Screen |
388 |
| 15.4 Policy Routing Technical Reference |
389 |
| Routing Protocols |
393 |
| 16.1 Routing Protocols Overview |
393 |
| 16.1.1 What You Can Do in this Chapter |
393 |
| 16.1.2 What You Need to Know |
393 |
| 16.2 The RIP Screen |
394 |
| 16.3 The OSPF Screen |
395 |
| 16.3.1 Configuring the OSPF Screen |
399 |
| 16.3.2 OSPF Area Add/Edit Screen |
402 |
| 16.3.3 Virtual Link Add/Edit Screen |
403 |
| 16.4 Routing Protocol Technical Reference |
404 |
| Zones |
407 |
| 17.1 Zones Overview |
407 |
| 17.1.1 What You Can Do in this Chapter |
407 |
| 17.1.2 What You Need to Know |
408 |
| 17.2 The Zone Screen |
409 |
| 17.3 Zone Edit |
410 |
| DDNS |
411 |
| 18.1 DDNS Overview |
411 |
| 18.1.1 What You Can Do in this Chapter |
411 |
| 18.1.2 What You Need to Know |
411 |
| 18.2 The DDNS Screen |
412 |
| 18.2.1 The Dynamic DNS Add/Edit Screen |
414 |
| NAT |
417 |
| 19.1 NAT Overview |
417 |
| 19.1.1 What You Can Do in this Chapter |
417 |
| 19.1.2 What You Need to Know |
418 |
| 19.2 The NAT Screen |
418 |
| 19.2.1 The NAT Add/Edit Screen |
420 |
| 19.3 NAT Technical Reference |
423 |
| HTTP Redirect |
427 |
| 20.1 Overview |
427 |
| 20.1.1 What You Can Do in this Chapter |
427 |
| 20.1.2 What You Need to Know |
428 |
| 20.2 The HTTP Redirect Screen |
429 |
| 20.2.1 The HTTP Redirect Edit Screen |
430 |
| ALG |
431 |
| 21.1 ALG Overview |
431 |
| 21.1.1 What You Can Do in this Chapter |
431 |
| 21.1.2 What You Need to Know |
432 |
| 21.1.3 Before You Begin |
435 |
| 21.2 The ALG Screen |
435 |
| 21.3 ALG Technical Reference |
437 |
| IP/MAC Binding |
439 |
| 22.1 IP/MAC Binding Overview |
439 |
| 22.1.1 What You Can Do in this Chapter |
439 |
| 22.1.2 What You Need to Know |
440 |
| 22.2 IP/MAC Binding Summary |
440 |
| 22.2.1 IP/MAC Binding Edit |
441 |
| 22.2.2 Static DHCP Edit |
442 |
| 22.3 IP/MAC Binding Exempt List |
443 |
| Authentication Policy |
445 |
| 23.1 Overview |
445 |
| 23.1.1 What You Can Do in this Chapter |
445 |
| 23.1.2 What You Need to Know |
446 |
| 23.2 Authentication Policy Screen |
446 |
| 23.2.1 Creating/Editing an Authentication Policy |
449 |
| Firewall |
453 |
| 24.1 Overview |
453 |
| 24.1.1 What You Can Do in this Chapter |
453 |
| 24.1.2 What You Need to Know |
454 |
| 24.1.3 Firewall Rule Example Applications |
456 |
| 24.1.4 Firewall Rule Configuration Example |
459 |
| 24.2 The Firewall Screen |
461 |
| 24.2.1 Configuring the Firewall Screen |
462 |
| 24.2.2 The Firewall Add/Edit Screen |
465 |
| 24.3 The Session Limit Screen |
466 |
| 24.3.1 The Session Limit Add/Edit Screen |
468 |
| IPSec VPN |
471 |
| 25.1 IPSec VPN Overview |
471 |
| 25.1.1 What You Can Do in this Chapter |
471 |
| 25.1.2 What You Need to Know |
472 |
| 25.1.3 Before You Begin |
474 |
| 25.2 The VPN Connection Screen |
474 |
| 25.2.1 The VPN Connection Add/Edit (IKE) Screen |
476 |
| 25.2.2 The VPN Connection Add/Edit Manual Key Screen |
483 |
| 25.3 The VPN Gateway Screen |
486 |
| 25.3.1 The VPN Gateway Add/Edit Screen |
487 |
| 25.4 VPN Concentrator |
495 |
| 25.4.1 IPSec VPN Concentrator Example |
495 |
| 25.4.2 VPN Concentrator Screen |
498 |
| 25.4.3 The VPN Concentrator Add/Edit Screen |
498 |
| 25.5 IPSec VPN Background Information |
499 |
| SSL VPN |
511 |
| 26.1 Overview |
511 |
| 26.1.1 What You Can Do in this Chapter |
511 |
| 26.1.2 What You Need to Know |
511 |
| 26.2 The SSL Access Privilege Screen |
514 |
| 26.2.1 The SSL Access Policy Add/Edit Screen |
516 |
| 26.3 The SSL Global Setting Screen |
519 |
| 26.3.1 How to Upload a Custom Logo |
521 |
| 26.4 Establishing an SSL VPN Connection |
522 |
| SSL User Screens |
525 |
| 27.1 Overview |
525 |
| 27.1.1 What You Need to Know |
525 |
| 27.2 Remote User Login |
526 |
| 27.3 The SSL VPN User Screens |
531 |
| 27.4 Bookmarking the ZyWALL |
532 |
| 27.5 Logging Out of the SSL VPN User Screens |
532 |
| SSL User Application Screens |
535 |
| 28.1 SSL User Application Screens Overview |
535 |
| 28.2 The Application Screen |
535 |
| SSL User File Sharing |
537 |
| 29.1 Overview |
537 |
| 29.1.1 What You Need to Know |
537 |
| 29.2 The Main File Sharing Screen |
538 |
| 29.3 Opening a File or Folder |
538 |
| 29.3.1 Downloading a File |
540 |
| 29.3.2 Saving a File |
541 |
| 29.4 Creating a New Folder |
541 |
| 29.5 Renaming a File or Folder |
542 |
| 29.6 Deleting a File or Folder |
542 |
| 29.7 Uploading a File |
543 |
| ZyWALL SecuExtender |
545 |
| 30.1 The ZyWALL SecuExtender Icon |
545 |
| 30.2 Statistics |
546 |
| 30.3 View Log |
547 |
| 30.4 Suspend and Resume the Connection |
547 |
| 30.5 Stop the Connection |
548 |
| 30.6 Uninstalling the ZyWALL SecuExtender |
548 |
| L2TP VPN |
549 |
| 31.1 Overview |
549 |
| 31.1.1 What You Can Do in this Chapter |
549 |
| 31.1.2 What You Need to Know |
549 |
| 31.2 L2TP VPN Screen |
551 |
| Application Patrol |
553 |
| 32.1 Overview |
553 |
| 32.1.1 What You Can Do in this Chapter |
553 |
| 32.1.2 What You Need to Know |
554 |
| 32.1.3 Application Patrol Bandwidth Management Examples |
559 |
| 32.2 Application Patrol General Screen |
563 |
| 32.3 Application Patrol Applications |
564 |
| 32.3.1 The Application Patrol Edit Screen |
565 |
| 32.3.2 The Application Patrol Policy Edit Screen |
569 |
| 32.4 The Other Applications Screen |
572 |
| 32.4.1 The Other Applications Add/Edit Screen |
575 |
| Anti-Virus |
579 |
| 33.1 Overview |
579 |
| 33.1.1 What You Can Do in this Chapter |
579 |
| 33.1.2 What You Need to Know |
580 |
| 33.1.3 Before You Begin |
582 |
| 33.2 Anti-Virus Summary Screen |
582 |
| 33.2.1 Anti-Virus Policy Add or Edit Screen |
585 |
| 33.3 Anti-Virus Black List |
587 |
| 33.4 Anti-Virus Black List or White List Add/Edit |
588 |
| 33.5 Anti-Virus White List |
589 |
| 33.6 Signature Searching |
590 |
| 33.7 Anti-Virus Technical Reference |
593 |
| IDP |
595 |
| 34.1 Overview |
595 |
| 34.1.1 What You Can Do in this Chapter |
595 |
| 34.1.2 What You Need To Know |
595 |
| 34.1.3 Before You Begin |
596 |
| 34.2 The IDP General Screen |
597 |
| 34.3 Introducing IDP Profiles |
599 |
| 34.3.1 Base Profiles |
600 |
| 34.4 The Profile Summary Screen |
601 |
| 34.5 Creating New Profiles |
602 |
| 34.5.1 Procedure To Create a New Profile |
602 |
| 34.6 Profiles: Packet Inspection |
603 |
| 34.6.1 Profile > Group View Screen |
603 |
| 34.6.2 Policy Types |
606 |
| 34.6.3 IDP Service Groups |
607 |
| 34.6.4 Profile > Query View Screen |
608 |
| 34.6.5 Query Example |
611 |
| 34.7 Introducing IDP Custom Signatures |
613 |
| 34.7.1 IP Packet Header |
613 |
| 34.8 Configuring Custom Signatures |
614 |
| 34.8.1 Creating or Editing a Custom Signature |
616 |
| 34.8.2 Custom Signature Example |
622 |
| 34.8.3 Applying Custom Signatures |
624 |
| 34.8.4 Verifying Custom Signatures |
625 |
| 34.9 IDP Technical Reference |
626 |
| ADP |
629 |
| 35.1 Overview |
629 |
| 35.1.1 ADP and IDP Comparison |
629 |
| 35.1.2 What You Can Do in this Chapter |
629 |
| 35.1.3 What You Need To Know |
629 |
| 35.1.4 Before You Begin |
630 |
| 35.2 The ADP General Screen |
631 |
| 35.3 The Profile Summary Screen |
632 |
| 35.3.1 Base Profiles |
633 |
| 35.3.2 Configuring The ADP Profile Summary Screen |
633 |
| 35.3.3 Creating New ADP Profiles |
634 |
| 35.3.4 Traffic Anomaly Profiles |
634 |
| 35.3.5 Protocol Anomaly Profiles |
637 |
| 35.3.6 Protocol Anomaly Configuration |
637 |
| 35.4 ADP Technical Reference |
641 |
| Content Filtering |
649 |
| 36.1 Overview |
649 |
| 36.1.1 What You Can Do in this Chapter |
649 |
| 36.1.2 What You Need to Know |
649 |
| 36.1.3 Before You Begin |
651 |
| 36.2 Content Filter General Screen |
651 |
| 36.3 Content Filter Policy Add or Edit Screen |
654 |
| 36.4 Content Filter Profile Screen |
656 |
| 36.5 Content Filter Categories Screen |
656 |
| 36.5.1 Content Filter Blocked and Warning Messages |
668 |
| 36.6 Content Filter Customization Screen |
669 |
| 36.7 Content Filter Technical Reference |
671 |
| Content Filter Reports |
673 |
| 37.1 Overview |
673 |
| 37.2 Viewing Content Filter Reports |
673 |
| Anti-Spam |
681 |
| 38.1 Overview |
681 |
| 38.1.1 What You Can Do in this Chapter |
681 |
| 38.1.2 What You Need to Know |
681 |
| 38.2 Before You Begin |
683 |
| 38.3 The Anti-Spam General Screen |
683 |
| 38.3.1 The Anti-Spam Policy Add or Edit Screen |
685 |
| 38.4 The Anti-Spam Black List Screen |
687 |
| 38.4.1 The Anti-Spam Black or White List Add/Edit Screen |
689 |
| 38.4.2 Regular Expressions in Black or White List Entries |
690 |
| 38.5 The Anti-Spam White List Screen |
691 |
| 38.6 The DNSBL Screen |
692 |
| 38.7 Anti-Spam Technical Reference |
694 |
| Device HA |
699 |
| 39.1 Overview |
699 |
| 39.1.1 What You Can Do in this Chapter |
699 |
| 39.1.2 What You Need to Know |
699 |
| 39.1.3 Before You Begin |
700 |
| 39.2 Device HA General |
701 |
| 39.3 The Active-Passive Mode Screen |
702 |
| 39.3.1 Configuring Active-Passive Mode Device HA |
704 |
| 39.4 Configuring an Active-Passive Mode Monitored Interface |
707 |
| 39.5 The Legacy Mode Screen |
709 |
| 39.6 Configuring the Legacy Mode Screen |
710 |
| 39.7 Device HA Technical Reference |
714 |
| User/Group |
721 |
| 40.1 Overview |
721 |
| 40.1.1 What You Can Do in this Chapter |
721 |
| 40.1.2 What You Need To Know |
721 |
| 40.2 User Summary Screen |
724 |
| 40.2.1 User Add/Edit Screen |
724 |
| 40.3 User Group Summary Screen |
727 |
| 40.3.1 Group Add/Edit Screen |
728 |
| 40.4 Setting Screen |
729 |
| 40.4.1 Default User Authentication Timeout Settings Edit Screens |
732 |
| 40.4.2 User Aware Login Example |
734 |
| 40.5 User /Group Technical Reference |
735 |
| Addresses |
737 |
| 41.1 Overview |
737 |
| 41.1.1 What You Can Do in this Chapter |
737 |
| 41.1.2 What You Need To Know |
737 |
| 41.2 Address Summary Screen |
737 |
| 41.2.1 Address Add/Edit Screen |
739 |
| 41.3 Address Group Summary Screen |
740 |
| 41.3.1 Address Group Add/Edit Screen |
741 |
| Services |
743 |
| 42.1 Overview |
743 |
| 42.1.1 What You Can Do in this Chapter |
743 |
| 42.1.2 What You Need to Know |
743 |
| 42.2 The Service Summary Screen |
744 |
| 42.2.1 The Service Add/Edit Screen |
746 |
| 42.3 The Service Group Summary Screen |
746 |
| 42.3.1 The Service Group Add/Edit Screen |
748 |
| Schedules |
749 |
| 43.1 Overview |
749 |
| 43.1.1 What You Can Do in this Chapter |
749 |
| 43.1.2 What You Need to Know |
749 |
| 43.2 The Schedule Summary Screen |
750 |
| 43.2.1 The One-Time Schedule Add/Edit Screen |
751 |
| 43.2.2 The Recurring Schedule Add/Edit Screen |
752 |
| AAA Server |
755 |
| 44.1 Overview |
755 |
| 44.1.1 Directory Service (AD/LDAP) |
755 |
| 44.1.2 RADIUS Server |
756 |
| 44.1.3 ASAS |
756 |
| 44.1.4 What You Can Do in this Chapter |
756 |
| 44.1.5 What You Need To Know |
757 |
| 44.2 Active Directory or LDAP Server Summary |
759 |
| 44.2.1 Adding an Active Directory or LDAP Server |
759 |
| 44.3 RADIUS Server Summary |
761 |
| 44.3.1 Adding a RADIUS Server |
763 |
| Authentication Method |
765 |
| 45.1 Overview |
765 |
| 45.1.1 What You Can Do in this Chapter |
765 |
| 45.1.2 Before You Begin |
765 |
| 45.1.3 Example: Selecting a VPN Authentication Method |
765 |
| 45.2 Authentication Method Objects |
766 |
| 45.2.1 Creating an Authentication Method Object |
767 |
| Certificates |
771 |
| 46.1 Overview |
771 |
| 46.1.1 What You Can Do in this Chapter |
771 |
| 46.1.2 What You Need to Know |
771 |
| 46.1.3 Verifying a Certificate |
773 |
| 46.2 The My Certificates Screen |
775 |
| 46.2.1 The My Certificates Add Screen |
776 |
| 46.2.2 The My Certificates Edit Screen |
781 |
| 46.2.3 The My Certificates Import Screen |
784 |
| 46.3 The Trusted Certificates Screen |
785 |
| 46.3.1 The Trusted Certificates Edit Screen |
786 |
| 46.3.2 The Trusted Certificates Import Screen |
790 |
| 46.4 Certificates Technical Reference |
791 |
| ISP Accounts |
793 |
| 47.1 Overview |
793 |
| 47.1.1 What You Can Do in this Chapter |
793 |
| 47.2 ISP Account Summary |
793 |
| 47.2.1 ISP Account Edit |
794 |
| SSL Application |
797 |
| 48.1 Overview |
797 |
| 48.1.1 What You Can Do in this Chapter |
797 |
| 48.1.2 What You Need to Know |
797 |
| 48.1.3 Example: Specifying a Web Site for Access |
798 |
| 48.2 The SSL Application Screen |
799 |
| 48.2.1 Creating/Editing a Web-based SSL Application Object |
800 |
| 48.2.2 Creating/Editing a File Sharing SSL Application Object |
802 |
| Endpoint Security |
805 |
| 49.1 Overview |
805 |
| 49.1.1 What You Can Do in this Chapter |
806 |
| 49.1.2 What You Need to Know |
806 |
| 49.2 Endpoint Security Screen |
807 |
| 49.3 Endpoint Security Add/Edit |
809 |
| System |
815 |
| 50.1 Overview |
815 |
| 50.1.1 What You Can Do in this Chapter |
815 |
| 50.2 Host Name |
816 |
| 50.3 Date and Time |
817 |
| 50.3.1 Pre-defined NTP Time Servers List |
819 |
| 50.3.2 Time Server Synchronization |
820 |
| 50.4 Console Port Speed |
821 |
| 50.5 DNS Overview |
821 |
| 50.5.1 DNS Server Address Assignment |
822 |
| 50.5.2 Configuring the DNS Screen |
822 |
| 50.5.3 Address Record |
825 |
| 50.5.4 PTR Record |
825 |
| 50.5.5 Adding an Address/PTR Record |
825 |
| 50.5.6 Domain Zone Forwarder |
826 |
| 50.5.7 Adding a Domain Zone Forwarder |
826 |
| 50.5.8 MX Record |
827 |
| 50.5.9 Adding a MX Record |
828 |
| 50.5.10 Adding a DNS Service Control Rule |
828 |
| 50.6 WWW Overview |
829 |
| 50.6.1 Service Access Limitations |
830 |
| 50.6.2 System Timeout |
830 |
| 50.6.3 HTTPS |
830 |
| 50.6.4 Configuring WWW Service Control |
831 |
| 50.6.5 Service Control Rules |
835 |
| 50.6.6 Customizing the WWW Login Page |
835 |
| 50.6.7 HTTPS Example |
839 |
| 50.7 SSH |
846 |
| 50.7.1 How SSH Works |
847 |
| 50.7.2 SSH Implementation on the ZyWALL |
848 |
| 50.7.3 Requirements for Using SSH |
848 |
| 50.7.4 Configuring SSH |
848 |
| 50.7.5 Secure Telnet Using SSH Examples |
850 |
| 50.8 Telnet |
851 |
| 50.8.1 Configuring Telnet |
852 |
| 50.9 FTP |
853 |
| 50.9.1 Configuring FTP |
853 |
| 50.10 SNMP |
855 |
| 50.10.1 Supported MIBs |
857 |
| 50.10.2 SNMP Traps |
857 |
| 50.10.3 Configuring SNMP |
857 |
| 50.11 Dial-in Management |
859 |
| 50.11.1 Configuring Dial-in Mgmt |
860 |
| 50.12 Vantage CNM |
861 |
| 50.12.1 Configuring Vantage CNM |
862 |
| 50.13 Language Screen |
864 |
| Log and Report |
865 |
| 51.1 Overview |
865 |
| 51.1.1 What You Can Do In this Chapter |
865 |
| 51.2 Email Daily Report |
865 |
| 51.3 Log Setting Screens |
867 |
| 51.3.1 Log Setting Summary |
868 |
| 51.3.2 Edit System Log Settings |
869 |
| 51.3.3 Edit Remote Server Log Settings |
874 |
| 51.3.4 Active Log Summary Screen |
876 |
| File Manager |
879 |
| 52.1 Overview |
879 |
| 52.1.1 What You Can Do in this Chapter |
879 |
| 52.1.2 What you Need to Know |
879 |
| 52.2 The Configuration File Screen |
882 |
| 52.3 The Firmware Package Screen |
886 |
| 52.4 The Shell Script Screen |
888 |
| Diagnostics |
891 |
| 53.1 Overview |
891 |
| 53.1.1 What You Can Do in this Chapter |
891 |
| 53.2 The Diagnostic Screen |
891 |
| 53.3 The Packet Capture Screen |
892 |
| 53.3.1 The Packet Capture Files Screen |
895 |
| 53.3.2 Example of Viewing a Packet Capture File |
896 |
| Reboot |
899 |
| 54.1 Overview |
899 |
| 54.1.1 What You Need To Know |
899 |
| 54.2 The Reboot Screen |
899 |
| Shutdown |
901 |
| 55.1 Overview |
901 |
| 55.1.1 What You Need To Know |
901 |
| 55.2 The Shutdown Screen |
901 |
| Troubleshooting |
903 |
| 56.1 Resetting the ZyWALL |
920 |
| 56.2 Getting More Troubleshooting Help |
921 |
| Product Specifications |
923 |
| 57.1 3G or WLAN PCMCIA Card Installation |
932 |
| 57.2 Power Adaptor Specifications |
932 |
| Log Descriptions |
935 |
| Common Services |
995 |
| Displaying Anti-Virus Alert Messages in Windows |
999 |
| Importing Certificates |
1005 |
| Wireless LANs |
1031 |
| Open Software Announcements |
1047 |
| Legal Information |
1103 |
1
302
303
304
305
306
307
308
309
310
311
312
