ZyXEL 2WG User Manual

ZyWALL 2WG

Internet Security Appliance

User’s Guide

Version 4.02
1/2007
Edition 1

www.zyxel.com

About This User's Guide

About This User's Guide

Intended Audience

This manual is intended for people who want to configure the ZyWALL using the web
configurator or System Management Terminal (SMT). You should have at least a basic
knowledge of TCP/IP networking concepts and topology.

Related Documentation

• Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. It contains

information on setting up your network and configuring for Internet access.

• Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary

information.

• Supporting Disk
Refer to the included CD for support documents.

• ZyXEL Web Site
Please refer to www.zyxel.com

certifications.

for additional support documentation and product

User Guide Feedback

Help us help you. Send all User Guide-related comments, questions or suggestions for
improvement to the following address, or use e-mail instead. Thank you!

The Technical Writing Team,
ZyXEL Communications Corp.,
6 Innovation Road II,
Science-Based Industrial Park,
Hsinchu, 300, Taiwan.

E-mail: techwriters@zyxel.com.tw

ZyWALL 2WG User’s Guide

3

Document Conventions

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

1 Warnings tell you about things that could harm you or your device.

" Notes tell you other important information (for example, other things you may

need to configure or helpful tips) or recommendations.

Syntax Conventions

• The ZyWALL 2WG may be referred to as the “ZyWALL”, the “device” or the “system” in
this User’s Guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER]
means the “enter” or “return” key on your keyboard.

• “Enter” means for you to type one or more characters and then press the [ENTER] key.
“Select” or “choose” means for you to use one of the predefined choices.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example,
Maintenance > Log > Log Setting means you first click Maintenance in the navigation
panel, then the Log sub menu and finally the Log Setting tab to get to that screen.

• Units of measurement may denote the “metric” value or the “scientific” value. For
example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000”
or “1048576” and so on.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

4

ZyWALL 2WG User’s Guide

Document Conventions

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyWALL icon is not an
exact representation of your device.

ZyWALL Computer Notebook computer

Server DSLAM Firewall

Telephone Switch Router

ZyWALL 2WG User’s Guide

5

Safety Warnings

Safety Warnings

1 For your safety, be sure to read and follow all warning notices and instructions.

• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk
of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• Do NOT open the device or unit. Opening or removing covers can expose you to
dangerous high voltage points or other risks. ONLY qualified service personnel should
service or disassemble this device. Please contact your vendor for further information.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device.

• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in
North America or 230V AC in Europe).

• Not to remove the plug and plug into a wall outlet by itself; always attach the plug to the
power supply first before insert into the wall.

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the
product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause
electrocution.

• If the power adaptor or cord is damaged, remove it from the power outlet.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a
new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a
remote risk of electric shock from lightning.

• CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED
BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE
INSTRUCTIONS. Dispose them at the applicable collection point for the recycling of
electrical and electronic equipment. For detailed information about recycling of this
product, please contact your local city office, your household waste disposal service or the
store where you purchased the product.

• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your
device.

6

ZyWALL 2WG User’s Guide

Safety Warnings

• Antenna Warning! This device meets ETSI and FCC certification requirements when
using the included antenna(s). Only use the included antenna(s).

• If you wall mount your device, make sure that no electrical lines, gas or water pipes will
be damaged.

This product is recyclable. Dispose of it properly.

ZyWALL 2WG User’s Guide

7

Safety Warnings

8

ZyWALL 2WG User’s Guide

Contents Overview

Contents Overview

Introduction ............................................................................................................................ 49

Getting to Know Your ZyWALL .................................................................................................. 51

Introducing the Web Configurator .............................................................................................. 55

Wizard Setup ............................................................................................................................. 75

Tutorial ....................................................................................................................................... 95

Registration ............................................................................................................................. 107

Network ................................................................................................................................. 111

LAN Screens ............................................................................................................................113

Bridge Screens ........................................................................................................................ 125

WAN Screens .......................................................................................................................... 131

DMZ Screens ........................................................................................................................... 163

Wireless LAN ........................................................................................................................... 173

Security ................................................................................................................................. 199

Firewall .................................................................................................................................... 201

Content Filtering Screens ........................................................................................................ 231

Content Filtering Reports ......................................................................................................... 249

IPSec VPN ............................................................................................................................... 257

Certificates ............................................................................................................................... 297

Authentication Server .............................................................................................................. 323

Advanced .............................................................................................................................. 327

Network Address Translation (NAT) ........................................................................................ 329

Static Route ............................................................................................................................. 345

Policy Route ............................................................................................................................ 349

Bandwidth Management .......................................................................................................... 355

DNS ......................................................................................................................................... 371

Remote Management ..............................................................................................................383

UPnP ....................................................................................................................................... 405

ALG Screen ............................................................................................................................. 415

Reports, Logs and Maintenance .........................................................................................421

Logs Screens ........................................................................................................................... 423

Maintenance ............................................................................................................................ 451

ZyWALL 2WG User’s Guide

9

Contents Overview

SMT and Troubleshooting ................................................................................................... 467

Introducing the SMT ................................................................................................................ 469

SMT Menu 1 - General Setup .................................................................................................. 477

WAN and Dial Backup Setup ................................................................................................... 483

LAN Setup ............................................................................................................................... 497

Internet Access ........................................................................................................................ 503

DMZ Setup .............................................................................................................................. 509

Route Setup ............................................................................................................................. 513

Wireless Setup ........................................................................................................................ 517

Remote Node Setup ................................................................................................................ 521

IP Static Route Setup .............................................................................................................. 529

Network Address Translation (NAT) ........................................................................................ 533

Introducing the ZyWALL Firewall ............................................................................................. 553

Filter Configuration .................................................................................................................. 555

SNMP Configuration ................................................................................................................ 571

System Information & Diagnosis ............................................................................................. 573

Firmware and Configuration File Maintenance ........................................................................ 585

System Maintenance Menus 8 to 10 ....................................................................................... 599

Remote Management ..............................................................................................................607

IP Policy Routing ......................................................................................................................611

Call Scheduling ........................................................................................................................ 619

Troubleshooting ....................................................................................................................... 623

Appendices and Index ......................................................................................................... 629

10

ZyWALL 2WG User’s Guide

Table of Contents

Table of Contents

About This User's Guide ..........................................................................................................3

Document Conventions............................................................................................................4

Safety Warnings........................................................................................................................ 6

Contents Overview ...................................................................................................................9

Table of Contents.................................................................................................................... 11

List of Figures ......................................................................................................................... 29

List of Tables...........................................................................................................................41

Part I: Introduction................................................................................. 49

Chapter 1

Getting to Know Your ZyWALL.............................................................................................. 51

1.1 ZyWALL Internet Security Appliance Overview ................................................................... 51

1.2 Ways to Manage the ZyWALL ............................................................................................. 51

1.3 Good Habits for Managing the ZyWALL .............................................................................. 52

1.4 Applications for the ZyWALL ............................................................................................... 52

1.4.1 Secure Broadband Internet Access via Cable or DSL Modem .................................. 52

1.4.2 VPN Application ......................................................................................................... 53

1.4.3 3G WAN Application ................................................................................................... 53

1.4.4 Front Panel Lights ...................................................................................................... 54

Chapter 2

Introducing the Web Configurator ........................................................................................55

2.1 Web Configurator Overview ................................................................................................. 55

2.2 Accessing the ZyWALL Web Configurator .......................................................................... 55

2.3 Resetting the ZyWALL ......................................................................................................... 57

2.3.1 Procedure To Use The Reset Button ......................................................................... 57

2.3.2 Uploading a Configuration File Via Console Port ....................................................... 57

2.4 Navigating the ZyWALL Web Configurator .......................................................................... 58

2.4.1 Title Bar ...................................................................................................................... 58

2.4.2 Main Window ..............................................................................................................59

2.4.3 HOME Screen: Router Mode ................................................................................... 59

2.4.4 HOME Screen: Bridge Mode .................................................................................... 62

ZyWALL 2WG User’s Guide

11

Table of Contents

2.4.5 Navigation Panel ........................................................................................................ 65

2.4.6 Port Statistics ........................................................................................................... 69

2.4.7 Show Statistics: Line Chart ........................................................................................ 70

2.4.8 DHCP Table Screen ................................................................................................ 71

2.4.9 VPN Status ................................................................................................................. 72

2.4.10 Bandwidth Monitor .................................................................................................. 73

Chapter 3

Wizard Setup ........................................................................................................................... 75

3.1 Wizard Setup Overview ...................................................................................................... 75

3.2 Internet Access ................................................................................................................... 75

3.2.1 ISP Parameters .......................................................................................................... 76

3.2.2 Internet Access Wizard: Second Screen .................................................................... 80

3.2.3 Internet Access Wizard: Registration ......................................................................... 81

3.2.4 Internet Access Wizard: Status .................................................................................. 83

3.2.5 Internet Access Wizard: Service Activation ............................................................... 84

3.3 VPN Wizard Gateway Setting .............................................................................................. 84

3.4 VPN Wizard Network Setting ............................................................................................... 86

3.5 VPN Wizard IKE Tunnel Setting (IKE Phase 1) ................................................................... 87

3.6 VPN Wizard IPSec Setting (IKE Phase 2) ........................................................................... 89

3.7 VPN Wizard Status Summary .............................................................................................. 90

3.8 VPN Wizard Setup Complete .............................................................................................. 93

Chapter 4

Tutorial ..................................................................................................................................... 95

4.1 Security Settings for VPN Traffic ......................................................................................... 95

4.2 Firewall Rule for VPN Example ........................................................................................... 95

4.2.1 Configuring the VPN Rule .......................................................................................... 96

4.2.2 Configuring the Firewall Rules ................................................................................... 99

4.3 How to Set up a 3G WAN Connection ............................................................................... 103

4.3.1 Configuring 3G WAN Settings .................................................................................. 103

4.3.2 Configuring Load Balancing ..................................................................................... 104

4.3.3 Inserting a 3G Card .................................................................................................. 104

4.3.4 Checking WAN Connections .................................................................................... 104

Chapter 5

Registration........................................................................................................................... 107

5.1 myZyXEL.com overview .................................................................................................... 107

5.1.1 Content Filtering Subscription Service ..................................................................... 107

5.2 Registration ....................................................................................................................... 108

5.3 Service ............................................................................................................................... 109

12

ZyWALL 2WG User’s Guide

Table of Contents

Part II: Network...................................................................................... 111

Chapter 6

LAN Screens.......................................................................................................................... 113

6.1 LAN, WAN and the ZyWALL ...............................................................................................113

6.2 IP Address and Subnet Mask .............................................................................................113

6.2.1 Private IP Addresses .................................................................................................114

6.3 DHCP .................................................................................................................................115

6.3.1 IP Pool Setup ............................................................................................................115

6.4 RIP Setup ...........................................................................................................................115

6.5 Multicast .............................................................................................................................115

6.6 WINS ..................................................................................................................................116

6.7 LAN .....................................................................................................................................116

6.8 LAN Static DHCP ................................................................................................................119

6.9 LAN IP Alias .................................................................................................................... 120

6.10 LAN Port Roles ................................................................................................................ 122

Chapter 7

Bridge Screens...................................................................................................................... 125

7.1 Bridge Loop ....................................................................................................................... 125

7.2 Spanning Tree Protocol (STP) ........................................................................................... 126

7.2.1 Rapid STP ................................................................................................................126

7.2.2 STP Terminology ...................................................................................................... 126

7.2.3 How STP Works ....................................................................................................... 126

7.2.4 STP Port States ........................................................................................................ 127

7.3 Bridge ................................................................................................................................ 127

7.4 Bridge Port Roles ............................................................................................................. 129

Chapter 8

WAN Screens......................................................................................................................... 131

8.1 WAN Overview .................................................................................................................. 131

8.2 Multiple WAN ..................................................................................................................... 131

8.3 Load Balancing Introduction .............................................................................................. 132

8.4 Load Balancing Algorithms ................................................................................................ 132

8.4.1 Least Load First ....................................................................................................... 132

8.4.2 Weighted Round Robin ............................................................................................ 133

8.4.3 Spillover .................................................................................................................... 134

8.5 TCP/IP Priority (Metric) ...................................................................................................... 135

8.6 WAN General ..................................................................................................................... 135

8.7 Configuring Load Balancing .............................................................................................. 139

8.7.1 Least Load First ....................................................................................................... 139

8.7.2 Weighted Round Robin ............................................................................................ 140

8.7.3 Spillover .................................................................................................................... 140

ZyWALL 2WG User’s Guide

13

Table of Contents

8.8 WAN IP Address Assignment ............................................................................................ 141

8.9 DNS Server Address Assignment ..................................................................................... 142

8.10 WAN MAC Address ......................................................................................................... 142

8.11 WAN 1 ............................................................................................................................ 143

8.11.1 WAN Ethernet Encapsulation ................................................................................. 143

8.11.2 PPPoE Encapsulation ............................................................................................ 146

8.11.3 PPTP Encapsulation ............................................................................................... 149

8.12 WAN 2 (3G WAN) ...........................................................................................................152

8.13 Traffic Redirect ........................................................................................................... 156

8.14 Configuring Traffic Redirect ............................................................................................. 156

8.15 Configuring Dial Backup .................................................................................................. 157

8.16 Advanced Modem Setup ............................................................................................... 160

8.16.1 AT Command Strings ............................................................................................. 160

8.16.2 DTR Signal ............................................................................................................. 161

8.16.3 Response Strings ................................................................................................... 161

8.17 Configuring Advanced Modem Setup .............................................................................. 161

Chapter 9

DMZ Screens ......................................................................................................................... 163

9.1 DMZ ................................................................................................................................. 163

9.2 Configuring DMZ ............................................................................................................... 163

9.3 DMZ Static DHCP ............................................................................................................ 166

9.4 DMZ IP Alias .................................................................................................................... 167

9.5 DMZ Public IP Address Example ...................................................................................... 169

9.6 DMZ Private and Public IP Address Example ................................................................... 170

9.7 DMZ Port Roles ............................................................................................................... 171

Chapter 10

Wireless LAN.........................................................................................................................173

10.1 Wireless LAN Introduction ............................................................................................... 173

10.2 Configuring WLAN ......................................................................................................... 174

10.3 WLAN Static DHCP ....................................................................................................... 177

10.4 WLAN IP Alias ............................................................................................................... 178

10.5 WLAN Port Roles ........................................................................................................... 180

10.6 Wireless Security Overview ............................................................................................. 182

10.6.1 SSID ....................................................................................................................... 182

10.6.2 MAC Address Filter ................................................................................................ 183

10.6.3 User Authentication ................................................................................................ 183

10.6.4 Encryption ..............................................................................................................183

10.6.5 Additional Installation Requirements for Using 802.1x ........................................... 184

10.7 Wireless Card ................................................................................................................ 185

10.7.1 SSID Profile ...........................................................................................................187

10.8 Configuring Wireless Security ......................................................................................... 188

14

ZyWALL 2WG User’s Guide

Table of Contents

10.8.1 No Security .............................................................................................................190

10.8.2 Static WEP ............................................................................................................. 190

10.8.3 IEEE 802.1x Only ................................................................................................... 191

10.8.4 IEEE 802.1x + Static WEP ..................................................................................... 192

10.8.5 WPA, WPA2, WPA2-MIX ........................................................................................ 194

10.8.6 WPA-PSK, WPA2-PSK, WPA2-PSK-MIX ............................................................... 195

10.9 MAC Filter ....................................................................................................................... 196

Part III: Security.................................................................................... 199

Chapter 11

Firewall................................................................................................................................... 201

11.1 Firewall Overview ............................................................................................................ 201

11.2 Packet Direction Matrix .................................................................................................... 202

11.3 Packet Direction Examples .............................................................................................. 203

11.3.1 To VPN Packet Direction ........................................................................................ 204

11.3.2 From VPN Packet Direction ................................................................................... 206

11.3.3 From VPN To VPN Packet Direction ...................................................................... 207

11.4 Security Considerations ...................................................................................................209

11.5 Firewall Rules Example ................................................................................................... 209

11.6 Asymmetrical Routes ........................................................................................................211

11.6.1 Asymmetrical Routes and IP Alias ..........................................................................211

11.7 Firewall Default Rule (Router Mode) ................................................................................ 212

11.8 Firewall Default Rule (Bridge Mode) .............................................................................. 214

11.9 Firewall Rule Summary ................................................................................................... 215

11.9.1 Firewall Edit Rule .............................................................................................. 217

11.10 Anti-Probing ............................................................................................................... 220

11.11 Firewall Thresholds ..................................................................................................... 221

11.11.1 Threshold Values .................................................................................................. 222

11.12 Threshold Screen ........................................................................................................... 222

11.13 Service .......................................................................................................................... 224

11.13.1 Firewall Edit Custom Service .............................................................................. 225

11.14 My Service Firewall Rule Example ................................................................................ 226

Chapter 12

Content Filtering Screens ....................................................................................................231

12.1 Content Filtering Overview .............................................................................................. 231

12.1.1 Restrict Web Features ........................................................................................... 231

12.1.2 Create a Filter List .................................................................................................. 231

12.1.3 Customize Web Site Access ................................................................................. 231

12.2 Content Filter General Screen ........................................................................................ 231

ZyWALL 2WG User’s Guide

15

Table of Contents

12.3 Content Filtering with an External Database ................................................................... 234

12.4 Content Filter Categories ..............................................................................................234

12.5 Content Filter Customization ........................................................................................ 243

12.6 Customizing Keyword Blocking URL Checking ............................................................... 245

12.6.1 Domain Name or IP Address URL Checking ......................................................... 246

12.6.2 Full Path URL Checking ......................................................................................... 246

12.6.3 File Name URL Checking ....................................................................................... 246

12.7 Content Filtering Cache .................................................................................................246

Chapter 13

Content Filtering Reports.....................................................................................................249

13.1 Checking Content Filtering Activation .............................................................................. 249

13.2 Viewing Content Filtering Reports ................................................................................... 249

13.3 Web Site Submission .......................................................................................................254

Chapter 14

IPSec VPN.............................................................................................................................. 257

14.1 IPSec VPN Overview ..................................................................................................... 257

14.1.1 IKE SA Overview .................................................................................................... 258

14.2 VPN Rules (IKE) .............................................................................................................. 259

14.3 IKE SA Setup .................................................................................................................. 261

14.3.1 IKE SA Proposal .................................................................................................... 261

14.4 Additional IPSec VPN Topics ........................................................................................... 265

14.4.1 SA Life Time ........................................................................................................... 265

14.4.2 IPSec High Availability ........................................................................................... 266

14.4.3 Encryption and Authentication Algorithms ............................................................. 267

14.5 VPN Rules (IKE) Gateway Policy Edit ............................................................................. 267

14.6 IPSec SA Overview .....................................................................................................273

14.6.1 Local Network and Remote Network ...................................................................... 273

14.6.2 Active Protocol ....................................................................................................... 273

14.6.3 Encapsulation ......................................................................................................... 274

14.6.4 IPSec SA Proposal and Perfect Forward Secrecy ................................................. 274

14.7 VPN Rules (IKE): Network Policy Edit ............................................................................ 275

14.8 VPN Rules (IKE): Network Policy Move ........................................................................ 279

14.9 Dialing the VPN Tunnel via Web Configurator ................................................................. 280

14.10 VPN Troubleshooting ..................................................................................................... 281

14.10.1 VPN Log ............................................................................................................... 282

14.11 IPSec Debug .................................................................................................................. 283

14.12 IPSec SA Using Manual Keys ................................................................................... 284

14.12.1 IPSec SA Proposal Using Manual Keys ............................................................... 284

14.12.2 Authentication and the Security Parameter Index (SPI) ....................................... 284

14.13 VPN Rules (Manual) ...................................................................................................... 284

14.14 VPN Rules (Manual): Edit ........................................................................................... 286

16

ZyWALL 2WG User’s Guide

Table of Contents

14.15 VPN SA Monitor .......................................................................................................... 289

14.16 VPN Global Setting ....................................................................................................... 289

14.17 Telecommuter VPN/IPSec Examples ............................................................................ 291

14.17.1 Telecommuters Sharing One VPN Rule Example ................................................ 291

14.17.2 Telecommuters Using Unique VPN Rules Example ............................................. 292

14.18 VPN and Remote Management ..................................................................................... 294

14.19 Hub-and-spoke VPN ...................................................................................................... 294

14.19.1 Hub-and-spoke VPN Example ............................................................................. 295

14.19.2 Hub-and-spoke Example VPN Rule Addresses ................................................... 295

14.19.3 Hub-and-spoke VPN Requirements and Suggestions ......................................... 296

Chapter 15

Certificates ............................................................................................................................297

15.1 Certificates Overview ....................................................................................................... 297

15.1.1 Advantages of Certificates ..................................................................................... 298

15.2 Self-signed Certificates .................................................................................................... 298

15.3 Verifying a Certificate ....................................................................................................... 298

15.3.1 Checking the Fingerprint of a Certificate on Your Computer .................................. 298

15.4 Configuration Summary ................................................................................................... 299

15.5 My Certificates ................................................................................................................ 300

15.6 My Certificate Details ..................................................................................................... 301

15.7 My Certificate Export ...................................................................................................... 304

15.7.1 Certificate File Export Formats ............................................................................... 304

15.8 My Certificate Import ..................................................................................................... 305

15.8.1 Certificate File Formats .......................................................................................... 306

15.9 My Certificate Create ..................................................................................................... 308

15.10 Trusted CAs ................................................................................................................. 310

15.11 Trusted CA Details .........................................................................................................311

15.12 Trusted CA Import ....................................................................................................... 314

15.13 Trusted Remote Hosts ................................................................................................. 315

15.14 Trusted Remote Hosts Import ...................................................................................... 317

15.15 Trusted Remote Host Certificate Details ..................................................................... 318

15.16 Directory Servers .......................................................................................................... 320

15.17 Directory Server Add or Edit ........................................................................................ 321

Chapter 16

Authentication Server...........................................................................................................323

16.1 Authentication Server Overview ...................................................................................... 323

16.1.1 Local User Database .............................................................................................. 323

16.1.2 RADIUS ..................................................................................................................323

16.2 Local User Database .....................................................................................................323

16.3 RADIUS ......................................................................................................................... 325

ZyWALL 2WG User’s Guide

17

Table of Contents

Part IV: Advanced ................................................................................ 327

Chapter 17

Network Address Translation (NAT).................................................................................... 329

17.1 NAT Overview ................................................................................................................ 329

17.1.1 NAT Definitions ...................................................................................................... 329

17.1.2 What NAT Does ..................................................................................................... 330

17.1.3 How NAT Works ..................................................................................................... 330

17.1.4 NAT Application ...................................................................................................... 331

17.1.5 Port Restricted Cone NAT ...................................................................................... 332

17.1.6 NAT Mapping Types ............................................................................................... 332

17.2 Using NAT ........................................................................................................................ 333

17.2.1 SUA (Single User Account) Versus NAT ................................................................ 333

17.3 NAT Overview Screen ..................................................................................................... 334

17.4 NAT Address Mapping ................................................................................................... 335

17.4.1 What NAT Does ..................................................................................................... 335

17.4.2 NAT Address Mapping Edit .................................................................................. 337

17.5 Port Forwarding .............................................................................................................. 338

17.5.1 Default Server IP Address ...................................................................................... 339

17.5.2 Port Forwarding: Services and Port Numbers ........................................................ 339

17.5.3 Configuring Servers Behind Port Forwarding (Example) ....................................... 340

17.5.4 NAT and Multiple WAN ........................................................................................... 340

17.5.5 Port Translation ...................................................................................................... 340

17.6 Port Forwarding Screen ................................................................................................... 341

17.7 Port Triggering ............................................................................................................... 343

Chapter 18

Static Route ........................................................................................................................... 345

18.1 IP Static Route .............................................................................................................. 345

18.2 IP Static Route ................................................................................................................. 345

18.2.1 IP Static Route Edit .............................................................................................. 347

Chapter 19

Policy Route .......................................................................................................................... 349

19.1 Policy Route ................................................................................................................... 349

19.2 Benefits ............................................................................................................................ 349

19.3 Routing Policy .................................................................................................................. 349

19.4 IP Routing Policy Setup ...................................................................................................350

19.5 Policy Route Edit ............................................................................................................ 351

Chapter 20

Bandwidth Management.......................................................................................................355

20.1 Bandwidth Management Overview ................................................................................. 355

18

ZyWALL 2WG User’s Guide

Table of Contents

20.2 Bandwidth Classes and Filters ........................................................................................ 355

20.3 Proportional Bandwidth Allocation ................................................................................... 356

20.4 Application-based Bandwidth Management .................................................................... 356

20.5 Subnet-based Bandwidth Management .......................................................................... 356

20.6 Application and Subnet-based Bandwidth Management ................................................. 356

20.7 Scheduler ........................................................................................................................ 357

20.7.1 Priority-based Scheduler ........................................................................................ 357

20.7.2 Fairness-based Scheduler ..................................................................................... 357

20.7.3 Maximize Bandwidth Usage ................................................................................... 357

20.7.4 Reserving Bandwidth for Non-Bandwidth Class Traffic .......................................... 357

20.7.5 Maximize Bandwidth Usage Example .................................................................... 358

20.8 Bandwidth Borrowing .......................................................................................................359

20.8.1 Bandwidth Borrowing Example .............................................................................. 359

20.9 Maximize Bandwidth Usage With Bandwidth Borrowing ................................................. 360

20.10 Over Allotment of Bandwidth ......................................................................................... 361

20.11 Configuring Summary .................................................................................................... 361

20.12 Configuring Class Setup .............................................................................................. 363

20.12.1 Bandwidth Manager Class Configuration ........................................................... 364

20.12.2 Bandwidth Management Statistics ................................................................... 367

20.13 Bandwidth Manager Monitor ........................................................................................ 368

Chapter 21

DNS ........................................................................................................................................ 371

21.1 DNS Overview ............................................................................................................... 371

21.2 DNS Server Address Assignment ................................................................................... 371

21.3 DNS Servers .................................................................................................................... 371

21.4 Address Record ............................................................................................................... 372

21.4.1 DNS Wildcard ......................................................................................................... 372

21.5 Name Server Record ....................................................................................................... 372

21.5.1 Private DNS Server ................................................................................................ 372

21.6 System Screen ................................................................................................................ 373

21.6.1 Adding an Address Record .................................................................................. 375

21.6.2 Inserting a Name Server Record .......................................................................... 376

21.7 DNS Cache .................................................................................................................... 377

21.8 Configure DNS Cache ..................................................................................................... 377

21.9 Configuring DNS DHCP ................................................................................................ 379

21.10 Dynamic DNS .............................................................................................................. 380

21.10.1 DYNDNS Wildcard ............................................................................................... 380

21.10.2 High Availability .................................................................................................... 381

21.11 Configuring Dynamic DNS ............................................................................................. 381

Chapter 22

Remote Management............................................................................................................ 383

ZyWALL 2WG User’s Guide

19

Table of Contents

22.1 Remote Management Overview ...................................................................................... 383

22.1.1 Remote Management Limitations .......................................................................... 384

22.1.2 System Timeout ..................................................................................................... 384

22.2 WWW (HTTP and HTTPS) ............................................................................................. 384

22.3 WWW .............................................................................................................................. 385

22.4 HTTPS Example .............................................................................................................. 387

22.4.1 Internet Explorer Warning Messages ..................................................................... 387

22.4.2 Netscape Navigator Warning Messages ................................................................ 387

22.4.3 Avoiding the Browser Warning Messages .............................................................. 388

22.4.4 Login Screen .......................................................................................................... 389

22.5 SSH .............................................................................................................................. 391

22.6 How SSH Works .............................................................................................................. 391

22.7 SSH Implementation on the ZyWALL .............................................................................. 392

22.7.1 Requirements for Using SSH ................................................................................. 392

22.8 Configuring SSH .............................................................................................................. 393

22.9 Secure Telnet Using SSH Examples ............................................................................... 394

22.9.1 Example 1: Microsoft Windows .............................................................................. 394

22.9.2 Example 2: Linux .................................................................................................... 394

22.10 Secure FTP Using SSH Example .................................................................................. 395

22.11 Telnet ........................................................................................................................... 396

22.12 Configuring TELNET ..................................................................................................... 396

22.13 FTP .............................................................................................................................. 397

22.14 SNMP .......................................................................................................................... 398

22.14.1 Supported MIBs .................................................................................................. 399

22.14.2 SNMP Traps ......................................................................................................... 400

22.14.3 REMOTE MANAGEMENT: SNMP ....................................................................... 400

22.15 DNS ............................................................................................................................. 401

22.16 Introducing Vantage CNM ............................................................................................. 402

22.17 Configuring CNM ........................................................................................................... 402

Chapter 23

UPnP ...................................................................................................................................... 405

23.1 Universal Plug and Play Overview ................................................................................ 405

23.1.1 How Do I Know If I'm Using UPnP? ....................................................................... 405

23.1.2 NAT Traversal ........................................................................................................ 405

23.1.3 Cautions with UPnP ............................................................................................... 405

23.1.4 UPnP and ZyXEL ................................................................................................... 406

23.2 Configuring UPnP ............................................................................................................ 406

23.3 Displaying UPnP Port Mapping .................................................................................... 407

23.4 Installing UPnP in Windows Example .............................................................................. 408

23.4.1 Installing UPnP in Windows Me ............................................................................. 409

23.4.2 Installing UPnP in Windows XP ............................................................................. 410

23.5 Using UPnP in Windows XP Example ............................................................................. 410

20

ZyWALL 2WG User’s Guide

Table of Contents

23.5.1 Auto-discover Your UPnP-enabled Network Device ...............................................411

23.5.2 Web Configurator Easy Access ............................................................................. 412

Chapter 24

ALG Screen ........................................................................................................................... 415

24.1 ALG Introduction ............................................................................................................. 415

24.1.1 ALG and NAT ......................................................................................................... 415

24.1.2 ALG and the Firewall .............................................................................................. 415

24.1.3 ALG and Multiple WAN .......................................................................................... 416

24.2 FTP .................................................................................................................................. 416

24.3 H.323 ............................................................................................................................... 416

24.4 RTP .................................................................................................................................. 416

24.4.1 H.323 ALG Details ................................................................................................. 416

24.5 SIP ................................................................................................................................... 418

24.5.1 STUN ..................................................................................................................... 418

24.5.2 SIP ALG Details ..................................................................................................... 418

24.5.3 SIP Signaling Session Timeout .............................................................................. 419

24.5.4 SIP Audio Session Timeout .................................................................................... 419

24.6 ALG Screen ..................................................................................................................... 419

Part V: Reports, Logs and Maintenance ............................................ 421

Chapter 25

Logs Screens ........................................................................................................................423

25.1 Configuring View Log ...................................................................................................... 423

25.2 Log Description Example ................................................................................................. 424

25.2.1 About the Certificate Not Trusted Log .................................................................... 425

25.3 Configuring Log Settings ................................................................................................ 426

25.4 Configuring Reports ....................................................................................................... 429

25.4.1 Viewing Web Site Hits ............................................................................................ 431

25.4.2 Viewing Host IP Address ........................................................................................ 431

25.4.3 Viewing Protocol/Port ............................................................................................. 432

25.4.4 System Reports Specifications ............................................................................... 434

25.5 Log Descriptions .............................................................................................................. 434

25.6 Syslog Logs ..................................................................................................................... 448

Chapter 26

Maintenance .......................................................................................................................... 451

26.1 Maintenance Overview .................................................................................................... 451

26.2 General Setup and System Name ................................................................................... 451

26.2.1 General Setup ....................................................................................................... 451

ZyWALL 2WG User’s Guide

21

Table of Contents

26.3 Configuring Password .................................................................................................... 452

26.4 Time and Date ................................................................................................................ 453

26.5 Pre-defined NTP Time Server Pools ............................................................................... 456

26.5.1 Resetting the Time ................................................................................................. 456

26.5.2 Time Server Synchronization ................................................................................. 456

26.6 Introduction To Transparent Bridging ............................................................................... 457

26.7 Transparent Firewalls ...................................................................................................... 458

26.8 Configuring Device Mode (Router) ................................................................................. 458

26.9 Configuring Device Mode (Bridge) ................................................................................. 460

26.10 F/W Upload Screen ...................................................................................................... 461

26.11 Backup and Restore ..................................................................................................... 463

26.11.1 Backup Configuration ........................................................................................... 464

26.11.2 Restore Configuration .......................................................................................... 464

26.11.3 Back to Factory Defaults ..................................................................................... 465

26.12 Restart Screen .............................................................................................................. 466

Part VI: SMT and Troubleshooting ..................................................... 467

Chapter 27

Introducing the SMT .............................................................................................................469

27.1 Introduction to the SMT ...................................................................................................469

27.2 Accessing the SMT via the Console Port ........................................................................ 469

27.2.1 Initial Screen ..........................................................................................................469

27.2.2 Entering the Password ........................................................................................... 470

27.3 Navigating the SMT Interface .......................................................................................... 470

27.3.1 Main Menu ............................................................................................................. 471

27.3.2 SMT Menus Overview ............................................................................................ 473

27.4 Changing the System Password ..................................................................................... 474

27.5 Resetting the ZyWALL ..................................................................................................... 475

Chapter 28

SMT Menu 1 - General Setup ............................................................................................... 477

28.1 Introduction to General Setup .......................................................................................... 477

28.2 Configuring General Setup .............................................................................................. 477

28.2.1 Configuring Dynamic DNS ..................................................................................... 479

Chapter 29

WAN and Dial Backup Setup................................................................................................ 483

29.1 Introduction to WAN, 3G WAN and Dial Backup Setup ................................................... 483

29.2 WAN Setup ...................................................................................................................... 483

29.3 Dial Backup ..................................................................................................................... 484

22

ZyWALL 2WG User’s Guide

Table of Contents

29.3.1 Configuring Dial Backup in Menu 2 ........................................................................ 484

29.3.2 Advanced WAN Setup ........................................................................................... 485

29.3.3 Remote Node Profile (Backup ISP) ........................................................................ 487

29.3.4 Editing TCP/IP Options .......................................................................................... 489

29.3.5 Editing Login Script ................................................................................................ 490

29.3.6 Remote Node Filter ................................................................................................ 492

29.4 3G WAN ........................................................................................................................... 492

29.4.1 3G Modem Setup ................................................................................................... 492

29.4.2 Remote Node Profile (3G WAN) ............................................................................ 493

Chapter 30

LAN Setup.............................................................................................................................. 497

30.1 Introduction to LAN Setup ............................................................................................... 497

30.2 Accessing the LAN Menus .............................................................................................. 497

30.3 LAN Port Filter Setup ....................................................................................................... 497

30.4 TCP/IP and DHCP Ethernet Setup Menu ........................................................................ 498

30.4.1 IP Alias Setup ......................................................................................................... 501

Chapter 31

Internet Access ..................................................................................................................... 503

31.1 Introduction to Internet Access Setup .............................................................................. 503

31.2 Ethernet Encapsulation ................................................................................................... 503

31.3 Configuring the PPTP Client ............................................................................................ 505

31.4 Configuring the PPPoE Client ......................................................................................... 506

31.5 Basic Setup Complete ..................................................................................................... 507

Chapter 32

DMZ Setup ............................................................................................................................. 509

32.1 Configuring DMZ Setup ................................................................................................... 509

32.2 DMZ Port Filter Setup ...................................................................................................... 509

32.3 TCP/IP Setup ................................................................................................................... 510

32.3.1 IP Address ..............................................................................................................510

32.3.2 IP Alias Setup ..........................................................................................................511

Chapter 33

Route Setup........................................................................................................................... 513

33.1 Configuring Route Setup ................................................................................................. 513

33.2 Route Assessment ..........................................................................................................513

33.3 Traffic Redirect ................................................................................................................ 514

33.4 Route Failover ................................................................................................................. 515

Chapter 34

Wireless Setup ...................................................................................................................... 517

ZyWALL 2WG User’s Guide

23

Table of Contents

34.1 TCP/IP Setup ................................................................................................................... 517

34.1.1 IP Address ..............................................................................................................517

34.1.2 IP Alias Setup ......................................................................................................... 518

Chapter 35

Remote Node Setup..............................................................................................................521

35.1 Introduction to Remote Node Setup ................................................................................ 521

35.2 Remote Node Setup ........................................................................................................ 521

35.3 Remote Node Profile Setup ............................................................................................. 521

35.3.1 Ethernet Encapsulation .......................................................................................... 522

35.3.2 PPPoE Encapsulation ............................................................................................ 523

35.3.3 PPTP Encapsulation .............................................................................................. 524

35.4 Edit IP .............................................................................................................................. 525

35.5 Remote Node Filter ......................................................................................................... 527

Chapter 36

IP Static Route Setup............................................................................................................ 529

36.1 IP Static Route Setup ...................................................................................................... 529

Chapter 37

Network Address Translation (NAT).................................................................................... 533

37.1 Using NAT ........................................................................................................................ 533

37.1.1 SUA (Single User Account) Versus NAT ................................................................ 533

37.1.2 Applying NAT ......................................................................................................... 533

37.2 NAT Setup ....................................................................................................................... 535

37.2.1 Address Mapping Sets ........................................................................................... 536

37.3 Configuring a Server behind NAT .................................................................................... 540

37.4 General NAT Examples ................................................................................................... 543

37.4.1 Internet Access Only .............................................................................................. 543

37.4.2 Example 2: Internet Access with a Default Server ................................................. 544

37.4.3 Example 3: Multiple Public IP Addresses With Inside Servers .............................. 545

37.4.4 Example 4: NAT Unfriendly Application Programs ................................................. 548

37.5 Trigger Port Forwarding ...................................................................................................550

37.5.1 Two Points To Remember About Trigger Ports ...................................................... 550

Chapter 38

Introducing the ZyWALL Firewall ........................................................................................553

38.1 Using ZyWALL SMT Menus ............................................................................................ 553

38.1.1 Activating the Firewall ............................................................................................ 553

Chapter 39

Filter Configuration............................................................................................................... 555

39.1 Introduction to Filters ....................................................................................................... 555

24

ZyWALL 2WG User’s Guide

Table of Contents

39.1.1 The Filter Structure of the ZyWALL ........................................................................ 556

39.2 Configuring a Filter Set .................................................................................................... 558

39.2.1 Configuring a Filter Rule ........................................................................................ 559

39.2.2 Configuring a TCP/IP Filter Rule ............................................................................ 560

39.2.3 Configuring a Generic Filter Rule ........................................................................... 562

39.3 Example Filter .................................................................................................................. 564

39.4 Filter Types and NAT ....................................................................................................... 566

39.5 Firewall Versus Filters ..................................................................................................... 566

39.5.1 Packet Filtering: ..................................................................................................... 566

39.5.2 Firewall ................................................................................................................... 567

39.6 Applying a Filter .............................................................................................................. 567

39.6.1 Applying LAN Filters ............................................................................................... 568

39.6.2 Applying DMZ Filters .............................................................................................. 568

39.6.3 Applying Remote Node Filters ............................................................................... 569

Chapter 40

SNMP Configuration.............................................................................................................571

40.1 SNMP Configuration ........................................................................................................571

40.2 SNMP Traps .................................................................................................................... 572

Chapter 41

System Information & Diagnosis.........................................................................................573

41.1 Introduction to System Status .......................................................................................... 573

41.2 System Status .................................................................................................................. 573

41.3 System Information and Console Port Speed .................................................................. 575

41.3.1 System Information ................................................................................................ 575

41.3.2 Console Port Speed ............................................................................................... 576

41.4 Log and Trace .................................................................................................................. 577

41.4.1 Viewing Error Log ................................................................................................... 577

41.4.2 Syslog Logging ....................................................................................................... 578

41.4.3 Call-Triggering Packet ............................................................................................ 581

41.5 Diagnostic ........................................................................................................................ 582

41.5.1 WAN DHCP ............................................................................................................ 583

Chapter 42

Firmware and Configuration File Maintenance..................................................................585

42.1 Introduction ...................................................................................................................... 585

42.2 Filename Conventions ..................................................................................................... 585

42.3 Backup Configuration ......................................................................................................586

42.3.1 Backup Configuration ............................................................................................. 586

42.3.2 Using the FTP Command from the Command Line ............................................... 587

42.3.3 Example of FTP Commands from the Command Line .......................................... 587

42.3.4 GUI-based FTP Clients .......................................................................................... 588

ZyWALL 2WG User’s Guide

25

Table of Contents

42.3.5 File Maintenance Over WAN .................................................................................. 588

42.3.6 Backup Configuration Using TFTP ......................................................................... 588

42.3.7 TFTP Command Example ...................................................................................... 589

42.3.8 GUI-based TFTP Clients ........................................................................................ 589

42.3.9 Backup Via Console Port ....................................................................................... 589

42.4 Restore Configuration ...................................................................................................... 590

42.4.1 Restore Using FTP ................................................................................................. 591

42.4.2 Restore Using FTP Session Example .................................................................... 592

42.4.3 Restore Via Console Port ....................................................................................... 592

42.5 Uploading Firmware and Configuration Files .................................................................. 593

42.5.1 Firmware File Upload ............................................................................................. 593

42.5.2 Configuration File Upload ....................................................................................... 594

42.5.3 FTP File Upload Command from the DOS Prompt Example ................................. 595

42.5.4 FTP Session Example of Firmware File Upload .................................................... 595

42.5.5 TFTP File Upload ................................................................................................... 595

42.5.6 TFTP Upload Command Example ......................................................................... 596

42.5.7 Uploading Via Console Port ................................................................................... 596

42.5.8 Uploading Firmware File Via Console Port ............................................................ 596

42.5.9 Example Xmodem Firmware Upload Using HyperTerminal ................................... 597

42.5.10 Uploading Configuration File Via Console Port .................................................... 597

42.5.11 Example Xmodem Configuration Upload Using HyperTerminal ........................... 598

Chapter 43

System Maintenance Menus 8 to 10....................................................................................599

43.1 Command Interpreter Mode ............................................................................................ 599

43.1.1 Command Syntax ................................................................................................... 600

43.1.2 Command Usage ................................................................................................... 600

43.2 Call Control Support ........................................................................................................ 601

43.2.1 Budget Management .............................................................................................. 601

43.2.2 Call History ............................................................................................................. 602

43.3 Time and Date Setting .....................................................................................................603

Chapter 44

Remote Management............................................................................................................ 607

44.1 Remote Management ...................................................................................................... 607

44.1.1 Remote Management Limitations .......................................................................... 609

Chapter 45

IP Policy Routing .................................................................................................................. 611

45.1 IP Routing Policy Summary ..............................................................................................611

45.2 IP Routing Policy Setup ...................................................................................................612

45.2.1 Applying Policy to Packets ..................................................................................... 614

45.3 IP Policy Routing Example .............................................................................................. 615

26

ZyWALL 2WG User’s Guide

Table of Contents

Chapter 46

Call Scheduling..................................................................................................................... 619

46.1 Introduction to Call Scheduling ........................................................................................ 619

Chapter 47

Troubleshooting....................................................................................................................623

47.1 Power, Hardware Connections, and LEDs ...................................................................... 623

47.2 ZyWALL Access and Login .............................................................................................. 624

47.3 Internet Access ................................................................................................................ 626

Part VII: Appendices and Index .......................................................... 629

Appendix A Product Specifications.......................................................................................631

Appendix B Wall-mounting Instructions................................................................................639

Appendix C Pop-up Windows, JavaScripts and Java Permissions ...................................... 641

Appendix D Setting up Your Computer’s IP Address ...........................................................647

Appendix E IP Addresses and Subnetting ...........................................................................663

Appendix F Common Services .............................................................................................671

Appendix G Wireless LANs ..................................................................................................675

Appendix H Importing Certificates ........................................................................................ 691

Appendix I Command Interpreter .........................................................................................701

Appendix J NetBIOS Filter Commands ................................................................................709

Appendix K Brute-Force Password Guessing Protection..................................................... 711

Appendix L Legal Information............................................................................................... 713

Appendix M Customer Support ............................................................................................ 717

Index....................................................................................................................................... 721

ZyWALL 2WG User’s Guide

27

Table of Contents

28

ZyWALL 2WG User’s Guide

List of Figures

List of Figures

Figure 1 Secure Internet Access via Cable or DSL Modem ................................................................... 52

Figure 2 VPN Application ....................................................................................................................... 53

Figure 3 3G WAN Application ................................................................................................................. 53

Figure 4 Front Panel ............................................................................................................................... 54

Figure 5 Change Password Screen ........................................................................................................ 56

Figure 6 Replace Certificate Screen ....................................................................................................... 56

Figure 7 Example Xmodem Upload ........................................................................................................ 57

Figure 8 HOME Screen .......................................................................................................................... 58

Figure 9 Web Configurator HOME Screen in Router Mode .................................................................. 59

Figure 10 Web Configurator HOME Screen in Bridge Mode .................................................................. 63

Figure 11 HOME > Show Statistics ......................................................................................................... 70

Figure 12 HOME > Show Statistics > Line Chart .................................................................................... 71

Figure 13 HOME > DHCP Table ............................................................................................................. 72

Figure 14 HOME > VPN Status .............................................................................................................. 73

Figure 15 Home > Bandwidth Monitor .................................................................................................... 74

Figure 16 Wizard Setup Welcome .......................................................................................................... 75

Figure 17 ISP Parameters: Ethernet Encapsulation ...............................................................................76

Figure 18 ISP Parameters: PPPoE Encapsulation ................................................................................. 77

Figure 19 ISP Parameters: PPTP Encapsulation ...................................................................................79

Figure 20 Internet Access Wizard: Second Screen ................................................................................80

Figure 21 Internet Access Setup Complete ............................................................................................ 81

Figure 22 Internet Access Wizard: Registration ..................................................................................... 82

Figure 23 Internet Access Wizard: Registration in Progress .................................................................. 83

Figure 24 Internet Access Wizard: Status .............................................................................................. 83

Figure 25 Internet Access Wizard: Registration Failed ..........................................................................83

Figure 26 Internet Access Wizard: Registered Device ........................................................................... 84

Figure 27 Internet Access Wizard: Activated Services ...........................................................................84

Figure 28 VPN Wizard: Gateway Setting ............................................................................................... 85

Figure 29 VPN Wizard: Network Setting ................................................................................................ 86

Figure 30 VPN Wizard: IKE Tunnel Setting ............................................................................................ 88

Figure 31 VPN Wizard: IPSec Setting .................................................................................................... 89

Figure 32 VPN Wizard: VPN Status ....................................................................................................... 91

Figure 33 VPN Wizard Setup Complete ................................................................................................. 93

Figure 34 Firewall Rule for VPN ............................................................................................................. 96

Figure 35 SECURITY > VPN > VPN Rules (IKE) .................................................................................. 96

Figure 36 SECURITY > VPN > VPN Rules (IKE)> Add Gateway Policy ............................................. 97

Figure 37 SECURITY > VPN > VPN Rules (IKE): With Gateway Policy Example ................................ 98

Figure 38 SECURITY > VPN > VPN Rules (IKE)> Add Network Policy ............................................... 99

ZyWALL 2WG User’s Guide

29

List of Figures

Figure 39 SECURITY > FIREWALL > Rule Summary ......................................................................... 100

Figure 40 SECURITY > FIREWALL > Rule Summary > Edit: Allow ................................................... 101

Figure 41 SECURITY > FIREWALL > Rule Summary: Allow ............................................................... 102

Figure 42 SECURITY > FIREWALL > Default Rule: Block From VPN To LAN .................................... 102

Figure 43 Tutorial: NETWORK > WAN > WAN 2 (3G WAN) ............................................................. 103

Figure 44 Tutorial: NETWORK > WAN > General ............................................................................. 104

Figure 45 Tutorial: Home .................................................................................................................... 105

Figure 46 REGISTRATION ................................................................................................................... 108

Figure 47 REGISTRATION: Registered Device ................................................................................... 109

Figure 48 REGISTRATION > Service ....................................................................................................110

Figure 49 LAN and WAN ......................................................................................................................113

Figure 50 NETWORK > LAN .................................................................................................................117

Figure 51 NETWORK > LAN > Static DHCP ........................................................................................ 120

Figure 52 Physical Network & Partitioned Logical Networks ................................................................ 121

Figure 53 NETWORK > LAN > IP Alias ................................................................................................ 121

Figure 54 NETWORK > LAN > Port Roles ...........................................................................................123

Figure 55 Port Roles Change Complete ............................................................................................... 123

Figure 56 Bridge Loop: Bridge Connected to Wired LAN ..................................................................... 125

Figure 57 NETWORK > Bridge ............................................................................................................. 128

Figure 58 NETWORK > Bridge > Port Roles ........................................................................................130

Figure 59 Port Roles Change Complete ............................................................................................... 130

Figure 60 Least Load First Example .................................................................................................... 133

Figure 61 Weighted Round Robin Algorithm Example ......................................................................... 134

Figure 62 Spillover Algorithm Example ................................................................................................. 134

Figure 63 NETWORK > WAN General ................................................................................................ 136

Figure 64 Load Balancing: Least Load First ......................................................................................... 139

Figure 65 Load Balancing: Weighted Round Robin ............................................................................. 140

Figure 66 Load Balancing: Spillover ..................................................................................................... 141

Figure 67 NETWORK > WAN > WAN 1 (Ethernet Encapsulation) .................................................... 143

Figure 68 NETWORK > WAN > WAN 1 (PPPoE Encapsulation) ........................................................ 147

Figure 69 NETWORK > WAN > WAN 1 (PPTP Encapsulation) .......................................................... 150

Figure 70 NETWORK > WAN > WAN 2 (3G WAN) ........................................................................... 154

Figure 71 Traffic Redirect WAN Setup .................................................................................................. 156

Figure 72 Traffic Redirect LAN Setup ................................................................................................... 156

Figure 73 NETWORK > WAN > Traffic Redirect .................................................................................. 157

Figure 74 NETWORK > WAN > Dial Backup ..................................................................................... 158

Figure 75 NETWORK > WAN > Dial Backup > Edit ........................................................................... 161

Figure 76 NETWORK > DMZ .............................................................................................................. 164

Figure 77 NETWORK > DMZ > Static DHCP ..................................................................................... 167

Figure 78 NETWORK > DMZ > IP Alias .............................................................................................. 168

Figure 79 DMZ Public Address Example .............................................................................................. 170

Figure 80 DMZ Private and Public Address Example .......................................................................... 171

Figure 81 NETWORK > DMZ > Port Roles ......................................................................................... 172

30

ZyWALL 2WG User’s Guide