Zyxel ZYWALL 200, ZYWALL USG 100 user manual

ZyWALL USG 100/200 Series

Unified Security Gateway

Default Login Details

LAN1 Port	P4
IP Address	https://192.168.1.1
User Name	admin
Password	1234

Firmware Version 2.20

Edition 2, 9/2010

www.zyxel.com

Copyright © 2010

ZyXEL Communications Corporation

About This User's Guide

About This User's Guide

Intended Audience

This manual is intended for people who want to want to configure the ZyWALL using the Web Configurator.

How To Use This Guide

•Read Chapter 1 on page 33 chapter for an overview of features available on the ZyWALL.

•Read Chapter 3 on page 47 for web browser requirements and an introduction to the main components, icons and menus in the ZyWALL Web Configurator.

•Read Chapter 4 on page 65 if you’re using the installation wizard for first time setup and you want more detailed information than what the real time online help provides.

•Read Chapter 5 on page 75 if you’re using the quick setup wizards and you want more detailed information than what the real time online help provides.

•It is highly recommended you read Chapter 6 on page 93 for detailed information on essential terms used in the ZyWALL, what prerequisites are needed to configure a feature and how to use that feature.

•It is highly recommended you read Chapter 7 on page 117 for ZyWALL application examples.

•Subsequent chapters are arranged by menu item as defined in the Web Configurator. Read each chapter carefully for detailed information on that menu item.

•To find specific information in this guide, use the Contents Overview, the Table of Contents, the Index, or search the PDF file. E-mail techwriters@zyxel.com.tw if you cannot find the information you require.

Related Documentation

•Quick Start Guide

The Quick Start Guide is designed to show you how to make the ZyWALL hardware connections and access the Web Configurator wizards. (See the wizard real time help for information on configuring each screen.) It also contains a connection diagram and package contents list.

•CLI Reference Guide

The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the ZyWALL.

Note: It is recommended you use the Web Configurator to configure the ZyWALL.

	3
ZyWALL USG 100/200 Series User’s Guide

About This User's Guide

•Web Configurator Online Help

Click the help icon in any screen for help in configuring that screen and supplementary information.

Documentation Feedback

Send your comments, questions or suggestions to: techwriters@zyxel.com.tw

Thank you!

The Technical Writing Team, ZyXEL Communications Corp.,

6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan.

Need More Help?

More help is available at www.zyxel.com.

•Download Library

Search for the latest product updates and documentation from this link. Read the Tech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Interface Reference Guide in order to better understand how to use your product.

•Knowledge Base

If you have a specific question about your product, the answer may be here. This is a collection of answers to previously asked questions about ZyXEL products.

•Forum

This contains discussions on ZyXEL products. Learn from others who use ZyXEL products and share your experiences as well.

Customer Support

Should problems arise that cannot be solved by the methods listed above, you should contact your vendor. If you cannot contact your vendor, then contact a ZyXEL office for the region in which you bought the device.

4
	ZyWALL USG 100/200 Series User’s Guide

About This User's Guide

See http://www.zyxel.com/web/contact_us.php for contact information. Please have the following information ready when you contact an office.

•Product model and serial number.

•Warranty Information.

•Date that you received your device.

•Brief description of the problem and the steps you took to solve it.

Disclaimer

Graphics in this book may differ slightly from the product due to differences in operating systems, operating system versions, or if you installed updated firmware/software for your device. Every effort has been made to ensure that the information in this manual is accurate.

	5
ZyWALL USG 100/200 Series User’s Guide

Document Conventions

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

Warnings tell you about things that could harm you or your device.

Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.

Syntax Conventions

•The ZyWALL may be referred to as the “ZyWALL”, the “device”, the “system” or the “product” in this User’s Guide.

•Product labels, screen names, field labels and field choices are all in bold font.

•A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “return” key on your keyboard.

•“Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.

•A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Maintenance > Log > Log Setting means you first click Maintenance in the navigation panel, then the Log sub menu and finally the Log Setting tab to get to that screen.

•Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.

•“e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

6
	ZyWALL USG 100/200 Series User’s Guide

Document Conventions

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyWALL icon is not an exact representation of your device.

ZyWALL	Computer	Notebook computer
Server	Firewall	Telephone
Switch	Router

	7
ZyWALL USG 100/200 Series User’s Guide

Safety Warnings

Safety Warnings

•Do NOT use this product near water, for example, in a wet basement or near a swimming pool.

•Do NOT expose your device to dampness, dust or corrosive liquids.

•Do NOT store things on the device.

•Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.

•Connect ONLY suitable accessories to the device.

•Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel should service or disassemble this device. Please contact your vendor for further information.

•Make sure to connect the cables to the correct ports.

•Place connecting cables carefully so that no one will step on them or stumble over them.

•Always disconnect all cables from this device before servicing or disassembling.

•Use ONLY an appropriate power adaptor or cord for your device. Connect it to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).

•Do NOT remove the plug and connect it to a power outlet by itself; always attach the plug to the power adaptor first before connecting it to a power outlet.

•Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord.

•Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.

•If the power adaptor or cord is damaged, remove it from the device and the power source.

•Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.

•Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.

•CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS. Dispose them at the applicable collection point for the recycling of electrical and electronic equipment. For detailed information about recycling of this product, please contact your local city office, your household waste disposal service or the store where you purchased the product.

•Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.

Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately.

8
	ZyWALL USG 100/200 Series User’s Guide

Contents Overview

Contents Overview

User’s Guide ...........................................................................................................................	31
Introducing the ZyWALL ............................................................................................................	33
Features and Applications .........................................................................................................	39
Web Configurator .......................................................................................................................	47
Installation Setup Wizard ...........................................................................................................	65
Quick Setup ...............................................................................................................................	75
Configuration Basics ..................................................................................................................	93
Tutorials ...................................................................................................................................	117
L2TP VPN Example .................................................................................................................	187
Technical Reference ............................................................................................................	225
Dashboard ..............................................................................................................................	227
Monitor ....................................................................................................................................	241
Registration .............................................................................................................................	285
Signature Update .....................................................................................................................	291
Interfaces .................................................................................................................................	297
Trunks .....................................................................................................................................	373
Policy and Static Routes ..........................................................................................................	383
Routing Protocols ....................................................................................................................	399
Zones .......................................................................................................................................	413
DDNS ......................................................................................................................................	417
NAT ..........................................................................................................................................	423
HTTP Redirect ........................................................................................................................	433
ALG .........................................................................................................................................	439
IP/MAC Binding ......................................................................................................................	447
Authentication Policy ...............................................................................................................	453
Firewall ....................................................................................................................................	461
IPSec VPN ...............................................................................................................................	479
SSL VPN .................................................................................................................................	521
SSL User Screens ...................................................................................................................	535
SSL User Application Screens ................................................................................................	545
SSL User File Sharing .............................................................................................................	547
ZyWALL SecuExtender ...........................................................................................................	555
L2TP VPN ................................................................................................................................	559
Application Patrol .....................................................................................................................	563
Anti-Virus .................................................................................................................................	589
IDP ..........................................................................................................................................	605
ADP ........................................................................................................................................	641
ZyWALL USG 100/200 Series User’s Guide	9

Contents Overview

Content Filtering .....................................................................................................................	663
Content Filter Reports .............................................................................................................	687
Anti-Spam ................................................................................................................................	695
Device HA ................................................................................................................................	713
User/Group ..............................................................................................................................	735
Addresses ...............................................................................................................................	751
Services ...................................................................................................................................	757
Schedules ................................................................................................................................	763
AAA Server .............................................................................................................................	769
Authentication Method .............................................................................................................	779
Certificates ...............................................................................................................................	785
ISP Accounts ...........................................................................................................................	807
SSL Application ........................................................................................................................	811
Endpoint Security ....................................................................................................................	819
System ...................................................................................................................................	829
Log and Report ......................................................................................................................	881
File Manager ...........................................................................................................................	897
Diagnostics .............................................................................................................................	909
Reboot .....................................................................................................................................	919
Shutdown .................................................................................................................................	921
Troubleshooting .......................................................................................................................	923
Product Specifications .............................................................................................................	943

10
	ZyWALL USG 100/200 Series User’s Guide

		Table of Contents
	Table of Contents
About This User's Guide ..........................................................................................................		3
Document Conventions............................................................................................................		6
Safety Warnings........................................................................................................................		8
Contents Overview ...................................................................................................................		9
Table of Contents....................................................................................................................		11
Part I: User’s Guide................................................................................		31
Chapter 1
Introducing the ZyWALL ........................................................................................................		33
1.1	Overview and Key Default Settings .....................................................................................	33
1.2	Rack-mounted Installation ...................................................................................................	34
	1.2.1 Rack-Mounted Installation Procedure ........................................................................	34
1.3	Front Panel ..........................................................................................................................	35
	1.3.1 Front Panel LEDs .......................................................................................................	36
1.4	Management Overview ........................................................................................................	36
1.5	Starting and Stopping the ZyWALL ......................................................................................	38
Chapter 2
Features and Applications .....................................................................................................		39
2.1	Features ..............................................................................................................................	39
2.2	Applications .........................................................................................................................	41
	2.2.1 VPN Connectivity .......................................................................................................	42
	2.2.2 SSL VPN Network Access .........................................................................................	42
	2.2.3 User-Aware Access Control .......................................................................................	44
	2.2.4 Multiple WAN Interfaces .............................................................................................	44
	2.2.5 Device HA ..................................................................................................................	45
Chapter 3
Web Configurator....................................................................................................................		47
3.1	Web Configurator Requirements .........................................................................................	47
3.2	Web Configurator Access ....................................................................................................	47
3.3	Web Configurator Screens Overview ..................................................................................	49
	3.3.1 Title Bar ......................................................................................................................	50
ZyWALL USG 100/200 Series User’s Guide		11

Table of Contents
	3.3.2 Navigation Panel ........................................................................................................	51
	3.3.3 Main Window ..............................................................................................................	57
	3.3.4 Tables and Lists .........................................................................................................	59
Chapter 4
Installation Setup Wizard .......................................................................................................		65
4.1	Installation Setup Wizard Screens ......................................................................................	65
	4.1.1 Internet Access Setup - WAN Interface .....................................................................	66
	4.1.2 Internet Access: Ethernet ..........................................................................................	66
	4.1.3 Internet Access: PPPoE .............................................................................................	68
	4.1.4 Internet Access: PPTP ..............................................................................................	69
	4.1.5 ISP Parameters ..........................................................................................................	70
	4.1.6 Internet Access Setup - Second WAN Interface ........................................................	71
	4.1.7 Internet Access - Finish .............................................................................................	72
4.2	Device Registration ...........................................................................................................	72
Chapter 5
Quick Setup .............................................................................................................................		75
5.1	Quick Setup Overview .........................................................................................................	75
5.2	WAN Interface Quick Setup .................................................................................................	76
	5.2.1 Choose an Ethernet Interface ....................................................................................	76
	5.2.2 Select WAN Type .......................................................................................................	76
	5.2.3 Configure WAN Settings ............................................................................................	77
	5.2.4 WAN and ISP Connection Settings ............................................................................	78
	5.2.5 Quick Setup Interface Wizard: Summary ...................................................................	80
5.3	VPN Quick Setup .................................................................................................................	81
5.4	VPN Setup Wizard: Wizard Type .........................................................................................	82
5.5	VPN Express Wizard - Scenario .........................................................................................	83
	5.5.1 VPN Express Wizard - Configuration ........................................................................	84
	5.5.2 VPN Express Wizard - Summary ..............................................................................	85
	5.5.3 VPN Express Wizard - Finish ....................................................................................	86
	5.5.4 VPN Advanced Wizard - Scenario ............................................................................	87
	5.5.5 VPN Advanced Wizard - Phase 1 Settings ...............................................................	88
	5.5.6 VPN Advanced Wizard - Phase 2 .............................................................................	90
	5.5.7 VPN Advanced Wizard - Summary ...........................................................................	91
	5.5.8 VPN Advanced Wizard - Finish .................................................................................	92
Chapter 6
Configuration Basics..............................................................................................................		93
6.1	Object-based Configuration .................................................................................................	93
6.2	Zones, Interfaces, and Physical Ports .................................................................................	94
	6.2.1 Interface Types ...........................................................................................................	95
	6.2.2 Default Interface and Zone Configuration ..................................................................	96
12	ZyWALL USG 100/200 Series User’s Guide

	Table of Contents
6.3 Terminology in the ZyWALL .................................................................................................	97
6.4 Packet Flow .........................................................................................................................	99
6.4.1 ZLD 2.20 Packet Flow Enhancements .......................................................................	99
6.4.2 Routing Table Checking Flow Enhancements ..........................................................	100
6.4.3 NAT Table Checking Flow ........................................................................................	101
6.5 Feature Configuration Overview .......................................................................................	102
6.5.1 Feature .....................................................................................................................	103
6.5.2 Licensing Registration ..............................................................................................	103
6.5.3 Licensing Update .....................................................................................................	103
6.5.4 Interface ...................................................................................................................	104
6.5.5 Trunks ......................................................................................................................	104
6.5.6 Policy Routes ...........................................................................................................	104
6.5.7 Static Routes ............................................................................................................	106
6.5.8 Zones .......................................................................................................................	106
6.5.9 DDNS .......................................................................................................................	106
6.5.10 NAT ........................................................................................................................	106
6.5.11 HTTP Redirect ........................................................................................................	107
6.5.12 ALG ........................................................................................................................	108
6.5.13 Auth. Policy ............................................................................................................	108
6.5.14 Firewall ...................................................................................................................	108
6.5.15 IPSec VPN .............................................................................................................	109
6.5.16 SSL VPN ................................................................................................................	109
6.5.17 L2TP VPN ...............................................................................................................	110
6.5.18 Application Patrol ....................................................................................................	110
6.5.19 Anti-Virus .................................................................................................................	111
6.5.20 IDP ..........................................................................................................................	111
6.5.21 ADP .........................................................................................................................	111
6.5.22 Content Filter ...........................................................................................................	111
6.5.23 Anti-Spam ................................................................................................................	112
6.5.24 Device HA ...............................................................................................................	112
6.6 Objects ...............................................................................................................................	113
6.6.1 User/Group ................................................................................................................	113
6.7 System ................................................................................................................................	114
6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-in Mgmt, Vantage CNM	...................114
6.7.2 Logs and Reports ......................................................................................................	115
6.7.3 File Manager .............................................................................................................	115
6.7.4 Diagnostics ................................................................................................................	115
6.7.5 Shutdown ..................................................................................................................	115
Chapter 7
Tutorials ................................................................................................................................	117
7.1 How to Configure Interfaces, Port Roles, and Zones .........................................................	117
7.1.1 Configure a WAN Ethernet Interface .........................................................................	118
ZyWALL USG 100/200 Series User’s Guide	13

Table of Contents
	7.1.2 Configure the OPT Interface for a Local Network .....................................................	119
	7.1.3 Configure Zones .......................................................................................................	120
	7.1.4 Configure Port Roles ................................................................................................	121
	7.2 How to Configure a Cellular Interface ................................................................................	122
	7.3 How to Configure Load Balancing .....................................................................................	124
	7.3.1 Set Up Available Bandwidth on Ethernet Interfaces ................................................	124
	7.3.2 Configure the WAN Trunk ........................................................................................	125
	7.4 How to Set Up a Wireless LAN ..........................................................................................	127
	7.4.1 Set Up User Accounts ..............................................................................................	127
	7.4.2 Create the WLAN Interface ......................................................................................	128
	7.4.3 Set Up the Wireless Clients to Use the WLAN Interface ..........................................	131
	7.5 How to Set Up an IPSec VPN Tunnel ................................................................................	143
	7.5.1 Set Up the VPN Gateway .........................................................................................	144
	7.5.2 Set Up the VPN Connection .....................................................................................	144
	7.5.3 Configure Security Policies for the VPN Tunnel .......................................................	146
	7.6 How to Configure a Hub-and-spoke IPSec VPN Without a VPN Concentrator .................	146
	7.7 How to Configure User-aware Access Control ..................................................................	148
	7.7.1 Set Up User Accounts ..............................................................................................	149
	7.7.2 Set Up User Groups .................................................................................................	150
	7.7.3 Set Up User Authentication Using the RADIUS Server ...........................................	150
	7.7.4 Web Surfing Policies With Bandwidth Restrictions ..................................................	152
	7.7.5 Set Up MSN Policies ................................................................................................	155
	7.7.6 Set Up Firewall Rules ...............................................................................................	156
	7.8 How to Use a RADIUS Server to Authenticate User Accounts based on Groups .............	157
	7.9 How to Use Endpoint Security and Authentication Policies ...............................................	159
	7.9.1 Configure the Endpoint Security Objects .................................................................	159
	7.9.2 Configure the Authentication Policy .........................................................................	161
	7.10 How to Configure Service Control ...................................................................................	162
	7.10.1 Allow HTTPS Administrator Access Only From the LAN .......................................	163
	7.11 How to Allow Incoming H.323 Peer-to-peer Calls ............................................................	165
	7.11.1 Turn On the ALG ....................................................................................................	166
	7.11.2 Set Up a NAT Policy For H.323 ..............................................................................	166
	7.11.3 Set Up a Firewall Rule For H.323 ...........................................................................	168
	7.12 How to Allow Public Access to a Web Server ..................................................................	169
	7.12.1 Create the Address Objects ...................................................................................	170
	7.12.2 Configure NAT ........................................................................................................	170
	7.12.3 Set Up a Firewall Rule ...........................................................................................	171
	7.13 How to Use an IPPBX on the DMZ ..................................................................................	172
	7.13.1 Turn On the ALG ....................................................................................................	174
	7.13.2 Create the Address Objects ...................................................................................	174
	7.13.3 Setup a NAT Policy for the IPPBX .........................................................................	175
	7.13.4 Set Up a WAN to DMZ Firewall Rule for SIP .........................................................	176
	7.13.5 Set Up a DMZ to LAN Firewall Rule for SIP ...........................................................	177
14	ZyWALL USG 100/200 Series User’s Guide

Table of Contents
7.14 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic	............... 178
7.14.1 Create the Public IP Address Range Object ..........................................................	178
7.14.2 Configure the Policy Route ....................................................................................	179
7.15 How to Use Active-Passive Device HA ...........................................................................	179
7.15.1 Before You Start .....................................................................................................	180
7.15.2 Configure Device HA on the Master ZyWALL ........................................................	181
7.15.3 Configure the Backup ZyWALL ..............................................................................	183
7.15.4 Deploy the Backup ZyWALL ..................................................................................	185
7.15.5 Check Your Device HA Setup ................................................................................	185
Chapter 8
L2TP VPN Example...............................................................................................................	187
8.1 L2TP VPN Example ...........................................................................................................	187
8.2 Configuring the Default L2TP VPN Gateway Example ......................................................	187
8.3 Configuring the Default L2TP VPN Connection Example ..................................................	189
8.4 Configuring the L2TP VPN Settings Example ...................................................................	190
8.5 Configuring L2TP VPN in Windows Vista, XP, or 2000 .....................................................	191
8.5.1 Configuring L2TP in Windows Vista .........................................................................	191
8.5.2 Configuring L2TP in Windows XP ............................................................................	201
8.5.3 Configuring L2TP in Windows 2000 .........................................................................	207
Part II: Technical Reference ................................................................	225
Chapter 9
Dashboard ............................................................................................................................	227
9.1 Overview ............................................................................................................................	227
9.1.1 What You Can Do in this Chapter ............................................................................	227
9.2 The Dashboard Screen .....................................................................................................	227
9.2.1 The CPU Usage Screen ...........................................................................................	234
9.2.2 The Memory Usage Screen .....................................................................................	235
9.2.3 The Session Usage Screen .....................................................................................	236
9.2.4 The VPN Status Screen ...........................................................................................	237
9.2.5 The DHCP Table Screen ..........................................................................................	237
9.2.6 The Number of Login Users Screen .........................................................................	238
Chapter 10
Monitor..................................................................................................................................	241
10.1 Overview ..........................................................................................................................	241
10.1.1 What You Can Do in this Chapter ..........................................................................	241
10.2 The Port Statistics Screen ..............................................................................................	242
10.2.1 The Port Statistics Graph Screen ..........................................................................	244

	15
ZyWALL USG 100/200 Series User’s Guide

Table of Contents

10.3	Interface Status Screen ...................................................................................................			245
10.4	The Traffic Statistics Screen ............................................................................................			248
10.5	The Session Monitor Screen ..........................................................................................			251
10.6	The DDNS Status Screen ................................................................................................			254
10.7	IP/MAC Binding Monitor ..................................................................................................			254
10.8	The Login Users Screen .................................................................................................			256
10.9	WLAN Interface Station Monitor Screen ..........................................................................			256
10.10		Cellular Status Screen ...................................................................................................		258
10.11 USB Storage Screen .....................................................................................................				260
10.12		Application Patrol Statistics ...........................................................................................		261
10.12.1 Application Patrol Statistics: General Setup .........................................................				261
10.12.2 Application Patrol Statistics: Bandwidth Statistics ................................................				262
10.12.3			Application Patrol Statistics: Protocol Statistics ...................................................	263
10.12.4			Application Patrol Statistics: Individual Protocol Statistics by Rule .....................	264
10.13		The IPSec Monitor Screen ...........................................................................................		265
10.13.1 Regular Expressions in Searching IPSec SAs .....................................................				267
10.14		The SSL Connection Monitor Screen ............................................................................		268
10.15		L2TP over IPSec Session Monitor Screen ....................................................................		269
10.16		The Anti-Virus Statistics Screen ....................................................................................		270
10.17		The IDP Statistics Screen ..............................................................................................		272
10.18		The Content Filter Statistics Screen ..............................................................................		274
10.19		Content Filter Cache Screen .........................................................................................		275
10.20		The Anti-Spam Statistics Screen ...................................................................................		278
10.21		The Anti-Spam Status Screen .......................................................................................		280
10.22		Log Screen ....................................................................................................................		281

Chapter 11
Registration ...........................................................................................................................		285
11.1 Overview ..........................................................................................................................		285
11.1.1 What You Can Do in this Chapter ...........................................................................		285
11.1.2 What you Need to Know .........................................................................................		285
11.2 The Registration Screen ..................................................................................................		287
11.3 The Service Screen .........................................................................................................		289
Chapter 12
Signature Update ..................................................................................................................		291
12.1	Overview ..........................................................................................................................	291
12.1.1 What You Can Do in this Chapter ..........................................................................		291
12.1.2 What you Need to Know ........................................................................................		291
12.2	The Antivirus Update Screen ...........................................................................................	292
12.3	The IDP/AppPatrol Update Screen ..................................................................................	293
12.4	The System Protect Update Screen ...............................................................................	295

16
	ZyWALL USG 100/200 Series User’s Guide

		Table of Contents
Chapter 13
Interfaces...............................................................................................................................		297
13.1	Interface Overview ...........................................................................................................	297
13.1.1 What You Can Do in this Chapter ..........................................................................		297
13.1.2 What You Need to Know ........................................................................................		298
13.2	Port Role .........................................................................................................................	301
13.3	Ethernet Summary Screen ..............................................................................................	302
13.3.1 Ethernet Edit .........................................................................................................		304
13.3.2 Object References .................................................................................................		312
13.4	PPP Interfaces ................................................................................................................	313
13.4.1 PPP Interface Summary .........................................................................................		314
13.4.2 PPP Interface Add or Edit .....................................................................................		316
13.5	Cellular Configuration Screen (3G) .................................................................................	320
13.5.1 Cellular Add/Edit Screen ........................................................................................		322
13.6	WLAN Interface General Screen .....................................................................................	329
13.6.1 WLAN Add/Edit Screen ..........................................................................................		332
13.6.2 WLAN Add/Edit: WEP Security ..............................................................................		338
13.6.3 WLAN Add/Edit: WPA-PSK/WPA2-PSK Security ...................................................		339
13.6.4 WLAN Add/Edit: WPA/WPA2 Security ...................................................................		340
13.7	WLAN Interface MAC Filter ............................................................................................	342
13.8	VLAN Interfaces .............................................................................................................	344
13.8.1 VLAN Summary Screen .........................................................................................		346
13.8.2 VLAN Add/Edit ......................................................................................................		347
13.9	Bridge Interfaces ............................................................................................................	354
13.9.1 Bridge Summary ....................................................................................................		356
13.9.2 Bridge Add/Edit .....................................................................................................		357
13.10 Auxiliary Interface .........................................................................................................		363
13.10.1 Auxiliary Interface Overview .................................................................................		363
13.10.2 Auxiliary ................................................................................................................		363
13.11 Virtual Interfaces ...........................................................................................................		365
13.11.1 Virtual Interfaces Add/Edit ....................................................................................		366
13.12 Interface Technical Reference .......................................................................................		367
Chapter 14
Trunks ...................................................................................................................................		373
14.1	Overview ..........................................................................................................................	373
14.1.1 What You Can Do in this Chapter ..........................................................................		373
14.1.2 What You Need to Know ........................................................................................		374
14.2	The Trunk Summary Screen ............................................................................................	378
14.3	Configuring a Trunk ........................................................................................................	379
14.4	Trunk Technical Reference ..............................................................................................	381

	17
ZyWALL USG 100/200 Series User’s Guide

Table of Contents

Chapter 15
Policy and Static Routes ......................................................................................................			383
15.1		Policy and Static Routes Overview ..................................................................................	383
	15.1.1 What You Can Do in this Chapter ..........................................................................		383
	15.1.2 What You Need to Know .......................................................................................		384
15.2		Policy Route Screen ........................................................................................................	386
	15.2.1 Policy Route Edit Screen .......................................................................................		389
15.3		IP Static Route Screen ....................................................................................................	393
	15.3.1 Static Route Add/Edit Screen .................................................................................		394
15.4		Policy Routing Technical Reference ................................................................................	395
Chapter 16
Routing Protocols.................................................................................................................			399
16.1		Routing Protocols Overview ............................................................................................	399
	16.1.1 What You Can Do in this Chapter ..........................................................................		399
	16.1.2 What You Need to Know ........................................................................................		399
16.2		The RIP Screen ...............................................................................................................	400
	16.3 The OSPF Screen ...........................................................................................................		401
	16.3.1 Configuring the OSPF Screen ................................................................................		405
	16.3.2 OSPF Area Add/Edit Screen .................................................................................		408
	16.3.3 Virtual Link Add/Edit Screen .................................................................................		409
16.4		Routing Protocol Technical Reference ............................................................................	410
Chapter 17
Zones .....................................................................................................................................			413
17.1		Zones Overview ...............................................................................................................	413
	17.1.1 What You Can Do in this Chapter ..........................................................................		413
	17.1.2 What You Need to Know ........................................................................................		414
17.2		The Zone Screen .............................................................................................................	415
17.3		Zone Edit ........................................................................................................................	416
Chapter 18
DDNS......................................................................................................................................			417
	18.1 DDNS Overview ..............................................................................................................		417
	18.1.1 What You Can Do in this Chapter ..........................................................................		417
	18.1.2 What You Need to Know ........................................................................................		417
	18.2 The DDNS Screen ...........................................................................................................		418
	18.2.1 The Dynamic DNS Add/Edit Screen ......................................................................		420
Chapter 19
NAT.........................................................................................................................................			423
19.1		NAT Overview ..................................................................................................................	423
	19.1.1 What You Can Do in this Chapter ..........................................................................		423
18
			ZyWALL USG 100/200 Series User’s Guide

		Table of Contents
19.1.2 What You Need to Know ........................................................................................		424
19.2	The NAT Screen ..............................................................................................................	424
19.2.1 The NAT Add/Edit Screen ......................................................................................		426
19.3	NAT Technical Reference ................................................................................................	429
Chapter 20
HTTP Redirect ......................................................................................................................		433
20.1	Overview ..........................................................................................................................	433
20.1.1 What You Can Do in this Chapter ..........................................................................		433
20.1.2 What You Need to Know ........................................................................................		434
20.2	The HTTP Redirect Screen .............................................................................................	435
20.2.1 The HTTP Redirect Edit Screen .............................................................................		436
Chapter 21
ALG ........................................................................................................................................		439
21.1	ALG Overview .................................................................................................................	439
21.1.1 What You Can Do in this Chapter ..........................................................................		439
21.1.2 What You Need to Know ........................................................................................		440
21.1.3 Before You Begin ...................................................................................................		443
21.2	The ALG Screen ..............................................................................................................	443
21.3	ALG Technical Reference ................................................................................................	445
Chapter 22
IP/MAC Binding ....................................................................................................................		447
22.1	IP/MAC Binding Overview ...............................................................................................	447
22.1.1 What You Can Do in this Chapter ..........................................................................		447
22.1.2 What You Need to Know ........................................................................................		448
22.2	IP/MAC Binding Summary ...............................................................................................	448
22.2.1 IP/MAC Binding Edit ...............................................................................................		449
22.2.2 Static DHCP Edit ....................................................................................................		450
22.3	IP/MAC Binding Exempt List ...........................................................................................	451
Chapter 23
Authentication Policy ...........................................................................................................		453
23.1	Overview ..........................................................................................................................	453
23.1.1 What You Can Do in this Chapter ..........................................................................		453
23.1.2 What You Need to Know ........................................................................................		454
23.2	Authentication Policy Screen ...........................................................................................	454
23.2.1 Adding Exceptional Services ..................................................................................		456
23.2.2 Creating/Editing an Authentication Policy ..............................................................		457
Chapter 24
Firewall...................................................................................................................................		461

	19
ZyWALL USG 100/200 Series User’s Guide

Table of Contents
24.1	Overview ..........................................................................................................................	461
24.1.1 What You Can Do in this Chapter ..........................................................................		461
24.1.2 What You Need to Know ........................................................................................		462
24.1.3 Firewall Rule Example Applications .......................................................................		464
24.1.4 Firewall Rule Configuration Example .....................................................................		467
24.2	The Firewall Screen .........................................................................................................	469
24.2.1 Configuring the Firewall Screen .............................................................................		470
24.2.2 The Firewall Add/Edit Screen .................................................................................		473
24.3	The Session Limit Screen ................................................................................................	474
24.3.1 The Session Limit Add/Edit Screen ........................................................................		476
Chapter 25
IPSec VPN	..............................................................................................................................	479
25.1	IPSec VPN Overview .......................................................................................................	479
25.1.1 ..........................................................................What You Can Do in this Chapter		479
25.1.2 ........................................................................................What You Need to Know		480
25.1.3 ...................................................................................................Before You Begin		482
25.2 ..........................................................................................	The VPN Connection Screen	482
25.2.1 .........................................................The VPN Connection Add/Edit (IKE) Screen		484
25.2.2 ..............................................The VPN Connection Add/Edit Manual Key Screen		491
25.3 ..............................................................................................The VPN Gateway Screen		494
25.3.1 ......................................................................The VPN Gateway Add/Edit Screen		495
25.4 ..........................................................................................................	VPN Concentrator	503
25.4.1 ........................................................................IPSec VPN Concentrator Example		503
25.4.2 ......................................................................................VPN Concentrator Screen		506
25.4.3 ................................................................The VPN Concentrator Add/Edit Screen		506
25.5 ...............................................................................	IPSec VPN Background Information	507
Chapter 26
SSL VPN.................................................................................................................................		521
26.1 ..........................................................................................................................	Overview	521
26.1.1 ..........................................................................What You Can Do in this Chapter		521
26.1.2 ........................................................................................What You Need to Know		521
26.2 ...................................................................................	The SSL Access Privilege Screen	524
26.2.1 ..............................................................The SSL Access Policy Add/Edit Screen		526
26.3 .......................................................................................	The SSL Global Setting Screen	529
26.3.1 ..............................................................................How to Upload a Custom Logo		531
26.4 .............................................................................	Establishing an SSL VPN Connection	532
Chapter 27
SSL User Screens.................................................................................................................		535
27.1 ..........................................................................................................................	Overview	535
27.1.1 ........................................................................................What You Need to Know		535
20	ZyWALL USG 100/200 Series User’s Guide

		Table of Contents
27.2	Remote User Login ..........................................................................................................	536
27.3 The SSL VPN User Screens ...........................................................................................		541
27.4	Bookmarking the ZyWALL ...............................................................................................	542
27.5	Logging Out of the SSL VPN User Screens ....................................................................	542
Chapter 28
SSL User Application Screens ............................................................................................		545
28.1	SSL User Application Screens Overview ........................................................................	545
28.2	The Application Screen ...................................................................................................	545
Chapter 29
SSL User File Sharing ..........................................................................................................		547
29.1	Overview ..........................................................................................................................	547
29.1.1 What You Need to Know ........................................................................................		547
29.2	The Main File Sharing Screen .........................................................................................	548
29.3	Opening a File or Folder ..................................................................................................	548
29.3.1 Downloading a File .................................................................................................		550
29.3.2 Saving a File ..........................................................................................................		551
29.4	Creating a New Folder .....................................................................................................	551
29.5	Renaming a File or Folder ...............................................................................................	552
29.6	Deleting a File or Folder ..................................................................................................	552
29.7	Uploading a File ...............................................................................................................	553
Chapter 30
ZyWALL SecuExtender.........................................................................................................		555
30.1	The ZyWALL SecuExtender Icon ....................................................................................	555
30.2	Statistics ..........................................................................................................................	556
30.3	View Log ..........................................................................................................................	557
30.4	Suspend and Resume the Connection ............................................................................	557
30.5	Stop the Connection ........................................................................................................	558
30.6	Uninstalling the ZyWALL SecuExtender ..........................................................................	558
Chapter 31
L2TP VPN...............................................................................................................................		559
31.1	Overview ..........................................................................................................................	559
31.1.1 What You Can Do in this Chapter ..........................................................................		559
31.1.2 What You Need to Know ........................................................................................		559
31.2 L2TP VPN Screen ...........................................................................................................		561
Chapter 32
Application Patrol .................................................................................................................		563
32.1	Overview ..........................................................................................................................	563
32.1.1 What You Can Do in this Chapter ..........................................................................		563
ZyWALL USG 100/200 Series User’s Guide		21

Table of Contents
32.1.2 What You Need to Know .......................................................................................			564
32.1.3 Application Patrol Bandwidth Management Examples ...........................................			569
32.2	Application Patrol General Screen ..................................................................................		573
32.3	Application Patrol Applications ........................................................................................		574
32.3.1 The Application Patrol Edit Screen ........................................................................			575
32.3.2 The Application Patrol Policy Edit Screen .............................................................			579
32.4	The Other Applications Screen ........................................................................................		582
32.4.1 The Other Applications Add/Edit Screen ................................................................			585
Chapter 33
Anti-Virus...............................................................................................................................			589
33.1	Overview ..........................................................................................................................		589
33.1.1 What You Can Do in this Chapter ..........................................................................			589
33.1.2 What You Need to Know ........................................................................................			590
33.1.3 Before You Begin ...................................................................................................			592
33.2	Anti-Virus Summary Screen ............................................................................................		592
33.2.1 Anti-Virus Policy Add or Edit Screen ......................................................................			595
33.3	Anti-Virus Black List .........................................................................................................		597
33.4	Anti-Virus Black List or White List Add/Edit .....................................................................		598
33.5	Anti-Virus White List ........................................................................................................		599
33.6	Signature Searching ........................................................................................................		600
33.7	Anti-Virus Technical Reference ........................................................................................		603
Chapter 34
IDP.........................................................................................................................................			605
34.1	Overview ..........................................................................................................................		605
34.1.1 What You Can Do in this Chapter ..........................................................................			605
34.1.2 What You Need To Know .......................................................................................			605
34.1.3 Before You Begin ...................................................................................................			606
34.2	The IDP General Screen .................................................................................................		607
34.3	Introducing IDP Profiles .................................................................................................		609
34.3.1 Base Profiles ..........................................................................................................			610
34.4	The Profile Summary Screen ...........................................................................................		611
34.5	Creating New Profiles ......................................................................................................		612
34.5.1 Procedure To Create a New Profile ........................................................................			612
34.6	Profiles: Packet Inspection .............................................................................................		613
34.6.1 Profile > Group View Screen ..................................................................................			613
34.6.2 Policy Types ...........................................................................................................			616
34.6.3 IDP Service Groups ...............................................................................................			617
34.6.4 Profile > Query View Screen ..................................................................................			618
34.6.5 Query Example ......................................................................................................			621
34.7	Introducing IDP Custom Signatures ...............................................................................		623
34.7.1 IP Packet Header ...................................................................................................			623
22		ZyWALL USG 100/200 Series User’s Guide

		Table of Contents
34.8	Configuring Custom Signatures .......................................................................................	624
34.8.1 Creating or Editing a Custom Signature ................................................................		626
34.8.2 Custom Signature Example ...................................................................................		632
34.8.3 Applying Custom Signatures ..................................................................................		634
34.8.4 Verifying Custom Signatures ..................................................................................		635
34.9	IDP Technical Reference .................................................................................................	636
Chapter 35
ADP .......................................................................................................................................		641
35.1	Overview ..........................................................................................................................	641
35.1.1 ADP and IDP Comparison .....................................................................................		641
35.1.2 What You Can Do in this Chapter .........................................................................		641
35.1.3 What You Need To Know .......................................................................................		641
35.1.4 Before You Begin ...................................................................................................		642
35.2	The ADP General Screen ................................................................................................	643
35.3	The Profile Summary Screen ..........................................................................................	644
35.3.1 Base Profiles ..........................................................................................................		645
35.3.2 Configuring The ADP Profile Summary Screen .....................................................		645
35.3.3 Creating New ADP Profiles ....................................................................................		646
35.3.4 Traffic Anomaly Profiles ........................................................................................		646
35.3.5 Protocol Anomaly Profiles .....................................................................................		649
35.3.6 Protocol Anomaly Configuration .............................................................................		649
35.4	ADP Technical Reference ................................................................................................	653
Chapter 36
Content Filtering ..................................................................................................................		663
36.1	Overview ..........................................................................................................................	663
36.1.1 What You Can Do in this Chapter ..........................................................................		663
36.1.2 What You Need to Know ........................................................................................		663
36.1.3 Before You Begin ...................................................................................................		665
36.2	Content Filter General Screen .........................................................................................	665
36.3	Content Filter Policy Add or Edit Screen .........................................................................	668
36.4	Content Filter Profile Screen ..........................................................................................	670
36.5	Content Filter Categories Screen ...................................................................................	670
36.5.1 Content Filter Blocked and Warning Messages .....................................................		682
36.6	Content Filter Customization Screen ..............................................................................	683
36.7	Content Filter Technical Reference .................................................................................	685
Chapter 37
Content Filter Reports ..........................................................................................................		687
37.1	Overview ..........................................................................................................................	687
37.2	Viewing Content Filter Reports ........................................................................................	687

	23
ZyWALL USG 100/200 Series User’s Guide

Table of Contents

Chapter 38
Anti-Spam	..............................................................................................................................	695
38.1	Overview ..........................................................................................................................	695
38.1.1 What You Can Do in this Chapter ..........................................................................		695
38.1.2 What You Need to Know ........................................................................................		695
38.2 .............................................................................................................	Before You Begin	697
38.3 .......................................................................................	The Anti - Spam General Screen	697
38.3.1 ..............................................................The Anti-Spam Policy Add or Edit Screen		699
38.4 ....................................................................................	The Anti - Spam Black List Screen	701
38.4.1 ..............................................The Anti-Spam Black or White List Add/Edit Screen		703
38.4.2 ...............................................Regular Expressions in Black or White List Entries		704
38.5 ....................................................................................	The Anti - Spam White List Screen	705
38.6 .........................................................................................................The DNSBL Screen		706
38.7 ......................................................................................	Anti - Spam Technical Reference	708
Chapter 39
Device HA ..............................................................................................................................		713
39.1 ..........................................................................................................................	Overview	713
39.1.1 ..........................................................................What You Can Do in this Chapter		713
39.1.2 ........................................................................................What You Need to Know		713
39.1.3 ...................................................................................................Before You Begin		714
39.2 ..........................................................................................................	Device HA General	715
39.3 ...................................................................................	The Active - Passive Mode Screen	716
39.3.1 ........................................................Configuring Active-Passive Mode Device HA		718
39.4 ...............................................	Configuring an Active - Passive Mode Monitored Interface	721
39.5 ...............................................................................................	The Legacy Mode Screen	723
39.6 .............................................................................	Configuring the Legacy Mode Screen	724
39.7 ......................................................................................	Device HA Technical Reference	728
Chapter 40
User/Group ............................................................................................................................		735
40.1 ..........................................................................................................................	Overview	735
40.1.1 ..........................................................................What You Can Do in this Chapter		735
40.1.2 .......................................................................................What You Need To Know		735
40.2 ....................................................................................................	User Summary Screen	738
40.2.1 .............................................................................................User Add/Edit Screen		738
40.3 .........................................................................................	User Group Summary Screen	741
40.3.1 ..........................................................................................Group Add/Edit Screen		742
40.4 ................................................................................................................	Setting Screen	743
40.4.1 ..................................Default User Authentication Timeout Settings Edit Screens		746
40.4.2 ....................................................................................User Aware Login Example		748
40.5 ...................................................................................	User /Group Technical Reference	749

24
	ZyWALL USG 100/200 Series User’s Guide

	Table of Contents
Chapter 41
Addresses.............................................................................................................................	751
41.1 Overview ..........................................................................................................................	751
41.1.1 What You Can Do in this Chapter ..........................................................................	751
41.1.2 What You Need To Know .......................................................................................	751
41.2 Address Summary Screen ...............................................................................................	751
41.2.1 Address Add/Edit Screen .......................................................................................	753
41.3 Address Group Summary Screen ....................................................................................	754
41.3.1 Address Group Add/Edit Screen ............................................................................	755
Chapter 42
Services .................................................................................................................................	757
42.1 Overview ..........................................................................................................................	757
42.1.1 What You Can Do in this Chapter ..........................................................................	757
42.1.2 What You Need to Know ........................................................................................	757
42.2 The Service Summary Screen .........................................................................................	758
42.2.1 The Service Add/Edit Screen .................................................................................	760
42.3 The Service Group Summary Screen .............................................................................	760
42.3.1 The Service Group Add/Edit Screen ......................................................................	762
Chapter 43
Schedules..............................................................................................................................	763
43.1 Overview ..........................................................................................................................	763
43.1.1 What You Can Do in this Chapter ..........................................................................	763
43.1.2 What You Need to Know ........................................................................................	763
43.2 The Schedule Summary Screen ......................................................................................	764
43.2.1 The One-Time Schedule Add/Edit Screen .............................................................	765
43.2.2 The Recurring Schedule Add/Edit Screen .............................................................	766
Chapter 44
AAA Server ...........................................................................................................................	769
44.1 Overview ..........................................................................................................................	769
44.1.1 Directory Service (AD/LDAP) .................................................................................	769
44.1.2 RADIUS Server ......................................................................................................	770
44.1.3 ASAS ......................................................................................................................	770
44.1.4 What You Can Do in this Chapter ..........................................................................	770
44.1.5 What You Need To Know .......................................................................................	771
44.2 Active Directory or LDAP Server Summary .....................................................................	773
44.2.1 Adding an Active Directory or LDAP Server ...........................................................	773
44.3 RADIUS Server Summary ...............................................................................................	775
44.3.1 Adding a RADIUS Server ......................................................................................	777

	25
ZyWALL USG 100/200 Series User’s Guide

Table of Contents

Chapter 45
Authentication Method .........................................................................................................	779
45.1 Overview ..........................................................................................................................	779
45.1.1 What You Can Do in this Chapter ..........................................................................	779
45.1.2 Before You Begin ...................................................................................................	779
45.1.3 Example: Selecting a VPN Authentication Method ................................................	779
45.2 Authentication Method Objects ........................................................................................	780
45.2.1 Creating an Authentication Method Object ............................................................	781
Chapter 46
Certificates ............................................................................................................................	785
46.1 Overview ..........................................................................................................................	785
46.1.1 What You Can Do in this Chapter ..........................................................................	785
46.1.2 What You Need to Know ........................................................................................	785
46.1.3 Verifying a Certificate .............................................................................................	787
46.2 The My Certificates Screen .............................................................................................	789
46.2.1 The My Certificates Add Screen ............................................................................	790
46.2.2 The My Certificates Edit Screen .............................................................................	795
46.2.3 The My Certificates Import Screen ........................................................................	798
46.3 The Trusted Certificates Screen .....................................................................................	799
46.3.1 The Trusted Certificates Edit Screen ....................................................................	800
46.3.2 The Trusted Certificates Import Screen ................................................................	804
46.4 Certificates Technical Reference .....................................................................................	805
Chapter 47
ISP Accounts.........................................................................................................................	807
47.1 Overview ..........................................................................................................................	807
47.1.1 What You Can Do in this Chapter ..........................................................................	807
47.2 ISP Account Summary ....................................................................................................	807
47.2.1 ISP Account Edit ...................................................................................................	808
Chapter 48
SSL Application ....................................................................................................................	811
48.1 Overview ...........................................................................................................................	811
48.1.1 What You Can Do in this Chapter ...........................................................................	811
48.1.2 What You Need to Know .........................................................................................	811
48.1.3 Example: Specifying a Web Site for Access ..........................................................	812
48.2 The SSL Application Screen ............................................................................................	813
48.2.1 Creating/Editing a Web-based SSL Application Object .........................................	814
48.2.2 Creating/Editing a File Sharing SSL Application Object .........................................	816
Chapter 49
Endpoint Security .................................................................................................................	819

26
	ZyWALL USG 100/200 Series User’s Guide

		Table of Contents
49.1	Overview ..........................................................................................................................	819
49.1.1 What You Can Do in this Chapter ..........................................................................		820
49.1.2 What You Need to Know ........................................................................................		820
49.2	Endpoint Security Screen ................................................................................................	821
49.3	Endpoint Security Add/Edit ..............................................................................................	823
Chapter 50
System .................................................................................................................................		829
50.1	Overview ..........................................................................................................................	829
50.1.1 What You Can Do in this Chapter ..........................................................................		829
50.2 Host Name .......................................................................................................................		830
50.3	USB Storage ....................................................................................................................	831
50.4	Date and Time ................................................................................................................	832
50.4.1 Pre-defined NTP Time Servers List ........................................................................		834
50.4.2 Time Server Synchronization .................................................................................		835
50.5	Console Port Speed .........................................................................................................	836
50.6	DNS Overview .................................................................................................................	836
50.6.1 DNS Server Address Assignment ..........................................................................		837
50.6.2 Configuring the DNS Screen ..................................................................................		837
50.6.3 Address Record ....................................................................................................		840
50.6.4 PTR Record ...........................................................................................................		840
50.6.5 Adding an Address/PTR Record ............................................................................		840
50.6.6 Domain Zone Forwarder .......................................................................................		841
50.6.7 Adding a Domain Zone Forwarder .........................................................................		841
50.6.8 MX Record ............................................................................................................		842
50.6.9 Adding a MX Record ..............................................................................................		843
50.6.10 Adding a DNS Service Control Rule ....................................................................		843
50.7 WWW Overview ..............................................................................................................		844
50.7.1 Service Access Limitations ....................................................................................		845
50.7.2 System Timeout .....................................................................................................		845
50.7.3 HTTPS ...................................................................................................................		845
50.7.4 Configuring WWW Service Control ........................................................................		846
50.7.5 Service Control Rules ............................................................................................		850
50.7.6 Customizing the WWW Login Page .......................................................................		850
50.7.7 HTTPS Example ....................................................................................................		854
50.8 SSH ..............................................................................................................................		861
50.8.1 How SSH Works ....................................................................................................		862
50.8.2 SSH Implementation on the ZyWALL .....................................................................		863
50.8.3 Requirements for Using SSH .................................................................................		863
50.8.4 Configuring SSH ....................................................................................................		863
50.8.5 Secure Telnet Using SSH Examples ......................................................................		865
50.9	Telnet ..............................................................................................................................	866
50.9.1 Configuring Telnet ..................................................................................................		867
ZyWALL USG 100/200 Series User’s Guide		27

Table of Contents

50.10 FTP ...............................................................................................................................	868
50.10.1 Configuring FTP ...................................................................................................	868
50.11 SNMP ............................................................................................................................	870
50.11.1 Supported MIBs ....................................................................................................	872
50.11.2 SNMP Traps .........................................................................................................	872
50.11.3 Configuring SNMP ................................................................................................	872
50.12 Dial-in Management ......................................................................................................	874
50.12.1 Configuring Dial-in Mgmt ......................................................................................	875
50.13 Vantage CNM ...............................................................................................................	876
50.13.1 Configuring Vantage CNM ...................................................................................	877
50.14 Language Screen .........................................................................................................	879

Chapter 51
Log and Report ...................................................................................................................			881
51.1		Overview ..........................................................................................................................	881
	51.1.1 What You Can Do In this Chapter ..........................................................................		881
51.2		Email Daily Report ..........................................................................................................	881
51.3		Log Setting Screens .......................................................................................................	883
	51.3.1 Log Setting Summary .............................................................................................		884
	51.3.2 Edit System Log Settings ......................................................................................		885
	51.3.3 Edit Log on USB Storage Setting ..........................................................................		890
	51.3.4 Edit Remote Server Log Settings ..........................................................................		892
	51.3.5 Active Log Summary Screen ..................................................................................		894
Chapter 52
File Manager.........................................................................................................................			897
52.1		Overview ..........................................................................................................................	897
	52.1.1 What You Can Do in this Chapter ..........................................................................		897
	52.1.2 What you Need to Know ........................................................................................		897
52.2		The Configuration File Screen .........................................................................................	900
52.3		The Firmware Package Screen ......................................................................................	904
52.4		The Shell Script Screen ..................................................................................................	906
Chapter 53
Diagnostics...........................................................................................................................			909
53.1		Overview ..........................................................................................................................	909
	53.1.1 What You Can Do in this Chapter ..........................................................................		909
53.2		The Diagnostic Screen ....................................................................................................	909
	53.2.1 The Diagnostics Files Screen ................................................................................		910
53.3		The Packet Capture Screen .............................................................................................	911
	53.3.1 The Packet Capture Files Screen ..........................................................................		914
	53.3.2 Example of Viewing a Packet Capture File		............................................................ 915
53.4		Core Dump Screen ..........................................................................................................	916
28
			ZyWALL USG 100/200 Series User’s Guide

					Table of Contents
		53.4.1 Core Dump Files Screen ........................................................................................			916
53.5			The System Log Screen ..................................................................................................		917
Chapter 54
Reboot....................................................................................................................................					919
54.1			Overview ..........................................................................................................................		919
		54.1.1 What You Need To Know .......................................................................................			919
54.2			The Reboot Screen .........................................................................................................		919
Chapter 55
Shutdown...............................................................................................................................					921
55.1			Overview ..........................................................................................................................		921
		55.1.1 What You Need To Know .......................................................................................			921
55.2			The Shutdown Screen .....................................................................................................		921
Chapter 56
Troubleshooting....................................................................................................................					923
56.1			Resetting the ZyWALL .....................................................................................................		940
56.2			Getting More Troubleshooting Help .................................................................................		941
Chapter 57
Product Specifications .........................................................................................................					943
57.1			3G or WLAN PCMCIA Card Installation ..........................................................................		952
57.2			Power Adaptor Specifications ..........................................................................................		952
Appendix		A		Log Descriptions ...............................................................................................	955
Appendix		B Common Services...........................................................................................			1017
Appendix		C		Displaying Anti-Virus Alert Messages in Windows..........................................	1021
Appendix		D		Importing Certificates......................................................................................	1027
Appendix		E Wireless LANs ................................................................................................			1053
Appendix		F Open Software Announcements .....................................................................			1069
Appendix		G		Legal Information............................................................................................	1127
Index.....................................................................................................................................					1131

	29
ZyWALL USG 100/200 Series User’s Guide

Table of Contents

30
	ZyWALL USG 100/200 Series User’s Guide