How it Works
ZyXEL Communications
Loading...
5 Series
User Manual
824 pgs16.15 Mb0
Table of contents
Loading...

ZyXEL Communications 5 Series User Manual

ZyWALL 5/35/70 Series
Internet Security Appliance

User’s Guide

Version 4.04 03/2008 Edition 1
IP Address http://192.168.1.1 Password 1234
www.zyxel.com

About This User's Guide

About This User's Guide
Intended Audience
This manual is intended for people who want to configure the ZyWALL using the web configurator or System Management Terminal (SMT). You should have at least a basic knowledge of TCP/IP networking concepts and topology.
Related Documentation
• Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains
information on setting up your network and configuring for Internet access.
• Web Configurator Online Help Embedded web help for descriptions of individual screens and supplementary
information.
• CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to
configure the ZyWALL.
• Supporting Disk Refer to the included CD for support documents.
• ZyXEL Web Site Please refer to www.zyxel.com
certifications.
for additional support documentation and product
User Guide Feedback
Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead. Thank you!
The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.
E-mail: techwriters@zyxel.com.tw
ZyWALL 5/35/70 Series User’s Guide
3

Document Conventions

Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this User’s Guide.
1 Warnings tell you about things that could harm you or your device.
" Notes tell you other important information (for example, other things you may
need to configure or helpful tips) or recommendations.
Syntax Conventions
• The ZyWALL 5/35/70 series may be referred to as the “ZyWALL”, the “devic e” or the “system” in this User’s Guide.
• Product labels, screen names, field labels and field choices are all in bold font.
• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “return” key on your keyboard.
• “Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.
• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Maintenance > Log > Log Setting means you first click Maintenance in the navigation panel, then the Log sub menu and finally the Log Setting tab to get to that screen.
• Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
4
ZyWALL 5/35/70 Series User’s Guide
Document Conventions
Icons Used in Figures
Figures in this User’s Guide may use the following generic icons. The ZyWALL icon is not an exact representation of your device.
ZyWALL Computer Notebook computer
Server Firewall Telephone
Switch Router
ZyWALL 5/35/70 Series User’s Guide
5

Safety Warnings

Safety Warnings
1 For your safety, be sure to read and follow all warning notices and instructions.
• Do NOT use this product near water, for example, in a wet basement or near a swimming pool.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT store things on the device.
• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.
• Connect ONLY suitable accessories to the device.
• Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel should service or disassemble this device. Please contact your vendor for further information.
• Make sure to connect the cables to the correct ports.
• Place connecting cables carefully so that no one will step on them or stumble over them.
• Always disconnect all cables from this device before servicing or disassembling.
• Use ONLY an appropriate power adaptor or cord for your device.
• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).
• Do NOT remove the plug and connect it to a power outlet by itself; always attach the plug to the power adaptor first before connecting it to a power outlet.
• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord.
• Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.
• If the power adaptor or cord is damaged, remove it from the power outlet.
• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.
• Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.
• CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS. Dispose them at the applicable collection point for the recycling of electrical and electronic equipment. For detailed information about recycling of this product, please contact your local city offi ce, your household waste disposal service or the store where you purchased the product.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.
• Fuse Warning! Replace a fuse only with a fuse of the same type and rating.
6
ZyWALL 5/35/70 Series User’s Guide
This product is recyclable. Dispose of it properly.
Safety Warnings
ZyWALL 5/35/70 Series User’s Guide
7
Safety Warnings
8
ZyWALL 5/35/70 Series User’s Guide

Contents Overview

Contents Overview
Introduction ............................................................................................................................49
Getting to Know Your ZyWALL .................................................................................................. 51
Hardware Installation .......................................... .......................................................... .............55
Introducing the Web Configurator .............................................................................................. 61
Wizard Setup ............................................................................................................................. 87
Tutorials ...................................................................................................................................109
Registration Screens ............................................................................................................... 141
Network .................................................................................................................................147
LAN Screens ........................................................................................................................... 149
Bridge Screens ............ ... .... ... .......................................................... ... ... .... ... ... ... .... ... ... ...........161
WAN Screens ........ ... ... ... ........................................................... ... ... ... ... .... ..............................169
DMZ Screens ........................................................................................................................... 207
WLAN Screens ........................................................................................................................ 219
Wireless Screens ................ ... .......................................................... ... ... .... ... ... ... .... ... ... ...........229
Security .................................................................................................................................249
Firewall Screens ...................................................................................................................... 251
Intrusion Detection and Prevention (IDP) Screens ................................................................. 277
Anti-Virus Screens ...................................................................................................................299
Anti-Spam Screens .................................................................................................................. 313
Content Filtering Screens ........................................................................................................ 327
Content Filtering Reports ............. .... ... ... ... ... .... ... ... ... ............................................................... 349
IPSec VPN ................... ... ........................................................... ... ... ... ... .................................. 357
Certificates ................................... ....................... ....................... ...................... ........................ 399
Authentication Server Screens ........... ... ... ... .... ... ... ... .... ........................................................... 427
Advanced ..............................................................................................................................433
Network Address Translation (NAT) ........................................................................................ 435
Static Route Screens ...............................................................................................................451
Policy Route Screens .............................................................................................................. 457
Bandwidth Management Screens .................... ... .....................................................................465
DNS Screens ............................................ ... .... ... ... ... .... ... ... ..................................................... 479
Remote Management Screens ................................................................................................491
UPnP Screens ......................................................................................................................... 519
Custom Application Screen ..................................................................................................... 529
ALG Screen ............................................................................................................................. 531
ZyWALL 5/35/70 Series User’s Guide
9
Contents Overview
Reports, Logs and Maintenance .........................................................................................537
Reports Screens ......................................................................................................................539
Logs Screens .......................................................................................................................... 555
Maintenance Screens ..............................................................................................................585
SMT .......................................................................................................................................603
Introducing the SMT ................................................................................................................ 605
SMT Menu 1 - General Setup ................... ... .... ... ... ... .... ... ... ... .................................................. 613
WAN and Dial Backup Setup ................................................................................................... 619
LAN Setup ............................................................................................................................... 633
Internet Access ........................................................................................................................ 639
DMZ Setup ..............................................................................................................................645
Route Setup .............. ... ... .... .......................................................... ... ... ... .... ... ...........................649
Wireless Setup ............................................ .... ... ... ... .... ... ... ... .... .............................................. 653
Remote Node Setup ................................................................................................................ 659
IP Static Route Setup .............................................................................................................. 669
Network Address Translation (NAT) ........................................................................................ 673
Introducing the ZyWALL Firewall ............................................................................................. 693
Filter Configuration .................................................................................................................. 695
SNMP Configuration .................................................................................................................711
System Information & Diagnosis .............................................................................................713
Firmware and Configuration File Maintenance ........................................................................ 725
System Maintenance Menus 8 to 10 ............................................................................ ... ... .... . 739
Remote Management ..............................................................................................................745
IP Policy Routing ................... ... ... .... ... ... ... ... ........................................................... ... ... ...........749
Call Scheduling ........................................................................................................................ 757
Troubleshooting and Product Specifications ...................................................................761
Troubleshooting ..................................................... .................................................................. 763
Product Specifications ............................................................................................................. 769
Appendices and Index .........................................................................................................779
10
ZyWALL 5/35/70 Series User’s Guide

Table of Contents

Table of Contents
About This User's Guide..........................................................................................................3
Document Conventions............................................................................................................4
Safety Warnings ........................................................................................................................6
Contents Overview ...................................................................................................................9
Table of Contents....................................................................................................................11
List of Figures.........................................................................................................................29
List of Tables...........................................................................................................................41
Part I: Introduction................................................................................. 49
Chapter 1
Getting to Know Your ZyWALL..............................................................................................51
1.1 ZyWALL Internet Security Appliance Overview ............... .... ... ... ... ....................................... 51
1.2 ZyWALL Features ......... ... .......................................................... ... ... .... ... ... ..........................51
1.3 Applications for the ZyWALL ...............................................................................................52
1.3.1 Secure Broadband Internet Access via Cable or DSL Modem .................................. 52
1.3.2 VPN Application ........................ ... .... ... ... ... .......................................................... .... ... 53
1.3.3 3G WAN Application (ZyWALL 5 Only) ...................................................................... 53
1.4 Ways to Manage the ZyWALL ............................ .... ... ... ....................................................... 54
1.5 Good Habits for Managing the ZyWALL .............................................................................. 54
Chapter 2
Hardware Installation..............................................................................................................55
2.1 General Installation Instructions ...... ... ... .... ... ... ... .... ... ... .......................................................55
2.2 Desktop Installation ............................................................................................................ 55
2.3 Rack-mounted Installation Requirements ........................................ .................................... 56
2.4 Rack-Mounted Installation ................................................................................................... 57
2.5 3G Card, WLAN Card and ZyWALL Turbo Card Installation ...............................................58
2.6 Front Panel Lights .............................................. .... ... ... ... .... ... ............................................. 59
Chapter 3
Introducing the Web Configurator ........................................................................................61
3.1 Web Configurator Overview .................................................................................................61
ZyWALL 5/35/70 Series User’s Guide
11
Table of Contents
3.2 Accessing the ZyWALL Web Configurator ............. ... ... ... .................................................... 61
3.3 Resetting the ZyWALL ........ ... .... ... ... .......................................................... ... .... ... ... ... ... ....... 63
3.3.1 Procedure To Use The Reset Button ......................................................................... 63
3.3.2 Uploading a Configuration File Via Console Port ....................................................... 63
3.4 Navigating the ZyWALL Web Configurator .......................................................................... 64
3.4.1 Title Bar ............................................ ... ... ... .... ... ... ... .................................................... 64
3.4.2 Main Window .......................... ... .......................................................... .... ... ... ... ... .......65
3.4.3 HOME Screen: Router Mode ...................................................................................65
3.4.4 HOME Screen: Bridge Mode .......................... ... ... .... ... ... ... ... .... ................................ 71
3.4.5 Navigation Panel ....................... ... .... ..........................................................................74
3.4.6 Port Statistics ............................................................................................................ 80
3.4.7 Show Statistics: Line Chart ................. ... ... .......................................................... .... ... 81
3.4.8 DHCP Table ...........................................................................................................82
3.4.9 VPN Status ................... .... ... ... ... ... ........................................................... ... ................83
3.4.10 Bandwidth Monitor .................................................................................................. 84
Chapter 4
Wizard Setup...........................................................................................................................87
4.1 Wizard Setup Overview ......................................................................................................87
4.2 Internet Access ................................................................................................................... 88
4.2.1 ISP Parameters ................................................ ... ... .... ................................................ 88
4.2.2 Internet Access Wizard: Second Screen ....................................................................92
4.2.3 Internet Access Wizard: Registration ......................................................................... 93
4.2.4 Internet Access Wizard: Status .................................................................................. 94
4.2.5 Internet Access Wizard: Service Activation ...............................................................95
4.3 VPN Wizard Gateway Setting .............................................................................................. 96
4.4 VPN Wizard Network Setting ............................................................................................... 97
4.5 VPN Wizard IKE Tunnel Setting (IKE Phase 1) ...................................................................99
4.6 VPN Wizard IPSec Setting (IKE Phase 2) ......................................................................... 100
4.7 VPN Wizard Status Summary ............................................................................................102
4.8 VPN Wizard Setup Complete ............................................................................................ 104
4.9 Anti-Spam Wizard: Email Server Location Setting ............................................................104
4.10 Anti-Spam Wizard: Direction Recommendations ............................................................ . 105
4.11 Anti-Spam Wizard: Direction Configuration ...................................................................... 106
4.12 Anti-Spam Wizard: Setup Complete ................................................................................ 108
Chapter 5
Tutorials.................................................................................................................................109
12
5.1 Dynamic VPN Rule Configuration ............................................. ... ..................................... 1 09
5.1.1 Configure Bob’s User Account ..................................................................................110
5.1.2 VPN Gateway and Network Policy Configuration .....................................................110
5.1.3 Configure Zero Configuration Mode on ZyWALL B ...................................................116
5.1.4 Testing Your VPN Configuration ................................. ... ... ... ... .... ... ... ... .... ... ... ... ... ......117
ZyWALL 5/35/70 Series User’s Guide
Table of Contents
5.1.5 Using the Dynamic VPN Rule for More VPN Tunnels ............................. ... ... ... ... .... ..119
5.2 Security Settings for VPN Traffic ..................................... .... ... ... ... ... ...................................119
5.2.1 IDP for From VPN Traffic Example ..........................................................................120
5.2.2 IDP for To VPN Traffic Example ................................. ... ... ... ... .... .............................. 121
5.3 Firewall Rule for VPN Example ............. .... ... ... ... .... ... ... ... .... ... ........................................... 122
5.3.1 Configuring the VPN Rule ........................................................................................123
5.3.2 Configuring the Firewall Rules ............... ..................................................................127
5.4 How to Set up a 3G WAN Connection ............................................................................... 130
5.4.1 Inserting a 3G Card ............................................. ... .................................................. 130
5.4.2 Configuring 3G WAN Settings ................... .... ... ... ... .................................................. 131
5.4.3 Checking WAN Connections .................................................................................... 132
5.5 Configuring Load Balancing ...................................... ... ... .... ... ... ........................................ 132
5.6 Configuring Content Filtering ........................... .................................................... ..............133
5.6.1 Enable Content Filtering ............................ .... ... ... ... .... ... ... ... ..................................... 1 33
5.6.2 Block Categories of Web Content ............................................................................ 134
5.6.3 Assign Bob’s Computer a Specific IP Address .........................................................136
5.6.4 Create a Content Filter Policy for Bob ......................................................................136
5.6.5 Set the Content Filter Schedule ...............................................................................137
5.6.6 Block Categories of Web Content for Bob ............................................................... 138
Chapter 6
Registration Screens............................................................................................................141
6.1 Overview ............. .......................................................... ... .... ... ... ........................................ 141
6.1.1 What You Can Do in the Registration Screens ........................................................ 141
6.1.2 What You Need to Know About Registration ....... ... .................................................. 141
6.2 The Registration Screen ....................................................................................................142
6.3 The Service Screen ...... .......................................................... ... ... ... .... ... ...........................144
Part II: Network..................................................................................... 147
Chapter 7
LAN Screens..........................................................................................................................149
7.1 Overview ............. .......................................................... ... .... ... ... ........................................ 149
7.1.1 What You Can Do in The LAN Screens ...................................................................149
7.1.2 What You Need to Know About LAN .......................................... ... ... ... .... ... ... ... ... .... . 150
7.2 The LAN Screen ................................................................................................................ 152
7.3 The LAN Static DHCP Screen ...........................................................................................155
7.4 The LAN IP Alias Screen ..................................................................................................156
7.5 The LAN Port Roles Screen .............................................................................................. 158
Chapter 8
Bridge Screens......................................................................................................................161
ZyWALL 5/35/70 Series User’s Guide
13
Table of Contents
8.1 Overview ............. .......................................................... ... .... ... ... ........................................ 161
8.1.1 What You Can Do in the Bridge Screens ................................................................. 161
8.1.2 What You Need To Know About Bridging ............................... .................................. 162
8.2 The Bridge Screen ................. .... ... ... .......................................................... ... .... ... ... ... ... ..... 163
8.3 The Bridge Port Roles Screen ............................................... ........................................... 164
8.4 Bridge Technical Reference ............................................................................................... 166
Chapter 9
WAN Screens.........................................................................................................................169
9.1 Overview ............. .......................................................... ... .... ... ... ........................................ 169
9.1.1 What Yo u Can Do in the WAN Screens ...................................................................170
9.1.2 What You Need to Know About WAN ........................................ ... ... ... .... ... ..............170
9.1.3 Before You Begin ............................................. ........................................................ 172
9.2 The General Screen ..........................................................................................................172
9.2.1 Configuring the General Screen ...............................................................................173
9.2.2 Configuring Load Balancing ................ ... ... .... ... ... ... .................................................. 177
9.2.3 Least Load First .......................................................................................................177
9.2.4 Weighted Round Robin .................... ... ... ... .... ... ... ... .................................................. 179
9.2.5 Spillover .................................................. ... .... ... ... ... .... ... ........................................... 180
9.3 The WAN1 and WAN2 Screen .......................................................................................... 182
9.3.1 WAN Ethernet Encapsulation ................................................................................... 183
9.3.2 PPPoE Encapsulation ..............................................................................................186
9.3.3 PPTP Encapsulation ........................ ... ... ... .... ... ... ... .... .............................................. 189
9.4 The 3G (WAN2) Screen ................................................... .... ... ... ... ... .... ... ... ... .... ... ... ... ... .... . 192
9.5 The Traffic Redirect Screen ............................................................................................... 197
9.6 Configuring the Traffic Redirect Screen ............................................................................. 198
9.7 The Dial Backup Screen ....................................................................................................199
9.7.1 The Advanced Modem Setup Screen ......................................................................201
9.7.2 Configuring the Advanced Modem Setup Screen ............................ ... .... ... ... ... ... .... . 202
9.8 WAN Technical Reference ................................................................................................. 204
Chapter 10
DMZ Screens.........................................................................................................................207
10.1 Overview .......................................................................................................................... 207
10.1.1 What You Can Do in the DMZ Screens .................................................................. 207
10.1.2 What You Need To Know About DMZ .................................................................... 208
10.1.3 DMZ Public IP Address Example ...........................................................................208
10.1.4 DMZ Private and Public IP Address Example .......................... .............................. 209
10.2 The DMZ Screen ..................... ... ... ... ... .... ... ... ... .......................................................... ..... 210
10.3 The Static DHCP Screen ................................................................................................213
10.4 The IP Alias Screen ........................................................................................................ 214
10.5 The DMZ Port Roles Screen .......................................................................................... 216
14
ZyWALL 5/35/70 Series User’s Guide
Table of Contents
Chapter 11
WLAN Screens......................................................................................................................219
11.1 Overview ..........................................................................................................................219
11.1.1 What You Can Do in the WLAN Screens ............................................................... 219
11.1.2 What You Need to Know About WLAN ...................................................................220
11.2 The WLAN Screen ...........................................................................................................220
11.3 WLAN Static DHCP .........................................................................................................223
11.4 WLAN IP Alias ................................................................................................................ 224
11.5 WLAN Port Roles ............................................................................................................. 226
Chapter 12
Wireless Screens..................................................................................................................229
12.1 Overview .......................................................................................................................... 229
12.1.1 What You Can Do in the Wireless Screens ............................................................ 229
12.1.2 What You Need to Know ........................................................................................ 229
12.2 Wireless Card ..................................................................................................................232
12.2.1 Static WEP ............................................................................................................. 234
12.2.2 WPA-PSK ....................................... ........................................................................235
12.2.3 WPA .......................................................................................................................237
12.2.4 IEEE 802.1x + Dynamic WEP ................................................................................ 238
12.2.5 IEEE 802.1x + Static WEP .....................................................................................239
12.2.6 IEEE 802.1x + No WEP .........................................................................................240
12.2.7 No Access 802.1x + Static WEP ............................................................................241
12.2.8 No Access 802.1x + No WEP ................................................................................ 242
12.3 MAC Filter ....................................................................................................................... 243
12.4 Technical Reference ........................................................................................................244
Part III: Security.................................................................................... 249
Chapter 13
Firewall Screens....................................................................................................................251
13.1 Overview .......................................................................................................................... 251
13.1.1 What You Can Do Using the Firewall Screens .................................. .... ... ... ... ... .... . 252
13.1.2 What You Need To Know About the ZyWALL Firewall ................ ... ... .... ... ... ... ... .....252
13.1.3 Before You Begin ...................................................................................................252
13.2 Firewall Rules Example ................................................................................................... 252
13.3 The Firewall Default Rule Screen .................................................................................... 254
13.4 The Firewall Default Rule (Bridge Mode) Screen ............................................................ 256
13.5 The Firewall Rule Summary Screen ...............................................................................259
13.5.1 The Firewall Edit Rule Screen ............................................................................... 260
13.6 The Anti-Probing Screen .................... .... ... ... ... .... ... ... ... .... ... ... ... ... .... ... ........................... 263
ZyWALL 5/35/70 Series User’s Guide
15
Table of Contents
13.7 The Firewall Thresholds Screen ..................................................................................... 264
13.8 The Firewall Services Screen ........................................... ... ... ... ... .... .............................. 266
13.8.1 The Firewall Edit Custom Service Screen ............................................................. 267
13.8.2 My Service Firewall Rule Example .........................................................................268
13.9 Technical Reference ........................................................................................................271
Chapter 14
Intrusion Detection and Prevention (IDP) Screens ...........................................................277
14.1 Overview .......................................................................................................................... 277
14.1.1 What You Can Do Using the IDP Screens ........... .... ... ... ........................................ 277
14.1.2 What You Need To Know About the ZyWALL IDP ............... .... ... ... ... .... ... ..............278
14.1.3 Before You Begin ...................................................................................................279
14.2 The General Setup Screen ..............................................................................................279
14.3 The Signatures Screen ....................................................................................................281
14.3.1 Attack Types ...........................................................................................................281
14.3.2 Intrusion Severity ................................................................................................... 282
14.3.3 Signature Actions ................................................................................................... 282
14.3.4 Configuring The IDP Signatures Screen ................................................................ 283
14.3.5 The Query View Screen ........................................................................................ 284
14.4 The Anomaly Screen ....................................................................................................... 289
14.5 The Update Screen ........................................................................................................291
14.5.1 mySecurityZone .....................................................................................................291
14.5.2 Configuring The IDP Update Screen ...................................................................... 292
14.6 The Backup and Restore Screen ....................................................................................293
14.7 Technical Reference ........................................................................................................294
Chapter 15
Anti-Virus Screens................................................................................................................299
15.1 Overview .......................................................................................................................... 299
15.1.1 What You Can Do in the Antivirus Screens ............................................................ 299
15.1.2 What You Need to Know About Antivirus ...............................................................300
15.2 The General Screen ........................................................................................................301
15.3 The Signature Screen .....................................................................................................303
15.3.1 Signature Search Example .. ... ... .... ... ... ............................................................. .... . 305
15.4 The Update Screen ........................................................................................................306
15.4.1 mySecurityZone .....................................................................................................307
15.4.2 Configuring Anti-virus Update ................................................................................ 307
15.5 The Backup and Restore Screen ................................................................................... 309
15.6 Technical Reference ........................................................................................................310
Chapter 16
Anti-Spam Screens...............................................................................................................313
16.1 Overview .......................................................................................................................... 313
16
ZyWALL 5/35/70 Series User’s Guide
Table of Contents
16.1.1 What You Can Do in the Antispam Screens ................... .......... ......... .......... .......... . 313
16.1.2 What You Need to Know About Antispam .............................................................. 314
16.2 The General Screen ........................................................................................................315
16.3 The External DB Screen .............................................................................................318
16.4 The Lists Screen .............................................................................................................. 320
16.5 Anti-Spam Lists Edit Screen ..........................................................................................322
16.6 Technical Reference ........................................................................................................324
Chapter 17
Content Filtering Screens....................................................................................................327
17.1 Overview .......................................................................................................................... 327
17.1.1 What You Can Do in the Content Filtering Screens ............................................... 327
17.1.2 What You Need to Know About Content Filtering .................................................. 327
17.2 General Screen ...............................................................................................................328
17.3 The Policy Screen ........................................................................................................331
17.4 Content Filter Policy: General ......................................................................................... 332
17.5 Content Filter Policy: External Database .......................... .............................................. 334
17.6 Content Filter Policy: Customization ............................................................................... 341
17.7 Content Filter Policy: Schedule ...................................................................................... 342
17.8 Content Filter Object ....................................................................................................... 343
17.9 Content Filtering Cache ..................................................................................................346
Chapter 18
Content Filtering Reports.....................................................................................................349
18.1 Overview .......................................................................................................................... 349
18.2 Checking Content Filtering Activation ......................... .......................... .......................... . 349
18.3 Viewing Content Filtering Reports ................................................................................... 349
18.4 Web Site Submission .......................................................................................................354
Chapter 19
IPSec VPN..............................................................................................................................357
19.1 Overview .......................................................................................................................... 357
19.1.1 What You Can Do in the IPSec VPN Screens ........................................................ 357
19.1.2 What You Need to Know About IPSec VPN ........................................................... 358
19.2 The VPN Rules (IKE) Screen .......................................................................................... 360
19.3 The VPN Rules (IKE) Gateway Policy Edit Screen ......................................................... 361
19.4 The Network Policy Edit Screen ....................................................................................367
19.5 The Network Policy Edit: Port Forwarding Screen .......................................................... 372
19.6 The Network Policy Move Screen ................................................................................... 374
19.7 The VPN Rules (Manual) Screen .................................................................................... 375
19.8 The VPN Rules (Manual): Edit Screen ................................. ... ... ..................................... 3 76
19.9 The VPN SA Monitor Screen ...........................................................................................379
19.10 The VPN Global Setting Screen .................................................................................... 379
ZyWALL 5/35/70 Series User’s Guide
17
Table of Contents
19.11 Telecommuter VPN/IPSec Examples ........................................... .... ... ... ... .... ... ..............382
19.11. 1 Telecommuters Sharing One VPN Rule Example ................................................ 383
19.11.2 Telecommuters Using Unique VPN Rules Example .............................................383
19.12 VPN and Remote Management .....................................................................................385
19.13 Hub-and-spoke VPN ...................................................................................................... 385
19.13.1 Hub-and-spoke VPN Example ............................................................................. 386
19.13.2 Hub-and-spoke Example VPN Rule Addresses ..................... .............................. 387
19.13.3 Hub-and-spoke VPN Requirements and Suggestions ......................................... 387
19.14 IPSec VPN Background Information ............................................................................. 388
Chapter 20
Certificates ............................................................................................................................399
20.1 Overview .......................................................................................................................... 399
20.1.1 What You Can Do in the Certificate Screens ......................................................... 399
20.1.2 What You Need to Know About Certificates ........................................................... 399
20.1.3 Verifying a Certificate ............................................................................................. 400
20.2 The My Certificates Screen ............................................................................................. 401
20.2.1 The My Certificate Details Screen ..........................................................................403
20.3 The My Certificate Export Screen ....................................................................................406
20.4 The My Certificate Import Screen ....................................................................................407
20.4.1 Using the My Certificate Import Screen ................................................................. 407
20.5 The My Certificate Create Screen ................................................................................... 409
20.6 The Trusted CAs Screen .................................................................................................413
20.7 The Trusted CA Details Screen ....................................................................................... 415
20.8 The Trusted CA Import Screen ........................................................................................ 418
20.9 The Trusted Remote Hosts Screen .................................................................................419
20.10 The Trusted Remote Hosts Import Screen .................................................................... 421
20.11 The Trusted Remote Host Certificate Details Screen .................................................... 422
20.12 The Directory Servers Screen ....................................................................................... 424
20.13 The Directory Server Add or Edit Screen ......................................................................425
Chapter 21
Authentication Server Screens...................................................................................... ......427
21.1 Overview .......................................................................................................................... 427
21.1.1 What You Can Do in the Authentication Server Screens ....................................... 427
21.1.2 What You Need To Know About Authentication Server .......................................... 427
21.2 The Local User Database Screen .................................................................................... 428
21.3 The RADIUS Screen .......................................................................................................430
Part IV: Advanced ................................................................................ 433
18
ZyWALL 5/35/70 Series User’s Guide
Table of Contents
Chapter 22
Network Address Translation (NAT)....................................................................................435
22.1 Overview .......................................................................................................................... 435
22.1.1 What You Can Do Using the NAT Screens . ... ... ... .... ... ... ... ..................................... 435
22.1.2 What You Need To Know About NAT .....................................................................435
22.1.3 Before You Begin ...................................................................................................436
22.2 The NAT Overview Screen .............................................................................................. 436
22.3 The NAT Address Mapping Screen ................................................................................. 438
22.3.1 NAT Address Mapping Edit ................................................................................... 440
22.4 The Port Forwarding Screen ........................................................................................... 441
22.4.1 Default Server IP Address ......................................................................................441
22.4.2 Port Forwarding: Services and Port Numbers ...................... ................. ................ . 442
22.4.3 Configuring Servers Behind Port Forwarding (Example) ....................................... 442
22.4.4 NAT and Multiple WAN ........................................................................................... 442
22.4.5 Port Translation ......................................................................................................443
22.4.6 Configuring The Port Forwarding Screen ............................................................... 443
22.5 The Port Triggering Screen ............................................................................................. 445
22.5.1 Configuring Port Triggering ....................................................................................446
22.6 Technical Reference ........................................................................................................447
Chapter 23
Static Route Screens............................................................................................................451
23.1 Overview .......................................................................................................................... 451
23.1.1 What You Can Do in the Static Route Screens ...................................................... 451
23.2 The IP Static Route Screen .............................................................................................452
23.2.1 The IP Static Route Edit Screen ............................................................................. 454
Chapter 24
Policy Route Screens...........................................................................................................457
24.1 Overview .......................................................................................................................... 457
24.1.1 What You Can Do in the Policy Route Screens ..................................................... 457
24.1.2 What You Need To Know About Policy Route ....................................................... . 457
24.2 The Policy Route Summary Screen ................................................................................ 458
24.2.1 The Policy Route Edit Screen ................................................................................ 460
Chapter 25
Bandwidth Management Screens........................................................................................465
25.1 Overview .......................................................................................................................... 465
25.1.1 What You Can Do in the Bandwidth Management Screens ................................... 465
25.1.2 What You Need to Know About Bandwidth Management ...................................... 465
25.1.3 Application and Subnet-based Bandwidth Management Example ........................ 466
25.1.4 Over Allotment of Bandwidth Example ................................................................... 467
25.1.5 Maximize Bandwidth Usage With Bandwidth Borrowing Example .........................467
ZyWALL 5/35/70 Series User’s Guide
19
Table of Contents
25.2 The Summary Screen ................. ... ... ... .... ............................................................. ... ... .....467
25.2.1 Maximize Bandwidth Usage Example .................................................................... 470
25.2.2 Reserving Bandwidth for Non-Bandwidth Class Traff ic .................................. ... .... . 471
25.3 The Class Setup Screen ................................................................................................. 471
25.4 Bandwidth Manager Class Configuration ......................................................................473
25.4.1 Bandwidth Borrowing Example .............................................................................. 476
25.5 Bandwidth Management Statistics ................................................................................. 477
25.6 The Monitor Screen ......................................................................................................478
Chapter 26
DNS Screens .........................................................................................................................479
26.1 Overview .......................................................................................................................... 479
26.1.1 What You Can Do in the DNS Screens ..................................................................479
26.1.2 What You Need To Know About DNS .................................................................... 479
26.2 The System Screen .........................................................................................................481
26.2.1 The Add Address Record Screen ..... .....................................................................483
26.2.2 The Insert Name Server Record Screen ........................ ........................................ 484
26.3 The DNS Cache Screen .................................................................................................. 485
26.4 The DHCP Screen ...........................................................................................................487
26.5 The DDNS Screen ..........................................................................................................488
26.6 Configuring the Dynamic DNS Screen ............................................................................489
Chapter 27
Remote Management Screens.............................................................................................491
27.1 Overview .......................................................................................................................... 491
27.1.1 What You Can Do in the Remote Management Screens .......................................491
27.1.2 What You Need To Know About Remote Management .........................................492
27.2 HTTPS Example ..............................................................................................................493
27.2.1 Internet Explorer Warning Messages ..................................................................... 493
27.2.2 Netscape Navigator Warning Messages ................................................................493
27.2.3 Avoiding the Browser Warning Messages ......................................... .... ... ..............494
27.2.4 Login Screen .......................................................................................................... 495
27.2.5 Enrolling and Importing SSL Client Certificates (Example) ....................................496
27.2.6 Installing the CA’s Certificate (Example) ................................................................497
27.2.7 Installing Your Personal Certificate(s) (Example) ................................................... 498
27.2.8 Using a Certificate When Accessing the ZyWALL (Example) ................................ 501
27.2.9 Secure Telnet Using SSH Examples ...................................................................... 502
27.3 The WWW Screen .........................................................................................................504
27.4 Configuring the WWW Screen .......................... .......................... .......................... ........... 505
27.5 The SSH Screen ............................................................................................................. 507
27.6 Configuring the SSH Screen ........................................................................................... 507
27.7 The Telnet Screen ........................................................................................................... 508
27.8 The FTP Screen ....................................................................................... .... .................509
20
ZyWALL 5/35/70 Series User’s Guide
Table of Contents
27.9 The SNMP Screen .........................................................................................................510
27.9.1 Configuring the SNMP Screen ...............................................................................512
27.10 The DNS Screen ..........................................................................................................513
27.11 The CNM Screen ...... ... ... ... .... ... ............................................................. ... .....................514
27.12 Configuring the CNM Screen .........................................................................................514
27.13 Remote Management Technical Reference ................ .... ... ... ... ... .... ... ... ... .....................516
Chapter 28
UPnP Screens .......................................................................................................................519
28.1 Overview .......................................................................................................................... 519
28.1.1 What You Can Do in the UPnP Screens ................................................................ 519
28.1.2 What You Need To Know About UPnP ...................................................................519
28.2 UPnP Examples ..............................................................................................................520
28.2.1 Installing UPnP in Windows Example .................................................................... 520
28.2.2 Using UPnP in Windows XP Example ...................................................................522
28.3 The UPnP Screen ............................................................................................................ 526
28.4 The Ports Screen .......................................................................................................... 527
Chapter 29
Custom Application Screen.................................................................................................529
29.1 Overview .......................................................................................................................... 529
29.1.1 What You Can Do in the Custom Application Screen .................................... ... .... . 529
29.1.2 What You Need to Know About Custom Application .............................................. 529
29.2 The Custom Application Screen ...................................................................................... 529
Chapter 30
ALG Screen ...........................................................................................................................531
30.1 Overview .......................................................................................................................... 531
30.1.1 What You Need to Know About ALG .....................................................................531
30.2 The ALG Screen ..............................................................................................................535
Part V: Reports, Logs and Maintenance ............................................ 537
Chapter 31
Reports Screens ...................................................................................................................539
31.1 Overview .......................................................................................................................... 539
31.1.1 What You Can Do in the Reports Screens ..................... ........................................ 539
31.2 The Traffic Statistics Screen ............................................................................................ 539
31.2.1 Viewing Web Site Hits ............................................................................................ 541
31.2.2 Viewing Host IP Address ................................................ ....................... ................. 542
31.2.3 Viewing Protocol/Port ............................................................................................. 543
ZyWALL 5/35/70 Series User’s Guide
21
Table of Contents
31.2.4 System Reports Specifications .......................................................... ................ ..... 545
31.3 The IDP Screen ..................... ... ... ... ... .... ... ... ... ............................................................... 545
31.4 The Anti-Virus Screen ...................................................................................................547
31.5 The Anti-Spam Screen ................................................................................................... 549
31.6 The E-mail Report Screen .............................................................................................551
Chapter 32
Logs Screens .......................................................................................................................555
32.1 Overview .......................................................................................................................... 555
32.1.1 What You Can Do in the Log Screens .................................................................... 555
32.1.2 What You Need To Know About Logs .................................................................... 555
32.2 The View Log Screen ...................................................................................................... 555
32.2.1 Log Description Example .......................................................................................556
32.2.2 About the Certificate Not Trusted Log .................................................................... 557
32.3 The Log Settings Screen ................................................................................................ 558
32.4 Technical Reference ........................................................................................................561
Chapter 33
Maintenance Screens...........................................................................................................585
33.1 Overview .......................................................................................................................... 585
33.1.1 What You Can Do in the Maintenance Screens .....................................................585
33.2 The General Setup Screen ..............................................................................................585
33.3 The Password Screen .................................................................................................... 586
33.4 The Time and Date Screen ............................................ ............. ............. ............. ........... 587
33.4.1 Time Server Synchronization Example ... .... ... ... ... .... ... ... ... ... .... ... ... ... .... .................590
33.5 The Device Mode Screen ................................................................................................ 591
33.6 Configuring the Device Mode Screen (Router) ............. .... .............................................. 592
33.7 Configuring the Device Mode Screen (Bridge) ............. .... ... ... ... ... .................................. 593
33.8 The F/W Upload Screen .................................................................................................595
33.9 The Backup and Restore Screen ....................................................................................597
33.10 The Restart Screen .......................................................................................................599
33.11 The Diagnostics Screen ................................................................................................. 599
Part VI: SMT.......................................................................................... 603
Chapter 34
Introducing the SMT.............................................................................................................605
22
34.1 Introduction to the SMT ...................................................................................................605
34.2 Accessing the SMT via the Console Port ........................................................................ 605
34.2.1 Initial Screen ..........................................................................................................605
34.2.2 Entering the Password ................................ ........................................................... 606
ZyWALL 5/35/70 Series User’s Guide
Table of Contents
34.3 Navigating the SMT Interface .......................................................................................... 606
34.3.1 Main Menu ............................................................................................................. 607
34.3.2 SMT Menus Overview ............................................................................................ 609
34.4 Changing the System Password .....................................................................................610
34.5 Resetting the ZyWALL ......................................................................................................611
Chapter 35
SMT Menu 1 - General Setup ...............................................................................................613
35.1 Introduction to General Setup .......................................................................................... 613
35.2 Configuring General Setup ..............................................................................................613
35.2.1 Configuring Dynamic DNS ..................................................................................... 615
Chapter 36
WAN and Dial Backup Setup................................................................................................619
36.1 Introduction to WAN and Dial Backup Setup ................................................................... 619
36.2 WAN Setup ......................................................................................................................619
36.3 Dial Backup ..................................................................................................................... 620
36.3.1 Configuring Dial Backup in Menu 2 ........................................................................ 620
36.3.2 Advanced WAN Setup ........................................................................................... 621
36.3.3 Remote Node Profile (Backup ISP) ................... ... .... ... ... ... ... .... ... ... ... .....................623
36.3.4 Editing TCP/IP Options ..........................................................................................625
36.3.5 Editing Login Script ................................................................................................626
36.3.6 Remote Node Filter ................................................................................................ 628
36.3.7 3G Modem Setup ................................................................................................... 629
36.3.8 Remote Node Profile (3G WAN) ................. ... ........................................................ 630
Chapter 37
LAN Setup..............................................................................................................................633
37.1 Introduction to LAN Setup ............................................................................................... 633
37.2 Accessing the LAN Menus .............................................................................................. 633
37.3 LAN Port Filter Setup ....................................................................................................... 633
37.4 TCP/IP and DHCP Ethernet Setup Menu ........................................................................ 634
37.4.1 IP Alias Setup .........................................................................................................636
Chapter 38
Internet Access.....................................................................................................................639
38.1 Introduction to Internet Access Setup ..............................................................................639
38.2 Ethernet Encapsulation ...................................................................................................639
38.3 Configuring the PPTP Client ............................................................................................ 641
38.4 Configuring the PPPoE Client .........................................................................................642
38.5 Basic Setup Complete ..................................................................................................... 643
Chapter 39
DMZ Setup.............................................................................................................................645
ZyWALL 5/35/70 Series User’s Guide
23
Table of Contents
39.1 Configuring DMZ Setup ...................................................................................................645
39.2 DMZ Port Filter Setup ......................................................................................................645
39.3 TCP/IP Setup ................................................................................................................... 646
39.3.1 IP Address ..............................................................................................................646
39.3.2 IP Alias Setup .........................................................................................................647
Chapter 40
Route Setup................................................................ .......... ........... ........... ...........................649
40.1 Configuring Route Setup ................................................................................................. 649
40.2 Route Assessment ..........................................................................................................649
40.3 Traffic Redirect ................................................................................................................ 650
40.4 Route Failover ................................................................................................................. 651
Chapter 41
Wireless Setup......................................................................................................................653
41.1 Wireless LAN Setup ........................................................................................................653
41.1.1 MAC Address Filter Setup ......................................................................................655
41.2 TCP/IP Setup ................................................................................................................... 656
41.2.1 IP Address ..............................................................................................................656
41.2.2 IP Alias Setup .........................................................................................................657
Chapter 42
Remote Node Setup..............................................................................................................659
42.1 Introduction to Remote Node Setup ................................................................................659
42.2 Remote Node Setup ........................................................................................................ 659
42.3 Remote Node Profile Setup .................................. .......................................................... . 660
42.3.1 Ethernet Encapsulation ..........................................................................................660
42.3.2 PPPoE Encapsulation ............................................................................................ 661
42.3.3 PPTP Encapsulation ..............................................................................................663
42.4 Edit IP .............................................................................................................................. 664
42.5 Remote Node Filter .........................................................................................................666
Chapter 43
IP Static Route Setup............................................................................................................669
43.1 IP Static Route Setup ......................................................................................................669
Chapter 44
Network Address Translation (NAT)....................................................................................673
44.1 Using NAT ........................................................................................................................ 673
44.1.1 SUA (Single User Account) Versus NAT ................................................................ 673
44.1.2 Applying NAT ......................................................................................................... 673
44.2 NAT Setup ....................................................................................................................... 675
44.2.1 Address Mapping Sets ...........................................................................................676
24
ZyWALL 5/35/70 Series User’s Guide
Table of Contents
44.3 Configuring a Server behind NAT ........ .... ... .......................................................... ... ... .....681
44.4 General NAT Examples ...................................................................................................683
44.4.1 Internet Access Only .............................................................................................. 683
44.4.2 Example 2: Internet Access with a Default Server ............ ... .... ... ... ... .... .................685
44.4.3 Example 3: Multiple Public IP Addresses With Inside Servers .............................. 685
44.4.4 Example 4: NAT Unfriendly Application Programs ................................................. 689
44.5 Trigger Port Forwarding ...................................................................................................690
44.5.1 Two Points To Remember About Trigger Ports ...................................................... 690
Chapter 45
Introducing the ZyWALL Firewall........................................................................................693
45.1 Using ZyWALL SMT Menus ............................................................................................ 693
45.1.1 Activating the Firewall ............................................................................................693
Chapter 46
Filter Configuration...............................................................................................................695
46.1 Introduction to Filters ....................................................................................................... 695
46.1.1 The Filter Structure of the ZyWALL ........................................................................ 696
46.2 Configuring a Filter Set ....................................................................................................698
46.2.1 Configuring a Filter Rule ........................................................................................699
46.2.2 Configuring a TCP/IP Filter Rule ............................................................................ 700
46.2.3 Configuring a Generic Filter Rule ........................................................................... 702
46.3 Example Filter .................................................................................................................. 704
46.4 Filter Types and NAT .......................................................................................................706
46.5 Firewall Versus Filters ..................................................................................................... 706
46.5.1 Packet Filtering: ..................................................................................................... 706
46.5.2 Firewall ...................................................................................................................707
46.6 Applying a Filter ..............................................................................................................707
46.6.1 Applying LAN Filters ............................................................................................... 708
46.6.2 Applying DMZ Filters .............................................................................................. 708
46.6.3 Applying Remote Node Filters ............................................................................... 709
Chapter 47
SNMP Configuration.............................................................................................................711
47.1 SNMP Configuration .........................................................................................................711
47.2 SNMP Traps ....................................................................................................................712
Chapter 48
System Information & Diagnosis.........................................................................................713
48.1 Introduction to System Status .......................................................................................... 713
48.2 System Status ..................................................................................................................713
48.3 System Information and Console Port Speed .................................... ... ........................... 715
48.3.1 System Information ................................................................................................ 715
ZyWALL 5/35/70 Series User’s Guide
25
Table of Contents
48.3.2 Console Port Speed ............................................................................................... 716
48.4 Log and Trace ..................................................................................................................717
48.4.1 Viewing Error Log ...................................................................................................717
48.4.2 Syslog Logging .......................................................................................................718
48.4.3 Call-Triggering Packet ............................................................................................ 721
48.5 Diagnostic ........................................................................................................................722
48.5.1 WAN DHCP ............................................................................................................ 723
Chapter 49
Firmware and Configuration File Maintenance..................................................................725
49.1 Introduction ......................................................................................................................725
49.2 Filename Conventions .....................................................................................................725
49.3 Backup Configuration ......................................................................................................726
49.3.1 Backup Configuration ........................ ....................................... .............................. 726
49.3.2 Using the FTP Command from the Command Line ................. ... ... ... .... ... ... ... ... .... . 727
49.3.3 Example of FTP Commands from the Command Line .......................................... 727
49.3.4 GUI-based FTP Clients ..........................................................................................728
49.3.5 File Maintenance Over WAN ..................................................................................728
49.3.6 Backup Configuration Using TFTP ......................................................................... 728
49.3.7 TFTP Command Example ...................................................................................... 729
49.3.8 GUI-based TFTP Clients ........................................................................................ 729
49.3.9 Backup Via Console Port .......................................................................................729
49.4 Restore Configuration ...................................................................................................... 730
49.4.1 Restore Using FTP ................................................................................................. 731
49.4.2 Restore Using FTP Session Example .................................................................... 732
49.4.3 Restore Via Console Port .......................................................................................732
49.5 Uploading Firmware and Configuration Files .................................................................. 733
49.5.1 Firmware File Upload .............................. ............................................................... 733
49.5.2 Configuration File Upload .......................................................................................734
49.5.3 FTP File Upload Command from the DOS Prompt Example ................................. 735
49.5.4 FTP Session Example of Firmware File Upload .................................................... 735
49.5.5 TFTP File Upload ................................................................................................... 735
49.5.6 TFTP Upload Command Example ......................................................................... 736
49.5.7 Uploading Via Console Port ................................................................................... 736
49.5.8 Uploading Firmware File Via Console Port ............................................................736
49.5.9 Example Xmodem Firmware Upload Using HyperTerminal ................................... 737
49.5.10 Uploading Configuration File Via Console Port ............................................... .... . 737
49.5.11 Example Xmodem Configuration Upload Using HyperTerminal ........................... 738
Chapter 50
System Maintenance Menus 8 to 10....................................................................................739
50.1 Command Interpreter Mode ............................................................................................739
50.2 Call Control Support ........................................................................................................ 740
26
ZyWALL 5/35/70 Series User’s Guide
Table of Contents
50.2.1 Budget Management .............................................................................................. 740
50.2.2 Call History .............................................................................................................741
50.3 Time and Date Setting .......................................................... ...........................................742
Chapter 51
Remote Management............................................................................................................745
51.1 Remote Management ...................................................................................................... 745
51.1.1 Remote Management Limitations ..........................................................................747
Chapter 52
IP Policy Routing ..................................................................................................................749
52.1 IP Routing Policy Summary .............................................................................................749
52.2 IP Routing Policy Setup ...................................................................................................750
52.2.1 Applying Policy to Packets ..................................................................................... 752
52.3 IP Policy Routing Example .............................................................................................. 753
Chapter 53
Call Scheduling.....................................................................................................................757
53.1 Introduction to Call Scheduling ........................................................................................ 757
Part VII: Troubleshooting and Product Specifications..................... 761
Chapter 54
Troubleshooting....................................................................................................................763
54.1 Power, Hardware Connections, and LEDs .... ... .... ... ... ... .... ... ........................................... 763
54.2 ZyWALL Access and Login ..............................................................................................764
54.3 Internet Access ................................................................................................................766
54.4 Wireless Router/AP Troubleshooting ............................................................................... 767
54.5 UPnP ............................................................................................................................... 768
Chapter 55
Product Specifications.........................................................................................................769
55.1 Compatible 3G Cards ......................................................................................................773
55.2 Power Adaptor Specifications .......................................................................................... 775
Part VIII: Appendices and Index ......................................................... 779
Appendix A Removing and Installing a Fuse .......................................................................781
Appendix B Common Services.............................................................................................783
ZyWALL 5/35/70 Series User’s Guide
27
Table of Contents
Appendix C Wireless LANs ..................................................................................................787
Appendix D Windows 98 SE/Me Requirements for Anti-Virus Message Display.................801
Appendix E Legal Information ..............................................................................................805
Appendix F Customer Support.............................................................................................809
Index.......................................................................................................................................815
28
ZyWALL 5/35/70 Series User’s Guide

List of Figures

List of Figures
Figure 1 Secure Internet Access via Cable, DSL or Wireless Modem ................................................... 52
Figure 2 VPN Application .......................................................................................................................53
Figure 3 3G WAN Application ................................................................................................................. 53
Figure 4 Attaching Rubber Feet ............................................................................................................ 56
Figure 5 Attaching Mounting Brackets and Screws ................................................................................57
Figure 6 Rack Mounting .........................................................................................................................57
Figure 7 WLAN Card Installation ............................................................................................................58
Figure 8 ZyWALL 70 Front Panel ........................................................................................................... 59
Figure 9 ZyWALL 35 Front Panel ........................................................................................................... 59
Figure 10 ZyWALL 5 Front Panel ....................... .................................................................................... 59
Figure 11 Change Password Screen ...................................................................................................... 62
Figure 12 Replace Certificate Screen ..................................................................................................... 62
Figure 13 Example Xmodem Upload ......................................................................................................63
Figure 14 HOME Screen .............................. ............................................................. ... ..........................64
Figure 15 Web Configurator HOME Screen in Router Mode (ZyWALL 5) ............................................ 65
Figure 16 Web Configurator HOME Screen in Bridge Mode .................................................................. 71
Figure 17 HOME > Port Statistics ........................................................................................................... 80
Figure 18 HOME > Show Statistics > Line Chart .................................................................................... 81
Figure 19 HOME > Show DHCP Table ...................................................................................................82
Figure 20 HOME > VPN Status .............................................................................................................. 83
Figure 21 Home > Bandwidth Monitor ................................... ................................................................. 84
Figure 22 Wizard Setup Welcome ..........................................................................................................87
Figure 23 ISP Parameters: Ethernet Encapsulation ...............................................................................88
Figure 24 ISP Parameters: PPPoE Encapsulation ................................................................................. 89
Figure 25 ISP Parameters: PPTP Encapsulation ...................................................................................91
Figure 26 Internet Access Wizard: Second Screen ................................................................................92
Figure 27 Internet Access Setup Complete .................................. ... ... .... ... ... ... ... .................................... 93
Figure 28 Internet Access Wizard: Registration .....................................................................................93
Figure 29 Internet Access Wizard: Registration in Progress .................................................................. 94
Figure 30 Internet Access Wizard: Status .............................................................................................. 95
Figure 31 Internet Access Wizard: Registration Failed ..........................................................................95
Figure 32 Internet Access Wizard: Registered Device ........................................................................... 95
Figure 33 Internet Access Wizard: Activated Services ...........................................................................96
Figure 34 VPN Wizard: Gateway Setting ............................................................................................... 96
Figure 35 VPN Wizard: Network Setting ................................................................................................ 98
Figure 36 VPN Wizard: IKE Tunnel Setting ............................................................................................99
Figure 37 VPN Wizard: IPSec Setting ..................................................................................................101
Figure 38 VPN Wizard: VPN Status ..................................................................................................... 102
ZyWALL 5/35/70 Series User’s Guide
29
List of Figures
Figure 39 VPN Wizard Setup Complete ................... .... ... ... ... .......................................................... ..... 104
Figure 40 Anti-Spam Wizard: Email Server Location Setting .............................................................. 105
Figure 41 Anti-Spam Wizard: Direction Recommendations ...... ... ... ... .... ... ... ... ... .... ... ... ... .... ... ... ... ........106
Figure 42 Anti-Spam Wizard: Direction Configuration .......................................................................... 107
Figure 43 Anti-Spam Wizard: Setup Complete ...... ... .... ... ... ... .... ... ... ... ..................................................108
Figure 44 Dynamic VPN Rule Example ........................... ... ... .... ... ... ... .... ... ... ... ... .... ... ... ... .... ... ... ... ... .....109
Figure 45 VPN Gateway Policy Edit Screens ............................................... ... ... .... ... ... ... ......................112
Figure 46 SECURITY > VPN > Add Network Policy (ZyWALL A) .........................................................113
Figure 47 VPN Network Policy Edit Screens ................................................ ... ... .... ... ... ... .... ... ... ... ... ......114
Figure 48 Activate VPN Rule (ZyWALL B) ...........................................................................................115
Figure 49 Tutorial: VPN Summary Screens Comparison Example .............. ... ... .... ... ... ... .... ... ...............116
Figure 50 Check The Telecommuter's Computer IP Address ...............................................................117
Figure 51 Telecommuter Pinging a Network X IP Address Example .....................................................118
Figure 52 Additional Dynamic VPN Rules Example ........................ ... .... ... ... ... ... .... ... ... ... .... ... ... ... ... .... ..119
Figure 53 IDP for From VPN Traffic ......................................................................................................120
Figure 54 IDP Configuration for Traffic From VPN ...............................................................................121
Figure 55 IDP for To VPN Traffic ..... ............................................................. ... ... .................................. 121
Figure 56 IDP Configuration for To VPN Traffic .. ..................................................................................122
Figure 57 Firewall Rule for VPN ...................... ... ... ... .... ... ... ..................................................................123
Figure 58 SECURITY > VPN > VPN Rules (IKE) ................................................................................. 123
Figure 59 SECURITY > VPN > VPN Rules (IKE)> Add Gateway Policy ........................................... 124
Figure 60 SECURITY > VPN > VPN Rules (IKE): With Gateway Policy Example ...............................125
Figure 61 SECURITY > VPN > VPN Rules (IKE)> Add Network Policy ............................................. 126
Figure 62 SECURITY > FIREWALL > Rule Summary .........................................................................127
Figure 63 SECURITY > FIREWALL > Rule Summary > Edit: Allow ..................................... ... ... ........128
Figure 64 SECURITY > FIREWALL > Rule Summary: Allow ............................. .................................. 129
Figure 65 SECURITY > FIREWALL > Default Rule: Block From VPN To LAN ....................................130
Figure 66 Tutorial: NETWORK > WAN > 3G (WAN2) ....................................................................... 131
Figure 67 Tutorial: Home .....................................................................................................................132
Figure 68 Tutorial: NETWORK > WAN > General ............................................................................. 133
Figure 69 SECURITY > CONTENT FILTER > General ........................................................................ 134
Figure 70 SECURITY > CONTENT FILTER > Policy ........................................................................... 135
Figure 71 SECURITY > CONTENT FILTER > Policy > External Database (Default) .......................... 135
Figure 72 HOME > Show DHCP Table .................................................................................................136
Figure 73 SECURITY > CONTENT FILTER > Policy ........................................................................... 136
Figure 74 SECURITY > CONTENT FILTER > Policy > Insert ............................................. ................. 137
Figure 75 SECURITY > CONTENT FILTER > Policy ........................................................................... 137
Figure 76 SECURITY > CONTENT FILTER > Policy > Schedule (Bob) ..............................................138
Figure 77 SECURITY > CONTENT FILTER > Policy ........................................................................... 138
Figure 78 SECURITY > CONTENT FILTER > Policy > External Database (Bob) ............................... 139
Figure 79 REGISTRATION > Registration ...........................................................................................143
Figure 80 REGISTRATION > Registration: Registered Device ............................................................ 144
Figure 81 REGISTRATION > Service ................................................................................................... 145
30
ZyWALL 5/35/70 Series User’s Guide
Loading...
+ 794 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use