Unified Security Gateway
Default Login Details
LAN Port |
P1 |
IP Address |
https://192.168.1.1 |
User Name |
admin |
Password |
1234 |
|
|
Version 2.20
Edition 1, 3/2010
www.zyxel.com
Copyright © 2010
ZyXEL Communications Corporation
About This User's Guide
Intended Audience
This manual is intended for people who want to want to configure the ZyWALL using the Web Configurator.
How To Use This Guide
•Read Chapter 1 on page 33 chapter for an overview of features available on the ZyWALL.
•Read Chapter 3 on page 47 for web browser requirements and an introduction to the main components, icons and menus in the ZyWALL Web Configurator.
•Read Chapter 4 on page 63 if you’re using the installation wizard for first time setup and you want more detailed information than what the real time online help provides.
•Read Chapter 5 on page 73 if you’re using the quick setup wizards and you want more detailed information than what the real time online help provides.
•It is highly recommended you read Chapter 6 on page 91 for detailed information on essential terms used in the ZyWALL, what prerequisites are needed to configure a feature and how to use that feature.
•It is highly recommended you read Chapter 7 on page 115 for ZyWALL application examples.
•Subsequent chapters are arranged by menu item as defined in the Web Configurator. Read each chapter carefully for detailed information on that menu item.
•To find specific information in this guide, use the Contents Overview, the Table of Contents, the Index, or search the PDF file. E-mail techwriters@zyxel.com.tw if you cannot find the information you require.
Related Documentation
•Quick Start Guide
The Quick Start Guide is designed to show you how to make the ZyWALL hardware connections and access the Web Configurator wizards. (See the wizard real time help for information on configuring each screen.) It also contains a connection diagram and package contents list.
•CLI Reference Guide
The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the ZyWALL.
Note: It is recommended you use the Web Configurator to configure the ZyWALL.
|
3 |
ZyWALL USG 300 User’s Guide |
|
|
|
About This User's Guide
•Web Configurator Online Help
Click the help icon in any screen for help in configuring that screen and supplementary information.
Documentation Feedback
Send your comments, questions or suggestions to: techwriters@zyxel.com.tw
Thank you!
The Technical Writing Team, ZyXEL Communications Corp.,
6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan.
Need More Help?
More help is available at www.zyxel.com.
•Download Library
Search for the latest product updates and documentation from this link. Read the Tech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Interface Reference Guide in order to better understand how to use your product.
•Knowledge Base
If you have a specific question about your product, the answer may be here. This is a collection of answers to previously asked questions about ZyXEL products.
•Forum
This contains discussions on ZyXEL products. Learn from others who use ZyXEL products and share your experiences as well.
Customer Support
Should problems arise that cannot be solved by the methods listed above, you should contact your vendor. If you cannot contact your vendor, then contact a ZyXEL office for the region in which you bought the device.
4 |
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
About This User's Guide
See http://www.zyxel.com/web/contact_us.php for contact information. Please have the following information ready when you contact an office.
•Product model and serial number.
•Warranty Information.
•Date that you received your device.
•Brief description of the problem and the steps you took to solve it.
Disclaimer
Graphics in this book may differ slightly from the product due to differences in operating systems, operating system versions, or if you installed updated firmware/software for your device. Every effort has been made to ensure that the information in this manual is accurate.
|
5 |
ZyWALL USG 300 User’s Guide |
|
|
|
Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this User’s Guide.
Warnings tell you about things that could harm you or your device.
Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Syntax Conventions
•The ZyWALL may be referred to as the “ZyWALL”, the “device”, the “system” or the “product” in this User’s Guide.
•Product labels, screen names, field labels and field choices are all in bold font.
•A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “return” key on your keyboard.
•“Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.
•A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Maintenance > Log > Log Setting means you first click Maintenance in the navigation panel, then the Log sub menu and finally the Log Setting tab to get to that screen.
•Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.
•“e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
6 |
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
Document Conventions
Icons Used in Figures
Figures in this User’s Guide may use the following generic icons. The ZyWALL icon is not an exact representation of your device.
ZyWALL |
Computer |
Notebook computer |
|
|
|
Server |
Firewall |
Telephone |
|
|
|
Switch |
Router |
|
|
|
|
|
7 |
ZyWALL USG 300 User’s Guide |
|
|
|
Safety Warnings
•Do NOT use this product near water, for example, in a wet basement or near a swimming pool.
•Do NOT expose your device to dampness, dust or corrosive liquids.
•Do NOT store things on the device.
•Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.
•Connect ONLY suitable accessories to the device.
•Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel should service or disassemble this device. Please contact your vendor for further information.
•Make sure to connect the cables to the correct ports.
•Place connecting cables carefully so that no one will step on them or stumble over them.
•Always disconnect all cables from this device before servicing or disassembling.
•Use ONLY an appropriate power adaptor or cord for your device. Connect it to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).
•Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord.
•Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.
•If the power adaptor or cord is damaged, remove it from the device and the power source.
•Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.
•Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.
•CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS. Dispose them at the applicable collection point for the recycling of electrical and electronic equipment. For detailed information about recycling of this product, please contact your local city office, your household waste disposal service or the store where you purchased the product.
•Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.
Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately.
8 |
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
Contents Overview
User’s Guide ........................................................................................................................... |
31 |
Introducing the ZyWALL ............................................................................................................ |
33 |
Features and Applications ......................................................................................................... |
39 |
Web Configurator ....................................................................................................................... |
47 |
Installation Setup Wizard ........................................................................................................... |
63 |
Quick Setup ............................................................................................................................... |
73 |
Configuration Basics .................................................................................................................. |
91 |
Tutorials ................................................................................................................................... |
115 |
L2TP VPN Example ................................................................................................................. |
183 |
Technical Reference ............................................................................................................ |
219 |
Dashboard .............................................................................................................................. |
221 |
Monitor .................................................................................................................................... |
235 |
Registration ............................................................................................................................. |
277 |
Signature Update ..................................................................................................................... |
283 |
Interfaces ................................................................................................................................. |
289 |
Trunks ..................................................................................................................................... |
363 |
Policy and Static Routes .......................................................................................................... |
373 |
Routing Protocols .................................................................................................................... |
389 |
Zones ....................................................................................................................................... |
403 |
DDNS ...................................................................................................................................... |
407 |
NAT .......................................................................................................................................... |
413 |
HTTP Redirect ........................................................................................................................ |
423 |
ALG ......................................................................................................................................... |
427 |
IP/MAC Binding ...................................................................................................................... |
435 |
Authentication Policy ............................................................................................................... |
441 |
Firewall .................................................................................................................................... |
449 |
IPSec VPN ............................................................................................................................... |
467 |
SSL VPN ................................................................................................................................. |
507 |
SSL User Screens ................................................................................................................... |
519 |
SSL User Application Screens ................................................................................................ |
529 |
SSL User File Sharing ............................................................................................................. |
531 |
ZyWALL SecuExtender ........................................................................................................... |
539 |
L2TP VPN ................................................................................................................................ |
543 |
Application Patrol ..................................................................................................................... |
547 |
Anti-Virus ................................................................................................................................. |
573 |
IDP .......................................................................................................................................... |
589 |
ADP ........................................................................................................................................ |
623 |
ZyWALL USG 300 User’s Guide |
9 |
Contents Overview
Content Filtering ..................................................................................................................... |
643 |
Content Filter Reports ............................................................................................................. |
667 |
Anti-Spam ................................................................................................................................ |
675 |
Device HA ................................................................................................................................ |
693 |
User/Group .............................................................................................................................. |
715 |
Addresses ............................................................................................................................... |
731 |
Services ................................................................................................................................... |
737 |
Schedules ................................................................................................................................ |
743 |
AAA Server ............................................................................................................................. |
749 |
Authentication Method ............................................................................................................. |
759 |
Certificates ............................................................................................................................... |
765 |
ISP Accounts ........................................................................................................................... |
787 |
SSL Application ....................................................................................................................... |
791 |
Endpoint Security .................................................................................................................... |
799 |
System ................................................................................................................................... |
809 |
Log and Report ...................................................................................................................... |
859 |
File Manager ........................................................................................................................... |
873 |
Diagnostics ............................................................................................................................. |
885 |
Reboot ..................................................................................................................................... |
891 |
Shutdown ................................................................................................................................. |
893 |
Troubleshooting ....................................................................................................................... |
895 |
Product Specifications ............................................................................................................. |
915 |
10 |
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
|
|
Table of Contents |
|
Table of Contents |
|
About This User's Guide .......................................................................................................... |
3 |
|
Document Conventions............................................................................................................ |
6 |
|
Safety Warnings........................................................................................................................ |
8 |
|
Contents Overview ................................................................................................................... |
9 |
|
Table of Contents.................................................................................................................... |
11 |
|
Part I: User’s Guide................................................................................ |
31 |
|
Chapter 1 |
|
|
Introducing the ZyWALL ........................................................................................................ |
33 |
|
1.1 |
Overview and Key Default Settings ..................................................................................... |
33 |
1.2 |
Rack-mounted Installation ................................................................................................... |
33 |
|
1.2.1 Rack-Mounted Installation Procedure ........................................................................ |
34 |
1.3 |
Front Panel .......................................................................................................................... |
35 |
|
1.3.1 Front Panel LEDs ....................................................................................................... |
35 |
1.4 |
Management Overview ........................................................................................................ |
35 |
1.5 |
Starting and Stopping the ZyWALL ...................................................................................... |
36 |
Chapter 2 |
|
|
Features and Applications ..................................................................................................... |
39 |
|
2.1 |
Features .............................................................................................................................. |
39 |
2.2 |
Applications ......................................................................................................................... |
41 |
|
2.2.1 VPN Connectivity ....................................................................................................... |
42 |
|
2.2.2 SSL VPN Network Access ......................................................................................... |
42 |
|
2.2.3 User-Aware Access Control ....................................................................................... |
44 |
|
2.2.4 Multiple WAN Interfaces ............................................................................................. |
44 |
|
2.2.5 Device HA .................................................................................................................. |
45 |
Chapter 3 |
|
|
Web Configurator.................................................................................................................... |
47 |
|
3.1 |
Web Configurator Requirements ......................................................................................... |
47 |
3.2 |
Web Configurator Access .................................................................................................... |
47 |
3.3 |
Web Configurator Screens Overview .................................................................................. |
49 |
|
3.3.1 Title Bar ...................................................................................................................... |
50 |
ZyWALL USG 300 User’s Guide |
11 |
Table of Contents
|
|
3.3.2 Navigation Panel ........................................................................................................ |
50 |
|
|
|
3.3.3 Main Window .............................................................................................................. |
57 |
|
|
|
3.3.4 Tables and Lists ......................................................................................................... |
59 |
|
Chapter 4 |
|
|
||
Installation Setup Wizard ....................................................................................................... |
63 |
|
||
4.1 |
Installation Setup Wizard Screens ...................................................................................... |
63 |
|
|
|
|
4.1.1 Internet Access Setup - WAN Interface ..................................................................... |
64 |
|
|
|
4.1.2 Internet Access: Ethernet .......................................................................................... |
64 |
|
|
|
4.1.3 Internet Access: PPPoE ............................................................................................. |
66 |
|
|
|
4.1.4 Internet Access: PPTP .............................................................................................. |
67 |
|
|
|
4.1.5 ISP Parameters .......................................................................................................... |
67 |
|
|
|
4.1.6 Internet Access Setup - Second WAN Interface ........................................................ |
69 |
|
|
|
4.1.7 Internet Access - Finish ............................................................................................. |
69 |
|
4.2 |
Device Registration ........................................................................................................... |
70 |
|
|
Chapter 5 |
|
|
||
Quick Setup ............................................................................................................................. |
73 |
|
||
5.1 |
Quick Setup Overview ......................................................................................................... |
73 |
|
|
5.2 |
WAN Interface Quick Setup ................................................................................................. |
74 |
|
|
|
|
5.2.1 Choose an Ethernet Interface .................................................................................... |
74 |
|
|
|
5.2.2 Select WAN Type ....................................................................................................... |
74 |
|
|
|
5.2.3 Configure WAN Settings ............................................................................................ |
75 |
|
|
|
5.2.4 WAN and ISP Connection Settings ............................................................................ |
76 |
|
|
|
5.2.5 Quick Setup Interface Wizard: Summary ................................................................... |
78 |
|
5.3 |
VPN Quick Setup ................................................................................................................. |
79 |
|
|
5.4 |
VPN Setup Wizard: Wizard Type ......................................................................................... |
80 |
|
|
5.5 |
VPN Express Wizard - Scenario ......................................................................................... |
81 |
|
|
|
|
5.5.1 VPN Express Wizard - Configuration ........................................................................ |
82 |
|
|
|
5.5.2 VPN Express Wizard - Summary .............................................................................. |
83 |
|
|
|
5.5.3 VPN Express Wizard - Finish .................................................................................... |
84 |
|
|
|
5.5.4 VPN Advanced Wizard - Scenario ............................................................................ |
85 |
|
|
|
5.5.5 VPN Advanced Wizard - Phase 1 Settings ............................................................... |
86 |
|
|
|
5.5.6 VPN Advanced Wizard - Phase 2 ............................................................................. |
88 |
|
|
|
5.5.7 VPN Advanced Wizard - Summary ........................................................................... |
89 |
|
|
|
5.5.8 VPN Advanced Wizard - Finish ................................................................................. |
90 |
|
Chapter 6 |
|
|
||
Configuration Basics.............................................................................................................. |
91 |
|
||
6.1 |
Object-based Configuration ................................................................................................. |
91 |
|
|
6.2 |
Zones, Interfaces, and Physical Ports ................................................................................. |
92 |
|
|
|
|
6.2.1 Interface Types ........................................................................................................... |
93 |
|
|
|
6.2.2 Default Interface and Zone Configuration .................................................................. |
94 |
|
|
|
|
|
|
12 |
|
|
|
|
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
|
|
|
Table of Contents |
6.3 Terminology in the ZyWALL ................................................................................................. |
95 |
6.4 Packet Flow ......................................................................................................................... |
96 |
6.4.1 ZLD 2.20 Packet Flow Enhancements ....................................................................... |
96 |
6.4.2 Routing Table Checking Flow Enhancements ............................................................ |
97 |
6.4.3 NAT Table Checking Flow .......................................................................................... |
98 |
6.5 Feature Configuration Overview ......................................................................................... |
99 |
6.5.1 Feature ..................................................................................................................... |
100 |
6.5.2 Licensing Registration .............................................................................................. |
100 |
6.5.3 Licensing Update ..................................................................................................... |
100 |
6.5.4 Interface ................................................................................................................... |
101 |
6.5.5 Trunks ...................................................................................................................... |
101 |
6.5.6 Policy Routes ........................................................................................................... |
101 |
6.5.7 Static Routes ............................................................................................................ |
103 |
6.5.8 Zones ....................................................................................................................... |
103 |
6.5.9 DDNS ....................................................................................................................... |
103 |
6.5.10 NAT ........................................................................................................................ |
103 |
6.5.11 HTTP Redirect ........................................................................................................ |
104 |
6.5.12 ALG ........................................................................................................................ |
105 |
6.5.13 Auth. Policy ............................................................................................................ |
105 |
6.5.14 Firewall ................................................................................................................... |
105 |
6.5.15 IPSec VPN ............................................................................................................. |
106 |
6.5.16 SSL VPN ................................................................................................................ |
106 |
6.5.17 L2TP VPN .............................................................................................................. |
107 |
6.5.18 Application Patrol ................................................................................................... |
107 |
6.5.19 Anti-Virus ................................................................................................................ |
108 |
6.5.20 IDP ......................................................................................................................... |
108 |
6.5.21 ADP ........................................................................................................................ |
108 |
6.5.22 Content Filter .......................................................................................................... |
108 |
6.5.23 Anti-Spam ............................................................................................................... |
109 |
6.5.24 Device HA .............................................................................................................. |
109 |
6.6 Objects ............................................................................................................................... |
110 |
6.6.1 User/Group ................................................................................................................ |
110 |
6.7 System ................................................................................................................................ |
111 |
6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-in Mgmt, Vantage CNM |
...................111 |
6.7.2 Logs and Reports ...................................................................................................... |
112 |
6.7.3 File Manager ............................................................................................................. |
112 |
6.7.4 Diagnostics ................................................................................................................ |
112 |
6.7.5 Shutdown .................................................................................................................. |
112 |
Chapter 7 |
|
Tutorials ................................................................................................................................ |
115 |
7.1 How to Configure Interfaces, Port Grouping, and Zones .................................................... |
115 |
7.1.1 Configure a WAN Ethernet Interface ......................................................................... |
116 |
ZyWALL USG 300 User’s Guide |
13 |
Table of Contents |
|
|
|
7.1.2 Configure Zones ........................................................................................................ |
116 |
|
7.1.3 Configure Port Grouping ........................................................................................... |
117 |
|
7.2 How to Configure a Cellular Interface ................................................................................. |
118 |
|
7.3 How to Configure Load Balancing ..................................................................................... |
120 |
|
7.3.1 Set Up Available Bandwidth on Ethernet Interfaces ................................................ |
121 |
|
7.3.2 Configure the WAN Trunk ........................................................................................ |
122 |
|
7.4 How to Set Up a Wireless LAN .......................................................................................... |
123 |
|
7.4.1 Set Up User Accounts .............................................................................................. |
123 |
|
7.4.2 Create the WLAN Interface ...................................................................................... |
124 |
|
7.4.3 Set Up the Wireless Clients to Use the WLAN Interface .......................................... |
127 |
|
7.5 How to Set Up an IPSec VPN Tunnel ................................................................................ |
139 |
|
7.5.1 Set Up the VPN Gateway ......................................................................................... |
140 |
|
7.5.2 Set Up the VPN Connection ..................................................................................... |
140 |
|
7.5.3 Configure Security Policies for the VPN Tunnel ....................................................... |
142 |
|
7.6 How to Configure a Hub-and-spoke IPSec VPN Without a VPN Concentrator ................. |
142 |
|
7.7 How to Configure User-aware Access Control .................................................................. |
144 |
|
7.7.1 Set Up User Accounts .............................................................................................. |
145 |
|
7.7.2 Set Up User Groups ................................................................................................. |
146 |
|
7.7.3 Set Up User Authentication Using the RADIUS Server ........................................... |
146 |
|
7.7.4 Web Surfing Policies With Bandwidth Restrictions .................................................. |
148 |
|
7.7.5 Set Up MSN Policies ................................................................................................ |
151 |
|
7.7.6 Set Up Firewall Rules ............................................................................................... |
152 |
|
7.8 How to Use a RADIUS Server to Authenticate User Accounts based on Groups ............. |
153 |
|
7.9 How to Use Endpoint Security and Authentication Policies ............................................... |
155 |
|
7.9.1 Configure the Endpoint Security Objects ................................................................. |
155 |
|
7.9.2 Configure the Authentication Policy ......................................................................... |
157 |
|
7.10 How to Configure Service Control ................................................................................... |
158 |
|
7.10.1 Allow HTTPS Administrator Access Only From the LAN ....................................... |
159 |
|
7.11 How to Allow Incoming H.323 Peer-to-peer Calls ............................................................ |
161 |
|
7.11.1 Turn On the ALG .................................................................................................... |
162 |
|
7.11.2 Set Up a NAT Policy For H.323 .............................................................................. |
162 |
|
7.11.3 Set Up a Firewall Rule For H.323 ........................................................................... |
164 |
|
7.12 How to Allow Public Access to a Web Server .................................................................. |
165 |
|
7.12.1 Create the Address Objects ................................................................................... |
166 |
|
7.12.2 Configure NAT ........................................................................................................ |
166 |
|
7.12.3 Set Up a Firewall Rule ........................................................................................... |
167 |
|
7.13 How to Use an IPPBX on the DMZ .................................................................................. |
168 |
|
7.13.1 Turn On the ALG .................................................................................................... |
170 |
|
7.13.2 Create the Address Objects ................................................................................... |
170 |
|
7.13.3 Setup a NAT Policy for the IPPBX ......................................................................... |
171 |
|
7.13.4 Set Up a WAN to DMZ Firewall Rule for SIP ......................................................... |
172 |
|
7.13.5 Set Up a DMZ to LAN Firewall Rule for SIP ........................................................... |
173 |
|
7.14 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic ............... |
174 |
14 |
ZyWALL USG 300 User’s Guide |
|
Table of Contents |
7.14.1 Create the Public IP Address Range Object .......................................................... |
174 |
7.14.2 Configure the Policy Route .................................................................................... |
175 |
7.15 How to Use Active-Passive Device HA ........................................................................... |
175 |
7.15.1 Before You Start ..................................................................................................... |
176 |
7.15.2 Configure Device HA on the Master ZyWALL ........................................................ |
177 |
7.15.3 Configure the Backup ZyWALL .............................................................................. |
179 |
7.15.4 Deploy the Backup ZyWALL .................................................................................. |
181 |
7.15.5 Check Your Device HA Setup ................................................................................ |
181 |
Chapter 8 |
|
L2TP VPN Example............................................................................................................... |
183 |
8.1 L2TP VPN Example ........................................................................................................... |
183 |
8.2 Configuring the Default L2TP VPN Gateway Example ...................................................... |
183 |
8.3 Configuring the Default L2TP VPN Connection Example .................................................. |
185 |
8.4 Configuring the L2TP VPN Settings Example ................................................................... |
186 |
8.5 Configuring L2TP VPN in Windows Vista, XP, or 2000 ..................................................... |
187 |
8.5.1 Configuring L2TP in Windows Vista ......................................................................... |
187 |
8.5.2 Configuring L2TP in Windows XP ............................................................................ |
197 |
8.5.3 Configuring L2TP in Windows 2000 ......................................................................... |
203 |
Part II: Technical Reference ................................................................ |
219 |
Chapter 9 |
|
Dashboard ............................................................................................................................ |
221 |
9.1 Overview ............................................................................................................................ |
221 |
9.1.1 What You Can Do in this Chapter ............................................................................ |
221 |
9.2 The Dashboard Screen ..................................................................................................... |
221 |
9.2.1 The CPU Usage Screen ........................................................................................... |
228 |
9.2.2 The Memory Usage Screen ..................................................................................... |
229 |
9.2.3 The Session Usage Screen ..................................................................................... |
230 |
9.2.4 The VPN Status Screen ........................................................................................... |
231 |
9.2.5 The DHCP Table Screen .......................................................................................... |
231 |
9.2.6 The Number of Login Users Screen ......................................................................... |
232 |
Chapter 10 |
|
Monitor.................................................................................................................................. |
235 |
10.1 Overview .......................................................................................................................... |
235 |
10.1.1 What You Can Do in this Chapter .......................................................................... |
235 |
10.2 The Port Statistics Screen .............................................................................................. |
236 |
10.2.1 The Port Statistics Graph Screen .......................................................................... |
238 |
10.3 Interface Status Screen ................................................................................................... |
239 |
|
15 |
ZyWALL USG 300 User’s Guide |
|
|
|
Table of Contents
10.4 |
The Traffic Statistics Screen ............................................................................................ |
243 |
||
10.5 |
The Session Monitor Screen .......................................................................................... |
246 |
||
10.6 |
The DDNS Status Screen ................................................................................................ |
248 |
||
10.7 |
IP/MAC Binding Monitor .................................................................................................. |
249 |
||
10.8 |
The Login Users Screen ................................................................................................. |
250 |
||
10.9 |
WLAN Interface Station Monitor Screen .......................................................................... |
251 |
||
10.10 |
Cellular Status Screen ................................................................................................... |
252 |
||
10.11 Application Patrol Statistics ............................................................................................ |
254 |
|||
10.11.1 Application Patrol Statistics: General Setup ......................................................... |
254 |
|||
10.11.2 Application Patrol Statistics: Bandwidth Statistics ................................................ |
255 |
|||
10.11.3 |
Application Patrol Statistics: Protocol Statistics ................................................... |
256 |
||
10.11.4 |
Application Patrol Statistics: Individual Protocol Statistics by Rule ...................... |
257 |
||
10.12 |
The IPSec Monitor Screen ........................................................................................... |
258 |
||
10.12.1 Regular Expressions in Searching IPSec SAs ..................................................... |
260 |
|||
10.13 |
The SSL Connection Monitor Screen ............................................................................ |
261 |
||
10.14 |
L2TP over IPSec Session Monitor Screen .................................................................... |
262 |
||
10.15 |
The Anti-Virus Statistics Screen .................................................................................... |
263 |
||
10.16 |
The IDP Statistics Screen .............................................................................................. |
265 |
||
10.17 |
The Content Filter Statistics Screen .............................................................................. |
267 |
||
10.18 |
Content Filter Cache Screen ......................................................................................... |
268 |
||
10.19 |
The Anti-Spam Statistics Screen ................................................................................... |
271 |
||
10.20 |
The Anti-Spam Status Screen ....................................................................................... |
273 |
||
10.21 |
Log Screen .................................................................................................................... |
274 |
Chapter 11 |
|
|
Registration ........................................................................................................................... |
277 |
|
11.1 Overview .......................................................................................................................... |
277 |
|
11.1.1 What You Can Do in this Chapter ........................................................................... |
277 |
|
11.1.2 What you Need to Know ......................................................................................... |
277 |
|
11.2 The Registration Screen .................................................................................................. |
279 |
|
11.3 The Service Screen ......................................................................................................... |
281 |
|
Chapter 12 |
|
|
Signature Update .................................................................................................................. |
283 |
|
12.1 |
Overview .......................................................................................................................... |
283 |
12.1.1 What You Can Do in this Chapter .......................................................................... |
283 |
|
12.1.2 What you Need to Know ........................................................................................ |
283 |
|
12.2 |
The Antivirus Update Screen ........................................................................................... |
284 |
12.3 |
The IDP/AppPatrol Update Screen .................................................................................. |
285 |
12.4 |
The System Protect Update Screen ............................................................................... |
287 |
Chapter 13 |
|
|
Interfaces............................................................................................................................... |
|
289 |
16 |
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
|
|
Table of Contents |
13.1 |
Interface Overview ........................................................................................................... |
289 |
13.1.1 What You Can Do in this Chapter .......................................................................... |
289 |
|
13.1.2 What You Need to Know ........................................................................................ |
290 |
|
13.2 |
Port Grouping ................................................................................................................. |
293 |
13.2.1 Port Grouping Overview ......................................................................................... |
293 |
|
13.2.2 Port Grouping Screen ............................................................................................ |
293 |
|
13.3 |
Ethernet Summary Screen .............................................................................................. |
294 |
13.3.1 Ethernet Edit ......................................................................................................... |
296 |
|
13.3.2 Object References ................................................................................................. |
303 |
|
13.4 |
PPP Interfaces ................................................................................................................ |
304 |
13.4.1 PPP Interface Summary ......................................................................................... |
305 |
|
13.4.2 PPP Interface Add or Edit ..................................................................................... |
307 |
|
13.5 |
Cellular Configuration Screen (3G) .................................................................................. |
311 |
13.5.1 Cellular Add/Edit Screen ........................................................................................ |
313 |
|
13.6 |
WLAN Interface General Screen ..................................................................................... |
320 |
13.6.1 WLAN Add/Edit Screen .......................................................................................... |
323 |
|
13.6.2 WLAN Add/Edit: WEP Security .............................................................................. |
329 |
|
13.6.3 WLAN Add/Edit: WPA-PSK/WPA2-PSK Security ................................................... |
330 |
|
13.6.4 WLAN Add/Edit: WPA/WPA2 Security ................................................................... |
331 |
|
13.7 |
WLAN Interface MAC Filter ............................................................................................ |
333 |
13.8 |
VLAN Interfaces ............................................................................................................. |
335 |
13.8.1 VLAN Summary Screen ......................................................................................... |
337 |
|
13.8.2 VLAN Add/Edit ...................................................................................................... |
338 |
|
13.9 |
Bridge Interfaces ............................................................................................................ |
345 |
13.9.1 Bridge Summary .................................................................................................... |
347 |
|
13.9.2 Bridge Add/Edit ..................................................................................................... |
348 |
|
13.10 Auxiliary Interface ......................................................................................................... |
354 |
|
13.10.1 Auxiliary Interface Overview ................................................................................. |
354 |
|
13.10.2 Auxiliary ................................................................................................................ |
354 |
|
13.11 Virtual Interfaces ........................................................................................................... |
356 |
|
13.11.1 Virtual Interfaces Add/Edit .................................................................................... |
357 |
|
13.12 Interface Technical Reference ....................................................................................... |
358 |
|
Chapter 14 |
|
|
Trunks ................................................................................................................................... |
|
363 |
14.1 |
Overview .......................................................................................................................... |
363 |
14.1.1 What You Can Do in this Chapter .......................................................................... |
363 |
|
14.1.2 What You Need to Know ........................................................................................ |
364 |
|
14.2 |
The Trunk Summary Screen ............................................................................................ |
368 |
14.3 |
Configuring a Trunk ........................................................................................................ |
369 |
14.4 |
Trunk Technical Reference .............................................................................................. |
371 |
Chapter 15 |
|
|
Policy and Static Routes ...................................................................................................... |
373 |
|
17 |
ZyWALL USG 300 User’s Guide |
|
|
|
Table of Contents
15.1 |
Policy and Static Routes Overview .................................................................................. |
373 |
15.1.1 What You Can Do in this Chapter .......................................................................... |
373 |
|
15.1.2 What You Need to Know ....................................................................................... |
374 |
|
15.2 |
Policy Route Screen ........................................................................................................ |
376 |
15.2.1 Policy Route Edit Screen ....................................................................................... |
379 |
|
15.3 |
IP Static Route Screen .................................................................................................... |
383 |
15.3.1 Static Route Add/Edit Screen ................................................................................. |
384 |
|
15.4 |
Policy Routing Technical Reference ................................................................................ |
385 |
Chapter 16 |
|
|
||
Routing Protocols................................................................................................................. |
389 |
|
||
16.1 |
Routing Protocols Overview ............................................................................................ |
389 |
|
|
|
16.1.1 What You Can Do in this Chapter .......................................................................... |
389 |
|
|
|
16.1.2 What You Need to Know ........................................................................................ |
389 |
|
|
16.2 |
The RIP Screen ............................................................................................................... |
390 |
|
|
|
16.3 The OSPF Screen ........................................................................................................... |
391 |
|
|
|
16.3.1 Configuring the OSPF Screen ................................................................................ |
395 |
|
|
|
16.3.2 OSPF Area Add/Edit Screen ................................................................................. |
398 |
|
|
|
16.3.3 Virtual Link Add/Edit Screen ................................................................................. |
399 |
|
|
16.4 |
Routing Protocol Technical Reference ............................................................................ |
400 |
|
|
Chapter 17 |
|
|
||
Zones ..................................................................................................................................... |
|
403 |
|
|
17.1 |
Zones Overview ............................................................................................................... |
403 |
|
|
|
17.1.1 What You Can Do in this Chapter .......................................................................... |
403 |
|
|
|
17.1.2 What You Need to Know ........................................................................................ |
404 |
|
|
17.2 |
The Zone Screen ............................................................................................................. |
405 |
|
|
17.3 |
Zone Edit ........................................................................................................................ |
406 |
|
|
Chapter 18 |
|
|
||
DDNS...................................................................................................................................... |
|
407 |
|
|
|
18.1 DDNS Overview .............................................................................................................. |
407 |
|
|
|
18.1.1 What You Can Do in this Chapter .......................................................................... |
407 |
|
|
|
18.1.2 What You Need to Know ........................................................................................ |
407 |
|
|
|
18.2 The DDNS Screen ........................................................................................................... |
408 |
|
|
|
18.2.1 The Dynamic DNS Add/Edit Screen ...................................................................... |
410 |
|
|
Chapter 19 |
|
|
||
NAT......................................................................................................................................... |
|
413 |
|
|
19.1 |
NAT Overview .................................................................................................................. |
413 |
|
|
|
19.1.1 What You Can Do in this Chapter .......................................................................... |
413 |
|
|
|
19.1.2 What You Need to Know ........................................................................................ |
414 |
|
|
19.2 |
The NAT Screen .............................................................................................................. |
414 |
|
|
|
|
|
|
|
18 |
|
|
|
|
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
|
|
|
|
Table of Contents |
19.2.1 The NAT Add/Edit Screen ...................................................................................... |
416 |
|
19.3 |
NAT Technical Reference ................................................................................................ |
419 |
Chapter 20 |
|
|
HTTP Redirect ...................................................................................................................... |
423 |
|
20.1 |
Overview .......................................................................................................................... |
423 |
20.1.1 What You Can Do in this Chapter .......................................................................... |
423 |
|
20.1.2 What You Need to Know ........................................................................................ |
424 |
|
20.2 |
The HTTP Redirect Screen ............................................................................................. |
425 |
20.2.1 The HTTP Redirect Edit Screen ............................................................................. |
426 |
|
Chapter 21 |
|
|
ALG ........................................................................................................................................ |
|
427 |
21.1 |
ALG Overview ................................................................................................................. |
427 |
21.1.1 What You Can Do in this Chapter .......................................................................... |
427 |
|
21.1.2 What You Need to Know ........................................................................................ |
428 |
|
21.1.3 Before You Begin ................................................................................................... |
431 |
|
21.2 |
The ALG Screen .............................................................................................................. |
431 |
21.3 |
ALG Technical Reference ................................................................................................ |
433 |
Chapter 22 |
|
|
IP/MAC Binding .................................................................................................................... |
435 |
|
22.1 |
IP/MAC Binding Overview ............................................................................................... |
435 |
22.1.1 What You Can Do in this Chapter .......................................................................... |
435 |
|
22.1.2 What You Need to Know ........................................................................................ |
436 |
|
22.2 |
IP/MAC Binding Summary ............................................................................................... |
436 |
22.2.1 IP/MAC Binding Edit ............................................................................................... |
437 |
|
22.2.2 Static DHCP Edit .................................................................................................... |
438 |
|
22.3 |
IP/MAC Binding Exempt List ........................................................................................... |
439 |
Chapter 23 |
|
|
Authentication Policy ........................................................................................................... |
441 |
|
23.1 |
Overview .......................................................................................................................... |
441 |
23.1.1 What You Can Do in this Chapter .......................................................................... |
441 |
|
23.1.2 What You Need to Know ........................................................................................ |
442 |
|
23.2 |
Authentication Policy Screen ........................................................................................... |
442 |
23.2.1 Creating/Editing an Authentication Policy .............................................................. |
445 |
|
Chapter 24 |
|
|
Firewall................................................................................................................................... |
|
449 |
24.1 |
Overview .......................................................................................................................... |
449 |
24.1.1 What You Can Do in this Chapter .......................................................................... |
449 |
|
24.1.2 What You Need to Know ........................................................................................ |
450 |
|
ZyWALL USG 300 User’s Guide |
19 |
Table of Contents
24.1.3 Firewall Rule Example Applications ....................................................................... |
452 |
24.1.4 Firewall Rule Configuration Example ..................................................................... |
455 |
24.2 The Firewall Screen ......................................................................................................... |
457 |
24.2.1 Configuring the Firewall Screen ............................................................................. |
458 |
24.2.2 The Firewall Add/Edit Screen ................................................................................. |
461 |
24.3 The Session Limit Screen ................................................................................................ |
462 |
24.3.1 The Session Limit Add/Edit Screen ........................................................................ |
464 |
Chapter 25 |
|
|
||
IPSec VPN |
.............................................................................................................................. |
467 |
|
|
25.1 |
IPSec VPN Overview ....................................................................................................... |
467 |
|
|
|
25.1.1 What You Can Do in this Chapter .......................................................................... |
467 |
|
|
|
25.1.2 What You Need to Know ........................................................................................ |
468 |
|
|
|
25.1.3 Before You Begin ................................................................................................... |
470 |
|
|
25.2 .......................................................................................... |
The VPN Connection Screen |
470 |
|
|
|
25.2.1 The VPN Connection Add/Edit (IKE) Screen ......................................................... |
472 |
|
|
|
25.2.2 The VPN Connection Add/Edit Manual Key Screen .............................................. |
479 |
|
|
|
25.3 The VPN Gateway Screen .............................................................................................. |
482 |
|
|
|
25.3.1 The VPN Gateway Add/Edit Screen ...................................................................... |
483 |
|
|
25.4 .......................................................................................................... |
VPN Concentrator |
491 |
|
|
|
25.4.1 IPSec VPN Concentrator Example ........................................................................ |
491 |
|
|
|
25.4.2 VPN Concentrator Screen ...................................................................................... |
494 |
|
|
|
25.4.3 The VPN Concentrator Add/Edit Screen ................................................................ |
494 |
|
|
25.5 ............................................................................... |
IPSec VPN Background Information |
495 |
|
|
Chapter 26 |
|
|
||
SSL VPN................................................................................................................................. |
|
507 |
|
|
26.1 .......................................................................................................................... |
Overview |
507 |
|
|
|
26.1.1 What You Can Do in this Chapter .......................................................................... |
507 |
|
|
|
26.1.2 What You Need to Know ........................................................................................ |
507 |
|
|
26.2 ................................................................................... |
The SSL Access Privilege Screen |
510 |
|
|
|
26.2.1 The SSL Access Policy Add/Edit Screen .............................................................. |
512 |
|
|
26.3 ....................................................................................... |
The SSL Global Setting Screen |
514 |
|
|
|
26.3.1 How to Upload a Custom Logo .............................................................................. |
516 |
|
|
26.4 ............................................................................. |
Establishing an SSL VPN Connection |
517 |
|
|
Chapter 27 |
|
|
||
SSL User Screens................................................................................................................. |
519 |
|
||
27.1 .......................................................................................................................... |
Overview |
519 |
|
|
|
27.1.1 What You Need to Know ........................................................................................ |
519 |
|
|
27.2 .......................................................................................................... |
Remote User Login |
520 |
|
|
|
27.3 The SSL VPN User Screens ........................................................................................... |
525 |
|
|
27.4 ............................................................................................... |
Bookmarking the ZyWALL |
526 |
|
|
|
|
|
|
|
20 |
|
|
|
|
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
|
|
|
|
Table of Contents |
27.5 |
Logging Out of the SSL VPN User Screens .................................................................... |
526 |
Chapter 28 |
|
|
SSL User Application Screens ............................................................................................ |
529 |
|
28.1 |
SSL User Application Screens Overview ........................................................................ |
529 |
28.2 |
The Application Screen ................................................................................................... |
529 |
Chapter 29 |
|
|
SSL User File Sharing .......................................................................................................... |
531 |
|
29.1 |
Overview .......................................................................................................................... |
531 |
29.1.1 What You Need to Know ........................................................................................ |
531 |
|
29.2 |
The Main File Sharing Screen ......................................................................................... |
532 |
29.3 |
Opening a File or Folder .................................................................................................. |
532 |
29.3.1 Downloading a File ................................................................................................. |
534 |
|
29.3.2 Saving a File .......................................................................................................... |
535 |
|
29.4 |
Creating a New Folder ..................................................................................................... |
535 |
29.5 |
Renaming a File or Folder ............................................................................................... |
536 |
29.6 |
Deleting a File or Folder .................................................................................................. |
536 |
29.7 |
Uploading a File ............................................................................................................... |
537 |
Chapter 30 |
|
|
ZyWALL SecuExtender......................................................................................................... |
539 |
|
30.1 |
The ZyWALL SecuExtender Icon .................................................................................... |
539 |
30.2 |
Statistics .......................................................................................................................... |
540 |
30.3 |
View Log .......................................................................................................................... |
541 |
30.4 |
Suspend and Resume the Connection ............................................................................ |
541 |
30.5 |
Stop the Connection ........................................................................................................ |
542 |
30.6 |
Uninstalling the ZyWALL SecuExtender .......................................................................... |
542 |
Chapter 31 |
|
|
L2TP VPN............................................................................................................................... |
|
543 |
31.1 |
Overview .......................................................................................................................... |
543 |
31.1.1 What You Can Do in this Chapter .......................................................................... |
543 |
|
31.1.2 What You Need to Know ........................................................................................ |
543 |
|
31.2 L2TP VPN Screen ........................................................................................................... |
545 |
|
Chapter 32 |
|
|
Application Patrol ................................................................................................................. |
547 |
|
32.1 |
Overview .......................................................................................................................... |
547 |
32.1.1 What You Can Do in this Chapter .......................................................................... |
547 |
|
32.1.2 What You Need to Know ....................................................................................... |
548 |
|
32.1.3 Application Patrol Bandwidth Management Examples ........................................... |
553 |
|
32.2 |
Application Patrol General Screen .................................................................................. |
557 |
ZyWALL USG 300 User’s Guide |
21 |
Table of Contents
32.3 |
Application Patrol Applications ........................................................................................ |
558 |
32.3.1 The Application Patrol Edit Screen ........................................................................ |
559 |
|
32.3.2 The Application Patrol Policy Edit Screen ............................................................. |
563 |
|
32.4 |
The Other Applications Screen ........................................................................................ |
566 |
32.4.1 The Other Applications Add/Edit Screen ................................................................ |
569 |
Chapter 33 |
|
|
||
Anti-Virus............................................................................................................................... |
|
573 |
|
|
33.1 |
Overview .......................................................................................................................... |
573 |
|
|
|
33.1.1 What You Can Do in this Chapter .......................................................................... |
573 |
|
|
|
33.1.2 What You Need to Know ........................................................................................ |
574 |
|
|
|
33.1.3 Before You Begin ................................................................................................... |
576 |
|
|
33.2 |
Anti-Virus Summary Screen ............................................................................................ |
576 |
|
|
|
33.2.1 Anti-Virus Policy Add or Edit Screen ...................................................................... |
579 |
|
|
33.3 |
Anti-Virus Black List ......................................................................................................... |
581 |
|
|
33.4 |
Anti-Virus Black List or White List Add/Edit ..................................................................... |
582 |
|
|
33.5 |
Anti-Virus White List ........................................................................................................ |
583 |
|
|
33.6 |
Signature Searching ........................................................................................................ |
584 |
|
|
33.7 |
Anti-Virus Technical Reference ........................................................................................ |
587 |
|
|
Chapter 34 |
|
|
||
IDP......................................................................................................................................... |
|
589 |
|
|
34.1 |
Overview .......................................................................................................................... |
589 |
|
|
|
34.1.1 What You Can Do in this Chapter .......................................................................... |
589 |
|
|
|
34.1.2 What You Need To Know ....................................................................................... |
589 |
|
|
|
34.1.3 Before You Begin ................................................................................................... |
590 |
|
|
34.2 |
The IDP General Screen ................................................................................................. |
591 |
|
|
34.3 |
Introducing IDP Profiles ................................................................................................. |
593 |
|
|
|
34.3.1 Base Profiles .......................................................................................................... |
594 |
|
|
34.4 |
The Profile Summary Screen .......................................................................................... |
595 |
|
|
34.5 |
Creating New Profiles ...................................................................................................... |
596 |
|
|
|
34.5.1 Procedure To Create a New Profile ........................................................................ |
596 |
|
|
34.6 |
Profiles: Packet Inspection ............................................................................................. |
597 |
|
|
|
34.6.1 Profile > Group View Screen .................................................................................. |
597 |
|
|
|
34.6.2 Policy Types ........................................................................................................... |
600 |
|
|
|
34.6.3 IDP Service Groups ............................................................................................... |
601 |
|
|
|
34.6.4 Profile > Query View Screen .................................................................................. |
602 |
|
|
|
34.6.5 Query Example ...................................................................................................... |
605 |
|
|
34.7 |
Introducing IDP Custom Signatures ............................................................................... |
607 |
|
|
|
34.7.1 IP Packet Header ................................................................................................... |
607 |
|
|
34.8 |
Configuring Custom Signatures ....................................................................................... |
608 |
|
|
|
34.8.1 Creating or Editing a Custom Signature ................................................................ |
610 |
|
|
|
34.8.2 Custom Signature Example ................................................................................... |
616 |
|
|
|
|
|
|
|
22 |
|
|
|
|
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
|
|
|
|
Table of Contents |
34.8.3 Applying Custom Signatures .................................................................................. |
618 |
|
34.8.4 Verifying Custom Signatures .................................................................................. |
619 |
|
34.9 |
IDP Technical Reference ................................................................................................. |
620 |
Chapter 35 |
|
|
ADP ....................................................................................................................................... |
|
623 |
35.1 |
Overview .......................................................................................................................... |
623 |
35.1.1 ADP and IDP Comparison ..................................................................................... |
623 |
|
35.1.2 What You Can Do in this Chapter ......................................................................... |
623 |
|
35.1.3 What You Need To Know ....................................................................................... |
623 |
|
35.1.4 Before You Begin ................................................................................................... |
624 |
|
35.2 |
The ADP General Screen ................................................................................................ |
625 |
35.3 |
The Profile Summary Screen .......................................................................................... |
626 |
35.3.1 Base Profiles .......................................................................................................... |
627 |
|
35.3.2 Configuring The ADP Profile Summary Screen ..................................................... |
627 |
|
35.3.3 Creating New ADP Profiles .................................................................................... |
628 |
|
35.3.4 Traffic Anomaly Profiles ........................................................................................ |
628 |
|
35.3.5 Protocol Anomaly Profiles ..................................................................................... |
631 |
|
35.3.6 Protocol Anomaly Configuration ............................................................................. |
631 |
|
35.4 |
ADP Technical Reference ................................................................................................ |
635 |
Chapter 36 |
|
|
Content Filtering .................................................................................................................. |
643 |
|
36.1 |
Overview .......................................................................................................................... |
643 |
36.1.1 What You Can Do in this Chapter .......................................................................... |
643 |
|
36.1.2 What You Need to Know ........................................................................................ |
643 |
|
36.1.3 Before You Begin ................................................................................................... |
645 |
|
36.2 |
Content Filter General Screen ......................................................................................... |
645 |
36.3 |
Content Filter Policy Add or Edit Screen ......................................................................... |
648 |
36.4 |
Content Filter Profile Screen .......................................................................................... |
650 |
36.5 |
Content Filter Categories Screen ................................................................................... |
650 |
36.5.1 Content Filter Blocked and Warning Messages ..................................................... |
662 |
|
36.6 |
Content Filter Customization Screen .............................................................................. |
663 |
36.7 |
Content Filter Technical Reference ................................................................................. |
665 |
Chapter 37 |
|
|
Content Filter Reports .......................................................................................................... |
667 |
|
37.1 |
Overview .......................................................................................................................... |
667 |
37.2 |
Viewing Content Filter Reports ........................................................................................ |
667 |
Chapter 38 |
|
|
Anti-Spam .............................................................................................................................. |
|
675 |
38.1 |
Overview .......................................................................................................................... |
675 |
ZyWALL USG 300 User’s Guide |
23 |
Table of Contents |
|
|
|
38.1.1 What You Can Do in this Chapter .......................................................................... |
|
675 |
|
38.1.2 What You Need to Know ........................................................................................ |
|
675 |
|
38.2 |
Before You Begin ............................................................................................................. |
|
677 |
38.3 |
The Anti - Spam General Screen ....................................................................................... |
|
677 |
38.3.1 The Anti-Spam Policy Add or Edit Screen .............................................................. |
|
679 |
|
38.4 |
The Anti - Spam Black List Screen .................................................................................... |
|
681 |
38.4.1 The Anti-Spam Black or White List Add/Edit Screen .............................................. |
|
683 |
|
38.4.2 Regular Expressions in Black or White List Entries ............................................... |
|
684 |
|
38.5 |
The Anti - Spam White List Screen .................................................................................... |
|
685 |
38.6 The DNSBL Screen ......................................................................................................... |
|
686 |
|
38.7 |
Anti - Spam Technical Reference ...................................................................................... |
|
688 |
Chapter 39 |
|
|
|
Device HA |
.............................................................................................................................. |
|
693 |
39.1 |
Overview .......................................................................................................................... |
|
693 |
39.1.1 What You Can Do in this Chapter .......................................................................... |
|
693 |
|
39.1.2 What You Need to Know ........................................................................................ |
|
693 |
|
39.1.3 Before You Begin ................................................................................................... |
|
694 |
|
39.2 .......................................................................................................... |
Device HA General |
|
695 |
39.3 ................................................................................... |
The Active - Passive Mode Screen |
|
696 |
39.3.1 ........................................................Configuring Active-Passive Mode Device HA |
|
698 |
|
39.4 ............................................... |
Configuring an Active - Passive Mode Monitored Interface |
|
701 |
39.5 ............................................................................................... |
The Legacy Mode Screen |
|
703 |
39.6 ............................................................................. |
Configuring the Legacy Mode Screen |
|
704 |
39.7 ...................................................................................... |
Device HA Technical Reference |
|
708 |
Chapter 40 |
|
|
|
User/Group ............................................................................................................................ |
|
715 |
|
40.1 .......................................................................................................................... |
Overview |
|
715 |
40.1.1 ..........................................................................What You Can Do in this Chapter |
|
715 |
|
40.1.2 .......................................................................................What You Need To Know |
|
715 |
|
40.2 .................................................................................................... |
User Summary Screen |
|
718 |
40.2.1 .............................................................................................User Add/Edit Screen |
|
718 |
|
40.3 ......................................................................................... |
User Group Summary Screen |
|
721 |
40.3.1 ..........................................................................................Group Add/Edit Screen |
|
722 |
|
40.4 ................................................................................................................ |
Setting Screen |
|
723 |
40.4.1 ..................................Default User Authentication Timeout Settings Edit Screens |
726 |
||
40.4.2 ....................................................................................User Aware Login Example |
|
728 |
|
40.5 ................................................................................... |
User /Group Technical Reference |
|
729 |
Chapter 41 |
|
|
|
Addresses............................................................................................................................. |
|
731 |
|
41.1 .......................................................................................................................... |
Overview |
|
731 |
24 |
|
ZyWALL USG 300 User’s Guide |
|
Table of Contents |
41.1.1 What You Can Do in this Chapter .......................................................................... |
731 |
41.1.2 What You Need To Know ....................................................................................... |
731 |
41.2 Address Summary Screen ............................................................................................... |
731 |
41.2.1 Address Add/Edit Screen ....................................................................................... |
733 |
41.3 Address Group Summary Screen .................................................................................... |
734 |
41.3.1 Address Group Add/Edit Screen ............................................................................ |
735 |
Chapter 42 |
|
Services ................................................................................................................................. |
737 |
42.1 Overview .......................................................................................................................... |
737 |
42.1.1 What You Can Do in this Chapter .......................................................................... |
737 |
42.1.2 What You Need to Know ........................................................................................ |
737 |
42.2 The Service Summary Screen ......................................................................................... |
738 |
42.2.1 The Service Add/Edit Screen ................................................................................. |
740 |
42.3 The Service Group Summary Screen ............................................................................. |
740 |
42.3.1 The Service Group Add/Edit Screen ...................................................................... |
742 |
Chapter 43 |
|
Schedules.............................................................................................................................. |
743 |
43.1 Overview .......................................................................................................................... |
743 |
43.1.1 What You Can Do in this Chapter .......................................................................... |
743 |
43.1.2 What You Need to Know ........................................................................................ |
743 |
43.2 The Schedule Summary Screen ...................................................................................... |
744 |
43.2.1 The One-Time Schedule Add/Edit Screen ............................................................. |
745 |
43.2.2 The Recurring Schedule Add/Edit Screen ............................................................. |
746 |
Chapter 44 |
|
AAA Server ........................................................................................................................... |
749 |
44.1 Overview .......................................................................................................................... |
749 |
44.1.1 Directory Service (AD/LDAP) ................................................................................. |
749 |
44.1.2 RADIUS Server ...................................................................................................... |
750 |
44.1.3 ASAS ...................................................................................................................... |
750 |
44.1.4 What You Can Do in this Chapter .......................................................................... |
750 |
44.1.5 What You Need To Know ....................................................................................... |
751 |
44.2 Active Directory or LDAP Server Summary ..................................................................... |
753 |
44.2.1 Adding an Active Directory or LDAP Server ........................................................... |
753 |
44.3 RADIUS Server Summary ............................................................................................... |
755 |
44.3.1 Adding a RADIUS Server ...................................................................................... |
757 |
Chapter 45 |
|
Authentication Method ......................................................................................................... |
759 |
45.1 Overview .......................................................................................................................... |
759 |
45.1.1 What You Can Do in this Chapter .......................................................................... |
759 |
ZyWALL USG 300 User’s Guide |
25 |
Table of Contents
45.1.2 Before You Begin ................................................................................................... |
759 |
45.1.3 Example: Selecting a VPN Authentication Method ................................................ |
759 |
45.2 Authentication Method Objects ........................................................................................ |
760 |
45.2.1 Creating an Authentication Method Object ............................................................ |
761 |
Chapter 46 |
|
|
||
Certificates ............................................................................................................................ |
765 |
|
||
46.1 |
Overview .......................................................................................................................... |
765 |
|
|
|
46.1.1 What You Can Do in this Chapter .......................................................................... |
765 |
|
|
|
46.1.2 What You Need to Know ........................................................................................ |
765 |
|
|
|
46.1.3 Verifying a Certificate ............................................................................................. |
767 |
|
|
46.2 |
The My Certificates Screen ............................................................................................. |
769 |
|
|
|
46.2.1 The My Certificates Add Screen ............................................................................ |
770 |
|
|
|
46.2.2 The My Certificates Edit Screen ............................................................................. |
775 |
|
|
|
46.2.3 The My Certificates Import Screen ........................................................................ |
778 |
|
|
46.3 |
The Trusted Certificates Screen ..................................................................................... |
779 |
|
|
|
46.3.1 The Trusted Certificates Edit Screen .................................................................... |
780 |
|
|
|
46.3.2 The Trusted Certificates Import Screen ................................................................ |
784 |
|
|
46.4 |
Certificates Technical Reference ..................................................................................... |
785 |
|
|
Chapter 47 |
|
|
||
ISP Accounts......................................................................................................................... |
787 |
|
||
47.1 |
Overview .......................................................................................................................... |
787 |
|
|
|
47.1.1 What You Can Do in this Chapter .......................................................................... |
787 |
|
|
47.2 |
ISP Account Summary .................................................................................................... |
787 |
|
|
|
47.2.1 ISP Account Edit ................................................................................................... |
788 |
|
|
Chapter 48 |
|
|
||
SSL Application .................................................................................................................... |
791 |
|
||
48.1 |
Overview .......................................................................................................................... |
791 |
|
|
|
48.1.1 What You Can Do in this Chapter .......................................................................... |
791 |
|
|
|
48.1.2 What You Need to Know ........................................................................................ |
791 |
|
|
|
48.1.3 Example: Specifying a Web Site for Access .......................................................... |
792 |
|
|
48.2 |
The SSL Application Screen ............................................................................................ |
793 |
|
|
|
48.2.1 Creating/Editing a Web-based SSL Application Object |
......................................... 794 |
|
|
|
48.2.2 Creating/Editing a File Sharing SSL Application Object |
......................................... 796 |
|
|
Chapter 49 |
|
|
||
Endpoint Security ................................................................................................................. |
799 |
|
||
49.1 |
Overview .......................................................................................................................... |
799 |
|
|
|
49.1.1 What You Can Do in this Chapter .......................................................................... |
800 |
|
|
|
49.1.2 What You Need to Know ........................................................................................ |
800 |
|
|
49.2 |
Endpoint Security Screen ................................................................................................ |
801 |
|
|
|
|
|
|
|
26 |
|
|
|
|
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
|
|
|
Table of Contents |
49.3 Endpoint Security Add/Edit .............................................................................................. |
803 |
Chapter 50 |
|
System ................................................................................................................................. |
809 |
50.1 Overview .......................................................................................................................... |
809 |
50.1.1 What You Can Do in this Chapter .......................................................................... |
809 |
50.2 Host Name ....................................................................................................................... |
810 |
50.3 Date and Time ................................................................................................................. |
811 |
50.3.1 Pre-defined NTP Time Servers List ........................................................................ |
813 |
50.3.2 Time Server Synchronization ................................................................................. |
814 |
50.4 Console Port Speed ......................................................................................................... |
815 |
50.5 DNS Overview ................................................................................................................. |
815 |
50.5.1 DNS Server Address Assignment .......................................................................... |
816 |
50.5.2 Configuring the DNS Screen .................................................................................. |
816 |
50.5.3 Address Record .................................................................................................... |
819 |
50.5.4 PTR Record ........................................................................................................... |
819 |
50.5.5 Adding an Address/PTR Record ............................................................................ |
819 |
50.5.6 Domain Zone Forwarder ....................................................................................... |
820 |
50.5.7 Adding a Domain Zone Forwarder ......................................................................... |
820 |
50.5.8 MX Record ............................................................................................................ |
821 |
50.5.9 Adding a MX Record .............................................................................................. |
822 |
50.5.10 Adding a DNS Service Control Rule .................................................................... |
822 |
50.6 WWW Overview .............................................................................................................. |
823 |
50.6.1 Service Access Limitations .................................................................................... |
824 |
50.6.2 System Timeout ..................................................................................................... |
824 |
50.6.3 HTTPS ................................................................................................................... |
824 |
50.6.4 Configuring WWW Service Control ........................................................................ |
825 |
50.6.5 Service Control Rules ............................................................................................ |
829 |
50.6.6 Customizing the WWW Login Page ....................................................................... |
829 |
50.6.7 HTTPS Example .................................................................................................... |
833 |
50.7 SSH .............................................................................................................................. |
840 |
50.7.1 How SSH Works .................................................................................................... |
841 |
50.7.2 SSH Implementation on the ZyWALL ..................................................................... |
842 |
50.7.3 Requirements for Using SSH ................................................................................. |
842 |
50.7.4 Configuring SSH .................................................................................................... |
842 |
50.7.5 Secure Telnet Using SSH Examples ...................................................................... |
844 |
50.8 Telnet .............................................................................................................................. |
845 |
50.8.1 Configuring Telnet .................................................................................................. |
846 |
50.9 FTP ................................................................................................................................. |
847 |
50.9.1 Configuring FTP ..................................................................................................... |
847 |
50.10 SNMP ........................................................................................................................... |
849 |
50.10.1 Supported MIBs ................................................................................................... |
851 |
50.10.2 SNMP Traps ......................................................................................................... |
851 |
ZyWALL USG 300 User’s Guide |
27 |
Table of Contents
50.10.3 Configuring SNMP ............................................................................................... |
851 |
|
50.11 Dial-in Management ....................................................................................................... |
853 |
|
50.11.1 Configuring Dial-in Mgmt ...................................................................................... |
854 |
|
50.12 Vantage CNM ............................................................................................................... |
855 |
|
50.12.1 Configuring Vantage CNM ................................................................................... |
856 |
|
50.13 Language Screen ......................................................................................................... |
858 |
|
Chapter 51 |
|
|
Log and Report ................................................................................................................... |
859 |
|
51.1 |
Overview .......................................................................................................................... |
859 |
51.1.1 What You Can Do In this Chapter .......................................................................... |
859 |
|
51.2 |
Email Daily Report .......................................................................................................... |
859 |
51.3 |
Log Setting Screens ....................................................................................................... |
861 |
51.3.1 Log Setting Summary ............................................................................................. |
862 |
|
51.3.2 Edit System Log Settings ...................................................................................... |
863 |
|
51.3.3 Edit Remote Server Log Settings .......................................................................... |
868 |
|
51.3.4 Active Log Summary Screen .................................................................................. |
870 |
|
Chapter 52 |
|
|
File Manager......................................................................................................................... |
873 |
|
52.1 |
Overview .......................................................................................................................... |
873 |
52.1.1 What You Can Do in this Chapter .......................................................................... |
873 |
|
52.1.2 What you Need to Know ........................................................................................ |
873 |
|
52.2 |
The Configuration File Screen ......................................................................................... |
876 |
52.3 |
The Firmware Package Screen ...................................................................................... |
880 |
52.4 |
The Shell Script Screen .................................................................................................. |
882 |
Chapter 53 |
|
|
Diagnostics........................................................................................................................... |
885 |
|
53.1 |
Overview .......................................................................................................................... |
885 |
53.1.1 What You Can Do in this Chapter .......................................................................... |
885 |
|
53.2 |
The Diagnostic Screen .................................................................................................... |
885 |
53.3 |
The Packet Capture Screen ............................................................................................ |
886 |
53.3.1 The Packet Capture Files Screen .......................................................................... |
888 |
|
53.3.2 Example of Viewing a Packet Capture File ............................................................ |
889 |
|
Chapter 54 |
|
|
Reboot.................................................................................................................................... |
|
891 |
54.1 |
Overview .......................................................................................................................... |
891 |
54.1.1 What You Need To Know ....................................................................................... |
891 |
|
54.2 |
The Reboot Screen ......................................................................................................... |
891 |
Chapter 55 |
|
|
Shutdown............................................................................................................................... |
|
893 |
28 |
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|
|
|
|
|
|
Table of Contents |
55.1 |
Overview .......................................................................................................................... |
893 |
|||
|
|
55.1.1 What You Need To Know ....................................................................................... |
893 |
||
55.2 |
The Shutdown Screen ..................................................................................................... |
893 |
|||
Chapter 56 |
|
|
|||
Troubleshooting.................................................................................................................... |
895 |
||||
56.1 |
Resetting the ZyWALL ..................................................................................................... |
912 |
|||
56.2 |
Getting More Troubleshooting Help ................................................................................. |
913 |
|||
Chapter 57 |
|
|
|||
Product Specifications ......................................................................................................... |
915 |
||||
57.1 |
3G PCMCIA Card Installation .......................................................................................... |
921 |
|||
Appendix |
A |
Log Descriptions ............................................................................................... |
923 |
||
Appendix |
B Common Services............................................................................................. |
983 |
|||
Appendix |
C |
Displaying Anti-Virus Alert Messages in Windows............................................ |
987 |
||
Appendix |
D |
Importing Certificates........................................................................................ |
993 |
||
Appendix |
E Wireless LANs ................................................................................................ |
1019 |
|||
Appendix |
F Open Software Announcements ..................................................................... |
1035 |
|||
Appendix |
G |
Legal Information............................................................................................ |
1091 |
||
Index..................................................................................................................................... |
|
|
|
1095 |
|
29 |
ZyWALL USG 300 User’s Guide |
|
|
|
Table of Contents
30 |
|
|
ZyWALL USG 300 User’s Guide |
|
|
|
|
|