ZyXEL Communications 100 Series User manual

www.zyxel.com

ZyWALL USG 100/200

Series

Unified Security Gateway

User’s Guide

Version 2.10

5/2008

Edition 1

DEFAULT LOGIN

LAN1 Port P4

IP Address http://192.168.1.1

User Name admin

Password 1234

About This User's Guide

ZyWALL USG 100/200 Series User’s Guide

3

About This User's Guide

Intended Audience

This manual is intended for people who want to want to configure the ZyWALL using the web

configurator.

How To Use This Guide

•Read Chapter 1 on page 53 chapter for an overview of features available on the ZyWALL.

•Read Chapter 3 on page 65 for web browser requirements and an introduction to the main

components, icons and menus in the ZyWALL web configurator.

•Read Chapter 4 on page 75 if you’re using the wizards for first time setup and you want

more detailed information than what the real time online help provides.

• It is highly recommended you read Chapter 5 on page 109 for detailed information on

essential terms used in the ZyWALL, what prerequisites are needed to configure a feature

and how to use that feature.

• It is highly recommended you read Chapter 6 on page 125 for ZyWALL application

examples.

• Subsequent chapters are arranged by menu item as defined in the web configurator. Read

each chapter carefully for detailed information on that menu item.

• To find specific information in this guide, use the Contents Overview, the Table of

Contents, the Index, or search the PDF file. E-mail [email protected] if you

cannot find the information you require.

Related Documentation

• Quick Start Guide

The Quick Start Guide is designed to show you how to make the ZyWALL hardware

connections, rack mounting and access the web configurator wizards. (See the wizard real

time help for information on configuring each screen.) It contains a connection diagram,

default settings, handy checklists and information on setting up your network and

configuring for Internet access.

• Configuration Reference Card

See this handy reference card to see what prerequisites are needed to configure a feature

and how to use this feature in the ZyWALL.

• CLI Reference Guide

The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to

configure the ZyWALL.

" It is recommended you use the web configurator to configure the ZyWALL.

• Web Configurator Online Help

About This User's Guide

ZyWALL USG 100/200 Series User’s Guide

4

Click the help icon in any screen for help in configuring that screen and supplementary

information.

• Supporting Disk

Refer to the included CD for support documents.

• ZyXEL Web Site

Please refer to www.zyxel.com

for additional support documentation and product

certifications.

User Guide Feedback

Help us help you. Send all User Guide-related comments, questions or suggestions for

improvement to the following address, or use e-mail instead. Thank you!

The Technical Writing Team,

ZyXEL Communications Corp.,

6 Innovation Road II,

Science-Based Industrial Park,

Hsinchu, 300, Taiwan.

E-mail: [email protected]

Document Conventions

ZyWALL USG 100/200 Series User’s Guide

5

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

1 Warnings tell you about things that could harm you or your device.

" Notes tell you other important information (for example, other things you may

need to configure or helpful tips) or recommendations.

Syntax Conventions

• The ZyWALL USG 100 and ZyWALL USG 200 may be referred to as the “ZyWALL”,

the “device”, the “system” or the “product” in this User’s Guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER]

means the “enter” or “return” key on your keyboard.

• “Enter” means for you to type one or more characters and then press the [ENTER] key.

“Select” or “choose” means for you to use one of the predefined choices.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example,

Maintenance > Log > Log Setting means you first click Maintenance in the navigation

panel, then the Log sub menu and finally the Log Setting tab to get to that screen.

• Units of measurement may denote the “metric” value or the “scientific” value. For

example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000”

or “1048576” and so on.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

Document Conventions

ZyWALL USG 100/200 Series User’s Guide

6

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyWALL icon is not an

exact representation of your device.

ZyWALL Computer Notebook computer

Server Firewall Telephone

Switch Router

Safety Warnings

ZyWALL USG 100/200 Series User’s Guide

7

Safety Warnings

1 For your safety, be sure to read and follow all warning notices and instructions.

• Do NOT use this product near water, for example, in a wet basement or near a swimming

pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk

of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• Do NOT open the device or unit. Opening or removing covers can expose you to

dangerous high voltage points or other risks. ONLY qualified service personnel should

service or disassemble this device. Please contact your vendor for further information.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device. Connect it to the right

supply voltage (for example, 110V AC in North America or 230V AC in Europe).

• Do NOT remove the plug and connect it to a power outlet by itself; always attach the plug

to the power adaptor first before connecting it to a power outlet.

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the

product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause

electrocution.

• If the power adaptor or cord is damaged, remove it from the device and the power source.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a

new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a

remote risk of electric shock from lightning.

• CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED

BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO

THE INSTRUCTIONS. Dispose them at the applicable collection point for the recycling

of electrical and electronic equipment. For detailed information about recycling of this

product, please contact your local city office, your household waste disposal service or the

store where you purchased the product.

• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your

device.

This product is recyclable. Dispose of it properly.

Safety Warnings

ZyWALL USG 100/200 Series User’s Guide

8

Contents Overview

ZyWALL USG 100/200 Series User’s Guide

9

Contents Overview

Getting Started .......................................................................................................................51

Introducing the ZyWALL ............................................................................................................53

Features and Applications ......................................................................................................... 57

Web Configurator ....................................................................................................................... 65

Wizard Setup ............................................................................................................................. 75

Configuration Basics ................................................................................................................ 109

Tutorials ................................................................................................................................... 125

Status ...................................................................................................................................... 171

Registration ............................................................................................................................. 185

Signature Update ..................................................................................................................... 191

Network .................................................................................................................................197

Interface ................................................................................................................................... 199

Trunks ......................................................................................................................................269

Policy and Static Routes .......................................................................................................... 277

Routing Protocols .................................................................................................................... 287

Zones ...................................................................................................................................... 299

DDNS ...................................................................................................................................... 303

Virtual Servers ......................................................................................................................... 309

HTTP Redirect ........................................................................................................................ 321

ALG .........................................................................................................................................325

Firewall ..................................................................................................................................333

Firewall .................................................................................................................................. 335

VPN ........................................................................................................................................349

IPSec VPN ...............................................................................................................................351

SSL VPN ................................................................................................................................. 385

SSL User Screens ................................................................................................................... 395

SSL User Application Screens ................................................................................................ 401

SSL User File Sharing ............................................................................................................. 403

L2TP VPN ................................................................................................................................ 409

L2TP VPN Example ................................................................................................................. 415

Application Patrol ................................................................................................................441

Application Patrol ..................................................................................................................... 443

Contents Overview

ZyWALL USG 100/200 Series User’s Guide

10

Anti-X ....................................................................................................................................467

Anti-Virus ................................................................................................................................. 469

IDP ..........................................................................................................................................483

ADP ........................................................................................................................................ 513

Content Filtering ...................................................................................................................... 531

Content Filter Reports .............................................................................................................551

Anti-Spam ................................................................................................................................ 559

Device HA .............................................................................................................................573

Device HA ............................................................................................................................... 575

Objects ..................................................................................................................................591

User/Group .............................................................................................................................. 593

Addresses ...............................................................................................................................607

Services ...................................................................................................................................613

Schedules ................................................................................................................................ 619

AAA Server ............................................................................................................................. 625

Authentication Method ............................................................................................................. 635

Certificates ............................................................................................................................... 639

SSL Application ....................................................................................................................... 657

System ..................................................................................................................................663

System ................................................................................................................................... 665

Maintenance, Troubleshooting, & Specifications .............................................................703

File Manager ...........................................................................................................................705

Logs ........................................................................................................................................ 715

Reports ................................................................................................................................... 727

Diagnostics ............................................................................................................................. 741

Reboot .....................................................................................................................................743

Troubleshooting ....................................................................................................................... 745

Product Specifications .............................................................................................................749

Appendices and Index .........................................................................................................757

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

11

Table of Contents

About This User's Guide..........................................................................................................3

Document Conventions............................................................................................................5

Safety Warnings........................................................................................................................7

Contents Overview ...................................................................................................................9

Table of Contents....................................................................................................................11

List of Figures.........................................................................................................................29

List of Tables...........................................................................................................................43

Part I: Getting Started............................................................................ 51

Chapter 1

Introducing the ZyWALL ........................................................................................................53

1.1 Overview and Key Default Settings ..................................................................................... 53

1.2 Front Panel LEDs ................................................................................................................ 53

1.3 Management Overview ........................................................................................................54

1.4 Starting and Stopping the ZyWALL ...................................................................................... 55

Chapter 2

Features and Applications.....................................................................................................57

2.1 Features .............................................................................................................................. 57

2.2 Packet Flow ......................................................................................................................... 59

2.2.1 Interface to Interface (Through ZyWALL) ................................................................... 59

2.2.2 Interface to Interface (To/From ZyWALL) ................................................................... 60

2.2.3 Interface to Interface (From VPN Tunnel) .................................................................. 60

2.2.4 Interface to Interface (To VPN Tunnel) ....................................................................... 60

2.3 Applications ......................................................................................................................... 60

2.3.1 VPN Connectivity ....................................................................................................... 60

2.3.2 SSL VPN Network Access ......................................................................................... 61

2.3.3 User-Aware Access Control ....................................................................................... 62

2.3.4 Multiple WAN Interfaces ............................................................................................. 62

2.3.5 Device HA .................................................................................................................. 63

Chapter 3

Web Configurator....................................................................................................................65

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

12

3.1 Web Configurator Requirements ......................................................................................... 65

3.2 Web Configurator Access ....................................................................................................65

3.3 Web Configurator Main Screen ........................................................................................... 67

3.3.1 Title Bar ...................................................................................................................... 67

3.3.2 Navigation Panel ........................................................................................................68

3.3.3 Main Window ..............................................................................................................72

3.3.4 Message Bar ..............................................................................................................72

Chapter 4

Wizard Setup...........................................................................................................................75

4.1 Wizard Setup Overview ....................................................................................................... 75

4.2 Installation Setup, One ISP .................................................................................................76

4.3 Step 1 Internet Access ........................................................................................................ 77

4.3.1 Ethernet: Auto IP Address Assignment ...................................................................... 77

4.3.2 Ethernet: Static IP Address Assignment .................................................................... 78

4.3.3 Step 2 Internet Access Ethernet ................................................................................ 79

4.3.4 PPPoE: Auto IP Address Assignment ........................................................................ 81

4.3.5 PPPoE: Static IP Address Assignment ...................................................................... 82

4.3.6 Step 2 Internet Access PPPoE .................................................................................. 84

4.3.7 PPTP: Auto IP Address Assignment .......................................................................... 85

4.3.8 PPTP: Static IP Address Assignment ......................................................................... 88

4.3.9 Step 2 Internet Access PPTP .................................................................................... 89

4.3.10 Step 4 Internet Access - Finish ............................................................................... 90

4.4 Device Registration ..........................................................................................................91

4.5 Installation Setup, Two Internet Service Providers .............................................................. 92

4.5.1 Internet Access Wizard Setup Complete ................................................................... 94

4.6 VPN Setup ........................................................................................................................... 94

4.7 VPN Wizards ...................................................................................................................... 95

4.7.1 VPN Express Wizard .................................................................................................. 95

4.8 VPN Express Wizard - Remote Gateway ........................................................................... 96

4.8.1 VPN Express Wizard - Policy Setting ........................................................................ 97

4.8.2 VPN Express Wizard - Summary .............................................................................. 98

4.8.3 VPN Express Wizard - Finish .................................................................................... 99

4.8.4 VPN Advanced Wizard ............................................................................................. 100

4.8.5 VPN Advanced Wizard - Remote Gateway ............................................................. 101

4.8.6 VPN Advanced Wizard - Phase 1 ........................................................................... 102

4.8.7 VPN Advanced Wizard - Phase 2 ........................................................................... 105

4.8.8 VPN Advanced Wizard - Summary ......................................................................... 106

4.8.9 VPN Advanced Wizard - Finish ............................................................................... 106

Chapter 5

Configuration Basics............................................................................................................109

5.1 Object-based Configuration ............................................................................................... 109

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

13

5.2 Zones, Interfaces, and Physical Ports ................................................................................110

5.2.1 Interface Types ..........................................................................................................110

5.2.2 Default Interface and Zone Configuration .................................................................111

5.3 Terminology in the ZyWALL ................................................................................................112

5.4 Feature Configuration Overview ........................................................................................113

5.4.1 Feature ......................................................................................................................113

5.4.2 Interface ....................................................................................................................114

5.4.3 Trunks .......................................................................................................................114

5.4.4 IPSec VPN ................................................................................................................114

5.4.5 SSL VPN ...................................................................................................................115

5.4.6 L2TP VPN .................................................................................................................115

5.4.7 Zones ........................................................................................................................115

5.4.8 Device HA .................................................................................................................115

5.4.9 DDNS ........................................................................................................................116

5.4.10 Policy Routes ..........................................................................................................116

5.4.11 Static Routes ...........................................................................................................117

5.4.12 Firewall ....................................................................................................................117

5.4.13 Application Patrol ....................................................................................................118

5.4.14 Anti-Virus .................................................................................................................118

5.4.15 IDP ..........................................................................................................................118

5.4.16 ADP .........................................................................................................................119

5.4.17 Content Filter ...........................................................................................................119

5.4.18 Anti-Spam ................................................................................................................119

5.4.19 Virtual Server (Port Forwarding) .............................................................................119

5.4.20 HTTP Redirect ....................................................................................................... 120

5.4.21 ALG ........................................................................................................................120

5.5 Objects .............................................................................................................................. 121

5.5.1 User/Group ...............................................................................................................121

5.6 System Management and Maintenance ............................................................................ 122

5.6.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-in Mgmt, Vantage CNM .................. 122

5.6.2 File Manager ............................................................................................................122

5.6.3 Licensing Registration .............................................................................................. 123

5.6.4 Licensing Update ..................................................................................................... 123

5.6.5 Logs and Reports .....................................................................................................123

5.6.6 Diagnostics ...............................................................................................................123

Chapter 6

Tutorials.................................................................................................................................125

6.1 How to Configure Ethernet Interfaces and Port Roles .......................................................125

6.1.1 How to Configure a WAN Ethernet Interface ............................................................125

6.1.2 How to Configure the OPT Interface for a Local Network ........................................ 126

6.1.3 How to Configure Port Roles .................................................................................... 128

6.2 How to Configure a Cellular Interface ................................................................................ 129

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

14

6.3 How to Set Up a WLAN Interface ...................................................................................... 131

6.3.1 How to Set Up User Accounts .................................................................................. 131

6.3.2 How to Create the WLAN Interface .......................................................................... 132

6.3.3 How to Set Up the Wireless Clients to Use the WLAN Interface ............................. 134

6.4 How to Set Up an IPSec VPN ........................................................................................... 144

6.4.1 How to Set Up the VPN Gateway ............................................................................ 144

6.4.2 How to Set Up the VPN Connection ........................................................................ 145

6.4.3 How to Set Up the Policy Route for the VPN Tunnel ...............................................146

6.4.4 How to Configure Security Policies for the VPN Tunnel ........................................... 147

6.5 How to Configure User-aware Access Control .................................................................. 148

6.5.1 How to Set Up User Accounts .................................................................................. 148

6.5.2 How to Set Up User Groups ..................................................................................... 148

6.5.3 How to Set Up User Authentication Using the RADIUS Server ............................... 149

6.5.4 How to Set Up Web Surfing Policies With Bandwidth Restrictions .......................... 150

6.5.5 How to Set Up MSN Policies .................................................................................... 152

6.5.6 How to Set Up Firewall Rules .................................................................................. 153

6.6 How to Configure Load Balancing ..................................................................................... 154

6.6.1 How to Set Up Available Bandwidth on Ethernet Interfaces ....................................155

6.6.2 How to Configure the Load Balancing in the WAN Trunk ........................................155

6.7 How to Configure Service Control ..................................................................................... 156

6.7.1 How to Allow HTTPS Administrator Access Only From the LAN ............................. 156

6.8 How to Allow Incoming H.323 Peer-to-peer Calls ............................................................. 159

6.8.1 How to Turn On the ALG .......................................................................................... 160

6.8.2 How to Set Up a Virtual Server Policy For H.323 .....................................................160

6.8.3 How to Set Up a Firewall Rule For H.323 ................................................................ 161

6.9 How to Use Device HA ...................................................................................................... 162

6.9.1 Before You Start .......................................................................................................163

6.9.2 How to Configure Device HA on the Master ZyWALL .............................................. 163

6.9.3 How to Configure the Backup ZyWALL .................................................................... 165

6.9.4 How to Deploy the Backup ZyWALL ........................................................................ 166

6.9.5 How to Check Your Device HA Setup ...................................................................... 166

6.10 How to Allow Public Access to a Server .......................................................................... 167

6.10.1 How to Create the Address Objects ....................................................................... 167

6.10.2 How to Configure a Virtual Server .......................................................................... 168

Chapter 7

Status....................................................................................................................................171

7.1 Overview ............................................................................................................................171

7.1.1 What You Can Do in the Status Screens .................................................................. 171

7.2 The Status Screen ............................................................................................................. 171

7.2.1 The CPU Usage Screen ........................................................................................... 175

7.2.2 The Memory Usage Screen .....................................................................................176

7.2.3 The Session Usage Screen ..................................................................................... 177

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

15

7.2.4 The VPN Status Screen ........................................................................................... 178

7.2.5 The DHCP Table Screen .......................................................................................... 179

7.2.6 The Port Statistics Screen ........................................................................................180

7.2.7 The Port Statistics Graph Screen ............................................................................. 181

7.2.8 The Current Users Screen ....................................................................................... 182

7.2.9 The Cellular Status Detail Screen ............................................................................ 183

Chapter 8

Registration...........................................................................................................................185

8.1 Overview ............................................................................................................................185

8.1.1 What You Can Do in the Registration Screens ........................................................ 185

8.1.2 What you Need to Know About Service Registration ............................................... 185

8.2 The Registration Screen ....................................................................................................186

8.3 The Service Screen ........................................................................................................... 189

Chapter 9

Signature Update ..................................................................................................................191

9.1 Overview ............................................................................................................................191

9.1.1 What You Can Do in the Update Screens ................................................................ 191

9.1.2 What you Need to Know About Signature Updates ................................................. 191

9.2 The Antivirus Update Screen ............................................................................................. 191

9.3 The IDP/AppPatrol Update Screen .................................................................................... 193

9.4 The System Protect Update Screen ................................................................................. 194

Part II: Network..................................................................................... 197

Chapter 10

Interface.................................................................................................................................199

10.1 Interface Overview ........................................................................................................... 199

10.1.1 What You Can Do in the Interface Screens ............................................................199

10.1.2 What You Need to Know About Interfaces ............................................................. 200

10.2 The Interface Status Screen ............................................................................................ 202

10.3 The Port Role Screen ......................................................................................................205

10.4 The Ethernet Summary Screen ....................................................................................... 206

10.4.1 The Ethernet Edit Screen ....................................................................................... 207

10.5 Interface Wizards ............................................................................................................. 214

10.5.1 Interface Wizard: OPT Interface First Screen ........................................................ 214

10.5.2 Interface Wizard: WAN Type .................................................................................. 215

10.5.3 Interface Wizard: Non-WAN OPT Interface Setup ................................................. 215

10.5.4 Interface Wizard: WAN Zone and IP Address Assignment .................................... 216

10.5.5 Interface Wizard: WAN ISP Connection Settings ................................................... 217

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

16

10.5.6 Interface Wizard: Summary (Non-WAN) ................................................................ 219

10.5.7 Interface Wizard: Summary (WAN) ........................................................................ 219

10.6 The PPP Interfaces Screen ............................................................................................. 221

10.6.1 PPP Interface Edit Screen .....................................................................................222

10.7 Cellular Configuration Screen (3G) ................................................................................. 226

10.7.1 Cellular Add/Edit Screen ........................................................................................ 228

10.8 Cellular Status Screen .....................................................................................................231

10.9 WLAN Interface General Screen ..................................................................................... 233

10.9.1 WLAN Add/Edit Screen .......................................................................................... 235

10.9.2 WLAN Add/Edit Screen: WEP Security .................................................................. 241

10.9.3 WLAN Add/Edit Screen: WPA-PSK/WPA2-PSK Security ...................................... 242

10.9.4 WLAN Add/Edit Screen: WPA/WPA2 Security .......................................................243

10.10 WLAN Interface MAC Filter Screen ............................................................................... 245

10.10.1 MAC Filter Add/Edit Screen ................................................................................. 245

10.11 WLAN Interface Station Monitor Screen ........................................................................ 246

10.12 VLAN Interface Screen .................................................................................................. 247

10.12.1 Configuring the VLAN Summary Screen .............................................................. 249

10.12.2 Configuring the VLAN Add/Edit Screen ............................................................... 250

10.13 Bridge Interface Screen .................................................................................................255

10.13.1 Configuring the Bridge Summary Screen ............................................................. 256

10.13.2 Configuring the Bridge Add/Edit Screen .............................................................. 257

10.14 Auxiliary Interface Screen ..............................................................................................261

10.15 Virtual Interface Screen .................................................................................................263

10.16 Interface Technical Reference ....................................................................................... 265

Chapter 11

Trunks....................................................................................................................................269

11.1 Overview ..........................................................................................................................269

11.1.1 What You Can Do in the Trunk Screens ................................................................. 269

11.1.2 What you Need to Know About Trunks .................................................................. 269

11.2 The Trunk Summary Screen ............................................................................................ 272

11.2.1 The Trunk Edit Screen ........................................................................................... 273

11.3 Trunk Technical Reference ..............................................................................................275

Chapter 12

Policy and Static Routes......................................................................................................277

12.1 Policy and Static Routes Overview .................................................................................. 277

12.1.1 What You Can Do in the Policy and Static Route Screens ..................................... 278

12.1.2 What You Need to Know About Policy and Static Routing .....................................278

12.2 Policy Route Screen ........................................................................................................ 279

12.2.1 Policy Route Edit Screen ....................................................................................... 281

12.3 IP Static Route Screen ....................................................................................................283

12.3.1 Static Route Add/Edit Screen ................................................................................. 284

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

17

12.4 Policy Routing Technical Reference ................................................................................285

Chapter 13

Routing Protocols.................................................................................................................287

13.1 Routing Protocols Overview ............................................................................................287

13.1.1 What You Can Do in the RIP and OSPF Screens .................................................. 287

13.1.2 What You Need to Know About Routing Protocols ................................................ 287

13.2 The RIP Screen ...............................................................................................................288

13.3 The OSPF Screen ...........................................................................................................289

13.3.1 Configuring the OSPF Screen ................................................................................ 292

13.3.2 OSPF Area Add/Edit Screen ................................................................................. 293

13.4 Routing Protocol Technical Reference ............................................................................ 295

Chapter 14

Zones ....................................................................................................................................299

14.1 Zones Overview ............................................................................................................... 299

14.1.1 What You Can Do in the Zones Screens ................................................................ 299

14.1.2 What You Need to Know About Zones ................................................................... 300

14.2 The Zone Screen ............................................................................................................. 300

14.2.1 The Zone Edit Screen ............................................................................................ 301

Chapter 15

DDNS......................................................................................................................................303

15.1 DDNS Overview ..............................................................................................................303

15.1.1 What You Can Do in the DDNS Screens ............................................................... 303

15.1.2 What You Need to Know About DDNS ...................................................................303

15.2 The DDNS Screen ...........................................................................................................304

15.2.1 The Dynamic DNS Add/Edit Screen ......................................................................305

15.3 The DDNS Status Screen ................................................................................................ 307

Chapter 16

Virtual Servers.......................................................................................................................309

16.1 Virtual Servers Overview .................................................................................................309

16.1.1 What You Can Do in the Virtual Server Screens .................................................... 309

16.1.2 What You Need to Know About Virtual Servers ..................................................... 309

16.2 The Virtual Server Screen ............................................................................................... 310

16.2.1 The Virtual Server Add/Edit Screen ........................................................................311

16.3 NAT 1:1 and NAT Loopback Examples ........................................................................... 313

Chapter 17

HTTP Redirect......................................................................................................................321

17.1 Overview .......................................................................................................................... 321

17.1.1 What You Can Do in the HTTP Redirect Screens .................................................. 321

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

18

17.1.2 What You Need to Know About HTTP Redirect ..................................................... 322

17.2 The HTTP Redirect Screen ............................................................................................. 322

17.2.1 The HTTP Redirect Edit Screen ............................................................................. 323

Chapter 18

ALG ........................................................................................................................................325

18.1 ALG Overview .................................................................................................................325

18.1.1 What You Can Do in the ALG Screen .................................................................... 325

18.1.2 What You Need to Know About ALG ..................................................................... 326

18.1.3 Before You Begin ...................................................................................................328

18.2 The ALG Screen ..............................................................................................................328

18.3 ALG Technical Reference ................................................................................................ 330

Part III: Firewall .................................................................................... 333

Chapter 19

Firewall.................................................................................................................................335

19.1 Overview .......................................................................................................................... 335

19.1.1 What You Can Do in the Firewall Screens ............................................................. 335

19.1.2 What You Need to Know About the Firewall .......................................................... 336

19.1.3 Firewall Rule Example Applications ....................................................................... 338

19.1.4 Firewall Rule Configuration Example ..................................................................... 340

19.2 The Firewall Screen ......................................................................................................... 343

19.2.1 Configuring the Firewall Screen ............................................................................. 343

19.2.2 The Firewall Edit Screen ........................................................................................ 346

Part IV: VPN.......................................................................................... 349

Chapter 20

IPSec VPN..............................................................................................................................351

20.1 IPSec VPN Overview ....................................................................................................... 351

20.1.1 What You Can Do in the IPSec VPN Screens ........................................................ 351

20.1.2 What You Need to Know About IPSec VPN ........................................................... 352

20.1.3 Before You Begin ...................................................................................................352

20.2 The VPN Connection Screen .......................................................................................... 353

20.2.1 The VPN Connection Add/Edit (IKE) Screen ......................................................... 355

20.2.2 The VPN Connection Add/Edit Manual Key Screen ..............................................360

20.3 The VPN Gateway Screen .............................................................................................. 363

20.3.1 The VPN Gateway Add/Edit Screen ...................................................................... 364

20.4 The VPN Concentrator Screen ........................................................................................369

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

19

20.4.1 The VPN Concentrator Add/Edit Screen ................................................................ 370

20.5 The SA Monitor Screen .................................................................................................. 371

20.6 IPSec VPN Background Information ............................................................................... 373

Chapter 21

SSL VPN.................................................................................................................................385

21.1 Overview .......................................................................................................................... 385

21.1.1 What You Can Do in the SSL VPN Screens .......................................................... 385

21.1.2 What You Need to Know About SSL VPN .............................................................. 385

21.2 The SSL Access Privilege Screen ................................................................................... 387

21.2.1 The SSL Access Policy Add/Edit Screen .............................................................. 387

21.3 The SSL Connection Monitor Screen .............................................................................. 389

21.4 The SSL Global Setting Screen ....................................................................................... 390

21.4.1 How to Upload a Custom Logo .............................................................................. 392

21.5 Establishing an SSL VPN Connection ............................................................................. 392

Chapter 22

SSL User Screens.................................................................................................................395

22.1 Overview .......................................................................................................................... 395

22.1.1 What You Need to Know About the SSL User Screens ......................................... 395

22.2 Remote User Login ..........................................................................................................396

22.3 The SSL VPN User Screens ........................................................................................... 398

22.4 Bookmarking the ZyWALL ............................................................................................... 399

22.5 Logging Out of the SSL VPN User Screens .................................................................... 399

Chapter 23

SSL User Application Screens ............................................................................................401

23.1 SSL User Application Screens Overview ........................................................................ 401

23.2 The Application Screen ...................................................................................................401

Chapter 24

SSL User File Sharing ..........................................................................................................403

24.1 Overview .......................................................................................................................... 403

24.1.1 What You Need to Know About the SSL VPN File Sharing ................................... 403

24.2 The Main File Sharing Screen ......................................................................................... 403

24.3 Opening a File or Folder ..................................................................................................404

24.3.1 Downloading a File ................................................................................................. 405

24.3.2 Saving a File ..........................................................................................................405

24.4 Creating a New Folder .....................................................................................................406

24.5 Renaming a File or Folder ............................................................................................... 406

24.6 Deleting a File or Folder ..................................................................................................407

24.7 Uploading a File ............................................................................................................... 408

Table of Contents

ZyWALL USG 100/200 Series User’s Guide

20

Chapter 25

L2TP VPN...............................................................................................................................409

25.1 Overview .......................................................................................................................... 409

25.1.1 What You Can Do in the L2TP VPN Screens .........................................................409

25.1.2 What You Need to Know About L2TP VPN ............................................................ 409

25.2 L2TP VPN Screen ............................................................................................................411

25.3 L2TP VPN Session Monitor Screen ................................................................................ 412

Chapter 26

L2TP VPN Example...............................................................................................................415

26.1 L2TP VPN Example .........................................................................................................415

26.2 Configuring the Default L2TP VPN Gateway Example .................................................... 415

26.3 Configuring the Default L2TP VPN Connection Example ................................................ 416

26.4 Configuring the L2TP VPN Settings Example .................................................................418

26.5 Configuring the Policy Route for L2TP Example ............................................................. 418

26.6 Configuring L2TP VPN in Windows XP and 2000 ........................................................... 419

26.6.1 Configuring L2TP in Windows XP .......................................................................... 419

26.6.2 Configuring L2TP in Windows 2000 ....................................................................... 425

Part V: Application Patrol.................................................................... 441

Chapter 27

Application Patrol.................................................................................................................443

27.1 Overview .......................................................................................................................... 443

27.1.1 What You Can Do in the Application Patrol Screens .............................................. 443

27.1.2 What You Need to Know About Application Patrol ................................................ 444

27.1.3 Application Patrol Bandwidth Management Examples ...........................................448

27.2 Application Patrol General Screen .................................................................................. 451

27.3 Application Patrol Applications ........................................................................................ 453

27.3.1 The Application Patrol Edit Screen ........................................................................ 454

27.3.2 The Application Patrol Policy Edit Screen ............................................................. 456

27.4 The Other Applications Screen ........................................................................................ 458

27.4.1 The Other Applications Add/Edit Screen ................................................................ 460

27.5 Application Patrol Statistics .............................................................................................462

27.5.1 Application Patrol Statistics: General Setup ...........................................................462

27.5.2 Application Patrol Statistics: Bandwidth Statistics .................................................. 463

27.5.3 Application Patrol Statistics: Protocol Statistics ..................................................... 464

Part VI: Anti-X....................................................................................... 467

Page is loading ...

ZyXEL Communications 100 Series, 200 Series, Network Router 100 Series User manual

Related papers

Other documents