2. Computers & electronics
  3. Networking
  4. Routers
  5. ZyXEL
  6. UAG715
UAG715

ZyXEL UAG715 User guide

  • Hello! I am an AI chatbot trained to assist you with the ZyXEL UAG715 User guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Quick Start Guide
www.zyxel.com
UAG715
Unified Access Gateway
Version 2.50
Edition 1, 08/2012
Copyright © 2012 ZyXEL Communications Corporation
User’s Guide
Default Login Details
LAN IP Address https://192.168.1.1
User Name admin
Password 1234
UAG715 User’s Guide2
IMPORTANT!
READ CAREFULLY BEFORE USE.
KEEP THIS GUIDE FOR FUTURE REFERENCE.
Screenshots and graphics in this book may differ slightly from your product due to differences in
your product firmware or your computer operating system. Every effort has been made to ensure
that the information in this manual is accurate.
Related Documentation
•Quick Start Guide
The Quick Start Guide shows how to connect the UAG and access the Web Configurator wizards.
(See the wizard real time help for information on configuring each screen.) It also contains a
package contents list.
• CLI Reference Guide
The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the
UAG.
Note: It is recommended you use the Web Configurator to configure the UAG.
• Web Configurator Online Help
Click the help icon in any screen for help in configuring that screen and supplementary
information.
Contents Overview
UAG715 User’s Guide
3
Contents Overview
Introduction .............................................................................................................................................19
Hardware Installation and Connection ....................................................................................................34
Installation Setup Wizard ........................................................................................................................37
Quick Setup Wizards ...............................................................................................................................47
Dashboard ...............................................................................................................................................63
Monitor ....................................................................................................................................................73
Registration .............................................................................................................................................97
Interfaces ..............................................................................................................................................103
Trunks ...................................................................................................................................................143
Policy and Static Routes .......................................................................................................................153
Routing Protocols ..................................................................................................................................165
Zones ....................................................................................................................................................177
DDNS ....................................................................................................................................................181
NAT .......................................................................................................................................................187
VPN 1-1 Mapping ..................................................................................................................................195
HTTP Redirect ......................................................................................................................................201
SMTP Redirect ......................................................................................................................................205
ALG .......................................................................................................................................................209
IP/MAC Binding .....................................................................................................................................217
Web Authentication ...............................................................................................................................223
Firewall ..................................................................................................................................................239
IPSec VPN ............................................................................................................................................253
SSL VPN ...............................................................................................................................................285
SSL User Screens .................................................................................................................................295
ZyWALL SecuExtender .........................................................................................................................303
Bandwidth Management .......................................................................................................................307
ADP .......................................................................................................................................................317
Content Filtering ....................................................................................................................................333
User/Group ............................................................................................................................................355
Addresses .............................................................................................................................................368
Services ................................................................................................................................................373
Schedules .............................................................................................................................................378
AAA Server ...........................................................................................................................................382
Authentication Method ..........................................................................................................................390
Certificates ............................................................................................................................................394
ISP Accounts .........................................................................................................................................411
SSL Application .....................................................................................................................................414
Endpoint Security ..................................................................................................................................419
System ..................................................................................................................................................427
Contents Overview
UAG715 User’s Guide
4
Log and Report .....................................................................................................................................467
File Manager .........................................................................................................................................481
Diagnostics ...........................................................................................................................................492
Packet Flow Explore .............................................................................................................................500
Reboot ...................................................................................................................................................509
Shutdown ..............................................................................................................................................510
Troubleshooting ....................................................................................................................................511
Table of Contents
UAG715 User’s Guide
5
Table of Contents
Contents Overview ..............................................................................................................................3
Table of Contents .................................................................................................................................5
Chapter 1
Introduction.........................................................................................................................................19
1.1 Overview ...........................................................................................................................................19
1.1.1 Key Applications ......................................................................................................................19
1.2 Default Zones, Interfaces, and Ports .................................................................................................21
1.3 Management Overview .....................................................................................................................22
1.4 Web Configurator ..............................................................................................................................22
1.4.1 Web Configurator Access ........................................................................................................23
1.4.2 Web Configurator Screens Overview ......................................................................................23
1.4.3 Navigation Panel .....................................................................................................................26
1.4.4 Tables and Lists .......................................................................................................................30
1.5 Stopping the UAG .............................................................................................................................33
Chapter 2
Hardware Installation and Connection .............................................................................................34
2.1 Rack-mounting ..................................................................................................................................34
2.2 Front Panel ........................................................................................................................................35
2.2.1 Front Panel LEDs ....................................................................................................................36
2.3 Rear Panel ........................................................................................................................................36
Chapter 3
Installation Setup Wizard...................................................................................................................37
3.1 Installation Setup Wizard Screens ...................................................................................................37
3.1.1 Internet Access Setup - WAN Interface ..................................................................................37
3.1.2 Internet Access: Ethernet .......................................................................................................38
3.1.3 Internet Access: PPPoE ..........................................................................................................39
3.1.4 Internet Access: PPTP ...........................................................................................................41
3.1.5 ISP Parameters .......................................................................................................................41
3.1.6 Internet Access Setup - Second WAN Interface ......................................................................42
3.1.7 Internet Access - Finish ..........................................................................................................43
3.2 Device Registration .........................................................................................................................44
Chapter 4
Quick Setup Wizards..........................................................................................................................47
4.1 Quick Setup Overview .......................................................................................................................47
4.2 WAN Interface Quick Setup ..............................................................................................................47
Table of Contents
UAG715 User’s Guide
6
4.2.1 Choose an Ethernet Interface ..................................................................................................48
4.2.2 Select WAN Type .....................................................................................................................48
4.2.3 Configure WAN Settings ..........................................................................................................49
4.2.4 WAN and ISP Connection Settings .........................................................................................49
4.2.5 Quick Setup Interface Wizard: Summary ................................................................................51
4.3 VPN Setup Wizard ............................................................................................................................52
4.3.1 Welcome ..................................................................................................................................53
4.3.2 VPN Setup Wizard: Wizard Type .............................................................................................53
4.3.3 VPN Express Wizard - Scenario .............................................................................................54
4.3.4 VPN Express Wizard - Configuration .....................................................................................55
4.3.5 VPN Express Wizard - Summary ...........................................................................................56
4.3.6 VPN Express Wizard - Finish .................................................................................................56
4.3.7 VPN Advanced Wizard - Scenario .........................................................................................57
4.3.8 VPN Advanced Wizard - Phase 1 Settings .............................................................................58
4.3.9 VPN Advanced Wizard - Phase 2 ...........................................................................................59
4.3.10 VPN Advanced Wizard - Summary ......................................................................................60
4.3.11 VPN Advanced Wizard - Finish .............................................................................................61
Chapter 5
Dashboard...........................................................................................................................................63
5.1 Overview ...........................................................................................................................................63
5.1.1 What You Can Do in this Chapter ............................................................................................63
5.2 The Dashboard Screen .....................................................................................................................63
5.2.1 The CPU Usage Screen ..........................................................................................................68
5.2.2 The Memory Usage Screen .....................................................................................................68
5.2.3 The Active Sessions Screen ....................................................................................................69
5.2.4 The VPN Status Screen ...........................................................................................................70
5.2.5 The DHCP Table Screen .........................................................................................................70
5.2.6 The Number of Login Users Screen ........................................................................................71
Chapter 6
Monitor.................................................................................................................................................73
6.1 Overview ...........................................................................................................................................73
6.1.1 What You Can Do in this Chapter ............................................................................................73
6.2 The Port Statistics Screen ...............................................................................................................74
6.2.1 The Port Statistics Graph Screen ...........................................................................................75
6.3 Interface Status Screen ....................................................................................................................76
6.4 The Traffic Statistics Screen ..............................................................................................................78
6.5 The Session Monitor Screen ............................................................................................................80
6.6 The DDNS Status Screen .................................................................................................................82
6.7 IP/MAC Binding Monitor ....................................................................................................................83
6.8 The Login Users Screen ..................................................................................................................83
6.9 USB Storage Screen .........................................................................................................................84
Table of Contents
UAG715 User’s Guide
7
6.10 VPN 1-1 Mapping Status .................................................................................................................85
6.11 VPN 1-1 Mapping Statistics .............................................................................................................86
6.12 The IPSec Monitor Screen ..............................................................................................................87
6.12.1 Regular Expressions in Searching IPSec SAs ......................................................................88
6.13 The SSL Connection Monitor Screen ..............................................................................................88
6.14 The Content Filter Statistics Screen ................................................................................................89
6.15 Content Filter Cache Screen ...........................................................................................................91
6.16 Log Screen ......................................................................................................................................93
Chapter 7
Registration.........................................................................................................................................97
7.1 Overview ...........................................................................................................................................97
7.1.1 What You Can Do in this Chapter ............................................................................................97
7.1.2 What you Need to Know ..........................................................................................................97
7.2 Registration Screen ...........................................................................................................................98
7.3 Service Screen ................................................................................................................................100
Chapter 8
Interfaces...........................................................................................................................................103
8.1 Interface Overview ..........................................................................................................................103
8.1.1 What You Can Do in this Chapter ..........................................................................................103
8.1.2 What You Need to Know ........................................................................................................103
8.2 Port Role Screen .............................................................................................................................106
8.3 Ethernet Summary Screen ..............................................................................................................107
8.3.1 Ethernet Edit .........................................................................................................................108
8.3.2 Object References .................................................................................................................115
8.4 PPP Interfaces ................................................................................................................................115
8.4.1 PPP Interface Summary ........................................................................................................116
8.4.2 PPP Interface Add or Edit .....................................................................................................117
8.5 VLAN Interfaces .............................................................................................................................121
8.5.1 VLAN Summary Screen ........................................................................................................122
8.5.2 VLAN Add/Edit ......................................................................................................................123
8.6 Bridge Interfaces ............................................................................................................................128
8.6.1 Bridge Summary ....................................................................................................................130
8.6.2 Bridge Add/Edit .....................................................................................................................131
8.7 Virtual Interfaces .............................................................................................................................136
8.7.1 Virtual Interfaces Add/Edit .....................................................................................................136
8.8 Interface Technical Reference .........................................................................................................137
Chapter 9
Trunks................................................................................................................................................143
9.1 Overview .........................................................................................................................................143
9.1.1 What You Can Do in this Chapter ..........................................................................................143
Table of Contents
UAG715 User’s Guide
8
9.1.2 What You Need to Know ........................................................................................................143
9.2 The Trunk Summary Screen ...........................................................................................................146
9.2.1 Configuring a User-Defined Trunk .........................................................................................148
9.2.2 Configuring the System Default Trunk ..................................................................................150
Chapter 10
Policy and Static Routes..................................................................................................................153
10.1 Policy and Static Routes Overview ...............................................................................................153
10.1.1 What You Can Do in this Chapter ........................................................................................153
10.1.2 What You Need to Know .....................................................................................................154
10.2 Policy Route Screen ......................................................................................................................155
10.2.1 Policy Route Edit Screen .....................................................................................................157
10.3 IP Static Route Screen ..................................................................................................................161
10.3.1 Static Route Add/Edit Screen ..............................................................................................162
10.4 Policy Routing Technical Reference ..............................................................................................163
Chapter 11
Routing Protocols.............................................................................................................................165
11.1 Routing Protocols Overview ..........................................................................................................165
11.1.1 What You Can Do in this Chapter ........................................................................................165
11.1.2 What You Need to Know ......................................................................................................165
11.2 The RIP Screen .............................................................................................................................165
11.3 The OSPF Screen .........................................................................................................................167
11.3.1 Configuring the OSPF Screen .............................................................................................170
11.3.2 OSPF Area Add/Edit Screen ...............................................................................................172
11.3.3 Virtual Link Add/Edit Screen ...............................................................................................174
11.4 Routing Protocol Technical Reference ..........................................................................................174
Chapter 12
Zones.................................................................................................................................................177
12.1 Zones Overview ............................................................................................................................177
12.1.1 What You Can Do in this Chapter ........................................................................................177
12.1.2 What You Need to Know ......................................................................................................177
12.2 The Zone Screen ..........................................................................................................................178
12.3 Zone Edit .......................................................................................................................................179
Chapter 13
DDNS..................................................................................................................................................181
13.1 DDNS Overview ............................................................................................................................181
13.1.1 What You Can Do in this Chapter ........................................................................................181
13.1.2 What You Need to Know ......................................................................................................181
13.2 The DDNS Screen ........................................................................................................................182
13.2.1 The Dynamic DNS Add/Edit Screen ....................................................................................183
Table of Contents
UAG715 User’s Guide
9
Chapter 14
NAT.....................................................................................................................................................187
14.1 NAT Overview ...............................................................................................................................187
14.1.1 What You Can Do in this Chapter ........................................................................................187
14.1.2 What You Need to Know ......................................................................................................187
14.2 The NAT Screen ............................................................................................................................188
14.2.1 The NAT Add/Edit Screen ....................................................................................................189
14.3 NAT Technical Reference ..............................................................................................................191
Chapter 15
VPN 1-1 Mapping ..............................................................................................................................195
15.1 VPN 1-1 Mapping Overview ..........................................................................................................195
15.1.1 What You Can Do in this Chapter ........................................................................................195
15.1.2 What You Need to Know ......................................................................................................196
15.2 The VPN 1-1 Mapping Screen ......................................................................................................196
15.2.1 The VPN 1-1 Mapping Edit Screen .....................................................................................197
15.3 The VPN 1-1 Mapping Profile Screen ...........................................................................................198
Chapter 16
HTTP Redirect...................................................................................................................................201
16.1 Overview .......................................................................................................................................201
16.1.1 What You Can Do in this Chapter ........................................................................................201
16.1.2 What You Need to Know ......................................................................................................201
16.2 The HTTP Redirect Screen ...........................................................................................................202
16.2.1 The HTTP Redirect Edit Screen ..........................................................................................203
Chapter 17
SMTP Redirect ..................................................................................................................................205
17.1 Overview .......................................................................................................................................205
17.1.1 What You Can Do in this Chapter ........................................................................................205
17.1.2 What You Need to Know ......................................................................................................205
17.2 The SMTP Redirect Screen ..........................................................................................................206
17.2.1 The SMTP Redirect Edit Screen .........................................................................................207
Chapter 18
ALG ....................................................................................................................................................209
18.1 ALG Overview ...............................................................................................................................209
18.1.1 What You Can Do in this Chapter ........................................................................................209
18.1.2 What You Need to Know ......................................................................................................209
18.1.3 Before You Begin .................................................................................................................212
18.2 The ALG Screen ...........................................................................................................................212
18.3 ALG Technical Reference .............................................................................................................214
Table of Contents
UAG715 User’s Guide
10
Chapter 19
IP/MAC Binding.................................................................................................................................217
19.1 IP/MAC Binding Overview .............................................................................................................217
19.1.1 What You Can Do in this Chapter ........................................................................................217
19.1.2 What You Need to Know ......................................................................................................217
19.2 IP/MAC Binding Summary ............................................................................................................218
19.2.1 IP/MAC Binding Edit ............................................................................................................219
19.2.2 Static DHCP Edit .................................................................................................................220
19.3 IP/MAC Binding Exempt List .........................................................................................................220
Chapter 20
Web Authentication..........................................................................................................................223
20.1 Overview .......................................................................................................................................223
20.1.1 What You Can Do in this Chapter ........................................................................................224
20.1.2 What You Need to Know ......................................................................................................224
20.2 Web Authentication Screen ...........................................................................................................225
20.2.1 Creating/Editing an Authentication Policy ............................................................................228
20.3 User-aware Access Control Example ...........................................................................................230
20.3.1 Set Up User Accounts .........................................................................................................230
20.3.2 Set Up User Groups ............................................................................................................231
20.3.3 Set Up User Authentication Using the RADIUS Server .......................................................231
20.3.4 User Group Authentication Using the RADIUS Server ........................................................234
20.4 Endpoint Security (EPS) Example ................................................................................................235
20.4.1 Configure the Endpoint Security Objects .............................................................................235
20.4.2 Configure the Authentication Policy .....................................................................................237
Chapter 21
Firewall ..............................................................................................................................................239
21.1 Overview .......................................................................................................................................239
21.1.1 What You Can Do in this Chapter ........................................................................................239
21.1.2 What You Need to Know ......................................................................................................239
21.2 The Firewall Screen ......................................................................................................................242
21.2.1 Configuring the Firewall Screen ..........................................................................................242
21.2.2 The Firewall Add/Edit Screen ..............................................................................................245
21.3 The Session Limit Screen .............................................................................................................246
21.3.1 The Session Limit Add/Edit Screen .....................................................................................247
21.4 Firewall Rule Configuration Example ............................................................................................248
21.5 Firewall Rule Example Applications ..............................................................................................250
Chapter 22
IPSec VPN..........................................................................................................................................253
22.1 Virtual Private Networks (VPN) Overview .....................................................................................253
22.1.1 What You Can Do in this Chapter ........................................................................................254
Table of Contents
UAG715 User’s Guide
11
22.1.2 What You Need to Know ......................................................................................................254
22.1.3 Before You Begin .................................................................................................................256
22.2 The VPN Connection Screen ........................................................................................................256
22.2.1 The VPN Connection Add/Edit (IKE) Screen .......................................................................257
22.2.2 The VPN Connection Add/Edit Manual Key Screen ............................................................263
22.3 The VPN Gateway Screen ...........................................................................................................265
22.3.1 The VPN Gateway Add/Edit Screen ...................................................................................266
22.4 IPSec VPN Background Information .............................................................................................272
Chapter 23
SSL VPN ............................................................................................................................................285
23.1 Overview .......................................................................................................................................285
23.1.1 What You Can Do in this Chapter ........................................................................................285
23.1.2 What You Need to Know ......................................................................................................285
23.2 The SSL Access Privilege Screen ................................................................................................286
23.2.1 The SSL Access Policy Add/Edit Screen ...........................................................................287
23.3 The SSL Global Setting Screen ...................................................................................................290
23.3.1 How to Upload a Custom Logo ............................................................................................292
23.4 SSL VPN Example ........................................................................................................................293
Chapter 24
SSL User Screens.............................................................................................................................295
24.1 Overview .......................................................................................................................................295
24.1.1 What You Need to Know ......................................................................................................295
24.2 Remote SSL User Login ...............................................................................................................296
24.3 The SSL VPN User Screens .........................................................................................................299
24.4 Bookmarking the UAG ..................................................................................................................300
24.5 Logging Out of the SSL VPN User Screens ..................................................................................301
24.6 SSL User Application Screen ........................................................................................................301
Chapter 25
ZyWALL SecuExtender ....................................................................................................................303
25.1 The ZyWALL SecuExtender Icon ..................................................................................................303
25.2 Status ............................................................................................................................................303
25.3 View Log .......................................................................................................................................304
25.4 Suspend and Resume the Connection .........................................................................................305
25.5 Stop the Connection ......................................................................................................................305
25.6 Uninstalling the ZyWALL SecuExtender .......................................................................................305
Chapter 26
Bandwidth Management...................................................................................................................307
26.1 Overview .......................................................................................................................................307
26.1.1 What You Can Do in this Chapter ........................................................................................307
Table of Contents
UAG715 User’s Guide
12
26.1.2 What You Need to Know .....................................................................................................307
26.2 The Bandwidth Management Screen ............................................................................................311
26.2.1 The Bandwidth Management Add/Edit Screen ....................................................................313
Chapter 27
ADP ....................................................................................................................................................317
27.1 Overview .......................................................................................................................................317
27.1.1 What You Can Do in this Chapter .......................................................................................317
27.1.2 What You Need To Know .....................................................................................................317
27.1.3 Before You Begin .................................................................................................................318
27.2 The ADP General Screen .............................................................................................................318
27.3 The Profile Summary Screen .......................................................................................................319
27.3.1 Configuring The ADP Profile Summary Screen ...................................................................319
27.3.2 Base Profiles .......................................................................................................................320
27.3.3 Creating New ADP Profiles .................................................................................................321
27.3.4 Traffic Anomaly Profiles ......................................................................................................321
27.3.5 Protocol Anomaly Profiles ..................................................................................................324
27.3.6 Protocol Anomaly Configuration ..........................................................................................324
27.4 ADP Technical Reference .............................................................................................................327
Chapter 28
Content Filtering...............................................................................................................................333
28.1 Overview .......................................................................................................................................333
28.1.1 What You Can Do in this Chapter ........................................................................................333
28.1.2 What You Need to Know ......................................................................................................333
28.1.3 Before You Begin .................................................................................................................334
28.2 Content Filter General Screen ......................................................................................................335
28.2.1 Content Filter Policy Add or Edit Screen ............................................................................337
28.3 Content Filter Profile Screen ........................................................................................................338
28.4 Content Filter Category Service Screen .......................................................................................339
28.4.1 Content Filter Blocked and Warning Messages ...................................................................350
28.5 Content Filter Custom Service Screen .........................................................................................350
28.6 Content Filter Technical Reference ...............................................................................................353
Chapter 29
User/Group........................................................................................................................................355
29.1 Overview .......................................................................................................................................355
29.1.1 What You Can Do in this Chapter ........................................................................................355
29.1.2 What You Need To Know .....................................................................................................355
29.2 User Summary Screen ..................................................................................................................357
29.2.1 User Add/Edit Screen ..........................................................................................................358
29.3 User Group Summary Screen .......................................................................................................360
29.3.1 Group Add/Edit Screen ........................................................................................................361
Table of Contents
UAG715 User’s Guide
13
29.4 The User/Group Setting Screen ...................................................................................................362
29.4.1 Default User Settings Edit Screens .....................................................................................364
29.4.2 User Aware Login Example .................................................................................................365
29.5 User /Group Technical Reference .................................................................................................366
Chapter 30
Addresses .........................................................................................................................................368
30.1 Overview .......................................................................................................................................368
30.1.1 What You Can Do in this Chapter ........................................................................................368
30.1.2 What You Need To Know .....................................................................................................368
30.2 Address Summary Screen ............................................................................................................368
30.2.1 Address Add/Edit Screen ....................................................................................................369
30.3 Address Group Summary Screen .................................................................................................370
30.3.1 Address Group Add/Edit Screen .........................................................................................371
Chapter 31
Services.............................................................................................................................................373
31.1 Overview .......................................................................................................................................373
31.1.1 What You Can Do in this Chapter ........................................................................................373
31.1.2 What You Need to Know ......................................................................................................373
31.2 The Service Summary Screen ......................................................................................................374
31.2.1 The Service Add/Edit Screen ..............................................................................................375
31.3 The Service Group Summary Screen ..........................................................................................376
31.3.1 The Service Group Add/Edit Screen ...................................................................................376
Chapter 32
Schedules..........................................................................................................................................378
32.1 Overview .......................................................................................................................................378
32.1.1 What You Can Do in this Chapter ........................................................................................378
32.1.2 What You Need to Know ......................................................................................................378
32.2 The Schedule Summary Screen ...................................................................................................379
32.2.1 The One-Time Schedule Add/Edit Screen ...........................................................................380
32.2.2 The Recurring Schedule Add/Edit Screen ...........................................................................381
Chapter 33
AAA Server........................................................................................................................................382
33.1 Overview .......................................................................................................................................382
33.1.1 Directory Service (AD/LDAP) ..............................................................................................382
33.1.2 RADIUS Server ...................................................................................................................382
33.1.3 What You Can Do in this Chapter ........................................................................................383
33.1.4 What You Need To Know .....................................................................................................383
33.2 Active Directory or LDAP Server Summary ..................................................................................384
33.2.1 Adding an Active Directory or LDAP Server ........................................................................385
Table of Contents
UAG715 User’s Guide
14
33.3 RADIUS Server Summary .............................................................................................................387
33.3.1 Adding a RADIUS Server ...................................................................................................388
Chapter 34
Authentication Method.....................................................................................................................390
34.1 Overview .......................................................................................................................................390
34.1.1 What You Can Do in this Chapter ........................................................................................390
34.1.2 Before You Begin .................................................................................................................390
34.1.3 Example: Selecting a VPN Authentication Method ..............................................................390
34.2 Authentication Method Objects .....................................................................................................391
34.2.1 Creating an Authentication Method Object ..........................................................................391
Chapter 35
Certificates........................................................................................................................................394
35.1 Overview .......................................................................................................................................394
35.1.1 What You Can Do in this Chapter ........................................................................................394
35.1.2 What You Need to Know ......................................................................................................394
35.1.3 Verifying a Certificate ...........................................................................................................396
35.2 The My Certificates Screen ...........................................................................................................397
35.2.1 The My Certificates Add Screen ..........................................................................................398
35.2.2 The My Certificates Edit Screen ..........................................................................................401
35.2.3 The My Certificates Import Screen .....................................................................................404
35.3 The Trusted Certificates Screen ..................................................................................................405
35.3.1 The Trusted Certificates Edit Screen ..................................................................................406
35.3.2 The Trusted Certificates Import Screen ..............................................................................409
Chapter 36
ISP Accounts.....................................................................................................................................411
36.1 Overview .......................................................................................................................................411
36.1.1 What You Can Do in this Chapter ........................................................................................411
36.2 ISP Account Summary ..................................................................................................................411
36.2.1 ISP Account Edit .................................................................................................................412
Chapter 37
SSL Application................................................................................................................................414
37.1 Overview .......................................................................................................................................414
37.1.1 What You Can Do in this Chapter ........................................................................................414
37.1.2 What You Need to Know ......................................................................................................414
37.1.3 Example: Specifying a Web Site for Access ........................................................................415
37.2 The SSL Application Screen .........................................................................................................416
37.2.1 Creating/Editing an SSL Application Object ........................................................................417
Chapter 38
Endpoint Security.............................................................................................................................419
Table of Contents
UAG715 User’s Guide
15
38.1 Overview .......................................................................................................................................419
38.1.1 What You Can Do in this Chapter ........................................................................................419
38.1.2 What You Need to Know ......................................................................................................420
38.2 Endpoint Security Screen ..............................................................................................................420
38.3 Endpoint Security Add/Edit ...........................................................................................................421
Chapter 39
System...............................................................................................................................................427
39.1 Overview .......................................................................................................................................427
39.1.1 What You Can Do in this Chapter ........................................................................................427
39.2 Host Name ....................................................................................................................................428
39.3 USB Storage .................................................................................................................................428
39.4 Date and Time ...............................................................................................................................429
39.4.1 Pre-defined NTP Time Servers List .....................................................................................432
39.4.2 Time Server Synchronization ...............................................................................................432
39.5 Console Port Speed ......................................................................................................................433
39.6 DNS Overview ...............................................................................................................................434
39.6.1 DNS Server Address Assignment .......................................................................................434
39.6.2 Configuring the DNS Screen ...............................................................................................434
39.6.3 Address Record ..................................................................................................................436
39.6.4 PTR Record .........................................................................................................................436
39.6.5 Adding an Address/PTR Record .........................................................................................436
39.6.6 Domain Zone Forwarder .....................................................................................................437
39.6.7 Adding a Domain Zone Forwarder ......................................................................................437
39.6.8 MX Record ..........................................................................................................................438
39.6.9 Adding a MX Record ...........................................................................................................438
39.6.10 Adding a DNS Service Control Rule ..................................................................................439
39.7 WWW Overview ............................................................................................................................439
39.7.1 Service Access Limitations ..................................................................................................440
39.7.2 System Timeout ...................................................................................................................440
39.7.3 HTTPS .................................................................................................................................440
39.7.4 Configuring WWW Service Control .....................................................................................441
39.7.5 Service Control Rules ..........................................................................................................444
39.7.6 Customizing the WWW Login Page ....................................................................................445
39.7.7 HTTPS Example ..................................................................................................................449
39.8 SSH ............................................................................................................................................456
39.8.1 How SSH Works ..................................................................................................................457
39.8.2 SSH Implementation on the UAG ........................................................................................458
39.8.3 Requirements for Using SSH ...............................................................................................458
39.8.4 Configuring SSH ..................................................................................................................458
39.8.5 Secure Telnet Using SSH Examples ...................................................................................459
39.9 Telnet ............................................................................................................................................461
39.9.1 Configuring Telnet ................................................................................................................461
Table of Contents
UAG715 User’s Guide
16
39.10 FTP ............................................................................................................................................462
39.10.1 Configuring FTP ................................................................................................................462
39.11 SNMP .........................................................................................................................................463
39.11.1 Supported MIBs .................................................................................................................464
39.11.2 SNMP Traps ......................................................................................................................465
39.11.3 Configuring SNMP .............................................................................................................465
Chapter 40
Log and Report .................................................................................................................................467
40.1 Overview .......................................................................................................................................467
40.1.1 What You Can Do In this Chapter ........................................................................................467
40.2 Email Daily Report ........................................................................................................................467
40.3 Log Setting Screens .....................................................................................................................469
40.3.1 Log Setting Summary ..........................................................................................................469
40.3.2 Edit System Log Settings ...................................................................................................471
40.3.3 Edit Log on USB Storage Setting .......................................................................................473
40.3.4 Edit Remote Server Log Settings .......................................................................................475
40.3.5 Active Log Summary Screen ...............................................................................................477
Chapter 41
File Manager......................................................................................................................................481
41.1 Overview .......................................................................................................................................481
41.1.1 What You Can Do in this Chapter ........................................................................................481
41.1.2 What you Need to Know ......................................................................................................481
41.2 The Configuration File Screen ......................................................................................................483
41.3 The Firmware Package Screen ....................................................................................................487
41.4 The Shell Script Screen ...............................................................................................................489
Chapter 42
Diagnostics ......................................................................................................................................492
42.1 Overview .......................................................................................................................................492
42.1.1 What You Can Do in this Chapter ........................................................................................492
42.2 The Diagnostics Screen ................................................................................................................492
42.2.1 The Diagnostics Files Screen ..............................................................................................493
42.3 The Packet Capture Screen ..........................................................................................................494
42.3.1 The Packet Capture Files Screen ........................................................................................496
42.4 Core Dump Screen .......................................................................................................................497
42.4.1 Core Dump Files Screen .....................................................................................................497
42.5 The System Log Screen ................................................................................................................498
Chapter 43
Packet Flow Explore.........................................................................................................................500
43.1 Overview .......................................................................................................................................500
Table of Contents
UAG715 User’s Guide
17
43.1.1 What You Can Do in this Chapter ........................................................................................500
43.2 The Routing Status Screen ...........................................................................................................500
43.3 The SNAT Status Screen ..............................................................................................................505
Chapter 44
Reboot ...............................................................................................................................................509
44.1 Overview .......................................................................................................................................509
44.1.1 What You Need To Know .....................................................................................................509
44.2 The Reboot Screen .......................................................................................................................509
Chapter 45
Shutdown...........................................................................................................................................510
45.1 Overview .......................................................................................................................................510
45.1.1 What You Need To Know .....................................................................................................510
45.2 The Shutdown Screen ...................................................................................................................510
Chapter 46
Troubleshooting................................................................................................................................511
46.1 Resetting the UAG ........................................................................................................................519
46.2 Getting More Troubleshooting Help ..............................................................................................520
Appendix A Legal Information..........................................................................................................521
Index ..................................................................................................................................................525
Table of Contents
UAG715 User’s Guide
18
UAG715 User’s Guide 19
CHAPTER 1
Introduction
1.1 Overview
The UAG is a comprehensive service gateway. Its flexible configuration helps network
administrators set up the network and enforce security policies efficiently.
The UAG provides excellent throughput with the reliability of dual WAN Gigabit Ethernet ports and
load balancing. It also provides bandwidth management, NAT, port forwarding, policy routing, DHCP
server and many other powerful features.
You can use web authentication to allow guests to access the network only after they authenticate
with the UAG through a specifically designated login web page. You can also forward the
authenticated client's e-mail messages to a specific SMTP server.
The UAG’s security features include VPN, firewall, content filtering, ADP (Anomaly Detection and
Protection), and certificates.
The UAG lets you set up multiple networks for your company. The De-Militarized Zone (DMZ)
increases LAN security by providing separate ports for connecting publicly accessible servers. The
UAG also provides two separate LAN networks. You can set ports to be part of the LAN1, LAN2 or
DMZ. Alternatively, you can deploy the UAG as a transparent firewall in an existing network with
minimal configuration.
1.1.1 Key Applications
Here are some UAG application scenarios. The following chapters have configuration tutorials.
Security Router
Security features include a stateful inspection firewall, anomaly detection & prevention, and content
filtering.
Figure 1 Applications: Security Router
Chapter 1 Introduction
UAG715 User’s Guide
20
VPN Connectivity
Set up VPN tunnels with other companies, branch offices, telecommuters, and business travelers to
provide secure access to your network.
Figure 2 Applications: VPN Connectivity
SSL VPN Network Access
SSL VPN lets remote users use their web browsers for a very easy-to-use VPN solution. A user just
browses to the UAG’s web address and enters his user name and password to securely connect to
the UAG’s network. Here full tunnel mode creates a virtual connection for a remote user and gives
him a private IP address in the same subnet as the local network so he can access network
resources in the same way as if he were part of the internal network.
Figure 3 SSL VPN With Full Tunnel Mode
User-Aware Access Control
Set up security policies to restrict access to sensitive information and shared resources based on
the user who is trying to access it. In the following figure user A can access both the Internet and
an internal file server. User B has a lower level of access and can only access the Internet. User C is
not even logged in and cannot access either.
Authentication Server
File
Email
Web-based
Server
Server
Application
Web Mail
Web-based Application
https://
Application Server
Non-Web
LAN (192.168.1.X)
/