Zyxel-communications 10 Bedienungsanleitung Seite 1

Stöbern Sie online oder laden Sie Bedienungsanleitung nach Hardware Zyxel-communications 10 herunter. ZyXEL Communications 10 User Manual Benutzerhandbuch

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 495
  • Inhaltsverzeichnis
  • FEHLERBEHEBUNG
  • LESEZEICHEN
  • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 0
ZyWALL 10/10W/50/100
Internet Security Gateway
User’s Guide
Versions 3.52 and 3.60
December 2002
Seitenansicht 0
1 2 3 4 5 6 ... 494 495

Inhaltsverzeichnis

Seite 1 - ZyWALL 10/10W/50/100

ZyWALL 10/10W/50/100 Internet Security Gateway User’s Guide Versions 3.52 and 3.60 December 2002

Seite 2 - Copyright

ZyWALL 10~100 Series Internet Security Gateway x Table of Contents 13.2 Types of Firewalls...

Seite 3 - Interference Statement

ZyWALL 10~100 Series Internet Security Gateway 7-2 Wireless LAN Security Setup Your ZyWALL allows you to configure up to four 64-bit or 128-bit WEP

Seite 4 - Caution

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-3 Table 7-1 Wireless LAN FIELD DESCRIPTION EXAMPLE Enable Wireless LA

Seite 5 - ZyXEL Limited Warranty

ZyWALL 10~100 Series Internet Security Gateway 7-4 Wireless LAN Security Setup • Authorization Determines the network services available to authen

Seite 6 - Customer Support

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-5 7.3.3 Sequence for EAP Authentication The following figure shows th

Seite 7 - Table of Contents

ZyWALL 10~100 Series Internet Security Gateway 7-6 Wireless LAN Security Setup Figure 7-4 Wireless LAN 802.1X Authentication The following table

Seite 8

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-7 Figure 7-5 Authentication RADIUS The following table describes the

Seite 9

ZyWALL 10~100 Series Internet Security Gateway 7-8 Wireless LAN Security Setup Table 7-3 Authentication RADIUS FIELD DESCRIPTION EXAMPLE Port Numb

Seite 10

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-9 Figure 7-6 Local User Database

Seite 11

ZyWALL 10~100 Series Internet Security Gateway 7-10 Wireless LAN Security Setup The following table describes the fields in this screen. Table 7-4

Seite 12

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-11 Figure 7-7 WLAN MAC Address Filter The following table describes

Seite 13

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xi 17.4 List Update...

Seite 14

ZyWALL 10~100 Series Internet Security Gateway 7-12 Wireless LAN Security Setup Table 7-5 WLAN MAC Address Filter FIELD DESCRIPTION Click Apply to

Seite 15

ZyWALL 10~100 Series Internet Security Gateway DMZ Setup 8-1Chapter 8 DMZ Setup This chapter describes how to configure the ZyWALL 100’s DMZ using

Seite 16 - List of Figures

ZyWALL 10~100 Series Internet Security Gateway 8-2 DMZ Setup 8.2 DMZ Port Filter Setup This menu allows you to specify the filter sets that you wish

Seite 17

ZyWALL 10~100 Series Internet Security Gateway DMZ Setup 8-3 Figure 8-4 Menu 5.2: TCP/IP Setup The TCP/IP setup fields are the same as the ones in

Seite 18

ZyWALL 10~100 Series Internet Security Gateway 8-4 DMZ Setup Figure 8-5 Menu 5.2.1: IP Alias Setup Refer to Table 6-5 for instructions on configurin

Seite 19

ZyWALL 10~100 Series Internet Security Gateway Internet Access 9-1Chapter 9 Internet Access This chapter shows you how to configure your ZyWALL for

Seite 20

ZyWALL 10~100 Series Internet Security Gateway 9-2 Internet Access Table 9-1 Menu 4: Internet Access Setup Menu Fields FIELD DESCRIPTION Encapsulat

Seite 21

ZyWALL 10~100 Series Internet Security Gateway Internet Access 9-3The ZyWALL supports only one PPTP server connection at any given time. 9.1.3 Con

Seite 22

ZyWALL 10~100 Series Internet Security Gateway 9-4 Internet Access 9.1.4 PPPoE Encapsulation The ZyWALL supports PPPoE (Point-to-Point Protocol over

Seite 23

ZyWALL 10~100 Series Internet Security Gateway Internet Access 9-5Table 9-3 New Fields in Menu 4 (PPPoE) screen FIELD DESCRIPTION EXAMPLE Encap

Seite 24

ZyWALL 10~100 Series Internet Security Gateway xii Table of Contents 22.1 Filename Conventions ...

Seite 26

Advanced Applications III Part III: Advanced Applications This part covers Remote Node Setup, IP Static Route Setup and Network Address Transla

Seite 28

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-1 Chapter 10 Remote Node Setup This chapter shows you how to configure a remote

Seite 29

ZyWALL 10~100 Series Internet Security Gateway 10-2 Remote Node Setup 10.2 Remote Node Profile The following explains how to configure the remote

Seite 30 - Preface

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-3 Table 10-1 Fields in Menu 11.1 FIELD DESCRIPTION EXAMPLE Service Type Press

Seite 31

ZyWALL 10~100 Series Internet Security Gateway 10-4 Remote Node Setup The ZyWALL supports PPPoE (Point-to-Point Protocol over Ethernet). You can on

Seite 32

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-5 Do not specify a nailed-up connection unless your telephone company offers fl

Seite 33 - Part I:

ZyWALL 10~100 Series Internet Security Gateway 10-6 Remote Node Setup Figure 10-4 Menu 11.1: Remote Node Profile for PPTP Encapsulation The next t

Seite 34

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-7 10.3 Editing TCP/IP Options (with Ethernet Encapsulation) Move the cursor t

Seite 35 - Getting to Know Your ZyWALL

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xiii 25.7 Bandwidth Borrowing...

Seite 36 - 1.2.1 Physical Features

ZyWALL 10~100 Series Internet Security Gateway 10-8 Remote Node Setup Table 10-4 Remote Node Network Layer Options Menu Fields FIELD DESCRIPTION

Seite 37 - 1.2.2 Non-Physical Features

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-9 10.3.1 Editing TCP/IP Options (with PPTP Encapsulation) Make sure that Encaps

Seite 38

ZyWALL 10~100 Series Internet Security Gateway 10-10 Remote Node Setup Table 10-5 Remote Node Network Layer Options Menu Fields FIELD DESCRIPTION

Seite 39

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-11 10.3.2 Editing TCP/IP Options (with PPPoE Encapsulation) Make sure Encapsula

Seite 40

ZyWALL 10~100 Series Internet Security Gateway 10-12 Remote Node Setup Figure 10-8 Menu 11.5: Remote Node Filter (PPPoE or PPTP Encapsulation) 10.5

Seite 41 - 1.2.3 ZyWALL 100 Note

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-13 one subnet (Subnet 1 in the following figure) and the backup gateway in anot

Seite 42

ZyWALL 10~100 Series Internet Security Gateway 10-14 Remote Node Setup Table 10-6 Menu 11.1: Remote Node Profile (Traffic Redirect Field) FIELD DE

Seite 43 - 1.3.2 VPN Application

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-15 Table 10-7 Traffic Redirect Setup FIELD DESCRIPTION EXAMPLE Configuration:

Seite 45 - Hardware Installation

ZyWALL 10~100 Series Internet Security Gateway IP Static Route Setup 11-1Chapter 11 IP Static Route Setup This chapter shows you how to configure

Seite 46

ZyWALL 10~100 Series Internet Security Gateway xiv Table of Contents Troubleshooting ...

Seite 47 - Table 2-1 LED Descriptions

ZyWALL 10~100 Series Internet Security Gateway 11-2 IP Static Route Setup 11.1 IP Static Route Setup Enter 12 from the main menu. Select one of th

Seite 48

ZyWALL 10~100 Series Internet Security Gateway IP Static Route Setup 11-3 Figure 11-3 Menu 12. 1: Edit IP Static Route `The following table describ

Seite 49

ZyWALL 10~100 Series Internet Security Gateway 11-4 IP Static Route Setup Table 11-1 IP Static Route Menu Fields FIELD DESCRIPTION Private This p

Seite 50

ZyWALL 10~100 Series Internet Security Gateway NAT 12-1Chapter 12 Network Address Translation (NAT) This chapter discusses how to configure NAT on t

Seite 51 - UPLINK button “off” (out)

ZyWALL 10~100 Series Internet Security Gateway 12-2 NAT NAT never changes the IP address (either local or global) of an outside host. 12.1.2 What NAT

Seite 52

ZyWALL 10~100 Series Internet Security Gateway NAT 12-3 Figure 12-1 How NAT Works

Seite 53

ZyWALL 10~100 Series Internet Security Gateway 12-4 NAT 12.1.4 NAT Application The following figure illustrates a possible NAT application, where thr

Seite 54

ZyWALL 10~100 Series Internet Security Gateway NAT 12-52. Many to One: In Many-to-One mode, the ZyWALL maps multiple local IP addresses to one globa

Seite 55 - Part II:

ZyWALL 10~100 Series Internet Security Gateway 12-6 NAT Table 12-2 NAT Mapping Types TYPE IP MAPPING SMT ABBREVIATION Many-One-to-One ILA1ÅÆ IGA1 ILA

Seite 56

ZyWALL 10~100 Series Internet Security Gateway NAT 12-7. Figure 12-3 Menu 4: Applying NAT for Internet Access The following figure shows how you appl

Seite 57 - Initial Setup

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xv Appendix Q Log Descriptions...

Seite 58 - Enter Password : XXXX

ZyWALL 10~100 Series Internet Security Gateway 12-8 NAT Figure 12-4 Menu 11.3: Applying NAT to the Remote Node The following table describes the opt

Seite 59 - 3.2.1 Main Menu

ZyWALL 10~100 Series Internet Security Gateway NAT 12-911.3, the SMT will use Set 1, which supports all mapping types as outlined in Table 12-2. When

Seite 60 - Table 3-2 Main Menu Summary

ZyWALL 10~100 Series Internet Security Gateway 12-10 NAT Figure 12-7 Menu 15.1.255: SUA Address Mapping Rules The following table explains the field

Seite 61

ZyWALL 10~100 Series Internet Security Gateway NAT 12-11Table 12-4 SUA Address Mapping Rules FIELD DESCRIPTION EXAMPLE Once you have finished confi

Seite 62 - 3-6 Initial Setup

ZyWALL 10~100 Series Internet Security Gateway 12-12 NAT ignored. If there are any empty rules before your new configured rule, your configured rule

Seite 63

ZyWALL 10~100 Series Internet Security Gateway NAT 12-13An IP End address must be numerically greater than its corresponding IP Start address. Figure

Seite 64 - 3.4 Resetting the ZyWALL

ZyWALL 10~100 Series Internet Security Gateway 12-14 NAT 12.4 NAT Server Sets – Port Forwarding A NAT server set is a list of inside (behind NAT on

Seite 65 - SMT Menu 1 - General Setup

ZyWALL 10~100 Series Internet Security Gateway NAT 12-15Table 12-7 Services & Port Numbers SERVICES PORT NUMBER DNS (Domain Name System) 53 Fin

Seite 66 - 4.3 General Setup

ZyWALL 10~100 Series Internet Security Gateway 12-16 NAT Figure 12-10 Menu 15.2: NAT Server Setup Figure 12-11 Multiple Servers Behind NAT Example

Seite 67

ZyWALL 10~100 Series Internet Security Gateway NAT 12-1712.5 General NAT Examples 12.5.1 Internet Access Only In the following Internet access exampl

Seite 68

ZyWALL 10~100 Series Internet Security Gateway xvi List of Figures List of Figures Figure 1-1 Secure Internet Access via Cable, DSL or Wireless Mode

Seite 69 - WAN and Dial Backup Setup

ZyWALL 10~100 Series Internet Security Gateway 12-18 NAT From menu 4 shown above, simply choose the SUA Only option from the Network Address Transla

Seite 70 - 5.3 Dial Backup

ZyWALL 10~100 Series Internet Security Gateway NAT 12-19 Figure 12-15 Menu 15.2: Specifying an Inside Server 12.5.3 Example 3: Multiple Public IP Add

Seite 71

ZyWALL 10~100 Series Internet Security Gateway 12-20 NAT Figure 12-16 NAT Example 3 Step 1. In this case you need to configure Address Mapping Se

Seite 72 - 5.5 Advanced WAN Setup

ZyWALL 10~100 Series Internet Security Gateway NAT 12-21 Figure 12-17 Example 3: Menu 11.3 The following figure shows how to configure the first rul

Seite 73

ZyWALL 10~100 Series Internet Security Gateway 12-22 NAT Figure 12-19 Example 3: Final Menu 15.1.1 Now configure the IGA3 to map to our web server

Seite 74 - 5.6.1 Metric

ZyWALL 10~100 Series Internet Security Gateway NAT 12-2312.5.4 Example 4: NAT Unfriendly Application Programs Some applications do not support NAT Ma

Seite 75

ZyWALL 10~100 Series Internet Security Gateway 12-24 NAT Figure 12-22 Example 4: Menu 15.1.1.1: Address Mapping Rule After you’ve configured your r

Seite 76

ZyWALL 10~100 Series Internet Security Gateway NAT 12-25the server on the WAN) to the IP address of a computer on the client side (LAN). The problem

Seite 77 - 5.8 Editing PPP Options

ZyWALL 10~100 Series Internet Security Gateway 12-26 NAT 5. Only Jane can connect to the Real Audio server until the connection is closed or times

Seite 78

ZyWALL 10~100 Series Internet Security Gateway NAT 12-27 Table 12-8 Menu 15.3—Trigger Port Setup Description FIELD DESCRIPTION EXAMPLE Rule This i

Seite 79 - 5.9 Editing TCP/IP Options

ZyWALL 10~100 Series Internet Security Gateway List of Figures xvii Figure 5-6 Remote Node PPP Options Menu Fields...

Seite 81

Firewall and Content Filters IV Part IV: Firewall and Content Filters This part introduces firewalls in general and the ZyWALL firewall. It also

Seite 83

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-1 Chapter 13 Firewalls This chapter gives some background information on firewalls and e

Seite 84

ZyWALL 10~100 Series Internet Security Gateway 13-2 Firewalls i. Information hiding prevents the names of internal systems from being made known via

Seite 85 - LAN Setup

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-3 Figure 13-1 ZyWALL Firewall Application 13.4 Denial of Service Denials of Service (

Seite 86 - 6.3 TCP/IP and LAN DHCP

ZyWALL 10~100 Series Internet Security Gateway 13-4 Firewalls for use over a single port, such as Web on port 80, other ports are also active. If the

Seite 87 - Private IP Addresses

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-5 Figure 13-2 Three-Way Handshake Under normal circumstances, the application that init

Seite 88 - 6.3.5 IP Multicast

ZyWALL 10~100 Series Internet Security Gateway 13-6 Firewalls 2-b In a LAND Attack, hackers flood SYN packets into the network with a spoofed source

Seite 89 - 6.3.6 IP Alias

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-7  Illegal Commands (NetBIOS and SMTP) The only legal NetBIOS commands are the followi

Seite 90

ZyWALL 10~100 Series Internet Security Gateway xviii List of Figures Figure 9-2 Internet Access Setup (PPTP) ...

Seite 91

ZyWALL 10~100 Series Internet Security Gateway 13-8 Firewalls all communications to the Internet that originate from the LAN, and blocks all traffic

Seite 92 - 6.4.1 IP Alias Setup

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-9 1. The packet travels from the firewall's LAN to the WAN. 2. The packet is eval

Seite 93

ZyWALL 10~100 Series Internet Security Gateway 13-10 Firewalls These custom rules work by evaluating the network traffic’s Source IP address, Destina

Seite 94 - 6.5 Wireless LAN

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-11 A similar situation exists for ICMP, except that the ZyWALL is even more restrictive.

Seite 95 - 6.6 Wireless LAN Setup

ZyWALL 10~100 Series Internet Security Gateway 13-12 Firewalls 7. Keep the firewall in a secured (locked) room. 13.6.1 Security In General You can

Seite 96

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-13 13.7.1 Packet Filtering:  The router filters packets as they pass through the route

Seite 97

ZyWALL 10~100 Series Internet Security Gateway 13-14 Firewalls 3. To selectively block/allow inbound or outbound traffic between inside host/network

Seite 98

ZyWALL 10~100 Series Internet Security Gateway Introducing the ZyWALL Firewall 14-1 Chapter 14 Introducing the ZyWALL Firewall This chapter shows y

Seite 99 - Wireless LAN Security Setup

ZyWALL 10~100 Series Internet Security Gateway 14-2 Introducing the ZyWALL Firewall 14.3.1 Activating the Firewall Enter option 2 in this menu to b

Seite 100

ZyWALL 10~100 Series Internet Security Gateway Using the ZyWALL Web Configurator 15-1 Chapter 15 Using the ZyWALL Web Configurator This chapter show

Seite 101 - 7.3 Network Authentication

ZyWALL 10~100 Series Internet Security Gateway List of Figures xix Figure 12-11 Multiple Servers Behind NAT Example ...

Seite 102

ZyWALL 10~100 Series Internet Security Gateway 15-2 Using the ZyWALL Web Configurator Figure 15-1 Enabling the Firewall (ZyWALL 100) 15.2.1 Alerts

Seite 103

ZyWALL 10~100 Series Internet Security Gateway Using the ZyWALL Web Configurator 15-3 determine when to drop sessions that do not become fully estab

Seite 104

ZyWALL 10~100 Series Internet Security Gateway 15-4 Using the ZyWALL Web Configurator threshold (one-minute low). The rate is the number of new att

Seite 105

ZyWALL 10~100 Series Internet Security Gateway Using the ZyWALL Web Configurator 15-5 Figure 15-2 Attack Alert The following table describes the fi

Seite 106

ZyWALL 10~100 Series Internet Security Gateway 15-6 Using the ZyWALL Web Configurator Table 15-1 Attack Alert FIELD DESCRIPTION DEFAULT VALUES One

Seite 107

ZyWALL 10~100 Series Internet Security Gateway Using the ZyWALL Web Configurator 15-7 Table 15-1 Attack Alert FIELD DESCRIPTION DEFAULT VALUES Bloc

Seite 109 - DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-1 Chapter 16 Creating Custom Rules This chapter contains instructions for d

Seite 110

ZyWALL 10~100 Series Internet Security Gateway 16-2 Creating Custom Rules This prevents computers on the DMZ from communicating between networks or

Seite 111 - DMZ Setup

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-3 16.2.2 Security Ramifications Once the logic of the rule has been defined

Seite 112 - 8.3 TCP/IP Setup

ZyWALL 10~100 Series Internet Security Gateway ii Copyright Copyright Copyright © 2002 by ZyXEL Communications Corporation. The contents of this publ

Seite 113 - 8.3.2 IP Alias Setup

ZyWALL 10~100 Series Internet Security Gateway xx List of Figures Figure 16-4 Creating/Editing A Firewall Rule (ZyWALL100)...

Seite 114

ZyWALL 10~100 Series Internet Security Gateway 16-4 Creating Custom Rules 16.3 Connection Direction Examples This section describes examples for f

Seite 115 - Internet Access

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-5 See the following figure. Figure 16-2 WAN to LAN Traffic 16.4 Rule Summ

Seite 116 - 9.1.2 PPTP Encapsulation

ZyWALL 10~100 Series Internet Security Gateway 16-6 Creating Custom Rules Figure 16-3 Firewall Rules Summary: First Screen (ZyWALL100) The followi

Seite 117

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-7 Table 16-1 Firewall Rules Summary: First Screen FIELD DESCRIPTION Vacant

Seite 118 - 9.1.4 PPPoE Encapsulation

ZyWALL 10~100 Series Internet Security Gateway 16-8 Creating Custom Rules Table 16-1 Firewall Rules Summary: First Screen FIELD DESCRIPTION Insert

Seite 119 - 9.2 Basic Setup Complete

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-9 Table 16-2 Predefined Services SERVICE DESCRIPTION CU-SEEME(TCP/UDP:764

Seite 120

ZyWALL 10~100 Series Internet Security Gateway 16-10 Creating Custom Rules Table 16-2 Predefined Services SERVICE DESCRIPTION NNTP(TCP:119) Net

Seite 121 - Part III:

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-11 Table 16-2 Predefined Services SERVICE DESCRIPTION TACACS(UDP:49) Lo

Seite 122

ZyWALL 10~100 Series Internet Security Gateway 16-12 Creating Custom Rules Figure 16-4 Creating/Editing A Firewall Rule (ZyWALL100) Table 16-3 Cr

Seite 123 - Remote Node Setup

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-13 Table 16-3 Creating/Editing A Firewall Rule FIELD DESCRIPTION OPTIONS

Seite 124 - 10.2 Remote Node Profile

ZyWALL 10~100 Series Internet Security Gateway List of Figures xxi Figure 19-12 Protocol and Device Filter Sets ...

Seite 125 - 10.2.2 PPPoE Encapsulation

ZyWALL 10~100 Series Internet Security Gateway 16-14 Creating Custom Rules Table 16-3 Creating/Editing A Firewall Rule FIELD DESCRIPTION OPTIONS

Seite 126

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-15 Table 16-4 Adding/Editing Source and Destination Addresses FIELD DESCRI

Seite 127 - 10.2.3 PPTP Encapsulation

ZyWALL 10~100 Series Internet Security Gateway 16-16 Creating Custom Rules Figure 16-6 Creating/Editing A Custom Port The next table describes the

Seite 128

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-17 16.8 Example Firewall Rule The following Internet firewall rule examp

Seite 129

ZyWALL 10~100 Series Internet Security Gateway 16-18 Creating Custom Rules Step 6. Configure the Firewall IP Config screen as follows and click Ap

Seite 130 - 10-8 Remote Node Setup

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-19 Figure 16-9 Custom Port for MyService Step 8. The firewall rule confi

Seite 131

ZyWALL 10~100 Series Internet Security Gateway 16-20 Creating Custom Rules Figure 16-10 MyService Rule Configuration (ZyWALL100) This is your “My

Seite 132 - 10-10 Remote Node Setup

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-21 Step 9. On completing the configuration procedure for this Internet fir

Seite 134 - 10.5 Traffic Redirect

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-1 Chapter 17 Content Filtering This chapter provides a brief overview of conten

Seite 135

ZyWALL 10~100 Series Internet Security Gateway xxii List of Figures Figure 22-11 Restore Configuration Example ...

Seite 136

ZyWALL 10~100 Series Internet Security Gateway 17-2 Content Filtering Figure 17-1Content Filter: Categories Table 17-1 Content Filter: Categories L

Seite 137 - Remote Node Setup 10-15

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-3 Table 17-1 Content Filter: Categories LABEL DESCRIPTION Java A programming

Seite 138

ZyWALL 10~100 Series Internet Security Gateway 17-4 Content Filtering Table 17-1 Content Filter: Categories LABEL DESCRIPTION Gross Depictions Sel

Seite 139 - IP Static Route Setup

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-5 Table 17-1 Content Filter: Categories LABEL DESCRIPTION Sports/ Entertainm

Seite 140 - 11.1 IP Static Route Setup

ZyWALL 10~100 Series Internet Security Gateway 17-6 Content Filtering Figure 17-2 Content Filter: Free Table 17-2 Content Filter: Free LABEL DESCRI

Seite 141

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-7 17.3 iCard Click Content on the navigation panel, and then the iCard tab to o

Seite 142

ZyWALL 10~100 Series Internet Security Gateway 17-8 Content Filtering Table 17-3 Content Filter: iCard LABEL DESCRIPTION E-mail Type your e-mail ad

Seite 143 - Chapter 12

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-9 Figure 17-4 Content Filter: List Update Table 17-4 Content Filter: List Upd

Seite 144 - 12.1.3 How NAT Works

ZyWALL 10~100 Series Internet Security Gateway 17-10 Content Filtering 17.5 Exempt Computers Click Content on the navigation panel, and then the Exem

Seite 145 - Figure 12-1 How NAT Works

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-11 Table 17-5 Content Filter: Exempt Zone LABEL DESCRIPTION Exclude specified a

Seite 146 - 12.1.5 NAT Mapping Types

ZyWALL 10~100 Series Internet Security Gateway List of Figures xxiii Figure 25-10 Bandwidth Management Statistics ...

Seite 147

ZyWALL 10~100 Series Internet Security Gateway 17-12 Content Filtering Figure 17-6 Content Filter: Customize Table 17-6 Content Filter: Customize LA

Seite 148 - 12.2 Using NAT

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-13 Table 17-6 Content Filter: Customize LABEL DESCRIPTION Disable all web traf

Seite 149

ZyWALL 10~100 Series Internet Security Gateway 17-14 Content Filtering 17.7 Domain Name Click Content on the navigation panel, and then the Domain Na

Seite 150 - 12.3 NAT Setup

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-15 Table 17-7 Content Filter: Domain Name LABEL DESCRIPTION Add Keyword Click A

Seite 152

Logs, Filter Configuration, and SNMP Configuration V Part V: Logs, Filter Configuration, and SNMP Configuration This part provides informatio

Seite 154

ZyWALL 10~100 Series Internet Security Gateway Centralized Logs 18-1Chapter 18 Centralized Logs This chapter contains information about configuring

Seite 155

ZyWALL 10~100 Series Internet Security Gateway 18-2 Centralized Logs Figure 18-1 View Log Table 18-1 View Log FIELD DESCRIPTION Display The catego

Seite 156 - Telnet 23

ZyWALL 10~100 Series Internet Security Gateway Centralized Logs 18-3Table 18-1 View Log FIELD DESCRIPTION Destination This field lists the desti

Seite 157

ZyWALL 10~100 Series Internet Security Gateway xxiv List of Figures Figure 29-10 Menu 27.1.1.2: Manual Setup ...

Seite 158

ZyWALL 10~100 Series Internet Security Gateway 18-4 Centralized Logs Figure 18-2 Log Settings

Seite 159 - 12.5 General NAT Examples

ZyWALL 10~100 Series Internet Security Gateway Centralized Logs 18-5 Table 18-2 Log Settings Screen FIELD DESCRIPTION Address Info Mail Server E

Seite 160

ZyWALL 10~100 Series Internet Security Gateway 18-6 Centralized Logs Table 18-2 Log Settings Screen FIELD DESCRIPTION Log Schedule This drop-down m

Seite 161

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-1Chapter 19 Filter Configuration This chapter shows you how to create and ap

Seite 162

ZyWALL 10~100 Series Internet Security Gateway 19-2 Filter Configuration Figure 19-1 Outgoing Packet Filtering Process For incoming packets, your Zy

Seite 163

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-3StartFetch FirstFilter SetFetch FirstFilter RuleActive?ExecuteFilter RuleFe

Seite 164

ZyWALL 10~100 Series Internet Security Gateway 19-4 Filter Configuration You can apply up to four filter sets to a particular port to block multiple

Seite 165

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-5Step 3. Select the filter set you wish to configure (1-12) and press [ENTE

Seite 166

ZyWALL 10~100 Series Internet Security Gateway 19-6 Filter Configuration Table 19-2 Rule Abbreviations Used ABBREVIATION DESCRIPTION IP Pr Protocol

Seite 167

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-7To configure TCP/IP rules, select TCP/IP Filter Rule from the Filter Type f

Seite 168

ZyWALL 10~100 Series Internet Security Gateway List of Tables xxv List of Tables Table 1-1 Model Specific Features...

Seite 169

ZyWALL 10~100 Series Internet Security Gateway 19-8 Filter Configuration Table 19-3 TCP/IP Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS IP Mask

Seite 170

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-9Table 19-3 TCP/IP Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Log Pr

Seite 171 - Part IV:

ZyWALL 10~100 Series Internet Security Gateway 19-10 Filter Configuration Packetinto IP FilterMatchedMatchedYesAction MatchedAction Not MatchedMore?N

Seite 172

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-1119.2.3 Generic Filter Rule This section shows you how to configure a gener

Seite 173 - Firewalls

ZyWALL 10~100 Series Internet Security Gateway 19-12 Filter Configuration Table 19-4 Generic Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Fil

Seite 174

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-1319.3 Example Filter Let’s look at an example to block outside users from t

Seite 175 - 13.4 Denial of Service

ZyWALL 10~100 Series Internet Security Gateway 19-14 Filter Configuration Step 6. Enter 1 to configure the first filter rule (the only filter rule

Seite 176 - 13.4.2 Types of DoS Attacks

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-15Figure 19-11 Example Filter Rules Summary: Menu 21.1.3 After you’ve create

Seite 177

ZyWALL 10~100 Series Internet Security Gateway 19-16 Filter Configuration 19.4 Filter Types and NAT There are two classes of filter rules, Generic F

Seite 178 - 18 ADDRESS_MASK_REPLY

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-1719.6 Applying a Filter and Factory Defaults This section shows you where

Seite 179 - 13.5 Stateful Inspection

ZyWALL 10~100 Series Internet Security Gateway xxvi List of Tables Table 9-1 Menu 4: Internet Access Setup Menu Fields ...

Seite 180

ZyWALL 10~100 Series Internet Security Gateway 19-18 Filter Configuration outgoing traffic from the ZyWALL. The ZyWALL already has filters to prevent

Seite 181

ZyWALL 10~100 Series Internet Security Gateway SNMP Configuration 20-1 Chapter 20 SNMP Configuration This chapter explains SNMP configuration menu

Seite 182 - 13.5.4 UDP/ICMP Security

ZyWALL 10~100 Series Internet Security Gateway 20-2 SNMP Configuration Figure 20-1 SNMP Management Model An SNMP managed network consists of two mai

Seite 183 - 13.5.5 Upper Layer Protocols

ZyWALL 10~100 Series Internet Security Gateway SNMP Configuration 20-3 • GetNext - Allows the manager to retrieve the next object variable from a

Seite 184 - 13.6.1 Security In General

ZyWALL 10~100 Series Internet Security Gateway 20-4 SNMP Configuration Table 20-1 SNMP Configuration Menu Fields FIELD DESCRIPTION EXAMPLE Set Com

Seite 185 - 13.7.2 Firewall

System Information and Diagnosis and Firmware and Configuration File Maintenance VI Part VI: System Information and Diagnosis and Firmware and C

Seite 187 - Chapter 14

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-1 Chapter 21 System Information & Diagnosis This chapter co

Seite 188

ZyWALL 10~100 Series Internet Security Gateway 21-2 System Information and Diagnosis Step 1. Enter number 24 to go to Menu 24 - System Maintenanc

Seite 189 - Chapter 15

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-3 Table 21-1 System Maintenance: Status Menu Fields FIELD DESCR

Seite 190 - 15.3 Attack Alert

ZyWALL 10~100 Series Internet Security Gateway List of Tables xxvii Table 16-4 Adding/Editing Source and Destination Addresses...

Seite 191 - 15.3.2 Half-Open Sessions

ZyWALL 10~100 Series Internet Security Gateway 21-4 System Information and Diagnosis 21.2.1 System Information System Information gives you inform

Seite 192

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-5 21.2.2 Console Port Speed You can change the speed of the con

Seite 193

ZyWALL 10~100 Series Internet Security Gateway 21-6 System Information and Diagnosis After the ZyWALL finishes displaying, you will have the opti

Seite 194 - Table 15-1 Attack Alert

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-7 The ZyWALL uses the UNIX syslog facility to log the CDR (Cal

Seite 195

ZyWALL 10~100 Series Internet Security Gateway 21-8 System Information and Diagnosis Table 21-3 System Maintenance Menu Syslog Parameters PARAMETE

Seite 196

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-9 3. Filter log Filter log Message Format SdcmdSyslogSend(S

Seite 197 - Creating Custom Rules

ZyWALL 10~100 Series Internet Security Gateway 21-10 System Information and Diagnosis 21.3.3 Call-Triggering Packet Call-Triggering Packet display

Seite 198 - 16.2 Rule Logic Overview

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-11 Follow the procedure below to get to Menu 24.4 - System Main

Seite 199

ZyWALL 10~100 Series Internet Security Gateway 21-12 System Information and Diagnosis Figure 21-11 WAN & LAN DHCP The following table describ

Seite 200 - 16.3.2 WAN to LAN Rules

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-1 Chapter 22 Firmware and Configuration File Mainten

Seite 201 - 16.4 Rule Summary

ZyWALL 10~100 Series Internet Security Gateway xxviii List of Tables Table 24-1 Menu 24.11 – Remote Management Control...

Seite 202

ZyWALL 10~100 Series Internet Security Gateway 22-2 Firmware and Configuration File Maintenance local network or FTP site and so the name (but not

Seite 203

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-3 22.2.1 Backup Configuration Follow the instruction

Seite 204 - 16.5 Predefined Services

ZyWALL 10~100 Series Internet Security Gateway 22-4 Firmware and Configuration File Maintenance Figure 22-2 FTP Session Example 22.2.4 GUI-based

Seite 205

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-5 1. The firewall is active (turn the firewall off

Seite 206

ZyWALL 10~100 Series Internet Security Gateway 22-6 Firmware and Configuration File Maintenance 22.2.7 TFTP Command Example The following is an ex

Seite 207

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-7 Figure 22-3 System Maintenance: Backup Configurat

Seite 208

ZyWALL 10~100 Series Internet Security Gateway 22-8 Firmware and Configuration File Maintenance 22.3 Restore Configuration This section shows you

Seite 209

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-9 Figure 22-7 Telnet into Menu 24.6 Step 1. Launch

Seite 210

ZyWALL 10~100 Series Internet Security Gateway 22-10 Firmware and Configuration File Maintenance 22.3.2 Restore Using FTP Session Example Figure 2

Seite 211 - 16.6 Custom Ports

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-11 Figure 22-11 Restore Configuration Example Step 4

Seite 212

ZyWALL 10~100 Series Internet Security Gateway List of Tables xxix Table 31-4 Troubleshooting the WAN interface...

Seite 213 - Select WAN to LAN from the

ZyWALL 10~100 Series Internet Security Gateway 22-12 Firmware and Configuration File Maintenance WARNING! Do not interrupt the file transfer proce

Seite 214

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-13 22.4.2 Configuration File Upload You see the foll

Seite 215

ZyWALL 10~100 Series Internet Security Gateway 22-14 Firmware and Configuration File Maintenance transfers the configuration file on the ZyWALL to

Seite 216

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-15 Step 3. Enter the command “sys stdio 0” to disab

Seite 217

ZyWALL 10~100 Series Internet Security Gateway 22-16 Firmware and Configuration File Maintenance 22.4.8 Uploading Firmware File Via Console Port S

Seite 218

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-17 22.4.9 Example Xmodem Firmware Upload Using Hyper

Seite 219 - Content Filtering

ZyWALL 10~100 Series Internet Security Gateway 22-18 Firmware and Configuration File Maintenance Figure 22-18 Menu 24.7.2 as seen using the Conso

Seite 220

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-19 Figure 22-19 Example Xmodem Upload After the conf

Seite 222 - 17-4 Content Filtering

System Maintenance and Information and Remote Management VII Part VII: System Maintenance and Information and Remote Management This part provid

Seite 223 - 17.2 Free

ZyWALL 10~100 Series Internet Security Gateway FCC iii Federal Communications Commission (FCC) Interference Statement This device complies with Part

Seite 224 - 17-6 Content Filtering

ZyWALL 10~100 Series Internet Security Gateway xxx Preface Preface About Your ZyWALL Congratulations on your purchase of the ZyWALL 10, 10W, 50 or 10

Seite 226 - 17.4 List Update

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 23-1 Chapter 23 System Maintenance & Information This ch

Seite 227

ZyWALL 10~100 Series Internet Security Gateway 23-2 System Maintenance & Information Figure 23-2 Valid Commands 23.2 Call Control Support The

Seite 228 - 17.5 Exempt Computers

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 23-3 23.2.1 Budget Management Menu 24.9.1 shows the budget man

Seite 229 - 17.6 Customizing

ZyWALL 10~100 Series Internet Security Gateway 23-4 System Maintenance & Information 23.2.2 Call History This is the second option in Menu 24.9

Seite 230

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 23-5 23.3 Time and Date Setting The Real Time Chip (RTC) kee

Seite 231 - Content Filtering 17-13

ZyWALL 10~100 Series Internet Security Gateway 23-6 System Maintenance & Information Figure 23-7 Menu 24.10 System Maintenance: Time and Date S

Seite 232 - 17.7 Domain Name

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 23-7 Table 23-3 Time and Date Setting Fields FIELD DESCRIPTION

Seite 234

ZyWALL 10~100 Series Internet Security Gateway Remote Management 24-1Chapter 24 Remote Management This chapter covers remote management found in S

Seite 235 - Part V:

ZyWALL 10~100 Series Internet Security Gateway Preface xxxi • Mouse action sequences are denoted using a comma. For example, “click the Apple icon,

Seite 236

ZyWALL 10~100 Series Internet Security Gateway 24-2 Remote Management 24.3 FTP You can upload and download the ZyWALL’s firmware and configuration fi

Seite 237 - Centralized Logs

ZyWALL 10~100 Series Internet Security Gateway Remote Management 24-3 LAN only,  Neither (Disable). When you Choose WAN only or ALL (LAN &

Seite 238 - Table 18-1 View Log

ZyWALL 10~100 Series Internet Security Gateway 24-4 Remote Management Table 24-1 Menu 24.11 – Remote Management Control FIELD DESCRIPTION EXAMPLE S

Seite 239 - 18.2 Log Settings

ZyWALL 10~100 Series Internet Security Gateway Remote Management 24-524.9 System Timeout There is a system timeout of five minutes (three hundred

Seite 241 - Centralized Logs 18-5

Bandwidth Management VIII Part VIII: Bandwidth Management This part provides information on the functions and configuration of Bandwidth Managem

Seite 243 - Filter Configuration

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-1 Chapter 25 Bandwidth Management This chapter describes the functions and

Seite 244 - Outgoing

ZyWALL 10~100 Series Internet Security Gateway 25-2 Bandwidth Management application and/or subnet. Use the Class Configuration tab (see section 25.8

Seite 245 - Filter Set

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-3 Figure 25-1 Application-based Bandwidth Management Example 25.4.2 Subnet

Seite 247

ZyWALL 10~100 Series Internet Security Gateway 25-4 Bandwidth Management Table 25-1 Application and Subnet-based Bandwidth Management Example TRAFFIC

Seite 248 - 19.2.2 TCP/IP Filter Rule

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-5 25.5.1 Priority-based Scheduler With the priority-based scheduler, the Zy

Seite 249

ZyWALL 10~100 Series Internet Security Gateway 25-6 Bandwidth Management Step 2. Do not enable the interface’s Maximize Bandwidth Usage option. Step

Seite 250 - 19-8 Filter Configuration

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-7 In this case, suppose that all of the classes except for the administrati

Seite 251 - Filter Configuration 19-9

ZyWALL 10~100 Series Internet Security Gateway 25-8 Bandwidth Management 25.7 Bandwidth Borrowing Bandwidth borrowing allows a child-class to borrow

Seite 252 - 19-10 Filter Configuration

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-9 Figure 25-6 Bandwidth Borrowing Example  The Bill class can borrow unus

Seite 253 - 19.2.3 Generic Filter Rule

ZyWALL 10~100 Series Internet Security Gateway 25-10 Bandwidth Management  The Bill class cannot borrow unused bandwidth from the Root class because

Seite 254 - 19-12 Filter Configuration

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-11 25.8.1 Bandwidth Manager Summary Enable bandwidth management on an inter

Seite 255 - 19.3 Example Filter

ZyWALL 10~100 Series Internet Security Gateway 25-12 Bandwidth Management Table 25-2 Bandwidth Manager: Summary FIELD DESCRIPTION LAN WAN DMZ WLAN T

Seite 256

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-13 bigger bandwidth budgets than the total of the budgets of their child-cl

Seite 257

Overview I Part I: Overview This part covers Getting to Know Your ZyWALL and Hardware Installation.

Seite 258 - 19.5 Firewall

ZyWALL 10~100 Series Internet Security Gateway 25-14 Bandwidth Management 25.8.3 Bandwidth Manager Class Configuration Configure a bandwidth manageme

Seite 259 - 19.6.2 DMZ Filters

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-15 Table 25-4 Bandwidth Manager: Class Configuration FIELD DESCRIPTION BW B

Seite 260 - 19.6.3 Remote Node Filters

ZyWALL 10~100 Series Internet Security Gateway 25-16 Bandwidth Management Table 25-5Services and Port Numbers SERVICES PORT NUMBER ECHO 7 FTP (File T

Seite 261 - SNMP Configuration

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-17 Table 25-6 Bandwidth Management Statistics FIELD DESCRIPTION Class Nam

Seite 262

ZyWALL 10~100 Series Internet Security Gateway 25-18 Bandwidth Management Figure 25-11 Bandwidth Manager Monitor Table 25-7 Bandwidth Manager Monit

Seite 263 - 20.3 SNMP Configuration

IPPR, Call Scheduling and VPN/IPSec IX Part IX: IP Policy Routing, Call Scheduling and VPN/IPSec This part provides information on how to conf

Seite 265 - Part VI:

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-1 Chapter 26 IP Policy Routing This chapter covers setting and applying polici

Seite 266

ZyWALL 10~100 Series Internet Security Gateway 26-2 IP Policy Routing address and port, ToS and precedence (fields in the IP header) and length. Th

Seite 267 - Chapter 21

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-3 Step 2. Type the index of the policy set you want to configure to open Menu

Seite 269 - 2. Console Port Speed

ZyWALL 10~100 Series Internet Security Gateway 26-4 IP Policy Routing Table 26-1 IP Routing Policy Setup ABBREVIATION MEANING T Outgoing Type

Seite 270 - 21.2.1 System Information

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-5 Table 26-2 IP Routing Policy FIELD DESCRIPTION Active Press [SPACE BAR] and t

Seite 271 - 21.3 Log and Trace

ZyWALL 10~100 Series Internet Security Gateway 26-6 IP Policy Routing Table 26-2 IP Routing Policy FIELD DESCRIPTION When you have completed this m

Seite 272 - 21.3.2 UNIX Syslog

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-7 26.6 IP Policy Routing Example If a network has both Internet and remote nod

Seite 273

ZyWALL 10~100 Series Internet Security Gateway 26-8 IP Policy Routing Figure 26-8 IP Routing Policy Example Step 3. Check Menu 25.1 - IP Routing

Seite 274

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-9 Step 5. Create a rule in menu 25.1.1 for this set to route packets from any

Seite 275 - 5. Firewall log

ZyWALL 10~100 Series Internet Security Gateway 26-10 IP Policy Routing Figure 26-10 Applying IP Policies Menu 3.2 - TCP/IP and DHCP Ethernet Setup

Seite 276 - 21.4 Diagnostic

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 27-1 Chapter 27 Call Scheduling Call scheduling allows you to dictate when a remote

Seite 277 - 21.4.1 WAN DHCP

ZyWALL 10~100 Series Internet Security Gateway 27-2 Call Scheduling To delete a schedule set, enter the set number and press [SPACE BAR] and then [EN

Seite 278

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 27-3 Table 27-1Schedule Set Setup Fields FIELD DESCRIPTION OPTIONS Once: Date

Seite 279 - Maintenance

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-1 Chapter 1 Getting to Know Your ZyWALL This chapter introduces the m

Seite 280 - 22.2 Backup Configuration

ZyWALL 10~100 Series Internet Security Gateway 27-4 Call Scheduling Figure 27-3 Applying Schedule Set(s) to a Remote Node (PPPoE) You can apply up to

Seite 281 - 22.2.1 Backup Configuration

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 27-5 Figure 27-4 Applying Schedule Set(s) to a Remote Node (PPTP)

Seite 283

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 28-1 Chapter 28 Introduction to IPSec This chapter introduces the basics of IP

Seite 284 - 22.2.7 TFTP Command Example

ZyWALL 10~100 Series Internet Security Gateway 28-2 Introduction to IPSec Figure 28-1 Encryption and Decryption  Data Confidentiality The IPSec

Seite 285

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 28-3 Figure 28-2 VPN Application 28.2 IPSec Architecture The overall IPSec ar

Seite 286 - 22.3 Restore Configuration

ZyWALL 10~100 Series Internet Security Gateway 28-4 Introduction to IPSec Figure 28-3 IPSec Architecture 28.2.1 IPSec Algorithms The ESP (Encapsul

Seite 287

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 28-5 28.3 Encapsulation The two modes of operation for IPSec VPNs are Transpor

Seite 288

ZyWALL 10~100 Series Internet Security Gateway 28-6 Introduction to IPSec A NAT device in between the IPSec endpoints will rewrite either the sourc

Seite 289

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-1 Chapter 29 VPN/IPSec Setup This chapter introduces the VPN SMT menus. See the

Seite 290 - 22.4.1 Firmware File Upload

ZyWALL 10~100 Series Internet Security Gateway 1-2 Getting to Know Your ZyWALL Table 1-1 Model Specific Features ZYWALL MODEL FEATURES 100 50 10W

Seite 291

ZyWALL 10~100 Series Internet Security Gateway 29-2 VPN/IPSec Setup Figure 29-2 Menu 27: VPN/IPSec Setup 29.2 IPSec Algorithms The ESP and AH protoc

Seite 292 - 22.4.5 TFTP File Upload

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-3 Table 29-1 AH and ESP ESP AH Select DES for minimal security and 3DES for maxi

Seite 293

ZyWALL 10~100 Series Internet Security Gateway 29-4 VPN/IPSec Setup IPSec SA lifetime period expires. If there is no traffic when the IPSec SA lifeti

Seite 294

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-5 Table 29-3 Peer Fields LOCAL ID TYPE= CONTENT= IP N/A, do not enter anythi

Seite 295 - Then click Send

ZyWALL 10~100 Series Internet Security Gateway 29-6 VPN/IPSec Setup Table 29-5 Mismatching ID Type and Content Configuration Example ZYWALL A ZYWAL

Seite 296

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-7 Table 29-6 Telecommuter and Headquarters Configuration Example TELECOMMUTER H

Seite 297

ZyWALL 10~100 Series Internet Security Gateway 29-8 VPN/IPSec Setup The Secure Gateway IP Address may be configured as 0.0.0.0 only when using IKE ke

Seite 298

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-9 Table 29-7 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE Local Addr Start

Seite 299 - Part VII:

ZyWALL 10~100 Series Internet Security Gateway 29-10 VPN/IPSec Setup Table 29-7 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE Remote Addr Start

Seite 300

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-11 Table 29-7 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE Select Command P

Seite 301 - Chapter 23

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-3 10/100 Mbps Ethernet WAN The 10/100 Mbps Ethernet WAN port attaches

Seite 302 - 23.2 Call Control Support

ZyWALL 10~100 Series Internet Security Gateway 29-12 VPN/IPSec Setup Figure 29-7 Menu 27.1.1: IPSec Setup You must also configure menu 27.1.1.1 or

Seite 303 - 23.2.1 Budget Management

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-13 Table 29-8 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE Keep Alive Press

Seite 304 - 23.2.2 Call History

ZyWALL 10~100 Series Internet Security Gateway 29-14 VPN/IPSec Setup Table 29-8 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE Content This field

Seite 305 - 23.3 Time and Date Setting

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-15 Table 29-8 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE End When the Add

Seite 306

ZyWALL 10~100 Series Internet Security Gateway 29-16 VPN/IPSec Setup Table 29-8 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE End When the Addr

Seite 307 - 23.3.1 Resetting the Time

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-17 29.5 IKE Setup To edit this menu, the Key Management field Menu 27.1.1 – IPSec

Seite 308

ZyWALL 10~100 Series Internet Security Gateway 29-18 VPN/IPSec Setup  Set the IPSec SA lifetime. This field allows you to determine how long the IPS

Seite 309 - Remote Management

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-19 secret (which may have security implications in the long run) but allows faste

Seite 310 - 24.7 Remote Management

ZyWALL 10~100 Series Internet Security Gateway 29-20 VPN/IPSec Setup Table 29-9 Menu 27.1.1.1: IKE Setup FIELD DESCRIPTION EXAMPLEEncryption Algorith

Seite 311

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-21 Table 29-9 Menu 27.1.1.1: IKE Setup FIELD DESCRIPTION EXAMPLEPerfect Forward S

Seite 312

ZyWALL 10~100 Series Internet Security Gateway 1-4 Getting to Know Your ZyWALL Firewall The ZyWALL is a stateful inspection firewall with DoS (Deni

Seite 313 - 24.9 System Timeout

ZyWALL 10~100 Series Internet Security Gateway 29-22 VPN/IPSec Setup Figure 29-10 Menu 27.1.1.2: Manual Setup Table 29-11 Menu 27.1.1.2: Manual Set

Seite 314

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-23 Table 29-11 Menu 27.1.1.2: Manual Setup FIELD DESCRIPTION EXAMPLE Key3 Enter

Seite 316

ZyWALL 10~100 Series Internet Security Gateway SA Monitor 30-1 Chapter 30 SA Monitor This chapter teaches you how to manage your SAs by using the S

Seite 317 - Bandwidth Management

ZyWALL 10~100 Series Internet Security Gateway 30-2 SA Monitor Table 30-1 Menu 27.2: SA Monitor FIELD DESCRIPTION EXAMPLE # This is the security a

Seite 318

Troubleshooting X Part X: Troubleshooting This part provides possible remedies for potential problems.

Seite 320 - 25.5 Scheduler

ZyWALL 10~100 Series Internet Security Gateway Troubleshooting 31-1 Chapter 31 Troubleshooting This chapter covers potential problems and possible

Seite 321

ZyWALL 10~100 Series Internet Security Gateway 31-2 Troubleshooting 31.2 Problems with the LAN Interface Table 31-2 Troubleshooting the LAN Interfac

Seite 322

ZyWALL 10~100 Series Internet Security Gateway Troubleshooting 31-3 31.4 Problems with the WAN Interface Table 31-4 Troubleshooting the WAN inter

Seite 323

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-5 Universal Plug and Play (UPnP) Using the standard TCP/IP protocol, t

Seite 324 - 25.7 Bandwidth Borrowing

ZyWALL 10~100 Series Internet Security Gateway 31-4 Troubleshooting 31.6 Problems with the Password Table 31-6 Troubleshooting the Password PROBLEM

Seite 325

General Appendices XI Part XI: General Appendices This part provides background information about setting up your computer’s IP address, triang

Seite 327 - Bandwidth Manager Summary

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 1 Appendix A Setting up Your Computer’s IP Address All compute

Seite 328

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 2The Network window Configuration tab displays a list of instal

Seite 329

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 3 1. Click the IP Address tab. -If your IP address is dynamic,

Seite 330 - FIELD DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 43. Click the Gateway tab. -If you do not know your gateway’s

Seite 331

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 5 1. For Windows XP, click start, Control Panel. In Windows 20

Seite 332

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 64. Select Internet Protocol (TCP/IP) (under the General tab in

Seite 333

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 7 6. -If you do not know your gateway's IP address, remo

Seite 334

ZyWALL 10~100 Series Internet Security Gateway iv Information for Canadian Users Information for Canadian Users The Industry Canada label identifie

Seite 335 - Part IX:

ZyWALL 10~100 Series Internet Security Gateway 1-6 Getting to Know Your ZyWALL SNMP SNMP (Simple Network Management Protocol) is a protocol used fo

Seite 336

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 8 7. In the Internet Protocol TCP/IP Properties window (the Gen

Seite 337 - IP Policy Routing

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 9 1. Click the Apple menu, Control Panel and double-click TCP/

Seite 338

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 104. For statically assigned settings, do the following: -Fro

Seite 339

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 11 2. Click Network in the icon bar. - Select Automatic fro

Seite 340

ZyWALL 10~100 Series Internet Security Gateway Triangle Route 12Appendix B Triangle Route The Ideal Setup When the firewall is on, your ZyWALL act

Seite 341 - Table 26-2 IP Routing Policy

ZyWALL 10~100 Series Internet Security Gateway Triangle Route 13 Diagram B-2 “Triangle Route” Problem The “Triangle Route” Solutions This section

Seite 342 - 26.5 Applying an IP Policy

ZyWALL 10~100 Series Internet Security Gateway Triangle Route 14Gateways on the WAN Side A second solution to the “triangle route” problem is to put

Seite 343

ZyWALL 10~100 Series Internet Security Gateway The Big Picture 15 Appendix C The Big Picture The following figure gives an overview of how filteri

Seite 344

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN and IEEE 802.11 16Appendix D Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provi

Seite 345

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN and IEEE 802.11 17 The IEEE 802.11 specifies three different transmission methods for t

Seite 346 - 26-10 IP Policy Routing

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-7 Upgrade ZyWALL Firmware via LAN The firmware of the ZyWALL can be up

Seite 347 - Call Scheduling

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN and IEEE 802.11 18 Diagram D-1 Peer-to-Peer Communication in an Ad-hoc Network Infrast

Seite 348

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN and IEEE 802.11 19 could be any type of network, it is almost invariably an Ethernet LA

Seite 349

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN with IEEE 802.1x 20Appendix E Wireless LAN With IEEE 802.1x As wireless networks becom

Seite 350 - 27-4 Call Scheduling

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN with IEEE 802.1x 21 • Support for RADIUS (Remote Authentication Dial In User Service,

Seite 352

ZyWALL 10~100 Series Internet Security Gateway PPPoE 23 Appendix F PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP over

Seite 353 - Introduction to IPSec

ZyWALL 10~100 Series Internet Security Gateway 24 PPPoE How PPPoE Works The PPPoE driver makes the Ethernet appear as a serial link to the PC and the

Seite 354 - 28.1.5 VPN Applications

ZyWALL 10~100 Series Internet Security Gateway PPTP 25 Appendix G PPTP What is PPTP? PPTP (Point-to-Point Tunneling Protocol) is a Microsoft propri

Seite 355 - 28.2 IPSec Architecture

ZyWALL 10~100 Series Internet Security Gateway 26 PPTP PPTP Protocol Overview PPTP is very similar to L2TP, since L2TP is based on both PPTP and L2F

Seite 356 - 28.2.2 Key Management

ZyWALL 10~100 Series Internet Security Gateway PPTP 27 Diagram G-3 Example Message Exchange between PC and an ANT PPP Data Connection The PPP fram

Seite 357 - 28.4 IPSec and NAT

ZyWALL 10~100 Series Internet Security Gateway 1-8 Getting to Know Your ZyWALL Figure 1-1 Secure Internet Access via Cable, DSL or Wireless Modem

Seite 358

ZyWALL 10~100 Series Internet Security Gateway 28 Hardware Specifications Appendix H Hardware Specifications Chart H-1 General Specifications Power S

Seite 359 - VPN/IPSec Setup

ZyWALL 10~100 Series Internet Security Gateway Hardware Specifications 29 Cable Pin Assignments In a serial communications connection, generally a

Seite 360 - 29.2 IPSec Algorithms

ZyWALL 10~100 Series Internet Security Gateway 30 Hardware Specifications Chart H-3 Ethernet Cable Pin Assignments WAN/LAN/DMZ Ethernet Cable Pin Lay

Seite 361 - 29.3 IPSec Summary

ZyWALL 10~100 Series Internet Security Gateway Hardware Specifications 31 Chart H-5 European Union AC Power Adaptor Specifications Power consumpti

Seite 362 - 29.3.2 ID Type and Content

ZyWALL 10~100 Series Internet Security Gateway 32 Hardware Specifications Chart H-8 Australia and New Zealand AC Power Adaptor Specifications AC Pow

Seite 363

ZyWALL 10~100 Series Internet Security Gateway UPnP 33 Appendix I Universal Plug and Play What is Universal Plug and Play? Universal Plug and Play

Seite 364 - 29.3.3 My IP Address

ZyWALL 10~100 Series Internet Security Gateway 34 UPnP Are there any cautions about UPnP? The automated nature of NAT Traversal applications in estab

Seite 365

ZyWALL 10~100 Series Internet Security Gateway UPnP 35 Chart I-1 UPnPLABEL DESCRIPTION Enable the Universal Plug and Play (UPnP) feature Select

Seite 366

ZyWALL 10~100 Series Internet Security Gateway 36 UPnP Step 1. Click Start and Control Panel. Double-click Add/Remove Programs. Step 2. Click the

Seite 367 - VPN/IPSec Setup 29-9

ZyWALL 10~100 Series Internet Security Gateway UPnP 37 Step 4. Select Networking Service in the Components selection box and click Details. Step

Seite 368 - 29-10 VPN/IPSec Setup

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-9 1.3.2 VPN Application ZyWALL VPN is an ideal cost-effective way to c

Seite 369 - 29.4 IPSec Setup

ZyWALL 10~100 Series Internet Security Gateway 38 UPnP Step 1. Click start and Control Panel. Double-click Network Connections. An icon displays und

Seite 370

ZyWALL 10~100 Series Internet Security Gateway UPnP 39 When the UPnP-enabled device is disconnected from your computer, all port mappings will be de

Seite 371 - VPN/IPSec Setup 29-13

ZyWALL 10~100 Series Internet Security Gateway 40 UPnP Step 1. Click start and then Control Panel. Step 2. Double-click Network Connections. Step

Seite 372 - 29-14 VPN/IPSec Setup

ZyWALL 10~100 Series Internet Security Gateway UPnP 41 Step 6. Right-click on the icon for your ZyXEL device and select Properties. A properties wi

Seite 373 - VPN/IPSec Setup 29-15

ZyWALL 10~100 Series Internet Security Gateway 42 IP Subnetting Appendix J IP Subnetting IP Addressing Routers “route” based on the network number.

Seite 374 - 29-16 VPN/IPSec Setup

ZyWALL 10~100 Series Internet Security Gateway IP Subnetting 43  A class “B” address (16 host bits) can have 216 –2 or 65534 hosts. A class “A” a

Seite 375 - 29.5 IKE Setup

ZyWALL 10~100 Series Internet Security Gateway 44 IP Subnetting With subnetting, the class arrangement of an IP address is ignored. For example, a cl

Seite 376 - 29.5.3 Pre-Shared Key

ZyWALL 10~100 Series Internet Security Gateway IP Subnetting 45 The first three octets of the address make up the network number (class “C”). You w

Seite 377

ZyWALL 10~100 Series Internet Security Gateway 46 IP Subnetting 192.168.1.0 with mask 255.255.255.128 is the subnet itself, and 192.168.1.127 with ma

Seite 378 - 29-20 VPN/IPSec Setup

ZyWALL 10~100 Series Internet Security Gateway IP Subnetting 47 Subnet Address: 192.168.1.128 Lowest Host ID: 192.168.1.129 Broadcast Address: 192.

Seite 380

ZyWALL 10~100 Series Internet Security Gateway 48 IP Subnetting Chart J-12 Class C Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNET

Seite 381 - VPN/IPSec Setup 29-23

ZyWALL 10~100 Series Internet Security Gateway IP Subnetting 49 Chart J-13 Class B Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNE

Seite 382

ZyWALL 10~100 Series Internet Security Gateway 50 Safety Warnings and Instructions Appendix K Safety Warnings and Instructions 1. Be sure to read

Seite 383 - SA Monitor

ZyWALL 10~100 Series Internet Security Gateway Removing and Installing a ZyWALL 100 Fuse 51 Appendix L Removing and Installing a ZyWALL 100 Fuse Th

Seite 385 - Part X:

Command and Log Appendices XII Part XII: Command and Log Appendices This part provides information on the command line interface, firewall and

Seite 387 - Troubleshooting

ZyWALL 10~100 Series Internet Security Gateway Command Interpreter 55 Appendix M Command Interpreter The following describes how to use the command

Seite 388 - 31-2 Troubleshooting

ZyWALL 10~100 Series Internet Security Gateway 56 Firewall Commands Appendix N Firewall Commands The following describes the firewall commands. See

Seite 389 - Troubleshooting 31-3

ZyWALL 10~100 Series Internet Security Gateway Firewall Commands 57 Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION config display

Seite 390

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-1 Chapter 2 Hardware Installation This chapter explains the LEDs and ports

Seite 391 - Part XI:

ZyWALL 10~100 Series Internet Security Gateway 58 Firewall Commands Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION AAttttaacckk config

Seite 392

ZyWALL 10~100 Series Internet Security Gateway Firewall Commands 59 Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION SSeettss config edi

Seite 393 - Appendix A

ZyWALL 10~100 Series Internet Security Gateway 60 Firewall Commands Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION Config edit firewall

Seite 394

ZyWALL 10~100 Series Internet Security Gateway Firewall Commands 61 Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION config edit firewa

Seite 395

ZyWALL 10~100 Series Internet Security Gateway 62 Firewall Commands

Seite 396 - Windows 2000/NT/XP

ZyWALL 10~100 Series Internet Security Gateway NetBIOS Filter Commands 63 Appendix O NetBIOS Filter Commands The following describes the NetBIOS pa

Seite 397

ZyWALL 10~100 Series Internet Security Gateway 64 NetBIOS Filter Commands This command gives a read-only list of the current NetBIOS filter modes

Seite 398

ZyWALL 10~100 Series Internet Security Gateway NetBIOS Filter Commands 65 Chart O-1 NetBIOS Filter Default Settings NAME DESCRIPTION EXAMPLE WAN to

Seite 399

ZyWALL 10~100 Series Internet Security Gateway 66 NetBIOS Filter Commands <on|off> = For types 0 and 1, use on to enable the filter and blo

Seite 400 - Macintosh OS 8/9

ZyWALL 10~100 Series Internet Security Gateway Boot Commands 67 Appendix P Boot Commands The BootModule AT commands execute from within the router’

Seite 401

ZyWALL 10~100 Series Internet Security Gateway 2-2 Hardware Installation Figure 2-4 ZyWALL 10 Front Panel The following table describes the LED func

Seite 402 - Macintosh OS X

ZyWALL 10~100 Series Internet Security Gateway 68 Boot Commands Diagram P-2 Boot Module Commands AT just answer OK ATHE print

Seite 403

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 69 Appendix Q Log Descriptions Chart Q-1 System Error Logs LOG MESSAGE DESCRIPTIO

Seite 404 - Triangle Route

ZyWALL 10~100 Series Internet Security Gateway 70 Log Descriptions Chart Q-2 System Maintenance Logs TELNET Login Fail Someone has failed to log on

Seite 405 - IP Aliasing

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 71 Chart Q-5 Attack Logs LOG MESSAGE DESCRIPTION attack IGMP The firewall detected

Seite 406 - Gateways on the WAN Side

ZyWALL 10~100 Series Internet Security Gateway 72 Log Descriptions Chart Q-5 Attack Logs LOG MESSAGE DESCRIPTION syn flood TCP The firewall detecte

Seite 407 - The Big Picture

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 73 Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Firewall default policy: TCP (set

Seite 408 - Appendix D

ZyWALL 10~100 Series Internet Security Gateway 74 Log Descriptions Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Firewall rule match: IGMP (set:%d,

Seite 409

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 75 Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Firewall rule NOT match: OSPF (se

Seite 410

ZyWALL 10~100 Series Internet Security Gateway 76 Log Descriptions Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Filter match DROP <set %d/rule

Seite 411

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 77 Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Firewall sent TCP reset packets

Seite 412 - Appendix E

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-3 Table 2-1 LED Descriptions LED COLOR STATUS MEANING Orange Off The 10

Seite 413 - Client computer

ZyWALL 10~100 Series Internet Security Gateway 78 Log Descriptions Chart Q-7 ACL Setting Notes ACL SET NUMBER DIRECTION DESCRIPTION 9 DMZ to DMZ/ZyW

Seite 414

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 79 Chart Q-8 ICMP Notes TYPE CODE DESCRIPTION 0 Echo message 11 Time Exceeded 0

Seite 415 - Appendix F

ZyWALL 10~100 Series Internet Security Gateway 80 Log Descriptions Diagram Q-1 Example VPN Initiator IPSec Log VPN Responder IPSec Log The followin

Seite 416 - ZyWALL as a PPPoE Client

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 81 The following table shows sample log messages during IKE key exchange. Chart Q

Seite 417 - Appendix G

ZyWALL 10~100 Series Internet Security Gateway 82 Log Descriptions Chart Q-10 Sample IKE Key Exchange Logs LOG MESSAGE DESCRIPTION !! Remote IP <

Seite 418 - PPTP Protocol Overview

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 83 Chart Q-10 Sample IKE Key Exchange Logs LOG MESSAGE DESCRIPTION vs. My Local &l

Seite 419 - PPP Data Connection

ZyWALL 10~100 Series Internet Security Gateway 84 Log Descriptions Chart Q-11 Sample IPSec Logs During Packet Transmission LOG MESSAGE DESCRIPTION

Seite 420 - Hardware Specifications

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 85 Log Commands Go to the command line interface (the Command Interpreter Appendix

Seite 421 - Cable Pin Assignments

ZyWALL 10~100 Series Internet Security Gateway 86 Log Descriptions Use the sys logs display [log category] command to show the logs in an individual

Seite 422

ZyWALL 10~100 Series Internet Security Gateway Brute-Force Password Guessing Protection 87 Appendix R Brute-Force Password Guessing Protection The

Seite 423

ZyWALL 10~100 Series Internet Security Gateway 2-4 Hardware Installation Figure 2-5 ZyWALL 100 Rear Panel Figure 2-6 ZyWALL 50 Rear Panel

Seite 425 - Universal Plug and Play

Index XIII Part XIII: Index This part provides an Index of key terms.

Seite 427 - DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Index A Index 1 10/100 Mbps Ethernet WAN ... 1-3 A Access Point...

Seite 428

ZyWALL 10~100 Series Internet Security Gateway B Index call back delay ... 5-6 Call Control ...

Seite 429

ZyWALL 10~100 Series Internet Security Gateway Index C Default Policy Log... 16-7 DeMilitarized Zone...

Seite 430

ZyWALL 10~100 Series Internet Security Gateway D Index ESS ... See Extended Service Set ESS ID ...

Seite 431 - Web Configurator Easy Access

ZyWALL 10~100 Series Internet Security Gateway Index E When To Use ... 13-13 Firmware File Maintenance...

Seite 432

ZyWALL 10~100 Series Internet Security Gateway F Index Infrastructure Configuration ...18 Initial Screen...

Seite 433

ZyWALL 10~100 Series Internet Security Gateway Index G ISP’s Name ... 9-1 K Key Fields For Config

Seite 434 - IP Subnetting

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-5 Figure 2-7 ZyWALL 10W Rear Panel Figure 2-8 ZyWALL 10 Rear Panel This s

Seite 435 - Subnetting

ZyWALL 10~100 Series Internet Security Gateway H Index Applying NAT in the SMT Menus ... 12-6 Configuring...

Seite 436 - Example: Two Subnets

ZyWALL 10~100 Series Internet Security Gateway Index I Precedence ...26-2, 26-5 Priority ...

Seite 437

ZyWALL 10~100 Series Internet Security Gateway J Index Rules ... 16-1, 16-4 Checklist ...

Seite 438 - Example: Four Subnets

ZyWALL 10~100 Series Internet Security Gateway Index K Subnet Masks... 43 Subnetting ...

Seite 439 - Example Eight Subnets

ZyWALL 10~100 Series Internet Security Gateway L Index Troubleshooting...1 Internet Access...

Seite 440

ZyWALL 10~100 Series Internet Security Gateway Index M ZyNOS F/W Version ...21-3, 21-4, 22-2 ZyWALL Firewall Application...

Seite 441 - IP Subnetting 49

ZyWALL 10~100 Series Internet Security Gateway Warranty v ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this produ

Seite 442 - Appendix K

ZyWALL 10~100 Series Internet Security Gateway 2-6 Hardware Installation 2.2.1 Connecting the Console Port Use terminal emulator software on a compu

Seite 443 - Appendix L

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-7 Other ZyWALL models have an uplink button that allows you to switch When

Seite 444

ZyWALL 10~100 Series Internet Security Gateway 2-8 Hardware Installation Do not force, bend or twist the wireless LAN card. Figure 2-9 Inserting the

Seite 445 - Part XII:

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-9 After the ZyWALL is properly set up, you can make future changes to the co

Seite 447 - Command Interpreter

Initial Setup and Configuration II Part II: Initial Setup and Configuration This part covers Initial Setup, SMT Menu 1 General Setup, WAN and Di

Seite 449 - Chart N-1 Firewall Commands

ZyWALL 10~100 Series Internet Security Gateway Initial Setup 3-1 Chapter 3 Initial Setup This chapter explains how to perform the initial ZyWALL s

Seite 450

ZyWALL 10~100 Series Internet Security Gateway 3-2 Initial Setup Figure 3-2 Password Screen 3.2 Navigating the SMT Interface The SMT (System Manage

Seite 451 - Firewall Commands 59

ZyWALL 10~100 Series Internet Security Gateway Initial Setup 3-3 Table 3-1 Main Menu Commands OPERATION KEYSTROKES DESCRIPTION Exit the SMT Type

Seite 452 - 60 Firewall Commands

ZyWALL 10~100 Series Internet Security Gateway vi Customer Support Customer Support When you contact your customer support representative please have

Seite 453 - Firewall Commands 61

ZyWALL 10~100 Series Internet Security Gateway 3-4 Initial Setup Table 3-2 Main Menu Summary NO. MENU TITLE FUNCTION 4 Internet Access Setup Conf

Seite 454 - 62 Firewall Commands

ZyWALL 10~100 Series Internet Security Gateway Initial Setup 3-5 3.2.3 SMT Menus at a Glance The available SMT screens vary by ZyWALL model. The

Seite 455 - NetBIOS Filter Commands

ZyWALL 10~100 Series Internet Security Gateway 3-6 Initial Setup Figure 3-5 Advanced Management SMT Menus

Seite 456

ZyWALL 10~100 Series Internet Security Gateway Initial Setup 3-7 Figure 3-6 Schedule Setup and IPSec VPN Configuration SMT Menus 3.3 Changing the

Seite 457 - NetBIOS Filter Configuration

ZyWALL 10~100 Series Internet Security Gateway 3-8 Initial Setup 3.4 Resetting the ZyWALL If you forget your password or cannot access the ZyWALL, y

Seite 458

ZyWALL 10~100 Series Internet Security Gateway SMT Menu 1 – General Setup 4-1Chapter 4 SMT Menu 1 - General Setup Menu 1 - General Setup contains

Seite 459 - Boot Commands

ZyWALL 10~100 Series Internet Security Gateway 4-2 SMT Menu 1 – General Setup 4.2.1 DYNDNS Wildcard Enabling the wildcard feature for your host ca

Seite 460

ZyWALL 10~100 Series Internet Security Gateway SMT Menu 1 – General Setup 4-34.3.1 Configuring Dynamic DNS To configure Dynamic DNS, go to Menu 1:

Seite 461 - Log Descriptions

ZyWALL 10~100 Series Internet Security Gateway 4-4 SMT Menu 1 – General Setup Table 4-2 Configure Dynamic DNS Menu Fields FIELD DESCRIPTION EXA

Seite 462

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-1Chapter 5 WAN and Dial Backup Setup This chapter describes how to conf

Seite 463

ZyWALL 10~100 Series Internet Security Gateway Table of Contents vii Table of Contents Copyright...

Seite 464

ZyWALL 10~100 Series Internet Security Gateway 5-2 WAN and Dial Backup Setup Table 5-1 MAC Address Cloning in WAN Setup FIELD DESCRIPTION EXAMPLE

Seite 465

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-3 Figure 5-2 Menu 2: Dial Backup Setup Table 5-2 Menu 2: Dial Backup

Seite 466

ZyWALL 10~100 Series Internet Security Gateway 5-4 WAN and Dial Backup Setup Table 5-2 Menu 2: Dial Backup Setup FIELD DESCRIPTION EXAMPLE When y

Seite 467

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-5 Figure 5-3 Menu 2.1 Advanced WAN Setup The following table describes f

Seite 468

ZyWALL 10~100 Series Internet Security Gateway 5-6 WAN and Dial Backup Setup Table 5-3 Advanced WAN Port Setup: AT Commands Fields FIELD DESCRIPT

Seite 469

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-73. Dial-backup route (see the Backup Remote Node Setup chapter) For ex

Seite 470

ZyWALL 10~100 Series Internet Security Gateway 5-8 WAN and Dial Backup Setup Table 5-5 Fields in Menu 11.1 Remote Node Profile (Backup ISP) FIELD

Seite 471 - VPN/IPSec logs

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-9Table 5-5 Fields in Menu 11.1 Remote Node Profile (Backup ISP) FIELD D

Seite 472 - VPN Responder IPSec Log

ZyWALL 10~100 Series Internet Security Gateway 5-10 WAN and Dial Backup Setup Figure 5-5 Menu 11.2 - Remote Node PPP Options This table describes

Seite 473 - Log Descriptions 81

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-115.9 Editing TCP/IP Options Move the cursor to the Edit IP field in men

Seite 474

ZyWALL 10~100 Series Internet Security Gateway viii Table of Contents 4.1 System Name ...

Seite 475

ZyWALL 10~100 Series Internet Security Gateway 5-12 WAN and Dial Backup Setup Table 5-6 Remote Node Network Layer Options Menu Fields FIELD DESCRI

Seite 476

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-13upper or lower case. Similarly, you specify “word: ” as the ‘Expect’ s

Seite 477 - Log Commands

ZyWALL 10~100 Series Internet Security Gateway 5-14 WAN and Dial Backup Setup Figure 5-8 Menu 11.4 – Remote Node Setup Script The following table

Seite 478 - Log Command Example

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-15 Use menu 11.5 to specify the filter set(s) to apply to the incoming a

Seite 480

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-1 Chapter 6 LAN Setup This chapter describes how to configure the LAN using Menu 3: LAN

Seite 481 - Part XIII:

ZyWALL 10~100 Series Internet Security Gateway 6-2 LAN Setup Figure 6-2 Menu 3.1: LAN Port Filter Setup 6.3 TCP/IP and LAN DHCP The ZyWALL has buil

Seite 482

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-3 There are two ways that an ISP disseminates the DNS server addresses. The first is fo

Seite 483

ZyWALL 10~100 Series Internet Security Gateway 6-4 LAN Setup Table 6-2 Private IP Address Ranges 10.0.0.0 — 10.255.255.255 172.16.0.0 — 172.31.255.25

Seite 484

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-5 information about interoperability between IGMP version 2 and version 1, please see se

Seite 485

ZyWALL 10~100 Series Internet Security Gateway Table of Contents ix 7.5 MAC Address Filtering...

Seite 486

ZyWALL 10~100 Series Internet Security Gateway 6-6 LAN Setup Figure 6-5 Menu 3: TCP/IP and DHCP Setup From menu 3, select the submenu option TCP/IP

Seite 487

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-7 Follow the instructions in the next table on how to configure the DHCP fields. Table 6

Seite 488

ZyWALL 10~100 Series Internet Security Gateway 6-8 LAN Setup Table 6-4 LAN TCP/IP Setup Menu Fields FIELD DESCRIPTION EXAMPLE RIP Direction Press

Seite 489

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-9 Figure 6-7 Menu 3.2.1: IP Alias Setup Use the instructions in the following table to

Seite 490

ZyWALL 10~100 Series Internet Security Gateway 6-10 LAN Setup 6.5 Wireless LAN This section introduces the wireless LAN and some basic configuration

Seite 491

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-11 Figure 6-8 RTS Threshold The RTS Threshold mechanism provides a solution to prevent

Seite 492

ZyWALL 10~100 Series Internet Security Gateway 6-12 LAN Setup See section 7.2 for instructions on WEP and section 7.5 for instructions on configuring

Seite 493

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-13 Table 6-6 Wireless LAN Setup Menu Fields FIELD DESCRIPTION EXAMPLE Hide ESSID Press

Seite 495

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-1 Chapter 7 Wireless LAN Security Setup This chapter describes the typ

Kommentare zu diesen Handbüchern

Keine Kommentare