Zyxel communications Zywall 2 wg User manual

www.zyxel.com

ZyWALL 2WG

Internet Security Appliance

User’s Guide

Version 4.03

12/2007

Edition 1

About This User's Guide

ZyWALL 2WG User’s Guide 3

About This User's Guide

Intended Audience

This manual is intended for people who want to configure the ZyWALL using the web

configurator or System Management Terminal (SMT). You should have at least a basic

knowledge of TCP/IP networking concepts and topology.

Related Documentation

• Quick Start Guide

The Quick Start Guide is designed to help you get up and running right away. It contains

information on setting up your network and configuring for Internet access.

• Web Configurator Online Help

Embedded web help for descriptions of individual screens and supplementary

information.

• Supporting Disk

Refer to the included CD for support documents.

• ZyXEL Web Site

Please refer to www.zyxel.com for additional support documentation and product

certifications.

User Guide Feedback

Help us help you. Send all User Guide-related comments, questions or suggestions for

improvement to the following address, or use e-mail instead. Thank you!

The Technical Writing Team,

ZyXEL Communications Corp.,

6 Innovation Road II,

Science-Based Industrial Park,

Hsinchu, 300, Taiwan.

E-mail: [email protected]

Document Conventions

ZyWALL 2WG User’s Guide

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

1Warnings tell you about things that could harm you or your device.

"Notes tell you other important information (for example, other things you may

need to configure or helpful tips) or recommendations.

Syntax Conventions

• The ZyWALL 2WG may be referred to as the “ZyWALL”, the “device” or the “system” in

this User’s Guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER]

means the “enter” or “return” key on your keyboard.

• “Enter” means for you to type one or more characters and then press the [ENTER] key.

“Select” or “choose” means for you to use one of the predefined choices.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example,

Maintenance > Log > Log Setting means you first click Maintenance in the navigation

panel, then the Log sub menu and finally the Log Setting tab to get to that screen.

• Units of measurement may denote the “metric” value or the “scientific” value. For

example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000”

or “1048576” and so on.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

Document Conventions

ZyWALL 2WG User’s Guide 5

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyWALL icon is not an

exact representation of your device.

ZyWALL Computer Notebook computer

Server DSLAM Firewall

Telephone Switch Router

Safety Warnings

ZyWALL 2WG User’s Guide

Safety Warnings

1For your safety, be sure to read and follow all warning notices and instructions.

• Do NOT use this product near water, for example, in a wet basement or near a swimming

pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk

of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• Do NOT open the device or unit. Opening or removing covers can expose you to

dangerous high voltage points or other risks. ONLY qualified service personnel should

service or disassemble this device. Please contact your vendor for further information.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device.

• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in

North America or 230V AC in Europe).

• Do NOT remove the plug and connect it to a power outlet by itself; always attach the plug

to the power adaptor first before connecting it to a power outlet.

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the

product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause

electrocution.

• If the power adaptor or cord is damaged, remove it from the power outlet.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a

new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a

remote risk of electric shock from lightning.

• CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED

BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE

INSTRUCTIONS. Dispose them at the applicable collection point for the recycling of

electrical and electronic equipment. For detailed information about recycling of this

product, please contact your local city office, your household waste disposal service or the

store where you purchased the product.

• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your

device.

Safety Warnings

ZyWALL 2WG User’s Guide 7

• Antenna Warning! This device meets ETSI and FCC certification requirements when

using the included antenna(s). Only use the included antenna(s).

• If you wall mount your device, make sure that no electrical lines, gas or water pipes will

be damaged.

This product is recyclable. Dispose of it properly.

Safety Warnings

ZyWALL 2WG User’s Guide

Contents Overview

ZyWALL 2WG User’s Guide 9

Contents Overview

Introduction ............................................................................................................................ 51

Getting to Know Your ZyWALL .................................................................................................. 53

Introducing the Web Configurator .............................................................................................. 57

Wizard Setup ............................................................................................................................. 81

Tutorial ..................................................................................................................................... 101

Registration ............................................................................................................................. 141

Network and Wireless ..........................................................................................................145

LAN Screens ........................................................................................................................... 147

Bridge Screens ........................................................................................................................ 159

WAN Screens .......................................................................................................................... 165

DMZ Screens ........................................................................................................................... 201

Wireless LAN ............................................................................................................................211

Security ................................................................................................................................. 237

Firewall .................................................................................................................................... 239

Content Filtering Screens ........................................................................................................ 271

Content Filtering Reports ......................................................................................................... 293

IPSec VPN ............................................................................................................................... 301

Certificates ............................................................................................................................... 349

Authentication Server .............................................................................................................. 379

Advanced .............................................................................................................................. 383

Network Address Translation (NAT) ........................................................................................ 385

Static Route ............................................................................................................................. 401

Policy Route ............................................................................................................................ 405

Bandwidth Management ...........................................................................................................411

DNS ......................................................................................................................................... 427

Remote Management ..............................................................................................................439

UPnP ....................................................................................................................................... 461

Custom Application .................................................................................................................. 471

ALG Screen ............................................................................................................................. 473

Logs and Maintenance ........................................................................................................ 479

Logs Screens ........................................................................................................................... 481

Maintenance .............................................................................................................................511

Contents Overview

ZyWALL 2WG User’s Guide

SMT ....................................................................................................................................... 529

Introducing the SMT ................................................................................................................ 531

SMT Menu 1 - General Setup .................................................................................................. 539

WAN and Dial Backup Setup ................................................................................................... 545

LAN Setup ............................................................................................................................... 559

Internet Access ........................................................................................................................ 565

DMZ Setup .............................................................................................................................. 571

Route Setup ............................................................................................................................. 575

Wireless Setup ........................................................................................................................ 579

Remote Node Setup ................................................................................................................ 583

IP Static Route Setup .............................................................................................................. 591

Network Address Translation (NAT) ........................................................................................ 595

Introducing the ZyWALL Firewall ............................................................................................. 615

Filter Configuration .................................................................................................................. 617

SNMP Configuration ................................................................................................................ 633

System Information & Diagnosis ............................................................................................. 635

Firmware and Configuration File Maintenance ........................................................................ 647

System Maintenance Menus 8 to 10 ....................................................................................... 661

Remote Management ..............................................................................................................669

IP Policy Routing ..................................................................................................................... 673

Call Scheduling ........................................................................................................................ 681

Troubleshooting and Specifications .................................................................................. 685

Troubleshooting ....................................................................................................................... 687

Product Specifications ............................................................................................................. 693

Appendices and Index ......................................................................................................... 703

Table of Contents

ZyWALL 2WG User’s Guide 11

Table of Contents

About This User's Guide .......................................................................................................... 3

Document Conventions............................................................................................................4

Safety Warnings........................................................................................................................ 6

Contents Overview ................................................................................................................... 9

Table of Contents.................................................................................................................... 11

List of Figures ......................................................................................................................... 29

List of Tables........................................................................................................................... 43

Part I: Introduction................................................................................. 51

Chapter 1

Getting to Know Your ZyWALL.............................................................................................. 53

1.1 ZyWALL Internet Security Appliance Overview ................................................................... 53

1.2 Ways to Manage the ZyWALL ............................................................................................. 53

1.3 Good Habits for Managing the ZyWALL .............................................................................. 54

1.4 Applications for the ZyWALL ............................................................................................... 54

1.4.1 Secure Broadband Internet Access via Cable or DSL Modem .................................. 54

1.4.2 VPN Application ......................................................................................................... 55

1.4.3 3G WAN Application ................................................................................................... 55

1.4.4 Front Panel Lights ...................................................................................................... 56

Chapter 2

Introducing the Web Configurator ........................................................................................ 57

2.1 Web Configurator Overview ................................................................................................. 57

2.2 Accessing the ZyWALL Web Configurator .......................................................................... 57

2.3 Resetting the ZyWALL ......................................................................................................... 59

2.3.1 Procedure To Use The Reset Button ......................................................................... 59

2.3.2 Uploading a Configuration File Via Console Port ....................................................... 59

2.4 Navigating the ZyWALL Web Configurator .......................................................................... 60

2.4.1 Title Bar ...................................................................................................................... 60

2.4.2 Main Window ..............................................................................................................61

2.4.3 HOME Screen: Router Mode ................................................................................... 61

2.4.4 HOME Screen: Bridge Mode .................................................................................... 67

Table of Contents

ZyWALL 2WG User’s Guide

2.4.5 Navigation Panel ........................................................................................................ 70

2.4.6 Port Statistics ........................................................................................................... 74

2.4.7 Show Statistics: Line Chart ........................................................................................ 75

2.4.8 DHCP Table Screen ................................................................................................ 76

2.4.9 VPN Status ................................................................................................................. 77

2.4.10 Bandwidth Monitor .................................................................................................. 78

Chapter 3

Wizard Setup ........................................................................................................................... 81

3.1 Wizard Setup Overview ...................................................................................................... 81

3.2 Internet Access ................................................................................................................... 81

3.2.1 ISP Parameters .......................................................................................................... 82

3.2.2 Internet Access Wizard: Second Screen .................................................................... 86

3.2.3 Internet Access Wizard: Registration ......................................................................... 87

3.2.4 Internet Access Wizard: Status .................................................................................. 89

3.2.5 Internet Access Wizard: Service Activation ............................................................... 90

3.3 VPN Wizard Gateway Setting .............................................................................................. 90

3.4 VPN Wizard Network Setting ............................................................................................... 92

3.5 VPN Wizard IKE Tunnel Setting (IKE Phase 1) ................................................................... 93

3.6 VPN Wizard IPSec Setting (IKE Phase 2) ........................................................................... 95

3.7 VPN Wizard Status Summary .............................................................................................. 96

3.8 VPN Wizard Setup Complete .............................................................................................. 99

Chapter 4

Tutorial ................................................................................................................................... 101

4.1 Security Settings for VPN Traffic ....................................................................................... 101

4.1.1 Firewall Rule for VPN Example ................................................................................ 101

4.1.2 Configuring the VPN Rule ........................................................................................ 102

4.1.3 Configuring the Firewall Rules ................................................................................. 105

4.2 Using NAT with Multiple Public IP Addresses .................................................................... 109

4.2.1 Example Parameters and Scenario ......................................................................... 109

4.2.2 Configuring the WAN Connection with a Static IP Address .......................................110

4.2.3 Public IP Address Mapping .......................................................................................113

4.2.4 Forwarding Traffic from the WAN to a Local Computer .............................................118

4.2.5 Allow WAN-to-LAN Traffic through the Firewall ........................................................ 120

4.2.6 Testing the Connections ........................................................................................... 127

4.3 Using NAT with Multiple Game Players ............................................................................. 127

4.4 How to Manage the ZyWALL’s Bandwidth ......................................................................... 128

4.4.1 Example Parameters and Scenario ......................................................................... 128

4.4.2 Configuring Bandwidth Management Rules ............................................................. 129

4.5 Configuring Content Filtering ............................................................................................. 133

4.5.1 Enable Content Filtering ........................................................................................... 133

4.5.2 Block Categories of Web Content ............................................................................ 134

Table of Contents

ZyWALL 2WG User’s Guide 13

4.5.3 Assign Bob’s Computer a Specific IP Address ......................................................... 136

4.5.4 Create a Content Filter Policy for Bob ...................................................................... 136

4.5.5 Set the Content Filter Schedule ............................................................................... 137

4.5.6 Block Categories of Web Content for Bob ............................................................... 138

Chapter 5

Registration ........................................................................................................................... 141

5.1 myZyXEL.com overview .................................................................................................... 141

5.1.1 Content Filtering Subscription Service ..................................................................... 141

5.2 Registration ....................................................................................................................... 142

5.3 Service ............................................................................................................................... 143

Part II: Network and Wireless ............................................................. 145

Chapter 6

LAN Screens.......................................................................................................................... 147

6.1 LAN, WAN and the ZyWALL .............................................................................................. 147

6.2 IP Address and Subnet Mask ............................................................................................ 147

6.2.1 Private IP Addresses ................................................................................................ 148

6.3 DHCP ................................................................................................................................ 149

6.3.1 IP Pool Setup ........................................................................................................... 149

6.4 RIP Setup .......................................................................................................................... 149

6.5 Multicast ............................................................................................................................ 149

6.6 WINS ................................................................................................................................. 150

6.7 LAN .................................................................................................................................... 150

6.8 LAN Static DHCP ............................................................................................................... 153

6.9 LAN IP Alias .................................................................................................................... 154

6.10 LAN Port Roles ................................................................................................................ 156

Chapter 7

Bridge Screens...................................................................................................................... 159

7.1 Bridge Loop ....................................................................................................................... 159

7.2 Spanning Tree Protocol (STP) ........................................................................................... 160

7.2.1 Rapid STP ................................................................................................................160

7.2.2 STP Terminology ...................................................................................................... 160

7.2.3 How STP Works ....................................................................................................... 160

7.2.4 STP Port States ........................................................................................................ 161

7.3 Bridge ................................................................................................................................ 161

7.4 Bridge Port Roles ............................................................................................................. 163

Chapter 8

WAN Screens......................................................................................................................... 165

Table of Contents

ZyWALL 2WG User’s Guide

8.1 WAN Overview .................................................................................................................. 165

8.2 Multiple WAN ..................................................................................................................... 165

8.3 Load Balancing Introduction .............................................................................................. 166

8.4 Load Balancing Algorithms ................................................................................................ 166

8.4.1 Least Load First ....................................................................................................... 166

8.4.2 Weighted Round Robin ............................................................................................ 167

8.4.3 Spillover .................................................................................................................... 168

8.5 WAN Interface to Local Host Mapping Timeout ................................................................. 169

8.6 TCP/IP Priority (Metric) ...................................................................................................... 170

8.7 WAN General ..................................................................................................................... 170

8.8 Configuring Load Balancing .............................................................................................. 174

8.8.1 Least Load First ....................................................................................................... 174

8.8.2 Weighted Round Robin ............................................................................................ 175

8.8.3 Spillover .................................................................................................................... 176

8.9 WAN IP Address Assignment ............................................................................................ 177

8.10 DNS Server Address Assignment ................................................................................... 177

8.11 WAN MAC Address ......................................................................................................... 178

8.12 WAN 1 ........................................................................................................................... 178

8.12.1 WAN Ethernet Encapsulation ................................................................................. 178

8.12.2 PPPoE Encapsulation ............................................................................................ 181

8.12.3 PPTP Encapsulation .............................................................................................. 184

8.13 WAN 2 (3G WAN) ...........................................................................................................187

8.14 Traffic Redirect .............................................................................................................. 193

8.15 Configuring Traffic Redirect ............................................................................................. 194

8.16 Configuring Dial Backup .................................................................................................. 195

8.17 Advanced Modem Setup ............................................................................................... 197

8.17.1 AT Command Strings ............................................................................................. 197

8.17.2 DTR Signal ............................................................................................................. 198

8.17.3 Response Strings ................................................................................................... 198

8.18 Configuring Advanced Modem Setup .............................................................................. 198

Chapter 9

DMZ Screens ......................................................................................................................... 201

9.1 DMZ ................................................................................................................................. 201

9.2 Configuring DMZ ............................................................................................................... 201

9.3 DMZ Static DHCP ............................................................................................................ 204

9.4 DMZ IP Alias .................................................................................................................... 205

9.5 DMZ Public IP Address Example ...................................................................................... 207

9.6 DMZ Private and Public IP Address Example ................................................................... 208

9.7 DMZ Port Roles ............................................................................................................... 209

Chapter 10

Wireless LAN......................................................................................................................... 211

Table of Contents

ZyWALL 2WG User’s Guide 15

10.1 Wireless LAN Introduction ................................................................................................211

10.2 Configuring WLAN ......................................................................................................... 212

10.3 WLAN Static DHCP ....................................................................................................... 215

10.4 WLAN IP Alias ............................................................................................................... 216

10.5 WLAN Port Roles ........................................................................................................... 218

10.6 Wireless Security Overview ............................................................................................. 220

10.6.1 SSID ....................................................................................................................... 221

10.6.2 MAC Address Filter ................................................................................................ 221

10.6.3 User Authentication ................................................................................................ 221

10.6.4 Encryption ..............................................................................................................222

10.6.5 Additional Installation Requirements for Using 802.1x ........................................... 223

10.7 Wireless Card ................................................................................................................ 223

10.7.1 SSID Profile ...........................................................................................................226

10.8 Configuring Wireless Security ......................................................................................... 227

10.8.1 No Security .............................................................................................................228

10.8.2 Static WEP ............................................................................................................. 229

10.8.3 IEEE 802.1x Only ................................................................................................... 230

10.8.4 IEEE 802.1x + Static WEP ..................................................................................... 231

10.8.5 WPA, WPA2, WPA2-MIX ........................................................................................ 232

10.8.6 WPA-PSK, WPA2-PSK, WPA2-PSK-MIX ............................................................... 233

10.9 MAC Filter ....................................................................................................................... 235

Part III: Security.................................................................................... 237

Chapter 11

Firewall................................................................................................................................... 239

11.1 Firewall Overview ............................................................................................................ 239

11.2 Packet Direction Matrix .................................................................................................... 240

11.3 Packet Direction Examples .............................................................................................. 242

11.3.1 To VPN Packet Direction ........................................................................................ 243

11.3.2 From VPN Packet Direction ................................................................................... 244

11.3.3 From VPN To VPN Packet Direction ...................................................................... 246

11.4 Security Considerations ...................................................................................................248

11.5 Firewall Rules Example ................................................................................................... 248

11.6 Asymmetrical Routes .......................................................................................................250

11.6.1 Asymmetrical Routes and IP Alias ......................................................................... 250

11.7 Firewall Default Rule (Router Mode) ................................................................................ 251

11.8 Firewall Default Rule (Bridge Mode) .............................................................................. 253

11.9 Firewall Rule Summary ................................................................................................... 255

11.9.1 Firewall Edit Rule ............................................................................................... 257

11.10 Anti-Probing ............................................................................................................... 260

Table of Contents

ZyWALL 2WG User’s Guide

11.11 Firewall Thresholds ..................................................................................................... 261

11.11.1 Threshold Values .................................................................................................. 262

11.12 Threshold Screen ........................................................................................................... 262

11.13 Service .......................................................................................................................... 264

11.13.1 Firewall Edit Custom Service .............................................................................. 265

11.14 My Service Firewall Rule Example ................................................................................ 266

Chapter 12

Content Filtering Screens .................................................................................................... 271

12.1 Content Filtering Overview .............................................................................................. 271

12.1.1 Restrict Web Features ........................................................................................... 271

12.1.2 Create a Filter List .................................................................................................. 271

12.1.3 Customize Web Site Access ................................................................................. 271

12.2 Content Filtering with an External Database ................................................................... 271

12.3 Content Filter General Screen ........................................................................................ 272

12.4 Content Filter Policy ..................................................................................................... 275

12.5 Content Filter Policy: General ......................................................................................... 277

12.6 Content Filter Policy: External Database ........................................................................ 278

12.7 Content Filter Policy: Customization ............................................................................... 285

12.8 Content Filter Policy: Schedule ...................................................................................... 287

12.9 Content Filter Object ..................................................................................................... 288

12.10 Customizing Keyword Blocking URL Checking ............................................................. 290

12.10.1 Domain Name or IP Address URL Checking ....................................................... 290

12.10.2 Full Path URL Checking ....................................................................................... 291

12.10.3 File Name URL Checking ..................................................................................... 291

12.11 Content Filtering Cache ............................................................................................... 291

Chapter 13

Content Filtering Reports..................................................................................................... 293

13.1 Checking Content Filtering Activation .............................................................................. 293

13.2 Viewing Content Filtering Reports ................................................................................... 293

13.3 Web Site Submission .......................................................................................................298

Chapter 14

IPSec VPN.............................................................................................................................. 301

14.1 IPSec VPN Overview ..................................................................................................... 301

14.1.1 IKE SA Overview .................................................................................................... 302

14.2 VPN Rules (IKE) .............................................................................................................. 303

14.3 IKE SA Setup .................................................................................................................. 305

14.3.1 IKE SA Proposal .................................................................................................... 305

14.4 Additional IPSec VPN Topics ........................................................................................... 309

14.4.1 SA Life Time ........................................................................................................... 310

14.4.2 IPSec High Availability ........................................................................................... 310

Table of Contents

ZyWALL 2WG User’s Guide 17

14.4.3 Encryption and Authentication Algorithms ..............................................................311

14.5 VPN Rules (IKE) Gateway Policy Edit ............................................................................. 312

14.6 IPSec SA Overview .....................................................................................................318

14.6.1 Local and Remote Networks .................................................................................. 318

14.6.2 Virtual Address Mapping ........................................................................................ 319

14.6.3 Active Protocol ....................................................................................................... 320

14.6.4 Encapsulation ......................................................................................................... 320

14.6.5 IPSec SA Proposal and Perfect Forward Secrecy ................................................. 321

14.7 VPN Rules (IKE) Network Policy Edit ............................................................................. 321

14.8 Network Policy Port Forwarding ................................................................................... 326

14.9 Network Policy Move .....................................................................................................328

14.10 Dialing the VPN Tunnel via Web Configurator ............................................................... 329

14.11 VPN Troubleshooting ..................................................................................................... 330

14.11.1 VPN Log ............................................................................................................... 330

14.12 IPSec Debug ................................................................................................................. 331

14.13 IPSec SA Using Manual Keys ................................................................................... 333

14.13.1 IPSec SA Proposal Using Manual Keys ............................................................... 333

14.13.2 Authentication and the Security Parameter Index (SPI) ....................................... 333

14.14 VPN Rules (Manual) ...................................................................................................... 333

14.15 VPN Rules (Manual) Edit ............................................................................................ 335

14.16 VPN SA Monitor .......................................................................................................... 338

14.17 VPN Global Setting ....................................................................................................... 338

14.17.1 Local and Remote IP Address Conflict Resolution .............................................. 338

14.18 Telecommuter VPN/IPSec Examples ............................................................................ 341

14.18.1 Telecommuters Sharing One VPN Rule Example ................................................ 342

14.18.2 Telecommuters Using Unique VPN Rules Example ............................................. 342

14.19 VPN and Remote Management ..................................................................................... 344

14.20 Hub-and-spoke VPN ...................................................................................................... 344

14.20.1 Hub-and-spoke VPN Example ............................................................................. 345

14.20.2 Hub-and-spoke Example VPN Rule Addresses ................................................... 346

14.20.3 Hub-and-spoke VPN Requirements and Suggestions ......................................... 346

Chapter 15

Certificates ............................................................................................................................ 349

15.1 Certificates Overview ....................................................................................................... 349

15.1.1 Advantages of Certificates ..................................................................................... 350

15.2 Self-signed Certificates .................................................................................................... 350

15.3 Verifying a Certificate ....................................................................................................... 350

15.3.1 Checking the Fingerprint of a Certificate on Your Computer .................................. 350

15.4 Configuration Summary ................................................................................................... 351

15.5 My Certificates ................................................................................................................ 352

15.6 My Certificate Details ..................................................................................................... 354

15.7 My Certificate Export ...................................................................................................... 356

Table of Contents

ZyWALL 2WG User’s Guide

15.7.1 Certificate File Export Formats ............................................................................... 356

15.8 My Certificate Import ..................................................................................................... 357

15.8.1 Certificate File Formats .......................................................................................... 357

15.9 My Certificate Create ..................................................................................................... 359

15.10 Trusted CAs ................................................................................................................. 364

15.11 Trusted CA Details ........................................................................................................ 366

15.12 Trusted CA Import ....................................................................................................... 369

15.13 Trusted Remote Hosts ................................................................................................. 370

15.14 Trusted Remote Hosts Import ...................................................................................... 372

15.15 Trusted Remote Host Certificate Details ..................................................................... 373

15.16 Directory Servers .......................................................................................................... 375

15.17 Directory Server Add or Edit ........................................................................................ 376

Chapter 16

Authentication Server...........................................................................................................379

16.1 Authentication Server Overview ...................................................................................... 379

16.1.1 Local User Database .............................................................................................. 379

16.1.2 RADIUS ..................................................................................................................379

16.2 Local User Database .....................................................................................................379

16.3 RADIUS ......................................................................................................................... 381

Part IV: Advanced ................................................................................ 383

Chapter 17

Network Address Translation (NAT).................................................................................... 385

17.1 NAT Overview ................................................................................................................ 385

17.1.1 NAT Definitions ...................................................................................................... 385

17.1.2 What NAT Does ..................................................................................................... 386

17.1.3 How NAT Works ..................................................................................................... 386

17.1.4 NAT Application ...................................................................................................... 387

17.1.5 Port Restricted Cone NAT ...................................................................................... 388

17.1.6 NAT Mapping Types ............................................................................................... 388

17.2 Using NAT ........................................................................................................................ 389

17.2.1 SUA (Single User Account) Versus NAT ................................................................ 389

17.3 NAT Overview Screen ..................................................................................................... 390

17.4 NAT Address Mapping ................................................................................................... 391

17.4.1 What NAT Does ..................................................................................................... 391

17.4.2 NAT Address Mapping Edit .................................................................................. 393

17.5 Port Forwarding .............................................................................................................. 394

17.5.1 Default Server IP Address ...................................................................................... 394

17.5.2 Port Forwarding: Services and Port Numbers ........................................................ 395

Table of Contents

ZyWALL 2WG User’s Guide 19

17.5.3 Configuring Servers Behind Port Forwarding (Example) ....................................... 395

17.5.4 NAT and Multiple WAN ........................................................................................... 396

17.5.5 Port Translation ...................................................................................................... 396

17.6 Port Forwarding Screen ................................................................................................... 397

17.7 Port Triggering ............................................................................................................... 399

Chapter 18

Static Route ........................................................................................................................... 401

18.1 IP Static Route .............................................................................................................. 401

18.2 IP Static Route ................................................................................................................. 402

18.2.1 IP Static Route Edit .............................................................................................. 403

Chapter 19

Policy Route .......................................................................................................................... 405

19.1 Policy Route ................................................................................................................... 405

19.2 Benefits ............................................................................................................................ 405

19.3 Routing Policy .................................................................................................................. 405

19.4 IP Routing Policy Setup ...................................................................................................406

19.5 Policy Route Edit ............................................................................................................ 407

Chapter 20

Bandwidth Management....................................................................................................... 411

20.1 Bandwidth Management Overview ..................................................................................411

20.2 Bandwidth Classes and Filters .........................................................................................411

20.3 Proportional Bandwidth Allocation ................................................................................... 412

20.4 Application-based Bandwidth Management .................................................................... 412

20.5 Subnet-based Bandwidth Management .......................................................................... 412

20.6 Application and Subnet-based Bandwidth Management ................................................. 412

20.7 Scheduler ........................................................................................................................ 413

20.7.1 Priority-based Scheduler ........................................................................................ 413

20.7.2 Fairness-based Scheduler ..................................................................................... 413

20.7.3 Maximize Bandwidth Usage ................................................................................... 413

20.7.4 Reserving Bandwidth for Non-Bandwidth Class Traffic .......................................... 413

20.7.5 Maximize Bandwidth Usage Example .................................................................... 414

20.8 Bandwidth Borrowing .......................................................................................................415

20.8.1 Bandwidth Borrowing Example .............................................................................. 415

20.9 Maximize Bandwidth Usage With Bandwidth Borrowing ................................................. 416

20.10 Over Allotment of Bandwidth ......................................................................................... 417

20.11 Configuring Summary .................................................................................................... 417

20.12 Configuring Class Setup .............................................................................................. 419

20.12.1 Bandwidth Manager Class Configuration ........................................................... 420

20.12.2 Bandwidth Management Statistics ................................................................... 423

20.13 Bandwidth Manager Monitor ........................................................................................ 424

Table of Contents

ZyWALL 2WG User’s Guide

Chapter 21

DNS ........................................................................................................................................ 427

21.1 DNS Overview ............................................................................................................... 427

21.2 DNS Server Address Assignment ................................................................................... 427

21.3 DNS Servers .................................................................................................................... 427

21.4 Address Record ............................................................................................................... 428

21.4.1 DNS Wildcard ......................................................................................................... 428

21.5 Name Server Record ....................................................................................................... 428

21.5.1 Private DNS Server ................................................................................................ 428

21.6 System Screen ................................................................................................................ 429

21.6.1 Adding an Address Record .................................................................................. 431

21.6.2 Inserting a Name Server Record .......................................................................... 432

21.7 DNS Cache .................................................................................................................... 433

21.8 Configure DNS Cache ..................................................................................................... 433

21.9 Configuring DNS DHCP ................................................................................................ 435

21.10 Dynamic DNS .............................................................................................................. 436

21.10.1 DYNDNS Wildcard ............................................................................................... 436

21.10.2 High Availability .................................................................................................... 437

21.11 Configuring Dynamic DNS ............................................................................................. 437

Chapter 22

Remote Management............................................................................................................ 439

22.1 Remote Management Overview ...................................................................................... 439

22.1.1 Remote Management Limitations .......................................................................... 440

22.1.2 System Timeout ..................................................................................................... 440

22.2 WWW (HTTP and HTTPS) ............................................................................................. 440

22.3 WWW .............................................................................................................................. 441

22.4 HTTPS Example .............................................................................................................. 443

22.4.1 Internet Explorer Warning Messages ..................................................................... 443

22.4.2 Netscape Navigator Warning Messages ................................................................ 443

22.4.3 Avoiding the Browser Warning Messages .............................................................. 444

22.4.4 Login Screen .......................................................................................................... 445

22.5 SSH .............................................................................................................................. 447

22.6 How SSH Works .............................................................................................................. 447

22.7 SSH Implementation on the ZyWALL .............................................................................. 448

22.7.1 Requirements for Using SSH ................................................................................. 448

22.8 Configuring SSH .............................................................................................................. 449

22.9 Secure Telnet Using SSH Examples ............................................................................... 450

22.9.1 Example 1: Microsoft Windows .............................................................................. 450

22.9.2 Example 2: Linux .................................................................................................... 450

22.10 Secure FTP Using SSH Example .................................................................................. 451

22.11 Telnet ........................................................................................................................... 452

22.12 Configuring TELNET ..................................................................................................... 452

Other manuals for ZYWALL 2 WG

This manual suits for next models

Table of contents

Other ZyXEL Communications Software manuals

ZyXEL Communications

ZyXEL Communications VANTAGE CNM QUICK START GUIDE - 1 User manual

ZyXEL Communications

ZyXEL Communications VANTAGE CNM 2.0 - User manual

ZyXEL Communications

ZyXEL Communications ENTERPRISE NETWORK CENTER User manual

ZyXEL Communications

ZyXEL Communications NETATLAS ENTERPRISE - User manual

ZyXEL Communications

ZyXEL Communications Auto Configuration Server Vantage Access User manual

ZyXEL Communications

ZyXEL Communications PLA-470 Instruction Manual

ZyXEL Communications

ZyXEL Communications Vantage CNM 2.3 User manual

ZyXEL Communications

ZyXEL Communications 1 User manual

ZyXEL Communications

ZyXEL Communications IPC-3605N User manual

ZyXEL Communications

ZyXEL Communications VANTAGE REPORT - User manual

ZyXEL Communications

ZyXEL Communications Version 1.03 User manual

ZyXEL Communications

ZyXEL Communications PLA-470 Instruction Manual

ZyXEL Communications

ZyXEL Communications IPSEC VPN CLIENT User manual

ZyXEL Communications

ZyXEL Communications VANTAGE REPORT - User manual

ZyXEL Communications

ZyXEL Communications P-650R Manual

ZyXEL Communications

ZyXEL Communications VANTAGE CNM User manual

ZyXEL Communications

ZyXEL Communications VANTAGE REPORT - V3.0 User manual

ZyXEL Communications

ZyXEL Communications VANTAGE CNM - QUICK GUIDE V3.1 User manual

ZyXEL Communications

ZyXEL Communications VANTAGE CNM User manual

ZyXEL Communications

ZyXEL Communications P-662H-61 Quick start guide

ZyXEL Communications

ZyXEL Communications G-360 V2 Manual

ZyXEL Communications

ZyXEL Communications VANTAGE REPORT - V3 User manual

ZyXEL Communications

ZyXEL Communications Dimension ES-3124 User manual

ZyXEL Communications

ZyXEL Communications P-650R User manual

Popular Software manuals by other brands

ESET

ESET CYBERSECURITY - quick start guide

UNIBLUE

UNIBLUE DRIVERSCANNER 2010 - V1 product manual

Yamaha

Yamaha Extension installation guide

MACROMEDIA

MACROMEDIA FLASH 8-USING FLASH VIDEO ENCODER Use manual

Teklynx

Teklynx CODESOFT 5 user guide

Autodesk

Autodesk MUDBOX 3D brochure

Adobe

Adobe FRAMEMAKER 6.0 manual

Yamaha

Yamaha M7CL StageMix V1.5 installation guide

Canon

Canon 2055B001 - DC 50 Camcorder instruction manual

Symantec

Symantec SOFTWARE MANAGER 8.0 - REFERENCE FOR WISE PACKAGE STUDIO... Getting started guide

Autodesk

Autodesk TOPOBASE 2011 - SYSTEM REQUIREMENTS Hardware

AT&T

AT&T FAX Attendant Release 2.1.1 System manager's guide

HP PCL 5 Comparison guide

Allied Telesis

Allied Telesis AT-S63 Cli user's guide

VMware

VMware 4817V62 - vSphere - PC Administration guide

American Dynamics

American Dynamics Intellex Digital Recorder Installation and configuration guide

Panasonic

Panasonic WJ-ND300 Administrator Console operating instructions

MACROMEDIA

MACROMEDIA BREEZE Deployment guide

ZyXEL Communications ZYWALL 2 WG User manual

Popular Software manuals by other brands