User Guide
Page 15
... Active Sessions Screen 173 8.2.4 The VPN Status Screen 174 8.2.5 The DHCP Table Screen 174 8.2.6 The Number of Login Users Screen 175 Chapter 9 Monitor...177 9.1 Overview ...177 9.1.1 What You Can Do in this Chapter 177 9.2...Statistics Screen 183 9.5 The Session Monitor Screen 186 9.6 The DDNS Status Screen 189 9.7 IP/MAC Binding Monitor ...189 9.8 The Login Users Screen 190 9.9 WLAN Status Screen ...191 9.10 The following table describes the labels in this menu.Cellular Status Screen 192... Can Do in this Chapter 217 11.1.2 What You Need to Know 218 ZyWALL USG 20/20W User's Guide 15
... Active Sessions Screen 173 8.2.4 The VPN Status Screen 174 8.2.5 The DHCP Table Screen 174 8.2.6 The Number of Login Users Screen 175 Chapter 9 Monitor...177 9.1 Overview ...177 9.1.1 What You Can Do in this Chapter 177 9.2...Statistics Screen 183 9.5 The Session Monitor Screen 186 9.6 The DDNS Status Screen 189 9.7 IP/MAC Binding Monitor ...189 9.8 The Login Users Screen 190 9.9 WLAN Status Screen ...191 9.10 The following table describes the labels in this menu.Cellular Status Screen 192... Can Do in this Chapter 217 11.1.2 What You Need to Know 218 ZyWALL USG 20/20W User's Guide 15
User Guide
Page 19
...SSL User Screens ...437 25.1 Overview ...437 25.1.1 What You Need to Know 437 25.2 Remote User Login ...438 25.3 The SSL VPN User Screens 443 25.4 Bookmarking the ZyWALL 444 25.5 Logging Out of the SSL VPN User Screens 444 Chapter 26 SSL User Application Screens 447 26....1 SSL User Application Screens Overview 447 26.2 The Application Screen 447 Chapter 27 ZyWALL SecuExtender...449 27.1 The ZyWALL SecuExtender Icon 449 27.2 Statistics ...450 27.3 View Log ...451 27.4 Suspend and Resume the Connection 451 27.5 Stop the Connection ...452 ZyWALL USG 20/20W User's Guide 19
...SSL User Screens ...437 25.1 Overview ...437 25.1.1 What You Need to Know 437 25.2 Remote User Login ...438 25.3 The SSL VPN User Screens 443 25.4 Bookmarking the ZyWALL 444 25.5 Logging Out of the SSL VPN User Screens 444 Chapter 26 SSL User Application Screens 447 26....1 SSL User Application Screens Overview 447 26.2 The Application Screen 447 Chapter 27 ZyWALL SecuExtender...449 27.1 The ZyWALL SecuExtender Icon 449 27.2 Statistics ...450 27.3 View Log ...451 27.4 Suspend and Resume the Connection 451 27.5 Stop the Connection ...452 ZyWALL USG 20/20W User's Guide 19
User Guide
Page 21
... Summary Screen 545 33.3.1 Group Add/Edit Screen 546 33.4 Setting Screen ...547 33.4.1 Default User Authentication Timeout Settings Edit Screens 550 33.4.2 User Aware Login Example 552 33.5 User /Group Technical Reference 553 Chapter 34 Addresses...555 34.1 Overview ...555 34.1.1 What You Can Do in this Chapter 555 34... Screen 555 34.2.1 Address Add/Edit Screen 557 34.3 Address Group Summary Screen 558 34.3.1 Address Group Add/Edit Screen 559 Chapter 35 Services ...561 ZyWALL USG 20/20W User's Guide 21
... Summary Screen 545 33.3.1 Group Add/Edit Screen 546 33.4 Setting Screen ...547 33.4.1 Default User Authentication Timeout Settings Edit Screens 550 33.4.2 User Aware Login Example 552 33.5 User /Group Technical Reference 553 Chapter 34 Addresses...555 34.1 Overview ...555 34.1.1 What You Can Do in this Chapter 555 34... Screen 555 34.2.1 Address Add/Edit Screen 557 34.3 Address Group Summary Screen 558 34.3.1 Address Group Add/Edit Screen 559 Chapter 35 Services ...561 ZyWALL USG 20/20W User's Guide 21
User Guide
Page 24
... ...645 43.7.4 Configuring WWW Service Control 646 43.7.5 Service Control Rules 650 43.7.6 Customizing the WWW Login Page 650 43.7.7 HTTPS Example ...654 43.8 SSH ...661 43.8.1 How SSH Works ...662 43.8.2 SSH Implementation on the ZyWALL 663 43.8.3 Requirements for Using SSH 663 43.8.4 Configuring SSH ...663 43.8.5 Secure Telnet Using... 675 43.13 Language Screen ...677 Chapter 44 Log and Report ...679 44.1 Overview ...679 44.1.1 What You Can Do In this Chapter 679 24 ZyWALL USG 20/20W User's Guide
... ...645 43.7.4 Configuring WWW Service Control 646 43.7.5 Service Control Rules 650 43.7.6 Customizing the WWW Login Page 650 43.7.7 HTTPS Example ...654 43.8 SSH ...661 43.8.1 How SSH Works ...662 43.8.2 SSH Implementation on the ZyWALL 663 43.8.3 Requirements for Using SSH 663 43.8.4 Configuring SSH ...663 43.8.5 Secure Telnet Using... 675 43.13 Language Screen ...677 Chapter 44 Log and Report ...679 44.1 Overview ...679 44.1.1 What You Can Do In this Chapter 679 24 ZyWALL USG 20/20W User's Guide
User Guide
Page 44
If you log in. 4 Click Login. Figure 6 Login Screen 3 Type the user name (default: "admin") and password (default: "1234"). Enter it is recommended to http://192.168.1.1. If your web browser, and go ... name and password, the Update Admin Info screen (Figure 7 on page 45) appears. Figure 7 Update Admin Info Screen 44 ZyWALL USG 20/20W User's Guide The number is only good for one login. The Login screen appears. Chapter 3 Web Configurator 2 Open your account is configured to use an ASAS authentication server, use the token to...
If you log in. 4 Click Login. Figure 6 Login Screen 3 Type the user name (default: "admin") and password (default: "1234"). Enter it is recommended to http://192.168.1.1. If your web browser, and go ... name and password, the Update Admin Info screen (Figure 7 on page 45) appears. Figure 7 Update Admin Info Screen 44 ZyWALL USG 20/20W User's Guide The number is only good for one login. The Login screen appears. Chapter 3 Web Configurator 2 Open your account is configured to use an ASAS authentication server, use the token to...
User Guide
Page 45
... time you change the default password, the Login screen (Figure 6 on page 59); If you click Apply. title bar • B - navigation panel • C - Figure 8 Dashboard B A C 3.3 Web Configurator Screens Overview The Web Configurator screen is using the default user name and default password. main window ZyWALL USG 20/20W User's Guide 45 otherwise the dashboard...
... time you change the default password, the Login screen (Figure 6 on page 59); If you click Apply. title bar • B - navigation panel • C - Figure 8 Dashboard B A C 3.3 Web Configurator Screens Overview The Web Configurator screen is using the default user name and default password. main window ZyWALL USG 20/20W User's Guide 45 otherwise the dashboard...
User Guide
Page 48
...List) statistics. Service View the licensed service status and upgrade licensed services. 48 ZyWALL USG 20/20W User's Guide Interface Status Displays general interface information and packet statistics. WLAN Status (For USG 20W only) Displays the connection status of all current sessions. VPN Monitor IPSec Displays and...display spam statistics. Anti-X Statistics Content Filter Report Collect and display content filter statistics Cache Manage the ZyWALL's URL cache. Login Users Lists the users currently logged into the VPN SSL client portal. SSL Lists users currently logged into the...
...List) statistics. Service View the licensed service status and upgrade licensed services. 48 ZyWALL USG 20/20W User's Guide Interface Status Displays general interface information and packet statistics. WLAN Status (For USG 20W only) Displays the connection status of all current sessions. VPN Monitor IPSec Displays and...display spam statistics. Anti-X Statistics Content Filter Report Collect and display content filter statistics Cache Manage the ZyWALL's URL cache. Login Users Lists the users currently logged into the VPN SSL client portal. SSL Lists users currently logged into the...
User Guide
Page 51
Console Speed Set the console speed. Login Page Configure how the login and access user screens look. Firmware Package View the current firmware version and to be managed by the Vantage CNM server. Chapter 3 Web Configurator Table 7 ... Menu Use the maintenance menu screens to send. Date/Time Configure the current date, time, and time zone in the ZyWALL. WWW Service Control Configure HTTP, HTTPS, and general authentication. ZyWALL USG 20/20W User's Guide 51 Log & Report Email Daily Report Configure where and how to send daily reports and what reports to...
Console Speed Set the console speed. Login Page Configure how the login and access user screens look. Firmware Package View the current firmware version and to be managed by the Vantage CNM server. Chapter 3 Web Configurator Table 7 ... Menu Use the maintenance menu screens to send. Date/Time Configure the current date, time, and time zone in the ZyWALL. WWW Service Control Configure HTTP, HTTPS, and general authentication. ZyWALL USG 20/20W User's Guide 51 Log & Report Email Daily Report Configure where and how to send daily reports and what reports to...
User Guide
Page 124
... Add (Force User Authentication Policy) When the users try to have the RADIUS server authenticate groups of user accounts defined in the RADIUS server. 124 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials Note: The users will have a RADIUS server authenticate individual user accounts. They have to log in using the user...use HTTP or MSN. If the RADIUS server has different user groups distinguished by the value of slight changes in using the Web Configurator login screen before they can configure the make a couple of a specific attribute, you can use any HTTP/HTTPS application), the...
... Add (Force User Authentication Policy) When the users try to have the RADIUS server authenticate groups of user accounts defined in the RADIUS server. 124 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials Note: The users will have a RADIUS server authenticate individual user accounts. They have to log in using the user...use HTTP or MSN. If the RADIUS server has different user groups distinguished by the value of slight changes in using the Web Configurator login screen before they can configure the make a couple of a specific attribute, you can use any HTTP/HTTPS application), the...
User Guide
Page 128
Policy > Add 128 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials Repeat as needed to open the Endpoint Security Edit screen. Policy > Add to create endpoint security objects for other Windows operating ... this policy to all users. • Select Force User Authentication to redirect the HTTP traffic of users who are not yet logged in to the ZyWALL's login screen. • Enable EPS checking and move the EPS objects you created to the selected list. • Click OK. Figure 78 Configuration > Auth...
Policy > Add 128 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials Repeat as needed to open the Endpoint Security Edit screen. Policy > Add to create endpoint security objects for other Windows operating ... this policy to all users. • Select Force User Authentication to redirect the HTTP traffic of users who are not yet logged in to the ZyWALL's login screen. • Enable EPS checking and move the EPS objects you created to the selected list. • Click OK. Figure 78 Configuration > Auth...
User Guide
Page 129
Click Close to return to the Web Configurator) and separate rules that control HTTP and HTTPS ZyWALL USG 20/20W User's Guide 129 Figure 80 Example: Endpoint Security Error Message 7.8 How to Configure Service Control Service control lets you configure rules that control HTTP and HTTPS management access (to the login screen. Policy Chapter 7 Tutorials The following figure shows an error message example when a user's computer does not meet an endpoint security object's requirements. 4 Turn on authentication policy and click Apply. Figure 79 Configuration > Auth.
Click Close to return to the Web Configurator) and separate rules that control HTTP and HTTPS ZyWALL USG 20/20W User's Guide 129 Figure 80 Example: Endpoint Security Error Message 7.8 How to Configure Service Control Service control lets you configure rules that control HTTP and HTTPS management access (to the login screen. Policy Chapter 7 Tutorials The following figure shows an error message example when a user's computer does not meet an endpoint security object's requirements. 4 Turn on authentication policy and click Apply. Figure 79 Configuration > Auth.
User Guide
Page 152
In TTLS Protocol, select PAP. Click Next. Figure 110 ZyXEL Wireless Client > Profile: Security Type 4 Set the encryption type to TKIP and the EAP type to TTLS. Configure wlan_user as the security type and click Next. Chapter 7 Tutorials 3 Select WPA2 as the Login Name and enter the account's password (also wlan_user in this example. Figure 111 ZyXEL Wireless Client > Profile: Security Settings 152 ZyWALL USG 20/20W User's Guide
In TTLS Protocol, select PAP. Click Next. Figure 110 ZyXEL Wireless Client > Profile: Security Type 4 Set the encryption type to TKIP and the EAP type to TTLS. Configure wlan_user as the security type and click Next. Chapter 7 Tutorials 3 Select WPA2 as the Login Name and enter the account's password (also wlan_user in this example. Figure 111 ZyXEL Wireless Client > Profile: Security Settings 152 ZyWALL USG 20/20W User's Guide
User Guide
Page 155
In the Password sub-tab, select Prompt for long name and password. Figure 117 Odyssey Access Client Manager > Profiles > Authentication ZyWALL USG 20/20W User's Guide 155 Figure 116 Odyssey Access Client Manager > Profiles > User Info 3 Click the Authentication tab and select Validate server certificate. Chapter 7 Tutorials 2 Name the profile (this example uses ZYXEL_WPA). In the User Info tab, configure wlan_user as the Login name.
In the Password sub-tab, select Prompt for long name and password. Figure 117 Odyssey Access Client Manager > Profiles > Authentication ZyWALL USG 20/20W User's Guide 155 Figure 116 Odyssey Access Client Manager > Profiles > User Info 3 Click the Authentication tab and select Validate server certificate. Chapter 7 Tutorials 2 Name the profile (this example uses ZYXEL_WPA). In the User Info tab, configure wlan_user as the Login name.
User Guide
Page 162
Enter the username and password and click OK. Funk Odyssey Access Wireless Client Login Example 162 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials 7.13.3.4 Wireless Clients Use the WLAN Interface A login screen displays when the wireless client attempts to connect to the wireless interface.
Enter the username and password and click OK. Funk Odyssey Access Wireless Client Login Example 162 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials 7.13.3.4 Wireless Clients Use the WLAN Interface A login screen displays when the wireless client attempts to connect to the wireless interface.
User Guide
Page 169
...this to look at the IP addresses currently assigned to the ZyWALL's DHCP clients and the IP addresses reserved for the first time or you to a chart of the ZyWALL's recent CPU usage. ZyWALL USG 20/20W User's Guide 169 The application of the configuration failed after ... sessions. Hover your cursor over this field to the Login Users ZyWALL. Active Sessions This field displays how many traffic sessions are traversing the ZyWALL. Problematic configuration after a firmware upgrade. This occurs when the ZyWALL starts for specific MAC addresses. System Resources CPU Usage...
...this to look at the IP addresses currently assigned to the ZyWALL's DHCP clients and the IP addresses reserved for the first time or you to a chart of the ZyWALL's recent CPU usage. ZyWALL USG 20/20W User's Guide 169 The application of the configuration failed after ... sessions. Hover your cursor over this field to the Login Users ZyWALL. Active Sessions This field displays how many traffic sessions are traversing the ZyWALL. Problematic configuration after a firmware upgrade. This occurs when the ZyWALL starts for specific MAC addresses. System Resources CPU Usage...
User Guide
Page 175
... Screen Use this screen to sort the table entries by MAC address. Click the column's heading cell to look at a list of Login Users ZyWALL USG 20/20W User's Guide 175 Click the heading cell again to reverse the sort order. This field displays the MAC address to identify this screen....order. If this field is selected, this entry is a static DHCP entry. Figure 134 Dashboard > Number of the users currently logged into the ZyWALL. The ZyWALL learns these from the DHCP client requests. For a static DHCP entry, the host name or the description you configured shows here. To access ...
... Screen Use this screen to sort the table entries by MAC address. Click the column's heading cell to look at a list of Login Users ZyWALL USG 20/20W User's Guide 175 Click the heading cell again to reverse the sort order. This field displays the MAC address to identify this screen....order. If this field is selected, this entry is a static DHCP entry. Figure 134 Dashboard > Number of the users currently logged into the ZyWALL. The ZyWALL learns these from the DHCP client requests. For a static DHCP entry, the host name or the description you configured shows here. To access ...
User Guide
Page 176
...This field displays the IP address of Login Users LABEL DESCRIPTION # This field is a sequential value and is currently logged in to the ZyWALL. Chapter 8 Dashboard The following table describes the labels in this icon to end a user's session. 176 ZyWALL USG 20/20W User's Guide See Chapter 33 on... page 539. Force Logout Click this screen. Table 25 Dashboard > Number of the computer used to log in to the ZyWALL. This field displays the amount of reauthentication time remaining...
...This field displays the IP address of Login Users LABEL DESCRIPTION # This field is a sequential value and is currently logged in to the ZyWALL. Chapter 8 Dashboard The following table describes the labels in this icon to end a user's session. 176 ZyWALL USG 20/20W User's Guide See Chapter 33 on... page 539. Force Logout Click this screen. Table 25 Dashboard > Number of the computer used to log in to the ZyWALL. This field displays the amount of reauthentication time remaining...
User Guide
Page 177
... enabled. • Use the System Status > Login Users screen (Section 9.8 on page 190) to look at a list of the users currently logged into the ZyWALL. • Use the System Status > WLAN Status screen (Section 9.9 on page 191) to view the connection status of packet statistics for USG 20W only. • Use the System Status...
... enabled. • Use the System Status > Login Users screen (Section 9.8 on page 190) to look at a list of the users currently logged into the ZyWALL. • Use the System Status > WLAN Status screen (Section 9.9 on page 191) to view the connection status of packet statistics for USG 20W only. • Use the System Status...
User Guide
Page 190
.... MAC Address This field displays the MAC address to identify this device on the network (the computer name). Figure 142 Monitor > System Status > Login Users 190 ZyWALL USG 20/20W User's Guide The ZyWALL learns these from the DHCP client requests. IP Address This is the index number of the users currently logged into the...
.... MAC Address This field displays the MAC address to identify this device on the network (the computer name). Figure 142 Monitor > System Status > Login Users 190 ZyWALL USG 20/20W User's Guide The ZyWALL learns these from the DHCP client requests. IP Address This is the index number of the users currently logged into the...
User Guide
Page 191
... Logout Click this screen. See Chapter 33 on page 539. Table 34 Monitor > System Status > Login Users LABEL DESCRIPTION # This field is a sequential value and is currently logged in to the ZyWALL. Refresh Click this button to update the information in the screen. 9.9 WLAN Status Screen The WLAN Status ... Monitor > System Status > WLAN Status. IP address This field displays the IP address of each user. Figure 143 Monitor > System Status > WLAN Status ZyWALL USG 20/20W User's Guide 191 User ID This field displays the user name of the computer used to log in to the...
... Logout Click this screen. See Chapter 33 on page 539. Table 34 Monitor > System Status > Login Users LABEL DESCRIPTION # This field is a sequential value and is currently logged in to the ZyWALL. Refresh Click this button to update the information in the screen. 9.9 WLAN Status Screen The WLAN Status ... Monitor > System Status > WLAN Status. IP address This field displays the IP address of each user. Figure 143 Monitor > System Status > WLAN Status ZyWALL USG 20/20W User's Guide 191 User ID This field displays the user name of the computer used to log in to the...