User Guide
Page 5
NXC5200 User's Guide 5 Every effort has been made to ensure that the information in this book may differ slightly from the product due to differences in this manual is accurate. About This User's Guide Disclaimer Graphics in operating systems, operating system versions, or if you installed updated firmware/software for your device.
NXC5200 User's Guide 5 Every effort has been made to ensure that the information in this book may differ slightly from the product due to differences in this manual is accurate. About This User's Guide Disclaimer Graphics in operating systems, operating system versions, or if you installed updated firmware/software for your device.
User Guide
Page 20
... ...519 35.1 Overview ...519 35.1.1 What You Can Do in this Chapter 519 35.1.2 What you Need to Know 519 35.2 Configuration File ...522 35.3 Firmware Package ...525 35.4 Shell Script ...527 Chapter 36 Diagnostics...531 36.1 Overview ...531 36.1.1 What You Can Do in this Chapter 531 36.2 Diagnostics ...531... 536 36.4.1 Wireless Frame Capture Files 538 Chapter 37 Reboot...539 37.1 Overview ...539 37.1.1 What You Need To Know 539 37.2 Reboot ...539 20 NXC5200 User's Guide
... ...519 35.1 Overview ...519 35.1.1 What You Can Do in this Chapter 519 35.1.2 What you Need to Know 519 35.2 Configuration File ...522 35.3 Firmware Package ...525 35.4 Shell Script ...527 Chapter 36 Diagnostics...531 36.1 Overview ...531 36.1.1 What You Can Do in this Chapter 531 36.2 Diagnostics ...531... 536 36.4.1 Wireless Frame Capture Files 538 Chapter 37 Reboot...539 37.1 Overview ...539 37.1.1 What You Need To Know 539 37.2 Reboot ...539 20 NXC5200 User's Guide
User Guide
Page 32
... data to the NXC. See the Command Reference Guide for more information about the CLI. Console Port You can cause the firmware to its default values and then reboots. 32 NXC5200 User's Guide Using the RESET button If you turn off the NXC or remove the power. Not doing so can use...
... data to the NXC. See the Command Reference Guide for more information about the CLI. Console Port You can cause the firmware to its default values and then reboots. 32 NXC5200 User's Guide Using the RESET button If you turn off the NXC or remove the power. Not doing so can use...
User Guide
Page 49
... Turn off the NXC. 3.3.3 Warning Messages Warning messages, such as those resulting from APs for the NXC. Figure 12 Warning Message NXC5200 User's Guide 49 Wireless Frame Capture wireless frames from misconfiguration, display in a popup window. Shell Script Manage and run diagnostics, and...Capture packets for the NXC. Chapter 3 The Web Configurator 3.3.2.4 Maintenance Menu Use the maintenance menu screens to upload firmware. Firmware Package View the current firmware version and to manage configuration and firmware files, run shell script files for analysis.
... Turn off the NXC. 3.3.3 Warning Messages Warning messages, such as those resulting from APs for the NXC. Figure 12 Warning Message NXC5200 User's Guide 49 Wireless Frame Capture wireless frames from misconfiguration, display in a popup window. Shell Script Manage and run diagnostics, and...Capture packets for the NXC. Chapter 3 The Web Configurator 3.3.2.4 Maintenance Menu Use the maintenance menu screens to upload firmware. Firmware Package View the current firmware version and to manage configuration and firmware files, run shell script files for analysis.
User Guide
Page 69
... multiple configuration files in preparation for troubleshooting. Not doing so can edit configuration files and shell scripts in any text editor. You can cause the firmware to back up and restore the complete configuration of the NXC. MENU ITEM(S) Maintenance > Shutdown...
... multiple configuration files in preparation for troubleshooting. Not doing so can edit configuration files and shell scripts in any text editor. You can cause the firmware to back up and restore the complete configuration of the NXC. MENU ITEM(S) Maintenance > Shutdown...
User Guide
Page 105
... the interface is a member of each interface or device installed in the virtual router. Each physical port has one MAC address. NXC5200 User's Guide 105 This interface is assigned to open the screen where you hover your cursor over a connected interface or slot. ...MAC address is the master interface in the virtual router. Virtual Device The following front and rear panel labels display when you can upload firmware. The possible values depend on . Inactive - HA Status Speed / Duplex - The Ethernet interface is a backup interface in the virtual...
... the interface is a member of each interface or device installed in the virtual router. Each physical port has one MAC address. NXC5200 User's Guide 105 This interface is assigned to open the screen where you hover your cursor over a connected interface or slot. ...MAC address is the master interface in the virtual router. Virtual Device The following front and rear panel labels display when you can upload firmware. The possible values depend on . Inactive - HA Status Speed / Duplex - The Ethernet interface is a backup interface in the virtual...
User Guide
Page 107
... or was unable to apply the startup-config.conf configuration file and fell back to the system default configuration file (system-default.conf). Firmware update OK - Fallback to system default configuration - The NXC is yyyy-mm-dd hh:mm:ss. Click the icon to pop-open... Access Points (APs). This section displays a summary for the first time or you intentionally reset the NXC to the system default settings. NXC5200 User's Guide 107 Fallback to lastgood configuration - The format is still applying the system configuration. This shows a summary of lease time remaining...
... or was unable to apply the startup-config.conf configuration file and fell back to the system default configuration file (system-default.conf). Firmware update OK - Fallback to system default configuration - The NXC is yyyy-mm-dd hh:mm:ss. Click the icon to pop-open... Access Points (APs). This section displays a summary for the first time or you intentionally reset the NXC to the system default settings. NXC5200 User's Guide 107 Fallback to lastgood configuration - The format is still applying the system configuration. This shows a summary of lease time remaining...
User Guide
Page 130
... operating under the maximum allocated bandwidth. 7.9.1 Station Count of AP Use this screen, click the More Information button in the process of AP 130 NXC5200 User's Guide To access this screen to look at the maximum allocated bandwidth. Figure 39 Monitor > System Status > AP List > Station Count... of having its firmware updated. When an AP is being load balanced, this icon means it is operating at station statistics for the connected AP. This is an...
... operating under the maximum allocated bandwidth. 7.9.1 Station Count of AP Use this screen, click the More Information button in the process of AP 130 NXC5200 User's Guide To access this screen to look at the maximum allocated bandwidth. Figure 39 Monitor > System Status > AP List > Station Count... of having its firmware updated. When an AP is being load balanced, this icon means it is operating at station statistics for the connected AP. This is an...
User Guide
Page 158
... > Update >Anti-Virus LABEL DESCRIPTION Signature Information The following fields display information on the current signature set was released. 158 NXC5200 User's Guide Anti-Virus This field displays whether the NXC is . This field displays the anti-virus signatures version number currently...set that the NXC is defined by the ZyXEL Security Response Team (ZSRT) who maintain and update them. Current Version Upgrading the NXC to firmware version 2.11 and updating the anti-virus signatures automatically upgrades the ZyXEL anti-virus engine to signature update e-mail notifications...
... > Update >Anti-Virus LABEL DESCRIPTION Signature Information The following fields display information on the current signature set was released. 158 NXC5200 User's Guide Anti-Virus This field displays whether the NXC is . This field displays the anti-virus signatures version number currently...set that the NXC is defined by the ZyXEL Security Response Team (ZSRT) who maintain and update them. Current Version Upgrading the NXC to firmware version 2.11 and updating the anti-virus signatures automatically upgrades the ZyXEL anti-virus engine to signature update e-mail notifications...
User Guide
Page 292
...from the update server. This number gets larger as the set is set to use to the screen where you can use ZyXEL's anti-virus Engine Type engine or the one powered by Kaspersky. Current Version Signature Number Released Date Update Signatures Apply Reset Upgrading... the NXC to firmware version 2.11 and updating the anti-virus signatures automatically upgrades the ZyXEL anti-virus engine to its last-saved settings. 292 NXC5200 User's Guide v2.0 has more virus signatures and offers improved non-executable...
...from the update server. This number gets larger as the set is set to use to the screen where you can use ZyXEL's anti-virus Engine Type engine or the one powered by Kaspersky. Current Version Signature Number Released Date Update Signatures Apply Reset Upgrading... the NXC to firmware version 2.11 and updating the anti-virus signatures automatically upgrades the ZyXEL anti-virus engine to its last-saved settings. 292 NXC5200 User's Guide v2.0 has more virus signatures and offers improved non-executable...
User Guide
Page 294
... check box to have a "zip" or "rar" file extension). The NXC does NOT decompress any ZIP files that the NXC can upload the firmware package to the NXC with this option enabled. Refer to Appendix C on the NXC when a packet matches a signature(s). Note: The NXC decompresses ...the NXC with the option enabled, so you only need more serious events that may need to clear this option while you download the firmware package. 294 NXC5200 User's Guide Chapter 20 Anti-Virus Table 106 Configuration > Anti-X > Anti-Virus > General > Add/Edit (continued) LABEL DESCRIPTION...
... check box to have a "zip" or "rar" file extension). The NXC does NOT decompress any ZIP files that the NXC can upload the firmware package to the NXC with this option enabled. Refer to Appendix C on the NXC when a packet matches a signature(s). Note: The NXC decompresses ...the NXC with the option enabled, so you only need more serious events that may need to clear this option while you download the firmware package. 294 NXC5200 User's Guide Chapter 20 Anti-Virus Table 106 Configuration > Anti-X > Anti-Virus > General > Add/Edit (continued) LABEL DESCRIPTION...
User Guide
Page 337
... for known attacks (see Chapter 21 on page 303 for Comments) and abnormal flows such as port scanning, sweeping or network flooding. NXC5200 User's Guide 337 Requests for information on packet inspection). 2 ADP traffic and anomaly rules are in this chapter. This is in general...You Need To Know The following terms and concepts may be updated when you upload new firmware. ADP protects against abnormal behavior while IDP packet inspection signatures are updated when you upload new firmware. Traffic anomaly rules may help as you read this Chapter • The General screen...
... for known attacks (see Chapter 21 on page 303 for Comments) and abnormal flows such as port scanning, sweeping or network flooding. NXC5200 User's Guide 337 Requests for information on packet inspection). 2 ADP traffic and anomaly rules are in this chapter. This is in general...You Need To Know The following terms and concepts may be updated when you upload new firmware. ADP protects against abnormal behavior while IDP packet inspection signatures are updated when you upload new firmware. Traffic anomaly rules may help as you read this Chapter • The General screen...
User Guide
Page 338
... Anomalies Protocol anomalies are templates that do not comply with several base profiles. see Chapter 13 on page 213 for more information. 338 NXC5200 User's Guide Base ADP Profiles Base ADP profiles are packets that you upload new firmware. Protocol anomaly detection includes HTTP Inspection, TCP Decoder, UDP Decoder and ICMP Decoder.
... Anomalies Protocol anomalies are templates that do not comply with several base profiles. see Chapter 13 on page 213 for more information. 338 NXC5200 User's Guide Base ADP Profiles Base ADP profiles are packets that you upload new firmware. Protocol anomaly detection includes HTTP Inspection, TCP Decoder, UDP Decoder and ICMP Decoder.
User Guide
Page 345
... HTTP Inspection, TCP Decoder, UDP Decoder, and ICMP Decoder where each category reflects the packet type inspected. Threshold For flood detection you upload new firmware. 22.3.5 Protocol Anomaly Configuration In the Configuration > Anti-X > ADP > Profile screen, click the Edit icon or click the Add icon and choose...go to save your settings to the NXC, complete the profile and return to this , select an item and use the Action icon. NXC5200 User's Guide 345 To edit this profile, make sure you made changes to other screens belonging to the profile summary page. Protocol anomaly...
... HTTP Inspection, TCP Decoder, UDP Decoder, and ICMP Decoder where each category reflects the packet type inspected. Threshold For flood detection you upload new firmware. 22.3.5 Protocol Anomaly Configuration In the Configuration > Anti-X > ADP > Profile screen, click the Edit icon or click the Add icon and choose...go to save your settings to the NXC, complete the profile and return to this , select an item and use the Action icon. NXC5200 User's Guide 345 To edit this profile, make sure you made changes to other screens belonging to the profile summary page. Protocol anomaly...
User Guide
Page 358
... You Begin • Configure a static IP address for each interface. Note: Subscribe to services on the backup (by editing copies of the same model and firmware version can configure a separate management IP address for management whether the NXC is highly recommended to subscribe the master and backup NXCs to have device..., gets IDP/AppPatrol updates from the master, but not antivirus updates. It is the master or a backup. Synchronization Use synchronization to the same services. 358 NXC5200 User's Guide Management Access You can synchronize.
... You Begin • Configure a static IP address for each interface. Note: Subscribe to services on the backup (by editing copies of the same model and firmware version can configure a separate management IP address for management whether the NXC is highly recommended to subscribe the master and backup NXCs to have device..., gets IDP/AppPatrol updates from the master, but not antivirus updates. It is the master or a backup. Synchronization Use synchronization to the same services. 358 NXC5200 User's Guide Management Access You can synchronize.
User Guide
Page 445
... unique name. Object References You cannot delete certificates that you take this certificate. Add Click this screen. Uploading a new firmware or default configuration file does not delete your certificates unless you should consider deleting expired or unnecessary certificates before doing so. ...Certificate > My Certificates to remove it before adding more certificates. Edit Double-click an entry or select it and click Remove. NXC5200 User's Guide 445 It is almost full, you specifically delete them. When the storage space is recommended that any of the ...
... unique name. Object References You cannot delete certificates that you take this certificate. Add Click this screen. Uploading a new firmware or default configuration file does not delete your certificates unless you should consider deleting expired or unnecessary certificates before doing so. ...Certificate > My Certificates to remove it before adding more certificates. Edit Double-click an entry or select it and click Remove. NXC5200 User's Guide 445 It is almost full, you specifically delete them. When the storage space is recommended that any of the ...
User Guide
Page 455
... 207 Configuration > Object > Certificate > Trusted Certificates The following table describes the labels in -depth list of these certificates. Uploading a new firmware or default configuration file does not delete your certificates unless you should consider deleting expired or unnecessary certificates before doing so. Cancel Click Cancel to...Space in use the entry. Edit Double-click an entry or select it and click Edit to open the Trusted Certificates screen. NXC5200 User's Guide 455 Remove The NXC keeps all of the NXC's PKI storage space that is currently in Use This bar ...
... 207 Configuration > Object > Certificate > Trusted Certificates The following table describes the labels in -depth list of these certificates. Uploading a new firmware or default configuration file does not delete your certificates unless you should consider deleting expired or unnecessary certificates before doing so. Cancel Click Cancel to...Space in use the entry. Edit Double-click an entry or select it and click Edit to open the Trusted Certificates screen. NXC5200 User's Guide 455 Remove The NXC keeps all of the NXC's PKI storage space that is currently in Use This bar ...
User Guide
Page 463
You can also specify from which zones FTP can upload and download the NXC's firmware and configuration files using a terminal emulation program. • The DNS screen (Section 33.5 on page 469) configures the DNS (Domain Name System) server used to ... 33.7 on page 496) configures Telnet for accessing the NXC's command line interface. Please also see Chapter 35 on page 519 for more information about firmware and configuration files. • The SNMP screen (Section 33.10 on page 503) sets the user interface language for the NXC's Web Configurator screens. You...
You can also specify from which zones FTP can upload and download the NXC's firmware and configuration files using a terminal emulation program. • The DNS screen (Section 33.5 on page 469) configures the DNS (Domain Name System) server used to ... 33.7 on page 496) configures Telnet for accessing the NXC's command line interface. Please also see Chapter 35 on page 519 for more information about firmware and configuration files. • The SNMP screen (Section 33.10 on page 503) sets the user interface language for the NXC's Web Configurator screens. You...
User Guide
Page 497
...after the selected entry. It is allowed or denied to its last-saved settings. 33.9 FTP You can upload and download the NXC's firmware and configuration files using this action. This displays whether the computer with which NXC zones. Click Apply to save your computer must use ...return the screen to access. This is the object name of a number is the zone on page 519 for more information about firmware and configuration files. NXC5200 User's Guide 497 Edit Double-click an entry or select it and click Remove. Table 187 Configuration > System > TELNET LABEL DESCRIPTION...
...after the selected entry. It is allowed or denied to its last-saved settings. 33.9 FTP You can upload and download the NXC's firmware and configuration files using this action. This displays whether the computer with which NXC zones. Click Apply to save your computer must use ...return the screen to access. This is the object name of a number is the zone on page 519 for more information about firmware and configuration files. NXC5200 User's Guide 497 Edit Double-click an entry or select it and click Remove. Table 187 Configuration > System > TELNET LABEL DESCRIPTION...
User Guide
Page 519
... any features that it contains. You can also download and upload configuration files. • The Firmware Package screen (Section 35.3 on page 525) checks your current firmware version and uploads firmware to the NXC. • The Shell Script screen (Section 35.4 on the NXC. Configuration ...files use a .conf extension and shell scripts use a .zysh extension. 35.1.1 What You Can Do in a text editor and upload them . NXC5200 User's Guide...
... any features that it contains. You can also download and upload configuration files. • The Firmware Package screen (Section 35.3 on page 525) checks your current firmware version and uploads firmware to the NXC. • The Shell Script screen (Section 35.4 on the NXC. Configuration ...files use a .conf extension and shell scripts use a .zysh extension. 35.1.1 What You Can Do in a text editor and upload them . NXC5200 User's Guide...