User Guide
Page 23
...; If you click Apply. The Web Configurator screen is using the default user name and password, the Update Admin Info screen appears. The Login screen appears. 3 Type the user name (default: "admin") and password (default: "1234"). 4 Click Login. If you change the default password, the Login screen appears after you logged in the Update Admin Info screen...
...; If you click Apply. The Web Configurator screen is using the default user name and password, the Update Admin Info screen appears. The Login screen appears. 3 Type the user name (default: "admin") and password (default: "1234"). 4 Click Login. If you change the default password, the Login screen appears after you logged in the Update Admin Info screen...
User Guide
Page 76
...: ESP is compatible with NAT, AH is not. • Encapsulation: Tunnel is compatible with NAT, Transport is not. • Encryption Algorithm: 3DES and AES use a password or Certificate to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number. The stronger the algorithm the slower it responds, the UAG transmits the data. If... the IKE SA. A short SA life time increases security, but renegotiation temporarily disconnects the VPN tunnel. • NAT Traversal: Select this may affect throughput). DH1 (default) refers to the remote IPSec device.
...: ESP is compatible with NAT, AH is not. • Encapsulation: Tunnel is compatible with NAT, Transport is not. • Encryption Algorithm: 3DES and AES use a password or Certificate to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number. The stronger the algorithm the slower it responds, the UAG transmits the data. If... the IKE SA. A short SA life time increases security, but renegotiation temporarily disconnects the VPN tunnel. • NAT Traversal: Select this may affect throughput). DH1 (default) refers to the remote IPSec device.
User Guide
Page 337
...Configuration > SMS (UAG2100) The following table describes the labels in this button to return the screen to the UAG. Enter the default country code for the mobile phone number to which you want to send a text message. Enter the user name for confirmation. Type the Password associated with the...the SMS service. Click the link to go to turn on the UAG that requires SMS service subscription, the UAG2100 for phone number ViaNett Configuration User Name Password Retype to Confirm License Licensed Service Status License Type Register Now DESCRIPTION Select the check box to myZyXEL.com ...
...Configuration > SMS (UAG2100) The following table describes the labels in this button to return the screen to the UAG. Enter the default country code for the mobile phone number to which you want to send a text message. Enter the user name for confirmation. Type the Password associated with the...the SMS service. Click the link to go to turn on the UAG that requires SMS service subscription, the UAG2100 for phone number ViaNett Configuration User Name Password Retype to Confirm License Licensed Service Status License Type Register Now DESCRIPTION Select the check box to myZyXEL.com ...
User Guide
Page 400
...Note: If the UAG tries to set up an ext-user account. A dynamic guest account has a dynamically-created user name and password. Chapter 35 User/Group Table 177 Types of User Accounts (continued) TYPE ABILITIES guest-manager Create dynamic guest accounts pre-subscriber Access ...network services dynamic-guest Access network services LOGIN METHOD(S) WWW Web Authentication Portal Web Authentication Portal Note: The default admin account is always authenticated locally, regardless of the authentication method setting. (See Chapter 43 on page 464 for more on...
...Note: If the UAG tries to set up an ext-user account. A dynamic guest account has a dynamically-created user name and password. Chapter 35 User/Group Table 177 Types of User Accounts (continued) TYPE ABILITIES guest-manager Create dynamic guest accounts pre-subscriber Access ...network services dynamic-guest Access network services LOGIN METHOD(S) WWW Web Authentication Portal Web Authentication Portal Note: The default admin account is always authenticated locally, regardless of the authentication method setting. (See Chapter 43 on page 464 for more on...
User Guide
Page 404
... 26.3.1 on page 400 for a ext-group-user type user account. Retype Group Identifier Enter the password of user accounts the UAG uses: Password • admin - Select the AAA server to use default settings, select Use Default Settings. Reauthentication Time If you select Use Manual Settings, you want to set authentication timeout to 1440...
... 26.3.1 on page 400 for a ext-group-user type user account. Retype Group Identifier Enter the password of user accounts the UAG uses: Password • admin - Select the AAA server to use default settings, select Use Default Settings. Reauthentication Time If you select Use Manual Settings, you want to set authentication timeout to 1440...
User Guide
Page 409
... when Enable logon retry limit is checked. Click Apply to set to log in when the Maximum number per access account is reached. These default authentication timeout settings also control the settings for the selected type of user account. The number must be between 1 and 65,535 (about ...screen (see Section 35.4 on the number of the Default Settings section's entry and click the Edit icons. To access this check box to save the changes. Type the maximum number of times each user can login unsuccessfully (for example, wrong password) before the IP address is locked out for a ...
... when Enable logon retry limit is checked. Click Apply to set to log in when the Maximum number per access account is reached. These default authentication timeout settings also control the settings for the selected type of user account. The number must be between 1 and 65,535 (about ...screen (see Section 35.4 on the number of the Default Settings section's entry and click the Edit icons. To access this check box to save the changes. Type the maximum number of times each user can login unsuccessfully (for example, wrong password) before the IP address is locked out for a ...
User Guide
Page 469
... Make sure that the certificate has a ".cer" or ".crt" file name extension. The private key in a PKCS #12 file is within a password-encrypted envelope. Exporting a PKCS #12 file creates this using the MD5 or SHA1 algorithm. The following procedure describes how to check a certificate's fingerprint to...process. Chapter 44 Certificates • Binary PKCS#12: This is a format for this to occur since many programs use text files by default. 44.1.3 Verifying a Certificate Before you import a trusted certificate into the UAG. Click the Details tab and scroll down to the Thumbprint ...
... Make sure that the certificate has a ".cer" or ".crt" file name extension. The private key in a PKCS #12 file is within a password-encrypted envelope. Exporting a PKCS #12 file creates this using the MD5 or SHA1 algorithm. The following procedure describes how to check a certificate's fingerprint to...process. Chapter 44 Certificates • Binary PKCS#12: This is a format for this to occur since many programs use text files by default. 44.1.3 Verifying a Certificate Before you import a trusted certificate into the UAG. Click the Details tab and scroll down to the Thumbprint ...
User Guide
Page 480
... Table 226 Configuration > Object > Certificate > Trusted Certificates > Edit LABEL Name Certification Path Refresh LDAP Server Address Port ID Password Certificate Information Type Version Serial Number Subject Issuer DESCRIPTION This field displays the identifying name of this field to assess the CRL directory... (not a certification authority). Chapter 44 Certificates The following table describes the labels in this is the default server port number for LDAP. Some certification authorities use rsapkcs1-md5 (RSA public-private key encryption algorithm and the MD5 hash...
... Table 226 Configuration > Object > Certificate > Trusted Certificates > Edit LABEL Name Certification Path Refresh LDAP Server Address Port ID Password Certificate Information Type Version Serial Number Subject Issuer DESCRIPTION This field displays the identifying name of this field to assess the CRL directory... (not a certification authority). Chapter 44 Certificates The following table describes the labels in this is the default server port number for LDAP. Some certification authorities use rsapkcs1-md5 (RSA public-private key encryption algorithm and the MD5 hash...
User Guide
Page 520
...UAG for Using SSH You must install an SSH client program on the UAG Your UAG supports SSH versions 1 and 2 using port 22 (by default). 46.8.3 Requirements for management using RSA authentication and four encryption methods (AES, 3DES, Archfour, and Blowfish). Use this screen to specify from .... If you clear the check box, the UAG uses only SSH version 2 protocol. The client then sends its authentication information (user name and password) to the server to log in the Service Control table to change your UAG's Secure Shell settings. Table 244 Configuration > System > SSH LABEL...
...UAG for Using SSH You must install an SSH client program on the UAG Your UAG supports SSH versions 1 and 2 using port 22 (by default). 46.8.3 Requirements for management using RSA authentication and four encryption methods (AES, 3DES, Archfour, and Blowfish). Use this screen to specify from .... If you clear the check box, the UAG uses only SSH version 2 protocol. The client then sends its authentication information (user name and password) to the server to log in the Service Control table to change your UAG's Secure Shell settings. Table 244 Configuration > System > SSH LABEL...
User Guide
Page 522
... [ENTER]. Figure 364 SSH Example 2: Test $ telnet 172.16.0.1 22 Trying 172.16.0.1... SSH-1.5-1.0.0 2 Enter "ssh -1 172.16.0.1". Then enter the password to log in $ ssh -1 172.16.0.1 The authenticity of known hosts. Are you sure you to save the host information of 172.16.0.1). Connected to... using the OpenSSH client program that comes with most Linux distributions. 1 Test whether the SSH service is available on the UAG (using the default IP address of the UAG. RSA1 key fingerprint is '^]'. The computer attempts to connect to access the UAG using SSH, a message displays...
... [ENTER]. Figure 364 SSH Example 2: Test $ telnet 172.16.0.1 22 Trying 172.16.0.1... SSH-1.5-1.0.0 2 Enter "ssh -1 172.16.0.1". Then enter the password to log in $ ssh -1 172.16.0.1 The authenticity of known hosts. Are you sure you to save the host information of 172.16.0.1). Connected to... using the OpenSSH client program that comes with most Linux distributions. 1 Test whether the SSH service is available on the UAG (using the default IP address of the UAG. RSA1 key fingerprint is '^]'. The computer attempts to connect to access the UAG using SSH, a message displays...
User Guide
Page 528
...with a hyphen (-) instead of the SNMP manager to remove it and click Edit to be able to the SNMP manager. Server tab. The default is private and allows all requests. This specifies from the UAG. Refer to traffic that service for user authentication and authorization. To remove an ... manager when a managed AP is allowed or denied to create a new entry after the selected entry. Enter the Get Community, which is the password for a service if needed, however you take this to enable the authentication server feature of the UAG and specify the RADIUS client's IP address....
...with a hyphen (-) instead of the SNMP manager to remove it and click Edit to be able to the SNMP manager. Server tab. The default is private and allows all requests. This specifies from the UAG. Refer to traffic that service for user authentication and authorization. To remove an ... manager when a managed AP is allowed or denied to create a new entry after the selected entry. Enter the Get Community, which is the password for a service if needed, however you take this to enable the authentication server feature of the UAG and specify the RADIUS client's IP address....
User Guide
Page 550
Figure 381 Configuration File / Shell Script: Example # enter configuration mode configure terminal # change administrator password username admin password 4321 user-type admin # configure wan1 interface wan1 ip address 10.16.17.240 255.255.255.0 ip gateway 10.16.17.254 metric 1... identical to the way you have to run the example as a configuration file because the rest of the commands are executed in Configuration mode. to default configuration. • Goes into CLI Configuration mode. • Runs the commands in the configuration file. • Goes into CLI Privilege mode. • ...
Figure 381 Configuration File / Shell Script: Example # enter configuration mode configure terminal # change administrator password username admin password 4321 user-type admin # configure wan1 interface wan1 ip address 10.16.17.240 255.255.255.0 ip gateway 10.16.17.254 metric 1... identical to the way you have to run the example as a configuration file because the rest of the commands are executed in Configuration mode. to default configuration. • Goes into CLI Configuration mode. • Runs the commands in the configuration file. • Goes into CLI Privilege mode. • ...
User Guide
Page 583
...All) Programs, Accessories and then Command Prompt. Check all cable connections. Make sure the Internet gateway device (such as a DSL modem) is the default) and then press [ENTER]. Also make sure that you have a hardware problem. Connect your computer's Ethernet card is 1234, LAN IP address ... Check the UAG's connection to check it . The UAG should have the UAG turned on. It returns the UAG to the factory defaults (password is installed and functioning properly. Cannot access the UAG from a LAN computer. CHAPTER 53 Troubleshooting This chapter offers some suggestions to solve ...
...All) Programs, Accessories and then Command Prompt. Check all cable connections. Make sure the Internet gateway device (such as a DSL modem) is the default) and then press [ENTER]. Also make sure that you have a hardware problem. Connect your computer's Ethernet card is 1234, LAN IP address ... Check the UAG's connection to check it . The UAG should have the UAG turned on. It returns the UAG to the factory defaults (password is installed and functioning properly. Cannot access the UAG from a LAN computer. CHAPTER 53 Troubleshooting This chapter offers some suggestions to solve ...
User Guide
Page 585
... interface. You must have a public WAN IP address to use Dynamic DNS. • Make sure you recorded your DDNS account's user name, password, and domain name and have it configured it routes from others. This way the UAG automatically updates every rule or setting that apply to Auto... interface is not applying an interface's configured ingress bandwidth limit. The UAG is created on the interface. For example LAN to override the default routing and SNAT behavior for an interface with the Interface Type set up a PPP interface. To avoid this create an IP address object ...
... interface. You must have a public WAN IP address to use Dynamic DNS. • Make sure you recorded your DDNS account's user name, password, and domain name and have it configured it routes from others. This way the UAG automatically updates every rule or setting that apply to Auto... interface is not applying an interface's configured ingress bandwidth limit. The UAG is created on the interface. For example LAN to override the default routing and SNAT behavior for an interface with the Interface Type set up a PPP interface. To avoid this create an IP address object ...
User Guide
Page 587
... are correct. You can import a certificate that matches a corresponding certification request that was generated by default. The private key is not being applied at the configured times. The file's password is not connected to a user group. The UAG currently allows the importation of these file formats:...#12: This is a format for transferring public key and private key certificates.The private key in a PKCS #12 file is within a password-encrypted envelope. You cannot put access users and admin users in the same user group. I cannot get a certificate to occur since many ...
... are correct. You can import a certificate that matches a corresponding certification request that was generated by default. The private key is not being applied at the configured times. The file's password is not connected to a user group. The UAG currently allows the importation of these file formats:...#12: This is a format for transferring public key and private key certificates.The private key in a PKCS #12 file is within a password-encrypted envelope. You cannot put access users and admin users in the same user group. I cannot get a certificate to occur since many ...
User Guide
Page 589
...UAG to use the command line interface if you generate. If you still cannot access the UAG by any method or you forget the administrator password(s), you need to set this . 53.1 Resetting the UAG If you cannot access the UAG by any new capture files you need to...This usually takes about five seconds.) 3 Release the RESET button, and wait for how to determine if you can reset the UAG to its factory-default settings. Chapter 53 Troubleshooting I wanted or failed. My earlier packet capture files are missing. Note: This procedure removes the current configuration. UAG Series ...
...UAG to use the command line interface if you generate. If you still cannot access the UAG by any method or you forget the administrator password(s), you need to set this . 53.1 Resetting the UAG If you cannot access the UAG by any new capture files you need to...This usually takes about five seconds.) 3 Release the RESET button, and wait for how to determine if you can reset the UAG to its factory-default settings. Chapter 53 Troubleshooting I wanted or failed. My earlier packet capture files are missing. Note: This procedure removes the current configuration. UAG Series ...