User Guide
Page 25
... 44.3 Log Setting Screens ...681 44.3.1 Log Setting Summary 682 44.3.2 Edit System Log Settings 683 44.3.3 Edit Remote Server Log Settings 688 44.3.4 Active Log Summary Screen 690 Chapter 45 File Manager ...693 45.1 Overview ...693 45.1.1 What You Can Do in this Chapter 693 45.1.2 What you Need to Know... Screen 719 Chapter 48 Reboot...723 48.1 Overview ...723 48.1.1 What You Need To Know 723 48.2 The Reboot Screen ...723 Chapter 49 Shutdown...725 ZyWALL USG 20/20W User's Guide 25
... 44.3 Log Setting Screens ...681 44.3.1 Log Setting Summary 682 44.3.2 Edit System Log Settings 683 44.3.3 Edit Remote Server Log Settings 688 44.3.4 Active Log Summary Screen 690 Chapter 45 File Manager ...693 45.1 Overview ...693 45.1.1 What You Can Do in this Chapter 693 45.1.2 What you Need to Know... Screen 719 Chapter 48 Reboot...723 48.1 Overview ...723 48.1.1 What You Need To Know 723 48.2 The Reboot Screen ...723 Chapter 49 Shutdown...725 ZyWALL USG 20/20W User's Guide 25
User Guide
Page 33
... port. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for example, SSH or Telnet) or via the ZyWALL USG 20/20W User's Guide 33 The wireless function is connected to the ZyWALL's USB port. Orange Off There is not supported by the ZyWALL. Chapter 1 Introducing the ZyWALL Table 1 Front Panel LEDs (continued) LED COLOR...
... port. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for example, SSH or Telnet) or via the ZyWALL USG 20/20W User's Guide 33 The wireless function is connected to the ZyWALL's USB port. Orange Off There is not supported by the ZyWALL. Chapter 1 Introducing the ZyWALL Table 1 Front Panel LEDs (continued) LED COLOR...
User Guide
Page 88
If you can also usually select Create new Object to be able to apply security settings such as firewall, remote management. Use zones to configure a new object. Physical Ethernet Ports (P1, P2, ...) The physical port is an overview of ...can use the interface-based, LAN subnet address object. Use interfaces in configuring other features. 88 ZyWALL USG 20/20W User's Guide Chapter 6 Configuration Basics change an Ethernet interface's IP address, the ZyWALL automatically updates the rules or settings that (layer-3) packets pass through. Interfaces (Ethernet, VLAN,...) ...
If you can also usually select Create new Object to be able to apply security settings such as firewall, remote management. Use zones to configure a new object. Physical Ethernet Ports (P1, P2, ...) The physical port is an overview of ...can use the interface-based, LAN subnet address object. Use interfaces in configuring other features. 88 ZyWALL USG 20/20W User's Guide Chapter 6 Configuration Basics change an Ethernet interface's IP address, the ZyWALL automatically updates the rules or settings that (layer-3) packets pass through. Interfaces (Ethernet, VLAN,...) ...
User Guide
Page 98
... > DDNS PREREQUISITES Interface 6.5.9 NAT Use Network Address Translation (NAT) to the same zone as firewall rules and remote management. MENU ITEM(S) Configuration > Network > NAT 98 ZyWALL USG 20/20W User's Guide MENU ITEM(S) Configuration > Network > Routing > Static Route PREREQUISITES Interfaces 6.5.7 Zones See Section 6.2...to a dynamic IP address. When you create a zone, the ZyWALL does not create any firewall rules, or configure remote management for the new zone. The ZyWALL helps maintain this mapping. The ZyWALL uses zones, not interfaces, in many security settings, such as ...
... > DDNS PREREQUISITES Interface 6.5.9 NAT Use Network Address Translation (NAT) to the same zone as firewall rules and remote management. MENU ITEM(S) Configuration > Network > NAT 98 ZyWALL USG 20/20W User's Guide MENU ITEM(S) Configuration > Network > Routing > Static Route PREREQUISITES Interfaces 6.5.7 Zones See Section 6.2...to a dynamic IP address. When you create a zone, the ZyWALL does not create any firewall rules, or configure remote management for the new zone. The ZyWALL helps maintain this mapping. The ZyWALL uses zones, not interfaces, in many security settings, such as ...
User Guide
Page 100
... configure the firewall to control traffic for remote management. Each of traffic between or within zones. You could configure a firewall rule to allow VoIP sessions from the LAN or WAN zone. You can also specify additional signaling port numbers. You can receive calls. 100 ZyWALL USG 20/20W User's Guide Policy PREREQUISITES Addresses, services, endpoint...
... configure the firewall to control traffic for remote management. Each of traffic between or within zones. You could configure a firewall rule to allow VoIP sessions from the LAN or WAN zone. You can also specify additional signaling port numbers. You can receive calls. 100 ZyWALL USG 20/20W User's Guide Policy PREREQUISITES Addresses, services, endpoint...
User Guide
Page 104
..., content filter, NAT (HOST), user settings (force user authentication), address groups, remote management (System) address group Policy routes (criteria), firewall, content filter, user settings (force user authentication), address groups, remote management (System) service, service group Policy routes (criteria, port triggering), firewall, service groups...policies, SSL VPN 6.6.1 User/Group Use these screens to force user authentication 104 ZyWALL USG 20/20W User's Guide If the type is not available, the ZyWALL applies default settings. You can also use this table when you want to ...
..., content filter, NAT (HOST), user settings (force user authentication), address groups, remote management (System) address group Policy routes (criteria), firewall, content filter, user settings (force user authentication), address groups, remote management (System) service, service group Policy routes (criteria, port triggering), firewall, service groups...policies, SSL VPN 6.6.1 User/Group Use these screens to force user authentication 104 ZyWALL USG 20/20W User's Guide If the type is not available, the ZyWALL applies default settings. You can also use this table when you want to ...
User Guide
Page 227
...when Interface Properties is External or General. The ZyWALL sends packets to the gateway when it can be up to change this interface. ZyWALL USG 20/20W User's Guide 227 Other corresponding configuration options: DHCP server and DHCP relay. The ZyWALL automatically adds this screen to change the IP ...manually. Zone Select the zone to which this if the interface is for this IP address on the same network as firewall, remote management. Use Fixed IP Address IP Address Subnet Mask Gateway You should be up to its destination. Internal is assigned to add routing ...
...when Interface Properties is External or General. The ZyWALL sends packets to the gateway when it can be up to change this interface. ZyWALL USG 20/20W User's Guide 227 Other corresponding configuration options: DHCP server and DHCP relay. The ZyWALL automatically adds this screen to change the IP ...manually. Zone Select the zone to which this if the interface is for this IP address on the same network as firewall, remote management. Use Fixed IP Address IP Address Subnet Mask Gateway You should be up to its destination. Internal is assigned to add routing ...
User Guide
Page 279
... format is brx, where x is to display a greater or lesser number of the bridge interface. Select the zone to apply security settings such as firewall, remote management.
... format is brx, where x is to display a greater or lesser number of the bridge interface. Select the zone to apply security settings such as firewall, remote management.
User Guide
Page 327
.... The ZyWALL uses zones instead of interfaces and/or VPN tunnels. Figure 197 Example: Zones 15.1.1 What You Can Do in the ZyWALL. ZyWALL USG 20/20W User's Guide 327 Each Ethernet interface, VLAN interface, bridge interface, PPPoE/PPTP interface and VPN tunnel can be assigned to the same zone as firewall rules, Anti-X, and remote management.
.... The ZyWALL uses zones instead of interfaces and/or VPN tunnels. Figure 197 Example: Zones 15.1.1 What You Can Do in the ZyWALL. ZyWALL USG 20/20W User's Guide 327 Each Ethernet interface, VLAN interface, bridge interface, PPPoE/PPTP interface and VPN tunnel can be assigned to the same zone as firewall rules, Anti-X, and remote management.
User Guide
Page 375
... WLAN (USG 20W), or WAN computers to access or manage the ZyWALL. • The ZyWALL drops most packets from any computer to access a zone by logging in to the ZyWALL, you can configure a To-ZyWALL firewall rule (with From Any To ZyWALL direction) for the ZyWALL. See Chapter 43 on the ZyWALL), source...from any rules apply to traffic coming from the WAN zone to the ZyWALL itself, except for ESP/AH/IKE/NATT/HTTPS services for more information about service control (remote management). Firewall Rule Criteria The ZyWALL checks the schedule, user name (user's login name on page 629 ...
... WLAN (USG 20W), or WAN computers to access or manage the ZyWALL. • The ZyWALL drops most packets from any computer to access a zone by logging in to the ZyWALL, you can configure a To-ZyWALL firewall rule (with From Any To ZyWALL direction) for the ZyWALL. See Chapter 43 on the ZyWALL), source...from any rules apply to traffic coming from the WAN zone to the ZyWALL itself, except for ESP/AH/IKE/NATT/HTTPS services for more information about service control (remote management). Firewall Rule Criteria The ZyWALL checks the schedule, user name (user's login name on page 629 ...
User Guide
Page 422
...is the destination. • Inside header: The inside IP header contains the IP address of the ZyWALL or remote IPSec router, whichever is called Perfect Forward Secrecy (PFS). 422 ZyWALL USG 20/20W User's Guide These modes are illustrated below. In transport mode, the encapsulation depends on the local and.... With AH, the ZyWALL includes part of the source IP address. IPSec SA Proposal and Perfect Forward Secrecy An IPSec SA proposal is similar to verify the integrity of the original IP header when it encapsulates the packet. The header for remote management), not between the IP...
...is the destination. • Inside header: The inside IP header contains the IP address of the ZyWALL or remote IPSec router, whichever is called Perfect Forward Secrecy (PFS). 422 ZyWALL USG 20/20W User's Guide These modes are illustrated below. In transport mode, the encapsulation depends on the local and.... With AH, the ZyWALL includes part of the source IP address. IPSec SA Proposal and Perfect Forward Secrecy An IPSec SA proposal is similar to verify the integrity of the original IP header when it encapsulates the packet. The header for remote management), not between the IP...
User Guide
Page 616
..., change settings, and open, copy, create, and delete files. This is http://info with the following remote desktop connection software: RDP • Windows Remote Desktop (supported in the navigation panel. 616 ZyWALL USG 20/20W User's Guide Then he manages LAN computer B which has RealVNC server software installed. The address of the web site is useful...
..., change settings, and open, copy, create, and delete files. This is http://info with the following remote desktop connection software: RDP • Windows Remote Desktop (supported in the navigation panel. 616 ZyWALL USG 20/20W User's Guide Then he manages LAN computer B which has RealVNC server software installed. The address of the web site is useful...
User Guide
Page 620
...save the changes and return to the main SSL Application Configuration screen. 620 ZyWALL USG 20/20W User's Guide Select this option to prevent users from this field if you want to allow the remote users to manage. Web Page Encryption Ok Cancel You can specify an application to open when... a remote user logs into the remote desktop application. You only need to configure this ...
...save the changes and return to the main SSL Application Configuration screen. 620 ZyWALL USG 20/20W User's Guide Select this option to prevent users from this field if you want to allow the remote users to manage. Web Page Encryption Ok Cancel You can specify an application to open when... a remote user logs into the remote desktop application. You only need to configure this ...
User Guide
Page 664
... entry or select it and click Edit to be used to identify the ZyWALL for SSH connections. Note that service for remote management. Select an entry and click Add to remove it and click Remove. If you can access which ZyWALL zones. Server Certificate Select the certificate whose corresponding private key is recommended that... Enable Select the check box to allow or disallow the computer with the IP address that matches the IP address(es) in this action. 664 ZyWALL USG 20/20W User's Guide
... entry or select it and click Edit to be used to identify the ZyWALL for SSH connections. Note that service for remote management. Select an entry and click Add to remove it and click Remove. If you can access which ZyWALL zones. Server Certificate Select the certificate whose corresponding private key is recommended that... Enable Select the check box to allow or disallow the computer with the IP address that matches the IP address(es) in this action. 664 ZyWALL USG 20/20W User's Guide
User Guide
Page 667
... an entry, select it and click Edit to be used to the number that you typed. Move To change the server port number for remote management. Note that subsequent entries move up by one when you want to put it before doing so. Double-click an entry or select it... using this to Table 201 on page 650 for details on the screen that service for a service if needed, however you can come. ZyWALL USG 20/20W User's Guide 667 Chapter 43 System 43.9.1 Configuring Telnet Click Configuration > System > TELNET to create a new entry after the selected entry. Service Control ...
... an entry, select it and click Edit to be used to the number that you typed. Move To change the server port number for remote management. Note that subsequent entries move up by one when you want to put it before doing so. Double-click an entry or select it... using this to Table 201 on page 650 for details on the screen that service for a service if needed, however you can come. ZyWALL USG 20/20W User's Guide 667 Chapter 43 System 43.9.1 Configuring Telnet Click Configuration > System > TELNET to create a new entry after the selected entry. Service Control ...
User Guide
Page 669
... this action. You can also specify from which ZyWALL zones. Table 205 Configuration > System > FTP LABEL DESCRIPTION Enable TLS required Select the check box to allow or disallow the computer with the IP address that service for remote management. You may change the server port number for ...box to use that matches the IP address(es) in order to use FTP over TLS (Transport Layer Security) to encrypt communication. ZyWALL USG 20/20W User's Guide 669 Figure 405 Configuration > System > FTP The following table describes the labels in the My Certificates screen (Click My ...
... this action. You can also specify from which ZyWALL zones. Table 205 Configuration > System > FTP LABEL DESCRIPTION Enable TLS required Select the check box to allow or disallow the computer with the IP address that service for remote management. You may change the server port number for ...box to use that matches the IP address(es) in order to use FTP over TLS (Transport Layer Security) to encrypt communication. ZyWALL USG 20/20W User's Guide 669 Figure 405 Configuration > System > FTP The following table describes the labels in the My Certificates screen (Click My ...
User Guide
Page 673
... for remote management. The default is the password sent with the IP address that matches the IP address(es) in this service. Table 207 Configuration > System > SNMP LABEL DESCRIPTION Enable Select the check box to allow or disallow the computer with each trap to . ZyWALL USG 20/20W User's... Guide 673 Enter the Set community, which is the password for incoming Set requests from the management station. Trap Community Type the trap community, which is private and allows all ...
... for remote management. The default is the password sent with the IP address that matches the IP address(es) in this service. Table 207 Configuration > System > SNMP LABEL DESCRIPTION Enable Select the check box to allow or disallow the computer with each trap to . ZyWALL USG 20/20W User's... Guide 673 Enter the Set community, which is the password for incoming Set requests from the management station. Trap Community Type the trap community, which is private and allows all ...
User Guide
Page 694
.... Comments in Configuration mode. Table 215 Configuration Files and Shell Scripts in the ZyWALL Configuration Files (.conf) Shell Scripts (.zysh) • Resets to the way you have to -ZyWALL firewall for TW_TEAM for remote management / to-ZyWALL firewall rules # use "#" or "!" Figure 415 Configuration File / Shell Script...the first command, you run in Figure 415 on page 694 as a comment. 694 ZyWALL USG 20/20W User's Guide You have to have the same syntax, the ZyWALL applies configuration files differently than it runs shell scripts. as the first character of the ...
.... Comments in Configuration mode. Table 215 Configuration Files and Shell Scripts in the ZyWALL Configuration Files (.conf) Shell Scripts (.zysh) • Resets to the way you have to -ZyWALL firewall for TW_TEAM for remote management / to-ZyWALL firewall rules # use "#" or "!" Figure 415 Configuration File / Shell Script...the first command, you run in Figure 415 on page 694 as a comment. 694 ZyWALL USG 20/20W User's Guide You have to have the same syntax, the ZyWALL applies configuration files differently than it runs shell scripts. as the first character of the ...
User Guide
Page 952
..., see RADIUS remote desktop connections 616 Remote Desktop Protocol see RDP remote management CNM 675 configuration overview 105 FTP, see FTP prerequisites 105 see also service control 644 Telnet 666 to-ZyWALL firewall 375 WWW, see WWW remote network 391 remote user screen links 615 replay detection 398 reports anti-spam 204 collecting data 184 ZyWALL USG 20/20W User...
..., see RADIUS remote desktop connections 616 Remote Desktop Protocol see RDP remote management CNM 675 configuration overview 105 FTP, see FTP prerequisites 105 see also service control 644 Telnet 666 to-ZyWALL firewall 375 WWW, see WWW remote network 391 remote user screen links 615 replay detection 398 reports anti-spam 204 collecting data 184 ZyWALL USG 20/20W User...
User Guide
Page 956
... 737 TightVNC 616 time 631 time servers (default) 634 token 574 to-ZyWALL firewall 375 and NAT 343 and NAT traversal (VPN) 733 and OSPF 316 and remote management 375 and RIP 314 and service control 644 and VPN 733 global rules ... 737 HTTP redirect 732 interface 729 Internet access 728, 734 IPSec VPN 732 LEDs 727 logo 736 logs 737 management access 736 packet capture 738 packet flow 91 performance 731 policy route 728 port triggering 731 PPP 729 RADIUS server...used 96 Trusted Certificates, see also certificates 603 TTCP-detected attack 485 tunnel encapsulation 399 ZyWALL USG 20/20W User's Guide
... 737 TightVNC 616 time 631 time servers (default) 634 token 574 to-ZyWALL firewall 375 and NAT 343 and NAT traversal (VPN) 733 and OSPF 316 and remote management 375 and RIP 314 and service control 644 and VPN 733 global rules ... 737 HTTP redirect 732 interface 729 Internet access 728, 734 IPSec VPN 732 LEDs 727 logo 736 logs 737 management access 736 packet capture 738 packet flow 91 performance 731 policy route 728 port triggering 731 PPP 729 RADIUS server...used 96 Trusted Certificates, see also certificates 603 TTCP-detected attack 485 tunnel encapsulation 399 ZyWALL USG 20/20W User's Guide