User Guide
Page 14
... Object 145 7.12.2 Configure the Policy Route 146 7.13 How to Set Up a Wireless LAN 146 7.13.1 Set Up User Accounts 147 7.13.2 Create the WLAN Interface 147 7.13.3 Set Up the Wireless Clients to Use the WLAN Interface 150 Part II: Technical Reference 163 Chapter 8 Dashboard ......165 8.1 Overview ...165 8.1.1 What You Can Do in this Chapter 165 8.2 The Dashboard Screen ...165 8.2.1 The CPU Usage Screen 171 8.2.2 The Memory Usage Screen 172 14 ZyWALL USG 20/20W User's Guide
... Object 145 7.12.2 Configure the Policy Route 146 7.13 How to Set Up a Wireless LAN 146 7.13.1 Set Up User Accounts 147 7.13.2 Create the WLAN Interface 147 7.13.3 Set Up the Wireless Clients to Use the WLAN Interface 150 Part II: Technical Reference 163 Chapter 8 Dashboard ......165 8.1 Overview ...165 8.1.1 What You Can Do in this Chapter 165 8.2 The Dashboard Screen ...165 8.2.1 The CPU Usage Screen 171 8.2.2 The Memory Usage Screen 172 14 ZyWALL USG 20/20W User's Guide
User Guide
Page 26
Table of Contents 49.1 Overview ...725 49.1.1 What You Need To Know 725 49.2 The Shutdown Screen ...725 Chapter 50 Troubleshooting...727 50.1 Resetting the ZyWALL ...738 50.2 Getting More Troubleshooting Help 739 Chapter 51 Product Specifications ...741 51.1 Power Adaptor Specifications 745 Appendix A Log Descriptions 747 Appendix B Common Services 799 Appendix C Wireless LANs 803 Appendix D Importing Certificates 819 Appendix E Open Software Announcements 845 Appendix F Legal Information 935 Index...939 26 ZyWALL USG 20/20W User's Guide
Table of Contents 49.1 Overview ...725 49.1.1 What You Need To Know 725 49.2 The Shutdown Screen ...725 Chapter 50 Troubleshooting...727 50.1 Resetting the ZyWALL ...738 50.2 Getting More Troubleshooting Help 739 Chapter 51 Product Specifications ...741 51.1 Power Adaptor Specifications 745 Appendix A Log Descriptions 747 Appendix B Common Services 799 Appendix C Wireless LANs 803 Appendix D Importing Certificates 819 Appendix E Open Software Announcements 845 Appendix F Legal Information 935 Index...939 26 ZyWALL USG 20/20W User's Guide
User Guide
Page 33
... on this port. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for example, SSH or Telnet) or via the ZyWALL USG 20/20W User's Guide 33 WLAN (20W Green Off Only) On The wireless function is no connection on the ZyWALL. Orange Off There is enabled on this port. You can...
... on this port. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for example, SSH or Telnet) or via the ZyWALL USG 20/20W User's Guide 33 WLAN (20W Green Off Only) On The wireless function is no connection on the ZyWALL. Orange Off There is enabled on this port. You can...
User Guide
Page 48
...Configuration Menu Use the configuration menu screens to configure the ZyWALL's features. Anti-Spam Report Collect and display spam statistics. Session Monitor Displays the status of the ZyWALL's wireless clients. WLAN Status (For USG 20W only) Displays the connection status of all current sessions.... Status Displays how many mail sessions the ZyWALL is currently checking and DNSBL (Domain Name Service-based...
...Configuration Menu Use the configuration menu screens to configure the ZyWALL's features. Anti-Spam Report Collect and display spam statistics. Session Monitor Displays the status of the ZyWALL's wireless clients. WLAN Status (For USG 20W only) Displays the connection status of all current sessions.... Status Displays how many mail sessions the ZyWALL is currently checking and DNSBL (Domain Name Service-based...
User Guide
Page 49
... device-level RIP settings. VPN Gateway Configure IKE tunnels. Exempt List Configure ranges of concurrent client NAT/firewall sessions. ZyWALL USG 20/20W User's Guide 49 Chapter 3 Web Configurator Table 7 Configuration Menu Screens Summary (continued) FOLDER OR LINK TAB FUNCTION Interface... Ethernet interfaces. PPP Create and manage PPPoE and PPTP interfaces. WLAN (For USG 20W only) Configure settings for devices connected to MAC address bindings for an installed wireless LAN card. Routing Policy Route Create and manage routing policies. OSPF Configure device...
... device-level RIP settings. VPN Gateway Configure IKE tunnels. Exempt List Configure ranges of concurrent client NAT/firewall sessions. ZyWALL USG 20/20W User's Guide 49 Chapter 3 Web Configurator Table 7 Configuration Menu Screens Summary (continued) FOLDER OR LINK TAB FUNCTION Interface... Ethernet interfaces. PPP Create and manage PPPoE and PPTP interfaces. WLAN (For USG 20W only) Configure settings for devices connected to MAC address bindings for an installed wireless LAN card. Routing Policy Route Create and manage routing policies. OSPF Configure device...
User Guide
Page 146
You can configure 146 ZyWALL USG 20/20W User's Guide This example uses LAN_SUBNET1. This lets you need to USG 20W. This example uses LAN-to Public-IPs and click OK. You can configure different interfaces to use the range of public IP addresses as the .... Specifying a Source Address is recommended. Set the Source Network Address Translation to -WAN-Range. Figure 104 Configuring the Policy Route 7.13 How to Set Up a Wireless LAN This tutorial applies only to configure a policy route that has the...
You can configure 146 ZyWALL USG 20/20W User's Guide This example uses LAN_SUBNET1. This lets you need to USG 20W. This example uses LAN-to Public-IPs and click OK. You can configure different interfaces to use the range of public IP addresses as the .... Specifying a Source Address is recommended. Set the Source Network Address Translation to -WAN-Range. Figure 104 Configuring the Policy Route 7.13 How to Set Up a Wireless LAN This tutorial applies only to configure a policy route that has the...
User Guide
Page 147
... User Name to create a WLAN interface that uses WPA or WPA2 security and the ZyWALL's local user database for authentication. 7.13.1 Set Up User Accounts The ZyWALL supports TTLS using PAP so you install the wireless LAN card. ZyWALL USG 20/20W User's Guide 147 Enter (and re-enter) the user's password. Figure 105 Configuration > ... 1 Click Configuration > Network > Interface > WLAN > Add to open the WLAN Add screen. Chapter 7 Tutorials the WLAN interfaces before or after you can use the ZyWALL's local user database with WPA or WPA2 instead of needing an external RADIUS server.
... User Name to create a WLAN interface that uses WPA or WPA2 security and the ZyWALL's local user database for authentication. 7.13.1 Set Up User Accounts The ZyWALL supports TTLS using PAP so you install the wireless LAN card. ZyWALL USG 20/20W User's Guide 147 Enter (and re-enter) the user's password. Figure 105 Configuration > ... 1 Click Configuration > Network > Interface > WLAN > Add to open the WLAN Add screen. Chapter 7 Tutorials the WLAN interfaces before or after you can use the ZyWALL's local user database with WPA or WPA2 instead of needing an external RADIUS server.
User Guide
Page 148
... your wireless clients support WPA2, select WPA2-Enterprise as follows. Chapter 7 Tutorials 2 Edit this screen as the Security Type, otherwise select WPA/WPA-2-Enterprise. Select to which security settings the ZyWALL applies to authenticate the users. Set the Authentication Type to belong (the WLAN zone in this example). Click OK. 148 ZyWALL USG 20/20W...
... your wireless clients support WPA2, select WPA2-Enterprise as follows. Chapter 7 Tutorials 2 Edit this screen as the Security Type, otherwise select WPA/WPA-2-Enterprise. Select to which security settings the ZyWALL applies to authenticate the users. Set the Authentication Type to belong (the WLAN zone in this example). Click OK. 148 ZyWALL USG 20/20W...
User Guide
Page 150
... the Wireless Clients to Use the WLAN Interface The following sections show you want the wireless client to validate the ZyWALL's certificate (for added protection against connecting to use the wireless network. 7.13.3.1 Configure the ZyXEL Wireless Client Utility This example covers how to configure ZyXEL's wireless client utility (not included with the ZyWALL) to a rogue AP). 150 ZyWALL USG 20/20W...
... the Wireless Clients to Use the WLAN Interface The following sections show you want the wireless client to validate the ZyWALL's certificate (for added protection against connecting to use the wireless network. 7.13.3.1 Configure the ZyXEL Wireless Client Utility This example covers how to configure ZyXEL's wireless client utility (not included with the ZyWALL) to a rogue AP). 150 ZyWALL USG 20/20W...
User Guide
Page 151
Select Infrastructure and click Next. 1 Open the wireless client utility and click Profile. Figure 108 ZyXEL Wireless Client Chapter 7 Tutorials 2 Add a new profile. This example uses "ZYXEL_WPA" as the name. It is also the SSID (name) of the wireless network. Figure 109 ZyXEL Wireless Client > Profile ZyWALL USG 20/20W User's Guide 151
Select Infrastructure and click Next. 1 Open the wireless client utility and click Profile. Figure 108 ZyXEL Wireless Client Chapter 7 Tutorials 2 Add a new profile. This example uses "ZYXEL_WPA" as the name. It is also the SSID (name) of the wireless network. Figure 109 ZyXEL Wireless Client > Profile ZyWALL USG 20/20W User's Guide 151
User Guide
Page 152
Chapter 7 Tutorials 3 Select WPA2 as the Login Name and enter the account's password (also wlan_user in this example. Configure wlan_user as the security type and click Next. Figure 110 ZyXEL Wireless Client > Profile: Security Type 4 Set the encryption type to TKIP and the EAP type to TTLS. Figure 111 ZyXEL Wireless Client > Profile: Security Settings 152 ZyWALL USG 20/20W User's Guide In TTLS Protocol, select PAP. Click Next.
Chapter 7 Tutorials 3 Select WPA2 as the Login Name and enter the account's password (also wlan_user in this example. Configure wlan_user as the security type and click Next. Figure 110 ZyXEL Wireless Client > Profile: Security Type 4 Set the encryption type to TKIP and the EAP type to TTLS. Figure 111 ZyXEL Wireless Client > Profile: Security Settings 152 ZyWALL USG 20/20W User's Guide In TTLS Protocol, select PAP. Click Next.
User Guide
Page 153
5 Confirm your settings and click Save. Figure 113 ZyXEL Wireless Client > Profile: Activate ZyWALL USG 20/20W User's Guide 153 Figure 112 ZyXEL Wireless Client > Profile: Save Chapter 7 Tutorials 6 Click Activate Now.
5 Confirm your settings and click Save. Figure 113 ZyXEL Wireless Client > Profile: Activate ZyWALL USG 20/20W User's Guide 153 Figure 112 ZyXEL Wireless Client > Profile: Save Chapter 7 Tutorials 6 Click Activate Now.
User Guide
Page 154
Figure 115 Odyssey Access Client Manager > Profiles 154 ZyWALL USG 20/20W User's Guide Figure 114 ZyXEL Wireless Client > Profile: Activate Since the ZyXEL utility does not have the wireless client validate the ZyWALL's certificate, you can go to Section 7.13.3.4 on page 162. 7.13.3.2 Configure the Funk Odyssey Wireless Client This example shows how to configure Funk's Odyssey Access...
Figure 115 Odyssey Access Client Manager > Profiles 154 ZyWALL USG 20/20W User's Guide Figure 114 ZyXEL Wireless Client > Profile: Activate Since the ZyXEL utility does not have the wireless client validate the ZyWALL's certificate, you can go to Section 7.13.3.4 on page 162. 7.13.3.2 Configure the Funk Odyssey Wireless Client This example shows how to configure Funk's Odyssey Access...
User Guide
Page 157
Figure 120 Odyssey Access Client Manager > Networks > Add Use the next section to import the ZyWALL's certificate into the wireless client. 7.13.3.3 Wireless Clients Import the ZyWALL's Certificate You must import the ZyWALL's certificate into each wireless client computer. ZyWALL USG 20/20W User's Guide 157 Click OK. Use the Configuration > Object > Certificate > Edit screen (see Section 39.2.2 on page...
Figure 120 Odyssey Access Client Manager > Networks > Add Use the next section to import the ZyWALL's certificate into the wireless client. 7.13.3.3 Wireless Clients Import the ZyWALL's Certificate You must import the ZyWALL's certificate into each wireless client computer. ZyWALL USG 20/20W User's Guide 157 Click OK. Use the Configuration > Object > Certificate > Edit screen (see Section 39.2.2 on page...
User Guide
Page 161
...wireless client computer that is being displayed, such as Common Name (CN), Organizational Unit (OU), Organization (O) and Country (C). Figure 127 Configuration > Object > Certificate > My Certificates Repeat the steps to validate the ZyWALL's certificate when using the WLAN interface. ZyWALL USG 20/20W... User's Guide 161 You can see the newly imported certificate listed in the ZyWALL's My Certificates screen's Subject and Issuer fields (respectively...
...wireless client computer that is being displayed, such as Common Name (CN), Organizational Unit (OU), Organization (O) and Country (C). Figure 127 Configuration > Object > Certificate > My Certificates Repeat the steps to validate the ZyWALL's certificate when using the WLAN interface. ZyWALL USG 20/20W... User's Guide 161 You can see the newly imported certificate listed in the ZyWALL's My Certificates screen's Subject and Issuer fields (respectively...
User Guide
Page 162
Enter the username and password and click OK. Chapter 7 Tutorials 7.13.3.4 Wireless Clients Use the WLAN Interface A login screen displays when the wireless client attempts to connect to the wireless interface. Funk Odyssey Access Wireless Client Login Example 162 ZyWALL USG 20/20W User's Guide
Enter the username and password and click OK. Chapter 7 Tutorials 7.13.3.4 Wireless Clients Use the WLAN Interface A login screen displays when the wireless client attempts to connect to the wireless interface. Funk Odyssey Access Wireless Client Login Example 162 ZyWALL USG 20/20W User's Guide
User Guide
Page 177
... in the ZyWALL. ZyWALL USG 20/20W User's Guide 177 This is available for USG 20W only. •...; Use the System Status > Cellular Status screen (Section 9.9 on page 191) to check your 3G connection status. • Use the System Status > USB Storage screen (Section 9.11 on page 191) to view the connection status of the users currently logged into the ZyWALL...181) to see all of the ZyWALL's interfaces and their packet statistics.... to view the status of the ZyWALL's DDNS domain names. • Use...have received an IP address from ZyWALL interfaces with IP/MAC binding enabled....
... in the ZyWALL. ZyWALL USG 20/20W User's Guide 177 This is available for USG 20W only. •...; Use the System Status > Cellular Status screen (Section 9.9 on page 191) to check your 3G connection status. • Use the System Status > USB Storage screen (Section 9.11 on page 191) to view the connection status of the users currently logged into the ZyWALL...181) to see all of the ZyWALL's interfaces and their packet statistics.... to view the status of the ZyWALL's DDNS domain names. • Use...have received an IP address from ZyWALL interfaces with IP/MAC binding enabled....
User Guide
Page 191
... screen. Figure 143 Monitor > System Status > WLAN Status ZyWALL USG 20/20W User's Guide 191 Table 34 Monitor > System Status > Login Users LABEL DESCRIPTION # This field is a sequential value and is currently logged in to the ZyWALL. User ID This field displays the user name of the ... any entry. Reauth Lease T. This field displays the amount of reauthentication time remaining and the amount of the wireless clients connected to (or trying to connect to the ZyWALL. To open the station monitor, click Monitor > System Status > WLAN Status. The screen appears as shown....
... screen. Figure 143 Monitor > System Status > WLAN Status ZyWALL USG 20/20W User's Guide 191 Table 34 Monitor > System Status > Login Users LABEL DESCRIPTION # This field is a sequential value and is currently logged in to the ZyWALL. User ID This field displays the user name of the ... any entry. Reauth Lease T. This field displays the amount of reauthentication time remaining and the amount of the wireless clients connected to (or trying to connect to the ZyWALL. To open the station monitor, click Monitor > System Status > WLAN Status. The screen appears as shown....
User Guide
Page 217
...8226; (For USG 20W only) Use the WLAN screens (Section 11.6 on page 248) to configure settings for defining other interfaces. • Ports are the foundation for interfaces on a wireless LAN card. • Use the VLAN screens (Section 11.8 on page 264) to configure the ZyWALL's interfaces. You...8226; Use the Trunk screens (Chapter 12 on page 222) to configure load balancing. Ethernet interfaces are the physical ports to the ZyWALL. ZyWALL USG 20/20W User's Guide 217 For example, You connect the LAN1 network to the LAN1 interface. • Zones are used to ease security ...
...8226; (For USG 20W only) Use the WLAN screens (Section 11.6 on page 248) to configure settings for defining other interfaces. • Ports are the foundation for interfaces on a wireless LAN card. • Use the VLAN screens (Section 11.8 on page 264) to configure the ZyWALL's interfaces. You...8226; Use the Trunk screens (Chapter 12 on page 222) to configure load balancing. Ethernet interfaces are the physical ports to the ZyWALL. ZyWALL USG 20/20W User's Guide 217 For example, You connect the LAN1 network to the LAN1 interface. • Zones are used to ease security ...
User Guide
Page 218
...a lot of characteristics that are the foundation for defining other types of interfaces--Ethernet, PPP, cellular, VLAN, bridge, and 218 ZyWALL USG 20/20W User's Guide Port groups create a hardware connection between physical ports at most one Ethernet interface. • Bridge interfaces create a... • WLAN interfaces are also configured in the ZyWALL. RIP and OSPF are for wireless LAN (IEEE 802.11b/g) connections via an installed wireless LAN card (for details. The other interfaces and network policies. The ZyWALL automatically adds or removes the tags as needed. Unlike...
...a lot of characteristics that are the foundation for defining other types of interfaces--Ethernet, PPP, cellular, VLAN, bridge, and 218 ZyWALL USG 20/20W User's Guide Port groups create a hardware connection between physical ports at most one Ethernet interface. • Bridge interfaces create a... • WLAN interfaces are also configured in the ZyWALL. RIP and OSPF are for wireless LAN (IEEE 802.11b/g) connections via an installed wireless LAN card (for details. The other interfaces and network policies. The ZyWALL automatically adds or removes the tags as needed. Unlike...