User Guide
Page 14
... Set Up a Firewall Rule For H.323 135 7.10 How to Allow Public Access to a Web Server 136 7.10.1 Create the Address Objects 137 7.10.2 Configure NAT ...137 7.10.3 Set Up a Firewall Rule 138 7.11 How to Use an IPPBX on the DMZ 139 7.11.1 Turn On the ALG ...141 7.11... 147 7.13.3 Set Up the Wireless Clients to Use the WLAN Interface 150 Part II: Technical Reference 163 Chapter 8 Dashboard ...165 8.1 Overview ...165 8.1.1 What You Can Do in this Chapter 165 8.2 The Dashboard Screen ...165 8.2.1 The CPU Usage Screen 171 8.2.2 The Memory Usage Screen 172 14 ZyWALL USG 20/20W User's Guide
... Set Up a Firewall Rule For H.323 135 7.10 How to Allow Public Access to a Web Server 136 7.10.1 Create the Address Objects 137 7.10.2 Configure NAT ...137 7.10.3 Set Up a Firewall Rule 138 7.11 How to Use an IPPBX on the DMZ 139 7.11.1 Turn On the ALG ...141 7.11... 147 7.13.3 Set Up the Wireless Clients to Use the WLAN Interface 150 Part II: Technical Reference 163 Chapter 8 Dashboard ...165 8.1 Overview ...165 8.1.1 What You Can Do in this Chapter 165 8.2 The Dashboard Screen ...165 8.2.1 The CPU Usage Screen 171 8.2.2 The Memory Usage Screen 172 14 ZyWALL USG 20/20W User's Guide
User Guide
Page 33
...ways to the ZyWALL's USB port. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for example, SSH or Telnet) or via the ZyWALL USG 20/20W User's Guide 33 Blinking The ZyWALL is enabled on... this port. This User's Guide provides information about the Web Configurator. You can use text-based commands to configure the ZyWALL. On A 3G USB card or a USB storage device is no traffic on the ZyWALL. WLAN (20W Green Off Only) On The wireless...
...ways to the ZyWALL's USB port. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for example, SSH or Telnet) or via the ZyWALL USG 20/20W User's Guide 33 Blinking The ZyWALL is enabled on... this port. This User's Guide provides information about the Web Configurator. You can use text-based commands to configure the ZyWALL. On A 3G USB card or a USB storage device is no traffic on the ZyWALL. WLAN (20W Green Off Only) On The wireless...
User Guide
Page 48
... delete related session information. Log Lists log entries. 3.3.2.3 Configuration Menu Use the configuration menu screens to configure the ZyWALL's features. Service View the licensed service status and upgrade licensed services. 48 ZyWALL USG 20/20W User's Guide Table 6 Monitor Menu Screens Summary FOLDER OR... Status Displays the status of all current sessions. WLAN Status (For USG 20W only) Displays the connection status of the ZyWALL's wireless clients. Status Displays how many mail sessions the ZyWALL is currently checking and DNSBL (Domain Name Service-based spam Black List...
... delete related session information. Log Lists log entries. 3.3.2.3 Configuration Menu Use the configuration menu screens to configure the ZyWALL's features. Service View the licensed service status and upgrade licensed services. 48 ZyWALL USG 20/20W User's Guide Table 6 Monitor Menu Screens Summary FOLDER OR... Status Displays the status of all current sessions. WLAN Status (For USG 20W only) Displays the connection status of the ZyWALL's wireless clients. Status Displays how many mail sessions the ZyWALL is currently checking and DNSBL (Domain Name Service-based spam Black List...
User Guide
Page 49
... PPPoE and PPTP interfaces. Routing Policy Route Create and manage routing policies. ALG Configure SIP, H.323, and FTP pass-through settings. Auth. ZyWALL USG 20/20W User's Guide 49 Cellular Configure a cellular Internet connection for users and groups. VLAN Create and manage VLAN interfaces... which the ZyWALL does not apply IP/MAC binding. Firewall Firewall Create and manage level-3 traffic rules. Session Limit Limit the number of interfaces) for an installed wireless LAN card. VPN IPSec VPN VPN Connection Configure IPSec tunnels. VPN Gateway Configure IKE tunnels....
... PPPoE and PPTP interfaces. Routing Policy Route Create and manage routing policies. ALG Configure SIP, H.323, and FTP pass-through settings. Auth. ZyWALL USG 20/20W User's Guide 49 Cellular Configure a cellular Internet connection for users and groups. VLAN Create and manage VLAN interfaces... which the ZyWALL does not apply IP/MAC binding. Firewall Firewall Create and manage level-3 traffic rules. Session Limit Limit the number of interfaces) for an installed wireless LAN card. VPN IPSec VPN VPN Connection Configure IPSec tunnels. VPN Gateway Configure IKE tunnels....
User Guide
Page 146
...Address is recommended. You can configure 146 ZyWALL USG 20/20W User's Guide You can configure different interfaces to use the range of public IP addresses as the source address for WAN to LAN traffic. This example uses LAN_SUBNET1. This example uses LAN-to USG 20W. This lets you need to ...Public-IPs and click OK. Figure 104 Configuring the Policy Route 7.13 How to Set Up a Wireless LAN This tutorial applies only to -WAN-Range. Chapter 7 Tutorials 7.12...
...Address is recommended. You can configure 146 ZyWALL USG 20/20W User's Guide You can configure different interfaces to use the range of public IP addresses as the source address for WAN to LAN traffic. This example uses LAN_SUBNET1. This example uses LAN-to USG 20W. This lets you need to ...Public-IPs and click OK. Figure 104 Configuring the Policy Route 7.13 How to Set Up a Wireless LAN This tutorial applies only to -WAN-Range. Chapter 7 Tutorials 7.12...
User Guide
Page 147
... RADIUS server. Click OK. ZyWALL USG 20/20W User's Guide 147 Enter (and re-enter) the user's password. This example shows how to open the WLAN Add screen. Figure 105 Configuration > Object > User/Group > User > Add 3 Use the Add icon in the Configuration > Object > User/Group ...the WLAN Interface 1 Click Configuration > Network > Interface > WLAN > Add to create a WLAN interface that uses WPA or WPA2 security and the ZyWALL's local user database for authentication. 7.13.1 Set Up User Accounts The ZyWALL supports TTLS using PAP so you install the wireless LAN card. For each...
... RADIUS server. Click OK. ZyWALL USG 20/20W User's Guide 147 Enter (and re-enter) the user's password. This example shows how to open the WLAN Add screen. Figure 105 Configuration > Object > User/Group > User > Add 3 Use the Add icon in the Configuration > Object > User/Group ...the WLAN Interface 1 Click Configuration > Network > Interface > WLAN > Add to create a WLAN interface that uses WPA or WPA2 security and the ZyWALL's local user database for authentication. 7.13.1 Set Up User Accounts The ZyWALL supports TTLS using PAP so you install the wireless LAN card. For each...
User Guide
Page 148
... want the WLAN interface to DHCP Server. If all of your wireless clients support WPA2, select WPA2-Enterprise as follows. Click OK. 148 ZyWALL USG 20/20W User's Guide The ZyWALL's security settings are configured by zones. Select to which security settings the ZyWALL applies to . Configure the interface's IP address and set it if you want to...
... want the WLAN interface to DHCP Server. If all of your wireless clients support WPA2, select WPA2-Enterprise as follows. Click OK. 148 ZyWALL USG 20/20W User's Guide The ZyWALL's security settings are configured by zones. Select to which security settings the ZyWALL applies to . Configure the interface's IP address and set it if you want to...
User Guide
Page 150
... 154 instead for how to use Funk Odyssey's wireless client software if you how to have a wireless client (not included with the ZyWALL) use the wireless network. 7.13.3.1 Configure the ZyXEL Wireless Client Utility This example covers how to configure ZyXEL's wireless client utility (not included with the ZyWALL) to a rogue AP). 150 ZyWALL USG 20/20W User's Guide See Section 7.13.3.2 on the...
... 154 instead for how to use Funk Odyssey's wireless client software if you how to have a wireless client (not included with the ZyWALL) use the wireless network. 7.13.3.1 Configure the ZyXEL Wireless Client Utility This example covers how to configure ZyXEL's wireless client utility (not included with the ZyWALL) to a rogue AP). 150 ZyWALL USG 20/20W User's Guide See Section 7.13.3.2 on the...
User Guide
Page 152
Click Next. Figure 110 ZyXEL Wireless Client > Profile: Security Type 4 Set the encryption type to TKIP and the EAP type to TTLS. Configure wlan_user as the security type and click Next. Figure 111 ZyXEL Wireless Client > Profile: Security Settings 152 ZyWALL USG 20/20W User's Guide In TTLS Protocol, select PAP. Chapter 7 Tutorials 3 Select WPA2 as the Login Name and enter the account's password (also wlan_user in this example.
Click Next. Figure 110 ZyXEL Wireless Client > Profile: Security Type 4 Set the encryption type to TKIP and the EAP type to TTLS. Configure wlan_user as the security type and click Next. Figure 111 ZyXEL Wireless Client > Profile: Security Settings 152 ZyWALL USG 20/20W User's Guide In TTLS Protocol, select PAP. Chapter 7 Tutorials 3 Select WPA2 as the Login Name and enter the account's password (also wlan_user in this example.
User Guide
Page 154
... Manager > Profiles 154 ZyWALL USG 20/20W User's Guide Figure 114 ZyXEL Wireless Client > Profile: Activate Since the ZyXEL utility does not have the wireless client validate the ZyWALL's certificate, you can go to Section 7.13.3.4 on page 162. 7.13.3.2 Configure the Funk Odyssey Wireless Client This example shows how to configure Funk's Odyssey Access Client Manager wireless client software (not included...
... Manager > Profiles 154 ZyWALL USG 20/20W User's Guide Figure 114 ZyXEL Wireless Client > Profile: Activate Since the ZyXEL utility does not have the wireless client validate the ZyWALL's certificate, you can go to Section 7.13.3.4 on page 162. 7.13.3.2 Configure the Funk Odyssey Wireless Client This example shows how to configure Funk's Odyssey Access Client Manager wireless client software (not included...
User Guide
Page 157
... Odyssey Access Client Manager > Networks > Add Use the next section to import the ZyWALL's certificate into the wireless client. 7.13.3.3 Wireless Clients Import the ZyWALL's Certificate You must import the ZyWALL's certificate into each wireless client computer. ZyWALL USG 20/20W User's Guide 157 Use the Configuration > Object > Certificate > Edit screen (see Section 39.2.2 on page 599) to export the...
... Odyssey Access Client Manager > Networks > Add Use the next section to import the ZyWALL's certificate into the wireless client. 7.13.3.3 Wireless Clients Import the ZyWALL's Certificate You must import the ZyWALL's certificate into each wireless client computer. ZyWALL USG 20/20W User's Guide 157 Use the Configuration > Object > Certificate > Edit screen (see Section 39.2.2 on page 599) to export the...
User Guide
Page 161
...Internet Explorer Certificates screen remains open after the import is to validate the ZyWALL's certificate when using the WLAN interface. Figure 127 Configuration > Object > Certificate > My Certificates Repeat the steps to import the certificate into each wireless client computer that is done. The values in the Issued To and Issued... screen indicates what type of information is being displayed, such as Common Name (CN), Organizational Unit (OU), Organization (O) and Country (C). ZyWALL USG 20/20W User's Guide 161 You can see the newly imported certificate listed in the...
...Internet Explorer Certificates screen remains open after the import is to validate the ZyWALL's certificate when using the WLAN interface. Figure 127 Configuration > Object > Certificate > My Certificates Repeat the steps to import the certificate into each wireless client computer that is done. The values in the Issued To and Issued... screen indicates what type of information is being displayed, such as Common Name (CN), Organizational Unit (OU), Organization (O) and Country (C). ZyWALL USG 20/20W User's Guide 161 You can see the newly imported certificate listed in the...
User Guide
Page 217
....9.3 on page 282) to create virtual interfaces on top of Ethernet interfaces to tell the ZyWALL where to configure load balancing. RIP and OSPF are the foundation for interfaces on a wireless LAN card. • Use the VLAN screens (Section 11.8 on page 289) to...the ZyWALL. An interface also describes a network that is directly connected to configure the ZyWALL's interfaces. You can create virtual Ethernet interfaces, virtual VLAN interfaces, and virtual bridge interfaces. • Use the Trunk screens (Chapter 12 on page 264) to configure the Ethernet interfaces. ZyWALL USG 20/20W User...
....9.3 on page 282) to create virtual interfaces on top of Ethernet interfaces to tell the ZyWALL where to configure load balancing. RIP and OSPF are the foundation for interfaces on a wireless LAN card. • Use the VLAN screens (Section 11.8 on page 289) to...the ZyWALL. An interface also describes a network that is directly connected to configure the ZyWALL's interfaces. You can create virtual Ethernet interfaces, virtual VLAN interfaces, and virtual bridge interfaces. • Use the Trunk screens (Chapter 12 on page 264) to configure the Ethernet interfaces. ZyWALL USG 20/20W User...
User Guide
Page 218
.... • VLAN interfaces receive and send tagged frames. RIP and OSPF are also configured in the ZyWALL. • Setting interfaces to the same port role forms a port group. Each ... foundation for defining other types of interfaces--Ethernet, PPP, cellular, VLAN, bridge, and 218 ZyWALL USG 20/20W User's Guide See Section 11.2 on page 220 and Chapter 12 on page 289 for example...for PPPoE/PPTP interfaces. • Cellular interfaces are for 3G WAN connections via an installed wireless LAN card (for wireless LAN (IEEE 802.11b/g) connections via a connected 3G device. • WLAN interfaces ...
.... • VLAN interfaces receive and send tagged frames. RIP and OSPF are also configured in the ZyWALL. • Setting interfaces to the same port role forms a port group. Each ... foundation for defining other types of interfaces--Ethernet, PPP, cellular, VLAN, bridge, and 218 ZyWALL USG 20/20W User's Guide See Section 11.2 on page 220 and Chapter 12 on page 289 for example...for PPPoE/PPTP interfaces. • Cellular interfaces are for 3G WAN connections via an installed wireless LAN card (for wireless LAN (IEEE 802.11b/g) connections via a connected 3G device. • WLAN interfaces ...
User Guide
Page 239
...ZyWALL USG 20/20W User's Guide 239 Bandwidth usage is optimized as part of a WAN trunk for load balancing. Click OK to save your changes back to users when they send data. Note: The actual data rate you obtain varies depending on page 241). • You can configure... the interface as multiple users share the same channel and bandwidth is only allocated to the ZyWALL. Click Cancel to other networks if the signal strength of ... home network is too low or it is a digital, packet-switched wireless technology.
...ZyWALL USG 20/20W User's Guide 239 Bandwidth usage is optimized as part of a WAN trunk for load balancing. Click OK to save your changes back to users when they send data. Note: The actual data rate you obtain varies depending on page 241). • You can configure... the interface as multiple users share the same channel and bandwidth is only allocated to the ZyWALL. Click Cancel to other networks if the signal strength of ... home network is too low or it is a digital, packet-switched wireless technology.
User Guide
Page 240
... (EGPRS), etc. Enhanced Data rates for digital radio. Slow Fast A. See Chapter 51 on different subnets. 240 ZyWALL USG 20/20W User's Guide Note: The WAN IP addresses of CDMA2000 1xRTT and enables high-speed wireless connectivity. Chapter 11 Interfaces Aside from selecting the 3G network, the 3G card may also select an available...). CDMA2000 EV-DO (Evolution-Data Optimized, originally 1x EvolutionData Only), also referred to be a 2.5G or 2.75G technology. To change your 3G WAN settings, click Configuration > Network > Interface > Cellular.
... (EGPRS), etc. Enhanced Data rates for digital radio. Slow Fast A. See Chapter 51 on different subnets. 240 ZyWALL USG 20/20W User's Guide Note: The WAN IP addresses of CDMA2000 1xRTT and enables high-speed wireless connectivity. Chapter 11 Interfaces Aside from selecting the 3G network, the 3G card may also select an available...). CDMA2000 EV-DO (Evolution-Data Optimized, originally 1x EvolutionData Only), also referred to be a 2.5G or 2.75G technology. To change your 3G WAN settings, click Configuration > Network > Interface > Cellular.
User Guide
Page 248
... 167 Example of a Wireless Network 248 ZyWALL USG 20/20W User's Guide The wireless network is available for this action, Log to create a log, or Log-alert to 99 in the blue circle. Wireless clients (A and B) connect to an access point (AP) to access other devices (such as an AP when you configure and enable budget control...
... 167 Example of a Wireless Network 248 ZyWALL USG 20/20W User's Guide The wireless network is available for this action, Log to create a log, or Log-alert to 99 in the blue circle. Wireless clients (A and B) connect to an access point (AP) to access other devices (such as an AP when you configure and enable budget control...
User Guide
Page 249
...It stands for more details on wireless LANs. Security stops unauthorized devices from using the wireless network and can protect the information that is the name of the wireless network. Figure 168 Configuration > Network > Interface > WLAN ZyWALL USG 20/20W User's Guide 249 Like radio ...stations or television channels, each wireless network uses a specific channel, or frequency, to open the following screen. ...
...It stands for more details on wireless LANs. Security stops unauthorized devices from using the wireless network and can protect the information that is the name of the wireless network. Figure 168 Configuration > Network > Interface > WLAN ZyWALL USG 20/20W User's Guide 249 Like radio ...stations or television channels, each wireless network uses a specific channel, or frequency, to open the following screen. ...
User Guide
Page 250
... ZyWALL's output power. 250 ZyWALL USG 20/20W User's Guide Select b Only to allow IEEE802.11b, IEEE802.11g and IEEE802.11n compliant WLAN devices to associate with the ZyWALL. Channel This allows you have wireless clients that are associated with the ZyWALL. This stops wireless...greater or lesser number of configuration fields. The transmission rate of your ZyWALL might be reduced. Select the percentage of output power that you configure the wireless security settings before it transmits. Select b+g to allow both . When enabled, a wireless client sends an RTS (...
... ZyWALL's output power. 250 ZyWALL USG 20/20W User's Guide Select b Only to allow IEEE802.11b, IEEE802.11g and IEEE802.11n compliant WLAN devices to associate with the ZyWALL. Channel This allows you have wireless clients that are associated with the ZyWALL. This stops wireless...greater or lesser number of configuration fields. The transmission rate of your ZyWALL might be reduced. Select the percentage of output power that you configure the wireless security settings before it transmits. Select b+g to allow both . When enabled, a wireless client sends an RTS (...
User Guide
Page 251
... make data transfer more prone to open a screen where you can be because your wireless network is busy and congested. Select an entry and click Object References to errors. ZyWALL USG 20/20W User's Guide 251 This function allows cutting the wait time between data transmission from the...to increase data throughput. To turn off an entry, select it is selected as the 802.11 Band. Chapter 11 Interfaces Table 58 Configuration > Network > Interface > WLAN LABEL DESCRIPTION QoS Select the Quality of Service priority for an example. This function allows faster data transfer...
... make data transfer more prone to open a screen where you can be because your wireless network is busy and congested. Select an entry and click Object References to errors. ZyWALL USG 20/20W User's Guide 251 This function allows cutting the wait time between data transmission from the...to increase data throughput. To turn off an entry, select it is selected as the 802.11 Band. Chapter 11 Interfaces Table 58 Configuration > Network > Interface > WLAN LABEL DESCRIPTION QoS Select the Quality of Service priority for an example. This function allows faster data transfer...