User Guide
Page 14
....2 Create the WLAN Interface 147 7.13.3 Set Up the Wireless Clients to Use the WLAN Interface 150 Part II: Technical Reference 163 Chapter 8 Dashboard ...165 8.1 Overview ...165 8.1.1 What You Can Do in this Chapter 165 8.2 The Dashboard Screen ...165 8.2.1 The CPU Usage Screen 171 8.2.2 The Memory Usage Screen 172 14 ZyWALL USG 20/20W User...
....2 Create the WLAN Interface 147 7.13.3 Set Up the Wireless Clients to Use the WLAN Interface 150 Part II: Technical Reference 163 Chapter 8 Dashboard ...165 8.1 Overview ...165 8.1.1 What You Can Do in this Chapter 165 8.2 The Dashboard Screen ...165 8.2.1 The CPU Usage Screen 171 8.2.2 The Memory Usage Screen 172 14 ZyWALL USG 20/20W User...
User Guide
Page 15
... 9.4 The Traffic Statistics Screen 183 9.5 The Session Monitor Screen 186 9.6 The DDNS Status Screen 189 9.7 IP/MAC Binding Monitor ...189 9.8 The Login Users Screen 190 9.9 WLAN Status Screen ...191 9.10 The following table describes the labels in this menu.Cellular Status Screen 192 9.10.1 More Information ...194 9.11 USB Storage Screen... ...214 Chapter 11 Interfaces ...217 11.1 Interface Overview ...217 11.1.1 What You Can Do in this Chapter 217 11.1.2 What You Need to Know 218 ZyWALL USG 20/20W User's Guide 15
... 9.4 The Traffic Statistics Screen 183 9.5 The Session Monitor Screen 186 9.6 The DDNS Status Screen 189 9.7 IP/MAC Binding Monitor ...189 9.8 The Login Users Screen 190 9.9 WLAN Status Screen ...191 9.10 The following table describes the labels in this menu.Cellular Status Screen 192 9.10.1 More Information ...194 9.11 USB Storage Screen... ...214 Chapter 11 Interfaces ...217 11.1 Interface Overview ...217 11.1.1 What You Can Do in this Chapter 217 11.1.2 What You Need to Know 218 ZyWALL USG 20/20W User's Guide 15
User Guide
Page 16
... (3G 239 11.5.1 Cellular Add/Edit Screen 241 11.6 WLAN Interface General Screen 248 11.6.1 WLAN Add/Edit Screen 252 11.6.2 WLAN Add/Edit: WEP Security 258 11.6.3 WLAN Add/Edit: WPA-PSK/WPA2-PSK Security 259 11.6.4 WLAN Add/Edit: WPA/WPA2 Security 260 11.7 WLAN Interface MAC Filter 262 11.8 VLAN Interfaces ...264 11....2.1 Policy Route Edit Screen 303 13.3 IP Static Route Screen ...307 13.3.1 Static Route Add/Edit Screen 308 13.4 Policy Routing Technical Reference 309 16 ZyWALL USG 20/20W User's Guide
... (3G 239 11.5.1 Cellular Add/Edit Screen 241 11.6 WLAN Interface General Screen 248 11.6.1 WLAN Add/Edit Screen 252 11.6.2 WLAN Add/Edit: WEP Security 258 11.6.3 WLAN Add/Edit: WPA-PSK/WPA2-PSK Security 259 11.6.4 WLAN Add/Edit: WPA/WPA2 Security 260 11.7 WLAN Interface MAC Filter 262 11.8 VLAN Interfaces ...264 11....2.1 Policy Route Edit Screen 303 13.3 IP Static Route Screen ...307 13.3.1 Static Route Add/Edit Screen 308 13.4 Policy Routing Technical Reference 309 16 ZyWALL USG 20/20W User's Guide
User Guide
Page 29
... security by providing separate ports for a more detailed overview of the LAN1, WLAN, or DMZ. You can deploy the ZyWALL as a transparent firewall in an existing network with the reliability of the ZyWALL. It explains the front panel ports, LEDs, introduces the management methods, and...you can set up the network and enforce security policies efficiently. CHAPTER 1 Introducing the ZyWALL This chapter gives an overview of dual WAN Gigabit Ethernet ports and load balancing. ZyWALL USG 20/20W User's Guide 29 See Chapter 2 on page 37 for connecting publicly accessible servers. ...
... security by providing separate ports for a more detailed overview of the LAN1, WLAN, or DMZ. You can deploy the ZyWALL as a transparent firewall in an existing network with the reliability of the ZyWALL. It explains the front panel ports, LEDs, introduces the management methods, and...you can set up the network and enforce security policies efficiently. CHAPTER 1 Introducing the ZyWALL This chapter gives an overview of dual WAN Gigabit Ethernet ports and load balancing. ZyWALL USG 20/20W User's Guide 29 See Chapter 2 on page 37 for connecting publicly accessible servers. ...
User Guide
Page 33
WLAN (20W Green Off Only) On The wireless function is not supported by the ZyWALL. Chapter 1 Introducing the ZyWALL Table 1 Front Panel LEDs (continued) LED COLOR STATUS DESCRIPTION USB Green Off No device is connected to the ZyWALL's USB port or the connected device is disabled on the ZyWALL...on this port. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for example, SSH or Telnet) or via the ZyWALL USG 20/20W User's Guide 33 Figure 2 Managing the ZyWALL: Web Configurator Command-Line Interface (CLI) The CLI ...
WLAN (20W Green Off Only) On The wireless function is not supported by the ZyWALL. Chapter 1 Introducing the ZyWALL Table 1 Front Panel LEDs (continued) LED COLOR STATUS DESCRIPTION USB Green Off No device is connected to the ZyWALL's USB port or the connected device is disabled on the ZyWALL...on this port. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for example, SSH or Telnet) or via the ZyWALL USG 20/20W User's Guide 33 Figure 2 Managing the ZyWALL: Web Configurator Command-Line Interface (CLI) The CLI ...
User Guide
Page 48
...the status of all current sessions. Cellular Status Displays details about the ZyWALL's 3G connection status. Service View the licensed service status and upgrade licensed services. 48 ZyWALL USG 20/20W User's Guide Interface Status Displays general interface information and packet statistics. ... that have received an IP address from ZyWALL interfaces using IP/MAC binding. WLAN Status (For USG 20W only) Displays the connection status of the ZyWALL's wireless clients. SSL Lists users currently logged into the ZyWALL. Table 7 Configuration Menu Screens Summary FOLDER...
...the status of all current sessions. Cellular Status Displays details about the ZyWALL's 3G connection status. Service View the licensed service status and upgrade licensed services. 48 ZyWALL USG 20/20W User's Guide Interface Status Displays general interface information and packet statistics. ... that have received an IP address from ZyWALL interfaces using IP/MAC binding. WLAN Status (For USG 20W only) Displays the connection status of the ZyWALL's wireless clients. SSL Lists users currently logged into the ZyWALL. Table 7 Configuration Menu Screens Summary FOLDER...
User Guide
Page 49
...H.323, and FTP pass-through settings. Auth. ZyWALL USG 20/20W User's Guide 49 PPP Create and manage PPPoE and PPTP interfaces. Cellular Configure a cellular Internet connection for load balancing and link High Availability (HA). WLAN (For USG 20W only) Configure settings for devices connected to each ... manage IP static routing information. RIP Configure device-level RIP settings. IP/MAC Binding Summary Configure IP to which the ZyWALL does not apply IP/MAC binding. Exempt List Configure ranges of concurrent client NAT/firewall sessions. Policy Define rules to...
...H.323, and FTP pass-through settings. Auth. ZyWALL USG 20/20W User's Guide 49 PPP Create and manage PPPoE and PPTP interfaces. Cellular Configure a cellular Internet connection for load balancing and link High Availability (HA). WLAN (For USG 20W only) Configure settings for devices connected to each ... manage IP static routing information. RIP Configure device-level RIP settings. IP/MAC Binding Summary Configure IP to which the ZyWALL does not apply IP/MAC binding. Exempt List Configure ranges of concurrent client NAT/firewall sessions. Policy Define rules to...
User Guide
Page 147
...ZyWALL USG 20/20W User's Guide 147 Chapter 7 Tutorials the WLAN interfaces before or after you can use the ZyWALL's local user database with WPA or WPA2 instead of needing an external RADIUS server. For each WLAN user, set up a user account containing the user name and password the WLAN ...in similar fashion. 7.13.2 Create the WLAN Interface 1 Click Configuration > Network > Interface > WLAN > Add to create a WLAN interface that uses WPA or WPA2 security and the ZyWALL's local user database for authentication. 7.13.1 Set Up User Accounts The ZyWALL supports TTLS using PAP so you install ...
...ZyWALL USG 20/20W User's Guide 147 Chapter 7 Tutorials the WLAN interfaces before or after you can use the ZyWALL's local user database with WPA or WPA2 instead of needing an external RADIUS server. For each WLAN user, set up a user account containing the user name and password the WLAN ...in similar fashion. 7.13.2 Create the WLAN Interface 1 Click Configuration > Network > Interface > WLAN > Add to create a WLAN interface that uses WPA or WPA2 security and the ZyWALL's local user database for authentication. 7.13.1 Set Up User Accounts The ZyWALL supports TTLS using PAP so you install ...
User Guide
Page 148
.... If all of your wireless clients support WPA2, select WPA2-Enterprise as follows. The ZyWALL can modify it to the WLAN interface. The ZyWALL's security settings are configured by zones. Set the Authentication Type to authenticate the users....WLAN zone in this example). Chapter 7 Tutorials 2 Edit this example). A (internal) name for the WLAN interface displays. This determines which security zone you want the WLAN interface to . Configure the SSID (ZYXEL_WPA in this screen as the Security Type, otherwise select WPA/WPA-2-Enterprise. Click OK. 148 ZyWALL USG 20/20W...
.... If all of your wireless clients support WPA2, select WPA2-Enterprise as follows. The ZyWALL can modify it to the WLAN interface. The ZyWALL's security settings are configured by zones. Set the Authentication Type to authenticate the users....WLAN zone in this example). Chapter 7 Tutorials 2 Edit this example). A (internal) name for the WLAN interface displays. This determines which security zone you want the WLAN interface to . Configure the SSID (ZYXEL_WPA in this screen as the Security Type, otherwise select WPA/WPA-2-Enterprise. Click OK. 148 ZyWALL USG 20/20W...
User Guide
Page 149
Chapter 7 Tutorials Figure 106 Configuration > Network > Interface > WLAN > Add ZyWALL USG 20/20W User's Guide 149
Chapter 7 Tutorials Figure 106 Configuration > Network > Interface > WLAN > Add ZyWALL USG 20/20W User's Guide 149
User Guide
Page 150
... (for how to use Funk Odyssey's wireless client software if you how to have a wireless client (not included with the ZyWALL) use the WLAN interface. See Section 7.13.3.2 on the wireless LAN and click Apply. Chapter 7 Tutorials 3 Turn on page 154 instead for added... protection against connecting to use the wireless network. 7.13.3.1 Configure the ZyXEL Wireless Client Utility This example covers how to configure ZyXEL's wireless client utility (not included with the ZyWALL) to a rogue AP). 150 ZyWALL USG 20/20W User's Guide
... (for how to use Funk Odyssey's wireless client software if you how to have a wireless client (not included with the ZyWALL) use the WLAN interface. See Section 7.13.3.2 on the wireless LAN and click Apply. Chapter 7 Tutorials 3 Turn on page 154 instead for added... protection against connecting to use the wireless network. 7.13.3.1 Configure the ZyXEL Wireless Client Utility This example covers how to configure ZyXEL's wireless client utility (not included with the ZyWALL) to a rogue AP). 150 ZyWALL USG 20/20W User's Guide
User Guide
Page 154
...ZyXEL utility does not have the wireless client validate the ZyWALL's certificate, you can go to Section 7.13.3.4 on page 162. 7.13.3.2 Configure the Funk Odyssey Wireless Client This example shows how to configure Funk's Odyssey Access Client Manager wireless client software (not included with the ZyWALL) to use the WLAN... interface. 1 Open the Odyssey wireless client software and click Profiles > Add. Figure 115 Odyssey Access Client Manager > Profiles 154 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials 7 The ...
...ZyXEL utility does not have the wireless client validate the ZyWALL's certificate, you can go to Section 7.13.3.4 on page 162. 7.13.3.2 Configure the Funk Odyssey Wireless Client This example shows how to configure Funk's Odyssey Access Client Manager wireless client software (not included with the ZyWALL) to use the WLAN... interface. 1 Open the Odyssey wireless client software and click Profiles > Add. Figure 115 Odyssey Access Client Manager > Profiles 154 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials 7 The ...
User Guide
Page 157
... import the ZyWALL's certificate into the wireless client. 7.13.3.3 Wireless Clients Import the ZyWALL's Certificate You must import the ZyWALL's certificate into each wireless client computer. Then do the following to look for the WLAN interface. Chapter... 7 Tutorials 6 Enter the name of the wireless network ("ZYXEL_WPA" in this example) or click Scan to import the certificate into the wireless clients if they are to export the certificate the ZyWALL is using profile and select the profile you configured ("ZYXEL_WPA" in this example). Click OK. ZyWALL USG 20/20W...
... import the ZyWALL's certificate into the wireless client. 7.13.3.3 Wireless Clients Import the ZyWALL's Certificate You must import the ZyWALL's certificate into each wireless client computer. Then do the following to look for the WLAN interface. Chapter... 7 Tutorials 6 Enter the name of the wireless network ("ZYXEL_WPA" in this example) or click Scan to import the certificate into the wireless clients if they are to export the certificate the ZyWALL is using profile and select the profile you configured ("ZYXEL_WPA" in this example). Click OK. ZyWALL USG 20/20W...
User Guide
Page 161
... Certification Authorities tab. You can see the newly imported certificate listed in the ZyWALL's My Certificates screen's Subject and Issuer fields (respectively). Figure 127 Configuration > Object > Certificate > My...ZyWALL's certificate when using the WLAN interface. Figure 126 Internet Explorer: Trusted Root Certification Authorities The My Certificates screen indicates what type of information is to import the certificate into each wireless client computer that is being displayed, such as Common Name (CN), Organizational Unit (OU), Organization (O) and Country (C). ZyWALL USG 20/20W...
... Certification Authorities tab. You can see the newly imported certificate listed in the ZyWALL's My Certificates screen's Subject and Issuer fields (respectively). Figure 127 Configuration > Object > Certificate > My...ZyWALL's certificate when using the WLAN interface. Figure 126 Internet Explorer: Trusted Root Certification Authorities The My Certificates screen indicates what type of information is to import the certificate into each wireless client computer that is being displayed, such as Common Name (CN), Organizational Unit (OU), Organization (O) and Country (C). ZyWALL USG 20/20W...
User Guide
Page 162
Enter the username and password and click OK. Funk Odyssey Access Wireless Client Login Example 162 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials 7.13.3.4 Wireless Clients Use the WLAN Interface A login screen displays when the wireless client attempts to connect to the wireless interface.
Enter the username and password and click OK. Funk Odyssey Access Wireless Client Login Example 162 ZyWALL USG 20/20W User's Guide Chapter 7 Tutorials 7.13.3.4 Wireless Clients Use the WLAN Interface A login screen displays when the wireless client attempts to connect to the wireless interface.
User Guide
Page 168
...to open the screen where you can upload firmware. Click the icon to identify the ZyWALL on what type of interface it last restarted or was turned on page 239 for an installed WLAN card is none. The Ethernet interface does not have any network. Zone This field ... connected to which the interface is currently assigned. The Ethernet interface is enabled and connected. See Section 43.2 on page 171. 168 ZyWALL USG 20/20W User's Guide The possible values depend on any physical ports associated with it . Device Information System Name This field displays the name used...
...to open the screen where you can upload firmware. Click the icon to identify the ZyWALL on what type of interface it last restarted or was turned on page 239 for an installed WLAN card is none. The Ethernet interface does not have any network. Zone This field ... connected to which the interface is currently assigned. The Ethernet interface is enabled and connected. See Section 43.2 on page 171. 168 ZyWALL USG 20/20W User's Guide The possible values depend on any physical ports associated with it . Device Information System Name This field displays the name used...
User Guide
Page 170
... of each interface. Click the Detail icon to go to stop a PPPoE/PPTP connection. The possible values depend on page 195 for an installed WLAN card is disabled. This field displays the zone to a DHCP server. This is either the static IP address of interface it is the current ... name of the extension card slot and the USB ports. This field displays the name of the license. This identifies the licensed service. 170 ZyWALL USG 20/20W User's Guide The Ethernet interface is none. Speed / Duplex - This field displays the port speed and duplex setting (Full or Half). (For...
... of each interface. Click the Detail icon to go to stop a PPPoE/PPTP connection. The possible values depend on page 195 for an installed WLAN card is disabled. This field displays the zone to a DHCP server. This is either the static IP address of interface it is the current ... name of the extension card slot and the USB ports. This field displays the name of the license. This identifies the licensed service. 170 ZyWALL USG 20/20W User's Guide The Ethernet interface is none. Speed / Duplex - This field displays the port speed and duplex setting (Full or Half). (For...
User Guide
Page 177
...'s Guide 177 CHAPTER 9 Monitor 9.1 Overview Use the Monitor screens to check status and statistics information. 9.1.1 What You Can Do in the ZyWALL. This is available for USG 20W only. • Use the System Status > Cellular Status screen (Section 9.9 on page 191) to check your 3G connection status. •...Status > Login Users screen (Section 9.8 on page 190) to look at a list of the users currently logged into the ZyWALL. • Use the System Status > WLAN Status screen (Section 9.9 on page 191) to view the connection status of the wireless clients connected to (or trying to connect...
...'s Guide 177 CHAPTER 9 Monitor 9.1 Overview Use the Monitor screens to check status and statistics information. 9.1.1 What You Can Do in the ZyWALL. This is available for USG 20W only. • Use the System Status > Cellular Status screen (Section 9.9 on page 191) to check your 3G connection status. •...Status > Login Users screen (Section 9.8 on page 190) to look at a list of the users currently logged into the ZyWALL. • Use the System Status > WLAN Status screen (Section 9.9 on page 191) to view the connection status of the wireless clients connected to (or trying to connect...
User Guide
Page 182
... PPP interface is disabled, it is a backup). Down - This field displays the current IP address and subnet mask assigned to the network. 182 ZyWALL USG 20/20W User's Guide Static - DHCP Client - For Ethernet interfaces: Inactive - Speed / Duplex - For virtual interfaces, this field always displays Up. For... the interface is disabled. The Ethernet interface is disabled or did not receive an IP address and subnet mask via DHCP. The WLAN interface is currently using. This interface has a static IP address. The possible values depend on page 195 for the status that can...
... PPP interface is disabled, it is a backup). Down - This field displays the current IP address and subnet mask assigned to the network. 182 ZyWALL USG 20/20W User's Guide Static - DHCP Client - For Ethernet interfaces: Inactive - Speed / Duplex - For virtual interfaces, this field always displays Up. For... the interface is disabled. The Ethernet interface is disabled or did not receive an IP address and subnet mask via DHCP. The WLAN interface is currently using. This interface has a static IP address. The possible values depend on page 195 for the status that can...
User Guide
Page 191
... this screen. To open the station monitor, click Monitor > System Status > WLAN Status. IP address This field displays the IP address of the computer used to log in to the ZyWALL. The screen appears as shown. This field displays the amount of reauthentication time ...labels in this button to update the information in the screen. 9.9 WLAN Status Screen The WLAN Status screen displays the connection status of the wireless clients connected to (or trying to connect to end a user's session. Figure 143 Monitor > System Status > WLAN Status ZyWALL USG 20/20W User's Guide 191
... this screen. To open the station monitor, click Monitor > System Status > WLAN Status. IP address This field displays the IP address of the computer used to log in to the ZyWALL. The screen appears as shown. This field displays the amount of reauthentication time ...labels in this button to update the information in the screen. 9.9 WLAN Status Screen The WLAN Status screen displays the connection status of the wireless clients connected to (or trying to connect to end a user's session. Figure 143 Monitor > System Status > WLAN Status ZyWALL USG 20/20W User's Guide 191