User Guide
Page 21
.../Edit Screen 542 33.3 User Group Summary Screen 545 33.3.1 Group Add/Edit Screen 546 33.4 Setting Screen ...547 33.4.1 Default User Authentication Timeout Settings Edit Screens 550 33.4.2 User Aware Login Example 552 33.5 User /Group Technical Reference 553 Chapter 34 Addresses...555 34.1 Overview ...555 34.1.1 What You Can Do... Screen 555 34.2.1 Address Add/Edit Screen 557 34.3 Address Group Summary Screen 558 34.3.1 Address Group Add/Edit Screen 559 Chapter 35 Services ...561 ZyWALL USG 20/20W User's Guide 21
.../Edit Screen 542 33.3 User Group Summary Screen 545 33.3.1 Group Add/Edit Screen 546 33.4 Setting Screen ...547 33.4.1 Default User Authentication Timeout Settings Edit Screens 550 33.4.2 User Aware Login Example 552 33.5 User /Group Technical Reference 553 Chapter 34 Addresses...555 34.1 Overview ...555 34.1.1 What You Can Do... Screen 555 34.2.1 Address Add/Edit Screen 557 34.3 Address Group Summary Screen 558 34.3.1 Address Group Add/Edit Screen 559 Chapter 35 Services ...561 ZyWALL USG 20/20W User's Guide 21
User Guide
Page 44
... must use the OTP (One-Time Password) token to generate a number. Figure 7 Update Admin Info Screen 44 ZyWALL USG 20/20W User's Guide Figure 6 Login Screen 3 Type the user name (default: "admin") and password (default: "1234"). Enter it is only good for one login. The number is recommended to its HTTPS server, and it in using the...
... must use the OTP (One-Time Password) token to generate a number. Figure 7 Update Admin Info Screen 44 ZyWALL USG 20/20W User's Guide Figure 6 Login Screen 3 Type the user name (default: "admin") and password (default: "1234"). Enter it is only good for one login. The number is recommended to its HTTPS server, and it in using the...
User Guide
Page 45
.... title bar • B - otherwise the dashboard appears as illustrated in Figure 8 on page 44) appears after you change the password for the default user account, this screen. If you change the default password, the Login screen (Figure 6 on page 45): • A - main window ZyWALL USG 20/20W User's Guide 45 Follow the directions in using its...
.... title bar • B - otherwise the dashboard appears as illustrated in Figure 8 on page 44) appears after you change the password for the default user account, this screen. If you change the default password, the Login screen (Figure 6 on page 45): • A - main window ZyWALL USG 20/20W User's Guide 45 Follow the directions in using its...
User Guide
Page 169
... field displays how many traffic sessions are currently logged in to the Login Users ZyWALL. Click the Detail icon to go to the Session Monitor screen to see details about the ZyWALL's startup state. Chapter 8 Dashboard Table 19 Dashboard (continued) LABEL ...that takes you to a chart of the ZyWALL's recent memory usage. System default configuration - This occurs when the ZyWALL starts for specific MAC addresses. Memory Usage This field displays what percentage of lease time remaining. ZyWALL USG 20/20W User's Guide 169 Problematic configuration after a firmware...
... field displays how many traffic sessions are currently logged in to the Login Users ZyWALL. Click the Detail icon to go to the Session Monitor screen to see details about the ZyWALL's startup state. Chapter 8 Dashboard Table 19 Dashboard (continued) LABEL ...that takes you to a chart of the ZyWALL's recent memory usage. System default configuration - This occurs when the ZyWALL starts for specific MAC addresses. Memory Usage This field displays what percentage of lease time remaining. ZyWALL USG 20/20W User's Guide 169 Problematic configuration after a firmware...
User Guide
Page 369
... policies are applied in yet. You can edit the default rule but not delete it displays here. This is inactive. The ZyWALL automatically displays the login screen whenever it routes HTTP traffic for the default policy. Reset Click this policy applies. ZyWALL USG 20/20W User's Guide 369 Default displays for users when their traffic matches this screen...
... policies are applied in yet. You can edit the default rule but not delete it displays here. This is inactive. The ZyWALL automatically displays the login screen whenever it routes HTTP traffic for the default policy. Reset Click this policy applies. ZyWALL USG 20/20W User's Guide 369 Default displays for users when their traffic matches this screen...
User Guide
Page 371
... of minutes to the login screen. Authentication Select the authentication requirement for packets that require authentication. These fields are available for more on page 679 for user-configured policies that match the default policy. When a user's computer matches an endpoint security object the ZyWALL grants access and stops checking. ZyWALL USG 20/20W User's Guide 371...
... of minutes to the login screen. Authentication Select the authentication requirement for packets that require authentication. These fields are available for more on page 679 for user-configured policies that match the default policy. When a user's computer matches an endpoint security object the ZyWALL grants access and stops checking. ZyWALL USG 20/20W User's Guide 371...
User Guide
Page 375
... in a zone. Firewall Rule Criteria The ZyWALL checks the schedule, user name (user's login name on the ZyWALL), source IP address, destination IP address and IP protocol type of the ZyWALL. You can specify users or user groups in to the ZyWALL, you list them). When you also apply...(in the rule. By default: • The firewall allows only LAN, WLAN (USG 20W), or WAN computers to access or manage the ZyWALL. • The ZyWALL drops most packets from the WAN zone to the ZyWALL itself . User Specific Firewall Rules You can configure a To-ZyWALL firewall rule (with from ...
... in a zone. Firewall Rule Criteria The ZyWALL checks the schedule, user name (user's login name on the ZyWALL), source IP address, destination IP address and IP protocol type of the ZyWALL. You can specify users or user groups in to the ZyWALL, you list them). When you also apply...(in the rule. By default: • The firewall allows only LAN, WLAN (USG 20W), or WAN computers to access or manage the ZyWALL. • The ZyWALL drops most packets from the WAN zone to the ZyWALL itself . User Specific Firewall Rules You can configure a To-ZyWALL firewall rule (with from ...
User Guide
Page 433
... entries. You can specify up to two domain names so you would just use "zyxel.com". The ZyWALL displays the normal login screen without the button for full tunnel mode SSL VPN access. ZyWALL USG 20/20W User's Guide 433 Use this screen to set the IP address of two WAN ports. Leave... addresses or be registered to use one of the ZyWALL (or a gateway device) for logging into the Web Configurator. so you could use for full tunnel mode access, enter access messages or upload a custom logo to the default settings unless it conflicts with another interface. Chapter 24 SSL VPN ...
... entries. You can specify up to two domain names so you would just use "zyxel.com". The ZyWALL displays the normal login screen without the button for full tunnel mode SSL VPN access. ZyWALL USG 20/20W User's Guide 433 Use this screen to set the IP address of two WAN ports. Leave... addresses or be registered to use one of the ZyWALL (or a gateway device) for logging into the Web Configurator. so you could use for full tunnel mode access, enter access messages or upload a custom logo to the default settings unless it conflicts with another interface. Chapter 24 SSL VPN ...
User Guide
Page 434
... a different resolution to verify that the new logo displays properly. 434 ZyWALL USG 20/20W User's Guide Click Upload to transfer the specified graphic file from your ...Login Message Specify a message to the ZyWALL. Update Client Virtual Desktop Logo You can enter up to save the changes and/or start the file transfer process. 4 Log in as a user to 127 x 57 pixels. Click Reset Logo to Default...successfully. The ZyXEL company logo is recommended. The ZyWALL automatically resizes a graphic of 127 x 57 pixels to locate the logo graphic. Transparent background is the default logo. ...
... a different resolution to verify that the new logo displays properly. 434 ZyWALL USG 20/20W User's Guide Click Upload to transfer the specified graphic file from your ...Login Message Specify a message to the ZyWALL. Update Client Virtual Desktop Logo You can enter up to save the changes and/or start the file transfer process. 4 Log in as a user to 127 x 57 pixels. Click Reset Logo to Default...successfully. The ZyXEL company logo is recommended. The ZyWALL automatically resizes a graphic of 127 x 57 pixels to locate the logo graphic. Transparent background is the default logo. ...
User Guide
Page 539
...see Section 33.3 on page 547) controls default settings, login settings, lockout settings, and other user groups. CHAPTER 33 User/Group 33.1 Overview This chapter describes how to set up user accounts, user groups, and user settings for the ZyWALL. In addition, this screen allows you to... • The User screen (see Section 33.4 on page 545) provides a summary of User Accounts TYPE ABILITIES LOGIN METHOD(S) Admin Users admin Change ZyWALL configuration (web, CLI) WWW, TELNET, SSH, FTP, Console ZyWALL USG 20/20W User's Guide 539 User groups may consist of a user logged into the...
...see Section 33.3 on page 547) controls default settings, login settings, lockout settings, and other user groups. CHAPTER 33 User/Group 33.1 Overview This chapter describes how to set up user accounts, user groups, and user settings for the ZyWALL. In addition, this screen allows you to... • The User screen (see Section 33.4 on page 545) provides a summary of User Accounts TYPE ABILITIES LOGIN METHOD(S) Admin Users admin Change ZyWALL configuration (web, CLI) WWW, TELNET, SSH, FTP, Console ZyWALL USG 20/20W User's Guide 539 User groups may consist of a user logged into the...
User Guide
Page 540
... Chapter 33 User/Group Table 151 Types of User Accounts (continued) TYPE ABILITIES LOGIN METHOD(S) limited-admin Look at ZyWALL configuration (web, CLI) WWW, TELNET, SSH, Console Access Users user Perform...group user account WWW WWW WWW Note: The default admin account is authenticated by an external server, such as reauthentication time, the ZyWALL checks the following places, in order. 1 User... or RADIUS users (radius-users) in the ZyWALL. 540 ZyWALL USG 20/20W User's Guide Once an ext-user user has been authenticated, the ZyWALL tries to authenticate an ext-user using the local...
... Chapter 33 User/Group Table 151 Types of User Accounts (continued) TYPE ABILITIES LOGIN METHOD(S) limited-admin Look at ZyWALL configuration (web, CLI) WWW, TELNET, SSH, Console Access Users user Perform...group user account WWW WWW WWW Note: The default admin account is authenticated by an external server, such as reauthentication time, the ZyWALL checks the following places, in order. 1 User... or RADIUS users (radius-users) in the ZyWALL. 540 ZyWALL USG 20/20W User's Guide Once an ext-user user has been authenticated, the ZyWALL tries to authenticate an ext-user using the local...
User Guide
Page 541
...use an external authentication server in order to log in the same user group. ZyWALL USG 20/20W User's Guide 541 See Section 37.2.1 on page 577 for more on page 552 for a user-aware login example. User Awareness By default, users do not have to log into any user group. Use user groups when... how to set up the attributes in a user group is logged in to the ZyWALL first. The sequence of members in an external server. Note: You cannot put the default admin account into the ZyWALL to use via the ZyWALL, you can use the network services it provides. See Section 7.6 on page 124 ...
...use an external authentication server in order to log in the same user group. ZyWALL USG 20/20W User's Guide 541 See Section 37.2.1 on page 577 for more on page 552 for a user-aware login example. User Awareness By default, users do not have to log into any user group. Use user groups when... how to set up the attributes in a user group is logged in to the ZyWALL first. The sequence of members in an external server. Note: You cannot put the default admin account into the ZyWALL to use via the ZyWALL, you can use the network services it provides. See Section 7.6 on page 124 ...
User Guide
Page 547
... it or use the [Shift] or [Ctrl] key to select multiple entries and use this group and move them to the ZyWALL. Chapter 33 User/Group Table 155 Configuration > User/Group > Group > Add (continued) LABEL Member List DESCRIPTION The Member list displays the names...that have been added to save your changes. 33.4 Setting Screen The Setting screen controls default settings, login settings, lockout settings, and other user settings for them . Click OK to the user group. ZyWALL USG 20/20W User's Guide 547 Click Cancel to exit this screen without saving your changes back to...
... it or use the [Shift] or [Ctrl] key to select multiple entries and use this group and move them to the ZyWALL. Chapter 33 User/Group Table 155 Configuration > User/Group > Group > Add (continued) LABEL Member List DESCRIPTION The Member list displays the names...that have been added to save your changes. 33.4 Setting Screen The Setting screen controls default settings, login settings, lockout settings, and other user settings for them . Click OK to the user group. ZyWALL USG 20/20W User's Guide 547 Click Cancel to exit this screen without saving your changes back to...
User Guide
Page 548
...33 User/Group To access this screen. Table 156 Configuration > Object > User/Group > Setting LABEL DESCRIPTION User Authentication Timeout Settings Default Authentication Timeout Settings Edit These authentication timeout settings are set to the Web Configurator, and click Configuration > Object > User/Group ...Group > Setting The following table describes the labels in this screen, login to use the default settings. Double-click an entry or select it is not associated with a specific entry. 548 ZyWALL USG 20/20W User's Guide They also control the settings for any user account's...
...33 User/Group To access this screen. Table 156 Configuration > Object > User/Group > Setting LABEL DESCRIPTION User Authentication Timeout Settings Default Authentication Timeout Settings Edit These authentication timeout settings are set to the Web Configurator, and click Configuration > Object > User/Group ...Group > Setting The following table describes the labels in this screen, login to use the default settings. Double-click an entry or select it is not associated with a specific entry. 548 ZyWALL USG 20/20W User's Guide They also control the settings for any user account's...
User Guide
Page 550
... Select this check box if you want to set a limit on the number of simultaneous logins by each admin user. for any user account's authentication timeout settings. 550 ZyWALL USG 20/20W User's Guide This field is effective when Enable logon retry limit is effective when Limit ...... Type the number of minutes the user must be between 1 and 65,535 (about 45.5 days). These default authentication timeout settings also control the...
... Select this check box if you want to set a limit on the number of simultaneous logins by each admin user. for any user account's authentication timeout settings. 550 ZyWALL USG 20/20W User's Guide This field is effective when Enable logon retry limit is effective when Limit ...... Type the number of minutes the user must be between 1 and 65,535 (about 45.5 days). These default authentication timeout settings also control the...
User Guide
Page 552
Chapter 33 User/Group 33.4.2 User Aware Login Example Access users cannot use the Web Configurator to browse the configuration of time remaining before the ZyWALL automatically logs them out. Table 158 Web Configurator for Non-Admin Users ...user might be able to reset the lease time automatically 30 seconds before it . Remaining time before auth. The default value is the lease time that you specified. Figure 325 Web Configurator for Non-Admin Users LABEL DESCRIPTION User-defined...lease timeout This field displays the amount of the lease time. 552 ZyWALL USG 20/20W User's Guide
Chapter 33 User/Group 33.4.2 User Aware Login Example Access users cannot use the Web Configurator to browse the configuration of time remaining before the ZyWALL automatically logs them out. Table 158 Web Configurator for Non-Admin Users ...user might be able to reset the lease time automatically 30 seconds before it . Remaining time before auth. The default value is the lease time that you specified. Figure 325 Web Configurator for Non-Admin Users LABEL DESCRIPTION User-defined...lease timeout This field displays the amount of the lease time. 552 ZyWALL USG 20/20W User's Guide
User Guide
Page 575
... Normally, the directory structure reflects the geographical or ZyWALL USG 20/20W User's Guide 575 RADIUS authentication allows you to authenticate administrative users logging into the ZyWALL's Web Configurator or network access users logging into the network through the ZyWALL. Chapter 37 AAA Server • Use the ... AAA Servers Supported by means of users from a central location. You create and store user profile and login information on page 579) to configure the default external RADIUS server to use the local user database to authenticate VPN users. • Directory Service (LDAP...
... Normally, the directory structure reflects the geographical or ZyWALL USG 20/20W User's Guide 575 RADIUS authentication allows you to authenticate administrative users logging into the ZyWALL's Web Configurator or network access users logging into the network through the ZyWALL. Chapter 37 AAA Server • Use the ... AAA Servers Supported by means of users from a central location. You create and store user profile and login information on page 579) to configure the default external RADIUS server to use the local user database to authenticate VPN users. • Directory Service (LDAP...
User Guide
Page 606
...from the entity maintaining the OCSP server (usually a certification authority). LDAP is the default server port number for LDAP. OCSP Server Select this certificate against a Certificate Revocation ... Port Use this read -only fields display detailed information about the certificate. 606 ZyWALL USG 20/20W User's Guide Certificate Information These read -only text box display the end entity's...URL Type the protocol, IP address and pathname of revoked certificates. Type the login name (up to specify the LDAP server port number. If the issuing certification ...
...from the entity maintaining the OCSP server (usually a certification authority). LDAP is the default server port number for LDAP. OCSP Server Select this certificate against a Certificate Revocation ... Port Use this read -only fields display detailed information about the certificate. 606 ZyWALL USG 20/20W User's Guide Certificate Information These read -only text box display the end entity's...URL Type the protocol, IP address and pathname of revoked certificates. Type the login name (up to specify the LDAP server port number. If the issuing certification ...
User Guide
Page 653
...or click Browse to locate it. Customized Login Page Use this screen. Use up to 64 printable ASCII characters. Specify the location and file name of the logo graphic or click Browse to locate it . Title Enter the title for black. ZyWALL USG 20/20W User's Guide 653 Note: Use a ... labels in the rest of this section to set how the Web Configurator login screen looks. Table 202 Configuration > System > WWW > Login Page LABEL DESCRIPTION Select Type Select whether the Web Configurator uses the default login screen or one that you click in parenthesis and separate by the six...
...or click Browse to locate it. Customized Login Page Use this screen. Use up to 64 printable ASCII characters. Specify the location and file name of the logo graphic or click Browse to locate it . Title Enter the title for black. ZyWALL USG 20/20W User's Guide 653 Note: Use a ... labels in the rest of this section to set how the Web Configurator login screen looks. Table 202 Configuration > System > WWW > Login Page LABEL DESCRIPTION Select Type Select whether the Web Configurator uses the default login screen or one that you click in parenthesis and separate by the six...
User Guide
Page 741
...basic device specifications. It is not included. ZyWALL USG 20/20W User's Guide 741 Table 228 Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (P2, P3) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (P2, P3) Default Password 1234 This table provides hardware specifications. ...Compatible USB Cards (3G) Power Requirements Operating Environment Storage Environment MTBF Wall-mounting RS-232, DB9F connector 1, 2.0 plug and play See www.zyxel.com for the supported 3G cards. 12V DC Temperature: 0 C to 40 C Humidity: 20% to 95% (non-condensing) Temperature:...
...basic device specifications. It is not included. ZyWALL USG 20/20W User's Guide 741 Table 228 Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (P2, P3) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (P2, P3) Default Password 1234 This table provides hardware specifications. ...Compatible USB Cards (3G) Power Requirements Operating Environment Storage Environment MTBF Wall-mounting RS-232, DB9F connector 1, 2.0 plug and play See www.zyxel.com for the supported 3G cards. 12V DC Temperature: 0 C to 40 C Humidity: 20% to 95% (non-condensing) Temperature:...