User Guide
Page 3
...configuring for Internet access. • Web Configurator Online Help Embedded web help you get up and running right away. User Guide Feedback Help us help for descriptions of TCP/IP networking concepts and topology. Thank you use e-mail instead. E-mail: techwriters@zyxel.com.tw ZyWALL 2 Plus... to the following address, or use the web configurator to configure the ZyWALL. • Supporting Disk Refer to the included CD for support documents. • ZyXEL Web Site Please refer to configure the ZyWALL using the web configurator or System Management Terminal (SMT). You should have...
...configuring for Internet access. • Web Configurator Online Help Embedded web help you get up and running right away. User Guide Feedback Help us help for descriptions of TCP/IP networking concepts and topology. Thank you use e-mail instead. E-mail: techwriters@zyxel.com.tw ZyWALL 2 Plus... to the following address, or use the web configurator to configure the ZyWALL. • Supporting Disk Refer to the included CD for support documents. • ZyXEL Web Site Please refer to configure the ZyWALL using the web configurator or System Management Terminal (SMT). You should have...
User Guide
Page 4
...tab to get to that could harm you may need to configure or helpful tips) or recommendations. "Select" or "choose" means for example, other words". 4 ZyWALL 2 Plus User's Guide Syntax Conventions • The ZyWALL 2 Plus may be referred to type one of measurement may denote ...the "metric" value or the "scientific" value. " Notes tell you other important information (for you to as the "ZyWALL", the "device" or the ...
...tab to get to that could harm you may need to configure or helpful tips) or recommendations. "Select" or "choose" means for example, other words". 4 ZyWALL 2 Plus User's Guide Syntax Conventions • The ZyWALL 2 Plus may be referred to type one of measurement may denote ...the "metric" value or the "scientific" value. " Notes tell you other important information (for you to as the "ZyWALL", the "device" or the ...
User Guide
Page 7
Contents Overview Contents Overview Introduction and Registration 43 Getting to Know Your ZyWALL 45 Introducing the Web Configurator 49 Wizard Setup ...67 Tutorials ...87 Registration Screens ...125 Network ...129 LAN Screens ...131 Bridge Screens ...143 WAN Screens ...151 DMZ Screens ...171 Wireless LAN ... ...365 Remote Management Screens 377 UPnP Screens ...397 Custom Application Screen ...407 ALG Screen ...409 Logs and Maintenance ...415 Logs Screens ...417 Maintenance Screens ...447 ZyWALL 2 Plus User's Guide 7
Contents Overview Contents Overview Introduction and Registration 43 Getting to Know Your ZyWALL 45 Introducing the Web Configurator 49 Wizard Setup ...67 Tutorials ...87 Registration Screens ...125 Network ...129 LAN Screens ...131 Bridge Screens ...143 WAN Screens ...151 DMZ Screens ...171 Wireless LAN ... ...365 Remote Management Screens 377 UPnP Screens ...397 Custom Application Screen ...407 ALG Screen ...409 Logs and Maintenance ...415 Logs Screens ...417 Maintenance Screens ...447 ZyWALL 2 Plus User's Guide 7
User Guide
Page 8
... Translation (NAT 521 Introducing the ZyWALL Firewall 539 Filter Configuration ...541 SNMP Configuration ...557 System Information & Diagnosis 559 Firmware and Configuration File Maintenance 571 System Maintenance Menus 8 to 10 587 Remote Management ...595 Call Scheduling ...599 Troubleshooting and Specifications 603 Troubleshooting ...605 Product Specifications ...613 Appendices and Index ...619 8 ZyWALL 2 Plus User's Guide Contents Overview SMT...
... Translation (NAT 521 Introducing the ZyWALL Firewall 539 Filter Configuration ...541 SNMP Configuration ...557 System Information & Diagnosis 559 Firmware and Configuration File Maintenance 571 System Maintenance Menus 8 to 10 587 Remote Management ...595 Call Scheduling ...599 Troubleshooting and Specifications 603 Troubleshooting ...605 Product Specifications ...613 Appendices and Index ...619 8 ZyWALL 2 Plus User's Guide Contents Overview SMT...
User Guide
Page 9
... the Web Configurator 49 2.1 Web Configurator Overview 49 2.2 Accessing the ZyWALL Web Configurator 49 2.3 Resetting the ZyWALL ...51 2.3.1 Procedure To Use The Reset Button 51 2.3.2 Uploading a Configuration File Via Console Port 51 2.4 Navigating the ZyWALL Web Configurator 52 2.4.1 Title Bar ...52 2.4.2 Main Window ...52 2.4.3 HOME Screen: Router Mode 53 2.4.4 HOME Screen: Bridge Mode 55 2.4.5 Navigation Panel ...58 ZyWALL 2 Plus User...
... the Web Configurator 49 2.1 Web Configurator Overview 49 2.2 Accessing the ZyWALL Web Configurator 49 2.3 Resetting the ZyWALL ...51 2.3.1 Procedure To Use The Reset Button 51 2.3.2 Uploading a Configuration File Via Console Port 51 2.4 Navigating the ZyWALL Web Configurator 52 2.4.1 Title Bar ...52 2.4.2 Main Window ...52 2.4.3 HOME Screen: Router Mode 53 2.4.4 HOME Screen: Bridge Mode 55 2.4.5 Navigation Panel ...58 ZyWALL 2 Plus User...
User Guide
Page 10
... ...87 4.1 Security Settings for VPN Traffic 87 4.1.1 Firewall Rule for VPN Example 87 4.1.2 Configuring the VPN Rule 88 4.1.3 Configuring the Firewall Rules 91 4.2 Using NAT with Multiple Public IP Addresses 95 4.2.1 Example Parameters and Scenario 95... How to Manage the ZyWALL's Bandwidth 113 4.4.1 Example Parameters and Scenario 113 4.4.2 Configuring Bandwidth Management Rules 114 4.5 Configuring Content Filtering 118 4.5.1 Enable Content Filtering 118 4.5.2 Block Categories of Web Content 119 4.5.3 Assign Bob's Computer a Specific IP Address 121 10 ZyWALL 2 Plus User's Guide
... ...87 4.1 Security Settings for VPN Traffic 87 4.1.1 Firewall Rule for VPN Example 87 4.1.2 Configuring the VPN Rule 88 4.1.3 Configuring the Firewall Rules 91 4.2 Using NAT with Multiple Public IP Addresses 95 4.2.1 Example Parameters and Scenario 95... How to Manage the ZyWALL's Bandwidth 113 4.4.1 Example Parameters and Scenario 113 4.4.2 Configuring Bandwidth Management Rules 114 4.5 Configuring Content Filtering 118 4.5.1 Enable Content Filtering 118 4.5.2 Block Categories of Web Content 119 4.5.3 Assign Bob's Computer a Specific IP Address 121 10 ZyWALL 2 Plus User's Guide
User Guide
Page 11
... You Can Do in the WAN Screens 151 8.1.2 What You Need To Know About WAN 151 8.2 The WAN Route Screen ...152 8.3 The WAN Screen ...153 8.3.1 Configuring Ethernet Encapsulation 155 ZyWALL 2 Plus User's Guide 11
... You Can Do in the WAN Screens 151 8.1.2 What You Need To Know About WAN 151 8.2 The WAN Route Screen ...152 8.3 The WAN Screen ...153 8.3.1 Configuring Ethernet Encapsulation 155 ZyWALL 2 Plus User's Guide 11
User Guide
Page 12
... Encapsulation 160 8.4 The Traffic Redirect Screen 163 8.5 Configuring Traffic Redirect 164 8.6 The Dial Backup Screen ...165 8.6.1 Advanced Modem Setup 168 Chapter 9 DMZ Screens ...171 9.1 Overview ...171 9.1.1 What You Can Do in the DMZ ... 11 Firewall Screens...195 11.1 Overview ...195 11.1.1 What You Can Do in the Firewall Screens 196 11.1.2 What You Need To Know About The ZyWALL Firewall 196 11.1.3 Before You Begin ...196 11.2 Firewall Rules Examples 196 11.3 The Firewall Default Rule Screen (Router Mode 198 11.4 The Firewall Default...
... Encapsulation 160 8.4 The Traffic Redirect Screen 163 8.5 Configuring Traffic Redirect 164 8.6 The Dial Backup Screen ...165 8.6.1 Advanced Modem Setup 168 Chapter 9 DMZ Screens ...171 9.1 Overview ...171 9.1.1 What You Can Do in the DMZ ... 11 Firewall Screens...195 11.1 Overview ...195 11.1.1 What You Can Do in the Firewall Screens 196 11.1.2 What You Need To Know About The ZyWALL Firewall 196 11.1.3 Before You Begin ...196 11.2 Firewall Rules Examples 196 11.3 The Firewall Default Rule Screen (Router Mode 198 11.4 The Firewall Default...
User Guide
Page 13
... Rules (Manual) Screen 271 14.3.1 The VPN Rules (Manual) Edit Screen 272 14.4 The SA Monitor Screen 275 14.5 The Global Setting Screen 275 14.5.1 Configuring the Global Setting Screen 277 14.6 Telecommuter VPN/IPSec Examples 278 ZyWALL 2 Plus User's Guide 13
... Rules (Manual) Screen 271 14.3.1 The VPN Rules (Manual) Edit Screen 272 14.4 The SA Monitor Screen 275 14.5 The Global Setting Screen 275 14.5.1 Configuring the Global Setting Screen 277 14.6 Telecommuter VPN/IPSec Examples 278 ZyWALL 2 Plus User's Guide 13
User Guide
Page 15
... ...354 19.3.1 Maximize Bandwidth Usage Example 356 19.3.2 Reserving Bandwidth for Non-Bandwidth Class Traffic 357 19.4 The Class Setup ...357 19.4.1 Bandwidth Manager Class Configuration 359 19.4.2 Bandwidth Borrowing Example 362 19.4.3 The Bandwidth Management Statistics Screen 362 19.5 The Bandwidth Manager Monitor Screen 363 Chapter 20 DNS Screens ...365... ...365 20.1.1 What You Can Do in the DNS Screens 365 20.1.2 What You Need To Know About DNS 365 20.2 The System Screen ...367 ZyWALL 2 Plus User's Guide 15
... ...354 19.3.1 Maximize Bandwidth Usage Example 356 19.3.2 Reserving Bandwidth for Non-Bandwidth Class Traffic 357 19.4 The Class Setup ...357 19.4.1 Bandwidth Manager Class Configuration 359 19.4.2 Bandwidth Borrowing Example 362 19.4.3 The Bandwidth Management Statistics Screen 362 19.5 The Bandwidth Manager Monitor Screen 363 Chapter 20 DNS Screens ...365... ...365 20.1.1 What You Can Do in the DNS Screens 365 20.1.2 What You Need To Know About DNS 365 20.2 The System Screen ...367 ZyWALL 2 Plus User's Guide 15
User Guide
Page 16
...383 21.2.3 Secure FTP Using SSH Example 384 21.3 The WWW Screen ...385 21.3.1 Configuring the WWW Screen 386 21.4 The SSH Screen ...387 21.4.1 Configuring the SSH Screen 388 21.5 The Telnet Screen ...388 21.6 The FTP Screen ...389...390 21.7.1 Supported MIBs ...391 21.7.2 SNMP Traps ...392 21.7.3 Configuring the SNMP Screen 392 21.8 The DNS Screen ...393 21.9 The CNM Screen ...394 21.9.1 Additional Configuration for Vantage CNM 395 21.10 Remote Management Technical Reference 396 Chapter...404 22.4 The Ports Screen ...405 Chapter 23 Custom Application Screen 407 16 ZyWALL 2 Plus User's Guide
...383 21.2.3 Secure FTP Using SSH Example 384 21.3 The WWW Screen ...385 21.3.1 Configuring the WWW Screen 386 21.4 The SSH Screen ...387 21.4.1 Configuring the SSH Screen 388 21.5 The Telnet Screen ...388 21.6 The FTP Screen ...389...390 21.7.1 Supported MIBs ...391 21.7.2 SNMP Traps ...392 21.7.3 Configuring the SNMP Screen 392 21.8 The DNS Screen ...393 21.9 The CNM Screen ...394 21.9.1 Additional Configuration for Vantage CNM 395 21.10 Remote Management Technical Reference 396 Chapter...404 22.4 The Ports Screen ...405 Chapter 23 Custom Application Screen 407 16 ZyWALL 2 Plus User's Guide
User Guide
Page 18
... ...482 29.4 Configuring Dial Backup in Menu 2 482 29.5 Advanced WAN Setup ...483 29.6 Remote Node Profile (Backup ISP 485 29.7 Editing TCP/IP Options ...487 29.8 Editing Login Script ...488 29.9 Remote Node Filter ...489 Chapter 30 LAN Setup...491 18 ZyWALL 2 Plus User's Guide General... Setup 475 28.1 Introduction to General Setup 475 28.2 Configuring General Setup 475 28.2.1 Configuring Dynamic DNS 476 Chapter 29 WAN and Dial Backup Setup 481 29.1 Introduction to the...
... ...482 29.4 Configuring Dial Backup in Menu 2 482 29.5 Advanced WAN Setup ...483 29.6 Remote Node Profile (Backup ISP 485 29.7 Editing TCP/IP Options ...487 29.8 Editing Login Script ...488 29.9 Remote Node Filter ...489 Chapter 30 LAN Setup...491 18 ZyWALL 2 Plus User's Guide General... Setup 475 28.1 Introduction to General Setup 475 28.2 Configuring General Setup 475 28.2.1 Configuring Dynamic DNS 476 Chapter 29 WAN and Dial Backup Setup 481 29.1 Introduction to the...
User Guide
Page 19
... Internet Access ...497 31.1 Introduction to Internet Access Setup 497 31.2 Ethernet Encapsulation 497 31.3 Configuring the PPTP Client 499 31.4 Configuring the PPPoE Client 499 31.5 Basic Setup Complete ...500 Chapter 32 DMZ Setup ...501 32.1 Configuring DMZ Setup 501 32.2 DMZ Port Filter Setup ...501 32.3 TCP/IP Setup ...502 32....4 Edit IP ...514 34.5 Remote Node Filter ...516 34.6 Traffic Redirect ...517 Chapter 35 IP Static Route Setup...519 35.1 IP Static Route Setup ...519 ZyWALL 2 Plus User's Guide 19
... Internet Access ...497 31.1 Introduction to Internet Access Setup 497 31.2 Ethernet Encapsulation 497 31.3 Configuring the PPTP Client 499 31.4 Configuring the PPPoE Client 499 31.5 Basic Setup Complete ...500 Chapter 32 DMZ Setup ...501 32.1 Configuring DMZ Setup 501 32.2 DMZ Port Filter Setup ...501 32.3 TCP/IP Setup ...502 32....4 Edit IP ...514 34.5 Remote Node Filter ...516 34.6 Traffic Redirect ...517 Chapter 35 IP Static Route Setup...519 35.1 IP Static Route Setup ...519 ZyWALL 2 Plus User's Guide 19
User Guide
Page 20
...539 37.1.1 Activating the Firewall 539 Chapter 38 Filter Configuration...541 38.1 Introduction to Filters ...541 38.1.1 The Filter Structure of the ZyWALL 542 38.2 Configuring a Filter Set ...544 38.2.1 Configuring a Filter Rule 546 38.2.2 Configuring a TCP/IP Filter Rule 546 38.2.3 Configuring a Generic Filter Rule 549 38.3 Example Filter ...550... a Filter ...553 38.6.1 Applying LAN Filters 554 38.6.2 Applying DMZ Filters 554 38.6.3 Applying Remote Node Filters 555 Chapter 39 SNMP Configuration ...557 39.1 SNMP Configuration ...557 39.2 SNMP Traps ...558 20 ZyWALL 2 Plus User's Guide
...539 37.1.1 Activating the Firewall 539 Chapter 38 Filter Configuration...541 38.1 Introduction to Filters ...541 38.1.1 The Filter Structure of the ZyWALL 542 38.2 Configuring a Filter Set ...544 38.2.1 Configuring a Filter Rule 546 38.2.2 Configuring a TCP/IP Filter Rule 546 38.2.3 Configuring a Generic Filter Rule 549 38.3 Example Filter ...550... a Filter ...553 38.6.1 Applying LAN Filters 554 38.6.2 Applying DMZ Filters 554 38.6.3 Applying Remote Node Filters 555 Chapter 39 SNMP Configuration ...557 39.1 SNMP Configuration ...557 39.2 SNMP Traps ...558 20 ZyWALL 2 Plus User's Guide
User Guide
Page 21
....4.1 Restore Using FTP 577 41.4.2 Restore Using FTP Session Example 578 41.4.3 Restore Via Console Port 579 41.5 Uploading Firmware and Configuration Files 579 41.5.1 Firmware File Upload 580 41.5.2 Configuration File Upload 580 41.5.3 FTP File Upload Command from the DOS Prompt Example 581 41.5.4 FTP Session Example of Firmware File... 41.5.7 Uploading Via Console Port 583 41.5.8 Uploading Firmware File Via Console Port 583 41.5.9 Example Xmodem Firmware Upload Using HyperTerminal 583 41.5.10 Uploading Configuration File Via Console Port 584 ZyWALL 2 Plus User's Guide 21
....4.1 Restore Using FTP 577 41.4.2 Restore Using FTP Session Example 578 41.4.3 Restore Via Console Port 579 41.5 Uploading Firmware and Configuration Files 579 41.5.1 Firmware File Upload 580 41.5.2 Configuration File Upload 580 41.5.3 FTP File Upload Command from the DOS Prompt Example 581 41.5.4 FTP Session Example of Firmware File... 41.5.7 Uploading Via Console Port 583 41.5.8 Uploading Firmware File Via Console Port 583 41.5.9 Example Xmodem Firmware Upload Using HyperTerminal 583 41.5.10 Uploading Configuration File Via Console Port 584 ZyWALL 2 Plus User's Guide 21
User Guide
Page 22
Table of Contents 41.5.11 Example Xmodem Configuration Upload Using HyperTerminal 585 Chapter 42 System Maintenance ... Troubleshooting and Specifications 603 Chapter 45 Troubleshooting...605 45.1 Power, Hardware Connections, and LEDs 605 45.2 ZyWALL Access and Login 606 45.3 Internet Access ...608 45.4 Wireless Router/AP Troubleshooting 610 45.5 UPnP ......610 Chapter 46 Product Specifications ...613 46.1 General ZyWALL Specifications 613 46.2 Cable Pin Assignments 615 46.3 Wall-mounting Instructions 617 Part VIII: Appendices and ...
Table of Contents 41.5.11 Example Xmodem Configuration Upload Using HyperTerminal 585 Chapter 42 System Maintenance ... Troubleshooting and Specifications 603 Chapter 45 Troubleshooting...605 45.1 Power, Hardware Connections, and LEDs 605 45.2 ZyWALL Access and Login 606 45.3 Internet Access ...608 45.4 Wireless Router/AP Troubleshooting 610 45.5 UPnP ......610 Chapter 46 Product Specifications ...613 46.1 General ZyWALL Specifications 613 46.2 Cable Pin Assignments 615 46.3 Wall-mounting Instructions 617 Part VIII: Appendices and ...
User Guide
Page 25
... Figure 4 Change Password Screen ...50 Figure 5 Replace Certificate Screen ...50 Figure 6 Example Xmodem Upload ...51 Figure 7 HOME Screen ...52 Figure 8 Web Configurator HOME Screen in Router Mode 53 Figure 9 Web Configurator HOME Screen in Bridge Mode 56 Figure 10 HOME > Show Statistics ...62 Figure 11 HOME > DHCP Table ...63 Figure 12 HOME... SECURITY > VPN > VPN Rules (IKE)> Add Network Policy 91 Figure 37 SECURITY > FIREWALL > Rule Summary 92 Figure 38 SECURITY > FIREWALL > Rule Summary > Edit: Allow 93 ZyWALL 2 Plus User's Guide 25
... Figure 4 Change Password Screen ...50 Figure 5 Replace Certificate Screen ...50 Figure 6 Example Xmodem Upload ...51 Figure 7 HOME Screen ...52 Figure 8 Web Configurator HOME Screen in Router Mode 53 Figure 9 Web Configurator HOME Screen in Bridge Mode 56 Figure 10 HOME > Show Statistics ...62 Figure 11 HOME > DHCP Table ...63 Figure 12 HOME... SECURITY > VPN > VPN Rules (IKE)> Add Network Policy 91 Figure 37 SECURITY > FIREWALL > Rule Summary 92 Figure 38 SECURITY > FIREWALL > Rule Summary > Edit: Allow 93 ZyWALL 2 Plus User's Guide 25
User Guide
Page 28
... 213 Figure 141 My Service Firewall Rule Example: Rule Edit: Source and Destination Addresses .......... 213 Figure 142 My Service Firewall Rule Example: Edit Rule: Service Configuration 214 Figure 143 My Service Firewall Rule Example: Rule Summary: Completed 215 Figure 144 From LAN to VPN Example 217 Figure 145 From VPN to... Global Report Screen Example 249 Figure 165 Requested URLs Example 250 Figure 166 Web Page Review Process Screen 251 Figure 167 VPN: Example ...253 28 ZyWALL 2 Plus User's Guide
... 213 Figure 141 My Service Firewall Rule Example: Rule Edit: Source and Destination Addresses .......... 213 Figure 142 My Service Firewall Rule Example: Edit Rule: Service Configuration 214 Figure 143 My Service Firewall Rule Example: Rule Summary: Completed 215 Figure 144 From LAN to VPN Example 217 Figure 145 From VPN to... Global Report Screen Example 249 Figure 165 Requested URLs Example 250 Figure 166 Web Page Review Process Screen 251 Figure 167 VPN: Example ...253 28 ZyWALL 2 Plus User's Guide
User Guide
Page 31
... Disconnected 458 Figure 289 Firmware Upload Error ...458 Figure 290 MAINTENANCE > Backup and Restore 459 Figure 291 Configuration Upload Successful 460 Figure 292 Network Temporarily Disconnected 460 Figure 293 Configuration Upload Error 460 Figure 294 Reset Warning Message ...461 Figure 295 MAINTENANCE > Restart 461 Figure 296 MAINTENANCE > Diagnostics 462 ZyWALL 2 Plus User's Guide 31
... Disconnected 458 Figure 289 Firmware Upload Error ...458 Figure 290 MAINTENANCE > Backup and Restore 459 Figure 291 Configuration Upload Successful 460 Figure 292 Network Temporarily Disconnected 460 Figure 293 Configuration Upload Error 460 Figure 294 Reset Warning Message ...461 Figure 295 MAINTENANCE > Restart 461 Figure 296 MAINTENANCE > Diagnostics 462 ZyWALL 2 Plus User's Guide 31
User Guide
Page 32
... 301 Menu 23: System Password 472 Figure 302 Menu 1: General Setup (Router Mode 475 Figure 303 Menu 1: General Setup (Bridge Mode 476 Figure 304 Menu 1.1: Configure Dynamic DNS 477 Figure 305 Menu 1.1.1: DDNS Host Summary 478 Figure 306 Menu 1.1.1: DDNS Edit Host 479 Figure 307 MAC Address Cloning in WAN Setup... Menu 11.1.5: Traffic Redirect Setup 517 Figure 338 Menu 12: IP Static Route Setup 519 Figure 339 Menu 12. 1: Edit IP Static Route 520 32 ZyWALL 2 Plus User's Guide
... 301 Menu 23: System Password 472 Figure 302 Menu 1: General Setup (Router Mode 475 Figure 303 Menu 1: General Setup (Bridge Mode 476 Figure 304 Menu 1.1: Configure Dynamic DNS 477 Figure 305 Menu 1.1.1: DDNS Host Summary 478 Figure 306 Menu 1.1.1: DDNS Edit Host 479 Figure 307 MAC Address Cloning in WAN Setup... Menu 11.1.5: Traffic Redirect Setup 517 Figure 338 Menu 12: IP Static Route Setup 519 Figure 339 Menu 12. 1: Edit IP Static Route 520 32 ZyWALL 2 Plus User's Guide