User Guide
Page 10
... VPN Example 87 4.1.2 Configuring the VPN Rule 88 4.1.3 Configuring the Firewall Rules 91 4.2 Using NAT with Multiple Public IP Addresses 95 4.2.1 Example Parameters and Scenario 95 4.2.2 Configuring the WAN Connection with a ...NAT with Multiple Game Players 112 4.4 How to Manage the ZyWALL's Bandwidth 113 4.4.1 Example Parameters and Scenario 113 4.4.2 Configuring Bandwidth Management Rules 114 4.5 Configuring Content Filtering 118 4.5.1 Enable Content Filtering 118 4.5.2 Block Categories of Web Content 119 4.5.3 Assign Bob's Computer a Specific IP Address 121 10 ZyWALL 2 Plus...
... VPN Example 87 4.1.2 Configuring the VPN Rule 88 4.1.3 Configuring the Firewall Rules 91 4.2 Using NAT with Multiple Public IP Addresses 95 4.2.1 Example Parameters and Scenario 95 4.2.2 Configuring the WAN Connection with a ...NAT with Multiple Game Players 112 4.4 How to Manage the ZyWALL's Bandwidth 113 4.4.1 Example Parameters and Scenario 113 4.4.2 Configuring Bandwidth Management Rules 114 4.5 Configuring Content Filtering 118 4.5.1 Enable Content Filtering 118 4.5.2 Block Categories of Web Content 119 4.5.3 Assign Bob's Computer a Specific IP Address 121 10 ZyWALL 2 Plus...
User Guide
Page 20
... behind NAT 528 36.4 General NAT Examples 530 36.4.1 Internet Access Only 530 36.4.2 Example 2: Internet Access with a Default Server 532 36.4.3 Example 3: Multiple Public IP Addresses With Inside Servers 532 36.4.4 Example 4: NAT Unfriendly ...NAT ...552 38.5 Firewall Versus Filters ...552 38.5.1 Packet Filtering: ...552 38.5.2 Firewall ...553 38.6 Applying a Filter ...553 38.6.1 Applying LAN Filters 554 38.6.2 Applying DMZ Filters 554 38.6.3 Applying Remote Node Filters 555 Chapter 39 SNMP Configuration ...557 39.1 SNMP Configuration ...557 39.2 SNMP Traps ...558 20 ZyWALL 2 Plus...
... behind NAT 528 36.4 General NAT Examples 530 36.4.1 Internet Access Only 530 36.4.2 Example 2: Internet Access with a Default Server 532 36.4.3 Example 3: Multiple Public IP Addresses With Inside Servers 532 36.4.4 Example 4: NAT Unfriendly ...NAT ...552 38.5 Firewall Versus Filters ...552 38.5.1 Packet Filtering: ...552 38.5.2 Firewall ...553 38.6 Applying a Filter ...553 38.6.1 Applying LAN Filters 554 38.6.2 Applying DMZ Filters 554 38.6.3 Applying Remote Node Filters 555 Chapter 39 SNMP Configuration ...557 39.1 SNMP Configuration ...557 39.2 SNMP Traps ...558 20 ZyWALL 2 Plus...
User Guide
Page 26
......99 Figure 49 Tutorial Example: Mapping Multiple Public IP Addresses to Inside Servers 100 Figure 50 Tutorial Example: NAT > NAT Overview 101 Figure 51 Tutorial Example: NAT > Address Mapping 101 Figure 52 Tutorial Example: NAT Address Mapping Edit: One-to-One ...Edit for FTP Server 111 Figure 68 Tutorial Example: Firewall Rule Summary 111 Figure 69 Tutorial Example: NAT Address Mapping Done: Game Playing 113 Figure 70 Tutorial Example: Bandwidth Management 114 Figure 71 Tutorial Example... > External Database (Default 120 Figure 81 HOME > DHCP Table ...121 26 ZyWALL 2 Plus User's Guide
......99 Figure 49 Tutorial Example: Mapping Multiple Public IP Addresses to Inside Servers 100 Figure 50 Tutorial Example: NAT > NAT Overview 101 Figure 51 Tutorial Example: NAT > Address Mapping 101 Figure 52 Tutorial Example: NAT Address Mapping Edit: One-to-One ...Edit for FTP Server 111 Figure 68 Tutorial Example: Firewall Rule Summary 111 Figure 69 Tutorial Example: NAT Address Mapping Done: Game Playing 113 Figure 70 Tutorial Example: Bandwidth Management 114 Figure 71 Tutorial Example... > External Database (Default 120 Figure 81 HOME > DHCP Table ...121 26 ZyWALL 2 Plus User's Guide
User Guide
Page 30
...NAT > NAT Overview 333 Figure 214 ADVANCED > NAT > Address Mapping 334 Figure 215 ADVANCED > NAT > Address Mapping > Edit 335 Figure 216 Multiple Servers Behind NAT Example 337 Figure 217 Port Translation Example 338 Figure 218 ADVANCED > NAT... > Port Forwarding 339 Figure 219 Trigger Port Forwarding Process: Example 340 Figure 220 ADVANCED > NAT > Port Triggering 341 Figure 221 How NAT Works ...343 Figure 222 NAT...Common ZyWALL Certificate...
...NAT > NAT Overview 333 Figure 214 ADVANCED > NAT > Address Mapping 334 Figure 215 ADVANCED > NAT > Address Mapping > Edit 335 Figure 216 Multiple Servers Behind NAT Example 337 Figure 217 Port Translation Example 338 Figure 218 ADVANCED > NAT... > Port Forwarding 339 Figure 219 Trigger Port Forwarding Process: Example 340 Figure 220 ADVANCED > NAT > Port Triggering 341 Figure 221 How NAT Works ...343 Figure 222 NAT...Common ZyWALL Certificate...
User Guide
Page 95
... public IP addresses from the WAN to a specific computer on your ZyWALL's LAN IP address. Figure 41 Tutorial Example: Using NAT with Multiple Public IP Addresses This section shows you examples of how to set up your ZyWALL if you want to set up this example. • Assign the... 192.168.1.13) respectively for traffic in this network, we are going to: 1 Configure the WAN connection to use . ZyWALL 2 Plus User's Guide 95 Chapter 4 Tutorials 4.2 Using NAT with Static Public IP Addresses To set up in both directions. • Map the first public address (1.2.3.4) to outgoing traffic...
... public IP addresses from the WAN to a specific computer on your ZyWALL's LAN IP address. Figure 41 Tutorial Example: Using NAT with Multiple Public IP Addresses This section shows you examples of how to set up your ZyWALL if you want to set up this example. • Assign the... 192.168.1.13) respectively for traffic in this network, we are going to: 1 Configure the WAN connection to use . ZyWALL 2 Plus User's Guide 95 Chapter 4 Tutorials 4.2 Using NAT with Static Public IP Addresses To set up in both directions. • Map the first public address (1.2.3.4) to outgoing traffic...
User Guide
Page 100
...Click Apply. 100 ZyWALL 2 Plus User's Guide Figure 49 Tutorial Example: Mapping Multiple Public IP Addresses to Inside Servers " The ZyWALL applies the rules in the order that you have multiple public IP addresses to map to private IP addresses. The many-to-one or many-to-many NAT address mapping rules are... destination IP address. It allows other local computers on the same subnet as the ZyWALL's LAN IP address to use this example, you create two one-to-one rule. 1 Click ADVANCED > NAT. 2 Enable NAT and select Full Feature as you specify. In this IP address to access the Internet...
...Click Apply. 100 ZyWALL 2 Plus User's Guide Figure 49 Tutorial Example: Mapping Multiple Public IP Addresses to Inside Servers " The ZyWALL applies the rules in the order that you have multiple public IP addresses to map to private IP addresses. The many-to-one or many-to-many NAT address mapping rules are... destination IP address. It allows other local computers on the same subnet as the ZyWALL's LAN IP address to use this example, you create two one-to-one rule. 1 Click ADVANCED > NAT. 2 Enable NAT and select Full Feature as you specify. In this IP address to access the Internet...
User Guide
Page 112
... information about IP address mapping. After you cannot access it, make sure the NAT port forwarding rule is active and there is in the same subnet as shown. 112 ZyWALL 2 Plus User's Guide If you set up your WAN connection and NAT address mapping are mapped to the mail server (192.168.1.12) and... is active and the computer's IP address is a firewall rule to allow FTP traffic from the WAN to FTP server. 4.3 Using NAT with Multiple Game Players If two users (behind the ZyWALL) want to connect to the same server to play online games at the same time, but the server does not allow...
... information about IP address mapping. After you cannot access it, make sure the NAT port forwarding rule is active and there is in the same subnet as shown. 112 ZyWALL 2 Plus User's Guide If you set up your WAN connection and NAT address mapping are mapped to the mail server (192.168.1.12) and... is active and the computer's IP address is a firewall rule to allow FTP traffic from the WAN to FTP server. 4.3 Using NAT with Multiple Game Players If two users (behind the ZyWALL) want to connect to the same server to play online games at the same time, but the server does not allow...
User Guide
Page 158
...> WAN (PPPoE Encapsulation) 158 ZyWALL 2 Plus User's Guide Chapter 8 WAN Screens 8.3.2 Configuring PPPoE Encapsulation The ZyWALL supports PPPoE (Point-to let ...you and the ISP or carrier, as dynamic service selection. PPPoE is the ability to -Point Protocol over Ethernet). One of the benefits of PPPoE is an IETF standard (RFC 2516) specifying how a personal computer (PC) interacts with NAT... using PPPoE. The screen shown next is for both you access one of multiple network services, a function known as it requires no specific configuration of the ...
...> WAN (PPPoE Encapsulation) 158 ZyWALL 2 Plus User's Guide Chapter 8 WAN Screens 8.3.2 Configuring PPPoE Encapsulation The ZyWALL supports PPPoE (Point-to let ...you and the ISP or carrier, as dynamic service selection. PPPoE is the ability to -Point Protocol over Ethernet). One of the benefits of PPPoE is an IETF standard (RFC 2516) specifying how a personal computer (PC) interacts with NAT... using PPPoE. The screen shown next is for both you access one of multiple network services, a function known as it requires no specific configuration of the ...
User Guide
Page 278
... VPN Screens The following examples show how multiple telecommuters can make VPN connections to a single ZyWALL at headquarters has a static public IP address. 278 ZyWALL 2 Plus User's Guide Table 72 SECURITY > VPN > Global Setting LABEL DESCRIPTION Output Idle Timer The ZyWALL disconnects a VPN tunnel if the remote ...to save your throughput performance, you can manually set this feature. The telecommuters use NAT over IPSec, it finds that are to disable this timer to wait before the ZyWALL updates the domain name and IP address mapping through the VPN tunnel if you select...
... VPN Screens The following examples show how multiple telecommuters can make VPN connections to a single ZyWALL at headquarters has a static public IP address. 278 ZyWALL 2 Plus User's Guide Table 72 SECURITY > VPN > Global Setting LABEL DESCRIPTION Output Idle Timer The ZyWALL disconnects a VPN tunnel if the remote ...to save your throughput performance, you can manually set this feature. The telecommuters use NAT over IPSec, it finds that are to disable this timer to wait before the ZyWALL updates the domain name and IP address mapping through the VPN tunnel if you select...
User Guide
Page 331
...NAT to be accessible to change your ZyWALL's address mapping settings. ZyWALL 2 Plus User's Guide 331 They are available on page 340) to one global IP address. CHAPTER 17 Network Address Translation (NAT) Screens 17.1 Overview NAT (Network Address Translation - NAT, RFC 1631) is equivalent to SUA (i.e., PAT, port address translation), ZyXEL... to One: In Many-to-One mode, the ZyWALL maps multiple local IP addresses to change your ZyWALL's trigger port settings. 17.1.2 What You Need To Know About NAT NAT Mapping Types NAT supports five types of an outgoing packet, used within...
...NAT to be accessible to change your ZyWALL's address mapping settings. ZyWALL 2 Plus User's Guide 331 They are available on page 340) to one global IP address. CHAPTER 17 Network Address Translation (NAT) Screens 17.1 Overview NAT (Network Address Translation - NAT, RFC 1631) is equivalent to SUA (i.e., PAT, port address translation), ZyXEL... to One: In Many-to-One mode, the ZyWALL maps multiple local IP addresses to change your ZyWALL's trigger port settings. 17.1.2 What You Need To Know About NAT NAT Mapping Types NAT supports five types of an outgoing packet, used within...
User Guide
Page 332
... to those computers with public IP addresses on your DMZ with public IP addresses will still have to open the NAT Overview screen. 332 ZyWALL 2 Plus User's Guide Selecting SUA means (latent) multiple WAN-to-LAN and WAN-to -Many Overload ILA IJ IGA1 ILA2 IJ IGA2 ILA3 IJ IGA1 ILA4 IJ IGA2... ... Select either SUA or Full Feature in addition to setting up SUA/NAT, to allow traffic from the WAN to be forwarded through the ZyWALL...
... to those computers with public IP addresses on your DMZ with public IP addresses will still have to open the NAT Overview screen. 332 ZyWALL 2 Plus User's Guide Selecting SUA means (latent) multiple WAN-to-LAN and WAN-to -Many Overload ILA IJ IGA1 ILA2 IJ IGA2 ILA3 IJ IGA1 ILA4 IJ IGA2... ... Select either SUA or Full Feature in addition to setting up SUA/NAT, to allow traffic from the WAN to be forwarded through the ZyWALL...
User Guide
Page 333
... of trigger port rules that can be called full feature NAT or multi-NAT. Port Forwarding Rules The bar displays how many trigger port rules are configured on the ZyWALL. Apply Click Apply to save your ZyWALL. ZyWALL 2 Plus User's Guide 333 Max. The first number shows how... to be configured on the ZyWALL. Reset Click Reset to have multiple public WAN IP addresses for your changes back to turn off the NAT feature for the WAN port. Chapter 17 Network Address Translation (NAT) Screens Figure 213 ADVANCED > NAT > NAT Overview The following table describes ...
... of trigger port rules that can be called full feature NAT or multi-NAT. Port Forwarding Rules The bar displays how many trigger port rules are configured on the ZyWALL. Apply Click Apply to save your ZyWALL. ZyWALL 2 Plus User's Guide 333 Max. The first number shows how... to be configured on the ZyWALL. Reset Click Reset to have multiple public WAN IP addresses for your changes back to turn off the NAT feature for the WAN port. Chapter 17 Network Address Translation (NAT) Screens Figure 213 ADVANCED > NAT > NAT Overview The following table describes ...
User Guide
Page 335
... multiple local IP addresses to -One and Server mapping types. Modify Click the edit icon to go to the screen where you to specify inside servers of different services behind the NAT to be accessible to confirm that you take this action. Figure 215 ADVANCED > NAT > Address Mapping > Edit ZyWALL 2 Plus User...Use this screen to -One and Server mapping types. If the rule is equivalent to -One NAT mapping type. 2. If the rule is N/A for the One-to SUA (i.e., PAT, port address translation), ZyXEL's Single User Account feature that port numbers do not change for One-to-One, Many-to ...
... multiple local IP addresses to -One and Server mapping types. Modify Click the edit icon to go to the screen where you to specify inside servers of different services behind the NAT to be accessible to confirm that you take this action. Figure 215 ADVANCED > NAT > Address Mapping > Edit ZyWALL 2 Plus User...Use this screen to -One and Server mapping types. If the rule is equivalent to -One NAT mapping type. 2. If the rule is N/A for the One-to SUA (i.e., PAT, port address translation), ZyXEL's Single User Account feature that port numbers do not change for One-to-One, Many-to ...
User Guide
Page 336
...ports that port numbers do not allow you to SUA (i.e., PAT, port address translation), ZyXEL's Single User Account feature. 3. Many One-to-One: Many One-to-One mode maps each local IP address to -One NAT mapping type. 2. Local End IP This is the starting Inside Local IP Address (ILA...describes the labels in this screen. Many-to-One: Many-to-One mode maps multiple local IP addresses to the servers for Server port mapping. Local IP addresses are not specified in this screen. 336 ZyWALL 2 Plus User's Guide Default Server IP Address In addition to one of the desired server...
...ports that port numbers do not allow you to SUA (i.e., PAT, port address translation), ZyXEL's Single User Account feature. 3. Many One-to-One: Many One-to-One mode maps each local IP address to -One NAT mapping type. 2. Local End IP This is the starting Inside Local IP Address (ILA...describes the labels in this screen. Many-to-One: Many-to-One mode maps multiple local IP addresses to the servers for Server port mapping. Local IP addresses are not specified in this screen. 336 ZyWALL 2 Plus User's Guide Default Server IP Address In addition to one of the desired server...
User Guide
Page 337
...secure by physically separating it from the WAN to another (B in the remote management setup. Figure 216 Multiple Servers Behind NAT Example Port Translation The ZyWALL can translate the destination port number or a range of port numbers of packets coming from your public servers...not assign a Default Server IP address, the ZyWALL discards all packets received for connecting your local network. ZyWALL 2 Plus User's Guide 337 The NAT network appears as a single host on your publicly accessible servers. Chapter 17 Network Address Translation (NAT) Screens " If you use port forwarding ...
...secure by physically separating it from the WAN to another (B in the remote management setup. Figure 216 Multiple Servers Behind NAT Example Port Translation The ZyWALL can translate the destination port number or a range of port numbers of packets coming from your public servers...not assign a Default Server IP address, the ZyWALL discards all packets received for connecting your local network. ZyWALL 2 Plus User's Guide 337 The NAT network appears as a single host on your publicly accessible servers. Chapter 17 Network Address Translation (NAT) Screens " If you use port forwarding ...
User Guide
Page 406
... UDP mappings. Multiple NAT clients can use a single port simultaneously if the internal client field is turned on the LAN). It displays "0" if the port mapping is enabled. Apply Click Apply to save your changes back to 255.255.255.255 for the NAT rule's Internal... dynamic port-mapping rule's time to the Internal Client. Refresh Click Refresh update the screen's table. 406 ZyWALL 2 Plus User's Guide Description This field displays a text explanation of the NAT mapping rule (TCP or UDP). The UPnP-enabled device that are otherwise unmapped) to live (in seconds)....
... UDP mappings. Multiple NAT clients can use a single port simultaneously if the internal client field is turned on the LAN). It displays "0" if the port mapping is enabled. Apply Click Apply to save your changes back to 255.255.255.255 for the NAT rule's Internal... dynamic port-mapping rule's time to the Internal Client. Refresh Click Refresh update the screen's table. 406 ZyWALL 2 Plus User's Guide Description This field displays a text explanation of the NAT mapping rule (TCP or UDP). The UPnP-enabled device that are otherwise unmapped) to live (in seconds)....
User Guide
Page 498
... password again to make sure that supports two types of mapping: Many-to you have multiple public IP addresses. When you have a single public IP address. IP Address Assignment If...you select Telia Login in the Service Type field. Network Address Translation Network Address Translation (NAT) allows the translation of minutes from 1 to 59 (30 recommended) for the IP ... a public IP address used on the Network Address Translation feature. Retype to cancel. 498 ZyWALL 2 Plus User's Guide Table 181 Menu 4: Internet Access Setup (Ethernet) FIELD DESCRIPTION ISP's Name This...
... password again to make sure that supports two types of mapping: Many-to you have multiple public IP addresses. When you have a single public IP address. IP Address Assignment If...you select Telia Login in the Service Type field. Network Address Translation Network Address Translation (NAT) allows the translation of minutes from 1 to 59 (30 recommended) for the IP ... a public IP address used on the Network Address Translation feature. Retype to cancel. 498 ZyWALL 2 Plus User's Guide Table 181 Menu 4: Internet Access Setup (Ethernet) FIELD DESCRIPTION ISP's Name This...
User Guide
Page 515
... IP address. Choose None to select Dynamic; One-to Ethernet encapsulation only. Subnet Mask Gateway IP Addr This field is a subset of NAT that this is the address assigned to a different IP address known within the WAN network number. See Chapter 17 on page 331 for ...: Many-to -Many Overload, Many- Metric Enter a number from 1 to 15 to have multiple public IP addresses. Some implementations, especially the UNIX derivatives, require the WAN link to set . ZyWALL 2 Plus User's Guide 515 Choose Full Feature if you are using a static IP address. Remote Node ...
... IP address. Choose None to select Dynamic; One-to Ethernet encapsulation only. Subnet Mask Gateway IP Addr This field is a subset of NAT that this is the address assigned to a different IP address known within the WAN network number. See Chapter 17 on page 331 for ...: Many-to -Many Overload, Many- Metric Enter a number from 1 to 15 to have multiple public IP addresses. Some implementations, especially the UNIX derivatives, require the WAN link to set . ZyWALL 2 Plus User's Guide 515 Choose Full Feature if you are using a static IP address. Remote Node ...
User Guide
Page 521
... supports two types of mapping, Many-to multiple private LAN IP addresses of the NAT set for SUA. The next figure shows you have just one public WAN IP address for your ZyWALL. ZyWALL 2 Plus User's Guide 521 See Section 36.2.1 on the ZyWALL. 36.1 Using NAT " You must create a firewall rule in addition to setting up...
... supports two types of mapping, Many-to multiple private LAN IP addresses of the NAT set for SUA. The next figure shows you have just one public WAN IP address for your ZyWALL. ZyWALL 2 Plus User's Guide 521 See Section 36.2.1 on the ZyWALL. 36.1 Using NAT " You must create a firewall rule in addition to setting up...
User Guide
Page 523
... on these menus. To configure NAT, enter 15 from the main menu to external ports. Trigger Port Setup Enter Menu Selection Number: " Configure DMZ, WLAN and LAN IP addresses in this option. ZyWALL 2 Plus User's Guide 523 Choose Full ...Feature if you select Full Feature in Menus 4 & 11.1.2 FIELD DESCRIPTION Network Address Translation When you select this option the SMT will use Address Mapping Set 255 (menu 15.1 - When you have multiple public WAN IP addresses for SUA. The server set . Port Forwarding Setup 3. NAT...
... on these menus. To configure NAT, enter 15 from the main menu to external ports. Trigger Port Setup Enter Menu Selection Number: " Configure DMZ, WLAN and LAN IP addresses in this option. ZyWALL 2 Plus User's Guide 523 Choose Full ...Feature if you select Full Feature in Menus 4 & 11.1.2 FIELD DESCRIPTION Network Address Translation When you select this option the SMT will use Address Mapping Set 255 (menu 15.1 - When you have multiple public WAN IP addresses for SUA. The server set . Port Forwarding Setup 3. NAT...