User Guide
Page 7
... 43 Getting to Know Your ZyWALL 45 Introducing the Web Configurator 49 Wizard Setup ...67 Tutorials ...87 Registration Screens ...125 Network ...129 LAN Screens ...131 Bridge Screens ...143 WAN Screens ...151 DMZ Screens ...171 Wireless LAN Screens ...183 Security ...193 Firewall Screens ...195 Content Filtering Screens ...223 Content Filtering Reports ...245 IPSec VPN Screens...365 Remote Management Screens 377 UPnP Screens ...397 Custom Application Screen ...407 ALG Screen ...409 Logs and Maintenance ...415 Logs Screens ...417 Maintenance Screens ...447 ZyWALL 2 Plus User's Guide 7
... 43 Getting to Know Your ZyWALL 45 Introducing the Web Configurator 49 Wizard Setup ...67 Tutorials ...87 Registration Screens ...125 Network ...129 LAN Screens ...131 Bridge Screens ...143 WAN Screens ...151 DMZ Screens ...171 Wireless LAN Screens ...183 Security ...193 Firewall Screens ...195 Content Filtering Screens ...223 Content Filtering Reports ...245 IPSec VPN Screens...365 Remote Management Screens 377 UPnP Screens ...397 Custom Application Screen ...407 ALG Screen ...409 Logs and Maintenance ...415 Logs Screens ...417 Maintenance Screens ...447 ZyWALL 2 Plus User's Guide 7
User Guide
Page 10
Table of Contents 2.4.6 Port Statistics ...62 2.4.7 DHCP Table Screen 63 2.4.8 VPN Status ...64 2.4.9 Bandwidth Monitor ...65 Chapter 3 Wizard Setup ...67 3.1 Wizard Setup Overview ...67 ... the Connections 112 4.3 Using NAT with Multiple Game Players 112 4.4 How to Manage the ZyWALL's Bandwidth 113 4.4.1 Example Parameters and Scenario 113 4.4.2 Configuring Bandwidth Management Rules 114 4.5 Configuring Content Filtering 118 4.5.1 Enable Content Filtering 118 4.5.2 Block Categories of Web Content 119 4.5.3 Assign Bob's Computer a Specific IP Address 121 10 ZyWALL 2 Plus User's Guide
Table of Contents 2.4.6 Port Statistics ...62 2.4.7 DHCP Table Screen 63 2.4.8 VPN Status ...64 2.4.9 Bandwidth Monitor ...65 Chapter 3 Wizard Setup ...67 3.1 Wizard Setup Overview ...67 ... the Connections 112 4.3 Using NAT with Multiple Game Players 112 4.4 How to Manage the ZyWALL's Bandwidth 113 4.4.1 Example Parameters and Scenario 113 4.4.2 Configuring Bandwidth Management Rules 114 4.5 Configuring Content Filtering 118 4.5.1 Enable Content Filtering 118 4.5.2 Block Categories of Web Content 119 4.5.3 Assign Bob's Computer a Specific IP Address 121 10 ZyWALL 2 Plus User's Guide
User Guide
Page 11
Table of Contents 4.5.4 Create a Content Filter Policy for Bob 121 4.5.5 Set the Content Filter Schedule 122 4.5.6 Block Categories of Web Content for Bob 123 Chapter 5 Registration Screens ...125 5.1 Overview ...125 5.1.1 What You Can Do in the Registration Screens 125 5.1.2 What You Need to Know About Registration ... the WAN Screens 151 8.1.2 What You Need To Know About WAN 151 8.2 The WAN Route Screen ...152 8.3 The WAN Screen ...153 8.3.1 Configuring Ethernet Encapsulation 155 ZyWALL 2 Plus User's Guide 11
Table of Contents 4.5.4 Create a Content Filter Policy for Bob 121 4.5.5 Set the Content Filter Schedule 122 4.5.6 Block Categories of Web Content for Bob 123 Chapter 5 Registration Screens ...125 5.1 Overview ...125 5.1.1 What You Can Do in the Registration Screens 125 5.1.2 What You Need to Know About Registration ... the WAN Screens 151 8.1.2 What You Need To Know About WAN 151 8.2 The WAN Route Screen ...152 8.3 The WAN Screen ...153 8.3.1 Configuring Ethernet Encapsulation 155 ZyWALL 2 Plus User's Guide 11
User Guide
Page 13
...: Customization 237 12.3.4 The Edit Policy Screen: Schedule 239 12.4 The Object Screen ...240 12.5 The Cache Screen ...243 Chapter 13 Content Filtering Reports...245 13.1 Checking Content Filtering Activation 245 13.2 Viewing Content Filtering Reports 245 13.3 Web Site Submission ...250 Chapter 14 IPSec VPN Screens...253 14.1 Overview ...253 14.1.1 What You Can Do... 14.4 The SA Monitor Screen 275 14.5 The Global Setting Screen 275 14.5.1 Configuring the Global Setting Screen 277 14.6 Telecommuter VPN/IPSec Examples 278 ZyWALL 2 Plus User's Guide 13
...: Customization 237 12.3.4 The Edit Policy Screen: Schedule 239 12.4 The Object Screen ...240 12.5 The Cache Screen ...243 Chapter 13 Content Filtering Reports...245 13.1 Checking Content Filtering Activation 245 13.2 Viewing Content Filtering Reports 245 13.3 Web Site Submission ...250 Chapter 14 IPSec VPN Screens...253 14.1 Overview ...253 14.1.1 What You Can Do... 14.4 The SA Monitor Screen 275 14.5 The Global Setting Screen 275 14.5.1 Configuring the Global Setting Screen 277 14.6 Telecommuter VPN/IPSec Examples 278 ZyWALL 2 Plus User's Guide 13
User Guide
Page 26
... Class Setup: WWW 117 Figure 76 Tutorial Example: Bandwidth Management Class Setup Done 117 Figure 77 Tutorial Example: Bandwidth Management Monitor 118 Figure 78 SECURITY > CONTENT FILTER > General 119 Figure 79 SECURITY > CONTENT FILTER > Policy 120 Figure 80 SECURITY > CONTENT FILTER > Policy > External Database (Default 120 Figure 81 HOME > DHCP Table ...121 26 ZyWALL 2 Plus User's Guide
... Class Setup: WWW 117 Figure 76 Tutorial Example: Bandwidth Management Class Setup Done 117 Figure 77 Tutorial Example: Bandwidth Management Monitor 118 Figure 78 SECURITY > CONTENT FILTER > General 119 Figure 79 SECURITY > CONTENT FILTER > Policy 120 Figure 80 SECURITY > CONTENT FILTER > Policy > External Database (Default 120 Figure 81 HOME > DHCP Table ...121 26 ZyWALL 2 Plus User's Guide
User Guide
Page 27
List of Figures Figure 82 SECURITY > CONTENT FILTER > Policy 121 Figure 83 SECURITY > CONTENT FILTER > Policy > Insert 122 Figure 84 SECURITY > CONTENT FILTER > Policy 122 Figure 85 SECURITY > CONTENT FILTER > Policy > Schedule (Bob 123 Figure 86 SECURITY > CONTENT FILTER > Policy 123 Figure 87 SECURITY > CONTENT FILTER > Policy > External Database (Bob 124 Figure 88 REGISTRATION > Registration 126 Figure 89 REGISTRATION: ... ...185 Figure 122 NETWORK > WLAN > Static DHCP 188 Figure 123 NETWORK > WLAN > IP Alias 189 Figure 124 WLAN Port Role Example 191 ZyWALL 2 Plus User's Guide 27
List of Figures Figure 82 SECURITY > CONTENT FILTER > Policy 121 Figure 83 SECURITY > CONTENT FILTER > Policy > Insert 122 Figure 84 SECURITY > CONTENT FILTER > Policy 122 Figure 85 SECURITY > CONTENT FILTER > Policy > Schedule (Bob 123 Figure 86 SECURITY > CONTENT FILTER > Policy 123 Figure 87 SECURITY > CONTENT FILTER > Policy > External Database (Bob 124 Figure 88 REGISTRATION > Registration 126 Figure 89 REGISTRATION: ... ...185 Figure 122 NETWORK > WLAN > Static DHCP 188 Figure 123 NETWORK > WLAN > IP Alias 189 Figure 124 WLAN Port Role Example 191 ZyWALL 2 Plus User's Guide 27
User Guide
Page 28
... Management 247 Figure 161 Blue Coat: Login ...247 Figure 162 Content Filtering Reports Main Screen 248 Figure 163 Blue Coat: Report Home ...248 Figure 164 Global Report Screen Example 249 Figure 165 Requested URLs Example 250 Figure 166 Web Page Review Process Screen 251 Figure 167 VPN: Example ...253 28 ZyWALL 2 Plus User's Guide
... Management 247 Figure 161 Blue Coat: Login ...247 Figure 162 Content Filtering Reports Main Screen 248 Figure 163 Blue Coat: Report Home ...248 Figure 164 Global Report Screen Example 249 Figure 165 Requested URLs Example 250 Figure 166 Web Page Review Process Screen 251 Figure 167 VPN: Example ...253 28 ZyWALL 2 Plus User's Guide
User Guide
Page 38
... Example: Mismatching ID Type and Content 286 Table 77 SECURITY > CERTIFICATES > My Certificates 298 Table 78 SECURITY > CERTIFICATES > My Certificates > Details 300 Table 79 SECURITY > CERTIFICATES > My Certificates > Export 302 Table 80 SECURITY > CERTIFICATES > My Certificates > Import 304 Table 81 SECURITY > CERTIFICATES > My Certificates > Import: PKCS#12 304 38 ZyWALL 2 Plus User's Guide
... Example: Mismatching ID Type and Content 286 Table 77 SECURITY > CERTIFICATES > My Certificates 298 Table 78 SECURITY > CERTIFICATES > My Certificates > Details 300 Table 79 SECURITY > CERTIFICATES > My Certificates > Export 302 Table 80 SECURITY > CERTIFICATES > My Certificates > Import 304 Table 81 SECURITY > CERTIFICATES > My Certificates > Import: PKCS#12 304 38 ZyWALL 2 Plus User's Guide
User Guide
Page 40
... ...434 Table 139 ICMP Logs ...434 Table 140 CDR Logs ...435 Table 141 PPP Logs ...435 Table 142 UPnP Logs ...435 Table 143 Content Filtering Logs ...435 Table 144 Attack Logs ...436 Table 145 Remote Management Logs 437 Table 146 IPSec Logs ...438 Table 147 IKE Logs ...438 Table 148 ... Summary ...470 Table 165 SMT Menus Overview ...471 Table 166 Menu 1: General Setup (Router Mode 475 Table 167 Menu 1: General Setup (Bridge Mode 476 40 ZyWALL 2 Plus User's Guide
... ...434 Table 139 ICMP Logs ...434 Table 140 CDR Logs ...435 Table 141 PPP Logs ...435 Table 142 UPnP Logs ...435 Table 143 Content Filtering Logs ...435 Table 144 Attack Logs ...436 Table 145 Remote Management Logs 437 Table 146 IPSec Logs ...438 Table 147 IKE Logs ...438 Table 148 ... Summary ...470 Table 165 SMT Menus Overview ...471 Table 166 Menu 1: General Setup (Router Mode 475 Table 167 Menu 1: General Setup (Bridge Mode 476 40 ZyWALL 2 Plus User's Guide
User Guide
Page 45
..., content filtering and certificates. See Chapter 46 on page 613 for a complete list of features. 1.2 Applications for example). CHAPTER 1 Getting to Know Your ZyWALL This chapter introduces the main features and applications of the ZyWALL. 1.1 ZyWALL Internet Security Appliance Overview The ZyWALL is...For Internet access, connect the WAN Ethernet port to the LAN ports for connecting publicly accessible servers. ZyWALL 2 Plus User's Guide 45 The ZyWALL guarantees not only high speed Internet access, but secure internal network protection and traffic management as a ...
..., content filtering and certificates. See Chapter 46 on page 613 for a complete list of features. 1.2 Applications for example). CHAPTER 1 Getting to Know Your ZyWALL This chapter introduces the main features and applications of the ZyWALL. 1.1 ZyWALL Internet Security Appliance Overview The ZyWALL is...For Internet access, connect the WAN Ethernet port to the LAN ports for connecting publicly accessible servers. ZyWALL 2 Plus User's Guide 45 The ZyWALL guarantees not only high speed Internet access, but secure internal network protection and traffic management as a ...
User Guide
Page 55
...another DHCP server. Security Services Content Filter Expiration Date This is the date and time the alert was recorded. Message This is set to forward IP address assignment requests to display the active VPN connections. Bandwidth Click Bandwidth to view the ZyWALL's bandwidth usage and allotments.... PPTP, PPPoE or dial backup connection. In bridge mode, the ZyWALL cannot get the IP address automatically from the ISP, click Renew to disconnect the PPTP, PPPoE or dial backup connection. ZyWALL 2 Plus User's Guide 55 Renew If you must be manually configured. System...
...another DHCP server. Security Services Content Filter Expiration Date This is the date and time the alert was recorded. Message This is set to forward IP address assignment requests to display the active VPN connections. Bandwidth Click Bandwidth to view the ZyWALL's bandwidth usage and allotments.... PPTP, PPPoE or dial backup connection. In bridge mode, the ZyWALL cannot get the IP address automatically from the ISP, click Renew to disconnect the PPTP, PPPoE or dial backup connection. ZyWALL 2 Plus User's Guide 55 Renew If you must be manually configured. System...
User Guide
Page 58
...the reason for each device mode. Security Services Content Filter Expiration Date This is the date and time the alert was recorded. Click the field label to go to configure ZyWALL features. Not all ZyWALLs have all features listed in Bridge Mode (continued)... DHCP Table Y System Statistics Y Y Registration Y Y LAN Y WAN Y DMZ Y Bridge Y 58 ZyWALL 2 Plus User's Guide Latest Alerts This table displays the five most recent alerts recorded by the ZyWALL. The following table lists the features available for each port. You can update your service subscription.
...the reason for each device mode. Security Services Content Filter Expiration Date This is the date and time the alert was recorded. Click the field label to go to configure ZyWALL features. Not all ZyWALLs have all features listed in Bridge Mode (continued)... DHCP Table Y System Statistics Y Y Registration Y Y LAN Y WAN Y DMZ Y Bridge Y 58 ZyWALL 2 Plus User's Guide Latest Alerts This table displays the five most recent alerts recorded by the ZyWALL. The following table lists the features available for each port. You can update your service subscription.
User Guide
Page 59
...table. Port Roles Use this screen to change the bridge settings on the ZyWALL. BRIDGE Bridge Use this screen to change the LAN/DMZ/WLAN port roles on the LAN. ZyWALL 2 Plus User's Guide 59 Service Use this screen to change the LAN/DMZ/...HOME This screen shows the ZyWALL's general device and network status information. IP Alias Use this screen to register your LAN interface into subnets. Chapter 2 Introducing the Web Configurator Table 5 Bridge and Router Mode Features Comparison FEATURE BRIDGE MODE WLAN Firewall Y Content Filter Y VPN Y Certificates Y...
...table. Port Roles Use this screen to change the bridge settings on the ZyWALL. BRIDGE Bridge Use this screen to change the LAN/DMZ/WLAN port roles on the LAN. ZyWALL 2 Plus User's Guide 59 Service Use this screen to change the LAN/DMZ/...HOME This screen shows the ZyWALL's general device and network status information. IP Alias Use this screen to register your LAN interface into subnets. Chapter 2 Introducing the Web Configurator Table 5 Bridge and Router Mode Features Comparison FEATURE BRIDGE MODE WLAN Firewall Y Content Filter Y VPN Y Certificates Y...
User Guide
Page 60
...Static DHCP Use this screen to assign fixed IP addresses on the ZyWALL. Service Use this screen to configure custom services. Object Use this screen to view and manage the certificates belonging to customize the content filter list. Trusted Use this screen to Remote Hosts the trusted remote hosts...Alias Use this screen to view and manage the list of the directory servers. 60 ZyWALL 2 Plus User's Guide Port Roles Use this screen to view a summary list of web pages to filter out, as well as to configure VPN connections using IKE key management and view the...
...Static DHCP Use this screen to assign fixed IP addresses on the ZyWALL. Service Use this screen to configure custom services. Object Use this screen to view and manage the certificates belonging to customize the content filter list. Trusted Use this screen to Remote Hosts the trusted remote hosts...Alias Use this screen to view and manage the list of the directory servers. 60 ZyWALL 2 Plus User's Guide Port Roles Use this screen to view a summary list of web pages to filter out, as well as to configure VPN connections using IKE key management and view the...
User Guide
Page 73
...Static If the ISP assigned a fixed IP address. Otherwise, click Skip to display the congratulations screen and click Close to configure DNS servers. ZyWALL 2 Plus User's Guide 73 Server IP Address Type the IP address of your ISP did not assign you select Static. It must know the IP...The fields below are available only when you a fixed IP address. Click Close to the right. My WAN IP Address Enter your ZyWALL and activate the free content filtering trial application. First DNS Server Second DNS Server Enter the DNS server's IP address(es) in this field. If you do ...
...Static If the ISP assigned a fixed IP address. Otherwise, click Skip to display the congratulations screen and click Close to configure DNS servers. ZyWALL 2 Plus User's Guide 73 Server IP Address Type the IP address of your ISP did not assign you select Static. It must know the IP...The fields below are available only when you a fixed IP address. Click Close to the right. My WAN IP Address Enter your ZyWALL and activate the free content filtering trial application. First DNS Server Second DNS Server Enter the DNS server's IP address(es) in this field. If you do ...
User Guide
Page 74
Use this screen to activate a standard service with myZyXEL.com. You must register your iCard's PIN number (license key), use the REGISTRATION > Service screen. 74 ZyWALL 2 Plus User's Guide " If you want to register the ZyWALL with your ZyWALL before you clicked Next in the Internet Access Wizard Second Screen (see Figure 18 on page 73), the following screen displays. Chapter 3 Wizard Setup Figure 19 Internet Access Setup Complete 3.2.4 Internet Access Wizard: Registration If you can activate the content filtering trial application.
Use this screen to activate a standard service with myZyXEL.com. You must register your iCard's PIN number (license key), use the REGISTRATION > Service screen. 74 ZyWALL 2 Plus User's Guide " If you want to register the ZyWALL with your ZyWALL before you clicked Next in the Internet Access Wizard Second Screen (see Figure 18 on page 73), the following screen displays. Chapter 3 Wizard Setup Figure 19 Internet Access Setup Complete 3.2.4 Internet Access Wizard: Registration If you can activate the content filtering trial application.
User Guide
Page 87
... to allocate bandwidth and apply priorities to access your ZyWALL if you can apply the firewall and content filtering to the traffic going to or from VPN tunnels to the FTP server. You have a LAN FTP server with the ZyWALL). They do this for the firewall. 4.1.1 Firewall ...can apply firewall security to VPN traffic based on content filtering for VPN tunnels. Now, if you don't want other VPN traffic for VPN Traffic The ZyWALL can configure firewall rules that it sends out or after decrypting received VPN traffic. ZyWALL 2 Plus User's Guide 87 CHAPTER 4 Tutorials This chapter...
... to allocate bandwidth and apply priorities to access your ZyWALL if you can apply the firewall and content filtering to the traffic going to or from VPN tunnels to the FTP server. You have a LAN FTP server with the ZyWALL). They do this for the firewall. 4.1.1 Firewall ...can apply firewall security to VPN traffic based on content filtering for VPN tunnels. Now, if you don't want other VPN traffic for VPN Traffic The ZyWALL can configure firewall rules that it sends out or after decrypting received VPN traffic. ZyWALL 2 Plus User's Guide 87 CHAPTER 4 Tutorials This chapter...
User Guide
Page 118
... specific content filtering settings to create a myZyXEL.com account, register your policies is between 12:00 and 13:00), the ZyWALL applies the first policy. If the traffic matches (that does not match the first policy will match the default policy and the ZyWALL treats it checks the request against the first policy. ZyWALL 2 Plus User...
... specific content filtering settings to create a myZyXEL.com account, register your policies is between 12:00 and 13:00), the ZyWALL applies the first policy. If the traffic matches (that does not match the first policy will match the default policy and the ZyWALL treats it checks the request against the first policy. ZyWALL 2 Plus User...
User Guide
Page 119
ZyWALL 2 Plus User's Guide 119 Chapter 4 Tutorials 1 Click SECURITY > CONTENT FILTER. 2 Enable the content filter and external database content filtering. 3 Click Apply. Figure 78 SECURITY > CONTENT FILTER > General 4.5.2 Block Categories of Web Content Here is how to block access to web pages by category of content. 1 Click SECURITY > CONTENT FILTER > Policy and then the external database icon next to the default policy.
ZyWALL 2 Plus User's Guide 119 Chapter 4 Tutorials 1 Click SECURITY > CONTENT FILTER. 2 Enable the content filter and external database content filtering. 3 Click Apply. Figure 78 SECURITY > CONTENT FILTER > General 4.5.2 Block Categories of Web Content Here is how to block access to web pages by category of content. 1 Click SECURITY > CONTENT FILTER > Policy and then the external database icon next to the default policy.
User Guide
Page 120
Figure 80 SECURITY > CONTENT FILTER > Policy > External Database (Default) 120 ZyWALL 2 Plus User's Guide Chapter 4 Tutorials Figure 79 SECURITY > CONTENT FILTER > Policy 2 Select Active. 3 Select the categories to block. 4 Click Apply.
Figure 80 SECURITY > CONTENT FILTER > Policy > External Database (Default) 120 ZyWALL 2 Plus User's Guide Chapter 4 Tutorials Figure 79 SECURITY > CONTENT FILTER > Policy 2 Select Active. 3 Select the categories to block. 4 Click Apply.