User Guide
Page 7
Contents Overview Contents Overview Introduction and Registration 43 Getting to Know Your ZyWALL 45 Introducing the Web Configurator 49 Wizard Setup ...67 Tutorials ...87 Registration Screens ...125 Network ...129 LAN Screens ...131 Bridge ...Certificates Screen ...295 Authentication Server Screens 323 Advanced ...329 Network Address Translation (NAT) Screens 331 Static Route Screens ...347 Bandwidth Management Screens 351 DNS Screens ...365 Remote Management Screens 377 UPnP Screens ...397 Custom Application Screen ...407 ALG Screen ...409 Logs and Maintenance ...415 Logs Screens ......
Contents Overview Contents Overview Introduction and Registration 43 Getting to Know Your ZyWALL 45 Introducing the Web Configurator 49 Wizard Setup ...67 Tutorials ...87 Registration Screens ...125 Network ...129 LAN Screens ...131 Bridge ...Certificates Screen ...295 Authentication Server Screens 323 Advanced ...329 Network Address Translation (NAT) Screens 331 Static Route Screens ...347 Bandwidth Management Screens 351 DNS Screens ...365 Remote Management Screens 377 UPnP Screens ...397 Custom Application Screen ...407 ALG Screen ...409 Logs and Maintenance ...415 Logs Screens ......
User Guide
Page 15
... Borrowing Example 362 19.4.3 The Bandwidth Management Statistics Screen 362 19.5 The Bandwidth Manager Monitor Screen 363 Chapter 20 DNS Screens ...365 20.1 Overview ...365 20.1.1 What You Can Do in the DNS Screens 365 20.1.2 What You Need To Know About DNS 365 20.2 The System Screen ...367 ZyWALL 2 Plus User's Guide 15
... Borrowing Example 362 19.4.3 The Bandwidth Management Statistics Screen 362 19.5 The Bandwidth Manager Monitor Screen 363 Chapter 20 DNS Screens ...365 20.1 Overview ...365 20.1.1 What You Can Do in the DNS Screens 365 20.1.2 What You Need To Know About DNS 365 20.2 The System Screen ...367 ZyWALL 2 Plus User's Guide 15
User Guide
Page 16
...20.2.1 The Add Address Record Screen 369 20.2.2 The Insert a Name Server Record Screen 370 20.3 The DNS Cache Screen 371 20.4 The DHCP Screen ...372 20.5 The DDNS Screen ...373 Chapter 21 Remote Management ...SNMP Screen ...390 21.7.1 Supported MIBs ...391 21.7.2 SNMP Traps ...392 21.7.3 Configuring the SNMP Screen 392 21.8 The DNS Screen ...393 21.9 The CNM Screen ...394 21.9.1 Additional Configuration for Vantage CNM 395 21.10 Remote Management Technical Reference 396... Screen ...404 22.4 The Ports Screen ...405 Chapter 23 Custom Application Screen 407 16 ZyWALL 2 Plus User's Guide
...20.2.1 The Add Address Record Screen 369 20.2.2 The Insert a Name Server Record Screen 370 20.3 The DNS Cache Screen 371 20.4 The DHCP Screen ...372 20.5 The DDNS Screen ...373 Chapter 21 Remote Management ...SNMP Screen ...390 21.7.1 Supported MIBs ...391 21.7.2 SNMP Traps ...392 21.7.3 Configuring the SNMP Screen 392 21.8 The DNS Screen ...393 21.9 The CNM Screen ...394 21.9.1 Additional Configuration for Vantage CNM 395 21.10 Remote Management Technical Reference 396... Screen ...404 22.4 The Ports Screen ...405 Chapter 23 Custom Application Screen 407 16 ZyWALL 2 Plus User's Guide
User Guide
Page 18
General Setup 475 28.1 Introduction to General Setup 475 28.2 Configuring General Setup 475 28.2.1 Configuring Dynamic DNS 476 Chapter 29 WAN and Dial Backup Setup 481 29.1 Introduction to the SMT 467 27.2 Accessing the SMT via the Console Port 467 27.2.1 ... 468 27.3 Navigating the SMT Interface 468 27.3.1 Main Menu ...469 27.3.2 SMT Menus Overview 471 27.4 Changing the System Password 472 27.5 Resetting the ZyWALL ...473 Chapter 28 SMT Menu 1 - Table of Contents 26.7 The Backup and Restore Screen 458 26.7.1 Backup Configuration 459 26.7.2 Restore Configuration 459 26.7.3 Back...
General Setup 475 28.1 Introduction to General Setup 475 28.2 Configuring General Setup 475 28.2.1 Configuring Dynamic DNS 476 Chapter 29 WAN and Dial Backup Setup 481 29.1 Introduction to the SMT 467 27.2 Accessing the SMT via the Console Port 467 27.2.1 ... 468 27.3 Navigating the SMT Interface 468 27.3.1 Main Menu ...469 27.3.2 SMT Menus Overview 471 27.4 Changing the System Password 472 27.5 Resetting the ZyWALL ...473 Chapter 28 SMT Menu 1 - Table of Contents 26.7 The Backup and Restore Screen 458 26.7.1 Backup Configuration 459 26.7.2 Restore Configuration 459 26.7.3 Back...
User Guide
Page 26
... Public IP Address 96 Figure 43 Tutorial Example: WAN Screen 97 Figure 44 Tutorial Example: DNS > System 97 Figure 45 Tutorial Example: DNS > System Edit-1 98 Figure 46 Tutorial Example: DNS > System Edit-2 98 Figure 47 Tutorial Example: DNS > System: Done 99 Figure 48 Tutorial Example: Status ...99 Figure 49 Tutorial Example: Mapping Multiple... 119 Figure 79 SECURITY > CONTENT FILTER > Policy 120 Figure 80 SECURITY > CONTENT FILTER > Policy > External Database (Default 120 Figure 81 HOME > DHCP Table ...121 26 ZyWALL 2 Plus User's Guide
... Public IP Address 96 Figure 43 Tutorial Example: WAN Screen 97 Figure 44 Tutorial Example: DNS > System 97 Figure 45 Tutorial Example: DNS > System Edit-1 98 Figure 46 Tutorial Example: DNS > System Edit-2 98 Figure 47 Tutorial Example: DNS > System: Done 99 Figure 48 Tutorial Example: Status ...99 Figure 49 Tutorial Example: Mapping Multiple... 119 Figure 79 SECURITY > CONTENT FILTER > Policy 120 Figure 80 SECURITY > CONTENT FILTER > Policy > External Database (Default 120 Figure 81 HOME > DHCP Table ...121 26 ZyWALL 2 Plus User's Guide
User Guide
Page 30
...Figure 233 Private DNS Server Example 367 Figure 234 ADVANCED > DNS > System DNS 368 Figure 235 ADVANCED > DNS > Add (Address Record 369 Figure 236 ADVANCED > DNS > Insert (Name Server Record 370 Figure 237 ADVANCED > DNS > Cache 371 Figure 238 ADVANCED > DNS > DHCP 372 Figure 239 ADVANCED > DNS > DDNS 374... 244 Example: Lock Denoting a Secure Connection 381 Figure 245 Replace Certificate ...382 Figure 246 Device-specific Certificate 382 Figure 247 Common ZyWALL Certificate 382 Figure 248 SSH Example 1: Store Host Key 383 Figure 249 SSH Example 2: Test ...383 Figure 250 SSH Example 2:...
...Figure 233 Private DNS Server Example 367 Figure 234 ADVANCED > DNS > System DNS 368 Figure 235 ADVANCED > DNS > Add (Address Record 369 Figure 236 ADVANCED > DNS > Insert (Name Server Record 370 Figure 237 ADVANCED > DNS > Cache 371 Figure 238 ADVANCED > DNS > DHCP 372 Figure 239 ADVANCED > DNS > DDNS 374... 244 Example: Lock Denoting a Secure Connection 381 Figure 245 Replace Certificate ...382 Figure 246 Device-specific Certificate 382 Figure 247 Common ZyWALL Certificate 382 Figure 248 SSH Example 1: Store Host Key 383 Figure 249 SSH Example 2: Test ...383 Figure 250 SSH Example 2:...
User Guide
Page 31
... Figure 257 ADVANCED > REMOTE MGMT > FTP 390 Figure 258 SNMP Management Model 391 Figure 259 ADVANCED > REMOTE MGMT > SNMP 392 Figure 260 ADVANCED > REMOTE MGMT > DNS 393 Figure 261 ADVANCED > REMOTE MGMT > CNM 394 Figure 262 How SSH Works ...396 Figure 263 ADVANCED > UPnP ...404 Figure 264 ADVANCED > UPnP > Ports 405... Temporarily Disconnected 460 Figure 293 Configuration Upload Error 460 Figure 294 Reset Warning Message ...461 Figure 295 MAINTENANCE > Restart 461 Figure 296 MAINTENANCE > Diagnostics 462 ZyWALL 2 Plus User's Guide 31
... Figure 257 ADVANCED > REMOTE MGMT > FTP 390 Figure 258 SNMP Management Model 391 Figure 259 ADVANCED > REMOTE MGMT > SNMP 392 Figure 260 ADVANCED > REMOTE MGMT > DNS 393 Figure 261 ADVANCED > REMOTE MGMT > CNM 394 Figure 262 How SSH Works ...396 Figure 263 ADVANCED > UPnP ...404 Figure 264 ADVANCED > UPnP > Ports 405... Temporarily Disconnected 460 Figure 293 Configuration Upload Error 460 Figure 294 Reset Warning Message ...461 Figure 295 MAINTENANCE > Restart 461 Figure 296 MAINTENANCE > Diagnostics 462 ZyWALL 2 Plus User's Guide 31
User Guide
Page 32
... 23: System Password 472 Figure 302 Menu 1: General Setup (Router Mode 475 Figure 303 Menu 1: General Setup (Bridge Mode 476 Figure 304 Menu 1.1: Configure Dynamic DNS 477 Figure 305 Menu 1.1.1: DDNS Host Summary 478 Figure 306 Menu 1.1.1: DDNS Edit Host 479 Figure 307 MAC Address Cloning in WAN Setup 481 Figure... Menu 11.1.5: Traffic Redirect Setup 517 Figure 338 Menu 12: IP Static Route Setup 519 Figure 339 Menu 12. 1: Edit IP Static Route 520 32 ZyWALL 2 Plus User's Guide
... 23: System Password 472 Figure 302 Menu 1: General Setup (Router Mode 475 Figure 303 Menu 1: General Setup (Bridge Mode 476 Figure 304 Menu 1.1: Configure Dynamic DNS 477 Figure 305 Menu 1.1.1: DDNS Host Summary 478 Figure 306 Menu 1.1.1: DDNS Edit Host 479 Figure 307 MAC Address Cloning in WAN Setup 481 Figure... Menu 11.1.5: Traffic Redirect Setup 517 Figure 338 Menu 12: IP Static Route Setup 519 Figure 339 Menu 12. 1: Edit IP Static Route 520 32 ZyWALL 2 Plus User's Guide
User Guide
Page 35
...441 Red Hat 9.0: KDE: Network Configuration: Devices 633 Figure 442 Red Hat 9.0: KDE: Ethernet Device: General 633 Figure 443 Red Hat 9.0: KDE: Network Configuration: DNS 634 Figure 444 Red Hat 9.0: KDE: Network Configuration: Activate 634 Figure 445 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 635 Figure 446 Red... General Information before Import 658 Figure 466 Certificate Import Wizard 1 659 Figure 467 Certificate Import Wizard 2 659 Figure 468 Certificate Import Wizard 3 660 ZyWALL 2 Plus User's Guide 35 Java Scripting 641 Figure 456 Security Settings -
...441 Red Hat 9.0: KDE: Network Configuration: Devices 633 Figure 442 Red Hat 9.0: KDE: Ethernet Device: General 633 Figure 443 Red Hat 9.0: KDE: Network Configuration: DNS 634 Figure 444 Red Hat 9.0: KDE: Network Configuration: Activate 634 Figure 445 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 635 Figure 446 Red... General Information before Import 658 Figure 466 Certificate Import Wizard 1 659 Figure 467 Certificate Import Wizard 2 659 Figure 468 Certificate Import Wizard 3 660 ZyWALL 2 Plus User's Guide 35 Java Scripting 641 Figure 456 Security Settings -
User Guide
Page 39
... Bandwidth Borrowing Example 362 Table 110 ADVANCED > BW MGMT > Class Setup > Statistics 363 Table 111 ADVANCED > BW MGMT > Monitor 364 Table 112 ADVANCED > DNS > Add (Address Record 369 Table 113 ADVANCED > REMOTE MGMT > WWW 386 Table 114 ADVANCED > REMOTE MGMT > SSH 388 Table 115 ADVANCED > REMOTE MGMT... ADVANCED > REMOTE MGMT > FTP 390 Table 117 SNMP Traps ...392 Table 118 ADVANCED > REMOTE MGMT > SNMP 393 Table 119 ADVANCED > REMOTE MGMT > DNS 394 Table 120 ADVANCED > REMOTE MGMT > CNM 395 Table 121 ADVANCED > UPnP ...404 Table 122 ADVANCED > UPnP > Ports 405 Table 123 ADVANCED > ...
... Bandwidth Borrowing Example 362 Table 110 ADVANCED > BW MGMT > Class Setup > Statistics 363 Table 111 ADVANCED > BW MGMT > Monitor 364 Table 112 ADVANCED > DNS > Add (Address Record 369 Table 113 ADVANCED > REMOTE MGMT > WWW 386 Table 114 ADVANCED > REMOTE MGMT > SSH 388 Table 115 ADVANCED > REMOTE MGMT... ADVANCED > REMOTE MGMT > FTP 390 Table 117 SNMP Traps ...392 Table 118 ADVANCED > REMOTE MGMT > SNMP 393 Table 119 ADVANCED > REMOTE MGMT > DNS 394 Table 120 ADVANCED > REMOTE MGMT > CNM 395 Table 121 ADVANCED > UPnP ...404 Table 122 ADVANCED > UPnP > Ports 405 Table 123 ADVANCED > ...
User Guide
Page 41
List of Tables Table 168 Menu 1.1: Configure Dynamic DNS 477 Table 169 Menu 1.1.1: DDNS Host Summary 478 Table 170 Menu 1.1.1: DDNS Edit Host 479 Table 171 MAC Address Cloning in WAN Setup 482 Table ... GUI-based FTP Clients 574 Table 208 General Commands for GUI-based TFTP Clients 575 Table 209 Valid Commands ...588 Table 210 Budget Management ...590 ZyWALL 2 Plus User's Guide 41
List of Tables Table 168 Menu 1.1: Configure Dynamic DNS 477 Table 169 Menu 1.1.1: DDNS Host Summary 478 Table 170 Menu 1.1.1: DDNS Edit Host 479 Table 171 MAC Address Cloning in WAN Setup 482 Table ... GUI-based FTP Clients 574 Table 208 General Commands for GUI-based TFTP Clients 575 Table 209 Valid Commands ...588 Table 210 Budget Management ...590 ZyWALL 2 Plus User's Guide 41
User Guide
Page 59
...statistics and DHCP table. Port Roles Use this screen to change the LAN/DMZ/WLAN port roles on the ZyWALL. ZyWALL 2 Plus User's Guide 59 Use this to manage and update the service status and license information. NETWORK LAN... Web Configurator Table 5 Bridge and Router Mode Features Comparison FEATURE BRIDGE MODE WLAN Firewall Y Content Filter Y VPN Y Certificates Y Authentication Server Y NAT Static Route Bandwidth Management Y DNS Remote Management Y UPnP Custom APP Y ALG Y Logs Y Maintenance Y ROUTER MODE Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Table Key: A ...
...statistics and DHCP table. Port Roles Use this screen to change the LAN/DMZ/WLAN port roles on the ZyWALL. ZyWALL 2 Plus User's Guide 59 Use this to manage and update the service status and license information. NETWORK LAN... Web Configurator Table 5 Bridge and Router Mode Features Comparison FEATURE BRIDGE MODE WLAN Firewall Y Content Filter Y VPN Y Certificates Y Authentication Server Y NAT Static Route Bandwidth Management Y DNS Remote Management Y UPnP Custom APP Y ALG Y Logs Y Maintenance Y ROUTER MODE Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Table Key: A ...
User Guide
Page 61
... port numbers for FTP, HTTP, SMTP, POP3, H323, and SIP traffic. ZyWALL 2 Plus User's Guide 61 DHCP Use this screen to monitor for the ZyWALL to configure LAN/DMZ/WLAN DNS information. SSH Use this screen to configure through which interface(s) and from which IP... which IP address(es) users can use Secure Shell to set up dynamic DNS. DNS Use this screen to configure through the ZyWALL. Ports Use this screen to configure the local user account(s) on the ZyWALL. Chapter 2 Introducing the Web Configurator Table 6 Screens Summary (continued) LINK ...
... port numbers for FTP, HTTP, SMTP, POP3, H323, and SIP traffic. ZyWALL 2 Plus User's Guide 61 DHCP Use this screen to monitor for the ZyWALL to configure LAN/DMZ/WLAN DNS information. SSH Use this screen to configure through which interface(s) and from which IP... which IP address(es) users can use Secure Shell to set up dynamic DNS. DNS Use this screen to configure through the ZyWALL. Ports Use this screen to configure the local user account(s) on the ZyWALL. Chapter 2 Introducing the Web Configurator Table 6 Screens Summary (continued) LINK ...
User Guide
Page 69
Select Static If the ISP assigned a fixed IP address. First DNS Server Second DNS Server Enter the DNS server's IP address(es) in this field. Leave the field as a dial-up connection. Apply Click Apply to save your changes and go to the ... the IP address of a machine in this field. Gateway IP Address Enter the gateway IP address in order to configure DNS servers. ZyWALL 2 Plus User's Guide 69 If you do not configure a DNS server, you do not want to access it. Back Click Back to return to high-speed data networks. Chapter 3 Wizard...
Select Static If the ISP assigned a fixed IP address. First DNS Server Second DNS Server Enter the DNS server's IP address(es) in this field. Leave the field as a dial-up connection. Apply Click Apply to save your changes and go to the ... the IP address of a machine in this field. Gateway IP Address Enter the gateway IP address in order to configure DNS servers. ZyWALL 2 Plus User's Guide 69 If you do not configure a DNS server, you do not want to access it. Back Click Back to return to high-speed data networks. Chapter 3 Wizard...
User Guide
Page 71
... and virtual private networking over public networks, such as 0.0.0.0 if you do not configure a DNS server, you do not want to the right. ZyWALL 2 Plus User's Guide 71 First DNS Server Second DNS Server Enter the DNS server's IP address(es) in this field. Apply Click Apply to save your WAN IP ...address in the field(s) to configure DNS servers. If you must know the IP address of ...
... and virtual private networking over public networks, such as 0.0.0.0 if you do not configure a DNS server, you do not want to the right. ZyWALL 2 Plus User's Guide 71 First DNS Server Second DNS Server Enter the DNS server's IP address(es) in this field. Apply Click Apply to save your WAN IP ...address in the field(s) to configure DNS servers. If you must know the IP address of ...
User Guide
Page 73
For example, C:12 or N:My ISP. First DNS Server Second DNS Server Enter the DNS server's IP address(es) in order to you do not configure a DNS server, you can register your ISP did not assign you select Static. Leave the field as 0.0.0.0 if you by your changes and go to the ... Mask Type the subnet mask assigned to access it. My WAN IP Address Enter your xDSL modem. If you do not want to the right. ZyWALL 2 Plus User's Guide 73 This is optional and depends on the requirements of the PPTP server. The fields below are available only when you a fixed...
For example, C:12 or N:My ISP. First DNS Server Second DNS Server Enter the DNS server's IP address(es) in order to you do not configure a DNS server, you can register your ISP did not assign you select Static. Leave the field as 0.0.0.0 if you by your changes and go to the ... Mask Type the subnet mask assigned to access it. My WAN IP Address Enter your xDSL modem. If you do not want to the right. ZyWALL 2 Plus User's Guide 73 This is optional and depends on the requirements of the PPTP server. The fields below are available only when you a fixed...
User Guide
Page 96
...Use Fixed IP Address and enter the first fixed public IP address (1.2.3.4 in this example). 5 Click Apply. 96 ZyWALL 2 Plus User's Guide If your ZyWALL for Internet access using PPPoE in this example. Chapter 4 Tutorials 4.2.2 Configuring the WAN Connection with a Static Public ...down list box. 3 In the ISP Parameters for Internet connection. Encapsulation Public IP Addresses Gateway IP Address Subnet Mask User Name Password DNS Server PPPoE 1.2.3.4 1.2.3.5 1.2.3.6 1.2.3.7 1.2.3.89 255.255.255.0 exampleuser abcd1234 1.2.1.1 1.2.1.2 Follow the steps below to configure your ISP ...
...Use Fixed IP Address and enter the first fixed public IP address (1.2.3.4 in this example). 5 Click Apply. 96 ZyWALL 2 Plus User's Guide If your ZyWALL for Internet access using PPPoE in this example. Chapter 4 Tutorials 4.2.2 Configuring the WAN Connection with a Static Public ...down list box. 3 In the ISP Parameters for Internet connection. Encapsulation Public IP Addresses Gateway IP Address Subnet Mask User Name Password DNS Server PPPoE 1.2.3.4 1.2.3.5 1.2.3.6 1.2.3.7 1.2.3.89 255.255.255.0 exampleuser abcd1234 1.2.1.1 1.2.1.2 Follow the steps below to configure your ISP ...
User Guide
Page 97
Figure 43 Tutorial Example: WAN Screen Chapter 4 Tutorials 6 Click ADVANCED > DNS. 7 The System screen displays. Click the Insert button to configure the IP address of the DNS server the ZyWALL can query to resolve domain names. Figure 44 Tutorial Example: DNS > System 8 Select Public DNS Server and enter the first DNS server's IP address given by your ISP. ZyWALL 2 Plus User's Guide 97 Click Apply.
Figure 43 Tutorial Example: WAN Screen Chapter 4 Tutorials 6 Click ADVANCED > DNS. 7 The System screen displays. Click the Insert button to configure the IP address of the DNS server the ZyWALL can query to resolve domain names. Figure 44 Tutorial Example: DNS > System 8 Select Public DNS Server and enter the first DNS server's IP address given by your ISP. ZyWALL 2 Plus User's Guide 97 Click Apply.
User Guide
Page 98
" To resolve a domain name, theZyWALL checks it against the name server record entries in the order that they appear in this list. Figure 46 Tutorial Example: DNS > System Edit-2 10 The DNS > System screen should look as follows. Click Apply. Chapter 4 Tutorials Figure 45 Tutorial Example: DNS > System Edit-1 9 Enter the rule number (2) where you want to put the second record and click the Insert button to configure the second DNS server's IP address as shown. 98 ZyWALL 2 Plus User's Guide
" To resolve a domain name, theZyWALL checks it against the name server record entries in the order that they appear in this list. Figure 46 Tutorial Example: DNS > System Edit-2 10 The DNS > System screen should look as follows. Click Apply. Chapter 4 Tutorials Figure 45 Tutorial Example: DNS > System Edit-1 9 Enter the rule number (2) where you want to put the second record and click the Insert button to configure the second DNS server's IP address as shown. 98 ZyWALL 2 Plus User's Guide
User Guide
Page 99
Make sure the status is not down. ZyWALL 2 Plus User's Guide 99 Figure 47 Tutorial Example: DNS > System: Done Chapter 4 Tutorials 11 Go to the Home screen to them. Figure 48 Tutorial Example: Status 4.2.3 Public IP Address Mapping To have the local computers and servers use specific WAN IP addresses, you need to map static public IP addresses to check your WAN connection status.
Make sure the status is not down. ZyWALL 2 Plus User's Guide 99 Figure 47 Tutorial Example: DNS > System: Done Chapter 4 Tutorials 11 Go to the Home screen to them. Figure 48 Tutorial Example: Status 4.2.3 Public IP Address Mapping To have the local computers and servers use specific WAN IP addresses, you need to map static public IP addresses to check your WAN connection status.