User Guide
Page 10
... Wireless Setup ...653 Remote Node Setup ...659 IP Static Route Setup ...669 Network Address Translation (NAT 673 Introducing the ZyWALL Firewall 693 Filter Configuration ...695 SNMP Configuration ...711 System Information & Diagnosis 713 Firmware and Configuration File Maintenance 725 System Maintenance Menus 8 to 10 739 Remote Management ...745 IP Policy Routing ...749 Call...
... Wireless Setup ...653 Remote Node Setup ...659 IP Static Route Setup ...669 Network Address Translation (NAT 673 Introducing the ZyWALL Firewall 693 Filter Configuration ...695 SNMP Configuration ...711 System Information & Diagnosis 713 Firmware and Configuration File Maintenance 725 System Maintenance Menus 8 to 10 739 Remote Management ...745 IP Policy Routing ...749 Call...
User Guide
Page 26
...Log 717 48.4.2 Syslog Logging ...718 48.4.3 Call-Triggering Packet 721 48.5 Diagnostic ...722 48.5.1 WAN DHCP ...723 Chapter 49 Firmware and Configuration File Maintenance 725 49.1 Introduction ...725 49.2 Filename Conventions ...725 49.3 Backup Configuration ...726 49.3.1 Backup Configuration 726 ...Firmware Upload Using HyperTerminal 737 49.5.10 Uploading Configuration File Via Console Port 737 49.5.11 Example Xmodem Configuration Upload Using HyperTerminal 738 Chapter 50 System Maintenance Menus 8 to 10 739 50.1 Command Interpreter Mode 739 50.2 Call Control Support ...740 26 ZyWALL...
...Log 717 48.4.2 Syslog Logging ...718 48.4.3 Call-Triggering Packet 721 48.5 Diagnostic ...722 48.5.1 WAN DHCP ...723 Chapter 49 Firmware and Configuration File Maintenance 725 49.1 Introduction ...725 49.2 Filename Conventions ...725 49.3 Backup Configuration ...726 49.3.1 Backup Configuration 726 ...Firmware Upload Using HyperTerminal 737 49.5.10 Uploading Configuration File Via Console Port 737 49.5.11 Example Xmodem Configuration Upload Using HyperTerminal 738 Chapter 50 System Maintenance Menus 8 to 10 739 50.1 Command Interpreter Mode 739 50.2 Call Control Support ...740 26 ZyWALL...
User Guide
Page 36
... Figure 299 SSH Example 1: Store Host Key 503 Figure 300 SSH Example 2: Test ...503 Figure 301 SSH Example 2: Log in ...503 Figure 302 Secure FTP: Firmware Upload Example 504 Figure 303 HTTPS Implementation ...505 Figure 304 ADVANCED > REMOTE MGMT > WWW 506 Figure 305 SSH Communication Over the WAN Example 507 Figure... LOGS > View Log ...556 Figure 337 myZyXEL.com: Download Center 558 Figure 338 myZyXEL.com: Certificate Download 558 Figure 339 LOGS > Log Settings ...559 36 ZyWALL 5/35/70 Series User's Guide
... Figure 299 SSH Example 1: Store Host Key 503 Figure 300 SSH Example 2: Test ...503 Figure 301 SSH Example 2: Log in ...503 Figure 302 Secure FTP: Firmware Upload Example 504 Figure 303 HTTPS Implementation ...505 Figure 304 ADVANCED > REMOTE MGMT > WWW 506 Figure 305 SSH Communication Over the WAN Example 507 Figure... LOGS > View Log ...556 Figure 337 myZyXEL.com: Download Center 558 Figure 338 myZyXEL.com: Certificate Download 558 Figure 339 LOGS > Log Settings ...559 36 ZyWALL 5/35/70 Series User's Guide
User Guide
Page 37
...Router Mode 593 Figure 347 MAINTENANCE > Device Mode (Bridge Mode 594 Figure 348 MAINTENANCE > Firmware Upload 595 Figure 349 Firmware Upload In Process 596 Figure 350 Network Temporarily Disconnected 596 Figure 351 Firmware Upload Error ...596 Figure 352 MAINTENANCE > Backup and Restore 597 Figure 353 Configuration Upload Successful ... 374 Menu 11.3.3: Remote Node Script 627 Figure 375 Menu 11.3.4: Remote Node Filter 628 Figure 376 3G Modem Setup in WAN Setup (ZyWALL 5 629 Figure 377 Menu 11.2: Remote Node Profile (3G WAN 630 Figure 378 Menu 3: LAN Setup ...633 Figure 379 Menu 3.1: ...
...Router Mode 593 Figure 347 MAINTENANCE > Device Mode (Bridge Mode 594 Figure 348 MAINTENANCE > Firmware Upload 595 Figure 349 Firmware Upload In Process 596 Figure 350 Network Temporarily Disconnected 596 Figure 351 Firmware Upload Error ...596 Figure 352 MAINTENANCE > Backup and Restore 597 Figure 353 Configuration Upload Successful ... 374 Menu 11.3.3: Remote Node Script 627 Figure 375 Menu 11.3.4: Remote Node Filter 628 Figure 376 3G Modem Setup in WAN Setup (ZyWALL 5 629 Figure 377 Menu 11.2: Remote Node Profile (3G WAN 630 Figure 378 Menu 3: LAN Setup ...633 Figure 379 Menu 3.1: ...
User Guide
Page 40
...803 Figure 510 Windows 98 SE: Startup: Select a Title for the Program 804 Figure 511 Windows 98 SE: Startup: Shortcut 804 40 ZyWALL 5/35/70 Series User's Guide List of Figures Figure 469 Restore Using FTP Session Example 732 Figure 470 System Maintenance: Restore Configuration 732 Figure... 732 Figure 472 Restore Configuration Example 732 Figure 473 Successful Restoration Confirmation Screen 733 Figure 474 Telnet Into Menu 24.7.1: Upload System Firmware 734 Figure 475 Telnet Into Menu 24.7.2: System Maintenance 734 Figure 476 FTP Session Example of IP Policy Routing 754 Figure 492 ...
...803 Figure 510 Windows 98 SE: Startup: Select a Title for the Program 804 Figure 511 Windows 98 SE: Startup: Shortcut 804 40 ZyWALL 5/35/70 Series User's Guide List of Figures Figure 469 Restore Using FTP Session Example 732 Figure 470 System Maintenance: Restore Configuration 732 Figure... 732 Figure 472 Restore Configuration Example 732 Figure 473 Successful Restoration Confirmation Screen 733 Figure 474 Telnet Into Menu 24.7.1: Upload System Firmware 734 Figure 475 Telnet Into Menu 24.7.2: System Maintenance 734 Figure 476 FTP Session Example of IP Policy Routing 754 Figure 492 ...
User Guide
Page 45
...-address-to-port Mapping Table 591 Table 202 MAINTENANCE > Device Mode (Router Mode 593 Table 203 MAINTENANCE > Device Mode (Bridge Mode 594 Table 204 MAINTENANCE > Firmware Upload 595 Table 205 Restore Configuration ...597 Table 206 MAINTENANCE > Diagnostics 600 Table 207 Main Menu Commands ...606 Table 208 Main Menu Summary ...608 Table...
...-address-to-port Mapping Table 591 Table 202 MAINTENANCE > Device Mode (Router Mode 593 Table 203 MAINTENANCE > Device Mode (Bridge Mode 594 Table 204 MAINTENANCE > Firmware Upload 595 Table 205 Restore Configuration ...597 Table 206 MAINTENANCE > Diagnostics 600 Table 207 Main Menu Commands ...606 Table 208 Main Menu Summary ...608 Table...
User Guide
Page 47
List of EAP Authentication Types 795 Table 287 Wireless Security Relational Matrix 798 ZyWALL 5/35/70 Series User's Guide 47 Remote Management Control 746 Table 263 Menu 25: Sample IP Routing Policy Summary 749 Table 264 IP Routing Policy ... 25.1.1: IP Routing Policy Setup 753 Table 267 Schedule Set Setup ...758 Table 268 Hardware Specifications ...769 Table 269 Firmware Specifications ...770 Table 270 Feature and Performance Specifications 771 Table 271 Compatible ZyXEL WLAN Cards and Security Features 772 Table 272 3G Features Supported By Compatible 3G Cards 773 Table 273 3G...
List of EAP Authentication Types 795 Table 287 Wireless Security Relational Matrix 798 ZyWALL 5/35/70 Series User's Guide 47 Remote Management Control 746 Table 263 Menu 25: Sample IP Routing Policy Summary 749 Table 264 IP Routing Policy ... 25.1.1: IP Routing Policy Setup 753 Table 267 Schedule Set Setup ...758 Table 268 Hardware Specifications ...769 Table 269 Firmware Specifications ...770 Table 270 Feature and Performance Specifications 771 Table 271 Compatible ZyXEL WLAN Cards and Security Features 772 Table 272 3G Features Supported By Compatible 3G Cards 773 Table 273 3G...
User Guide
Page 54
...). If you backed up the configuration (and make the ZyWALL more secure and to manage the ZyWALL more information about the CLI. • SMT. Chapter 1 Getting to Know Your ZyWALL 1.4 Ways to Manage the ZyWALL Use any of the following things regularly to make sure... web browser. • Command Line Interface. Line commands are mostly used for firmware upgrades and configuration backup/restore. • SNMP. This is a text-based configuration menu that consists of different types of the ZyWALL using a Vantage CNM server. 1.5 Good Habits for more effectively. • Change...
...). If you backed up the configuration (and make the ZyWALL more secure and to manage the ZyWALL more information about the CLI. • SMT. Chapter 1 Getting to Know Your ZyWALL 1.4 Ways to Manage the ZyWALL Use any of the following things regularly to make sure... web browser. • Command Line Interface. Line commands are mostly used for firmware upgrades and configuration backup/restore. • SNMP. This is a text-based configuration menu that consists of different types of the ZyWALL using a Vantage CNM server. 1.5 Good Habits for more effectively. • Change...
User Guide
Page 63
...file from the ZyXEL FTP site, unzip it and save it . This means that you will lose all configurations that the defaults have been restored and the ZyWALL restarts. Otherwise, go into debug mode. 4 Enter "atlc" after about 20 seconds. Then click Send. 6 After successful firmware upload, enter... "atgo" to restart the router. When you begin a terminal emulation software session and turn the ZyWALL on the ZyWALL again. ZyWALL 5/35/70 Series User's Guide 63 If the SYS LED begins to blink, ...
...file from the ZyXEL FTP site, unzip it and save it . This means that you will lose all configurations that the defaults have been restored and the ZyWALL restarts. Otherwise, go into debug mode. 4 Enter "atlc" after about 20 seconds. Then click Send. 6 After successful firmware upload, enter... "atgo" to restart the router. When you begin a terminal emulation software session and turn the ZyWALL on the ZyWALL again. ZyWALL 5/35/70 Series User's Guide 63 If the SYS LED begins to blink, ...
User Guide
Page 66
... version and the date created. Click the field label to go to the screen where you can upload a new firmware file. Device Mode This displays whether the ZyWALL is functioning as a router or a bridge. System Resources Flash The first number shows how many megabytes of the .../70 Series User's Guide CPU This field displays what percent of the ZyWALL's processing ability is currently used by ZyNOS (ZyXEL Network Operating System) and is ZyXEL's proprietary Network Operating System design. Hold your ZyWALL's present date (in yyyy-mm-dd format) and time (in use it last ...
... version and the date created. Click the field label to go to the screen where you can upload a new firmware file. Device Mode This displays whether the ZyWALL is functioning as a router or a bridge. System Resources Flash The first number shows how many megabytes of the .../70 Series User's Guide CPU This field displays what percent of the ZyWALL's processing ability is currently used by ZyNOS (ZyXEL Network Operating System) and is ZyXEL's proprietary Network Operating System design. Hold your ZyWALL's present date (in yyyy-mm-dd format) and time (in use it last ...
User Guide
Page 69
... code (four to eight digits) from 0 but use the account to identify a mobile device. New PIN Code Configure a PIN code for confirmation. ZyWALL 5/35/70 Series User's Guide 69 IMSI is a unique 15-digit number used to access the Internet. Enter the PIN code (four to enable...screen. IMEI is entered 10 times, the SIM card will be disabled permanently. You then need to save your 3G card. 3G Card Firmware This displays the version of the 3G wireless card. Revision 3G Card IMEI This displays the International Mobile Equipment Number (IMEI) which you specified...
... code (four to eight digits) from 0 but use the account to identify a mobile device. New PIN Code Configure a PIN code for confirmation. ZyWALL 5/35/70 Series User's Guide 69 IMSI is a unique 15-digit number used to access the Internet. Enter the PIN code (four to enable...screen. IMEI is entered 10 times, the SIM card will be disabled permanently. You then need to save your 3G card. 3G Card Firmware This displays the version of the 3G wireless card. Revision 3G Card IMEI This displays the International Mobile Equipment Number (IMEI) which you specified...
User Guide
Page 72
...DESCRIPTION Bootbase Version This is using. Firewall This displays whether or not the ZyWALL's firewall is in the network is ZyXEL's proprietary Network Operating System design. The bar displays what percentage of the heap memory the ZyWALL is the bootbase version and the date created. When this percentage is close ...screen where you turn off . Click the field label to go to the screen where you can upload a new firmware file. ZyNOS is the root bridge (the base of your ZyWALL's present date (in yyyy-mm-dd format) and time (in hh:mm:ss format) along with the lowest...
...DESCRIPTION Bootbase Version This is using. Firewall This displays whether or not the ZyWALL's firewall is in the network is ZyXEL's proprietary Network Operating System design. The bar displays what percentage of the heap memory the ZyWALL is the bootbase version and the date created. When this percentage is close ...screen where you turn off . Click the field label to go to the screen where you can upload a new firmware file. ZyNOS is the root bridge (the base of your ZyWALL's present date (in yyyy-mm-dd format) and time (in hh:mm:ss format) along with the lowest...
User Guide
Page 80
...to display the chart of throughput statistics. Port These are available on all models. F/W Upload Use this screen to upload firmware to your ZyWALL Backup & Restore Use this label to your password. Read-only information here includes port status and packet specific statistics. ...Table 8 HOME > Port Statistics LABEL DESCRIPTION Click the icon to reboot the ZyWALL without turning the power off. Chapter 3 Introducing the Web Configurator Table 7 Screens Summary (continued) LINK TAB FUNCTION MAINTENANCE General ...
...to display the chart of throughput statistics. Port These are available on all models. F/W Upload Use this screen to upload firmware to your ZyWALL Backup & Restore Use this label to your password. Read-only information here includes port status and packet specific statistics. ...Table 8 HOME > Port Statistics LABEL DESCRIPTION Click the icon to reboot the ZyWALL without turning the power off. Chapter 3 Introducing the Web Configurator Table 7 Screens Summary (continued) LINK TAB FUNCTION MAINTENANCE General ...
User Guide
Page 289
An ADP system protects against anomalies based on violations of protocol standards (RFCs - Click SECURITY > IDP > Anomaly to display the following screen. ZyWALL 5/35/70 Series User's Guide 289 Chapter 14 Intrusion Detection and Prevention (IDP) Screens Figure 171 Signature Query by Attribute. 14.4 The Anomaly Screen This ..., UDP Decoder and ICMP Decoder. Requests for Comments) and abnormal flows such as port scans. Protocol anomaly rules may be updated when you upload new firmware.
An ADP system protects against anomalies based on violations of protocol standards (RFCs - Click SECURITY > IDP > Anomaly to display the following screen. ZyWALL 5/35/70 Series User's Guide 289 Chapter 14 Intrusion Detection and Prevention (IDP) Screens Figure 171 Signature Query by Attribute. 14.4 The Anomaly Screen This ..., UDP Decoder and ICMP Decoder. Requests for Comments) and abnormal flows such as port scans. Protocol anomaly rules may be updated when you upload new firmware.
User Guide
Page 504
[email protected]'s password: sftp> put " command to upload a new firmware to the ZyWALL for secure file transfer using SSH version 1. The SSL protocol specifies that encrypts and decrypts web pages. Figure 302 Secure FTP: Firmware Upload Example $ sftp -1 192.168.1.1 Connecting to continue connecting (yes/no... the web configurator. Type "yes" and press [ENTER]. 2 Enter the password to login to the ZyWALL. 3 Use the "put firmware.bin ras Uploading firmware.bin to /ras Read from remote host 192.168.1.1: Connection reset by ensuring confidentiality (an unauthorized party cannot...
[email protected]'s password: sftp> put " command to upload a new firmware to the ZyWALL for secure file transfer using SSH version 1. The SSL protocol specifies that encrypts and decrypts web pages. Figure 302 Secure FTP: Firmware Upload Example $ sftp -1 192.168.1.1 Connecting to continue connecting (yes/no... the web configurator. Type "yes" and press [ENTER]. 2 Enter the password to login to the ZyWALL. 3 Use the "put firmware.bin ras Uploading firmware.bin to /ras Read from remote host 192.168.1.1: Connection reset by ensuring confidentiality (an unauthorized party cannot...
User Guide
Page 509
...Management Screens " It is recommended that is a "trusted" computer that you disable Telnet and FTP when you specify to access the ZyWALL using this service. Secure Client IP Address A secure client is allowed to communicate with the IP address that service for details. Apply ... All to allow FTP access and from which interfaces allow any computer to upload and download the ZyWALL's firmware and configuration files, please see Chapter 49 on page 725 on firmware and configuration file maintenance for remote management. Table 151 ADVANCED > REMOTE MGMT > Telnet LABEL DESCRIPTION...
...Management Screens " It is recommended that is a "trusted" computer that you disable Telnet and FTP when you specify to access the ZyWALL using this service. Secure Client IP Address A secure client is allowed to communicate with the IP address that service for details. Apply ... All to allow FTP access and from which interfaces allow any computer to upload and download the ZyWALL's firmware and configuration files, please see Chapter 49 on page 725 on firmware and configuration file maintenance for remote management. Table 151 ADVANCED > REMOTE MGMT > Telnet LABEL DESCRIPTION...
User Guide
Page 557
... packet meant to download the certificate from IP address 172.21.4.187 port 137. If the ZyWALL does not have a CA certificate signed by VeriSign to ZyNOS V4.00 firmware without uploading the V4.00 default configuration file, you can download a CA certificate signed by ...VeriSign. destination The NetBIOS packet was generated on the network. If you upgraded to identify themselves. ZyWALL 5/35/70 Series User's Guide 557 ...
... packet meant to download the certificate from IP address 172.21.4.187 port 137. If the ZyWALL does not have a CA certificate signed by VeriSign to ZyNOS V4.00 firmware without uploading the V4.00 default configuration file, you can download a CA certificate signed by ...VeriSign. destination The NetBIOS packet was generated on the network. If you upgraded to identify themselves. ZyWALL 5/35/70 Series User's Guide 557 ...
User Guide
Page 579
...The device is not installed. The turbo card is updating the signature file. The format of %s is already using the latest available firmware. DESCRIPTION The buffer for holding IDP information such as the signature file version was unsuccessful due to the server being busy or the... error. No data! The device does not have a signature file loaded. Table 194 AV Logs LOG MESSAGE HTTP Virus infected - %s! ZyWALL 5/35/70 Series User's Guide 579 Table 192 ICMP Notes (continued) TYPE CODE DESCRIPTION 16 Information Reply 0 Information reply message Chapter 32...
...The device is not installed. The turbo card is updating the signature file. The format of %s is already using the latest available firmware. DESCRIPTION The buffer for holding IDP information such as the signature file version was unsuccessful due to the server being busy or the... error. No data! The device does not have a signature file loaded. Table 194 AV Logs LOG MESSAGE HTTP Virus infected - %s! ZyWALL 5/35/70 Series User's Guide 579 Table 192 ICMP Notes (continued) TYPE CODE DESCRIPTION 16 Information Reply 0 Information reply message Chapter 32...
User Guide
Page 580
... concurrently scanned. Failed in a POP3 connection. The device failed to the server being busy or the device is already using the latest available firmware. file successfully. The turbo card is updating signature files. signature update now , please wait! The session is over maximun ZIP sessions -... %s! %PACKET_DIRECTION% The number of the zip file which has exceeded the limit. 580 ZyWALL 5/35/70 Series User's Guide For example, ID:30001,CIH.Win95,/game.exe. Can not find the signature , please update the signature!...
... concurrently scanned. Failed in a POP3 connection. The device failed to the server being busy or the device is already using the latest available firmware. file successfully. The turbo card is updating signature files. signature update now , please wait! The session is over maximun ZIP sessions -... %s! %PACKET_DIRECTION% The number of the zip file which has exceeded the limit. 580 ZyWALL 5/35/70 Series User's Guide For example, ID:30001,CIH.Win95,/game.exe. Can not find the signature , please update the signature!...
User Guide
Page 585
Note the entry for identification purposes. However, because some ISPs check this name you view system information, upload new firmware, manage configuration and restart your ZyWALL. 33.1.1 What You Can Do in the Maintenance Screens • Use the General Setup screen (Section 33.2 on page 585...bridge. • Use the F/W Upload screen (Section 33.8 on page 595) to upgrade the ZyWALL's firmware. • Use the Backup and Restore screen (Section 33.9 on page 597) to backup and restore the ZyWALL configuration file and to reset the device to factory settings. • Use the Restart screen (...
Note the entry for identification purposes. However, because some ISPs check this name you view system information, upload new firmware, manage configuration and restart your ZyWALL. 33.1.1 What You Can Do in the Maintenance Screens • Use the General Setup screen (Section 33.2 on page 585...bridge. • Use the F/W Upload screen (Section 33.8 on page 595) to upgrade the ZyWALL's firmware. • Use the Backup and Restore screen (Section 33.9 on page 597) to backup and restore the ZyWALL configuration file and to reset the device to factory settings. • Use the Restart screen (...