User Guide
Page 1
ZyWALL 5/35/70 Series Internet Security Appliance User's Guide Version 4.04 03/2008 Edition 1 DEFAULT LOGIN IP Address http://192.168.1.1 Password 1234 www.zyxel.com
ZyWALL 5/35/70 Series Internet Security Appliance User's Guide Version 4.04 03/2008 Edition 1 DEFAULT LOGIN IP Address http://192.168.1.1 Password 1234 www.zyxel.com
User Guide
Page 3
...screens and supplementary information. • CLI Reference Guide The CLI Reference Guide explains how to use e-mail instead. E-mail: techwriters@zyxel.com.tw ZyWALL 5/35/70 Series User's Guide 3 Related Documentation • Quick Start Guide The Quick Start Guide is intended for people who want... address, or use the Command-Line Interface (CLI) to configure the ZyWALL. • Supporting Disk Refer to the included CD for support documents. • ZyXEL Web Site Please refer to www.zyxel.com for additional support documentation and product certifications. It contains information on...
...screens and supplementary information. • CLI Reference Guide The CLI Reference Guide explains how to use e-mail instead. E-mail: techwriters@zyxel.com.tw ZyWALL 5/35/70 Series User's Guide 3 Related Documentation • Quick Start Guide The Quick Start Guide is intended for people who want... address, or use the Command-Line Interface (CLI) to configure the ZyWALL. • Supporting Disk Refer to the included CD for support documents. • ZyXEL Web Site Please refer to www.zyxel.com for additional support documentation and product certifications. It contains information on...
User Guide
Page 47
List of EAP Authentication Types 795 Table 287 Wireless Security Relational Matrix 798 ZyWALL 5/35/70 Series User's Guide 47 Remote Management Control 746 Table 263 Menu 25: Sample IP Routing Policy Summary 749 Table 264 IP Routing Policy ... 267 Schedule Set Setup ...758 Table 268 Hardware Specifications ...769 Table 269 Firmware Specifications ...770 Table 270 Feature and Performance Specifications 771 Table 271 Compatible ZyXEL WLAN Cards and Security Features 772 Table 272 3G Features Supported By Compatible 3G Cards 773 Table 273 3G Features Supported By Additional Compatible 3G...
List of EAP Authentication Types 795 Table 287 Wireless Security Relational Matrix 798 ZyWALL 5/35/70 Series User's Guide 47 Remote Management Control 746 Table 263 Menu 25: Sample IP Routing Policy Summary 749 Table 264 IP Routing Policy ... 267 Schedule Set Setup ...758 Table 268 Hardware Specifications ...769 Table 269 Firmware Specifications ...770 Table 270 Feature and Performance Specifications 771 Table 271 Compatible ZyXEL WLAN Cards and Security Features 772 Table 272 3G Features Supported By Compatible 3G Cards 773 Table 273 3G Features Supported By Additional Compatible 3G...
User Guide
Page 58
" Only certain ZyXEL wireless LAN cards or 3G card are compatible with the ZyWALL turned on. Do not force, bend or twist the wireless LAN card, 3G card or ZyWALL Turbo Card. Figure 7 WLAN Card Installation 58 ZyWALL 5/35/70 Series User's Guide Slide the connector end of the card into... as shown next. Chapter 2 Hardware Installation 2.5 3G Card, WLAN Card and ZyWALL Turbo Card Installation " Do not insert or remove a card with the ZyWALL. Only the ZyWALL 5 can use a 3G card. Make sure the ZyWALL is off before inserting or removing an 802.11b/g-compliant wireless LAN PCMCIA or ...
" Only certain ZyXEL wireless LAN cards or 3G card are compatible with the ZyWALL turned on. Do not force, bend or twist the wireless LAN card, 3G card or ZyWALL Turbo Card. Figure 7 WLAN Card Installation 58 ZyWALL 5/35/70 Series User's Guide Slide the connector end of the card into... as shown next. Chapter 2 Hardware Installation 2.5 3G Card, WLAN Card and ZyWALL Turbo Card Installation " Do not insert or remove a card with the ZyWALL. Only the ZyWALL 5 can use a 3G card. Make sure the ZyWALL is off before inserting or removing an 802.11b/g-compliant wireless LAN PCMCIA or ...
User Guide
Page 63
... 13 Example Xmodem Upload Type the configuration file's location, or click Browse to search for the ZyWALL to finish restarting. 3.3.2 Uploading a Configuration File Via Console Port 1 Download the default configuration file from the ZyXEL FTP site, unzip it and save it in a folder. 2 Turn off . 3 While ...pressing the RESET button, turn on the back of the ZyWALL. Then click Send. 6 After successful firmware upload, enter "atgo" to ...
... 13 Example Xmodem Upload Type the configuration file's location, or click Browse to search for the ZyWALL to finish restarting. 3.3.2 Uploading a Configuration File Via Console Port 1 Download the default configuration file from the ZyXEL FTP site, unzip it and save it in a folder. 2 Turn off . 3 While ...pressing the RESET button, turn on the back of the ZyWALL. Then click Send. 6 After successful firmware upload, enter "atgo" to ...
User Guide
Page 66
... number shows how many sessions are currently traversing the ZyWALL, terminating at one time. Interfaces This is ZyXEL's proprietary Network Operating System design. Hold your ZyWALL. System Resources Flash The first number shows how many megabytes of the ZyWALL's processing ability is currently used by ZyNOS (ZyXEL Network Operating System) and is thus available for...
... number shows how many sessions are currently traversing the ZyWALL, terminating at one time. Interfaces This is ZyXEL's proprietary Network Operating System design. Hold your ZyWALL. System Resources Flash The first number shows how many megabytes of the ZyWALL's processing ability is currently used by ZyNOS (ZyXEL Network Operating System) and is thus available for...
User Guide
Page 72
.... Rapid Spanning This shows whether RSTP (Rapid Spanning Tree Protocol) is thus available for Daylight Saving Time if you can configure the ZyWALL as a router or a bridge. The Tree Protocol following labels or values relative to improve anymore. System Resources Flash The first number... Firewall This displays whether or not the ZyWALL's firewall is the bridge priority of the spanning tree). 72 ZyWALL 5/35/70 Series User's Guide The bar displays what percentage of the ZyWALL's heap memory is currently used by ZyNOS (ZyXEL Network Operating System) and is active or ...
.... Rapid Spanning This shows whether RSTP (Rapid Spanning Tree Protocol) is thus available for Daylight Saving Time if you can configure the ZyWALL as a router or a bridge. The Tree Protocol following labels or values relative to improve anymore. System Resources Flash The first number... Firewall This displays whether or not the ZyWALL's firewall is the bridge priority of the spanning tree). 72 ZyWALL 5/35/70 Series User's Guide The bar displays what percentage of the ZyWALL's heap memory is currently used by ZyNOS (ZyXEL Network Operating System) and is active or ...
User Guide
Page 141
...What You Need to Know About Registration myZyXEL.com myZyXEL.com is ZyXEL's online services center where you can use content filtering, anti-spam, anti-virus and IDP (Intrusion Detection and Prevention) subscription services. ZyWALL 5/35/70 Series User's Guide 141 CHAPTER 6 Registration Screens ... The registration screens let you activate and update your account with myZyXEL.com, allowing you access to subscription services required for the ZyWALL's security features. 6.1.1 What You Can Do in the Registration Screens • Use the Registration screen (Section 6.2 on page 142...
...What You Need to Know About Registration myZyXEL.com myZyXEL.com is ZyXEL's online services center where you can use content filtering, anti-spam, anti-virus and IDP (Intrusion Detection and Prevention) subscription services. ZyWALL 5/35/70 Series User's Guide 141 CHAPTER 6 Registration Screens ... The registration screens let you activate and update your account with myZyXEL.com, allowing you access to subscription services required for the ZyWALL's security features. 6.1.1 What You Can Do in the Registration Screens • Use the Registration screen (Section 6.2 on page 142...
User Guide
Page 142
... Series User's Guide Use this screen you activate the IDP/Anti-virus service. Instead of new signature releases from the update server (http://myupdate.zywall.zyxel.com). The ZyWALL compares files with myZyXEL.com and activate a service, such as shown next. Signature Updates After the service is the pattern of signatures to register...
... Series User's Guide Use this screen you activate the IDP/Anti-virus service. Instead of new signature releases from the update server (http://myupdate.zywall.zyxel.com). The ZyWALL compares files with myZyXEL.com and activate a service, such as shown next. Signature Updates After the service is the pattern of signatures to register...
User Guide
Page 183
...please refer to find the correct port number. Contact your particular situation, do not create an arbitrary IP address; The ZyWALL can manually enter the IP addresses of www.zyxel.com is 204.217.0.2. Once it is successfully configured, the address will not change unless you change the setting or ...(see Section on page 480). The DNS server is still online, please create a WAN-to verify that send UDP heartbeat packets to -WAN/ZyWALL firewall rule for Ethernet encapsulation. The MAC address is for those packets. It will be copied to its corresponding IP address and vice versa, ...
...please refer to find the correct port number. Contact your particular situation, do not create an arbitrary IP address; The ZyWALL can manually enter the IP addresses of www.zyxel.com is 204.217.0.2. Once it is successfully configured, the address will not change unless you change the setting or ...(see Section on page 480). The DNS server is still online, please create a WAN-to verify that send UDP heartbeat packets to -WAN/ZyWALL firewall rule for Ethernet encapsulation. The MAC address is for those packets. It will be copied to its corresponding IP address and vice versa, ...
User Guide
Page 220
... WLAN to open the WLAN screen to configure the IP address for more information on WLANs. 11.2 The WLAN Screen Do one of compatible ZyXEL WLAN cards (and the WLAN security features each card supports) and how to install a WLAN card. See Section 9.4 on DHCP. Like the LAN,... via DHCP to computers connected to install a WLAN card. • See the WLAN appendix for more detailed information on IP alias. " Turn the ZyWALL off before you need to configure a 3G connection (a 3G connection is for Internet access instead of providing a local wireless LAN). See the product specifications...
... WLAN to open the WLAN screen to configure the IP address for more information on WLANs. 11.2 The WLAN Screen Do one of compatible ZyXEL WLAN cards (and the WLAN security features each card supports) and how to install a WLAN card. See Section 9.4 on DHCP. Like the LAN,... via DHCP to computers connected to install a WLAN card. • See the WLAN appendix for more detailed information on IP alias. " Turn the ZyWALL off before you need to configure a 3G connection (a 3G connection is for Internet access instead of providing a local wireless LAN). See the product specifications...
User Guide
Page 232
... will lose your computer to confirm. " Turn the ZyWALL off before you cannot use the anti-virus and IDP features. You must then change the ZyWALL's ESSID or security settings, you change the wireless settings of compatible ZyXEL WLAN cards (and the WLAN security features each card ...supports) and how to your ZyWALL. The screen varies according to open the Wireless Card screen....
... will lose your computer to confirm. " Turn the ZyWALL off before you cannot use the anti-virus and IDP features. You must then change the ZyWALL's ESSID or security settings, you change the wireless settings of compatible ZyXEL WLAN cards (and the WLAN security features each card ...supports) and how to your ZyWALL. The screen varies according to open the Wireless Card screen....
User Guide
Page 233
Wireless Card This field displays whether or not a compatible ZyXEL wireless LAN card is associated. ESSID (Extended Service Set ... > Wi-Fi > Wireless Card: No Security LABEL DESCRIPTION Enable Wireless Card The wireless LAN through scanning. The ZyWALL restarts after you to set the wireless card to use the wireless card as part of the LAN. Select this...messages. This is the maximum data fragment size that are associated with which a wireless station is installed. ZyWALL 5/35/70 Series User's Guide 233 Select DMZ to hide the ESSID in this to use the wireless ...
Wireless Card This field displays whether or not a compatible ZyXEL wireless LAN card is associated. ESSID (Extended Service Set ... > Wi-Fi > Wireless Card: No Security LABEL DESCRIPTION Enable Wireless Card The wireless LAN through scanning. The ZyWALL restarts after you to set the wireless card to use the wireless card as part of the LAN. Select this...messages. This is the maximum data fragment size that are associated with which a wireless station is installed. ZyWALL 5/35/70 Series User's Guide 233 Select DMZ to hide the ESSID in this to use the wireless ...
User Guide
Page 234
... cards and the WLAN security features each card supports. Select Static WEP from the Security list. 234 ZyWALL 5/35/70 Series User's Guide Note: The installed ZyXEL WLAN card may not support all of the WLAN security features you need and see the product specifications chapter for more information. Chapter 12 Wireless...
... cards and the WLAN security features each card supports. Select Static WEP from the Security list. 234 ZyWALL 5/35/70 Series User's Guide Note: The installed ZyXEL WLAN card may not support all of the WLAN security features you need and see the product specifications chapter for more information. Chapter 12 Wireless...
User Guide
Page 291
... TCP RST packets. Click the intrusion ID hyperlink to go directly to save your ZyWALL on that provides all security-related information such as intrusion and anti-virus information for ZyXEL security products. Reset Sender: When the firewall is enabled, the TCP/IP connection is...should do when a packet matches a rule. Just the receiver is silently discarded. Apply Click this screen afresh. 14.5 The Update Screen The ZyWALL comes with built-in your web browser. Chapter 14 Intrusion Detection and Prevention (IDP) Screens Table 83 SECURITY > IDP > Anomaly (continued) LABEL...
... TCP RST packets. Click the intrusion ID hyperlink to go directly to save your ZyWALL on that provides all security-related information such as intrusion and anti-virus information for ZyXEL security products. Reset Sender: When the firewall is enabled, the TCP/IP connection is...should do when a packet matches a rule. Just the receiver is silently discarded. Apply Click this screen afresh. 14.5 The Update Screen The ZyWALL comes with built-in your web browser. Chapter 14 Intrusion Detection and Prevention (IDP) Screens Table 83 SECURITY > IDP > Anomaly (continued) LABEL...
User Guide
Page 292
...Information Current Pattern Version This field displays the signatures version number currently used by the ZyXEL Security Response Team (ZSRT) who maintain and update them. Go to https://mysecurity.zyxel.com/mysecurity/ to see the anti-virus chapter) are also downloaded. Changes made ... Update The following table describes the labels in the other. Click SECURITY > IDP > Update. You can also subscribe to reboot the ZyWALL when you upload new signatures. Chapter 14 Intrusion Detection and Prevention (IDP) Screens 14.5.2 Configuring The IDP Update Screen When scheduling signature ...
...Information Current Pattern Version This field displays the signatures version number currently used by the ZyXEL Security Response Team (ZSRT) who maintain and update them. Go to https://mysecurity.zyxel.com/mysecurity/ to see the anti-virus chapter) are also downloaded. Changes made ... Update The following table describes the labels in the other. Click SECURITY > IDP > Update. You can also subscribe to reboot the ZyWALL when you upload new signatures. Chapter 14 Intrusion Detection and Prevention (IDP) Screens 14.5.2 Configuring The IDP Update Screen When scheduling signature ...
User Guide
Page 306
...). Chapter 15 Anti-Virus Screens Figure 179 Query Example Search Results 15.4 The Update Screen The ZyWALL comes with built-in signatures created by the ZyXEL Security Response Team (ZSRT). " You should have already registered the ZyWALL at myZyXEL.com (http:// www.myzyxel.com/myzyxel/) and also have to immediately download or schedule...
...). Chapter 15 Anti-Virus Screens Figure 179 Query Example Search Results 15.4 The Update Screen The ZyWALL comes with built-in signatures created by the ZyXEL Security Response Team (ZSRT). " You should have already registered the ZyWALL at myZyXEL.com (http:// www.myzyxel.com/myzyxel/) and also have to immediately download or schedule...
User Guide
Page 307
...Auto-Update schedule. Figure 180 SECURITY > ANTI-VIRUS > Update ZyWALL 5/35/70 Series User's Guide 307 Chapter 15 Anti-Virus Screens 15.4.1 mySecurityZone mySecurityZone is least busy so as intrusion and anti-virus information for ZyXEL security products. IDP signatures (see the chapters on myZyXEL.com....com username and password to log into mySecurityZone. 15.4.2 Configuring Anti-virus Update When scheduling signature updates, you should have to your ZyWALL on IDP) are also downloaded. You should choose a day and time when your network is a web portal that provides all security...
...Auto-Update schedule. Figure 180 SECURITY > ANTI-VIRUS > Update ZyWALL 5/35/70 Series User's Guide 307 Chapter 15 Anti-Virus Screens 15.4.1 mySecurityZone mySecurityZone is least busy so as intrusion and anti-virus information for ZyXEL security products. IDP signatures (see the chapters on myZyXEL.com....com username and password to log into mySecurityZone. 15.4.2 Configuring Anti-virus Update When scheduling signature updates, you should have to your ZyWALL on IDP) are also downloaded. You should choose a day and time when your network is a web portal that provides all security...
User Guide
Page 308
... ZyWALL then automatically downloads signatures from the Update Server regularly at the time and/or day you select from the list box. Go to https://mysecurity.zyxel.com/mysecurity/ to see what the latest version number is selected. Current Anti-Virus This field displays the number of ...server for new signatures at the hour you specify. It displays Trial Active and an expiration date when you downloaded new signatures to the ZyWALL. The ZyWALL uses a 24-hour clock. Auto Update Select the check box to configure a schedule for new signatures every hour. Last Update This...
... ZyWALL then automatically downloads signatures from the Update Server regularly at the time and/or day you select from the list box. Go to https://mysecurity.zyxel.com/mysecurity/ to see what the latest version number is selected. Current Anti-Virus This field displays the number of ...server for new signatures at the hour you specify. It displays Trial Active and an expiration date when you downloaded new signatures to the ZyWALL. The ZyWALL uses a 24-hour clock. Auto Update Select the check box to configure a schedule for new signatures every hour. Last Update This...
User Guide
Page 345
... them to block websites with the URL www.zyxel.com/news/pressroom.php, content filtering only searches for keywords within www.zyxel.com. All subdomains are blocked. For example, entering "zyxel.com" also allows "www.zyxel.com", "partner.zyxel.com", "press.zyxel.com", etc. Trusted Web Sites This list ...Sites This list displays the forbidden web sites already added. Reset Click Reset to delete it from that list. This means that the ZyWALL checks the characters that you have finished adding the host name in the URL). Delete Select a web site name from the Trusted...
... them to block websites with the URL www.zyxel.com/news/pressroom.php, content filtering only searches for keywords within www.zyxel.com. All subdomains are blocked. For example, entering "zyxel.com" also allows "www.zyxel.com", "partner.zyxel.com", "press.zyxel.com", etc. Trusted Web Sites This list ...Sites This list displays the forbidden web sites already added. Reset Click Reset to delete it from that list. This means that the ZyWALL checks the characters that you have finished adding the host name in the URL). Delete Select a web site name from the Trusted...