User Guide
Page 10
... Wireless Setup ...653 Remote Node Setup ...659 IP Static Route Setup ...669 Network Address Translation (NAT 673 Introducing the ZyWALL Firewall 693 Filter Configuration ...695 SNMP Configuration ...711 System Information & Diagnosis 713 Firmware and Configuration File Maintenance 725 System Maintenance Menus 8 to 10 739 Remote Management ...745 IP Policy Routing ...749 Call...
... Wireless Setup ...653 Remote Node Setup ...659 IP Static Route Setup ...669 Network Address Translation (NAT 673 Introducing the ZyWALL Firewall 693 Filter Configuration ...695 SNMP Configuration ...711 System Information & Diagnosis 713 Firmware and Configuration File Maintenance 725 System Maintenance Menus 8 to 10 739 Remote Management ...745 IP Policy Routing ...749 Call...
User Guide
Page 26
...Log 717 48.4.2 Syslog Logging ...718 48.4.3 Call-Triggering Packet 721 48.5 Diagnostic ...722 48.5.1 WAN DHCP ...723 Chapter 49 Firmware and Configuration File Maintenance 725 49.1 Introduction ...725 49.2 Filename Conventions ...725 49.3 Backup Configuration ...726 49.3.1 Backup Configuration 726 ...Firmware Upload Using HyperTerminal 737 49.5.10 Uploading Configuration File Via Console Port 737 49.5.11 Example Xmodem Configuration Upload Using HyperTerminal 738 Chapter 50 System Maintenance Menus 8 to 10 739 50.1 Command Interpreter Mode 739 50.2 Call Control Support ...740 26 ZyWALL...
...Log 717 48.4.2 Syslog Logging ...718 48.4.3 Call-Triggering Packet 721 48.5 Diagnostic ...722 48.5.1 WAN DHCP ...723 Chapter 49 Firmware and Configuration File Maintenance 725 49.1 Introduction ...725 49.2 Filename Conventions ...725 49.3 Backup Configuration ...726 49.3.1 Backup Configuration 726 ...Firmware Upload Using HyperTerminal 737 49.5.10 Uploading Configuration File Via Console Port 737 49.5.11 Example Xmodem Configuration Upload Using HyperTerminal 738 Chapter 50 System Maintenance Menus 8 to 10 739 50.1 Command Interpreter Mode 739 50.2 Call Control Support ...740 26 ZyWALL...
User Guide
Page 36
... Figure 299 SSH Example 1: Store Host Key 503 Figure 300 SSH Example 2: Test ...503 Figure 301 SSH Example 2: Log in ...503 Figure 302 Secure FTP: Firmware Upload Example 504 Figure 303 HTTPS Implementation ...505 Figure 304 ADVANCED > REMOTE MGMT > WWW 506 Figure 305 SSH Communication Over the WAN Example 507 Figure... LOGS > View Log ...556 Figure 337 myZyXEL.com: Download Center 558 Figure 338 myZyXEL.com: Certificate Download 558 Figure 339 LOGS > Log Settings ...559 36 ZyWALL 5/35/70 Series User's Guide
... Figure 299 SSH Example 1: Store Host Key 503 Figure 300 SSH Example 2: Test ...503 Figure 301 SSH Example 2: Log in ...503 Figure 302 Secure FTP: Firmware Upload Example 504 Figure 303 HTTPS Implementation ...505 Figure 304 ADVANCED > REMOTE MGMT > WWW 506 Figure 305 SSH Communication Over the WAN Example 507 Figure... LOGS > View Log ...556 Figure 337 myZyXEL.com: Download Center 558 Figure 338 myZyXEL.com: Certificate Download 558 Figure 339 LOGS > Log Settings ...559 36 ZyWALL 5/35/70 Series User's Guide
User Guide
Page 37
...Router Mode 593 Figure 347 MAINTENANCE > Device Mode (Bridge Mode 594 Figure 348 MAINTENANCE > Firmware Upload 595 Figure 349 Firmware Upload In Process 596 Figure 350 Network Temporarily Disconnected 596 Figure 351 Firmware Upload Error ...596 Figure 352 MAINTENANCE > Backup and Restore 597 Figure 353 Configuration Upload Successful ... 374 Menu 11.3.3: Remote Node Script 627 Figure 375 Menu 11.3.4: Remote Node Filter 628 Figure 376 3G Modem Setup in WAN Setup (ZyWALL 5 629 Figure 377 Menu 11.2: Remote Node Profile (3G WAN 630 Figure 378 Menu 3: LAN Setup ...633 Figure 379 Menu 3.1: ...
...Router Mode 593 Figure 347 MAINTENANCE > Device Mode (Bridge Mode 594 Figure 348 MAINTENANCE > Firmware Upload 595 Figure 349 Firmware Upload In Process 596 Figure 350 Network Temporarily Disconnected 596 Figure 351 Firmware Upload Error ...596 Figure 352 MAINTENANCE > Backup and Restore 597 Figure 353 Configuration Upload Successful ... 374 Menu 11.3.3: Remote Node Script 627 Figure 375 Menu 11.3.4: Remote Node Filter 628 Figure 376 3G Modem Setup in WAN Setup (ZyWALL 5 629 Figure 377 Menu 11.2: Remote Node Profile (3G WAN 630 Figure 378 Menu 3: LAN Setup ...633 Figure 379 Menu 3.1: ...
User Guide
Page 40
...803 Figure 510 Windows 98 SE: Startup: Select a Title for the Program 804 Figure 511 Windows 98 SE: Startup: Shortcut 804 40 ZyWALL 5/35/70 Series User's Guide List of Figures Figure 469 Restore Using FTP Session Example 732 Figure 470 System Maintenance: Restore Configuration 732 Figure... 732 Figure 472 Restore Configuration Example 732 Figure 473 Successful Restoration Confirmation Screen 733 Figure 474 Telnet Into Menu 24.7.1: Upload System Firmware 734 Figure 475 Telnet Into Menu 24.7.2: System Maintenance 734 Figure 476 FTP Session Example of IP Policy Routing 754 Figure 492 ...
...803 Figure 510 Windows 98 SE: Startup: Select a Title for the Program 804 Figure 511 Windows 98 SE: Startup: Shortcut 804 40 ZyWALL 5/35/70 Series User's Guide List of Figures Figure 469 Restore Using FTP Session Example 732 Figure 470 System Maintenance: Restore Configuration 732 Figure... 732 Figure 472 Restore Configuration Example 732 Figure 473 Successful Restoration Confirmation Screen 733 Figure 474 Telnet Into Menu 24.7.1: Upload System Firmware 734 Figure 475 Telnet Into Menu 24.7.2: System Maintenance 734 Figure 476 FTP Session Example of IP Policy Routing 754 Figure 492 ...
User Guide
Page 45
...-address-to-port Mapping Table 591 Table 202 MAINTENANCE > Device Mode (Router Mode 593 Table 203 MAINTENANCE > Device Mode (Bridge Mode 594 Table 204 MAINTENANCE > Firmware Upload 595 Table 205 Restore Configuration ...597 Table 206 MAINTENANCE > Diagnostics 600 Table 207 Main Menu Commands ...606 Table 208 Main Menu Summary ...608 Table...
...-address-to-port Mapping Table 591 Table 202 MAINTENANCE > Device Mode (Router Mode 593 Table 203 MAINTENANCE > Device Mode (Bridge Mode 594 Table 204 MAINTENANCE > Firmware Upload 595 Table 205 Restore Configuration ...597 Table 206 MAINTENANCE > Diagnostics 600 Table 207 Main Menu Commands ...606 Table 208 Main Menu Summary ...608 Table...
User Guide
Page 47
... 25.1.1: IP Routing Policy Setup 753 Table 267 Schedule Set Setup ...758 Table 268 Hardware Specifications ...769 Table 269 Firmware Specifications ...770 Table 270 Feature and Performance Specifications 771 Table 271 Compatible ZyXEL WLAN Cards and Security Features 772 Table 272 3G Features Supported By Compatible 3G Cards 773 Table 273 3G... System Maintenance: Time and Date Setting 743 Table 262 Menu 24.11 - List of EAP Authentication Types 795 Table 287 Wireless Security Relational Matrix 798 ZyWALL 5/35/70 Series User's Guide 47
... 25.1.1: IP Routing Policy Setup 753 Table 267 Schedule Set Setup ...758 Table 268 Hardware Specifications ...769 Table 269 Firmware Specifications ...770 Table 270 Feature and Performance Specifications 771 Table 271 Compatible ZyXEL WLAN Cards and Security Features 772 Table 272 3G Features Supported By Compatible 3G Cards 773 Table 273 3G... System Maintenance: Time and Date Setting 743 Table 262 Menu 24.11 - List of EAP Authentication Types 795 Table 287 Wireless Security Relational Matrix 798 ZyWALL 5/35/70 Series User's Guide 47
User Guide
Page 54
... up an earlier configuration file, you know how to its factory default settings. You could simply restore your last configuration. 54 ZyWALL 5/35/70 Series User's Guide Line commands are mostly used for troubleshooting by an SNMP manager. See the Command Reference Guide for...Network Management). System Management Terminal is recommended for everyday management of the ZyWALL using a Vantage CNM server. 1.5 Good Habits for Managing the ZyWALL Do the following methods to configure your device. • FTP for firmware upgrades and configuration backup/restore. • SNMP. The device can...
... up an earlier configuration file, you know how to its factory default settings. You could simply restore your last configuration. 54 ZyWALL 5/35/70 Series User's Guide Line commands are mostly used for troubleshooting by an SNMP manager. See the Command Reference Guide for...Network Management). System Management Terminal is recommended for everyday management of the ZyWALL using a Vantage CNM server. 1.5 Good Habits for Managing the ZyWALL Do the following methods to configure your device. • FTP for firmware upgrades and configuration backup/restore. • SNMP. The device can...
User Guide
Page 63
... prompt below to go to hold the RESET button. Then click Send. 6 After successful firmware upload, enter "atgo" to finish restarting. 3.3.2 Uploading a Configuration File Via Console Port 1 Download the default configuration file from the ZyXEL FTP site, unzip it and save it in a folder. 2 Turn off . 3 ... configuration upload using HyperTerminal. If the SYS LED begins to reload the factory-default configuration file or use the RESET button on the ZyWALL again. Uploading this procedure. 1 Press the RESET button for ten seconds, and then release it . The password will lose all ...
... prompt below to go to hold the RESET button. Then click Send. 6 After successful firmware upload, enter "atgo" to finish restarting. 3.3.2 Uploading a Configuration File Via Console Port 1 Download the default configuration file from the ZyXEL FTP site, unzip it and save it in a folder. 2 Turn off . 3 ... configuration upload using HyperTerminal. If the SYS LED begins to reload the factory-default configuration file or use the RESET button on the ZyWALL again. Uploading this procedure. 1 Press the RESET button for ten seconds, and then release it . The password will lose all ...
User Guide
Page 66
... as a router or a bridge. When this ZyWALL. If you can configure settings for identification purposes. It is being approached. Firmware Version This is ZyXEL's proprietary Network Operating System design. ZyNOS is the ZyNOS Firmware version and the date created. The bar displays what... percentage of the ZyWALL's processing ability is the port type. Sessions ...
... as a router or a bridge. When this ZyWALL. If you can configure settings for identification purposes. It is being approached. Firmware Version This is ZyXEL's proprietary Network Operating System design. ZyNOS is the ZyNOS Firmware version and the date created. The bar displays what... percentage of the ZyWALL's processing ability is the port type. Sessions ...
User Guide
Page 69
...This field is similar to eight digits) from the one you inserted, this option to contact your 3G card. 3G Card Firmware This displays the version of the firmware currently used for the card you specified in the SIM (Subscriber Identity Module) card. You then need to have enabled budget... budget control This field displays if you to save your ISP and you configured budget control. Select this field displays allowing you have the ZyWALL keep the existing statistics and continue counting. Tx Bytes This displays the total number of the inserted CDMA 3G card. The ESN is not...
...This field is similar to eight digits) from the one you inserted, this option to contact your 3G card. 3G Card Firmware This displays the version of the firmware currently used for the card you specified in the SIM (Subscriber Identity Module) card. You then need to have enabled budget... budget control This field displays if you to save your ISP and you configured budget control. Select this field displays allowing you have the ZyWALL keep the existing statistics and continue counting. Tx Bytes This displays the total number of the inserted CDMA 3G card. The ESN is not...
User Guide
Page 72
... Section 3.3 on or off other applications (for running at one time. The bar displays what percentage of the ZyWALL's processing ability is currently used by ZyNOS (ZyXEL Network Operating System) and is not used . If you want some applications to have more to the screen where... in Bridge Mode (continued) LABEL DESCRIPTION Bootbase Version This is the bridge priority of the ZyWALL. Firmware Version This is activated. The ZyWALL starts up . System Time This field displays your ZyWALL in dotted decimal notation. Click the field label to go to the memory that are currently...
... Section 3.3 on or off other applications (for running at one time. The bar displays what percentage of the ZyWALL's processing ability is currently used by ZyNOS (ZyXEL Network Operating System) and is not used . If you want some applications to have more to the screen where... in Bridge Mode (continued) LABEL DESCRIPTION Bootbase Version This is the bridge priority of the ZyWALL. Firmware Version This is activated. The ZyWALL starts up . System Time This field displays your ZyWALL in dotted decimal notation. Click the field label to go to the memory that are currently...
User Guide
Page 80
... Statistics The following table describes the labels in the HOME screen. Port These are available on all items described are the ZyWALL's interfaces. 80 ZyWALL 5/35/70 Series User's Guide Restart This screen allows you to display the chart of throughput statistics. F/W Upload Use ...this screen to upload firmware to change your ZyWALL. Diagnosis Use this screen to your ZyWALL work as a router or a bridge. Time and Date Use this screen to configure and have the ZyWALL generate and send diagnostic files by e-mail and/or...
... Statistics The following table describes the labels in the HOME screen. Port These are available on all items described are the ZyWALL's interfaces. 80 ZyWALL 5/35/70 Series User's Guide Restart This screen allows you to display the chart of throughput statistics. F/W Upload Use ...this screen to upload firmware to change your ZyWALL. Diagnosis Use this screen to your ZyWALL work as a router or a bridge. Time and Date Use this screen to configure and have the ZyWALL generate and send diagnostic files by e-mail and/or...
User Guide
Page 289
... Query by Attribute. 14.4 The Anomaly Screen This section introduces ADP (Anomaly Detection and Prevention). Protocol anomaly rules may be updated when you upload new firmware. Protocol anomaly detection includes HTTP Inspection, TCP Decoder, UDP Decoder and ICMP Decoder. An ADP system protects against anomalies based on violations of protocol standards...
... Query by Attribute. 14.4 The Anomaly Screen This section introduces ADP (Anomaly Detection and Prevention). Protocol anomaly rules may be updated when you upload new firmware. Protocol anomaly detection includes HTTP Inspection, TCP Decoder, UDP Decoder and ICMP Decoder. An ADP system protects against anomalies based on violations of protocol standards...
User Guide
Page 504
Type "yes" and press [ENTER]. 2 Enter the password to login to the ZyWALL. 3 Use the "put firmware.bin ras Uploading firmware.bin to your computer to connect to configure the ZyWALL's HTTP and HTTPS management settings. It relies upon certificates, public keys, and private keys (see Chapter ... cannot read the transferred data), authentication (one party can 't be established. Figure 302 Secure FTP: Firmware Upload Example $ sftp -1 192.168.1.1 Connecting to the list of the ZyWALL. RSA1 key fingerprint is the first time you want to the SSL client (the computer which requests ...
Type "yes" and press [ENTER]. 2 Enter the password to login to the ZyWALL. 3 Use the "put firmware.bin ras Uploading firmware.bin to your computer to connect to configure the ZyWALL's HTTP and HTTPS management settings. It relies upon certificates, public keys, and private keys (see Chapter ... cannot read the transferred data), authentication (one party can 't be established. Figure 302 Secure FTP: Firmware Upload Example $ sftp -1 192.168.1.1 Connecting to the list of the ZyWALL. RSA1 key fingerprint is the first time you want to the SSL client (the computer which requests ...
User Guide
Page 509
... to access the ZyWALL using this service. Choose Selected to just allow the computer with the ZyWALL using this screen....connections. Reset Click Reset to use that service for details. ZyWALL 5/35/70 Series User's Guide 509 Figure 307 ADVANCED >...LABEL DESCRIPTION Server Port You may access the ZyWALL using this screen to specify which IP address the access can...use FTP (File Transfer Protocol) to access the ZyWALL using this feature, your computer must use the...can come. Use this service. Select All to save your ZyWALL's FTP settings, click ADVANCED > REMOTE MGMT > FTP....
... to access the ZyWALL using this service. Choose Selected to just allow the computer with the ZyWALL using this screen....connections. Reset Click Reset to use that service for details. ZyWALL 5/35/70 Series User's Guide 509 Figure 307 ADVANCED >...LABEL DESCRIPTION Server Port You may access the ZyWALL using this screen to specify which IP address the access can...use FTP (File Transfer Protocol) to access the ZyWALL using this feature, your computer must use the...can come. Use this service. Select All to save your ZyWALL's FTP settings, click ADVANCED > REMOTE MGMT > FTP....
User Guide
Page 557
.... The V4.00 default configuration file includes a trusted CA certificate signed by VeriSign from myZyXEL.com and import it into the ZyWALL as a trusted CA, the ZyWALL will not trust the certificate from myZyXEL.com and the update server. time The log was traveling from the WAN to the ....21.255.255 subnet port 137. "UDP" means that are initiated from the WAN. ZyWALL 5/35/70 Series User's Guide 557 source The log was a NetBIOS UDP broadcast packet meant to ZyNOS V4.00 firmware without uploading the V4.00 default configuration file, you can download a CA certificate signed by...
.... The V4.00 default configuration file includes a trusted CA certificate signed by VeriSign from myZyXEL.com and import it into the ZyWALL as a trusted CA, the ZyWALL will not trust the certificate from myZyXEL.com and the update server. time The log was traveling from the WAN to the ....21.255.255 subnet port 137. "UDP" means that are initiated from the WAN. ZyWALL 5/35/70 Series User's Guide 557 source The log was a NetBIOS UDP broadcast packet meant to ZyNOS V4.00 firmware without uploading the V4.00 default configuration file, you can download a CA certificate signed by...
User Guide
Page 579
... the signature file through the Internet. %s describes the reason for the latest available signature version. %s gives details. For example, ID:30001,CIH.Win95,/game.exe. ZyWALL 5/35/70 Series User's Guide 579 IDP %s! Check signature version - %s. The system could not find the signature , please update the signature! The format of %s is... detected an intrusion event in an HTTP connection. The device failed to load into the system. The turbo card is already using the latest available firmware. DESCRIPTION The device detected a virus in a connection.
... the signature file through the Internet. %s describes the reason for the latest available signature version. %s gives details. For example, ID:30001,CIH.Win95,/game.exe. ZyWALL 5/35/70 Series User's Guide 579 IDP %s! Check signature version - %s. The system could not find the signature , please update the signature! The format of %s is... detected an intrusion event in an HTTP connection. The device failed to load into the system. The turbo card is already using the latest available firmware. DESCRIPTION The device detected a virus in a connection.
User Guide
Page 580
...through the Internet. %s describes the reason for the latest available signature version. %s gives details. The turbo card is already using the latest available firmware. The session is over maximun ZIP sessions - %s! %PACKET_DIRECTION% The number of files in POP3 connections. %s is the filename. FTPDATA Block....the name of files in a SMTP connection. The device bypassed the scanning of the zip file which has exceeded the limit. 580 ZyWALL 5/35/70 Series User's Guide For example, game.zip. Update the signature The device updated the signature file successfully. Check that ...
...through the Internet. %s describes the reason for the latest available signature version. %s gives details. The turbo card is already using the latest available firmware. The session is over maximun ZIP sessions - %s! %PACKET_DIRECTION% The number of files in POP3 connections. %s is the filename. FTPDATA Block....the name of files in a SMTP connection. The device bypassed the scanning of the zip file which has exceeded the limit. 580 ZyWALL 5/35/70 Series User's Guide For example, game.zip. Update the signature The device updated the signature file successfully. Check that ...
User Guide
Page 585
.... • Use the F/W Upload screen (Section 33.8 on page 595) to upgrade the ZyWALL's firmware. • Use the Backup and Restore screen (Section 33.9 on page 597) to backup and restore the ZyWALL configuration file and to reset the device to factory settings. • Use the Restart screen (..., Control Panel and then double-click System. However, because some ISPs check this name you view system information, upload new firmware, manage configuration and restart your ZyWALL. 33.1.1 What You Can Do in the Maintenance Screens • Use the General Setup screen (Section 33.2 on page 585...
.... • Use the F/W Upload screen (Section 33.8 on page 595) to upgrade the ZyWALL's firmware. • Use the Backup and Restore screen (Section 33.9 on page 597) to backup and restore the ZyWALL configuration file and to reset the device to factory settings. • Use the Restart screen (..., Control Panel and then double-click System. However, because some ISPs check this name you view system information, upload new firmware, manage configuration and restart your ZyWALL. 33.1.1 What You Can Do in the Maintenance Screens • Use the General Setup screen (Section 33.2 on page 585...