User Guide
Page 1
ZyWALL 5/35/70 Series Internet Security Appliance User's Guide Version 4.04 03/2008 Edition 1 DEFAULT LOGIN IP Address http://192.168.1.1 Password 1234 www.zyxel.com
ZyWALL 5/35/70 Series Internet Security Appliance User's Guide Version 4.04 03/2008 Edition 1 DEFAULT LOGIN IP Address http://192.168.1.1 Password 1234 www.zyxel.com
User Guide
Page 3
... Industrial Park, Hsinchu, 300, Taiwan. E-mail: techwriters@zyxel.com.tw ZyWALL 5/35/70 Series User's Guide 3 You should have at least a basic knowledge of individual screens and supplementary information. • CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the ZyWALL. • Supporting Disk Refer to the included...
... Industrial Park, Hsinchu, 300, Taiwan. E-mail: techwriters@zyxel.com.tw ZyWALL 5/35/70 Series User's Guide 3 You should have at least a basic knowledge of individual screens and supplementary information. • CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the ZyWALL. • Supporting Disk Refer to the included...
User Guide
Page 4
... Notes tell you other important information (for example, other words". 4 ZyWALL 5/35/70 Series User's Guide Syntax Conventions • The ZyWALL 5/35/70 series may be referred to as the "ZyWALL", the "device" or the "system" in this User's Guide. 1 Warnings tell you about things that could harm you or your ...or "return" key on your device. Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User's Guide. • Product labels, screen names, field labels and field choices are all in bold font. • A key stroke is ...
... Notes tell you other important information (for example, other words". 4 ZyWALL 5/35/70 Series User's Guide Syntax Conventions • The ZyWALL 5/35/70 series may be referred to as the "ZyWALL", the "device" or the "system" in this User's Guide. 1 Warnings tell you about things that could harm you or your ...or "return" key on your device. Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User's Guide. • Product labels, screen names, field labels and field choices are all in bold font. • A key stroke is ...
User Guide
Page 5
The ZyWALL icon is not an exact representation of your device. ZyWALL Computer Notebook computer Server Firewall Telephone Switch Router ZyWALL 5/35/70 Series User's Guide 5 Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons.
The ZyWALL icon is not an exact representation of your device. ZyWALL Computer Notebook computer Server Firewall Telephone Switch Router ZyWALL 5/35/70 Series User's Guide 5 Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons.
User Guide
Page 6
... a power outlet by itself; Replace a fuse only with a fuse of this device. For detailed information about recycling of the same type and rating. 6 ZyWALL 5/35/70 Series User's Guide Please contact your vendor for further information. • Make sure to connect the cables to the correct ports. • Place connecting cables carefully so...
... a power outlet by itself; Replace a fuse only with a fuse of this device. For detailed information about recycling of the same type and rating. 6 ZyWALL 5/35/70 Series User's Guide Please contact your vendor for further information. • Make sure to connect the cables to the correct ports. • Place connecting cables carefully so...
User Guide
Page 7
Safety Warnings ZyWALL 5/35/70 Series User's Guide 7 Dispose of it properly. This product is recyclable.
Safety Warnings ZyWALL 5/35/70 Series User's Guide 7 Dispose of it properly. This product is recyclable.
User Guide
Page 9
Contents Overview Contents Overview Introduction ...49 Getting to Know Your ZyWALL 51 Hardware Installation ...55 Introducing the Web Configurator 61 Wizard Setup ...87 Tutorials ...109 Registration Screens ...141 Network ...147 LAN Screens ...149 Bridge Screens ...161 ... Policy Route Screens ...457 Bandwidth Management Screens 465 DNS Screens ...479 Remote Management Screens 491 UPnP Screens ...519 Custom Application Screen ...529 ALG Screen ...531 ZyWALL 5/35/70 Series User's Guide 9
Contents Overview Contents Overview Introduction ...49 Getting to Know Your ZyWALL 51 Hardware Installation ...55 Introducing the Web Configurator 61 Wizard Setup ...87 Tutorials ...109 Registration Screens ...141 Network ...147 LAN Screens ...149 Bridge Screens ...161 ... Policy Route Screens ...457 Bandwidth Management Screens 465 DNS Screens ...479 Remote Management Screens 491 UPnP Screens ...519 Custom Application Screen ...529 ALG Screen ...531 ZyWALL 5/35/70 Series User's Guide 9
User Guide
Page 10
... Setup ...653 Remote Node Setup ...659 IP Static Route Setup ...669 Network Address Translation (NAT 673 Introducing the ZyWALL Firewall 693 Filter Configuration ...695 SNMP Configuration ...711 System Information & Diagnosis 713 Firmware and Configuration File Maintenance 725 ... Scheduling ...757 Troubleshooting and Product Specifications 761 Troubleshooting ...763 Product Specifications ...769 Appendices and Index ...779 10 ZyWALL 5/35/70 Series User's Guide Contents Overview Reports, Logs and Maintenance 537 Reports Screens ...539 Logs Screens ...555 Maintenance Screens ...585 SMT...
... Setup ...653 Remote Node Setup ...659 IP Static Route Setup ...669 Network Address Translation (NAT 673 Introducing the ZyWALL Firewall 693 Filter Configuration ...695 SNMP Configuration ...711 System Information & Diagnosis 713 Firmware and Configuration File Maintenance 725 ... Scheduling ...757 Troubleshooting and Product Specifications 761 Troubleshooting ...763 Product Specifications ...769 Appendices and Index ...779 10 ZyWALL 5/35/70 Series User's Guide Contents Overview Reports, Logs and Maintenance 537 Reports Screens ...539 Logs Screens ...555 Maintenance Screens ...585 SMT...
User Guide
Page 11
Table of Contents Table of Contents About This User's Guide ...3 Document Conventions...4 Safety Warnings...6 Contents Overview ...9 Table of Contents...11 List of Figures ...29 List of Tables...41 Part I: Introduction 49 Chapter 1 Getting to Know Your ZyWALL 51 1.1 ZyWALL Internet Security Appliance Overview 51 1.2 ZyWALL Features ...51 1.3 Applications for the ZyWALL 52 1.3.1 Secure Broadband Internet Access via...
Table of Contents Table of Contents About This User's Guide ...3 Document Conventions...4 Safety Warnings...6 Contents Overview ...9 Table of Contents...11 List of Figures ...29 List of Tables...41 Part I: Introduction 49 Chapter 1 Getting to Know Your ZyWALL 51 1.1 ZyWALL Internet Security Appliance Overview 51 1.2 ZyWALL Features ...51 1.3 Applications for the ZyWALL 52 1.3.1 Secure Broadband Internet Access via...
User Guide
Page 12
... 3.3.1 Procedure To Use The Reset Button 63 3.3.2 Uploading a Configuration File Via Console Port 63 3.4 Navigating the ZyWALL Web Configurator 64 3.4.1 Title Bar ...64 3.4.2 Main Window ...65 3.4.3 HOME Screen: Router Mode 65 3.4.4 HOME Screen: Bridge Mode...Anti-Spam Wizard: Setup Complete 108 Chapter 5 Tutorials ...109 5.1 Dynamic VPN Rule Configuration 109 5.1.1 Configure Bob's User Account 110 5.1.2 VPN Gateway and Network Policy Configuration 110 5.1.3 Configure Zero Configuration Mode on ZyWALL B 116 5.1.4 Testing Your VPN Configuration 117 12 ZyWALL 5/35/70 Series User's Guide
... 3.3.1 Procedure To Use The Reset Button 63 3.3.2 Uploading a Configuration File Via Console Port 63 3.4 Navigating the ZyWALL Web Configurator 64 3.4.1 Title Bar ...64 3.4.2 Main Window ...65 3.4.3 HOME Screen: Router Mode 65 3.4.4 HOME Screen: Bridge Mode...Anti-Spam Wizard: Setup Complete 108 Chapter 5 Tutorials ...109 5.1 Dynamic VPN Rule Configuration 109 5.1.1 Configure Bob's User Account 110 5.1.2 VPN Gateway and Network Policy Configuration 110 5.1.3 Configure Zero Configuration Mode on ZyWALL B 116 5.1.4 Testing Your VPN Configuration 117 12 ZyWALL 5/35/70 Series User's Guide
User Guide
Page 13
... LAN Screen ...152 7.3 The LAN Static DHCP Screen 155 7.4 The LAN IP Alias Screen 156 7.5 The LAN Port Roles Screen 158 Chapter 8 Bridge Screens...161 ZyWALL 5/35/70 Series User's Guide 13
... LAN Screen ...152 7.3 The LAN Static DHCP Screen 155 7.4 The LAN IP Alias Screen 156 7.5 The LAN Port Roles Screen 158 Chapter 8 Bridge Screens...161 ZyWALL 5/35/70 Series User's Guide 13
User Guide
Page 14
... 10.2 The DMZ Screen ...210 10.3 The Static DHCP Screen 213 10.4 The IP Alias Screen ...214 10.5 The DMZ Port Roles Screen 216 14 ZyWALL 5/35/70 Series User's Guide
... 10.2 The DMZ Screen ...210 10.3 The Static DHCP Screen 213 10.4 The IP Alias Screen ...214 10.5 The DMZ Port Roles Screen 216 14 ZyWALL 5/35/70 Series User's Guide
User Guide
Page 15
... 13 Firewall Screens...251 13.1 Overview ...251 13.1.1 What You Can Do Using the Firewall Screens 252 13.1.2 What You Need To Know About the ZyWALL Firewall 252 13.1.3 Before You Begin 252 13.2 Firewall Rules Example 252 13.3 The Firewall Default Rule Screen 254 13.4 The Firewall Default Rule (Bridge... Mode) Screen 256 13.5 The Firewall Rule Summary Screen 259 13.5.1 The Firewall Edit Rule Screen 260 13.6 The Anti-Probing Screen 263 ZyWALL 5/35/70 Series User's Guide 15
... 13 Firewall Screens...251 13.1 Overview ...251 13.1.1 What You Can Do Using the Firewall Screens 252 13.1.2 What You Need To Know About the ZyWALL Firewall 252 13.1.3 Before You Begin 252 13.2 Firewall Rules Example 252 13.3 The Firewall Default Rule Screen 254 13.4 The Firewall Default Rule (Bridge... Mode) Screen 256 13.5 The Firewall Rule Summary Screen 259 13.5.1 The Firewall Edit Rule Screen 260 13.6 The Anti-Probing Screen 263 ZyWALL 5/35/70 Series User's Guide 15
User Guide
Page 16
... Prevention (IDP) Screens 277 14.1 Overview ...277 14.1.1 What You Can Do Using the IDP Screens 277 14.1.2 What You Need To Know About the ZyWALL IDP 278 14.1.3 Before You Begin 279 14.2 The General Setup Screen 279 14.3 The Signatures Screen ...281 14.3.1 Attack Types ...281 14.3.2 Intrusion Severity... Anti-virus Update 307 15.5 The Backup and Restore Screen 309 15.6 Technical Reference ...310 Chapter 16 Anti-Spam Screens ...313 16.1 Overview ...313 16 ZyWALL 5/35/70 Series User's Guide
... Prevention (IDP) Screens 277 14.1 Overview ...277 14.1.1 What You Can Do Using the IDP Screens 277 14.1.2 What You Need To Know About the ZyWALL IDP 278 14.1.3 Before You Begin 279 14.2 The General Setup Screen 279 14.3 The Signatures Screen ...281 14.3.1 Attack Types ...281 14.3.2 Intrusion Severity... Anti-virus Update 307 15.5 The Backup and Restore Screen 309 15.6 Technical Reference ...310 Chapter 16 Anti-Spam Screens ...313 16.1 Overview ...313 16 ZyWALL 5/35/70 Series User's Guide
User Guide
Page 17
...) Screen 375 19.8 The VPN Rules (Manual): Edit Screen 376 19.9 The VPN SA Monitor Screen 379 19.10 The VPN Global Setting Screen 379 ZyWALL 5/35/70 Series User's Guide 17
...) Screen 375 19.8 The VPN Rules (Manual): Edit Screen 376 19.9 The VPN SA Monitor Screen 379 19.10 The VPN Global Setting Screen 379 ZyWALL 5/35/70 Series User's Guide 17
User Guide
Page 18
... ...427 21.1.1 What You Can Do in the Authentication Server Screens 427 21.1.2 What You Need To Know About Authentication Server 427 21.2 The Local User Database Screen 428 21.3 The RADIUS Screen ...430 Part IV: Advanced 433 18 ZyWALL 5/35/70 Series User's Guide
... ...427 21.1.1 What You Can Do in the Authentication Server Screens 427 21.1.2 What You Need To Know About Authentication Server 427 21.2 The Local User Database Screen 428 21.3 The RADIUS Screen ...430 Part IV: Advanced 433 18 ZyWALL 5/35/70 Series User's Guide
User Guide
Page 19
... 25.1.3 Application and Subnet-based Bandwidth Management Example 466 25.1.4 Over Allotment of Bandwidth Example 467 25.1.5 Maximize Bandwidth Usage With Bandwidth Borrowing Example 467 ZyWALL 5/35/70 Series User's Guide 19
... 25.1.3 Application and Subnet-based Bandwidth Management Example 466 25.1.4 Over Allotment of Bandwidth Example 467 25.1.5 Maximize Bandwidth Usage With Bandwidth Borrowing Example 467 ZyWALL 5/35/70 Series User's Guide 19
User Guide
Page 20
....2.8 Using a Certificate When Accessing the ZyWALL (Example 501 27.2.9 Secure Telnet Using SSH Examples 502 27.3 The WWW Screen ...504 27.4 Configuring the WWW Screen 505 27.5 The SSH Screen ...507 27.6 Configuring the SSH Screen 507 27.7 The Telnet Screen ...508 27.8 The FTP Screen ...509 20 ZyWALL 5/35/70 Series User's Guide
....2.8 Using a Certificate When Accessing the ZyWALL (Example 501 27.2.9 Secure Telnet Using SSH Examples 502 27.3 The WWW Screen ...504 27.4 Configuring the WWW Screen 505 27.5 The SSH Screen ...507 27.6 Configuring the SSH Screen 507 27.7 The Telnet Screen ...508 27.8 The FTP Screen ...509 20 ZyWALL 5/35/70 Series User's Guide
User Guide
Page 21
... Screens 539 31.2 The Traffic Statistics Screen 539 31.2.1 Viewing Web Site Hits 541 31.2.2 Viewing Host IP Address 542 31.2.3 Viewing Protocol/Port 543 ZyWALL 5/35/70 Series User's Guide 21
... Screens 539 31.2 The Traffic Statistics Screen 539 31.2.1 Viewing Web Site Hits 541 31.2.2 Viewing Host IP Address 542 31.2.3 Viewing Protocol/Port 543 ZyWALL 5/35/70 Series User's Guide 21