User Guide
Page 14
... the DMZ 157 7.12.1 Turn On the ALG ...159 7.12.2 Create the Address Objects 159 7.12.3 Setup a NAT Policy for the IPPBX 160 7.12.4 Set Up a WAN to DMZ Firewall Rule for SIP 161 7.12.5 Set Up a DMZ to LAN Firewall Rule for SIP 162 7.13 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic 163 7.13.1 Create the Public IP Address Range Object 163 7.13.2 Configure the Policy Route 164 14 ZyWALL USG 1000 User's Guide
... the DMZ 157 7.12.1 Turn On the ALG ...159 7.12.2 Create the Address Objects 159 7.12.3 Setup a NAT Policy for the IPPBX 160 7.12.4 Set Up a WAN to DMZ Firewall Rule for SIP 161 7.12.5 Set Up a DMZ to LAN Firewall Rule for SIP 162 7.13 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic 163 7.13.1 Create the Public IP Address Range Object 163 7.13.2 Configure the Policy Route 164 14 ZyWALL USG 1000 User's Guide
User Guide
Page 55
... name for PPPoE/PPTP interfaces. DNS Configure the DNS server and address records for user sessions, and rules to force user authentication. Login Page Configure how the login and access user screens look. SSH Configure SSH server and SSH service settings. Address Group Create and manage groups of services. LDAP-Default Configure the default LDAP settings. SSL Application Create SSL web application or file sharing objects. ZyWALL USG 1000 User's Guide 59 Service Group Create and manage groups of addresses. Configure the default Active Directory settings. Trusted Certificates...
... name for PPPoE/PPTP interfaces. DNS Configure the DNS server and address records for user sessions, and rules to force user authentication. Login Page Configure how the login and access user screens look. SSH Configure SSH server and SSH service settings. Address Group Create and manage groups of services. LDAP-Default Configure the default LDAP settings. SSL Application Create SSL web application or file sharing objects. ZyWALL USG 1000 User's Guide 59 Service Group Create and manage groups of addresses. Configure the default Active Directory settings. Trusted Certificates...
User Guide
Page 91
... system management. 6.1 Object-based Configuration The ZyWALL stores information or settings as well. (You might also have firewall, application patrol, content filter, and other settings use these ZyWALL USG 1000 User's Guide 95 Some of it in terminology and organization between the ZyWALL and other features. • Section 6.7 on an interface's IP address, subnet, or gateway. Some of it . For example, if you want to help you configure the ZyWALL effectively...
... system management. 6.1 Object-based Configuration The ZyWALL stores information or settings as well. (You might also have firewall, application patrol, content filter, and other settings use these ZyWALL USG 1000 User's Guide 95 Some of it in terminology and organization between the ZyWALL and other features. • Section 6.7 on an interface's IP address, subnet, or gateway. Some of it . For example, if you want to help you configure the ZyWALL effectively...
User Guide
Page 187
... In Windows 2000, you misconfigure the registry settings. Use the following procedures to edit the registry and then configure the computer to have it use pre-shared keys. 1 Click Start > Run. You can go back to using pre-shared keys by default. ZyWALL USG 1000 User's Guide 191 Chapter 8 L2TP VPN Example 18 Click Details to make sure your registry. Figure 173 ZyWALL-L2TP Status: Details 19 Access a server or other network...
... In Windows 2000, you misconfigure the registry settings. Use the following procedures to edit the registry and then configure the computer to have it use pre-shared keys. 1 Click Start > Run. You can go back to using pre-shared keys by default. ZyWALL USG 1000 User's Guide 191 Chapter 8 L2TP VPN Example 18 Click Details to make sure your registry. Figure 173 ZyWALL-L2TP Status: Details 19 Access a server or other network...
User Guide
Page 209
... the master) or the management IP address (if it is currently assigned. The Ethernet interface is not connected. This field displays the status of a port group and is part of the interface in the virtual router right now. This interface is not functioning in the virtual router. Stand-By - This VRRP group is the master interface in the virtual router. ZyWALL USG 1000 User's Guide 213 Port Group Inactive - The Ethernet interface does not have any...
... the master) or the management IP address (if it is currently assigned. The Ethernet interface is not connected. This field displays the status of a port group and is part of the interface in the virtual router right now. This interface is not functioning in the virtual router. Stand-By - This VRRP group is the master interface in the virtual router. ZyWALL USG 1000 User's Guide 213 Port Group Inactive - The Ethernet interface does not have any...
User Guide
Page 225
... the static IP address of this to update its IP address, this field displays n/a. ZyWALL USG 1000 User's Guide 229 This field displays n/a if the interface does not provide any services to connect the auxiliary interface or a PPPoE/PPTP interface. This table provides packet statistics for the interface. Static - Down - This is the master) or the management IP address (if it was last connected. Services Action Interface Statistics Refresh Expand/Close Name Status Dynamic - The interface is disabled...
... the static IP address of this to update its IP address, this field displays n/a. ZyWALL USG 1000 User's Guide 229 This field displays n/a if the interface does not provide any services to connect the auxiliary interface or a PPPoE/PPTP interface. This table provides packet statistics for the interface. Static - Down - This is the master) or the management IP address (if it was last connected. Services Action Interface Statistics Refresh Expand/Close Name Status Dynamic - The interface is disabled...
User Guide
Page 278
... gateway, the ZyWALL automatically updates every rule or setting that uses the object whenever the interface's IP address settings change LAN's IP address, the ZyWALL automatically updates the corresponding interface-based, LAN subnet address object. With OSPF, you change . To access this screen, click an Edit icon in the underlying physical port or port group. • Select which version of RIP to identify the DR or BDR if one does not exist. 284 ZyWALL USG 1000 User's Guide...
... gateway, the ZyWALL automatically updates every rule or setting that uses the object whenever the interface's IP address settings change LAN's IP address, the ZyWALL automatically updates the corresponding interface-based, LAN subnet address object. With OSPF, you change . To access this screen, click an Edit icon in the underlying physical port or port group. • Select which version of RIP to identify the DR or BDR if one does not exist. 284 ZyWALL USG 1000 User's Guide...
User Guide
Page 280
...for traffic flowing from a DHCP server. It is the MAC address that the Ethernet interface uses. These IP address fields configure an IP address on page 667. 286 ZyWALL USG 1000 User's Guide Other corresponding configuration options: DHCP server and DHCP relay. This is for the network connected to which type of the Ethernet interface's physical port. Select the zone to the interface. This option appears when Interface Properties is to WAN traffic. The ZyWALL automatically adds default SNAT settings for the interface. It can use this interface is External...
...for traffic flowing from a DHCP server. It is the MAC address that the Ethernet interface uses. These IP address fields configure an IP address on page 667. 286 ZyWALL USG 1000 User's Guide Other corresponding configuration options: DHCP server and DHCP relay. This is for the network connected to which type of the Ethernet interface's physical port. Select the zone to the interface. This option appears when Interface Properties is to WAN traffic. The ZyWALL automatically adds default SNAT settings for the interface. It can use this interface is External...
User Guide
Page 282
... a static IP address to use for a TCP connectivity check. DHCP Select what type of consecutive failures before the attempt is a DHCP Relay. Choices are: None - DHCP Server - Gateway Check this address Select this case, the ZyWALL can assign every IP address allowed by the interface's IP address and subnet mask, except for the first address (network address), last address (broadcast address) and the interface's IP address. 288 ZyWALL USG 1000 User's Guide These fields appear if the ZyWALL is optional. If this to a specific computer, use the Static DHCP Table...
... a static IP address to use for a TCP connectivity check. DHCP Select what type of consecutive failures before the attempt is a DHCP Relay. Choices are: None - DHCP Server - Gateway Check this address Select this case, the ZyWALL can assign every IP address allowed by the interface's IP address and subnet mask, except for the first address (network address), last address (broadcast address) and the interface's IP address. 288 ZyWALL USG 1000 User's Guide These fields appear if the ZyWALL is optional. If this to a specific computer, use the Static DHCP Table...
User Guide
Page 292
... ZyWALL USG 1000 User's Guide Check Default Select this to the network. Enter that domain name or IP address in kilobits per second, the ZyWALL can send through the interface to turn on the connection check. Allowed values are 0 - 1048576. Type the maximum size of each data packet, in kilobits per second, the ZyWALL can receive from the network through the interface. Allowed values are required before the ZyWALL stops routing through the gateway. Check Fail...
... ZyWALL USG 1000 User's Guide Check Default Select this to the network. Enter that domain name or IP address in kilobits per second, the ZyWALL can send through the interface to turn on the connection check. Allowed values are 0 - 1048576. Type the maximum size of each data packet, in kilobits per second, the ZyWALL can receive from the network through the interface. Allowed values are required before the ZyWALL stops routing through the gateway. Check Fail...
User Guide
Page 297
... your ISP instructed you selected Device in the profile selection. Select Custom in the profile selection to be up to manually input the APN (Access Point Name) provided by your device settings yourself. You can be up the connection if there is little traffic through the interface or if it displays none. ZyWALL USG 1000 User's Guide 303 Idle timeout This value specifies the time in seconds...
... your ISP instructed you selected Device in the profile selection. Select Custom in the profile selection to be up to manually input the APN (Access Point Name) provided by your device settings yourself. You can be up the connection if there is little traffic through the interface or if it displays none. ZyWALL USG 1000 User's Guide 303 Idle timeout This value specifies the time in seconds...
User Guide
Page 299
... the connection check. Gateway Check this address Select this to make sure it . Related Setting Configure WAN Click WAN TRUNK to go to the network. Check Method Select the method that can receive from the network through the interface to the policy route summary screen where you can configure the TRUNK interface as part of a WAN trunk for the connectivity check. Enter that domain name or IP address in WAN load balancing and bandwidth management. Allowed...
... the connection check. Gateway Check this address Select this to make sure it . Related Setting Configure WAN Click WAN TRUNK to go to the network. Check Method Select the method that can receive from the network through the interface to the policy route summary screen where you can configure the TRUNK interface as part of a WAN trunk for the connectivity check. Enter that domain name or IP address in WAN load balancing and bandwidth management. Allowed...
User Guide
Page 308
... a failure. Allowed values are 576 - 1500. The ZyWALL resumes routing to use based on the connection check. Check Default Select this to specify a domain name or IP address for the OPT, LAN and DMZ interfaces. 314 ZyWALL USG 1000 User's Guide Gateway Check this address Select this to make sure it is still available. Enter that the gateway allows. Select icmp to have the ZyWALL regularly ping the gateway you specified to use . Check Fail Tolerance Enter the number of consecutive failures...
... a failure. Allowed values are 576 - 1500. The ZyWALL resumes routing to use based on the connection check. Check Default Select this to specify a domain name or IP address for the OPT, LAN and DMZ interfaces. 314 ZyWALL USG 1000 User's Guide Gateway Check this address Select this to make sure it is still available. Enter that the gateway allows. Select icmp to have the ZyWALL regularly ping the gateway you specified to use . Check Fail Tolerance Enter the number of consecutive failures...
User Guide
Page 386
... interface. 392 ZyWALL USG 1000 User's Guide This field is available if Mapping Type is Ports. The original port range and the mapped port range must have the same number of translated destination ports if this NAT rule only applies to also access the server. For users connected to the same interface as the Mapped IP device, the ZyWALL uses that interface's IP address as the source address for the traffic it sends from the WAN to a LAN server, enabling NAT loopback allows users connected to other interfaces...
... interface. 392 ZyWALL USG 1000 User's Guide This field is available if Mapping Type is Ports. The original port range and the mapped port range must have the same number of translated destination ports if this NAT rule only applies to also access the server. For users connected to the same interface as the Mapped IP device, the ZyWALL uses that interface's IP address as the source address for the traffic it sends from the WAN to a LAN server, enabling NAT loopback allows users connected to other interfaces...
User Guide
Page 488
... connection to the ZyWALL to configure SSL VPN on page 969 for how to access the login screen. Chapter 27 SSL User Screens System Requirements Here are shown. 494 ZyWALL USG 1000 User's Guide Finding Out More See Chapter 26 on page 481 for more information. If instructed by the ZyWALL or your network administrator, you how to access and log into the network through the ZyWALL. Required Information A remote user needs...
... connection to the ZyWALL to configure SSL VPN on page 969 for how to access the login screen. Chapter 27 SSL User Screens System Requirements Here are shown. 494 ZyWALL USG 1000 User's Guide Finding Out More See Chapter 26 on page 481 for more information. If instructed by the ZyWALL or your network administrator, you how to access and log into the network through the ZyWALL. Required Information A remote user needs...
User Guide
Page 670
... the interface's IP address (the virtual router IP address). Virtual Router IP / Netmask This is in the list. Link Status This tells whether the monitored interface's connection is inactive. Server Address Every interface's management IP address must use this to get updated configuration from which ZyWALLs in the backups. 674 ZyWALL USG 1000 User's Guide Status The activate (light bulb) icon is lit when the entry is active and dimmed when the entry is down or up. Interface This field identifies the interface. At the time...
... the interface's IP address (the virtual router IP address). Virtual Router IP / Netmask This is in the list. Link Status This tells whether the monitored interface's connection is inactive. Server Address Every interface's management IP address must use this to get updated configuration from which ZyWALLs in the backups. 674 ZyWALL USG 1000 User's Guide Status The activate (light bulb) icon is lit when the entry is active and dimmed when the entry is down or up. Interface This field identifies the interface. At the time...
User Guide
Page 822
... password for remote management. Trap Community Type the trap community, which is the password sent with the IP address that service for incoming Set requests from which ZyWALL zones. 826 ZyWALL USG 1000 User's Guide The default is public and allows all requests. Destination Type the IP address of the station to send your SNMP traps to access the ZyWALL using this screen. You can also specify from the management station. Server Port You may change the server port number...
... password for remote management. Trap Community Type the trap community, which is the password sent with the IP address that service for incoming Set requests from which ZyWALL zones. 826 ZyWALL USG 1000 User's Guide The default is public and allows all requests. Destination Type the IP address of the station to send your SNMP traps to access the ZyWALL using this screen. You can also specify from the management station. Server Port You may change the server port number...
User Guide
Page 927
... or link/connect, this log will be reapplied due to Device HA status is Active DHCP's DNS option:%s has changed the time zone back to add more than the maximum number of DNS has been appended. DNS access control rule %u has been appended DNS access control rule %u has been modified DNS access control rule %u has been deleted. %s is rule number ZyWALL USG 1000 User's Guide 933 An administrator turned on Interface %s will be run. An administrator tried to the default (0). Enable...
... or link/connect, this log will be reapplied due to Device HA status is Active DHCP's DNS option:%s has changed the time zone back to add more than the maximum number of DNS has been appended. DNS access control rule %u has been appended DNS access control rule %u has been modified DNS access control rule %u has been deleted. %s is rule number ZyWALL USG 1000 User's Guide 933 An administrator turned on Interface %s will be run. An administrator tried to the default (0). Enable...
User Guide
Page 1060
... L2TP VPN 517 local network 441 local policy 449 manual key 448 NetBIOS 448 peer 441 1066 ZyWALL USG 1000 User's Guide where used 105 internal interface 100, 286 Internet access troubleshooting 870, 881 Internet Control Message Protocol, see ICMP Internet Explorer 51 Internet Message Access Protocol, see IMAP 650 Internet Protocol (IP) 581 Internet Protocol Security, see IPSec Intrusion, Detection and Prevention see IDP 563 intrusions host 594 network 595 IP (Internet Protocol) 581 IP address 33 IP alias, see virtual interfaces IP...
... L2TP VPN 517 local network 441 local policy 449 manual key 448 NetBIOS 448 peer 441 1066 ZyWALL USG 1000 User's Guide where used 105 internal interface 100, 286 Internet access troubleshooting 870, 881 Internet Control Message Protocol, see ICMP Internet Explorer 51 Internet Message Access Protocol, see IMAP 650 Internet Protocol (IP) 581 Internet Protocol Security, see IPSec Intrusion, Detection and Prevention see IDP 563 intrusions host 594 network 595 IP (Internet Protocol) 581 IP address 33 IP alias, see virtual interfaces IP...
User Guide
Page 1066
... users 690 user attributes 703 RADIUS server troubleshooting 882 RDP 766 real-time alert message 965 Real-time Transport Protocol, see RTP RealVNC 766 reboot 42, 865 vs reset 865 record route 582 Reference Guide, CLI 3 registration 265 and content filtering 622, 624, 626 configuration overview 104 prerequisites 104 product 1054 subscription services, see subscription services registration status anti-virus 552 application patrol 532 IDP 566 ZyWALL USG 1000 User's Guide
... users 690 user attributes 703 RADIUS server troubleshooting 882 RDP 766 real-time alert message 965 Real-time Transport Protocol, see RTP RealVNC 766 reboot 42, 865 vs reset 865 record route 582 Reference Guide, CLI 3 registration 265 and content filtering 622, 624, 626 configuration overview 104 prerequisites 104 product 1054 subscription services, see subscription services registration status anti-virus 552 application patrol 532 IDP 566 ZyWALL USG 1000 User's Guide