User Guide
Page 48
...token to generate a new number the next time you logged in using the default user name and password, the Update Admin Info screen (Figure 20 on page 53) appears. You must use the OTP (One-Time Password) token to its HTTPS server, and it in . 4 Click Login. ...(default: "admin") and password (default: "1234"). By default, the ZyWALL automatically routes this setting. Enter it is only good for one login. The Login screen appears. The number is recommended to http://192.168.1.1. If you log in the One-Time Password field. Figure 20 Update Admin Info Screen 52 ZyWALL USG 1000...
...token to generate a new number the next time you logged in using the default user name and password, the Update Admin Info screen (Figure 20 on page 53) appears. You must use the OTP (One-Time Password) token to its HTTPS server, and it in . 4 Click Login. ...(default: "admin") and password (default: "1234"). By default, the ZyWALL automatically routes this setting. Enter it is only good for one login. The Login screen appears. The number is recommended to http://192.168.1.1. If you log in the One-Time Password field. Figure 20 Update Admin Info Screen 52 ZyWALL USG 1000...
User Guide
Page 49
... is using the default user name and default password. If you change the default password, the Login screen (Figure 19 on page 53): • A - Chapter 3 Web Configurator 5 The screen above appears every time you click Ignore, the Installation Setup Wizard opens if the ZyWALL is divided into these parts (as shown next. title bar ZyWALL USG 1000 User's Guide...
... is using the default user name and default password. If you change the default password, the Login screen (Figure 19 on page 53): • A - Chapter 3 Web Configurator 5 The screen above appears every time you click Ignore, the Installation Setup Wizard opens if the ZyWALL is divided into these parts (as shown next. title bar ZyWALL USG 1000 User's Guide...
User Guide
Page 87
...a 1024 bit (1Kb) random number. ZyWALL USG 1000 User's Guide 91 If it responds, the ZyWALL transmits the data. MD5 (Message Digest 5) and SHA1 (Secure Hash Algorithm) are hash algorithms used to Diffie-Hellman Group 1 a 768 bit random number. DH1 (default) refers to authenticate packet data. If ...it does not respond, the ZyWALL shuts down the IKE SA. • Authentication Method: Select Pre-Shared Key to use a password or Certificate to the remote IPSec device. Note: The...
...a 1024 bit (1Kb) random number. ZyWALL USG 1000 User's Guide 91 If it responds, the ZyWALL transmits the data. MD5 (Message Digest 5) and SHA1 (Secure Hash Algorithm) are hash algorithms used to Diffie-Hellman Group 1 a 768 bit random number. DH1 (default) refers to authenticate packet data. If ...it does not respond, the ZyWALL shuts down the IKE SA. • Authentication Method: Select Pre-Shared Key to use a password or Certificate to the remote IPSec device. Note: The...
User Guide
Page 284
...border routers, you must use the same authentication method that they use the default authentication method in this interface. This interface sends routing information. Receive Version ...60 characters long. use . authenticate OSPF routing information using MD5 encryption 290 ZyWALL USG 1000 User's Guide RIP Setting See Section 16.2 on page 365 for more information...1, 2, and 1 and 2. disable authentication Text - authenticate OSPF routing information using a plain-text password MD5 - Select the RIP version(s) used for receiving RIP packets. Select this to enable RIP in...
...border routers, you must use the same authentication method that they use the default authentication method in this interface. This interface sends routing information. Receive Version ...60 characters long. use . authenticate OSPF routing information using MD5 encryption 290 ZyWALL USG 1000 User's Guide RIP Setting See Section 16.2 on page 365 for more information...1, 2, and 1 and 2. disable authentication Text - authenticate OSPF routing information using a plain-text password MD5 - Select the RIP version(s) used for receiving RIP packets. Select this to enable RIP in...
User Guide
Page 285
...field is available if the Authentication is MD5. Type the password for Authentication MD5 authentication. Type the ID for text authentication. By default, the ZyWALL uses the factory assigned MAC address to the ZyWALL. It will be up to General. Configure Policy Route ...References to configure a VLAN interface for load balancing. OK Cancel You must manually configure a policy route to 16 characters long. ZyWALL USG 1000 User's Guide 291 MAC Address Setting This section appears when Interface Properties is successfully configured, the address will not change the ...
...field is available if the Authentication is MD5. Type the password for Authentication MD5 authentication. Type the ID for text authentication. By default, the ZyWALL uses the factory assigned MAC address to the ZyWALL. It will be up to General. Configure Policy Route ...References to configure a VLAN interface for load balancing. OK Cancel You must manually configure a policy route to 16 characters long. ZyWALL USG 1000 User's Guide 291 MAC Address Setting This section appears when Interface Properties is successfully configured, the address will not change the ...
User Guide
Page 311
... use the default authentication method in which this interface only receives routing information. Priority Enter the priority (between 1 and 255. The key can consist of a WAN trunk for a Designated Router (DR) or Backup Designated Router (BDR). Cancel Click Cancel to eight characters long. Type the password for more information about OSPF. ZyWALL USG 1000 User...
... use the default authentication method in which this interface only receives routing information. Priority Enter the priority (between 1 and 255. The key can consist of a WAN trunk for a Designated Router (DR) or Backup Designated Router (BDR). Cancel Click Cancel to eight characters long. Type the password for more information about OSPF. ZyWALL USG 1000 User...
User Guide
Page 366
...for the area in the area. MD5 uses an MD5 password and authentication ID (most secure). 372 ZyWALL USG 1000 User's Guide Stub - It does not have information about the OSPF AS and networks that is a normal area. Select the default authentication method used in IP address format. Type Select ...the type of routing updates. It depends on page 365), and click either the Add icon or an Edit icon. Text uses a plain text password that are outside the OSPF AS and...
...for the area in the area. MD5 uses an MD5 password and authentication ID (most secure). 372 ZyWALL USG 1000 User's Guide Stub - It does not have information about the OSPF AS and networks that is a normal area. Select the default authentication method used in IP address format. Type Select ...the type of routing updates. It depends on page 365), and click either the Add icon or an Edit icon. Text uses a plain text password that are outside the OSPF AS and...
User Guide
Page 367
...and it can be up to the backbone. Type the default ID for MD5 authentication in the area. MD5 uses an MD5 password and authentication ID (most secure). The ID can modify the entry's settings. Type the default password for MD5 authentication in the area. Virtual Link This section... is available if the Authentication is sent over the network (not very secure). Type the password for text authentication. The key can consist of the other area and on page ZyWALL USG 1000 User's Guide 373 MD5 Authentication ID This field is available if the Authentication is MD5. ...
...and it can be up to the backbone. Type the default ID for MD5 authentication in the area. MD5 uses an MD5 password and authentication ID (most secure). The ID can modify the entry's settings. Type the default password for MD5 authentication in the area. Virtual Link This section... is available if the Authentication is sent over the network (not very secure). Type the password for text authentication. The key can consist of the other area and on page ZyWALL USG 1000 User's Guide 373 MD5 Authentication ID This field is available if the Authentication is MD5. ...
User Guide
Page 368
... ABR in this screen without saving. 16.4 Routing Protocol Technical Reference Here is more detailed information about RIP and OSPF. 374 ZyWALL USG 1000 User's Guide The key can consist of alphanumeric characters and the underscore, and it can be up to display a screen like... changes back to 8 characters long. Figure 284 Configuration > Network > Routing > OSPF > Add > Add The following . Type the default ID for MD5 authentication in the area. Authentication Select the authentication method the virtual link uses. Type the default password for text authentication.
... ABR in this screen without saving. 16.4 Routing Protocol Technical Reference Here is more detailed information about RIP and OSPF. 374 ZyWALL USG 1000 User's Guide The key can consist of alphanumeric characters and the underscore, and it can be up to display a screen like... changes back to 8 characters long. Figure 284 Configuration > Network > Routing > OSPF > Add > Add The following . Type the default ID for MD5 authentication in the area. Authentication Select the authentication method the virtual link uses. Type the default password for text authentication.
User Guide
Page 369
...plain text password, and the (unencrypted) password is usually used temporarily to use this default in an interface or virtual link, you can only select one the ZyWALL calculates using an MD5 password and authentication ID. If you want to prevent network problems. • MD5 - ZyWALL USG 1000 User's ...Guide 375 The receiving router uses its key to Same as the authentication ID of routing updates. This method is sent over the network. authentication using the MD5 password. If the received message is not ...
...plain text password, and the (unencrypted) password is usually used temporarily to use this default in an interface or virtual link, you can only select one the ZyWALL calculates using an MD5 password and authentication ID. If you want to prevent network problems. • MD5 - ZyWALL USG 1000 User's ...Guide 375 The receiving router uses its key to Same as the authentication ID of routing updates. This method is sent over the network. authentication using the MD5 password. If the received message is not ...
User Guide
Page 669
...ZyWALL USG 1000 User's Guide 673 Table 179 Configuration > Device HA > Active-Passive Mode LABEL DESCRIPTION Show Advance Settings / Hide Advance Settings Click this button to display a greater or lesser number of the master ZyWALL if the master ZyWALL becomes unavailable. A virtual router consists of a master ZyWALL and all of the backup ZyWALL. The password... is the master ZyWALL in the virtual router. Type the password in a virtual router must be up to eight characters long. This ZyWALL is master, the ZyWALL preempts by default.) Cluster Settings Cluster...
...ZyWALL USG 1000 User's Guide 673 Table 179 Configuration > Device HA > Active-Passive Mode LABEL DESCRIPTION Show Advance Settings / Hide Advance Settings Click this button to display a greater or lesser number of the master ZyWALL if the master ZyWALL becomes unavailable. A virtual router consists of a master ZyWALL and all of the backup ZyWALL. The password... is the master ZyWALL in the virtual router. Type the password in a virtual router must be up to eight characters long. This ZyWALL is master, the ZyWALL preempts by default.) Cluster Settings Cluster...
User Guide
Page 690
... This field is available for more information about this user belongs. Enter the number of the ZyWALL but the first character cannot be different than the default settings, select Use Manual Settings then fill your preferred values in this user account is maintained in... 1440 minutes. You may use up to renew the current session before the lease time expires. 694 ZyWALL USG 1000 User's Guide Choices are provided. Default descriptions are : Password • admin - Lease Time This field is logged out. Admin users renew the session every time...
... This field is available for more information about this user belongs. Enter the number of the ZyWALL but the first character cannot be different than the default settings, select Use Manual Settings then fill your preferred values in this user account is maintained in... 1440 minutes. You may use up to renew the current session before the lease time expires. 694 ZyWALL USG 1000 User's Guide Choices are provided. Default descriptions are : Password • admin - Lease Time This field is logged out. Admin users renew the session every time...
User Guide
Page 696
...users can login as many times as they want as long as they use the default settings. Limit the number of simultaneous logons for any user account's authentication timeout settings. 700 ZyWALL USG 1000 User's Guide User Lockout Settings Enable logon retry limit Select this , access users...administration account is checked. Type the maximum number of account simultaneous logins by each user can login unsuccessfully (for example, wrong password) before the IP address is locked out for access account is checked. Maximum retry count This field is effective when Enable...
...users can login as many times as they want as long as they use the default settings. Limit the number of simultaneous logons for any user account's authentication timeout settings. 700 ZyWALL USG 1000 User's Guide User Lockout Settings Enable logon retry limit Select this , access users...administration account is checked. Type the maximum number of account simultaneous logins by each user can login unsuccessfully (for example, wrong password) before the IP address is locked out for access account is checked. Maximum retry count This field is effective when Enable...
User Guide
Page 726
...13.3.2 on the external authentication server and the ZyWALL. Base DN This specifies a directory. For example, o=ZyXEL, c=US. Key Enter a password (up to open a screen that shows which...return the screen to remove it before the ZyWALL disconnects from the RADIUS server. The ZyWALL confirms you want to its last-saved settings. 730 ZyWALL USG 1000 User's Guide Name This is the address...new entry. Edit Double-click an entry or select it and click Remove. Authentication Port The default port of a RADIUS server. You need not change this case, user authentication fails. Click ...
...13.3.2 on the external authentication server and the ZyWALL. Base DN This specifies a directory. For example, o=ZyXEL, c=US. Key Enter a password (up to open a screen that shows which...return the screen to remove it before the ZyWALL disconnects from the RADIUS server. The ZyWALL confirms you want to its last-saved settings. 730 ZyWALL USG 1000 User's Guide Name This is the address...new entry. Edit Double-click an entry or select it and click Remove. Authentication Port The default port of a RADIUS server. You need not change this case, user authentication fails. Click ...
User Guide
Page 737
... a printable form. • Binary PKCS#12: This is a message digest calculated using the certificate's fingerprint. It is within a password-encrypted envelope. Finding Out More • See Section 6.6 on page 114 for related information on your certificate's public or private... the transfer process. A PKCS #7 file is not included. ZyWALL USG 1000 User's Guide 741 Note: Be careful not to convert a binary file to transfer a public key certificate. Chapter 46 Certificates Factory Default Certificate The ZyWALL generates its own unique self-signed certificate when you first turn ...
... a printable form. • Binary PKCS#12: This is a message digest calculated using the certificate's fingerprint. It is within a password-encrypted envelope. Finding Out More • See Section 6.6 on page 114 for related information on your certificate's public or private... the transfer process. A PKCS #7 file is not included. ZyWALL USG 1000 User's Guide 741 Note: Be careful not to convert a binary file to transfer a public key certificate. Chapter 46 Certificates Factory Default Certificate The ZyWALL generates its own unique self-signed certificate when you first turn ...
User Guide
Page 749
...information about the certificate. To remove an entry, select it before adding more certificates. ZyWALL USG 1000 User's Guide 753 Cancel Click Cancel to quit and return to the My Certificates screen... to open the Trusted Certificates screen. Uploading a new firmware or default configuration file does not delete your certificates unless you import a binary PKCS#12.... Remove The ZyWALL keeps all of these certificates. Chapter 46 Certificates Table 212 Configuration > Object > Certificate > My Certificates > Import (continued) LABEL DESCRIPTION Password This field only...
...information about the certificate. To remove an entry, select it before adding more certificates. ZyWALL USG 1000 User's Guide 753 Cancel Click Cancel to quit and return to the My Certificates screen... to open the Trusted Certificates screen. Uploading a new firmware or default configuration file does not delete your certificates unless you import a binary PKCS#12.... Remove The ZyWALL keeps all of these certificates. Chapter 46 Certificates Table 212 Configuration > Object > Certificate > My Certificates > Import (continued) LABEL DESCRIPTION Password This field only...
User Guide
Page 752
... (usually a certification authority). Password Type the password (up to have the ZyWALL check incoming certificates that specifies how clients access directories of certificates and lists of revoked certificates. Password Type the password (up to 31 ASCII characters...ZyWALL USG 1000 User's Guide You can use the same server port number that validate the end entity's certificate. The ZyWALL does not trust the end entity's certificate and displays "Not trusted" in dotted decimal notation) of certification authorities that the directory server uses. 389 is the default...
... (usually a certification authority). Password Type the password (up to have the ZyWALL check incoming certificates that specifies how clients access directories of certificates and lists of revoked certificates. Password Type the password (up to 31 ASCII characters...ZyWALL USG 1000 User's Guide You can use the same server port number that validate the end entity's certificate. The ZyWALL does not trust the end entity's certificate and displays "Not trusted" in dotted decimal notation) of certification authorities that the directory server uses. 389 is the default...
User Guide
Page 812
... name and password) to the server to log in to the server. 50.7.2 SSH Implementation on the ZyWALL Your ZyWALL supports SSH versions 1 and 2 using port 22 (by default). 50.7.3 Requirements for Using SSH You must agree on the type of encryption method to specify from which zones SSH can come. 816 ZyWALL USG 1000 User's Guide...
... name and password) to the server to log in to the server. 50.7.2 SSH Implementation on the ZyWALL Your ZyWALL supports SSH versions 1 and 2 using port 22 (by default). 50.7.3 Requirements for Using SSH You must agree on the type of encryption method to specify from which zones SSH can come. 816 ZyWALL USG 1000 User's Guide...
User Guide
Page 865
...about 5 seconds (or until the PWR LED starts to the factory defaults (password is 1234, LAN IP address 192.168.1.1 etc.; Press the button in to the logs (see Chapter 10 on page 261). It returns the ZyWALL to blink), then release it. see Section 6.4 on . For ..., see your computer's Ethernet card is the default) and then press [ENTER]. In the Command Prompt window, type "ping" followed by the ZyWALL's LAN IP address (192.168.1.1 is installed and functioning properly. Make sure you have a hardware problem. ZyWALL USG 1000 User's Guide 869 Check all cable connections....
...about 5 seconds (or until the PWR LED starts to the factory defaults (password is 1234, LAN IP address 192.168.1.1 etc.; Press the button in to the logs (see Chapter 10 on page 261). It returns the ZyWALL to blink), then release it. see Section 6.4 on . For ..., see your computer's Ethernet card is the default) and then press [ENTER]. In the Command Prompt window, type "ping" followed by the ZyWALL's LAN IP address (192.168.1.1 is installed and functioning properly. Make sure you have a hardware problem. ZyWALL USG 1000 User's Guide 869 Check all cable connections....
User Guide
Page 885
..., AC880 or AC881 3G card Power Requirements 100-240 V AC, 50/60 Hz, 1 A Max ZyWALL USG 1000 User's Guide 891 Table 255 Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (ge1) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (ge1) Default Password 1234 This table provides hardware specifications. Table 256 Hardware Specifications FEATURE SPECIFICATION Number of...
..., AC880 or AC881 3G card Power Requirements 100-240 V AC, 50/60 Hz, 1 A Max ZyWALL USG 1000 User's Guide 891 Table 255 Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (ge1) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (ge1) Default Password 1234 This table provides hardware specifications. Table 256 Hardware Specifications FEATURE SPECIFICATION Number of...