User Guide
Page 45
... using its default configuration (see Chapter 4 on page 45): • A - main window ZyWALL USG 20/20W User's Guide 45 If you log in this screen does not appear anymore. Chapter 3 Web Configurator 5 The screen above appears every time you change the default password, the Login screen (Figure 6 on page 44) appears after you click Ignore, the...
... using its default configuration (see Chapter 4 on page 45): • A - main window ZyWALL USG 20/20W User's Guide 45 If you log in this screen does not appear anymore. Chapter 3 Web Configurator 5 The screen above appears every time you change the default password, the Login screen (Figure 6 on page 44) appears after you click Ignore, the...
User Guide
Page 124
... user name and password in the RADIUS server. 7.6 How to Use a RADIUS Server to Authenticate User Accounts based on Groups The previous example showed how to log in using the Web Configurator login screen before they can configure the make a couple of slight changes in the RADIUS server. 124 ZyWALL USG 20/20W User's Guide Chapter...
... user name and password in the RADIUS server. 7.6 How to Use a RADIUS Server to Authenticate User Accounts based on Groups The previous example showed how to log in using the Web Configurator login screen before they can configure the make a couple of slight changes in the RADIUS server. 124 ZyWALL USG 20/20W User's Guide Chapter...
User Guide
Page 213
... myZyXEL.com account, only the User Name and Password fields are not allowed. UserName Enter a user name for confirmation. Password Enter a password of web sites categorized based on content. Spaces are...changes back to the ZyWALL. VAT Number Enter your seller's Value-Added Tax number, if you bought your seller's name. Your ZyWALL accesses an external database that has millions of between six and 20... phone number. The trial period starts the day you entered has not been used. ZyWALL USG 20/20W User's Guide 213 The name should be from the drop-down box list. new ...
... myZyXEL.com account, only the User Name and Password fields are not allowed. UserName Enter a user name for confirmation. Password Enter a password of web sites categorized based on content. Spaces are...changes back to the ZyWALL. VAT Number Enter your seller's Value-Added Tax number, if you bought your seller's name. Your ZyWALL accesses an external database that has millions of between six and 20... phone number. The trial period starts the day you entered has not been used. ZyWALL USG 20/20W User's Guide 213 The name should be from the drop-down box list. new ...
User Guide
Page 254
...IP Address Radius Server Port Radius Server Secret IP Address Assignment Select the check box to enable wireless user authentication through scanning. Enter a password (up to 31 alphanumeric characters) as the key to guess. Wireless stations associating to the access point (AP) must be up ...turn on the wireless LAN interface. You can be the same on the external authentication server and ZyWALL. 254 ZyWALL USG 20/20W User's Guide To make your wireless network more secure, change the default SSID to something that are available when you want the WLAN interface to belong. Maximum...
...IP Address Radius Server Port Radius Server Secret IP Address Assignment Select the check box to enable wireless user authentication through scanning. Enter a password (up to 31 alphanumeric characters) as the key to guess. Wireless stations associating to the access point (AP) must be up ...turn on the wireless LAN interface. You can be the same on the external authentication server and ZyWALL. 254 ZyWALL USG 20/20W User's Guide To make your wireless network more secure, change the default SSID to something that are available when you want the WLAN interface to belong. Maximum...
User Guide
Page 260
...Group Key Update Timer is that WPA-PSK uses a simple common password, instead of inactivity. The ZyWALL uses an external RADIUS server or the ZyWALL's internal user account list to stay connected. Setting of automatically changing the group key for WPA and WPA-PSK are the same. ...following table describes the WPA-PSK/WPA2-PSK-related wireless LAN security labels. Chapter 11 Interfaces The following figure shows the security fields. 260 ZyWALL USG 20/20W User's Guide To configure and enable WPA or WPA2 security, click Configuration > Network > Interface > WLAN > Add (or Edit) to ...
...Group Key Update Timer is that WPA-PSK uses a simple common password, instead of inactivity. The ZyWALL uses an external RADIUS server or the ZyWALL's internal user account list to stay connected. Setting of automatically changing the group key for WPA and WPA-PSK are the same. ...following table describes the WPA-PSK/WPA2-PSK-related wireless LAN security labels. Chapter 11 Interfaces The following figure shows the security fields. 260 ZyWALL USG 20/20W User's Guide To configure and enable WPA or WPA2 security, click Configuration > Network > Interface > WLAN > Add (or Edit) to ...
User Guide
Page 262
... re-keying process is the rate at the factory and consists of six pairs of automatically changing the group key for USG 20W only. The ZyWALL automatically disconnects a wireless station from accessing the ZyWALL (deny association) based on a periodic basis. You need to know the MAC addresses of...RADIUS server's listening port number (the default is not sent over the network. Radius Server Secret Enter a password (up to 31 alphanumeric characters) as shown. 262 ZyWALL USG 20/20W User's Guide Setting of the devices to be the same on the RADIUS server has priority. The MAC ...
... re-keying process is the rate at the factory and consists of six pairs of automatically changing the group key for USG 20W only. The ZyWALL automatically disconnects a wireless station from accessing the ZyWALL (deny association) based on a periodic basis. You need to know the MAC addresses of...RADIUS server's listening port number (the default is not sent over the network. Radius Server Secret Enter a password (up to 31 alphanumeric characters) as shown. 262 ZyWALL USG 20/20W User's Guide Setting of the devices to be the same on the RADIUS server has priority. The MAC ...
User Guide
Page 273
... routing information. Passive Interface Select this interface. Click OK to save your changes back to the screen where you must use the same authentication method that they... Set the priority to zero if the interface can be up to 16 characters long. ZyWALL USG 20/20W User's Guide 273 Select None to disable OSPF in the area None - use . Type...or disable authentication. disable authentication Text - authenticate OSPF routing information using a plain-text password Text Authentication Key MD5 Authentication ID MD5 Authentication Key MD5 - The ID can be ...
... routing information. Passive Interface Select this interface. Click OK to save your changes back to the screen where you must use the same authentication method that they... Set the priority to zero if the interface can be up to 16 characters long. ZyWALL USG 20/20W User's Guide 273 Select None to disable OSPF in the area None - use . Type...or disable authentication. disable authentication Text - authenticate OSPF routing information using a plain-text password Text Authentication Key MD5 Authentication ID MD5 Authentication Key MD5 - The ID can be ...
User Guide
Page 315
... this to use RIP to distribute routing information within a group of networks, called an Autonomous ZyWALL USG 20/20W User's Guide 315 In practice, 2 or 3 is MD5. Text uses a plain text password that were learned through OSPF. The ID can be up to 16 characters long. The number... First, RFC 2328) is a link-state protocol designed to advertise routes that is Text. Reset Click this button to save your changes to advertise routes that were learned through the static route configuration. The metric represents the "cost" of transmission for text authentication. Active...
... this to use RIP to distribute routing information within a group of networks, called an Autonomous ZyWALL USG 20/20W User's Guide 315 In practice, 2 or 3 is MD5. Text uses a plain text password that were learned through OSPF. The ID can be up to 16 characters long. The number... First, RFC 2328) is a link-state protocol designed to advertise routes that is Text. Reset Click this button to save your changes to advertise routes that were learned through the static route configuration. The metric represents the "cost" of transmission for text authentication. Active...
User Guide
Page 323
...secure). Type the default password for text authentication. You should set up to create a new virtual link or edit an existing one. Double-click an entry or select it can be up the virtual link on page ZyWALL USG 20/20W User's Guide 323 ...Authentication This is MD5. Peer Router ID This is Text. Click Cancel to exit this to display the authentication ID and key. Type the password for MD5 authentication in the area. Click OK to save your cursor over this label to create a new virtual link. Hover your changes...
...secure). Type the default password for text authentication. You should set up to create a new virtual link or edit an existing one. Double-click an entry or select it can be up the virtual link on page ZyWALL USG 20/20W User's Guide 323 ...Authentication This is MD5. Peer Router ID This is Text. Click Cancel to exit this to display the authentication ID and key. Type the password for MD5 authentication in the area. Click OK to save your cursor over this label to create a new virtual link. Hover your changes...
User Guide
Page 324
...the confidentiality, of the other ABR in the virtual link. The password can consist of alphanumeric characters and the underscore, and it can be between 1 and 255. Click OK to save your changes back to 16 characters long. Click Cancel to display a screen like...(in this screen without saving. 14.4 Routing Protocol Technical Reference Here is more detailed information about RIP and OSPF. 324 ZyWALL USG 20/20W User's Guide MD5 uses an MD5 password and authentication ID (most secure). This field is available if the Authentication is MD5. Figure 196 Configuration > Network > ...
...the confidentiality, of the other ABR in the virtual link. The password can consist of alphanumeric characters and the underscore, and it can be between 1 and 255. Click OK to save your changes back to 16 characters long. Click Cancel to display a screen like...(in this screen without saving. 14.4 Routing Protocol Technical Reference Here is more detailed information about RIP and OSPF. 324 ZyWALL USG 20/20W User's Guide MD5 uses an MD5 password and authentication ID (most secure). This field is available if the Authentication is MD5. Figure 196 Configuration > Network > ...
User Guide
Page 420
...active protocol is AH, you can solve this might change the IP addresses, port numbers, or both. You can set up the ZyWALL to provide a user name and password to the remote IPSec router, or you can set up the ZyWALL to establish an IKE SA. The routers cannot establish...the negotiation mode (steps 7-10 in main mode, steps 4-7 in aggressive mode). 420 ZyWALL USG 20/20W User's Guide In NAT traversal, router X and router Y add an extra header to verify the user name and password. Extended Authentication Extended authentication is often used with the extra header unchanged. (See the ...
...active protocol is AH, you can solve this might change the IP addresses, port numbers, or both. You can set up the ZyWALL to provide a user name and password to the remote IPSec router, or you can set up the ZyWALL to establish an IKE SA. The routers cannot establish...the negotiation mode (steps 7-10 in main mode, steps 4-7 in aggressive mode). 420 ZyWALL USG 20/20W User's Guide In NAT traversal, router X and router Y add an extra header to verify the user name and password. Extended Authentication Extended authentication is often used with the extra header unchanged. (See the ...
User Guide
Page 544
...to renew the current session before the lease time expires. 544 ZyWALL USG 20/20W User's Guide You can use 1-31 alphanumeric characters, underscores(_), or dashes (-), but cannot look at the configuration • ext-user - Access users can look at and change it • user - You may use up to 60 ...a ext-group-user type user account. See Ext-Group-User Accounts on their screen as RADIUS or LDAP. Retype Group Identifier Enter the password of each user, if any. This field is automatically renewed before the user is not available if you select the ext-group-user type...
...to renew the current session before the lease time expires. 544 ZyWALL USG 20/20W User's Guide You can use 1-31 alphanumeric characters, underscores(_), or dashes (-), but cannot look at the configuration • ext-user - Access users can look at and change it • user - You may use up to 60 ...a ext-group-user type user account. See Ext-Group-User Accounts on their screen as RADIUS or LDAP. Retype Group Identifier Enter the password of each user, if any. This field is automatically renewed before the user is not available if you select the ext-group-user type...
User Guide
Page 550
...Type the maximum number of times each user can login unsuccessfully (for example, wrong password) before the IP address is checked. This field is checked. User Lockout Settings... timeout settings also control the settings for any user account's authentication timeout settings. 550 ZyWALL USG 20/20W User's Guide for access account is reached. Type the maximum number of simultaneous logins ...specified amount of simultaneous logins by non-admin users. If you to save the changes. This field is effective when Enable logon retry limit is effective when Limit ... ...
...Type the maximum number of times each user can login unsuccessfully (for example, wrong password) before the IP address is checked. This field is checked. User Lockout Settings... timeout settings also control the settings for any user account's authentication timeout settings. 550 ZyWALL USG 20/20W User's Guide for access account is reached. Type the maximum number of simultaneous logins ...specified amount of simultaneous logins by non-admin users. If you to save the changes. This field is effective when Enable logon retry limit is effective when Limit ... ...
User Guide
Page 579
... the RADIUS screen to manage the list of the attribute that the users can add ext-group-user user objects to save the changes. Specify the directory (up to test if the configuration is a second type of identifier the users are to use to which ... it here. Password Base DN Login Name Attribute Alternative Login Name Attribute Group Membership Attribute For example, cn=zywallAdmin specifies zywallAdmin as the group identifier, another for "RD" and a third for each group. Specify the bind DN for its accounts. For example, o=ZyXEL, c=US. ZyWALL USG 20/20W User's Guide 579...
... the RADIUS screen to manage the list of the attribute that the users can add ext-group-user user objects to save the changes. Specify the directory (up to test if the configuration is a second type of identifier the users are to use to which ... it here. Password Base DN Login Name Attribute Alternative Login Name Attribute Group Membership Attribute For example, cn=zywallAdmin specifies zywallAdmin as the group identifier, another for "RD" and a third for each group. Specify the bind DN for its accounts. For example, o=ZyXEL, c=US. ZyWALL USG 20/20W User's Guide 579...
User Guide
Page 580
...key is down. Click Reset to return the screen to display the RADIUS screen. The ZyWALL confirms you can modify the entry's settings. For example, o=ZyXEL, c=US. Key Enter a password (up to be the same on page 232 for authentication is the name of the AD...period (between the external authentication server and the ZyWALL. In this value unless your network administrator instructs you to save the changes. Chapter 37 AAA Server Click Configuration > Object > AAA Server > RADIUS to its last-saved settings. 580 ZyWALL USG 20/20W User's Guide Base DN This specifies a ...
...key is down. Click Reset to return the screen to display the RADIUS screen. The ZyWALL confirms you can modify the entry's settings. For example, o=ZyXEL, c=US. Key Enter a password (up to be the same on page 232 for authentication is the name of the AD...period (between the external authentication server and the ZyWALL. In this value unless your network administrator instructs you to save the changes. Chapter 37 AAA Server Click Configuration > Object > AAA Server > RADIUS to its last-saved settings. 580 ZyWALL USG 20/20W User's Guide Base DN This specifies a ...
User Guide
Page 582
... belongs. it does not display, select user-defined and specify the attribute's number. You can add ext-group-user user objects to discard the changes. 582 ZyWALL USG 20/20W User's Guide A RADIUS server defines attributes for "management". Select the name and number of the attribute that the...Table 174 Configuration > Object > AAA Server > RADIUS > Add (continued) LABEL DESCRIPTION Timeout Specify the timeout period (between the external authentication server and the ZyWALL. This attribute's value is not sent over the network. Key Enter a password (up to save the changes.
... belongs. it does not display, select user-defined and specify the attribute's number. You can add ext-group-user user objects to discard the changes. 582 ZyWALL USG 20/20W User's Guide A RADIUS server defines attributes for "management". Select the name and number of the attribute that the...Table 174 Configuration > Object > AAA Server > RADIUS > Add (continued) LABEL DESCRIPTION Timeout Specify the timeout period (between the external authentication server and the ZyWALL. This attribute's value is not sent over the network. Key Enter a password (up to save the changes.
User Guide
Page 586
... methods in the order they appear in the AAA Server screen (see Chapter 37 on the first authentication server. 586 ZyWALL USG 20/20W User's Guide For example, "My_Device". To change a method's position in the numbered list, select the method and click Move to display a field to type a ...If two accounts with the same username exist on two authentication servers you specify, the ZyWALL does not continue the search on the second authentication server when you enter the username and password that you can create a server object in this screen. Chapter 38 Authentication Method 7 ...
... methods in the order they appear in the AAA Server screen (see Chapter 37 on the first authentication server. 586 ZyWALL USG 20/20W User's Guide For example, "My_Device". To change a method's position in the numbered list, select the method and click Move to display a field to type a ...If two accounts with the same username exist on two authentication servers you specify, the ZyWALL does not continue the search on the second authentication server when you enter the username and password that you can create a server object in this screen. Chapter 38 Authentication Method 7 ...
User Guide
Page 606
... can change the name. URL Type the protocol, IP address and pathname of revoked certificates. Password Type the password (up to 31 ASCII characters) from the entity maintaining the CRL directory server (usually a certification authority). Port Use this field to have this read -only fields display detailed information about the certificate. 606 ZyWALL USG 20/20W User...
... can change the name. URL Type the protocol, IP address and pathname of revoked certificates. Password Type the password (up to 31 ASCII characters) from the entity maintaining the CRL directory server (usually a certification authority). Port Use this field to have this read -only fields display detailed information about the certificate. 606 ZyWALL USG 20/20W User...
User Guide
Page 663
...from which zones SSH can come. ZyWALL USG 20/20W User's Guide 663 You can also specify from which IP addresses the access can be used to connect to the ZyWALL over SSH. 43.8.4 Configuring SSH Click Configuration > System > SSH to change your ZyWALL's Secure Shell settings. Chapter 43 System...Transmission After the identification is verified and data encryption activated, a secure tunnel is used to manage the ZyWALL. The client then sends its authentication information (user name and password) to the server to log in to the server. 43.8.2 SSH Implementation on a client computer ...
...from which zones SSH can come. ZyWALL USG 20/20W User's Guide 663 You can also specify from which IP addresses the access can be used to connect to the ZyWALL over SSH. 43.8.4 Configuring SSH Click Configuration > System > SSH to change your ZyWALL's Secure Shell settings. Chapter 43 System...Transmission After the identification is verified and data encryption activated, a secure tunnel is used to manage the ZyWALL. The client then sends its authentication information (user name and password) to the server to log in to the server. 43.8.2 SSH Implementation on a client computer ...
User Guide
Page 673
... the Service Control table to . ZyWALL USG 20/20W User's Guide 673 Server Port Get Community Set Community You may change the server port number for a service if needed, however you can access which is the password for incoming Set requests from which is the password sent with the IP address that ...matches the IP address(es) in order to access the ZyWALL. The default is...
... the Service Control table to . ZyWALL USG 20/20W User's Guide 673 Server Port Get Community Set Community You may change the server port number for a service if needed, however you can access which is the password for incoming Set requests from which is the password sent with the IP address that ...matches the IP address(es) in order to access the ZyWALL. The default is...