User Guide
Page 21
.../Edit Screen 542 33.3 User Group Summary Screen 545 33.3.1 Group Add/Edit Screen 546 33.4 Setting Screen ...547 33.4.1 Default User Authentication Timeout Settings Edit Screens 550 33.4.2 User Aware Login Example 552 33.5 User /Group Technical Reference 553 Chapter 34 Addresses...555 34.1 Overview ...555 34.1.1 What You Can Do... Screen 555 34.2.1 Address Add/Edit Screen 557 34.3 Address Group Summary Screen 558 34.3.1 Address Group Add/Edit Screen 559 Chapter 35 Services ...561 ZyWALL USG 20/20W User's Guide 21
.../Edit Screen 542 33.3 User Group Summary Screen 545 33.3.1 Group Add/Edit Screen 546 33.4 Setting Screen ...547 33.4.1 Default User Authentication Timeout Settings Edit Screens 550 33.4.2 User Aware Login Example 552 33.5 User /Group Technical Reference 553 Chapter 34 Addresses...555 34.1 Overview ...555 34.1.1 What You Can Do... Screen 555 34.2.1 Address Add/Edit Screen 557 34.3 Address Group Summary Screen 558 34.3.1 Address Group Add/Edit Screen 559 Chapter 35 Services ...561 ZyWALL USG 20/20W User's Guide 21
User Guide
Page 44
Figure 7 Update Admin Info Screen 44 ZyWALL USG 20/20W User's Guide By default, the ZyWALL automatically routes this request to its HTTPS server, and it in using the default user name and password, the Update Admin Info screen (Figure 7 on page 45) appears. If your web browser, and go to http://192...field. You must use the OTP (One-Time Password) token to generate a number. Otherwise, the dashboard (Figure 8 on page 44) appears. The Login screen appears. Figure 6 Login Screen 3 Type the user name (default: "admin") and password (default: "1234"). The number is only good for one...
Figure 7 Update Admin Info Screen 44 ZyWALL USG 20/20W User's Guide By default, the ZyWALL automatically routes this request to its HTTPS server, and it in using the default user name and password, the Update Admin Info screen (Figure 7 on page 45) appears. If your web browser, and go to http://192...field. You must use the OTP (One-Time Password) token to generate a number. Otherwise, the dashboard (Figure 8 on page 44) appears. The Login screen appears. Figure 6 Login Screen 3 Type the user name (default: "admin") and password (default: "1234"). The number is only good for one...
User Guide
Page 45
If you change the default password, the Login screen (Figure 6 on page 44) appears after you log in using its default configuration (see Chapter 4 on page 45): • A - main window ZyWALL USG 20/20W User's Guide 45 Follow the directions in Figure 8 on page 59); navigation panel • C - If you click Ignore, the Installation Setup Wizard opens...
If you change the default password, the Login screen (Figure 6 on page 44) appears after you log in using its default configuration (see Chapter 4 on page 45): • A - main window ZyWALL USG 20/20W User's Guide 45 Follow the directions in Figure 8 on page 59); navigation panel • C - If you click Ignore, the Installation Setup Wizard opens...
User Guide
Page 169
... to the lastgood.conf configuration file. Current Login User This field displays the user name used . Click the icon to the ZyWALL. Firmware update OK - System default configuration - This occurs when the ZyWALL starts for specific MAC addresses. Click the Show Active Sessions icon to the Login Users ZyWALL. ZyWALL USG 20/20W User's Guide 169 Number of This...
... to the lastgood.conf configuration file. Current Login User This field displays the user name used . Click the icon to the ZyWALL. Firmware update OK - System default configuration - This occurs when the ZyWALL starts for specific MAC addresses. Click the Show Active Sessions icon to the Login Users ZyWALL. ZyWALL USG 20/20W User's Guide 169 Number of This...
User Guide
Page 369
... to return the screen to be authenticated. unnecessary - Users need to which this policy applies. The ZyWALL will not redirect them to the login screen. Authentication This field displays the authentication requirement for the default policy. required - ZyWALL USG 20/20W User's Guide 369 EPS This lists any exceptional service or other authentication policy. You can...
... to return the screen to be authenticated. unnecessary - Users need to which this policy applies. The ZyWALL will not redirect them to the login screen. Authentication This field displays the authentication requirement for the default policy. required - ZyWALL USG 20/20W User's Guide 369 EPS This lists any exceptional service or other authentication policy. You can...
User Guide
Page 371
... These fields display when you want to have not logged in order with the one that match the default policy. When a user's computer matches an endpoint security object the ZyWALL grants access and stops checking. Select an endpoint security object and use for more on logs. To... from the selected list and click the left . ZyWALL USG 20/20W User's Guide 371 Select whether to have the ZyWALL check that you set the Authentication field to have the ZyWALL automatically display the login screen when users who have the ZyWALL repeat checking time the endpoint security check at a ...
... These fields display when you want to have not logged in order with the one that match the default policy. When a user's computer matches an endpoint security object the ZyWALL grants access and stops checking. Select an endpoint security object and use for more on logs. To... from the selected list and click the left . ZyWALL USG 20/20W User's Guide 371 Select whether to have the ZyWALL check that you set the Authentication field to have the ZyWALL automatically display the login screen when users who have the ZyWALL repeat checking time the endpoint security check at a ...
User Guide
Page 375
.... Firewall Rule Criteria The ZyWALL checks the schedule, user name (user's login name on the user name only. Global Firewall Rules Firewall rules with from the DMZ zone to an interface or VPN tunnel that apply to the ZyWALL itself, except for the ZyWALL itself . ZyWALL USG 20/20W User's Guide 375 ...order you also apply a schedule to the ZyWALL and will be disabled after the user logs out of the ZyWALL. By default: • The firewall allows only LAN, WLAN (USG 20W), or WAN computers to access or manage the ZyWALL. • The ZyWALL drops most packets from any as the To...
.... Firewall Rule Criteria The ZyWALL checks the schedule, user name (user's login name on the user name only. Global Firewall Rules Firewall rules with from the DMZ zone to an interface or VPN tunnel that apply to the ZyWALL itself, except for the ZyWALL itself . ZyWALL USG 20/20W User's Guide 375 ...order you also apply a schedule to the ZyWALL and will be disabled after the user logs out of the ZyWALL. By default: • The firewall allows only LAN, WLAN (USG 20W), or WAN computers to access or manage the ZyWALL. • The ZyWALL drops most packets from any as the To...
User Guide
Page 433
...specify up to be one domain name for logging into the Web Configurator. The ZyWALL displays the normal login screen without the button for each of the ZyWALL's DDNS entries. Use this field to use "zyxel.com". Table 124 VPN > SSL VPN > Global Setting LABEL DESCRIPTION Global Setting... name for users to the default settings unless it conflicts with another interface. Do not include the host. For example, www.zyxel.com is a fully qualified domain name where "www" is the host; Figure 254 VPN > SSL VPN > Global Setting The following screen. ZyWALL USG 20/20W User's Guide 433
...specify up to be one domain name for logging into the Web Configurator. The ZyWALL displays the normal login screen without the button for each of the ZyWALL's DDNS entries. Use this field to use "zyxel.com". Table 124 VPN > SSL VPN > Global Setting LABEL DESCRIPTION Global Setting... name for users to the default settings unless it conflicts with another interface. Do not include the host. For example, www.zyxel.com is a fully qualified domain name where "www" is the host; Figure 254 VPN > SSL VPN > Global Setting The following screen. ZyWALL USG 20/20W User's Guide 433
User Guide
Page 434
... logs out and the SSL VPN connection is the default logo. Click Reset Logo to Default to the ZyWALL. Update Client Virtual Desktop Logo You can enter up to 60 characters ("a-z", A-Z", "0-9") with spaces allowed. The ZyXEL company logo is terminated successfully. You can upload a...> SSL VPN > Global Setting (continued) LABEL DESCRIPTION Message Login Message Specify a message to display on the screen when a user logs in as a user to verify that the new logo displays properly. 434 ZyWALL USG 20/20W User's Guide Click Apply to avoid distortion when displayed....
... logs out and the SSL VPN connection is the default logo. Click Reset Logo to Default to the ZyWALL. Update Client Virtual Desktop Logo You can enter up to 60 characters ("a-z", A-Z", "0-9") with spaces allowed. The ZyXEL company logo is terminated successfully. You can upload a...> SSL VPN > Global Setting (continued) LABEL DESCRIPTION Message Login Message Specify a message to display on the screen when a user logs in as a user to verify that the new logo displays properly. 434 ZyWALL USG 20/20W User's Guide Click Apply to avoid distortion when displayed....
User Guide
Page 539
...control when users have to log in to the ZyWALL before the ZyWALL routes traffic for them . 33.1.1 What You Can Do in user groups • The Setting screen (see Section 33.3 on page 547) controls default settings, login settings, lockout settings, and other user groups. User... on page 545) provides a summary of a user logged into the ZyWALL. User accounts are the types of User Accounts TYPE ABILITIES LOGIN METHOD(S) Admin Users admin Change ZyWALL configuration (web, CLI) WWW, TELNET, SSH, FTP, Console ZyWALL USG 20/20W User's Guide 539 Table 151 Types of user accounts the...
...control when users have to log in to the ZyWALL before the ZyWALL routes traffic for them . 33.1.1 What You Can Do in user groups • The Setting screen (see Section 33.3 on page 547) controls default settings, login settings, lockout settings, and other user groups. User... on page 545) provides a summary of a user logged into the ZyWALL. User accounts are the types of User Accounts TYPE ABILITIES LOGIN METHOD(S) Admin Users admin Change ZyWALL configuration (web, CLI) WWW, TELNET, SSH, FTP, Console ZyWALL USG 20/20W User's Guide 539 Table 151 Types of user accounts the...
User Guide
Page 540
Chapter 33 User/Group Table 151 Types of User Accounts (continued) TYPE ABILITIES LOGIN METHOD(S) limited-admin Look at ZyWALL configuration (web, CLI) WWW, TELNET, SSH, Console Access Users user Perform basic diagnostics...authenticated by an external server, such as reauthentication time, the ZyWALL checks the following places, in order. 1 User account in the remote server. 2 User account (Ext-User) in the ZyWALL. 3 Default user account for AD users (ad-users), LDAP users ... AAA servers and authentication methods, which are discussed in the ZyWALL. 540 ZyWALL USG 20/20W User's Guide
Chapter 33 User/Group Table 151 Types of User Accounts (continued) TYPE ABILITIES LOGIN METHOD(S) limited-admin Look at ZyWALL configuration (web, CLI) WWW, TELNET, SSH, Console Access Users user Perform basic diagnostics...authenticated by an external server, such as reauthentication time, the ZyWALL checks the following places, in order. 1 User account in the remote server. 2 User account (Ext-User) in the ZyWALL. 3 Default user account for AD users (ad-users), LDAP users ... AAA servers and authentication methods, which are discussed in the ZyWALL. 540 ZyWALL USG 20/20W User's Guide
User Guide
Page 541
... See Section 33.4.2 on the group membership attribute. ZyWALL USG 20/20W User's Guide 541 See Section 37.2.1 on page 577 for more on page 552 for a user-aware login example. Note: You cannot put the default admin account into the ZyWALL to use a RADIUS server to authenticate user accounts ...based on groups. The ZyWALL automatically routes packets for everyone. Finding Out More • See Section ...
... See Section 33.4.2 on the group membership attribute. ZyWALL USG 20/20W User's Guide 541 See Section 37.2.1 on page 577 for more on page 552 for a user-aware login example. Note: You cannot put the default admin account into the ZyWALL to use a RADIUS server to authenticate user accounts ...based on groups. The ZyWALL automatically routes packets for everyone. Finding Out More • See Section ...
User Guide
Page 547
...your changes. 33.4 Setting Screen The Setting screen controls default settings, login settings, lockout settings, and other user settings for them . The order of the users and user groups that you do not want to the user group. ZyWALL USG 20/20W User's Guide 547 OK Cancel Move any members ...you want included to the ZyWALL. Select users and groups from...
...your changes. 33.4 Setting Screen The Setting screen controls default settings, login settings, lockout settings, and other user settings for them . The order of the users and user groups that you do not want to the user group. ZyWALL USG 20/20W User's Guide 547 OK Cancel Move any members ...you want included to the ZyWALL. Select users and groups from...
User Guide
Page 548
Figure 323 Configuration > Object > User/Group > Setting The following table describes the labels in this screen, login to use the default settings. Double-click an entry or select it is a sequential value, and it and click Edit to open a screen where you create a new user ... to the Web Configurator, and click Configuration > Object > User/Group > Setting. You can still manually configure any existing user accounts that are used by default when you can modify the entry's settings. # This field is not associated with a specific entry. 548 ZyWALL USG 20/20W User's Guide
Figure 323 Configuration > Object > User/Group > Setting The following table describes the labels in this screen, login to use the default settings. Double-click an entry or select it is a sequential value, and it and click Edit to open a screen where you create a new user ... to the Web Configurator, and click Configuration > Object > User/Group > Setting. You can still manually configure any existing user accounts that are used by default when you can modify the entry's settings. # This field is not associated with a specific entry. 548 ZyWALL USG 20/20W User's Guide
User Guide
Page 550
... limit is effective when Limit ... Type the maximum number of times each user can login unsuccessfully before the IP address is reached. These default authentication timeout settings also control the settings for any user account's authentication timeout settings. 550 ZyWALL USG 20/20W User's Guide This field is checked. This field is effective when Enable...
... limit is effective when Limit ... Type the maximum number of times each user can login unsuccessfully before the IP address is reached. These default authentication timeout settings also control the settings for any user account's authentication timeout settings. 550 ZyWALL USG 20/20W User's Guide This field is checked. This field is effective when Enable...
User Guide
Page 552
... of the lease time. 552 ZyWALL USG 20/20W User's Guide Chapter 33 User/Group 33.4.2 User Aware Login Example Access users cannot use the Web Configurator to reset the lease time. Figure 325 Web Configurator for Non-Admin Users LABEL DESCRIPTION User-defined lease time (max ... The default value is the lease time that...
... of the lease time. 552 ZyWALL USG 20/20W User's Guide Chapter 33 User/Group 33.4.2 User Aware Login Example Access users cannot use the Web Configurator to reset the lease time. Figure 325 Web Configurator for Non-Admin Users LABEL DESCRIPTION User-defined lease time (max ... The default value is the lease time that...
User Guide
Page 575
... is both a directory and a protocol for controlling access to a network. Normally, the directory structure reflects the geographical or ZyWALL USG 20/20W User's Guide 575 You can also use for fast information retrieval and filtering activities. RADIUS authentication allows you to authenticate ...administrative users logging into the ZyWALL's Web Configurator or network access users logging into the network through the ZyWALL. You create and store user profile and login information on page 579) to configure the default external RADIUS server to use the local...
... is both a directory and a protocol for controlling access to a network. Normally, the directory structure reflects the geographical or ZyWALL USG 20/20W User's Guide 575 You can also use for fast information retrieval and filtering activities. RADIUS authentication allows you to authenticate ...administrative users logging into the ZyWALL's Web Configurator or network access users logging into the network through the ZyWALL. You create and store user profile and login information on page 579) to configure the default external RADIUS server to use the local...
User Guide
Page 606
...only fields display detailed information about the certificate. 606 ZyWALL USG 20/20W User's Guide Address Type the IP address (in the list (along with the end entity's own certificate). Type the login name (up to have the ZyWALL check incoming certificates that validate the end entity's certificate... how clients access directories of certificates and lists of revoked certificates. If the issuing certification authority is the default server port number for LDAP. The ZyWALL does not trust the end entity's certificate and displays "Not trusted" in order to 31 ASCII characters)...
...only fields display detailed information about the certificate. 606 ZyWALL USG 20/20W User's Guide Address Type the IP address (in the list (along with the end entity's own certificate). Type the login name (up to have the ZyWALL check incoming certificates that validate the end entity's certificate... how clients access directories of certificates and lists of revoked certificates. If the issuing certification authority is the default server port number for LDAP. The ZyWALL does not trust the end entity's certificate and displays "Not trusted" in order to 31 ASCII characters)...
User Guide
Page 653
...by commas. Customized Access Page Use this section to set how the Web Configurator login screen looks. The following table describes the labels in the preview screen on the upper left corner of the... browser may not support it. Table 202 Configuration > System > WWW > Login Page LABEL DESCRIPTION Select Type Select whether the Web Configurator uses the default login screen or one that represents the desired color. Logo File You can upload ... the logo graphic or click Browse to access network services like the Internet. ZyWALL USG 20/20W User's Guide 653
...by commas. Customized Access Page Use this section to set how the Web Configurator login screen looks. The following table describes the labels in the preview screen on the upper left corner of the... browser may not support it. Table 202 Configuration > System > WWW > Login Page LABEL DESCRIPTION Select Type Select whether the Web Configurator uses the default login screen or one that represents the desired color. Logo File You can upload ... the logo graphic or click Browse to access network services like the Internet. ZyWALL USG 20/20W User's Guide 653
User Guide
Page 741
...Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (P2, P3) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (P2, P3) Default Password 1234 This table provides hardware specifications. The centers of key features. See Chapter 2 on page 37 for the supported 3G cards. 12V DC Temperature: 0 C to 40 C Humidity: 20...play See www.zyxel.com for a general overview of the holes are subject to 95% (non-condensing) Mean Time Between Failures: 323,823 hours The ZyWALL has wall-mounting holes on the bottom panel. It is not included. ZyWALL USG 20/20W User's ...
...Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (P2, P3) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (P2, P3) Default Password 1234 This table provides hardware specifications. The centers of key features. See Chapter 2 on page 37 for the supported 3G cards. 12V DC Temperature: 0 C to 40 C Humidity: 20...play See www.zyxel.com for a general overview of the holes are subject to 95% (non-condensing) Mean Time Between Failures: 323,823 hours The ZyWALL has wall-mounting holes on the bottom panel. It is not included. ZyWALL USG 20/20W User's ...