User Guide
Page 44
... Login. Figure 7 Update Admin Info Screen 44 ZyWALL USG 20/20W User's Guide Chapter 3 Web Configurator 2 Open your account is configured to use an ASAS authentication server, use the token to generate a new number the next time you logged in using the default user name and password, the Update Admin Info screen (Figure 7 on page...
... Login. Figure 7 Update Admin Info Screen 44 ZyWALL USG 20/20W User's Guide Chapter 3 Web Configurator 2 Open your account is configured to use an ASAS authentication server, use the token to generate a new number the next time you logged in using the default user name and password, the Update Admin Info screen (Figure 7 on page...
User Guide
Page 45
... shown next. Chapter 3 Web Configurator 5 The screen above appears every time you log in Figure 8 on page 45): • A - If you change the password for the default user account, this screen. main window ZyWALL USG 20/20W User's Guide 45 otherwise the dashboard appears as illustrated in using its default configuration (see Chapter 4 on page 59);
... shown next. Chapter 3 Web Configurator 5 The screen above appears every time you log in Figure 8 on page 45): • A - If you change the password for the default user account, this screen. main window ZyWALL USG 20/20W User's Guide 45 otherwise the dashboard appears as illustrated in using its default configuration (see Chapter 4 on page 59);
User Guide
Page 83
...it does not respond, the ZyWALL shuts down the IKE SA. • Authentication Method: Select Pre-Shared Key to use a password or Certificate to use one of the ZyWALL's certificates. 5.5.6 VPN Advanced ... has been no traffic for at least 15 seconds, the ZyWALL sends a message to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number. DH1 (default) refers to Diffie-Hellman Group 1 a 768 bit random.... Figure 46 VPN Advanced Wizard: Step 4 ZyWALL USG 20/20W User's Guide 83 The SHA1 algorithm is more secure than DES. If it responds, the ZyWALL transmits the data. Chapter 5 Quick Setup that...
...it does not respond, the ZyWALL shuts down the IKE SA. • Authentication Method: Select Pre-Shared Key to use a password or Certificate to use one of the ZyWALL's certificates. 5.5.6 VPN Advanced ... has been no traffic for at least 15 seconds, the ZyWALL sends a message to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number. DH1 (default) refers to Diffie-Hellman Group 1 a 768 bit random.... Figure 46 VPN Advanced Wizard: Step 4 ZyWALL USG 20/20W User's Guide 83 The SHA1 algorithm is more secure than DES. If it responds, the ZyWALL transmits the data. Chapter 5 Quick Setup that...
User Guide
Page 231
...can be up to route packets through this interface only receives routing information. Type the password for MD5 authentication. disable authentication Text - By default, the ZyWALL uses the factory assigned MAC address to stop forwarding OSPF routing information from the selected ... authentication. otherwise, the ZyWALL uses multicasting. As a result, this interface. ZyWALL USG 20/20W User's Guide 231 Choices are: Same-as-Area - This field is available if the Authentication is MD5. Have the interface use the factory assigned default MAC address. OSPF Setting...
...can be up to route packets through this interface only receives routing information. Type the password for MD5 authentication. disable authentication Text - By default, the ZyWALL uses the factory assigned MAC address to stop forwarding OSPF routing information from the selected ... authentication. otherwise, the ZyWALL uses multicasting. As a result, this interface. ZyWALL USG 20/20W User's Guide 231 Choices are: Same-as-Area - This field is available if the Authentication is MD5. Have the interface use the factory assigned default MAC address. OSPF Setting...
User Guide
Page 254
...wireless LAN labels in the outgoing beacon frame so a station cannot obtain the SSID through an external authentication server. Enter a password (up to display a greater or lesser number of security to something that are available when you use for this interface. ...to guess. Enter the RADIUS server's listening port number (the default is difficult to 60 characters long. This key must have the same SSID. You can be the same on the external authentication server and ZyWALL. 254 ZyWALL USG 20/20W User's Guide Table 60 Configuration > Network > Interface >...
...wireless LAN labels in the outgoing beacon frame so a station cannot obtain the SSID through an external authentication server. Enter a password (up to display a greater or lesser number of security to something that are available when you use for this interface. ...to guess. Enter the RADIUS server's listening port number (the default is difficult to 60 characters long. This key must have the same SSID. You can be the same on the external authentication server and ZyWALL. 254 ZyWALL USG 20/20W User's Guide Table 60 Configuration > Network > Interface >...
User Guide
Page 257
... interface when the area is enabled. ZyWALL USG 20/20W User's Guide 257 Receive Version This field is effective when RIP is looking for receiving RIP packets. This field is available if the Authentication is MD5. Type the password for text authentication. This interface receives .... To exchange OSPF routing information with peer border routers, you must use the same authentication method that they use the default authentication method in this interface only receives routing information. Type the ID for more information about OSPF. Select this interface belongs...
... interface when the area is enabled. ZyWALL USG 20/20W User's Guide 257 Receive Version This field is effective when RIP is looking for receiving RIP packets. This field is available if the Authentication is MD5. Type the password for text authentication. This interface receives .... To exchange OSPF routing information with peer border routers, you must use the same authentication method that they use the default authentication method in this interface only receives routing information. Type the ID for more information about OSPF. Select this interface belongs...
User Guide
Page 261
...WPA2 Security) LABEL DESCRIPTION Authentication Type Authentication Method Select what the ZyWALL uses to create authentication method objects. This field displays if you have the ZyWALL check a user's user name and password against the ZyWALL's local database, a remote LDAP, RADIUS, a Active Directory server... tunnel. The RADIUS fields display if you select Authentication Method. ZyWALL USG 20/20W User's Guide 261 Select the certificate the ZyWALL uses to authenticate itself to Auth Method. The ZyWALL's default configuration also includes an authentication method object named...
...WPA2 Security) LABEL DESCRIPTION Authentication Type Authentication Method Select what the ZyWALL uses to create authentication method objects. This field displays if you have the ZyWALL check a user's user name and password against the ZyWALL's local database, a remote LDAP, RADIUS, a Active Directory server... tunnel. The RADIUS fields display if you select Authentication Method. ZyWALL USG 20/20W User's Guide 261 Select the certificate the ZyWALL uses to authenticate itself to Auth Method. The ZyWALL's default configuration also includes an authentication method object named...
User Guide
Page 262
... > Interface > WLAN > Add (WPA/WPA2 Security) LABEL DESCRIPTION Radius Server Port Enter the RADIUS server's listening port number (the default is assigned at which the AP sends a new group key out to all connected wireless clients. Setting of the Group Key Update Timer... MAC Filter This feature is the WPA equivalent of a connected device, the ZyWALL drops the device's connection immediately. Radius Server Secret Enter a password (up to 31 alphanumeric characters) as shown. 262 ZyWALL USG 20/20W User's Guide The MAC filter allows you set the filter to allow association...
... > Interface > WLAN > Add (WPA/WPA2 Security) LABEL DESCRIPTION Radius Server Port Enter the RADIUS server's listening port number (the default is assigned at which the AP sends a new group key out to all connected wireless clients. Setting of the Group Key Update Timer... MAC Filter This feature is the WPA equivalent of a connected device, the ZyWALL drops the device's connection immediately. Radius Server Secret Enter a password (up to 31 alphanumeric characters) as shown. 262 ZyWALL USG 20/20W User's Guide The MAC filter allows you set the filter to allow association...
User Guide
Page 273
... long. Authentication Select an authentication method, or disable authentication. disable authentication Text - Type the ID for text authentication. ZyWALL USG 20/20W User's Guide 273 The password can consist of this interface when the area is MD5. Click Policy Route to go to exit this interface belongs..... As a result, this VLAN. Click Cancel to a screen where you must use the same authentication method that they use the default authentication method in the area None - Select the area in this to disable OSPF in which this screen without saving. Select None ...
... long. Authentication Select an authentication method, or disable authentication. disable authentication Text - Type the ID for text authentication. ZyWALL USG 20/20W User's Guide 273 The password can consist of this interface when the area is MD5. Click Policy Route to go to exit this interface belongs..... As a result, this VLAN. Click Cancel to a screen where you must use the same authentication method that they use the default authentication method in the area None - Select the area in this to disable OSPF in which this screen without saving. Select None ...
User Guide
Page 322
...integrity, but not about the OSPF AS and networks that is a Not So Stubby Area (NSSA), per RFC 1587. Text uses a plain text password that are directly connected to create a new area or edit an existing one. This area is an stub area. This area is a normal area...are outside the OSPF AS. Authentication Select the default authentication method used in IP address format. It depends on page 315), and click either the Add icon or an Edit icon. NSSA - MD5 uses an MD5 password and authentication ID (most secure). 322 ZyWALL USG 20/20W User's Guide Normal - Stub - ...
...integrity, but not about the OSPF AS and networks that is a Not So Stubby Area (NSSA), per RFC 1587. Text uses a plain text password that are directly connected to create a new area or edit an existing one. This area is an stub area. This area is a normal area...are outside the OSPF AS. Authentication Select the default authentication method used in IP address format. It depends on page 315), and click either the Add icon or an Edit icon. NSSA - MD5 uses an MD5 password and authentication ID (most secure). 322 ZyWALL USG 20/20W User's Guide Normal - Stub - ...
User Guide
Page 323
.... You should set up to the other ABR in the area. Text uses a plain text password that is a sequential value, and it can be up the virtual link on page ZyWALL USG 20/20W User's Guide 323 Hover your cursor over the network (not very secure). MD5 uses an...area. Create a virtual link if you can be between 1 and 255. None uses no authentication. Type the default ID for MD5 authentication in the virtual link. Type the default password for text authentication. Hover your cursor over this label to remove it before doing so. # This field is connected...
.... You should set up to the other ABR in the area. Text uses a plain text password that is a sequential value, and it can be up the virtual link on page ZyWALL USG 20/20W User's Guide 323 Hover your cursor over the network (not very secure). MD5 uses an...area. Create a virtual link if you can be between 1 and 255. None uses no authentication. Type the default ID for MD5 authentication in the virtual link. Type the default password for text authentication. Hover your cursor over this label to remove it before doing so. # This field is connected...
User Guide
Page 324
... uses no authentication. This field is available if the Authentication is Text. Type the default password for MD5 authentication in this screen without saving. 14.4 Routing Protocol Technical Reference Here is more detailed information about RIP and OSPF. 324 ZyWALL USG 20/20W User's Guide This authentication protects the integrity, but not the confidentiality, of...
... uses no authentication. This field is available if the Authentication is Text. Type the default password for MD5 authentication in this screen without saving. 14.4 Routing Protocol Technical Reference Here is more detailed information about RIP and OSPF. 324 ZyWALL USG 20/20W User's Guide This authentication protects the integrity, but not the confidentiality, of...
User Guide
Page 325
...have the same key. The transmitting and receiving routers must have to use this default in an interface or virtual link, you can only select one the ZyWALL calculates using the MD5 password. no authentication is not available in any value between 1 and 255. authentication...for more information. ZyWALL USG 20/20W User's Guide 325 This method is verified, then the receiving router accepts the updated routing information. It also includes an authentication ID, which can override the default in RIP version 1. For OSPF, the ZyWALL supports a default authentication type by ...
...have the same key. The transmitting and receiving routers must have to use this default in an interface or virtual link, you can only select one the ZyWALL calculates using the MD5 password. no authentication is not available in any value between 1 and 255. authentication...for more information. ZyWALL USG 20/20W User's Guide 325 This method is verified, then the receiving router accepts the updated routing information. It also includes an authentication ID, which can override the default in RIP version 1. For OSPF, the ZyWALL supports a default authentication type by ...
User Guide
Page 544
... time expires. 544 ZyWALL USG 20/20W User's Guide See Ext-User Accounts on their screen. Enter the number of minutes this user has access to 1440 minutes. You can specify 1 to the ZyWALL's services but the first character cannot be different than the default settings, select Use ...following table describes the labels in the Web Configurator. Table 153 Configuration > User/Group > User > Add LABEL DESCRIPTION User Name User Type Password Type the user name for a ext-group-user type user account. This value is . See Section 33.2.1.1 on their screen as RADIUS ...
... time expires. 544 ZyWALL USG 20/20W User's Guide See Ext-User Accounts on their screen. Enter the number of minutes this user has access to 1440 minutes. You can specify 1 to the ZyWALL's services but the first character cannot be different than the default settings, select Use ...following table describes the labels in the Web Configurator. Table 153 Configuration > User/Group > User > Add LABEL DESCRIPTION User Name User Type Password Type the user name for a ext-group-user type user account. This value is . See Section 33.2.1.1 on their screen as RADIUS ...
User Guide
Page 550
...saved settings. 33.4.1 Default User Authentication Timeout Settings Edit Screens The Default Authentication Timeout Settings Edit screen allows you to set the default authentication timeout settings for access account is checked. You can login unsuccessfully (for example, wrong password) before the IP ...User/Group > Setting (continued) LABEL DESCRIPTION Limit the number of simultaneous logons for any user account's authentication timeout settings. 550 ZyWALL USG 20/20W User's Guide If you want at the same time using the same or different IP addresses. Limit the number of ...
...saved settings. 33.4.1 Default User Authentication Timeout Settings Edit Screens The Default Authentication Timeout Settings Edit screen allows you to set the default authentication timeout settings for access account is checked. You can login unsuccessfully (for example, wrong password) before the IP ...User/Group > Setting (continued) LABEL DESCRIPTION Limit the number of simultaneous logons for any user account's authentication timeout settings. 550 ZyWALL USG 20/20W User's Guide If you want at the same time using the same or different IP addresses. Limit the number of ...
User Guide
Page 580
... Double-click an entry or select it before the ZyWALL disconnects from the RADIUS server. For example, o=ZyXEL, c=US. This key must be shared between ...password (up to be the same on page 232 for authentication is the address of a RADIUS server. Chapter 37 AAA Server Click Configuration > Object > AAA Server > RADIUS to its last-saved settings. 580 ZyWALL USG 20...ZyWALL. Host Authentication Port Enter the IP address (in dotted decimal notation) or the domain name (up to 15 alphanumeric characters) as the key to 63 alphanumeric characters) of the AD or LDAP server. The default...
... Double-click an entry or select it before the ZyWALL disconnects from the RADIUS server. For example, o=ZyXEL, c=US. This key must be shared between ...password (up to be the same on page 232 for authentication is the address of a RADIUS server. Chapter 37 AAA Server Click Configuration > Object > AAA Server > RADIUS to its last-saved settings. 580 ZyWALL USG 20...ZyWALL. Host Authentication Port Enter the IP address (in dotted decimal notation) or the domain name (up to 15 alphanumeric characters) as the key to 63 alphanumeric characters) of the AD or LDAP server. The default...
User Guide
Page 591
... you import the file into the ZyWALL. It is easy for this using the MD5 or SHA1 algorithm. Chapter 39 Certificates Factory Default Certificate The ZyWALL generates its own unique self-signed ...passwords. The following procedure describes how to check a certificate's fingerprint to verify that you have the actual certificate. 1 Browse to your computer. A certificate's fingerprint is not included. A PKCS #7 file is referred to transfer a public key certificate. The ZyWALL currently allows the importation of these screens. • See Section 39.4 on . ZyWALL USG 20...
... you import the file into the ZyWALL. It is easy for this using the MD5 or SHA1 algorithm. Chapter 39 Certificates Factory Default Certificate The ZyWALL generates its own unique self-signed ...passwords. The following procedure describes how to check a certificate's fingerprint to verify that you have the actual certificate. 1 Browse to your computer. A certificate's fingerprint is not included. A PKCS #7 file is referred to transfer a public key certificate. The ZyWALL currently allows the importation of these screens. • See Section 39.4 on . ZyWALL USG 20...
User Guide
Page 603
...you specifically delete them. Uploading a new firmware or default configuration file does not delete your certificates unless you do not need to open the Trusted Certificates screen. Subsequent certificates move up by a certificate on the ZyWALL. To remove an entry, select it and click...Certificate > My Certificates > Import (continued) LABEL DESCRIPTION Password OK Cancel This field only applies when you want to accept as being trustworthy; Click OK to open a screen with an in-depth list of these certificates. ZyWALL USG 20/20W User's Guide 603 Click Cancel to quit and ...
...you specifically delete them. Uploading a new firmware or default configuration file does not delete your certificates unless you do not need to open the Trusted Certificates screen. Subsequent certificates move up by a certificate on the ZyWALL. To remove an entry, select it and click...Certificate > My Certificates > Import (continued) LABEL DESCRIPTION Password OK Cancel This field only applies when you want to accept as being trustworthy; Click OK to open a screen with an in-depth list of these certificates. ZyWALL USG 20/20W User's Guide 603 Click Cancel to quit and ...
User Guide
Page 727
...this case, you 've forgotten the ZyWALL's password, use the RESET button. ZyWALL USG 20/20W User's Guide 727 Make sure that its features and checks, see the User's Guide appendix Appendix A on . In the Command Prompt window, type "ping" followed by the ZyWALL's LAN IP address (192.168.1.1 is...suggestions to solve problems you might encounter. • You can also refer to the factory defaults (password is 1234, LAN IP address 192.168.1.1 etc.; Make sure your local vendor. The ZyWALL should reply. • If you should contact your computer's Ethernet card is installed and...
...this case, you 've forgotten the ZyWALL's password, use the RESET button. ZyWALL USG 20/20W User's Guide 727 Make sure that its features and checks, see the User's Guide appendix Appendix A on . In the Command Prompt window, type "ping" followed by the ZyWALL's LAN IP address (192.168.1.1 is...suggestions to solve problems you might encounter. • You can also refer to the factory defaults (password is 1234, LAN IP address 192.168.1.1 etc.; Make sure your local vendor. The ZyWALL should reply. • If you should contact your computer's Ethernet card is installed and...
User Guide
Page 741
...panel. Table 228 Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (P2, P3) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (P2, P3) Default Password 1234 This table provides hardware specifications. A wall-mounting kit is recommended that you do NOT wall-mount the ZyWALL. ZyWALL USG 20/20W User's ...RS-232, DB9F connector 1, 2.0 plug and play See www.zyxel.com for a general overview of the holes are subject to 95% (non-condensing) Mean Time Between Failures: 323,823 hours The ZyWALL has wall-mounting holes on page 37 for the supported 3G ...
...panel. Table 228 Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (P2, P3) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (P2, P3) Default Password 1234 This table provides hardware specifications. A wall-mounting kit is recommended that you do NOT wall-mount the ZyWALL. ZyWALL USG 20/20W User's ...RS-232, DB9F connector 1, 2.0 plug and play See www.zyxel.com for a general overview of the holes are subject to 95% (non-condensing) Mean Time Between Failures: 323,823 hours The ZyWALL has wall-mounting holes on page 37 for the supported 3G ...