User Guide
Page 3
.... About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to want to configure the ZyWALL. ZyWALL USG 2000 User's Guide 3 How To Use This Guide • Read Chapter 1 on page 33 chapter for an overview of Contents, the Index... information on configuring each chapter carefully for detailed information on page 119 for ZyWALL application examples. • Subsequent chapters are needed to configure a feature and how to configure the ZyWALL. E-mail techwriters@zyxel.com.tw if you cannot find specific information in this guide, use the...
.... About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to want to configure the ZyWALL. ZyWALL USG 2000 User's Guide 3 How To Use This Guide • Read Chapter 1 on page 33 chapter for an overview of Contents, the Index... information on configuring each chapter carefully for detailed information on page 119 for ZyWALL application examples. • Subsequent chapters are needed to configure a feature and how to configure the ZyWALL. E-mail techwriters@zyxel.com.tw if you cannot find specific information in this guide, use the...
User Guide
Page 4
Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you bought the device. 4 ZyWALL USG 2000 User's Guide Need More Help? Learn from this link. About This User's Guide • Web Configurator Online Help Click the help ...icon in any screen for help is a collection of answers to efficiently use ZyXEL products and share your vendor, then contact a ZyXEL office for the ...
Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you bought the device. 4 ZyWALL USG 2000 User's Guide Need More Help? Learn from this link. About This User's Guide • Web Configurator Online Help Click the help ...icon in any screen for help is a collection of answers to efficiently use ZyXEL products and share your vendor, then contact a ZyXEL office for the ...
User Guide
Page 5
About This User's Guide See http://www.zyxel.com/web/contact_us.php for your device. Please have the following information ready when you contact an office. • Product model and serial number. • ... made to ensure that you received your device. • Brief description of the problem and the steps you installed updated firmware/software for contact information. ZyWALL USG 2000 User's Guide 5
About This User's Guide See http://www.zyxel.com/web/contact_us.php for your device. Please have the following information ready when you contact an office. • Product model and serial number. • ... made to ensure that you received your device. • Brief description of the problem and the steps you installed updated firmware/software for contact information. ZyWALL USG 2000 User's Guide 5
User Guide
Page 265
myZyXEL.com myZyXEL.com is ZyXEL's online services center where you need to create a myZyXEL.com account before you can directly create a myZyXEL.com account, register your ZyWALL and activate a service using the Registration screen. Alternatively, go to http:// www.myZyXEL.com with ...11.2 on page 267) to register your ZyWALL with the ZyWALL's serial number and LAN MAC address to register it. Note: To activate a service on a ZyWALL, you can register your ZyWALL and manage subscription services available for details. ZyWALL USG 2000 User's Guide 265 CHAPTER 11 Registration 11...
myZyXEL.com myZyXEL.com is ZyXEL's online services center where you need to create a myZyXEL.com account before you can directly create a myZyXEL.com account, register your ZyWALL and activate a service using the Registration screen. Alternatively, go to http:// www.myZyXEL.com with ...11.2 on page 267) to register your ZyWALL with the ZyWALL's serial number and LAN MAC address to register it. Note: To activate a service on a ZyWALL, you can register your ZyWALL and manage subscription services available for details. ZyWALL USG 2000 User's Guide 265 CHAPTER 11 Registration 11...
User Guide
Page 266
...Chapter 11 Registration Subscription Services Available on your earlier subscription is automatically extended to 18 months. 266 ZyWALL USG 2000 User's Guide There is no limit on the number of one -year ZyXEL engine anti-virus service subscription and enter the iCard's PIN number (license key) in the ...Registration screen. For example, suppose you can have the ZyWALL use the ZyXEL anti-virus iCard for the ZyXEL antivirus engine and the Kaspersky anti-virus iCard for a different anti-virus engine. Even if the earlier iCard...
...Chapter 11 Registration Subscription Services Available on your earlier subscription is automatically extended to 18 months. 266 ZyWALL USG 2000 User's Guide There is no limit on the number of one -year ZyXEL engine anti-virus service subscription and enter the iCard's PIN number (license key) in the ...Registration screen. For example, suppose you can have the ZyWALL use the ZyXEL anti-virus iCard for the ZyXEL antivirus engine and the Kaspersky anti-virus iCard for a different anti-virus engine. Even if the earlier iCard...
User Guide
Page 268
...web sites based on the ZyWALL. IDP/AppPatrol Signature Service After the service is activated, the ZyWALL can also check for confirmation. Click Apply to the ZyWALL. 268 ZyWALL USG 2000 User's Guide After the service is activated, the ZyWALL can have the ZyWALL block, block and/or log...content filtering to block access to categories of various applications on these fields to change from the update server (http:// myupdate.zywall.zyxel.com). Application patrol conveniently manages the use up -to extend the service. The IDP and application patrol features use these ...
...web sites based on the ZyWALL. IDP/AppPatrol Signature Service After the service is activated, the ZyWALL can also check for confirmation. Click Apply to the ZyWALL. 268 ZyWALL USG 2000 User's Guide After the service is activated, the ZyWALL can have the ZyWALL block, block and/or log...content filtering to block access to categories of various applications on these fields to change from the update server (http:// myupdate.zywall.zyxel.com). Application patrol conveniently manages the use up -to extend the service. The IDP and application patrol features use these ...
User Guide
Page 272
... larger as new signatures are added, so you should refer to v2.0. This field displays the anti-virus signatures version number currently used by the ZyXEL Security Response Team (ZSRT) who maintain and update them. This field displays the date and time the set to see what the latest version number... > Anti-Virus to signature update e-mail notifications. You can also subscribe to display the following fields display information on the current signature set that the ZyWALL is set was released. 272 ZyWALL USG 2000 User's Guide
... larger as new signatures are added, so you should refer to v2.0. This field displays the anti-virus signatures version number currently used by the ZyXEL Security Response Team (ZSRT) who maintain and update them. This field displays the date and time the set to see what the latest version number... > Anti-Virus to signature update e-mail notifications. You can also subscribe to display the following fields display information on the current signature set that the ZyWALL is set was released. 272 ZyWALL USG 2000 User's Guide
User Guide
Page 489
... www.zyxel.com is a fully qualified domain name where "www" is established successfully. You can specify up to 60 characters ("a-z", A-Z", "0-9") with another interface. The domain name must be registered to one of the ZyWALL's IP addresses or be displayed on the remote user screen. ZyWALL USG 2000 User...'s Guide 489 SSL VPN Login Domain Name SSL VPN Login Domain Name 1/2 Specify a domain name for users to use for logging into the Web Configurator. Message Login Message The ZyWALL displays the normal login screen without...
... www.zyxel.com is a fully qualified domain name where "www" is established successfully. You can specify up to 60 characters ("a-z", A-Z", "0-9") with another interface. The domain name must be registered to one of the ZyWALL's IP addresses or be displayed on the remote user screen. ZyWALL USG 2000 User...'s Guide 489 SSL VPN Login Domain Name SSL VPN Login Domain Name 1/2 Specify a domain name for users to use for logging into the Web Configurator. Message Login Message The ZyWALL displays the normal login screen without...
User Guide
Page 490
... transfer the specified graphic file from your computer. Click Reset Logo to Default to the ZyWALL. Click Apply to verify that the new logo displays properly. 490 ZyWALL USG 2000 User's Guide Make sure the file is terminated successfully. The ZyXEL company logo is recommended. Chapter 26 SSL VPN Table 129 VPN > SSL VPN > Global...
... transfer the specified graphic file from your computer. Click Reset Logo to Default to the ZyWALL. Click Apply to verify that the new logo displays properly. 490 ZyWALL USG 2000 User's Guide Make sure the file is terminated successfully. The ZyXEL company logo is recommended. Chapter 26 SSL VPN Table 129 VPN > SSL VPN > Global...
User Guide
Page 516
... Connection to disconnect the SSL VPN tunnel. 30.6 Uninstalling the ZyWALL SecuExtender Do the following if you need to remove the ZyWALL SecuExtender. 1 Click start > All Programs > ZyXEL > ZyWALL SecuExtender > Uninstall. 2 In the confirmation screen, click Yes. Figure 377 Uninstalling the ZyWALL SecuExtender Confirmation 3 Windows uninstalls the ZyWALL SecuExtender. Figure 378 ZyWALL SecuExtender Uninstallation 516 ZyWALL USG 2000 User's Guide
... Connection to disconnect the SSL VPN tunnel. 30.6 Uninstalling the ZyWALL SecuExtender Do the following if you need to remove the ZyWALL SecuExtender. 1 Click start > All Programs > ZyXEL > ZyWALL SecuExtender > Uninstall. 2 In the confirmation screen, click Yes. Figure 377 Uninstalling the ZyWALL SecuExtender Confirmation 3 Windows uninstalls the ZyWALL SecuExtender. Figure 378 ZyWALL SecuExtender Uninstallation 516 ZyWALL USG 2000 User's Guide
User Guide
Page 548
...anti-virus engine you are unaware your network. ZyWALL Anti-Virus Scanner The ZyWALL has a built-in the Registration screen. Setting up the ZyWALL between your local network and the Internet allows the ZyWALL to scan files transmitting through standard ports. 548 ZyWALL USG 2000 User's Guide Virus and Worm A computer ... other in signature database. When using the trial, you can set the ZyWALL to signature files for ZyXEL's anti-virus engine or one engine to use the ZyXEL anti-virus iCard for the ZyXEL anti-virus engine and the Kaspersky anti-virus iCard for the Kaspersky anti-...
...anti-virus engine you are unaware your network. ZyWALL Anti-Virus Scanner The ZyWALL has a built-in the Registration screen. Setting up the ZyWALL between your local network and the Internet allows the ZyWALL to scan files transmitting through standard ports. 548 ZyWALL USG 2000 User's Guide Virus and Worm A computer ... other in signature database. When using the trial, you can set the ZyWALL to signature files for ZyXEL's anti-virus engine or one engine to use the ZyXEL anti-virus iCard for the ZyXEL anti-virus engine and the Kaspersky anti-virus iCard for the Kaspersky anti-...
User Guide
Page 552
...for virus signatures. Current Version Signature Number Released Date Update Signatures Apply Reset Upgrading the ZyWALL to firmware version 2.11 and updating the antivirus signatures automatically upgrades the ZyXEL anti-virus engine to save your changes. This number gets larger as the set ...Apply to v2.0. SMTP applies to traffic using TCP port 143. Click Reset to return the screen to its last-saved settings. 552 ZyWALL USG 2000 User's Guide Chapter 33 Anti-Virus Table 143 Configuration > Anti-X > Anti-Virus > General (continued) LABEL DESCRIPTION Protocol These are ...
...for virus signatures. Current Version Signature Number Released Date Update Signatures Apply Reset Upgrading the ZyWALL to firmware version 2.11 and updating the antivirus signatures automatically upgrades the ZyXEL anti-virus engine to save your changes. This number gets larger as the set ...Apply to v2.0. SMTP applies to traffic using TCP port 143. Click Reset to return the screen to its last-saved settings. 552 ZyWALL USG 2000 User's Guide Chapter 33 Anti-Virus Table 143 Configuration > Anti-X > Anti-Virus > General (continued) LABEL DESCRIPTION Protocol These are ...
User Guide
Page 618
...sites categorized based on content. You can specify URLs to web sites based on these categories. For example, with the URL www.zyxel.com.tw/news/pressroom.php, the file path is found, the content filter allows or blocks the request depending on the settings of...applets and cookies. • Customize Web Site Access You can also have the ZyWALL block, block and/or log access to which the ZyWALL blocks access. When a matching policy is news/pressroom.php. 618 ZyWALL USG 2000 User's Guide External Web Filtering Service When you specify. Content Filtering Configuration Guidelines When...
...sites categorized based on content. You can specify URLs to web sites based on these categories. For example, with the URL www.zyxel.com.tw/news/pressroom.php, the file path is found, the content filter allows or blocks the request depending on the settings of...applets and cookies. • Customize Web Site Access You can also have the ZyWALL block, block and/or log access to which the ZyWALL blocks access. When a matching policy is news/pressroom.php. 618 ZyWALL USG 2000 User's Guide External Web Filtering Service When you specify. Content Filtering Configuration Guidelines When...
User Guide
Page 619
... General Screen Click Configuration > Anti-X > Content Filter > General to enable content filtering, view and order ZyWALL USG 2000 User's Guide 619 For example, with the URL www.zyxel.com.tw/news/pressroom.php, the ZyWALL would find "tw" in the file path (news/pressroom.php) but it will not find items that go... across the two. It would also find "news" in the domain name (www.zyxel.com.tw). Use this screen to open the Content Filter General screen. Chapter 36 Content Filtering Since the ZyWALL checks the URL's domain name (or IP address) and file path separately, it would not...
... General Screen Click Configuration > Anti-X > Content Filter > General to enable content filtering, view and order ZyWALL USG 2000 User's Guide 619 For example, with the URL www.zyxel.com.tw/news/pressroom.php, the ZyWALL would find "tw" in the file path (news/pressroom.php) but it will not find items that go... across the two. It would also find "news" in the domain name (www.zyxel.com.tw). Use this screen to open the Content Filter General screen. Chapter 36 Content Filtering Since the ZyWALL checks the URL's domain name (or IP address) and file path separately, it would not...
User Guide
Page 638
...web pages and distributed object applications. For example, enter .com to allow Java, ActiveX or Cookies from sites on the WAN it . 638 ZyWALL USG 2000 User's Guide Select an entry and click this to the LAN. Block ActiveX ActiveX is a tool for LAN users to circumvent content filtering ... Remove Use up to restrict a feature. Web Proxy A server that you visit the site again. For example, entering "zyxel.com" also allows "www.zyxel.com", "partner.zyxel.com", "press.zyxel.com", and so on ID. You can be able to allow all kinds. When you visit an ActiveX web site,...
...web pages and distributed object applications. For example, enter .com to allow Java, ActiveX or Cookies from sites on the WAN it . 638 ZyWALL USG 2000 User's Guide Select an entry and click this to the LAN. Block ActiveX ActiveX is a tool for LAN users to circumvent content filtering ... Remove Use up to restrict a feature. Web Proxy A server that you visit the site again. For example, entering "zyxel.com" also allows "www.zyxel.com", "partner.zyxel.com", "press.zyxel.com", and so on ID. You can be able to allow all kinds. When you visit an ActiveX web site,...
User Guide
Page 643
Chapter 37 Content Filter Reports 3 A welcome screen displays. Click your ZyWALL using the Rename button in the Service Management screen (see Figure 435 on page 644). Figure 434 myZyXEL.com: Welcome ZyWALL USG 2000 User's Guide 643 You can change the descriptive name for your ZyWALL's model name and/or MAC address under Registered ZyXEL Products (the ZyWALL 70 is shown as an example here).
Chapter 37 Content Filter Reports 3 A welcome screen displays. Click your ZyWALL using the Rename button in the Service Management screen (see Figure 435 on page 644). Figure 434 myZyXEL.com: Welcome ZyWALL USG 2000 User's Guide 643 You can change the descriptive name for your ZyWALL's model name and/or MAC address under Registered ZyXEL Products (the ZyWALL 70 is shown as an example here).
User Guide
Page 693
...Section 40.2 on page 692), and click either the Add icon or an Edit icon. Figure 461 Configuration > User/Group > User > Add ZyWALL USG 2000 User's Guide 693 Other limitations on user names are: • User names are the reserved user names: • adm • debug ...; sync • admin • any • devicehaecived • ftp • lp • mail • radius-users • root • uucp • zyxel • bin • games • news • shutdown • daemon • halt • nobody • sshd To access this screen, go to be alphabetical...
...Section 40.2 on page 692), and click either the Add icon or an Edit icon. Figure 461 Configuration > User/Group > User > Add ZyWALL USG 2000 User's Guide 693 Other limitations on user names are: • User names are the reserved user names: • adm • debug ...; sync • admin • any • devicehaecived • ftp • lp • mail • radius-users • root • uucp • zyxel • bin • games • news • shutdown • daemon • halt • nobody • sshd To access this screen, go to be alphabetical...
User Guide
Page 727
... Object > AAA Server > Active Directory (or LDAP) to display the ZyWALL USG 2000 User's Guide 727 See Section 13.3.2 on page 291 for an example...LDAP Server Summary Use the Active Directory or LDAP screen to manage the list of AD or LDAP servers the ZyWALL can modify the entry's settings. Figure 483 Configuration > Object > AAA Server > Active Directory (or LDAP...specifies a directory. Remove To remove an entry, select it before doing so. For example, o=ZyXEL, c=US. 44.2.1 Adding an Active Directory or LDAP Server Click Object > AAA Server > Active Directory (or LDAP) to ...
... Object > AAA Server > Active Directory (or LDAP) to display the ZyWALL USG 2000 User's Guide 727 See Section 13.3.2 on page 291 for an example...LDAP Server Summary Use the Active Directory or LDAP screen to manage the list of AD or LDAP servers the ZyWALL can modify the entry's settings. Figure 483 Configuration > Object > AAA Server > Active Directory (or LDAP...specifies a directory. Remove To remove an entry, select it before doing so. For example, o=ZyXEL, c=US. 44.2.1 Adding an Active Directory or LDAP Server Click Object > AAA Server > Active Directory (or LDAP) to ...
User Guide
Page 729
... For example, cn=zywallAdmin specifies zywallAdmin as the group identifier, another for "RD" and a third for logging into the AD or LDAP server. For example, o=ZyXEL, c=US. For example "name" or "e-mail address". it here. Configuration Validation OK Cancel For example you could have an attribute named "memberOf" with "sales" as... values like "sales", "RD", and "management". Enter the account's user name in the AD or LDAP server(s) or the AD or LDAP server(s) is correct. ZyWALL USG 2000 User's Guide 729
... For example, cn=zywallAdmin specifies zywallAdmin as the group identifier, another for "RD" and a third for logging into the AD or LDAP server. For example, o=ZyXEL, c=US. For example "name" or "e-mail address". it here. Configuration Validation OK Cancel For example you could have an attribute named "memberOf" with "sales" as... values like "sales", "RD", and "management". Enter the account's user name in the AD or LDAP server(s) or the AD or LDAP server(s) is correct. ZyWALL USG 2000 User's Guide 729
User Guide
Page 995
... licenses are expressly reserved by ZyXEL to you a non-exclusive, nonsublicense, non-transferable license to you have no ownership rights in full force and effect. Ownership of the Software and Documentation solely for up or disaster recovery purposes. ZyWALL USG 2000 User's Guide 995 Any other...SOFTWARE AND PACKAGING TO THE PLACE FROM WHICH IT WAS ACQUIRED OR ZyXEL, AND YOUR MONEY WILL BE REFUNDED. 1.Grant of License for "ZyWALL USG 2000" WARNING: ZyXEL Communications Corp. Any rights not expressly granted by ZyXEL. IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE ...
... licenses are expressly reserved by ZyXEL to you a non-exclusive, nonsublicense, non-transferable license to you have no ownership rights in full force and effect. Ownership of the Software and Documentation solely for up or disaster recovery purposes. ZyWALL USG 2000 User's Guide 995 Any other...SOFTWARE AND PACKAGING TO THE PLACE FROM WHICH IT WAS ACQUIRED OR ZyXEL, AND YOUR MONEY WILL BE REFUNDED. 1.Grant of License for "ZyWALL USG 2000" WARNING: ZyXEL Communications Corp. Any rights not expressly granted by ZyXEL. IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE ...