User Manual
Page 31
... throughput, making it an ideal solution for connecting publicly accessible servers. The ZyWALL lets you set up multiple networks for your company. The ZyWALL also provides two separate LAN networks. Flexible configuration helps you can also use a 3G cellular USB (not included) for a more detailed overview of dual WAN Gigabit Ethernet ports and load balancing. The DeMilitarized Zone (DMZ) increases LAN security by providing separate ports for reliable, secure service. The ZyWALL's security features include VPN, firewall, anti...
... throughput, making it an ideal solution for connecting publicly accessible servers. The ZyWALL lets you set up multiple networks for your company. The ZyWALL also provides two separate LAN networks. Flexible configuration helps you can also use a 3G cellular USB (not included) for a more detailed overview of dual WAN Gigabit Ethernet ports and load balancing. The DeMilitarized Zone (DMZ) increases LAN security by providing separate ports for reliable, secure service. The ZyWALL's security features include VPN, firewall, anti...
User Manual
Page 60
... a fixed IP address. 4.1.2 Internet Access: Ethernet This screen is used as your IP address settings. 60 ZyWALL USG 50 User's Guide Chapter 4 Installation Setup Wizard The screens vary depending on the encapsulation type. Use this option to Auto. This option appears when you are configuring for a dial-up connection according to the information from your ISP did not assign you are configuring the first WAN interface. • Encapsulation: Choose the Ethernet option when the WAN port is...
... a fixed IP address. 4.1.2 Internet Access: Ethernet This screen is used as your IP address settings. 60 ZyWALL USG 50 User's Guide Chapter 4 Installation Setup Wizard The screens vary depending on the encapsulation type. Use this option to Auto. This option appears when you are configuring for a dial-up connection according to the information from your ISP did not assign you are configuring the first WAN interface. • Encapsulation: Choose the Ethernet option when the WAN port is...
User Manual
Page 174
... management IP address (if it or the Ethernet interface is . This is either the static IP address of interface it is enabled but not connected. Services Action Interface Statistics DHCP Client - This field displays n/a if the interface does not provide any physical ports associated with it is a member of each interface. 174 ZyWALL USG 50 User's Guide This table provides packet statistics for the interface. The Ethernet interface is disabled. This interface has a static IP address. This field lists which the interface is disabled...
... management IP address (if it or the Ethernet interface is . This is either the static IP address of interface it is enabled but not connected. Services Action Interface Statistics DHCP Client - This field displays n/a if the interface does not provide any physical ports associated with it is a member of each interface. 174 ZyWALL USG 50 User's Guide This table provides packet statistics for the interface. The Ethernet interface is disabled. This interface has a static IP address. This field lists which the interface is disabled...
User Manual
Page 221
... name of the interface. IP Address This field displays the current IP address of the interface. Click Reset to return the screen to do the following table. With RIP, you can modify the entry's settings. ZyWALL USG 50 User's Guide 221 Activate To turn off an interface, select it and click Activate. Inactivate To turn on page 219.) The WAN interface's Edit > Configuration screen is inactive. Status This icon is...
... name of the interface. IP Address This field displays the current IP address of the interface. Click Reset to return the screen to do the following table. With RIP, you can modify the entry's settings. ZyWALL USG 50 User's Guide 221 Activate To turn off an interface, select it and click Activate. Inactivate To turn on page 219.) The WAN interface's Edit > Configuration screen is inactive. Status This icon is...
User Manual
Page 225
... External or General. ZyWALL USG 50 User's Guide 225 This option appears when Interface Properties is read -only. For example, if you change the IP address of the IP address is the name of this interface in the network. Select this interface to apply security settings such as the interface. See Chapter 39 on the interface itself. The ZyWALL automatically adds default SNAT settings for all computers in dot decimal notation. Interface Name Port Zone MAC Address Description IP Address...
... External or General. ZyWALL USG 50 User's Guide 225 This option appears when Interface Properties is read -only. For example, if you change the IP address of the IP address is the name of this interface in the network. Select this interface to apply security settings such as the interface. See Chapter 39 on the interface itself. The ZyWALL automatically adds default SNAT settings for all computers in dot decimal notation. Interface Name Port Zone MAC Address Description IP Address...
User Manual
Page 236
... specify to make sure it is a failure. Allowed values are 0 - 1048576. Enable Connectivity Check Select this interface. 236 ZyWALL USG 50 User's Guide Check Period Enter the number of seconds to wait for the connectivity check. Select icmp to have the ZyWALL regularly perform a TCP handshake with the gateway you can manually configure a policy route to associate traffic with this to the gateway the first time the gateway passes the connectivity check. Related Setting Configure WAN TRUNK Click WAN TRUNK to...
... specify to make sure it is a failure. Allowed values are 0 - 1048576. Enable Connectivity Check Select this interface. 236 ZyWALL USG 50 User's Guide Check Period Enter the number of seconds to wait for the connectivity check. Select icmp to have the ZyWALL regularly perform a TCP handshake with the gateway you can manually configure a policy route to associate traffic with this to the gateway the first time the gateway passes the connectivity check. Related Setting Configure WAN TRUNK Click WAN TRUNK to...
User Manual
Page 241
... Settings Enable Interface Select this option to turn on this button to use Profile 1 unless your service provider. ISP Settings Profile Selection Select Device to display a greater or lesser number of device settings. ZyWALL USG 50 User's Guide 241 The zone determines the security settings the ZyWALL uses for the interface. Idle timeout This value specifies the time in seconds (0~360) that you to which you selected Device in the ZyWALL. Zero disables the idle timeout. Spaces are configuring...
... Settings Enable Interface Select this option to turn on this button to use Profile 1 unless your service provider. ISP Settings Profile Selection Select Device to display a greater or lesser number of device settings. ZyWALL USG 50 User's Guide 241 The zone determines the security settings the ZyWALL uses for the interface. Idle timeout This value specifies the time in seconds (0~360) that you to which you selected Device in the ZyWALL. Zero disables the idle timeout. Spaces are configuring...
User Manual
Page 243
... move through the gateway. Related Setting Configure WAN Click WAN TRUNK to go to the policy route summary screen where you specify to make sure it is a failure. IP Address Assignment ZyWALL USG 50 User's Guide 243 Allowed values are 576 - 1492. Ingress Bandwidth This is 1492. Chapter 11 Interfaces Table 61 Configuration > Network > Interface > Cellular > Add (continued) LABEL DESCRIPTION Egress Bandwidth Enter the maximum amount of traffic, in the field next...
... move through the gateway. Related Setting Configure WAN Click WAN TRUNK to go to the policy route summary screen where you specify to make sure it is a failure. IP Address Assignment ZyWALL USG 50 User's Guide 243 Allowed values are 576 - 1492. Ingress Bandwidth This is 1492. Chapter 11 Interfaces Table 61 Configuration > Network > Interface > Cellular > Add (continued) LABEL DESCRIPTION Egress Bandwidth Enter the maximum amount of traffic, in the field next...
User Manual
Page 252
... the number, the higher the priority. Allowed values are available for the OPT, LAN and DMZ interfaces. 252 ZyWALL USG 50 User's Guide Connectivity Check The ZyWALL can send through the gateway. Select icmp to have the ZyWALL regularly ping the gateway you specified to use . Check Default Select this to make sure it is reserved for future use the default gateway for the connectivity check. Interface Parameters Egress Bandwidth Enter the maximum amount of traffic, in...
... the number, the higher the priority. Allowed values are available for the OPT, LAN and DMZ interfaces. 252 ZyWALL USG 50 User's Guide Connectivity Check The ZyWALL can send through the gateway. Select icmp to have the ZyWALL regularly ping the gateway you specified to use . Check Default Select this to make sure it is reserved for future use the default gateway for the connectivity check. Interface Parameters Egress Bandwidth Enter the maximum amount of traffic, in...
User Manual
Page 264
... gateway allows. Specify the port number to it . IP Address Enter the IP address to assign to an Ethernet 264 ZyWALL USG 50 User's Guide Select icmp to have the ZyWALL regularly perform a TCP handshake with the gateway you specify to make sure it is a failure, and how many consecutive failures are required before the ZyWALL stops routing to wait for the connectivity check. Enable Connectivity Check Select this screen, click an Add icon next to a device with a specific...
... gateway allows. Specify the port number to it . IP Address Enter the IP address to assign to an Ethernet 264 ZyWALL USG 50 User's Guide Select icmp to have the ZyWALL regularly perform a TCP handshake with the gateway you specify to make sure it is a failure, and how many consecutive failures are required before the ZyWALL stops routing to wait for the connectivity check. Enable Connectivity Check Select this screen, click an Add icon next to a device with a specific...
User Manual
Page 294
... and Static Routes following example, you configure two services for each client computer. The problem is listed in from the remote server, the ZyWALL forwards the traffic to the IP address of ports on a different computer, you set the port(s) and IP address to forward a service (coming in brackets. When the ZyWALL receives a new connection (trigger service) from the remote server) to request a service. The ZyWALL records the IP address of a client computer that sends traffic to a remote server to game server 1 using port 1234. The ZyWALL allows and forwards the traffic...
... and Static Routes following example, you configure two services for each client computer. The problem is listed in from the remote server, the ZyWALL forwards the traffic to the IP address of ports on a different computer, you set the port(s) and IP address to forward a service (coming in brackets. When the ZyWALL receives a new connection (trigger service) from the remote server) to request a service. The ZyWALL records the IP address of a client computer that sends traffic to a remote server to game server 1 using port 1234. The ZyWALL allows and forwards the traffic...
User Manual
Page 326
... ZyWALL USG 50 User's Guide This field is available if Mapping Type is Port. Enter the beginning of the range of original destination ports this NAT rule forwards the packet. The original port range and the mapped port range must have the same number of original destination ports this NAT rule supports all the destination ports. For LAN users, the ZyWALL uses the LAN interface's IP address as the source address for the traffic it sends from the WAN to a LAN server, enabling NAT loopback allows users connected...
... ZyWALL USG 50 User's Guide This field is available if Mapping Type is Port. Enter the beginning of the range of original destination ports this NAT rule forwards the packet. The original port range and the mapped port range must have the same number of original destination ports this NAT rule supports all the destination ports. For LAN users, the ZyWALL uses the LAN interface's IP address as the source address for the traffic it sends from the WAN to a LAN server, enabling NAT loopback allows users connected...
User Manual
Page 337
... . • Using the SIP ALG allows you enable the SIP ALG. • Configuring the SIP ALG to -peer SIP calls. Even though only LAN IP address A ZyWALL USG 50 User's Guide 337 So for VoIP devices behind the ZyWALL when you to use bandwidth management on the same subnet. • The SIP ALG supports peer-to use custom port numbers for SIP traffic. Any other LAN or DMZ IP addresses go through a different WAN IP address. The firewall (by default) allows peer...
... . • Using the SIP ALG allows you enable the SIP ALG. • Configuring the SIP ALG to -peer SIP calls. Even though only LAN IP address A ZyWALL USG 50 User's Guide 337 So for VoIP devices behind the ZyWALL when you to use bandwidth management on the same subnet. • The SIP ALG supports peer-to use custom port numbers for SIP traffic. Any other LAN or DMZ IP addresses go through a different WAN IP address. The firewall (by default) allows peer...
User Manual
Page 404
... an external server to forward these packets unchanged, router X and router Y can set up the ZyWALL to a single IPSec router. Extended Authentication Extended authentication is often used with the extra header unchanged. (See the field description for more steps to the IKE SA and IPSec SA packets. This feature helps router A recognize VPN packets and route them appropriately. If the user name or password is AH, you configure router A to...
... an external server to forward these packets unchanged, router X and router Y can set up the ZyWALL to a single IPSec router. Extended Authentication Extended authentication is often used with the extra header unchanged. (See the field description for more steps to the IKE SA and IPSec SA packets. This feature helps router A recognize VPN packets and route them appropriately. If the user name or password is AH, you configure router A to...
User Manual
Page 422
... network administrator, you how to access and log into the network through the ZyWALL. Required Information A remote user needs the following information from the network administrator to log in and access network resources. • the domain name or IP address of 1.6. Example screens for Internet Explorer are the browser and computer system requirements for more information. Chapter 25 SSL User Screens System Requirements Here are shown. 422 ZyWALL USG 50 User's Guide...
... network administrator, you how to access and log into the network through the ZyWALL. Required Information A remote user needs the following information from the network administrator to log in and access network resources. • the domain name or IP address of 1.6. Example screens for Internet Explorer are the browser and computer system requirements for more information. Chapter 25 SSL User Screens System Requirements Here are shown. 422 ZyWALL USG 50 User's Guide...
User Manual
Page 549
...). Real Estate This category includes pages that support the offering and purchasing of worship. ZyWALL USG 50 User's Guide 549 Chapter 32 Content Filtering Table 162 Configuration > Anti-X > Content Filter > Filter Profile > Add (continued) LABEL DESCRIPTION Religion This category includes pages that fit this criteria essentially act as your personal hard drive on the Internet. Sites that promote and provide information...
...). Real Estate This category includes pages that support the offering and purchasing of worship. ZyWALL USG 50 User's Guide 549 Chapter 32 Content Filtering Table 162 Configuration > Anti-X > Content Filter > Filter Profile > Add (continued) LABEL DESCRIPTION Religion This category includes pages that fit this criteria essentially act as your personal hard drive on the Internet. Sites that promote and provide information...
User Manual
Page 708
... a client computer (Windows or Linux operating system) that is used to specify from which IP addresses the access can come. 708 ZyWALL USG 50 User's Guide Chapter 45 System 2 Encryption Method Once the identification is verified, both the client and server must install an SSH client program on the ZyWALL Your ZyWALL supports SSH versions 1 and 2 using port 22 (by default). 45.7.3 Requirements for Using SSH You must agree on the type of encryption method to change your ZyWALL's Secure Shell settings.
... a client computer (Windows or Linux operating system) that is used to specify from which IP addresses the access can come. 708 ZyWALL USG 50 User's Guide Chapter 45 System 2 Encryption Method Once the identification is verified, both the client and server must install an SSH client program on the ZyWALL Your ZyWALL supports SSH versions 1 and 2 using port 22 (by default). 45.7.3 Requirements for Using SSH You must agree on the type of encryption method to change your ZyWALL's Secure Shell settings.
User Manual
Page 718
... ZyWALL zones. 718 ZyWALL USG 50 User's Guide Figure 421 Configuration > System > SNMP The following table describes the labels in the Service Control table to the SNMP manager. Get Community Enter the Get Community, which is public and allows all requests. Chapter 45 System settings, including from which zones SNMP can be used to . You can come. Server Port You may change the server port number for remote management. Destination Type the IP address...
... ZyWALL zones. 718 ZyWALL USG 50 User's Guide Figure 421 Configuration > System > SNMP The following table describes the labels in the Service Control table to the SNMP manager. Get Community Enter the Get Community, which is public and allows all requests. Chapter 45 System settings, including from which zones SNMP can be used to . You can come. Server Port You may change the server port number for remote management. Destination Type the IP address...
User Manual
Page 735
... the System Log drop-down list to change the log settings for all categories to disable all of messages. ZyWALL USG 50 User's Guide 735 E-mail Server 2 enable alert logs (red exclamation point) - Table 232 Configuration > Log & Report > Log Setting > Active Log Summary LABEL DESCRIPTION System log Use the System Log drop-down list to e-mail server 1. e-mail log messages for all logs (red X) - Remote Server 1~4 enable alert logs (red exclamation point) - disable all categories to them. disable all log categories. send the remote server log messages, alerts...
... the System Log drop-down list to change the log settings for all categories to disable all of messages. ZyWALL USG 50 User's Guide 735 E-mail Server 2 enable alert logs (red exclamation point) - Table 232 Configuration > Log & Report > Log Setting > Active Log Summary LABEL DESCRIPTION System log Use the System Log drop-down list to e-mail server 1. e-mail log messages for all logs (red X) - Remote Server 1~4 enable alert logs (red exclamation point) - disable all categories to them. disable all log categories. send the remote server log messages, alerts...
User Manual
Page 930
... 566 ZyWALL USG 50 User's Guide where used 96 Internet access troubleshooting 760, 769 Internet Control Message Protocol, see ICMP Internet Explorer 43 Internet Message Access Protocol, see also port groups. PPPoE/PPTP, see also trunks. prerequisites 96, 217 relationships between 217 static DHCP 269 subnet mask 266 trunks, see also PPPoE/PPTP interfaces. VLAN, see also bridge interfaces. Index Snort signatures 511 statistics 196 traffic directions 479 trial service activation 212 troubleshooting 760, 764 troubleshooting signatures update...
... 566 ZyWALL USG 50 User's Guide where used 96 Internet access troubleshooting 760, 769 Internet Control Message Protocol, see ICMP Internet Explorer 43 Internet Message Access Protocol, see also port groups. PPPoE/PPTP, see also trunks. prerequisites 96, 217 relationships between 217 static DHCP 269 subnet mask 266 trunks, see also PPPoE/PPTP interfaces. VLAN, see also bridge interfaces. Index Snort signatures 511 statistics 196 traffic directions 479 trial service activation 212 troubleshooting 760, 764 troubleshooting signatures update...