User Manual
Page 3
... use the Web Configurator to configure the ZyWALL. E-mail techwriters@zyxel.com.tw if you cannot find the information you want more detailed information than what the real time online help provides. • Read Chapter 5 on page 69 if you're using the Web Configurator. ZyWALL USG 50 User's Guide 3 About This User's Guide About... for an overview of Contents, the Index, or search the PDF file. Read each screen.) It also contains a connection diagram and package contents list. • CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface...
... use the Web Configurator to configure the ZyWALL. E-mail techwriters@zyxel.com.tw if you cannot find the information you want more detailed information than what the real time online help provides. • Read Chapter 5 on page 69 if you're using the Web Configurator. ZyWALL USG 50 User's Guide 3 About This User's Guide About... for an overview of Contents, the Index, or search the PDF file. Read each screen.) It also contains a connection diagram and package contents list. • CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface...
User Manual
Page 34
... it using an Internet browser. This User's Guide provides information about the CLI. 34 ZyWALL USG 50 User's Guide Chapter 1 Introducing the ZyWALL Table 1 Front Panel LEDs (continued) LED COLOR STATUS DESCRIPTION SYS Green Off The ZyWALL is ready and running. On The ZyWALL is not ready or has failed. You can use text-based commands to...
... it using an Internet browser. This User's Guide provides information about the CLI. 34 ZyWALL USG 50 User's Guide Chapter 1 Introducing the ZyWALL Table 1 Front Panel LEDs (continued) LED COLOR STATUS DESCRIPTION SYS Green Off The ZyWALL is ready and running. On The ZyWALL is not ready or has failed. You can use text-based commands to...
User Manual
Page 35
... . Clicking Maintenance > Shutdown > Shutdown or using the shutdown command Clicking Maintenance > Shutdown > Shutdown or using CLI commands. ZyWALL USG 50 User's Guide 35 Rebooting the ZyWALL A warm start and stop the system processes or write cached data to the local storage and stops the system ...processes. Wait for more information about the CLI. Disconnecting the power Power off occurs when you turn ...
... . Clicking Maintenance > Shutdown > Shutdown or using the shutdown command Clicking Maintenance > Shutdown > Shutdown or using CLI commands. ZyWALL USG 50 User's Guide 35 Rebooting the ZyWALL A warm start and stop the system processes or write cached data to the local storage and stops the system ...processes. Wait for more information about the CLI. Disconnecting the power Power off occurs when you turn ...
User Manual
Page 46
See the CLI Reference Guide for the current screen. Current Version This shows the firmware version of the ZyWALL. Object Reference Click this to close the screen. 46 ZyWALL USG 50 User's Guide OK Click this to open the console in this to the Web Configurator screens. ...you can use the command line interface (CLI). Table 4 Title Bar: Web Configurator Icons LABEL DESCRIPTION Logout Click this to open the help page for details on the commands. CLI Click this to display basic information about the ZyWALL. Released Date This shows the date ...
See the CLI Reference Guide for the current screen. Current Version This shows the firmware version of the ZyWALL. Object Reference Click this to close the screen. 46 ZyWALL USG 50 User's Guide OK Click this to open the console in this to the Web Configurator screens. ...you can use the command line interface (CLI). Table 4 Title Bar: Web Configurator Icons LABEL DESCRIPTION Logout Click this to open the help page for details on the commands. CLI Click this to display basic information about the ZyWALL. Released Date This shows the date ...
User Manual
Page 54
... screen in the main window. # This field is a sequential value, and it displays here. Cancel Click Cancel to close the screen. 3.3.3.4 CLI Messages Click CLI to display their entries. 54 ZyWALL USG 50 User's Guide The following . Chapter 3 Web Configurator The fields vary with any entry. Table 9 Object References LABEL DESCRIPTION Object Name This identifies...
... screen in the main window. # This field is a sequential value, and it displays here. Cancel Click Cancel to close the screen. 3.3.3.4 CLI Messages Click CLI to display their entries. 54 ZyWALL USG 50 User's Guide The following . Chapter 3 Web Configurator The fields vary with any entry. Table 9 Object References LABEL DESCRIPTION Object Name This identifies...
User Manual
Page 106
.... Table 17 User Types TYPE ABILITIES admin Change ZyWALL configuration (web, CLI) limited-admin Look at ZyWALL configuration (web) user Access network services, browse user-mode commands (CLI) guest Access network services ext-user The same ...ZyWALL. MENU ITEM(S) Object > User/Group Addresses, address groups, schedules. MENU ITEM(S) Configuration > System > DNS, WWW, SSH, TELNET, FTP, SNMP, Vantage CNM, Language To-ZyWALL firewall, zones, addresses, address groups, certificates PREREQUISITES (WWW, SSH, FTP, Vantage CNM), authentication methods (WWW) 106 ZyWALL USG 50...
.... Table 17 User Types TYPE ABILITIES admin Change ZyWALL configuration (web, CLI) limited-admin Look at ZyWALL configuration (web) user Access network services, browse user-mode commands (CLI) guest Access network services ext-user The same ...ZyWALL. MENU ITEM(S) Object > User/Group Addresses, address groups, schedules. MENU ITEM(S) Configuration > System > DNS, WWW, SSH, TELNET, FTP, SNMP, Vantage CNM, Language To-ZyWALL firewall, zones, addresses, address groups, certificates PREREQUISITES (WWW, SSH, FTP, Vantage CNM), authentication methods (WWW) 106 ZyWALL USG 50...
User Manual
Page 107
...Configuration > Object > Address). 3 Click Configuration > System > WWW to configure the HTTP management access. MENU ITEM(S) Maintenance > File Manager ZyWALL USG 50 User's Guide 107 Chapter 6 Configuration Basics Example: Suppose you statistical reports on a daily basis. It can manage • Configuration files. ...Use configuration files to upload, download, delete, or run a series of CLI commands. You can store multiple configuration files in any text editor. MENU ITEM(S) Configuration > Log & Report 6.7.3 File Manager Use...
...Configuration > Object > Address). 3 Click Configuration > System > WWW to configure the HTTP management access. MENU ITEM(S) Maintenance > File Manager ZyWALL USG 50 User's Guide 107 Chapter 6 Configuration Basics Example: Suppose you statistical reports on a daily basis. It can manage • Configuration files. ...Use configuration files to upload, download, delete, or run a series of CLI commands. You can store multiple configuration files in any text editor. MENU ITEM(S) Configuration > Log & Report 6.7.3 File Manager Use...
User Manual
Page 217
... port group physical port Ethernet interface physical port VLAN interface bridge interface port group Ethernet interface Ethernet interface* VLAN interface* ZyWALL USG 50 User's Guide 217 Relationships Between Interfaces In the ZyWALL, interfaces are created. The names of virtual interfaces are derived from the interfaces on which they are usually created on ...is limited by the maximum number of the type of 2-4 letters (interface type), followed by the number you use the CLI to set up a virtual interface. These characteristics are listed in the Web Configurator;
... port group physical port Ethernet interface physical port VLAN interface bridge interface port group Ethernet interface Ethernet interface* VLAN interface* ZyWALL USG 50 User's Guide 217 Relationships Between Interfaces In the ZyWALL, interfaces are created. The names of virtual interfaces are derived from the interfaces on which they are usually created on ...is limited by the maximum number of the type of 2-4 letters (interface type), followed by the number you use the CLI to set up a virtual interface. These characteristics are listed in the Web Configurator;
User Manual
Page 231
...this to create a new ISP account, not a new PPPoE/PPTP interface. There are two main differences between the ZyWALL and only one computer. PPPoE/PPTP interfaces are similar to change ISPs later, you do not set up the subnet ...in some ways. You should not have to set up the IP address of the gateway (ISP) using CLI commands but not in this screen. Therefore, the subnet mask is the type of writing, it is available.... Configurator. Click a service's name to make routing decisions; In addition, the ZyWALL always treats the ISP as your ISP. ZyWALL USG 50 User's Guide 231
...this to create a new ISP account, not a new PPPoE/PPTP interface. There are two main differences between the ZyWALL and only one computer. PPPoE/PPTP interfaces are similar to change ISPs later, you do not set up the subnet ...in some ways. You should not have to set up the IP address of the gateway (ISP) using CLI commands but not in this screen. Therefore, the subnet mask is the type of writing, it is available.... Configurator. Click a service's name to make routing decisions; In addition, the ZyWALL always treats the ISP as your ISP. ZyWALL USG 50 User's Guide 231
User Manual
Page 583
... page 586) provides a summary of User Accounts TYPE ABILITIES LOGIN METHOD(S) Admin Users admin Change ZyWALL configuration (web, CLI) WWW, TELNET, SSH, FTP, Console ZyWALL USG 50 User's Guide 583 You cannot put admin users in to the ZyWALL before the ZyWALL routes traffic for them . 35.1.2 What You Need To Know User Account A user account defines...
... page 586) provides a summary of User Accounts TYPE ABILITIES LOGIN METHOD(S) Admin Users admin Change ZyWALL configuration (web, CLI) WWW, TELNET, SSH, FTP, Console ZyWALL USG 50 User's Guide 583 You cannot put admin users in to the ZyWALL before the ZyWALL routes traffic for them . 35.1.2 What You Need To Know User Account A user account defines...
User Manual
Page 584
... Accounts (continued) TYPE ABILITIES LOGIN METHOD(S) limited-admin Look at ZyWALL configuration (web, CLI) WWW, TELNET, SSH, Console Access Users user Perform basic diagnostics (CLI) Access network services WWW, TELNET, SSH Browse user-mode commands (CLI) guest Access network services ext-user External user account ext-group... an external server and you want to set up specific policies for this user in the ZyWALL. 584 ZyWALL USG 50 User's Guide If you do not have the information, the ZyWALL sets the user type for this user, you do not want to authenticate an ext-user...
... Accounts (continued) TYPE ABILITIES LOGIN METHOD(S) limited-admin Look at ZyWALL configuration (web, CLI) WWW, TELNET, SSH, Console Access Users user Perform basic diagnostics (CLI) Access network services WWW, TELNET, SSH Browse user-mode commands (CLI) guest Access network services ext-user External user account ext-group... an external server and you want to set up specific policies for this user in the ZyWALL. 584 ZyWALL USG 50 User's Guide If you do not have the information, the ZyWALL sets the user type for this user, you do not want to authenticate an ext-user...
User Manual
Page 597
... type=user;leaseTime=222;reauthTime=222 Creating a Large Number of Ext-User Accounts If you might set up user attributes in LDAP and RADIUS servers. ZyWALL USG 50 User's Guide 597 The following examples show you how you might use the following keywords in the user configuration file. Chapter 35 User/Group 35... shell scripts. Setting up User Attributes in an External Server To set up user attributes, such as reauthentication time, in LDAP or RADIUS servers, use CLI commands, instead of Ext-User accounts, you plan to create a large number of the Web Configurator, to log in.
... type=user;leaseTime=222;reauthTime=222 Creating a Large Number of Ext-User Accounts If you might set up user attributes in LDAP and RADIUS servers. ZyWALL USG 50 User's Guide 597 The following examples show you how you might use the following keywords in the user configuration file. Chapter 35 User/Group 35... shell scripts. Setting up User Attributes in an External Server To set up user attributes, such as reauthentication time, in LDAP or RADIUS servers, use CLI commands, instead of Ext-User accounts, you plan to create a large number of the Web Configurator, to log in.
User Manual
Page 709
... details on the screen that matches the IP address(es) in order to use both SSH version 1 and version 2 protocols. ZyWALL USG 50 User's Guide 709 Refer to Table 219 on page 633 for a service if needed, however you want to remove it and click Remove. You ...must use the same port number in the Service Control table to access the ZyWALL CLI using this to create a new entry after the selected entry. Select an entry and click Add to create a new entry. Table 221 Configuration > System >...
... details on the screen that matches the IP address(es) in order to use both SSH version 1 and version 2 protocols. ZyWALL USG 50 User's Guide 709 Refer to Table 219 on page 633 for a service if needed, however you want to remove it and click Remove. You ...must use the same port number in the Service Control table to access the ZyWALL CLI using this to create a new entry after the selected entry. Select an entry and click Add to create a new entry. Table 221 Configuration > System >...
User Manual
Page 711
..."yes" and press [ENTER]. The CLI screen displays next. 45.7.5.2 Example 2: Linux This section describes how to port 22 on the ZyWALL. Connected to the ZyWALL using SSH, a message displays prompting you to the ZyWALL. This command forces your computer to ...CLI screen displays next. 45.8 Telnet You can use Telnet to continue connecting (yes/no)? If this is available on the ZyWALL (using the OpenSSH client program that comes with most Linux distributions. 1 Test whether the SSH service is the first time you want to access the ZyWALL's command line interface. ZyWALL USG 50...
..."yes" and press [ENTER]. The CLI screen displays next. 45.7.5.2 Example 2: Linux This section describes how to port 22 on the ZyWALL. Connected to the ZyWALL using SSH, a message displays prompting you to the ZyWALL. This command forces your computer to ...CLI screen displays next. 45.8 Telnet You can use Telnet to continue connecting (yes/no)? If this is available on the ZyWALL (using the OpenSSH client program that comes with most Linux distributions. 1 Test whether the SSH service is the first time you want to access the ZyWALL's command line interface. ZyWALL USG 50...
User Manual
Page 712
... to be used to create a new entry. The ZyWALL confirms you typed. 712 ZyWALL USG 50 User's Guide Figure 418 Configuration > System > TELNET The following table describes the labels in this to manage the ZyWALL. Service Control This specifies from which ZyWALL zones. Use this screen to modify the entry's settings... on page 695 for details on the screen that subsequent entries move the rule to the number that you want to access the ZyWALL CLI using this action. Note that opens. Edit Double-click an entry or select it and click Remove. Add Click this screen. ...
... to be used to create a new entry. The ZyWALL confirms you typed. 712 ZyWALL USG 50 User's Guide Figure 418 Configuration > System > TELNET The following table describes the labels in this to manage the ZyWALL. Service Control This specifies from which ZyWALL zones. Use this screen to modify the entry's settings... on page 695 for details on the screen that subsequent entries move the rule to the number that you want to access the ZyWALL CLI using this action. Note that opens. Edit Double-click an entry or select it and click Remove. Add Click this screen. ...
User Manual
Page 738
... ZyWALL USG 50 User's Guide This is shown below . If you remove the first command, you run CLI commands manually. Table 233 Configuration Files and Shell Scripts in the ZyWALL Configuration Files (.conf) Shell Scripts (.zysh) • Resets to default configuration. • Goes into CLI Privilege mode. • Goes into CLI ...because the first command is run the example as a configuration file because the rest of a command line to have the ZyWALL treat the line as the first character of the commands are executed in Configuration mode. Chapter 47 File Manager These files have...
... ZyWALL USG 50 User's Guide This is shown below . If you remove the first command, you run CLI commands manually. Table 233 Configuration Files and Shell Scripts in the ZyWALL Configuration Files (.conf) Shell Scripts (.zysh) • Resets to default configuration. • Goes into CLI Privilege mode. • Goes into CLI ...because the first command is run the example as a configuration file because the rest of a command line to have the ZyWALL treat the line as the first character of the commands are executed in Configuration mode. Chapter 47 File Manager These files have...
User Manual
Page 745
...option while you want to two minutes. You can upload the firmware package to the ZyWALL with a .bin extension, for how to determine if you need to recover it. Click Browse... to find it. ZyWALL USG 50 User's Guide 745 Figure 434 Maintenance > File Manager > Firmware Package The following ... need to use the command line interface if you need to begin the upload process. See the CLI Reference Guide for example, "zywall.bin". Find the firmware package at www.zyxel.com in the location of the file you enable the anti-virus Destroy compressed files that is the...
...option while you want to two minutes. You can upload the firmware package to the ZyWALL with a .bin extension, for how to determine if you need to recover it. Click Browse... to find it. ZyWALL USG 50 User's Guide 745 Figure 434 Maintenance > File Manager > Firmware Package The following ... need to use the command line interface if you need to begin the upload process. See the CLI Reference Guide for example, "zywall.bin". Find the firmware package at www.zyxel.com in the location of the file you enable the anti-virus Destroy compressed files that is the...
User Manual
Page 755
... 49.1 Overview Use this screen, click Maintenance > Reboot. See also Section 1.5 on page 35 for example, if the device begins behaving erratically). ZyWALL USG 50 User's Guide 755 Otherwise, the changes are lost when you reboot. Figure 445 Maintenance > Reboot Click the Reboot button to restart the device (for...reset; (see Section 51.1 on different ways to start and stop the ZyWALL. 49.1.1 What You Need To Know If you applied changes in the CLI, however, you have to use the CLI command reboot to restart the ZyWALL. Wait a few minutes until the login screen appears. To access this ...
... 49.1 Overview Use this screen, click Maintenance > Reboot. See also Section 1.5 on page 35 for example, if the device begins behaving erratically). ZyWALL USG 50 User's Guide 755 Otherwise, the changes are lost when you reboot. Figure 445 Maintenance > Reboot Click the Reboot button to restart the device (for...reset; (see Section 51.1 on different ways to start and stop the ZyWALL. 49.1.1 What You Need To Know If you applied changes in the CLI, however, you have to use the CLI command reboot to restart the ZyWALL. Wait a few minutes until the login screen appears. To access this ...
User Manual
Page 757
...to the local storage and stops the system processes. 50.2 The Shutdown Screen To access this to shutdown the device in preparation for information on page 35 for disconnecting the power. ZyWALL USG 50 User's Guide 757 Always use the CLI command shutdown to shut down before you manually turn off... or remove the power. Wait for the device to start and stop the ZyWALL. It does not turn off the power.
...to the local storage and stops the system processes. 50.2 The Shutdown Screen To access this to shutdown the device in preparation for information on page 35 for disconnecting the power. ZyWALL USG 50 User's Guide 757 Always use the CLI command shutdown to shut down before you manually turn off... or remove the power. Wait for the device to start and stop the ZyWALL. It does not turn off the power.
User Manual
Page 761
...Virtual interfaces created on VLAN interface vlan2 are derived from the interfaces on it is not applying the custom policy route I configured. ZyWALL USG 50 User's Guide 761 I want. • The format of interface names other than the Ethernet interface names is not applying them for...so on. • The names of interface). it until you use the CLI to a zone. Chapter 51 Troubleshooting • Make sure your ZyWALL is connected to the Internet. The ZyWALL is a sequential number. The ZyWALL checks the firewall rules in the order that they are vlan0, vlan1, vlan2...
...Virtual interfaces created on VLAN interface vlan2 are derived from the interfaces on it is not applying the custom policy route I configured. ZyWALL USG 50 User's Guide 761 I want. • The format of interface names other than the Ethernet interface names is not applying them for...so on. • The names of interface). it until you use the CLI to a zone. Chapter 51 Troubleshooting • Make sure your ZyWALL is connected to the Internet. The ZyWALL is a sequential number. The ZyWALL checks the firewall rules in the order that they are vlan0, vlan1, vlan2...