User Manual
Page 44
....168.1.1. If you log in. 4 Click Login. By default, the ZyWALL automatically routes this request to generate a new number the next time you logged in the One-Time Password field. Figure 10 Update Admin Info Screen 44 ZyWALL USG 50 User's Guide You must use the OTP (One-Time Password) token to generate a number. Otherwise, the dashboard...
....168.1.1. If you log in. 4 Click Login. By default, the ZyWALL automatically routes this request to generate a new number the next time you logged in the One-Time Password field. Figure 10 Update Admin Info Screen 44 ZyWALL USG 50 User's Guide You must use the OTP (One-Time Password) token to generate a number. Otherwise, the dashboard...
User Manual
Page 45
... shown next. title bar • B - Follow the directions in Figure 11 on page 45): • A - If you change the default password, the Login screen (Figure 9 on page 59); Figure 12 Title Bar ZyWALL USG 50 User's Guide 45 navigation panel • C - Figure 11 Dashboard A BC 3.3 Web Configurator Screens Overview The Web Configurator screen is using...
... shown next. title bar • B - Follow the directions in Figure 11 on page 45): • A - If you change the default password, the Login screen (Figure 9 on page 59); Figure 12 Title Bar ZyWALL USG 50 User's Guide 45 navigation panel • C - Figure 11 Dashboard A BC 3.3 Web Configurator Screens Overview The Web Configurator screen is using...
User Manual
Page 83
...key and AES256 uses a 256-bit key. • Authentication Algorithm: MD5 gives minimal security. DH1 (default) refers to the remote IPSec device. A short SA life time increases security, but is slower. ...between the IPSec devices). See the help in increased latency and decreased throughput. ZyWALL USG 50 User's Guide 83 AES128 uses a 128-bit key and is more processing ... SA Life Time: Set how often the ZyWALL renegotiates the IKE SA. MD5 (Message Digest 5) and SHA1 (Secure Hash Algorithm) are hash algorithms used to use a password or Certificate to authenticate packet data. Chapter ...
...key and AES256 uses a 256-bit key. • Authentication Algorithm: MD5 gives minimal security. DH1 (default) refers to the remote IPSec device. A short SA life time increases security, but is slower. ...between the IPSec devices). See the help in increased latency and decreased throughput. ZyWALL USG 50 User's Guide 83 AES128 uses a 128-bit key and is more processing ... SA Life Time: Set how often the ZyWALL renegotiates the IKE SA. MD5 (Message Digest 5) and SHA1 (Secure Hash Algorithm) are hash algorithms used to use a password or Certificate to authenticate packet data. Chapter ...
User Manual
Page 229
... to eight characters long. Type the password for MD5 authentication. The ID can be between 0 and 255) of alphanumeric characters and the underscore, and it can not be up to disable OSPF in this interface. ZyWALL USG 50 User's Guide 229 otherwise, the ZyWALL uses multicasting. use the factory assigned default MAC address. ID MD5 Authentication...
... to eight characters long. Type the password for MD5 authentication. The ID can be between 0 and 255) of alphanumeric characters and the underscore, and it can not be up to disable OSPF in this interface. ZyWALL USG 50 User's Guide 229 otherwise, the ZyWALL uses multicasting. use the factory assigned default MAC address. ID MD5 Authentication...
User Manual
Page 255
... your changes back to route packets through this interface when the area is MD5. ZyWALL USG 50 User's Guide 255 authenticate OSPF routing information using MD5 encryption Text Authentication Key This ...to the screen where you must use the same authentication method that they use the default authentication method in this screen without saving. Area Select the area in which this...None to eight characters long. Cancel Click Cancel to 16 characters long. Type the password for text authentication. The password can consist of a WAN trunk for a Designated Router (DR) or Backup ...
... your changes back to route packets through this interface when the area is MD5. ZyWALL USG 50 User's Guide 255 authenticate OSPF routing information using MD5 encryption Text Authentication Key This ...to the screen where you must use the same authentication method that they use the default authentication method in this screen without saving. Area Select the area in which this...None to eight characters long. Cancel Click Cancel to 16 characters long. Type the password for text authentication. The password can consist of a WAN trunk for a Designated Router (DR) or Backup ...
User Manual
Page 306
... in the area. This area is a Not So Stubby Area (NSSA), per RFC 1587. Select the default authentication method used in this screen, go to the OSPF summary screen (see Section 14.3 on a default route to send information outside the OSPF AS. It has routing information about the OSPF AS but...It has routing information about the OSPF AS and about the OSPF AS and networks that is a normal area. MD5 uses an MD5 password and authentication ID (most secure). 306 ZyWALL USG 50 User's Guide It depends on page 299), and click either the Add icon or an Edit icon. Text uses a plain text...
... in the area. This area is a Not So Stubby Area (NSSA), per RFC 1587. Select the default authentication method used in this screen, go to the OSPF summary screen (see Section 14.3 on a default route to send information outside the OSPF AS. It has routing information about the OSPF AS but...It has routing information about the OSPF AS and about the OSPF AS and networks that is a normal area. MD5 uses an MD5 password and authentication ID (most secure). 306 ZyWALL USG 50 User's Guide It depends on page 299), and click either the Add icon or an Edit icon. Text uses a plain text...
User Manual
Page 307
...Click OK to save your cursor over this to 8 characters long. Type the default ID for MD5 authentication in the virtual link. The ZyWALL confirms you want to display the password. This authentication protects the integrity, but not the confidentiality, of alphanumeric characters and... Authentication is the authentication method the virtual link uses. You should set up the virtual link on page ZyWALL USG 50 User's Guide 307 Type the default password for text authentication. None uses no authentication. The ID can consist of routing updates. OK Cancel Same...
...Click OK to save your cursor over this to 8 characters long. Type the default ID for MD5 authentication in the virtual link. The ZyWALL confirms you want to display the password. This authentication protects the integrity, but not the confidentiality, of alphanumeric characters and... Authentication is the authentication method the virtual link uses. You should set up the virtual link on page ZyWALL USG 50 User's Guide 307 Type the default password for text authentication. None uses no authentication. The ID can consist of routing updates. OK Cancel Same...
User Manual
Page 308
... secure). This field is available if the Authentication is sent over the network (not very secure). Type the default password for MD5 authentication in the area. The password can consist of alphanumeric characters and the underscore, and it can be up to display a screen like the ...text password that is MD5. Text Authentication Key MD5 Authentication ID MD5 Authentication Key OK Cancel Same as Area has the virtual link also use the Authentication settings above. This field is available if the Authentication is more detailed information about RIP and OSPF. 308 ZyWALL USG 50 User's...
... secure). This field is available if the Authentication is sent over the network (not very secure). Type the default password for MD5 authentication in the area. The password can consist of alphanumeric characters and the underscore, and it can be up to display a screen like the ...text password that is MD5. Text Authentication Key MD5 Authentication ID MD5 Authentication Key OK Cancel Same as Area has the virtual link also use the Authentication settings above. This field is available if the Authentication is more detailed information about RIP and OSPF. 308 ZyWALL USG 50 User's...
User Manual
Page 309
..., for each packet. MD5 is an authentication method that received it. • The packet's message-digest is the same as Area. ZyWALL USG 50 User's Guide 309 The transmitting and receiving routers must have to update the authentication information for all interfaces. The... OSPF, the ZyWALL supports a default authentication type by area. If you want to use this default in an interface or virtual link, you can override the default in RIP version 1. It also includes an authentication ID, which can only select one the ZyWALL calculates using an MD5 password and authentication ID...
..., for each packet. MD5 is an authentication method that received it. • The packet's message-digest is the same as Area. ZyWALL USG 50 User's Guide 309 The transmitting and receiving routers must have to update the authentication information for all interfaces. The... OSPF, the ZyWALL supports a default authentication type by area. If you want to use this default in an interface or virtual link, you can override the default in RIP version 1. It also includes an authentication ID, which can only select one the ZyWALL calculates using an MD5 password and authentication ID...
User Manual
Page 588
... characters. This value is available for more information about this user has to renew the current session before the lease time expires. 588 ZyWALL USG 50 User's Guide See Ext-Group-User Accounts on page 586. This field is maintained in a remote server, such as RADIUS or LDAP... You can look at the configuration of user this user belongs. You may use to 1440 minutes. Default descriptions are : Password • admin - User names have to change the configuration of the ZyWALL • limited-admin - this user can enter 0 to make the number of the AD or LDAP...
... characters. This value is available for more information about this user has to renew the current session before the lease time expires. 588 ZyWALL USG 50 User's Guide See Ext-Group-User Accounts on page 586. This field is maintained in a remote server, such as RADIUS or LDAP... You can look at the configuration of user this user belongs. You may use to 1440 minutes. Default descriptions are : Password • admin - User names have to change the configuration of the ZyWALL • limited-admin - this user can enter 0 to make the number of the AD or LDAP...
User Manual
Page 594
...minutes the user must wait to try to use different IP addresses. These default authentication timeout settings also control the settings for any user account's authentication timeout settings. 594 ZyWALL USG 50 User's Guide You can login unsuccessfully before the IP address is reached....screen to its last-saved settings. 35.4.1 Default User Authentication Timeout Settings Edit Screens The Default Authentication Timeout Settings Edit screen allows you do not select this , admin users can login unsuccessfully (for example, wrong password) before the IP address is access account ...
...minutes the user must wait to try to use different IP addresses. These default authentication timeout settings also control the settings for any user account's authentication timeout settings. 594 ZyWALL USG 50 User's Guide You can login unsuccessfully before the IP address is reached....screen to its last-saved settings. 35.4.1 Default User Authentication Timeout Settings Edit Screens The Default Authentication Timeout Settings Edit screen allows you do not select this , admin users can login unsuccessfully (for example, wrong password) before the IP address is access account ...
User Manual
Page 624
... 192 Configuration > Object > AAA Server > RADIUS LABEL DESCRIPTION Add Click this case, user authentication fails. For example, o=ZyXEL, c=US. Authentication Port The default port of the AD or LDAP server. In this to do so with additional information. Specify the timeout period (between the... and click Remove. Key Enter a password (up to be the same on page 230 for authentication is down. Name This is the name of a RADIUS server. Chapter 39 AAA Server Click Configuration > Object > AAA Server > RADIUS to its last-saved settings. 624 ZyWALL USG 50 User's Guide
... 192 Configuration > Object > AAA Server > RADIUS LABEL DESCRIPTION Add Click this case, user authentication fails. For example, o=ZyXEL, c=US. Authentication Port The default port of the AD or LDAP server. In this to do so with additional information. Specify the timeout period (between the... and click Remove. Key Enter a password (up to be the same on page 230 for authentication is down. Name This is the name of a RADIUS server. Chapter 39 AAA Server Click Configuration > Object > AAA Server > RADIUS to its last-saved settings. 624 ZyWALL USG 50 User's Guide
User Manual
Page 635
...-64) encoded X.509: This Privacy Enhanced Mail format uses lowercase letters, uppercase letters and numerals to your computer. The file's password is a message digest calculated using the certificate's fingerprint. A certificate's fingerprint is not connected to convert a binary X.509 certificate into... letters, uppercase letters and numerals to convert a binary PKCS#7 certificate into the ZyWALL. ZyWALL USG 50 User's Guide 635 Chapter 41 Certificates Factory Default Certificate The ZyWALL generates its own unique self-signed certificate when you first turn it to text ...
...-64) encoded X.509: This Privacy Enhanced Mail format uses lowercase letters, uppercase letters and numerals to your computer. The file's password is a message digest calculated using the certificate's fingerprint. A certificate's fingerprint is not connected to convert a binary X.509 certificate into... letters, uppercase letters and numerals to convert a binary PKCS#7 certificate into the ZyWALL. ZyWALL USG 50 User's Guide 635 Chapter 41 Certificates Factory Default Certificate The ZyWALL generates its own unique self-signed certificate when you first turn it to text ...
User Manual
Page 647
... Space in this action. Uploading a new firmware or default configuration file does not delete your certificates unless you take this screen. Chapter 41 Certificates Table 199 Configuration > Object > Certificate > My Certificates > Import (continued) LABEL DESCRIPTION Password This field only applies when you should consider deleting expired...delete them. Edit Double-click an entry or select it and click Edit to open a screen with an in use. ZyWALL USG 50 User's Guide 647 Type the file's password that is currently in -depth list of your certificates. Remove The...
... Space in this action. Uploading a new firmware or default configuration file does not delete your certificates unless you take this screen. Chapter 41 Certificates Table 199 Configuration > Object > Certificate > My Certificates > Import (continued) LABEL DESCRIPTION Password This field only applies when you should consider deleting expired...delete them. Edit Double-click an entry or select it and click Edit to open a screen with an in use. ZyWALL USG 50 User's Guide 647 Type the file's password that is currently in -depth list of your certificates. Remove The...
User Manual
Page 650
If the issuing certification authority is the default server port number for LDAP. The ZyWALL does not trust the end entity's certificate and...are signed by this read -only fields display detailed information about the certificate. 650 ZyWALL USG 50 User's Guide ID The ZyWALL may need to authenticate itself in order to assess the CRL directory server. LDAP ... of the directory server. Enable X.509v3 CRL Distribution Points and OCSP checking Select this screen. Password Type the password (up to configure the OSCP or LDAP server details. Address Type the IP address (in ...
If the issuing certification authority is the default server port number for LDAP. The ZyWALL does not trust the end entity's certificate and...are signed by this read -only fields display detailed information about the certificate. 650 ZyWALL USG 50 User's Guide ID The ZyWALL may need to authenticate itself in order to assess the CRL directory server. LDAP ... of the directory server. Enable X.509v3 CRL Distribution Points and OCSP checking Select this screen. Password Type the password (up to configure the OSCP or LDAP server details. Address Type the IP address (in ...
User Manual
Page 708
... install an SSH client program on the ZyWALL Your ZyWALL supports SSH versions 1 and 2 using port 22 (by default). 45.7.3 Requirements for management using RSA authentication and four encryption methods (AES, 3DES, Archfour, and Blowfish). Use this screen to specify from which zones SSH can come. 708 ZyWALL USG 50 User's Guide You can also specify...
... install an SSH client program on the ZyWALL Your ZyWALL supports SSH versions 1 and 2 using port 22 (by default). 45.7.3 Requirements for management using RSA authentication and four encryption methods (AES, 3DES, Archfour, and Blowfish). Use this screen to specify from which zones SSH can come. 708 ZyWALL USG 50 User's Guide You can also specify...
User Manual
Page 711
... Are you sure you to port 22 on the ZyWALL. [email protected]'s password: 3 The CLI screen displays next. 45.8 Telnet You can come. ZyWALL USG 50 User's Guide 711 SSH-1.5-1.0.0 2 Enter "ssh -1 192.168.1.1". Then enter the password to the ZyWALL. RSA1 key fingerprint is '^]'. Escape character is 21...that comes with most Linux distributions. 1 Test whether the SSH service is the first time you are connecting to the ZyWALL using the default IP address of 192.168.1.1). Specify which zones allow Telnet access and from which IP address the access can use ...
... Are you sure you to port 22 on the ZyWALL. [email protected]'s password: 3 The CLI screen displays next. 45.8 Telnet You can come. ZyWALL USG 50 User's Guide 711 SSH-1.5-1.0.0 2 Enter "ssh -1 192.168.1.1". Then enter the password to the ZyWALL. RSA1 key fingerprint is '^]'. Escape character is 21...that comes with most Linux distributions. 1 Test whether the SSH service is the first time you are connecting to the ZyWALL using the default IP address of 192.168.1.1). Specify which zones allow Telnet access and from which IP address the access can use ...
User Manual
Page 718
...all requests. Destination Type the IP address of the station to send your SNMP traps to the SNMP manager. The default is the password for incoming Set requests from which computers you must use the same port number in this service. Chapter 45 System ...can come. Service Control This specifies from the management station. The default is the password for the incoming Get and GetNext requests from the management station. Get Community Enter the Get Community, which ZyWALL zones. 718 ZyWALL USG 50 User's Guide Figure 421 Configuration > System > SNMP The following ...
...all requests. Destination Type the IP address of the station to send your SNMP traps to the SNMP manager. The default is the password for incoming Set requests from which computers you must use the same port number in this service. Chapter 45 System ...can come. Service Control This specifies from the management station. The default is the password for the incoming Get and GetNext requests from the management station. Get Community Enter the Get Community, which ZyWALL zones. 718 ZyWALL USG 50 User's Guide Figure 421 Configuration > System > SNMP The following ...
User Manual
Page 759
... page 91. Make sure you have the ZyWALL turned on . Make sure your User's Guide for about 5 seconds (or until the PWR LED starts to the factory defaults (password is in for details). If the LEDs still do not turn on . ZyWALL USG 50 User's Guide 759 Press the button in... the same subnet as the ZyWALL's. • In the computer, click Start, (All) Programs, Accessories and...
... page 91. Make sure you have the ZyWALL turned on . Make sure your User's Guide for about 5 seconds (or until the PWR LED starts to the factory defaults (password is in for details). If the LEDs still do not turn on . ZyWALL USG 50 User's Guide 759 Press the button in... the same subnet as the ZyWALL's. • In the computer, click Start, (All) Programs, Accessories and...
User Manual
Page 775
...823 hours 242 (W) x 175 (D) x 35.5 (H) mm 1.2 kg ZyWALL USG 50 User's Guide 775 Table 240 Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (P3, P4) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (P3, P4) Default Password 1234 This table provides hardware specifications. Table 241 Hardware Specifications FEATURE SPECIFICATION ... RS-232, DB9F connector 2, 2.0 plug and play Huawei: E220, E270, E169, and E800 12V DC Temperature: 0 C to 50 C Humidity: 20% to 95% (non-condensing) Temperature: -30 C to 60 C Humidity: 20% to change without notice.
...823 hours 242 (W) x 175 (D) x 35.5 (H) mm 1.2 kg ZyWALL USG 50 User's Guide 775 Table 240 Default Login Information ATTRIBUTE SPECIFICATION Default IP Address (P3, P4) 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) (P3, P4) Default Password 1234 This table provides hardware specifications. Table 241 Hardware Specifications FEATURE SPECIFICATION ... RS-232, DB9F connector 2, 2.0 plug and play Huawei: E220, E270, E169, and E800 12V DC Temperature: 0 C to 50 C Humidity: 20% to 95% (non-condensing) Temperature: -30 C to 60 C Humidity: 20% to change without notice.