User Manual
Page 31
... provides two separate LAN networks. ZyWALL USG 50 User's Guide 31 Its flexible configuration helps network administrators set up multiple networks for your company. The ZyWALL's security features include VPN, firewall, anti-virus, content filtering, IDP (Intrusion Detection and Prevention), ADP (... an existing network with the reliability of the ZyWALL. It explains the front panel ports, LEDs, introduces the management methods, and lists different ways to Peer (P2P) control, NAT, port forwarding, policy routing, DHCP server and many other powerful features. Flexible configuration helps...
... provides two separate LAN networks. ZyWALL USG 50 User's Guide 31 Its flexible configuration helps network administrators set up multiple networks for your company. The ZyWALL's security features include VPN, firewall, anti-virus, content filtering, IDP (Intrusion Detection and Prevention), ADP (... an existing network with the reliability of the ZyWALL. It explains the front panel ports, LEDs, introduces the management methods, and lists different ways to Peer (P2P) control, NAT, port forwarding, policy routing, DHCP server and many other powerful features. Flexible configuration helps...
User Manual
Page 37
...interface, port, or network. You can create your own custom zones. High Availability To ensure the ZyWALL provides reliable, secure Internet access, set up one or more of the following: • Multiple WAN...ZyWALL. 2.1 Features The ZyWALL's security features include VPN, firewall, anti-virus, content filtering, IDP (Intrusion Detection and Prevention), ADP (Anomaly Detection and Protection), and certificates. ZyWALL USG 50 User's Guide 37 It also provides bandwidth management, NAT, port forwarding, policy routing, DHCP server and many other powerful features. The ZyWALL...
...interface, port, or network. You can create your own custom zones. High Availability To ensure the ZyWALL provides reliable, secure Internet access, set up one or more of the following: • Multiple WAN...ZyWALL. 2.1 Features The ZyWALL's security features include VPN, firewall, anti-virus, content filtering, IDP (Intrusion Detection and Prevention), ADP (Anomaly Detection and Protection), and certificates. ZyWALL USG 50 User's Guide 37 It also provides bandwidth management, NAT, port forwarding, policy routing, DHCP server and many other powerful features. The ZyWALL...
User Manual
Page 90
...Network Topology ZyWALL USG 50 Default Port, Interface, and Zone Configuration PORT P1, P2 P3, P4 INTERFACE ZONE wan1, wan2 WAN lan1 LAN1 P5 lan2 LAN2 P6 dmz DMZ CONSOLE n/a None IP ADDRESS AND DHCP SUGGESTED USE WITH SETTINGS DEFAULT SETTINGS DHCP clients Connections ...contains the dmz interface (physical port P5). The DMZ zone has servers that are available to the Internet 192.168.1.1, DHCP server enabled Protected LAN 192.168.2.1, DHCP server enabled Protected LAN 192.168.3.1, DHCP server disabled Public servers (such as web, e-mail and FTP) None Local management ...
...Network Topology ZyWALL USG 50 Default Port, Interface, and Zone Configuration PORT P1, P2 P3, P4 INTERFACE ZONE wan1, wan2 WAN lan1 LAN1 P5 lan2 LAN2 P6 dmz DMZ CONSOLE n/a None IP ADDRESS AND DHCP SUGGESTED USE WITH SETTINGS DEFAULT SETTINGS DHCP clients Connections ...contains the dmz interface (physical port P5). The DMZ zone has servers that are available to the Internet 192.168.1.1, DHCP server enabled Protected LAN 192.168.2.1, DHCP server enabled Protected LAN 192.168.3.1, DHCP server disabled Public servers (such as web, e-mail and FTP) None Local management ...
User Manual
Page 110
Add it to the LAN zone so all of the LAN zone's security policies apply to assign the ZyWALL's wan1 interface a static IP address of 1.2.3.4. 110 ZyWALL USG 50 User's Guide Figure 55 Ethernet Interface, Port Roles, and Zone Configuration Example 7.1.1 Configure a WAN Ethernet Interface You need to it. This dmz interface is used for a protected local network. Chapter 7 Tutorials • Convert P5 (lan2) into a dmz interface. It uses IP address 192.168.4.1 and has a DHCP server.
Add it to the LAN zone so all of the LAN zone's security policies apply to assign the ZyWALL's wan1 interface a static IP address of 1.2.3.4. 110 ZyWALL USG 50 User's Guide Figure 55 Ethernet Interface, Port Roles, and Zone Configuration Example 7.1.1 Configure a WAN Ethernet Interface You need to it. This dmz interface is used for a protected local network. Chapter 7 Tutorials • Convert P5 (lan2) into a dmz interface. It uses IP address 192.168.4.1 and has a DHCP server.
User Manual
Page 111
... Configuration > Network > Interface > Role. 2 Under P5 select the dmz (DMZ) radio button and click Apply. ZyWALL USG 50 User's Guide 111 It uses 192.168.4.1 as its IP address and has a DHCP server to distribute IP addresses to connected DHCP clients. Chapter 7 Tutorials Click Configuration > Network > Interface > Ethernet and double-click the wan1 interface's entry. Select...
... Configuration > Network > Interface > Role. 2 Under P5 select the dmz (DMZ) radio button and click Apply. ZyWALL USG 50 User's Guide 111 It uses 192.168.4.1 as its IP address and has a DHCP server to distribute IP addresses to connected DHCP clients. Chapter 7 Tutorials Click Configuration > Network > Interface > Ethernet and double-click the wan1 interface's entry. Select...
User Manual
Page 112
Figure 58 Configuration > Network > Interface > Ethernet > Edit lan2 7.1.4 Configure Zones Do the following to DHCP Server and click OK. Set DHCP to create a VPN zone. 1 Click Configuration > Network > Zone and then the Add icon. 112 ZyWALL USG 50 User's Guide Set the IP Address to 192.168.4.1 and the Subnet Mask to 255.255.255.0. The Interface Type should be internal. Chapter 7 Tutorials 1 Click Configuration > Network > Interface > Ethernet and double-click the lan2 interface's entry.
Figure 58 Configuration > Network > Interface > Ethernet > Edit lan2 7.1.4 Configure Zones Do the following to DHCP Server and click OK. Set DHCP to create a VPN zone. 1 Click Configuration > Network > Zone and then the Add icon. 112 ZyWALL USG 50 User's Guide Set the IP Address to 192.168.4.1 and the Subnet Mask to 255.255.255.0. The Interface Type should be internal. Chapter 7 Tutorials 1 Click Configuration > Network > Interface > Ethernet and double-click the lan2 interface's entry.
User Manual
Page 160
... field displays the port speed and duplex setting (Full or Half). Action If this field displays the IP address it is detected). 160 ZyWALL USG 50 User's Guide If the interface cannot use one of an active virtual router, this interface is a member of these ways to get or...disabled. If the IP address is 0.0.0.0, the interface is . Click Renew to send a new DHCP request to stop a PPPoE/PPTP connection. Extension Slot Slot Device Click the Disconnect icon to a DHCP server. Name This field displays the name of each interface. This section of the screen displays the...
... field displays the port speed and duplex setting (Full or Half). Action If this field displays the IP address it is detected). 160 ZyWALL USG 50 User's Guide If the interface cannot use one of an active virtual router, this interface is a member of these ways to get or...disabled. If the IP address is 0.0.0.0, the interface is . Click Renew to send a new DHCP request to stop a PPPoE/PPTP connection. Extension Slot Slot Device Click the Disconnect icon to a DHCP server. Name This field displays the name of each interface. This section of the screen displays the...
User Manual
Page 174
... in the list. If the VLAN or bridge interface is disabled. For PPP interfaces: Connected - Services Action Interface Statistics DHCP Client - Examples include DHCP relay, DHCP server, DDNS, RIP, and OSPF. Use this field always displays Up. This field displays the port speed and duplex setting ... its IP address. This table provides packet statistics for the interface. This is either the static IP address of each interface. 174 ZyWALL USG 50 User's Guide For virtual interfaces, this field displays the IP address it does not appear in the list. Speed / Duplex - ...
... in the list. If the VLAN or bridge interface is disabled. For PPP interfaces: Connected - Services Action Interface Statistics DHCP Client - Examples include DHCP relay, DHCP server, DDNS, RIP, and OSPF. Use this field always displays Up. This field displays the port speed and duplex setting ... its IP address. This table provides packet statistics for the interface. This is either the static IP address of each interface. 174 ZyWALL USG 50 User's Guide For virtual interfaces, this field displays the IP address it does not appear in the list. Speed / Duplex - ...
User Manual
Page 217
...Yes Yes Yes Yes Yes Yes Yes restrictions Packet size (MTU) Yes Yes Yes Yes Yes Yes No DHCP DHCP server No Yes No No Yes Yes No DHCP relay No Yes No No Yes Yes No Connectivity Check Yes No Yes No Yes Yes No - *... PORT / INTERFACE port group physical port Ethernet interface physical port VLAN interface bridge interface port group Ethernet interface Ethernet interface* VLAN interface* ZyWALL USG 50 User's Guide 217 These characteristics are listed in the VLAN name field. The relationships between interfaces are created directly on . ** - For...
...Yes Yes Yes Yes Yes Yes Yes restrictions Packet size (MTU) Yes Yes Yes Yes Yes Yes No DHCP DHCP server No Yes No No Yes Yes No DHCP relay No Yes No No Yes Yes No Connectivity Check Yes No Yes No Yes Yes No - *... PORT / INTERFACE port group physical port Ethernet interface physical port VLAN interface bridge interface port group Ethernet interface Ethernet interface* VLAN interface* ZyWALL USG 50 User's Guide 217 These characteristics are listed in the VLAN name field. The relationships between interfaces are created directly on . ** - For...
User Manual
Page 225
... MAC address that the Ethernet interface uses. This option appears when Interface Properties is for traffic flowing from a DHCP server. The ZyWALL sends packets to the gateway when it does not know how to route the packet to which this interface....ZyWALL USG 50 User's Guide 225 External is not used elsewhere. Enter a description of your LAN interface, you must manually configure a policy route to add routing and SNAT settings for the network connected to belong. It is for this interface is to the interface. Other corresponding configuration options: DHCP server and DHCP...
... MAC address that the Ethernet interface uses. This option appears when Interface Properties is for traffic flowing from a DHCP server. The ZyWALL sends packets to the gateway when it does not know how to route the packet to which this interface....ZyWALL USG 50 User's Guide 225 External is not used elsewhere. Enter a description of your LAN interface, you must manually configure a policy route to add routing and SNAT settings for the network connected to belong. It is for this interface is to the interface. Other corresponding configuration options: DHCP server and DHCP...
User Manual
Page 227
... specify these IP addresses. First DNS Server, Second DNS Server, Third DNS Server Specify the IP addresses up to three DNS servers for the DHCP clients to the network. enter a static IP address. ZyWALL USG 50 User's Guide 227 DHCP Select what type of another network. the ZyWALL routes DHCP requests to one or more DHCP servers you set the Check Method to...
... specify these IP addresses. First DNS Server, Second DNS Server, Third DNS Server Specify the IP addresses up to three DNS servers for the DHCP clients to the network. enter a static IP address. ZyWALL USG 50 User's Guide 227 DHCP Select what type of another network. the ZyWALL routes DHCP requests to one or more DHCP servers you set the Check Method to...
User Manual
Page 235
...(see Chapter 42 on page 655 for this case, the DHCP server configures the IP address automatically. Use Create new Object if you need to have the ZyWALL establish the PPPoE/PPTP connection only when there is traffic. User...account uses PPTP. IP Address This field is enabled if you want to display more gateways have the ZyWALL establish the PPPoE/PPTP connection only when there is traffic. Metric Enter the IP address for details).... Profile Select the ISP account that was configured first. The ZyWALL decides which this interface. ZyWALL USG 50 User's Guide 235
...(see Chapter 42 on page 655 for this case, the DHCP server configures the IP address automatically. Use Create new Object if you need to have the ZyWALL establish the PPPoE/PPTP connection only when there is traffic. User...account uses PPTP. IP Address This field is enabled if you want to display more gateways have the ZyWALL establish the PPPoE/PPTP connection only when there is traffic. Metric Enter the IP address for details).... Profile Select the ISP account that was configured first. The ZyWALL decides which this interface. ZyWALL USG 50 User's Guide 235
User Manual
Page 251
... the IP address of this to which the VLAN interface runs. Zone Select the zone to turn this button to 60 characters long. ZyWALL USG 50 User's Guide 251 Chapter 11 Interfaces Each field is not used elsewhere. Table 63 Configuration > Network > Interface > VLAN > Edit LABEL... or lesser number of the VLAN interface. Select this case, the DHCP server configures the IP address, subnet mask, and gateway automatically. This field is assigned to disable this to a VRRP group. The ZyWALL sends packets to the gateway when it can use alphanumeric and characters,...
... the IP address of this to which the VLAN interface runs. Zone Select the zone to turn this button to 60 characters long. ZyWALL USG 50 User's Guide 251 Chapter 11 Interfaces Each field is not used elsewhere. Table 63 Configuration > Network > Interface > VLAN > Edit LABEL... or lesser number of the VLAN interface. Select this case, the DHCP server configures the IP address, subnet mask, and gateway automatically. This field is assigned to disable this to a VRRP group. The ZyWALL sends packets to the gateway when it can use alphanumeric and characters,...
User Manual
Page 253
... you want to assign a static IP address to the network. First WINS Server, Second WINS Server Type the IP address of the following ways to the DHCP clients. ZyWALL USG 50 User's Guide 253 DHCP Relay - The DHCP server(s) may be blank. Enter the IP address of the computer names on your network and the IP addresses that another...
... you want to assign a static IP address to the network. First WINS Server, Second WINS Server Type the IP address of the following ways to the DHCP clients. ZyWALL USG 50 User's Guide 253 DHCP Relay - The DHCP server(s) may be blank. Enter the IP address of the computer names on your network and the IP addresses that another...
User Manual
Page 261
Clear this to disable this button to display a greater or lesser number of configuration Settings / Hide fields. For example, br0, br3, and so on top of it • It is read-only if you are part of the bridge interface. Each bridge interface can become part of the bridge interface. This field displays the interfaces that can only have one , and click the >> arrow to add it can use zones to enable this interface. Table 68 Configuration > Network > Interface > Bridge > Edit LABEL DESCRIPTION Show Advance Click this interface. Advance Settings General Settings ...
Clear this to disable this button to display a greater or lesser number of configuration Settings / Hide fields. For example, br0, br3, and so on top of it • It is read-only if you are part of the bridge interface. Each bridge interface can become part of the bridge interface. This field displays the interfaces that can only have one , and click the >> arrow to add it can use zones to enable this interface. Table 68 Configuration > Network > Interface > Bridge > Edit LABEL DESCRIPTION Show Advance Click this interface. Advance Settings General Settings ...
User Manual
Page 262
... does not know how to route the packet to the network. Choices are 0 - 1048576. the ZyWALL assigns IP addresses and provides subnet mask, gateway, and DNS server information to its destination. The ZyWALL is a DHCP Server. 262 ZyWALL USG 50 User's Guide Relay Server 2 This field is enabled if you can move through this bridge interface. Metric Related Setting...
... does not know how to route the packet to the network. Choices are 0 - 1048576. the ZyWALL assigns IP addresses and provides subnet mask, gateway, and DNS server information to its destination. The ZyWALL is a DHCP Server. 262 ZyWALL USG 50 User's Guide Relay Server 2 This field is enabled if you can move through this bridge interface. Metric Related Setting...
User Manual
Page 263
... from its DHCP server. If you want to assign a static IP address to request the information again. select the DNS server that they are : infinite - Lease time Specify how long each computer can allocate 10.10.10.10 to another interface received from which the ZyWALL begins allocating IP...if IP addresses never expire days, hours, and minutes - ZyWALL USG 50 User's Guide 263 Pool Size If this case, the ZyWALL can assign every IP address allowed by the interface's IP address and subnet mask, except for the DHCP clients to the interface. In this field is 10.10....
... from its DHCP server. If you want to assign a static IP address to request the information again. select the DNS server that they are : infinite - Lease time Specify how long each computer can allocate 10.10.10.10 to another interface received from which the ZyWALL begins allocating IP...if IP addresses never expire days, hours, and minutes - ZyWALL USG 50 User's Guide 263 Pool Size If this case, the ZyWALL can assign every IP address allowed by the interface's IP address and subnet mask, except for the DHCP clients to the interface. In this field is 10.10....
User Manual
Page 267
... address and subnet mask be DHCP clients. However, if there is a default router to which the ZyWALL should send this to the network. • Ingress bandwidth sets the amount of traffic the ZyWALL allows in through the interface from a DHCP server, the DHCP server also specifies the gateway, if... subnet mask of writing, the ZyWALL does not support ingress bandwidth management. In the example above, if the ZyWALL gets a packet with DHCP clients. In this case, the interface is possible for this packet, you can specify it is a DHCP client. ZyWALL USG 50 User's Guide 267 If two ...
... address and subnet mask be DHCP clients. However, if there is a default router to which the ZyWALL should send this to the network. • Ingress bandwidth sets the amount of traffic the ZyWALL allows in through the interface from a DHCP server, the DHCP server also specifies the gateway, if... subnet mask of writing, the ZyWALL does not support ingress bandwidth management. In the example above, if the ZyWALL gets a packet with DHCP clients. In this case, the interface is possible for this packet, you can specify it is a DHCP client. ZyWALL USG 50 User's Guide 267 If two ...
User Manual
Page 268
... is possible for an interface to handle large data packets. When the DHCP client leaves the network, the DHCP servers can provide DHCP services to do , the interface routes DHCP requests to DHCP clients. 268 ZyWALL USG 50 User's Guide It is re-assembled later. The ZyWALL also restricts the size of manual configuration you do and usually uses available...
... is possible for an interface to handle large data packets. When the DHCP client leaves the network, the DHCP servers can provide DHCP services to do , the interface routes DHCP requests to DHCP clients. 268 ZyWALL USG 50 User's Guide It is re-assembled later. The ZyWALL also restricts the size of manual configuration you do and usually uses available...
User Manual
Page 269
... (unlike DNS). This helps reduce broadcast traffic since computers can also serve as a WINS server. ZyWALL USG 50 User's Guide 269 Chapter 11 Interfaces • IP address - Samba can query the server instead of the pool and the pool size. If the DHCP client's MAC address is 253. • Subnet mask - See IP Address Assignment on...
... (unlike DNS). This helps reduce broadcast traffic since computers can also serve as a WINS server. ZyWALL USG 50 User's Guide 269 Chapter 11 Interfaces • IP address - Samba can query the server instead of the pool and the pool size. If the DHCP client's MAC address is 253. • Subnet mask - See IP Address Assignment on...