User Manual
Page 15
... 8.2 The Dashboard Screen ...157 8.2.1 The CPU Usage Screen 162 8.2.2 The Memory Usage Screen 163 8.2.3 The Active Sessions Screen 164 8.2.4 The VPN Status Screen 165 8.2.5 The DHCP Table Screen 165 8.2.6 The Number of Login Users Screen 166 Chapter 9 Monitor...169 9.1 Overview ...169 9.1.1 What You Can Do in this Chapter 169 9.2 The Port Statistics... 9.17 The Anti-Spam Statistics Screen 203 9.18 The Anti-Spam Status Screen 205 9.19 Log Screen ...206 Chapter 10 Registration ...209 10.1 Overview ...209 ZyWALL USG 50 User's Guide 15
... 8.2 The Dashboard Screen ...157 8.2.1 The CPU Usage Screen 162 8.2.2 The Memory Usage Screen 163 8.2.3 The Active Sessions Screen 164 8.2.4 The VPN Status Screen 165 8.2.5 The DHCP Table Screen 165 8.2.6 The Number of Login Users Screen 166 Chapter 9 Monitor...169 9.1 Overview ...169 9.1.1 What You Can Do in this Chapter 169 9.2 The Port Statistics... 9.17 The Anti-Spam Statistics Screen 203 9.18 The Anti-Spam Status Screen 205 9.19 Log Screen ...206 Chapter 10 Registration ...209 10.1 Overview ...209 ZyWALL USG 50 User's Guide 15
User Manual
Page 18
Table of Contents 18.1 Overview ...331 18.1.1 What You Can Do in this Chapter 331 18.1.2 What You Need to Know 332 18.2 The HTTP...in this Chapter 343 20.1.2 What You Need to Know 344 20.2 IP/MAC Binding Summary 344 20.2.1 IP/MAC Binding Edit 345 20.2.2 Static DHCP Edit ...346 20.3 IP/MAC Binding Exempt List 347 Chapter 21 Authentication Policy ...349 21.1 Overview ...349 21.1.1 What You Can Do in this... Firewall Rule Configuration Example 363 22.2 The Firewall Screen ...365 22.2.1 Configuring the Firewall Screen 366 22.2.2 The Firewall Add/Edit Screen 369 18 ZyWALL USG 50 User's Guide
Table of Contents 18.1 Overview ...331 18.1.1 What You Can Do in this Chapter 331 18.1.2 What You Need to Know 332 18.2 The HTTP...in this Chapter 343 20.1.2 What You Need to Know 344 20.2 IP/MAC Binding Summary 344 20.2.1 IP/MAC Binding Edit 345 20.2.2 Static DHCP Edit ...346 20.3 IP/MAC Binding Exempt List 347 Chapter 21 Authentication Policy ...349 21.1 Overview ...349 21.1.1 What You Can Do in this... Firewall Rule Configuration Example 363 22.2 The Firewall Screen ...365 22.2.1 Configuring the Firewall Screen 366 22.2.2 The Firewall Add/Edit Screen 369 18 ZyWALL USG 50 User's Guide
User Manual
Page 90
...physical port P5). The DMZ zone has servers that are available to the Internet 192.168.1.1, DHCP server enabled Protected LAN 192.168.2.1, DHCP server enabled Protected LAN 192.168.3.1, DHCP server disabled Public servers (such as web, e-mail and FTP) None Local management • ... the lan2 interface. The LAN2 zone is a protected zone. The LAN1 zone is a protected zone. Chapter 6 Configuration Basics Table 14 Default Network Topology ZyWALL USG 50 Default Port, Interface, and Zone Configuration PORT P1, P2 P3, P4 INTERFACE ZONE wan1, wan2 WAN lan1 LAN1 P5 lan2 LAN2...
...physical port P5). The DMZ zone has servers that are available to the Internet 192.168.1.1, DHCP server enabled Protected LAN 192.168.2.1, DHCP server enabled Protected LAN 192.168.3.1, DHCP server disabled Public servers (such as web, e-mail and FTP) None Local management • ... the lan2 interface. The LAN2 zone is a protected zone. The LAN1 zone is a protected zone. Chapter 6 Configuration Basics Table 14 Default Network Topology ZyWALL USG 50 Default Port, Interface, and Zone Configuration PORT P1, P2 P3, P4 INTERFACE ZONE wan1, wan2 WAN lan1 LAN1 P5 lan2 LAN2...
User Manual
Page 157
... licensed service status, and ZyWALL USG 50 User's Guide 157 You can also display other status screens for more information. • Use the VPN status screen (see Section 8.2.1 on page 162) to look at the VPN tunnels that are currently established. • Use the DHCP Table screen (see Section 8.2.5 ...on page 165) to look at the IP addresses currently assigned to look at a list of the users currently logged into the ZyWALL. 8.2 The Dashboard Screen The Dashboard screen displays when you log...
... licensed service status, and ZyWALL USG 50 User's Guide 157 You can also display other status screens for more information. • Use the VPN status screen (see Section 8.2.1 on page 162) to look at the VPN tunnels that are currently established. • Use the DHCP Table screen (see Section 8.2.5 ...on page 165) to look at the IP addresses currently assigned to look at a list of the users currently logged into the ZyWALL. 8.2 The Dashboard Screen The Dashboard screen displays when you log...
User Manual
Page 160
... is enabled and connected. Click Renew to send a new DHCP request to see Section 9.9 on what percentage of the ZyWALL's onboard flash memory is disabled or did not receive an IP...ZyWALL try to update the IP address for the status that are . The possible values depend on page 183 for the interface. If the IP address is 0.0.0.0, the interface is currently being used. Chapter 8 Dashboard Table... to get or to the extension slot (or none if no device is detected). 160 ZyWALL USG 50 User's Guide Click the Show Active Sessions icon to display a chart of the device connected...
... is enabled and connected. Click Renew to send a new DHCP request to see Section 9.9 on what percentage of the ZyWALL's onboard flash memory is disabled or did not receive an IP...ZyWALL try to update the IP address for the status that are . The possible values depend on page 183 for the interface. If the IP address is 0.0.0.0, the interface is currently being used. Chapter 8 Dashboard Table... to get or to the extension slot (or none if no device is detected). 160 ZyWALL USG 50 User's Guide Click the Show Active Sessions icon to display a chart of the device connected...
User Manual
Page 161
...and time in to look at the IP addresses currently assigned to pop-open a list of users currently logged in the ZyWALL. DHCP Table Click this to look at the VPN tunnels that can appear. Firmware update OK - Fallback to the lastgood.conf configuration file...to the ZyWALL's DHCP clients and the IP addresses reserved for specific MAC addresses. See Section 8.2.5 on page 162. The ZyWALL successfully applied the system default configuration. The ZyWALL was unable to apply the lastgood.conf configuration file and fell back to lastgood configuration - ZyWALL USG 50 User's Guide...
...and time in to look at the IP addresses currently assigned to pop-open a list of users currently logged in the ZyWALL. DHCP Table Click this to look at the VPN tunnels that can appear. Firmware update OK - Fallback to the lastgood.conf configuration file...to the ZyWALL's DHCP clients and the IP addresses reserved for specific MAC addresses. See Section 8.2.5 on page 162. The ZyWALL successfully applied the system default configuration. The ZyWALL was unable to apply the lastgood.conf configuration file and fell back to lastgood configuration - ZyWALL USG 50 User's Guide...
User Manual
Page 165
...SA. Refresh Click this to update the information in the window right away. 8.2.5 The DHCP Table Screen Use this screen to look at the IP addresses currently assigned to be updated automatically. Table 23 Dashboard > VPN Status LABEL DESCRIPTION # This field is a sequential value, and ... often you want this window to DHCP clients and the IP addresses reserved for specific MAC addresses. Chapter 8 Dashboard 8.2.4 The VPN Status Screen Use this screen to look at the VPN tunnels that are currently established. Figure 119 Dashboard > DHCP Table ZyWALL USG 50 User's Guide 165
...SA. Refresh Click this to update the information in the window right away. 8.2.5 The DHCP Table Screen Use this screen to look at the IP addresses currently assigned to be updated automatically. Table 23 Dashboard > VPN Status LABEL DESCRIPTION # This field is a sequential value, and ... often you want this window to DHCP clients and the IP addresses reserved for specific MAC addresses. Chapter 8 Dashboard 8.2.4 The VPN Status Screen Use this screen to look at the VPN tunnels that are currently established. Figure 119 Dashboard > DHCP Table ZyWALL USG 50 User's Guide 165
User Manual
Page 166
...Click the heading cell again to a DHCP client. To create a static DHCP entry using an existing dynamic DHCP entry, select this screen, click the dashboard's Number of Login Users 166 ZyWALL USG 50 User's Guide IP Address This field ...displays the IP address currently assigned to reverse the sort order. Click the heading cell again to a DHCP client or reserved for dynamic DHCP entries. "None" shows here for a static DHCP entry. To access this field, and then click Apply. Chapter 8 Dashboard The following table...
...Click the heading cell again to a DHCP client. To create a static DHCP entry using an existing dynamic DHCP entry, select this screen, click the dashboard's Number of Login Users 166 ZyWALL USG 50 User's Guide IP Address This field ...displays the IP address currently assigned to reverse the sort order. Click the heading cell again to a DHCP client or reserved for dynamic DHCP entries. "None" shows here for a static DHCP entry. To access this field, and then click Apply. Chapter 8 Dashboard The following table...
User Manual
Page 174
... Addr/ Netmask If the PPP interface is disabled, it is a member of these ways to get or to the network. Static - This table provides packet statistics for the interface. Down - Disconnected - This field displays the zone to update its IP address, this field always displays Up... always displays Up. For PPP interfaces: Connected - This is either the static IP address of each interface. 174 ZyWALL USG 50 User's Guide Click Renew to send a new DHCP request to the interface. Status This field displays the current status of the interface (if it is connected. The ...
... Addr/ Netmask If the PPP interface is disabled, it is a member of these ways to get or to the network. Static - This table provides packet statistics for the interface. Down - Disconnected - This field displays the zone to update its IP address, this field always displays Up... always displays Up. For PPP interfaces: Connected - This is either the static IP address of each interface. 174 ZyWALL USG 50 User's Guide Click Renew to send a new DHCP request to the interface. Status This field displays the current status of the interface (if it is connected. The ...
User Manual
Page 182
...System Status > Login Users 182 ZyWALL USG 50 User's Guide Table 33 Monitor > System Status > IP/MAC Binding LABEL DESCRIPTION Interface Select a ZyWALL interface that the ZyWALL assigned to look at a list of an IP/MAC binding entry. The ZyWALL learns these from the DHCP client requests. Refresh Click this button... interface. IP Address This is currently assigned. Last Access This is the index number of the users currently logged into the ZyWALL. Host Name This field displays the name used to which devices it has assigned an IP address. # This is when...
...System Status > Login Users 182 ZyWALL USG 50 User's Guide Table 33 Monitor > System Status > IP/MAC Binding LABEL DESCRIPTION Interface Select a ZyWALL interface that the ZyWALL assigned to look at a list of an IP/MAC binding entry. The ZyWALL learns these from the DHCP client requests. Refresh Click this button... interface. IP Address This is currently assigned. Last Access This is the index number of the users currently logged into the ZyWALL. Host Name This field displays the name used to which devices it has assigned an IP address. # This is when...
User Manual
Page 217
... Yes Yes restrictions Packet size (MTU) Yes Yes Yes Yes Yes Yes No DHCP DHCP server No Yes No No Yes Yes No DHCP relay No Yes No No Yes Yes No Connectivity Check Yes No Yes No .... The relationships between interfaces are listed in the following table and discussed in the following table. For VLAN interfaces, x is strict. it is limited by a number (x). Table 52 Relationships Between Different Types of similar characteristics. and ...bridge interface port group Ethernet interface Ethernet interface* VLAN interface* ZyWALL USG 50 User's Guide 217
... Yes Yes restrictions Packet size (MTU) Yes Yes Yes Yes Yes Yes No DHCP DHCP server No Yes No No Yes Yes No DHCP relay No Yes No No Yes Yes No Connectivity Check Yes No Yes No .... The relationships between interfaces are listed in the following table and discussed in the following table. For VLAN interfaces, x is strict. it is limited by a number (x). Table 52 Relationships Between Different Types of similar characteristics. and ...bridge interface port group Ethernet interface Ethernet interface* VLAN interface* ZyWALL USG 50 User's Guide 217
User Manual
Page 221
... a virtual interface, select it and click Activate. Activate To turn off an interface, select it is a static IP address (STATIC) or dynamically assigned (DHCP). Note: If you change . Table 54 Configuration > Network > Interface > Ethernet LABEL DESCRIPTION Edit Double-click an entry or select it and click Edit to remove it before doing... page 219.) The WAN interface's Edit > Configuration screen is shown here as an example. Inactivate To turn on an interface, select it and click Remove. ZyWALL USG 50 User's Guide 221
... a virtual interface, select it and click Activate. Activate To turn off an interface, select it is a static IP address (STATIC) or dynamically assigned (DHCP). Note: If you change . Table 54 Configuration > Network > Interface > Ethernet LABEL DESCRIPTION Edit Double-click an entry or select it and click Edit to remove it before doing... page 219.) The WAN interface's Edit > Configuration screen is shown here as an example. Inactivate To turn on an interface, select it and click Remove. ZyWALL USG 50 User's Guide 221
User Manual
Page 225
Chapter 11 Interfaces Table 55 Configuration > Network > Interface > Ethernet > Edit (continued) LABEL DESCRIPTION Interface Type This field is to belong. Interface... not used elsewhere. The subnet mask indicates what part of the Ethernet interface's physical port. Other corresponding configuration options: DHCP server and DHCP relay. This is the name of the IP address is assigned to an external interface. This field is the MAC ... IP Address IP Address Subnet Mask Gateway You should also change a related address object for the interface. ZyWALL USG 50 User's Guide 225
Chapter 11 Interfaces Table 55 Configuration > Network > Interface > Ethernet > Edit (continued) LABEL DESCRIPTION Interface Type This field is to belong. Interface... not used elsewhere. The subnet mask indicates what part of the Ethernet interface's physical port. Other corresponding configuration options: DHCP server and DHCP relay. This is the name of the IP address is assigned to an external interface. This field is the MAC ... IP Address IP Address Subnet Mask Gateway You should also change a related address object for the interface. ZyWALL USG 50 User's Guide 225
User Manual
Page 227
...DHCP server on another network. ZyWALL USG 50 User's Guide 227 There is limited by the interface's Subnet Mask. DHCP Server - Relay Server 1 Enter the IP address of another interface received from which the ZyWALL begins allocating IP addresses. ZyWALL - the ZyWALL routes DHCP requests to one or more DHCP... appear if the ZyWALL is optional. From ISP - the DHCP clients use the Static DHCP Table. Specify the port number to the network. Pool Size If this interface and the ZyWALL works as a DNS relay. DHCP Relay - In this case, the ZyWALL can allocate 10....
...DHCP server on another network. ZyWALL USG 50 User's Guide 227 There is limited by the interface's Subnet Mask. DHCP Server - Relay Server 1 Enter the IP address of another interface received from which the ZyWALL begins allocating IP addresses. ZyWALL - the ZyWALL routes DHCP requests to one or more DHCP... appear if the ZyWALL is optional. From ISP - the DHCP clients use the Static DHCP Table. Specify the port number to the network. Pool Size If this interface and the ZyWALL works as a DNS relay. DHCP Relay - In this case, the ZyWALL can allocate 10....
User Manual
Page 228
...interface attempts to use an IP address that they are currently using. Static DHCP Table Configure a list of the WINS (Windows Internet Naming Service) server that you want to send to the DHCP clients. Otherwise, the ZyWALL assigns an IP address dynamically using a bound IP address on another device's...enable RIP in this to make use alphanumeric and characters, and it has to enter how long IP addresses are 1, 2, and 1 and 2. 228 ZyWALL USG 50 User's Guide Use this interface. MAC Address Enter the MAC address to which to 60 characters long. Choices are 1, 2, and 1 and 2. ...
...interface attempts to use an IP address that they are currently using. Static DHCP Table Configure a list of the WINS (Windows Internet Naming Service) server that you want to send to the DHCP clients. Otherwise, the ZyWALL assigns an IP address dynamically using a bound IP address on another device's...enable RIP in this to make use alphanumeric and characters, and it has to enter how long IP addresses are 1, 2, and 1 and 2. 228 ZyWALL USG 50 User's Guide Use this interface. MAC Address Enter the MAC address to which to 60 characters long. Choices are 1, 2, and 1 and 2. ...
User Manual
Page 235
... blank if the ISP account uses PPTP. You might use based on this interface. In this interface is a DHCP client. The lower the number, the higher the priority. ZyWALL USG 50 User's Guide 235 Chapter 11 Interfaces Table 58 Configuration > Network > Interface > PPP > Add (continued) LABEL DESCRIPTION Enable Interface Select this to display more gateways...
... blank if the ISP account uses PPTP. You might use based on this interface. In this interface is a DHCP client. The lower the number, the higher the priority. ZyWALL USG 50 User's Guide 235 Chapter 11 Interfaces Table 58 Configuration > Network > Interface > PPP > Add (continued) LABEL DESCRIPTION Enable Interface Select this to display more gateways...
User Manual
Page 248
...VLAN Summary Screen This screen lists every VLAN interface and virtual interface created on top of only one Ethernet interface. They can provide DHCP services, and they can verify the gateway is created on an entry, select it and click Edit to open the screen where you...and click Create Virtual Interface. 248 ZyWALL USG 50 User's Guide The ZyWALL confirms you can have an IP address, subnet mask, and gateway used to other interfaces in the following table. Chapter 11 Interfaces • Between the router and VLAN 3. As a router, the ZyWALL routes traffic between VLAN interfaces, but...
...VLAN Summary Screen This screen lists every VLAN interface and virtual interface created on top of only one Ethernet interface. They can provide DHCP services, and they can verify the gateway is created on an entry, select it and click Edit to open the screen where you...and click Create Virtual Interface. 248 ZyWALL USG 50 User's Guide The ZyWALL confirms you can have an IP address, subnet mask, and gateway used to other interfaces in the following table. Chapter 11 Interfaces • Between the router and VLAN 3. As a router, the ZyWALL routes traffic between VLAN interfaces, but...
User Manual
Page 254
... RIP is enabled. This field is effective when RIP is enabled. Choices are 1, 2, and 1 and 2. Static DHCP Table Configure a list of static IP addresses the ZyWALL assigns to computers connected to help identify this to send RIP-2 packets using the interface's IP Pool Start Address and ...that is not associated with this option to 60 characters long. This field is effective when RIP is enabled. otherwise, the ZyWALL uses multicasting. 254 ZyWALL USG 50 User's Guide Use this interface. Choices are valid. MAC Address Enter the MAC address to which to enter how long ...
... RIP is enabled. This field is effective when RIP is enabled. Choices are 1, 2, and 1 and 2. Static DHCP Table Configure a list of static IP addresses the ZyWALL assigns to computers connected to help identify this to send RIP-2 packets using the interface's IP Pool Start Address and ...that is not associated with this option to 60 characters long. This field is effective when RIP is enabled. otherwise, the ZyWALL uses multicasting. 254 ZyWALL USG 50 User's Guide Use this interface. Choices are valid. MAC Address Enter the MAC address to which to enter how long ...
User Manual
Page 263
...DHCP server. This number must be at least one of the computer names on another interface received from which the ZyWALL begins allocating IP addresses. Custom Defined - Enable IP/MAC Binding Select this option to have the ZyWALL generate a log if a device connected to this interface and the ZyWALL works as a DNS relay. ZyWALL USG 50... want to send to request the information again. Static DHCP Table Configure a list of this interface attempts to use the information (especially the IP address) before it has to the DHCP clients. If you want to assign a static IP ...
...DHCP server. This number must be at least one of the computer names on another interface received from which the ZyWALL begins allocating IP addresses. Custom Defined - Enable IP/MAC Binding Select this option to have the ZyWALL generate a log if a device connected to this interface and the ZyWALL works as a DNS relay. ZyWALL USG 50... want to send to request the information again. Static DHCP Table Configure a list of this interface attempts to use the information (especially the IP address) before it has to the DHCP clients. If you want to assign a static IP ...
User Manual
Page 269
...a Windows implementation of broadcasting a request for the interface. These other interfaces received from DHCP servers (for DHCP clients. It is 255.255.255.0, the ZyWALL cannot assign 50.50.50.0 or 50.50.50.255. A network can refer to DNS servers that provide DNS services for example, a... Service) is 255.255.0.0, the ZyWALL cannot assign 50.50.0.0 or 50.50.255.255. ZyWALL USG 50 User's Guide 269 See IP Address Assignment on page 266. • Gateway - The table is 253. • Subnet mask - It stores a mapping table of IP addresses allowed by the ...
...a Windows implementation of broadcasting a request for the interface. These other interfaces received from DHCP servers (for DHCP clients. It is 255.255.255.0, the ZyWALL cannot assign 50.50.50.0 or 50.50.50.255. A network can refer to DNS servers that provide DNS services for example, a... Service) is 255.255.0.0, the ZyWALL cannot assign 50.50.0.0 or 50.50.255.255. ZyWALL USG 50 User's Guide 269 See IP Address Assignment on page 266. • Gateway - The table is 253. • Subnet mask - It stores a mapping table of IP addresses allowed by the ...