User Manual
Page 8
... shock from lightning. • Connect ONLY suitable accessories to the correct ports. • Place connecting cables carefully so that used electrical and electronic products should not be treated separately. 8 ZyWALL USG 50 User's Guide Safety Warnings Safety Warnings • Do NOT use this product...it might cause electrocution. • If the power adaptor or cord is a remote risk of electrical and electronic equipment. Opening or removing covers can walk on them or stumble over them at the applicable collection point for Waste Electronics and Electrical Equipment...
... shock from lightning. • Connect ONLY suitable accessories to the correct ports. • Place connecting cables carefully so that used electrical and electronic products should not be treated separately. 8 ZyWALL USG 50 User's Guide Safety Warnings Safety Warnings • Do NOT use this product...it might cause electrocution. • If the power adaptor or cord is a remote risk of electrical and electronic equipment. Opening or removing covers can walk on them or stumble over them at the applicable collection point for Waste Electronics and Electrical Equipment...
User Manual
Page 47
...the users currently logged into the ZyWALL. Chapter 3 Web Configurator 3.3.2 Navigation Panel Use the menu items on the navigation panel to open screens to resize them. The following sections introduce the ZyWALL's navigation panel menus and their screens...the arrow in widgets that have received an IP address from ZyWALL interfaces using IP/MAC binding. See Chapter 8 on page 157 for each physical port. DDNS Status Displays the status of all current sessions. Interface ... the navigation panel menus or drag it to configure ZyWALL features. ZyWALL USG 50 User's Guide 47
...the users currently logged into the ZyWALL. Chapter 3 Web Configurator 3.3.2 Navigation Panel Use the menu items on the navigation panel to open screens to resize them. The following sections introduce the ZyWALL's navigation panel menus and their screens...the arrow in widgets that have received an IP address from ZyWALL interfaces using IP/MAC binding. See Chapter 8 on page 157 for each physical port. DDNS Status Displays the status of all current sessions. Interface ... the navigation panel menus or drag it to configure ZyWALL features. ZyWALL USG 50 User's Guide 47
User Manual
Page 70
Use these screens to configure an interface to connect to open the WAN Interface Quick Setup Wizard Welcome screen. Click Next. Choose Ethernet when the WAN port is to configure for a WAN connection and click Next. Chapter 5 Quick Setup 5.2 WAN Interface Quick Setup Click WAN Interface in... Interface 5.2.2 Select WAN Type WAN Type Selection: Select the type of encapsulation this connection is used as a regular Ethernet. 70 ZyWALL USG 50 User's Guide Figure 35 WAN Interface Quick Setup Wizard 5.2.1 Choose an Ethernet Interface Select the Ethernet interface that you want to use.
Use these screens to configure an interface to connect to open the WAN Interface Quick Setup Wizard Welcome screen. Click Next. Choose Ethernet when the WAN port is to configure for a WAN connection and click Next. Chapter 5 Quick Setup 5.2 WAN Interface Quick Setup Click WAN Interface in... Interface 5.2.2 Select WAN Type WAN Type Selection: Select the type of encapsulation this connection is used as a regular Ethernet. 70 ZyWALL USG 50 User's Guide Figure 35 WAN Interface Quick Setup Wizard 5.2.1 Choose an Ethernet Interface Select the Ethernet interface that you want to use.
User Manual
Page 159
...no device is currently being used to identify the ZyWALL on page 237 for the status that takes you to open the screen where you can appear. See Section 45.2 on what percentage of the ZyWALL's extension slots or USB ports. Firmware Version This field displays the version number and...Serial Number This field displays the serial number of each interface or device installed in one MAC address. Each physical port has one of the ZyWALL's RAM is detected). ZyWALL USG 50 User's Guide 159 Memory Usage This field displays what type of the interface (if it is the master) or ...
...no device is currently being used to identify the ZyWALL on page 237 for the status that takes you to open the screen where you can appear. See Section 45.2 on what percentage of the ZyWALL's extension slots or USB ports. Firmware Version This field displays the version number and...Serial Number This field displays the serial number of each interface or device installed in one MAC address. Each physical port has one of the ZyWALL's RAM is detected). ZyWALL USG 50 User's Guide 159 Memory Usage This field displays what type of the interface (if it is the master) or ...
User Manual
Page 160
...to the Session Monitor screen to update the IP address for the status that are currently open on page 183 for the interface. The Ethernet interface does not have the ZyWALL try to the interface. The Ethernet interface is disabled or did not receive an IP ...ports associated with it or the Ethernet interface is enabled but not connected. This field displays the current IP address assigned to connect a PPPoE/PPTP interface. Active Sessions This field displays how many interfaces there are. Click the Detail icon to go to update its entry is detected). 160 ZyWALL USG 50...
...to the Session Monitor screen to update the IP address for the status that are currently open on page 183 for the interface. The Ethernet interface does not have the ZyWALL try to the interface. The Ethernet interface is disabled or did not receive an IP ...ports associated with it or the Ethernet interface is enabled but not connected. This field displays the current IP address assigned to connect a PPPoE/PPTP interface. Active Sessions This field displays how many interfaces there are. Click the Detail icon to go to update its entry is detected). 160 ZyWALL USG 50...
User Manual
Page 249
Port/VID For VLAN interfaces, this field displays IP Address •... address (STATIC) or dynamically assigned (DHCP). ZyWALL USG 50 User's Guide 249 Chapter 11 Interfaces Table 62 Configuration > Network > Interface > VLAN (continued) LABEL DESCRIPTION Object Select an entry and click Object References to open a screen that shows References which the VLAN ...the IP address is not associated with any interface. Click Apply to save your changes back to the ZyWALL. This field displays the current IP address of the interface. See Section 11.3.2 on which settings use...
Port/VID For VLAN interfaces, this field displays IP Address •... address (STATIC) or dynamically assigned (DHCP). ZyWALL USG 50 User's Guide 249 Chapter 11 Interfaces Table 62 Configuration > Network > Interface > VLAN (continued) LABEL DESCRIPTION Object Select an entry and click Object References to open a screen that shows References which the VLAN ...the IP address is not associated with any interface. Click Apply to save your changes back to the ZyWALL. This field displays the current IP address of the interface. See Section 11.3.2 on which settings use...
User Manual
Page 284
A policy route defines the matching criteria and the action to open the Policy Route screen. IPPR follows the existing packet filtering facility of bandwidth available and setting a priority for more background information on or off. Figure 175 Configuration > Network > Routing > Policy Route 284 ZyWALL USG 50 User's Guide The action is taken only when all... the criteria. The actions that can include the user name, source address and incoming interface, destination address, schedule, IP protocol (ICMP, UDP, TCP, etc.) and port.
A policy route defines the matching criteria and the action to open the Policy Route screen. IPPR follows the existing packet filtering facility of bandwidth available and setting a priority for more background information on or off. Figure 175 Configuration > Network > Routing > Policy Route 284 ZyWALL USG 50 User's Guide The action is taken only when all... the criteria. The actions that can include the user name, source address and incoming interface, destination address, schedule, IP protocol (ICMP, UDP, TCP, etc.) and port.
User Manual
Page 298
... and maintain the policies for small networks (up to 15 routers). • In the ZyWALL, you can configure two sets of RIP settings before you use it in an interface. ...static routes, to specify the cost in RIP terms. • RIP uses UDP port 520. Figure 180 Configuration > Network > Routing > RIP 298 ZyWALL USG 50 User's Guide This is the shortest. Click Configuration > Network > Routing > ... routing information that is more detail in Authentication Types on page 309. • Second, the ZyWALL can use the Metric field to the RIP network. RIP is a vector-space routing protocol, ...
... and maintain the policies for small networks (up to 15 routers). • In the ZyWALL, you can configure two sets of RIP settings before you use it in an interface. ...static routes, to specify the cost in RIP terms. • RIP uses UDP port 520. Figure 180 Configuration > Network > Routing > RIP 298 ZyWALL USG 50 User's Guide This is the shortest. Click Configuration > Network > Routing > ... routing information that is more detail in Authentication Types on page 309. • Second, the ZyWALL can use the Metric field to the RIP network. RIP is a vector-space routing protocol, ...
User Manual
Page 322
... the entry's settings. 322 ZyWALL USG 50 User's Guide Table 92 Configuration > Network > NAT LABEL DESCRIPTION Add Click this screen, login to the Web Configurator and click Configuration > Network > NAT. Edit Double-click an entry or select it and click Edit to open a screen where you to... new NAT rules and edit and delete existing NAT rules. To access this to Know NAT is also known as virtual server, port forwarding, or port translation. In addition, this screen. Figure 192 Configuration > Network > NAT The following screen appears, providing a summary of all NAT...
... the entry's settings. 322 ZyWALL USG 50 User's Guide Table 92 Configuration > Network > NAT LABEL DESCRIPTION Add Click this screen, login to the Web Configurator and click Configuration > Network > NAT. Edit Double-click an entry or select it and click Edit to open a screen where you to... new NAT rules and edit and delete existing NAT rules. To access this to Know NAT is also known as virtual server, port forwarding, or port translation. In addition, this screen. Figure 192 Configuration > Network > NAT The following screen appears, providing a summary of all NAT...
User Manual
Page 334
... be a number. Table 95 Network > HTTP Redirect > Edit LABEL DESCRIPTION Enable Use this screen without saving. 334 ZyWALL USG 50 User's Guide Name Enter a name to exit this option to open the HTTP Redirect screen. Port Enter the port number that the proxy server uses. Figure 199 Network > HTTP Redirect > Edit The following table describes the...
... be a number. Table 95 Network > HTTP Redirect > Edit LABEL DESCRIPTION Enable Use this screen without saving. 334 ZyWALL USG 50 User's Guide Name Enter a name to exit this option to open the HTTP Redirect screen. Port Enter the port number that the proxy server uses. Figure 199 Network > HTTP Redirect > Edit The following table describes the...
User Manual
Page 339
... 19.1.3 Before You Begin You must enable the ALG in the ZyWALL to allow sessions initiated from the WAN. 19.2 The ALG Screen Click Configuration > Network > ALG to open the ALG screen. Figure 204 Configuration > Network > ALG ZyWALL USG 50 User's Guide 339 Chapter 19 ALG • See Section 19....3 on page 341 for a service, you must also configure the firewall and enable NAT in order to use the application patrol on , configure the port numbers to...
... 19.1.3 Before You Begin You must enable the ALG in the ZyWALL to allow sessions initiated from the WAN. 19.2 The ALG Screen Click Configuration > Network > ALG to open the ALG screen. Figure 204 Configuration > Network > ALG ZyWALL USG 50 User's Guide 339 Chapter 19 ALG • See Section 19....3 on page 341 for a service, you must also configure the firewall and enable NAT in order to use the application patrol on , configure the port numbers to...
User Manual
Page 457
...To change an entry's position in the numbered list, select it and click Activate. This field displays the specific port number to the number that defines when the policy applies. ZyWALL USG 50 User's Guide 457 This is the source address or address group for where you want to put that entry ... is active and dimmed when the entry is inactive. # This field is a sequential value, and it . any displays, the policy applies to open the Other (applications) screen. This is the destination zone of the list. This is the user name or user group to modify it is effective...
...To change an entry's position in the numbered list, select it and click Activate. This field displays the specific port number to the number that defines when the policy applies. ZyWALL USG 50 User's Guide 457 This is the source address or address group for where you want to put that entry ... is active and dimmed when the entry is inactive. # This field is a sequential value, and it . any displays, the policy applies to open the Other (applications) screen. This is the destination zone of the list. This is the user name or user group to modify it is effective...
User Manual
Page 465
... Changes to download sections of the file before you may need to open the file. Chapter 29 Anti-Virus 3 The scanning engine checks the...ZyWALL is enabled, the ZyWALL sends an alert to the file's intended destination computer(s). ZyWALL USG 50 User's Guide 465 For example, when you use FlashGet to the ZyWALL...'s anti-virus settings affect new sessions (not the sessions that already existed before a virus pattern was matched still goes through. 5 If the send alert message function is not the endpoint (pass-through VPN traffic). • Traffic through custom (non-standard) ports...
... Changes to download sections of the file before you may need to open the file. Chapter 29 Anti-Virus 3 The scanning engine checks the...ZyWALL is enabled, the ZyWALL sends an alert to the file's intended destination computer(s). ZyWALL USG 50 User's Guide 465 For example, when you use FlashGet to the ZyWALL...'s anti-virus settings affect new sessions (not the sessions that already existed before a virus pattern was matched still goes through. 5 If the send alert message function is not the endpoint (pass-through VPN traffic). • Traffic through custom (non-standard) ports...
User Manual
Page 491
...one computer to another on a network. For example, W32/Blaster and W32/Sasser are different types of searching a network for open port, say port 80 on a protocol is hidden inside apparently harmless programs or data. Scans occur on a service is a small program designed to... occur once a vulnerability has been found an open ports. A scan on a server, he looks for an exposed service. Buffer Overflow A scan on several network levels. Table 147 WEB_PHP WEB_CGI IDP Service Groups WEB_MISC WEB_ATTACKS WEB_IIS TFTP WEB_FRONTPAGE TELNET ZyWALL USG 50 User's Guide 491
...one computer to another on a network. For example, W32/Blaster and W32/Sasser are different types of searching a network for open port, say port 80 on a protocol is hidden inside apparently harmless programs or data. Scans occur on a service is a small program designed to... occur once a vulnerability has been found an open ports. A scan on a server, he looks for an exposed service. Buffer Overflow A scan on several network levels. Table 147 WEB_PHP WEB_CGI IDP Service Groups WEB_MISC WEB_ATTACKS WEB_IIS TFTP WEB_FRONTPAGE TELNET ZyWALL USG 50 User's Guide 491
User Manual
Page 511
... contains the rule's: • Action • Protocol • Source and destination IP addresses and netmasks • Source and destination ports information. Chapter 30 IDP Network Intrusions Network-based intrusions have the goal of the host virus is to the first parenthesis is compromised....are the option keywords. Host-based intrusions may want to refer to open source Snort signatures when creating custom ZyWALL ones. Snort Signatures You may be inspected to Live ttl IP Options ipopts ZyWALL USG 50 User's Guide 511 The words before the colons in parenthesis contains the...
... contains the rule's: • Action • Protocol • Source and destination IP addresses and netmasks • Source and destination ports information. Chapter 30 IDP Network Intrusions Network-based intrusions have the goal of the host virus is to the first parenthesis is compromised....are the option keywords. Host-based intrusions may want to refer to open source Snort signatures when creating custom ZyWALL ones. Snort Signatures You may be inspected to Live ttl IP Options ipopts ZyWALL USG 50 User's Guide 511 The words before the colons in parenthesis contains the...
User Manual
Page 526
...• IP Filtered Decoy Portscan • IP Filtered Portsweep 526 ZyWALL USG 50 User's Guide These are scans where the attacker has spoofed the source address. Distributed port scans occur when multiple hosts query one port scans. This may be used to -one host for a specific...port scans. These are some decoy scan types: • TCP Decoy Portscan • UDP Decoy Portscan • IP Decoy Portscan Distributed Port Scans Distributed port scans are one-to-many -to evade intrusion detection. Active network devices, such as NAT routers, may indicate that is looking for open...
...• IP Filtered Decoy Portscan • IP Filtered Portsweep 526 ZyWALL USG 50 User's Guide These are scans where the attacker has spoofed the source address. Distributed port scans occur when multiple hosts query one port scans. This may be used to -one host for a specific...port scans. These are some decoy scan types: • TCP Decoy Portscan • UDP Decoy Portscan • IP Decoy Portscan Distributed Port Scans Distributed port scans are one-to-many -to evade intrusion detection. Active network devices, such as NAT routers, may indicate that is looking for open...
User Manual
Page 624
...alphanumeric characters) as the key to save the changes. Key Enter a password (up to open a screen where you can modify the entry's settings. Click Apply to be the same...is the address of the RADIUS server entry. Server Address This is 1812. Authentication Port The default port of a RADIUS server. In this value unless your network administrator instructs you want...settings. 624 ZyWALL USG 50 User's Guide This key must be shared between 1 and 300 seconds) before doing so. The ZyWALL confirms you to remove it and click Remove. For example, o=ZyXEL, c=US. ...
...alphanumeric characters) as the key to save the changes. Key Enter a password (up to open a screen where you can modify the entry's settings. Click Apply to be the same...is the address of the RADIUS server entry. Server Address This is 1812. Authentication Port The default port of a RADIUS server. In this value unless your network administrator instructs you want...settings. 624 ZyWALL USG 50 User's Guide This key must be shared between 1 and 300 seconds) before doing so. The ZyWALL confirms you to remove it and click Remove. For example, o=ZyXEL, c=US. ...
User Manual
Page 664
...Server Type is set to RDP or VNC. Click Ok to save the changes and return to the main SSL Application Configuration screen. 664 ZyWALL USG 50 User's Guide Select this option to prevent users from this range to send traffic to the LAN computer that you want to allow the ... This field displays if the Server Type is set to RDP. Ending Port Program Path Specify the listening ports of the computer(s) that is set to open when a remote user logs into the remote desktop application. The ZyWALL uses a port number from saving the web content. Click Cancel to discard the changes and...
...Server Type is set to RDP or VNC. Click Ok to save the changes and return to the main SSL Application Configuration screen. 664 ZyWALL USG 50 User's Guide Select this option to prevent users from this range to send traffic to the LAN computer that you want to allow the ... This field displays if the Server Type is set to RDP. Ending Port Program Path Specify the listening ports of the computer(s) that is set to open when a remote user logs into the remote desktop application. The ZyWALL uses a port number from saving the web content. Click Cancel to discard the changes and...
User Manual
Page 681
... > Console Speed to the ZyWALL. ZyWALL USG 50 User's Guide 681 Figure 385 Configuration > System > Console Speed The following table describes the labels in the ZyWALL Web Configurator Status screen. Table 212 Configuration > System > Console Speed LABEL DESCRIPTION Console Port Speed Use the drop-down ...ZyWALL supports 9600, 19200, 38400, 57600, and 115200 bps (default) for the console port. Chapter 45 System 5 Under Time and Date Setup, enter a Time Server Address (Table 211 on page 35 for default console port settings. Click Apply to save your changes back to open...
... > Console Speed to the ZyWALL. ZyWALL USG 50 User's Guide 681 Figure 385 Configuration > System > Console Speed The following table describes the labels in the ZyWALL Web Configurator Status screen. Table 212 Configuration > System > Console Speed LABEL DESCRIPTION Console Port Speed Use the drop-down ...ZyWALL supports 9600, 19200, 38400, 57600, and 115200 bps (default) for the console port. Chapter 45 System 5 Under Time and Date Setup, enter a Time Server Address (Table 211 on page 35 for default console port settings. Click Apply to save your changes back to open...
User Manual
Page 691
... browser go to specify from which IP addresses the access can come from. Use this screen to port 80 (by default) on the ZyWALL's web server. You can access the ZyWALL using HTTP or HTTPS. Figure 391 HTTP/HTTPS Implementation Note: If you can also specify which zones... you disable HTTP in the WWW screen, then the ZyWALL blocks all HTTP connection attempts. 45.6.4 Configuring WWW Service Control Click Configuration > System > WWW to open the WWW screen. ZyWALL USG 50 ...
... browser go to specify from which IP addresses the access can come from. Use this screen to port 80 (by default) on the ZyWALL's web server. You can access the ZyWALL using HTTP or HTTPS. Figure 391 HTTP/HTTPS Implementation Note: If you can also specify which zones... you disable HTTP in the WWW screen, then the ZyWALL blocks all HTTP connection attempts. 45.6.4 Configuring WWW Service Control Click Configuration > System > WWW to open the WWW screen. ZyWALL USG 50 ...