User Manual
Page 26
... 46.3 Log Setting Screens ...725 46.3.1 Log Setting Summary 726 46.3.2 Edit System Log Settings 727 46.3.3 Edit Remote Server Log Settings 732 46.3.4 Active Log Summary Screen 734 Chapter 47 File Manager ...737 47.1 Overview ...737 47.1.1 What You Can Do in this Chapter 737 47.1.2 What you Need to Know... Viewing a Packet Capture File 753 Chapter 49 Reboot...755 49.1 Overview ...755 49.1.1 What You Need To Know 755 49.2 The Reboot Screen ...755 Chapter 50 Shutdown...757 50.1 Overview ...757 50.1.1 What You Need To Know 757 50.2 The Shutdown Screen ...757 26 ZyWALL USG 50 User's Guide
... 46.3 Log Setting Screens ...725 46.3.1 Log Setting Summary 726 46.3.2 Edit System Log Settings 727 46.3.3 Edit Remote Server Log Settings 732 46.3.4 Active Log Summary Screen 734 Chapter 47 File Manager ...737 47.1 Overview ...737 47.1.1 What You Can Do in this Chapter 737 47.1.2 What you Need to Know... Viewing a Packet Capture File 753 Chapter 49 Reboot...755 49.1 Overview ...755 49.1.1 What You Need To Know 755 49.2 The Reboot Screen ...755 Chapter 50 Shutdown...757 50.1 Overview ...757 50.1.1 What You Need To Know 757 50.2 The Shutdown Screen ...757 26 ZyWALL USG 50 User's Guide
User Manual
Page 34
... User's Guide provides information about the CLI. 34 ZyWALL USG 50 User's Guide Figure 4 Managing the ZyWALL: Web Configurator Command-Line Interface (CLI) The CLI allows you to use the following ways to configure the ZyWALL. See the Command Reference Guide for example, SSH ... on this port. On This port has a successful link. 1.4 Management Overview You can access it using an Internet browser. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for more information about the Web Configurator. Green Off There is no...
... User's Guide provides information about the CLI. 34 ZyWALL USG 50 User's Guide Figure 4 Managing the ZyWALL: Web Configurator Command-Line Interface (CLI) The CLI allows you to use the following ways to configure the ZyWALL. See the Command Reference Guide for example, SSH ... on this port. On This port has a successful link. 1.4 Management Overview You can access it using an Internet browser. Web Configurator The Web Configurator allows easy ZyWALL setup and management using remote management (for more information about the Web Configurator. Green Off There is no...
User Manual
Page 88
...configuring port groups. In configuration, you can use the Configuration > Objects screens to apply security settings such as firewall, IDP, remote management, antivirus, and application patrol. For a list of common objects, see Section 6.6 on page 53) to see what objects are...Basics change an Ethernet interface's IP address, the ZyWALL automatically updates the rules or settings that use interfaces and zones in configuring VPN, zones, trunks, DDNS, policy routes, static routes, HTTP redirect, and NAT. Use interfaces in configuring other features. 88 ZyWALL USG 50 User's Guide
...configuring port groups. In configuration, you can use the Configuration > Objects screens to apply security settings such as firewall, IDP, remote management, antivirus, and application patrol. For a list of common objects, see Section 6.6 on page 53) to see what objects are...Basics change an Ethernet interface's IP address, the ZyWALL automatically updates the rules or settings that use interfaces and zones in configuring VPN, zones, trunks, DDNS, policy routes, static routes, HTTP redirect, and NAT. Use interfaces in configuring other features. 88 ZyWALL USG 50 User's Guide
User Manual
Page 98
... also want to create the DMZ-2 zone, click Network > Zone and then the Add icon. 98 ZyWALL USG 50 User's Guide Each interface and VPN tunnel can use. The ZyWALL uses zones, not interfaces, in the order that they run. Chapter 6 Configuration Basics 8 For the ...firewall rules, assign an IDP profile, or configure remote management for FTP traffic. MENU ITEM(S) Configuration > Network > Routing > Static Route PREREQUISITES Interfaces 6.5.8 Zones See Section 6.2 on which they are the default WAN interfaces). Note: The ZyWALL checks the policy routes in many security settings,...
... also want to create the DMZ-2 zone, click Network > Zone and then the Add icon. 98 ZyWALL USG 50 User's Guide Each interface and VPN tunnel can use. The ZyWALL uses zones, not interfaces, in the order that they run. Chapter 6 Configuration Basics 8 For the ...firewall rules, assign an IDP profile, or configure remote management for FTP traffic. MENU ITEM(S) Configuration > Network > Routing > Static Route PREREQUISITES Interfaces 6.5.8 Zones See Section 6.2 on which they are the default WAN interfaces). Note: The ZyWALL checks the policy routes in many security settings,...
User Manual
Page 101
... rules for VoIP calls. To-ZyWALL firewall rules control access to the DMZ zone for remote management. ZyWALL USG 50 User's Guide 101 Each of traffic between or within zones. MENU ITEM(S) Configuration > Firewall Zones, schedules, users..., user groups, addresses (source, PREREQUISITES destination), address groups (source, destination), services, service groups Example: Suppose you have a SIP proxy server connected to the ZyWALL....
... rules for VoIP calls. To-ZyWALL firewall rules control access to the DMZ zone for remote management. ZyWALL USG 50 User's Guide 101 Each of traffic between or within zones. MENU ITEM(S) Configuration > Firewall Zones, schedules, users..., user groups, addresses (source, PREREQUISITES destination), address groups (source, destination), services, service groups Example: Suppose you have a SIP proxy server connected to the ZyWALL....
User Manual
Page 105
...), user settings (force user authentication), address groups, remote management (System) address group Policy routes (criteria), firewall, application patrol (source, destination), content filter, user settings (force user authentication), address groups, remote management (System) service, service group Policy routes (criteria,...SSL VPN Endpoint Security Authentication policies, SSL VPN ZyWALL USG 50 User's Guide 105 Move your cursor over a configuration object that use this information in response to changes, the ZyWALL automatically propagates the change through the features that...
...), user settings (force user authentication), address groups, remote management (System) address group Policy routes (criteria), firewall, application patrol (source, destination), content filter, user settings (force user authentication), address groups, remote management (System) service, service group Policy routes (criteria,...SSL VPN Endpoint Security Authentication policies, SSL VPN ZyWALL USG 50 User's Guide 105 Move your cursor over a configuration object that use this information in response to changes, the ZyWALL automatically propagates the change through the features that...
User Manual
Page 225
...the default WAN trunk. Enter the IP address of your LAN interface, you must manually configure a policy route to the interface. ZyWALL USG 50 User's Guide 225 Other corresponding configuration options: DHCP server and DHCP relay. This is External or General. This option appears when ...Address Description IP Address Assignment Get Automatically For General, the rest of this IP address on the same network as firewall, IDP, remote management, anti-virus, and application patrol. Enter a description of the screen's options do not automatically adjust and you should be on the...
...the default WAN trunk. Enter the IP address of your LAN interface, you must manually configure a policy route to the interface. ZyWALL USG 50 User's Guide 225 Other corresponding configuration options: DHCP server and DHCP relay. This is External or General. This option appears when ...Address Description IP Address Assignment Get Automatically For General, the rest of this IP address on the same network as firewall, IDP, remote management, anti-virus, and application patrol. Enter a description of the screen's options do not automatically adjust and you should be on the...
User Manual
Page 261
... already used elsewhere. Description Enter a description of the bridge interface. You can use zones to disable this to apply security settings such as firewall, IDP, remote management, anti-virus, and application patrol. Member Configuration Available This field displays Ethernet interfaces and VLAN interfaces that are editing the interface. An interface is read...
... already used elsewhere. Description Enter a description of the bridge interface. You can use zones to disable this to apply security settings such as firewall, IDP, remote management, anti-virus, and application patrol. Member Configuration Available This field displays Ethernet interfaces and VLAN interfaces that are editing the interface. An interface is read...
User Manual
Page 311
...tunnels. Virtual interfaces are automatically assigned to manage the ZyWALL's zones. Each Ethernet interface, VLAN interface, bridge interface, PPPoE/PPTP interface and VPN tunnel can be assigned to configure network security and network policies in the ZyWALL. ZyWALL USG 50 User's Guide 311 Figure 187 Example:... Zones 15.1.1 What You Can Do in many security and policy settings, such as the interface on page 313) to the same zone as firewall rules, Anti-X, and remote management. Zones cannot overlap...
...tunnels. Virtual interfaces are automatically assigned to manage the ZyWALL's zones. Each Ethernet interface, VLAN interface, bridge interface, PPPoE/PPTP interface and VPN tunnel can be assigned to configure network security and network policies in the ZyWALL. ZyWALL USG 50 User's Guide 311 Figure 187 Example:... Zones 15.1.1 What You Can Do in many security and policy settings, such as the interface on page 313) to the same zone as firewall rules, Anti-X, and remote management. Zones cannot overlap...
User Manual
Page 359
...apply to traffic coming from the interface and the to any rules apply to traffic going through the ZyWALL. Global Firewall Rules Firewall rules with From Any To ZyWALL direction) for traffic from an interface which is activated whenever the user logs in the order you ... you can specify users or user groups in firewall rules. ZyWALL USG 50 User's Guide 359 Firewall Rule Criteria The ZyWALL checks the schedule, user name (user's login name on page 675 for more information about service control (remote management). User Specific Firewall Rules You can set up a rule based...
...apply to traffic coming from the interface and the to any rules apply to traffic going through the ZyWALL. Global Firewall Rules Firewall rules with From Any To ZyWALL direction) for traffic from an interface which is activated whenever the user logs in the order you ... you can specify users or user groups in firewall rules. ZyWALL USG 50 User's Guide 359 Firewall Rule Criteria The ZyWALL checks the schedule, user name (user's login name on page 675 for more information about service control (remote management). User Specific Firewall Rules You can set up a rule based...
User Manual
Page 406
... router perform a new DH key exchange every time an IPSec SA is more secure. The header for remote management), not between the IP headers. With ESP, however, the ZyWALL does not include the IP header when it encapsulates the packet, so it is not possible to an IKE SA proposal (see ... Secrecy An IPSec SA proposal is the destination. • Inside header: The inside IP header contains the IP address of the computer behind the ZyWALL or remote IPSec router. Transport mode is only used when the IPSec SA is called Perfect Forward Secrecy (PFS). 406 ZyWALL USG 50 User's Guide
... router perform a new DH key exchange every time an IPSec SA is more secure. The header for remote management), not between the IP headers. With ESP, however, the ZyWALL does not include the IP header when it encapsulates the packet, so it is not possible to an IKE SA proposal (see ... Secrecy An IPSec SA proposal is the destination. • Inside header: The inside IP header contains the IP address of the computer behind the ZyWALL or remote IPSec router. Transport mode is only used when the IPSec SA is called Perfect Forward Secrecy (PFS). 406 ZyWALL USG 50 User's Guide
User Manual
Page 660
... This example shows you how to be managed must have VNC (Virtual Network Computing) or RDP (Remote Desktop Protocol) server software installed. This is http://info with the following remote desktop connection software: RDP • Windows Remote Desktop (supported in the navigation panel. 660 ZyWALL USG 50 User's Guide The ZyWALL works with web page encryption. 1 Click Configuration...
... This example shows you how to be managed must have VNC (Virtual Network Computing) or RDP (Remote Desktop Protocol) server software installed. This is http://info with the following remote desktop connection software: RDP • Windows Remote Desktop (supported in the navigation panel. 660 ZyWALL USG 50 User's Guide The ZyWALL works with web page encryption. 1 Click Configuration...
User Manual
Page 664
...number from saving the web content. Click Ok to save the changes and return to the main SSL Application Configuration screen. 664 ZyWALL USG 50 User's Guide Click Cancel to discard the changes and return to the main SSL Application Configuration screen. Web Page Encryption Ok Cancel ...Name (FQDN) of the LAN computer(s) running remote desktop server software. Starting Port This field displays if the Server Type is set to RDP. Ending Port Program Path Specify the listening ports of the computer(s) that is being remotely managed. This field displays if the Server Type ...
...number from saving the web content. Click Ok to save the changes and return to the main SSL Application Configuration screen. 664 ZyWALL USG 50 User's Guide Click Cancel to discard the changes and return to the main SSL Application Configuration screen. Web Page Encryption Ok Cancel ...Name (FQDN) of the LAN computer(s) running remote desktop server software. Starting Port This field displays if the Server Type is set to RDP. Ending Port Program Path Specify the listening ports of the computer(s) that is being remotely managed. This field displays if the Server Type ...
User Manual
Page 709
... IP address(es) in the My Certificates screen (Click My Certificates and see Chapter 41 on the screen that service for remote management. Server Certificate Select the certificate whose corresponding private key is recommended that subsequent entries move up by one when you configure SSH... select it and click Remove. Note that you disable Telnet and FTP when you take this screen. ZyWALL USG 50 User's Guide 709 Service Control This specifies from which ZyWALL zones. Version 1 Select the check box to have certificates already configured in the Service Control table to...
... IP address(es) in the My Certificates screen (Click My Certificates and see Chapter 41 on the screen that service for remote management. Server Certificate Select the certificate whose corresponding private key is recommended that subsequent entries move up by one when you configure SSH... select it and click Remove. Note that you disable Telnet and FTP when you take this screen. ZyWALL USG 50 User's Guide 709 Service Control This specifies from which ZyWALL zones. Version 1 Select the check box to have certificates already configured in the Service Control table to...
User Manual
Page 712
... or select it before doing so. Add Click this service. Server Port You may change an entry's position in this action. The ZyWALL confirms you typed. 712 ZyWALL USG 50 User's Guide Service Control This specifies from which zones Telnet can be able to create a new entry. Select an entry and click...Table 219 on the screen that matches the IP address(es) in order to remove it and click Edit to be used to configure your ZyWALL for remote management. Remove To remove an entry, select it and press [ENTER] to move up by one when you can access which IP addresses the...
... or select it before doing so. Add Click this service. Server Port You may change an entry's position in this action. The ZyWALL confirms you typed. 712 ZyWALL USG 50 User's Guide Service Control This specifies from which zones Telnet can be able to create a new entry. Select an entry and click...Table 219 on the screen that matches the IP address(es) in order to remove it and click Edit to be used to configure your ZyWALL for remote management. Remove To remove an entry, select it and press [ENTER] to move up by one when you can access which IP addresses the...
User Manual
Page 714
...up by one when you want to remove it and click Remove. Click this screen. Chapter 45 System be used to access the ZyWALL. You can also specify from which computers you must have certificates already configured in the My Certificates screen (Click My Certificates and see... an entry or select it and click Edit to be able to create a new entry after the selected entry. Note that service for remote management. ZyWALL USG 50 User's Guide Figure 419 Configuration > System > FTP 714 The following table describes the labels in the Service Control table to allow or disallow...
...up by one when you want to remove it and click Remove. Click this screen. Chapter 45 System be used to access the ZyWALL. You can also specify from which computers you must have certificates already configured in the My Certificates screen (Click My Certificates and see... an entry or select it and click Edit to be able to create a new entry after the selected entry. Note that service for remote management. ZyWALL USG 50 User's Guide Figure 419 Configuration > System > FTP 714 The following table describes the labels in the Service Control table to allow or disallow...
User Manual
Page 718
... the check box to allow or disallow the computer with each trap to access the ZyWALL using this screen. Set Community Enter the Set community, which is the password for remote management. Trap Community Type the trap community, which is the password sent with the IP ...Get and GetNext requests from the management station. The default is public and allows all requests. Destination Type the IP address of the station to send your SNMP traps to access the ZyWALL. Chapter 45 System settings, including from which ZyWALL zones. 718 ZyWALL USG 50 User's Guide You can come...
... the check box to allow or disallow the computer with each trap to access the ZyWALL using this screen. Set Community Enter the Set community, which is the password for remote management. Trap Community Type the trap community, which is the password sent with the IP ...Get and GetNext requests from the management station. The default is public and allows all requests. Destination Type the IP address of the station to send your SNMP traps to access the ZyWALL. Chapter 45 System settings, including from which ZyWALL zones. 718 ZyWALL USG 50 User's Guide You can come...
User Manual
Page 738
...ZyWALL USG 50 User's Guide If you remove the first command, you run the example as a configuration file because the rest of a command line to run CLI commands manually. Comments in Configuration Files or Shell Scripts In a configuration file or shell script, use the address group in case we want to open up remote management... mode. Table 233 Configuration Files and Shell Scripts in the ZyWALL Configuration Files (.conf) Shell Scripts (.zysh) • Resets to -ZyWALL firewall for TW_TEAM for remote management / to-ZyWALL firewall rules # use "#" or "!" This is shown below...
...ZyWALL USG 50 User's Guide If you remove the first command, you run the example as a configuration file because the rest of a command line to run CLI commands manually. Comments in Configuration Files or Shell Scripts In a configuration file or shell script, use the address group in case we want to open up remote management... mode. Table 233 Configuration Files and Shell Scripts in the ZyWALL Configuration Files (.conf) Shell Scripts (.zysh) • Resets to -ZyWALL firewall for TW_TEAM for remote management / to-ZyWALL firewall rules # use "#" or "!" This is shown below...
User Manual
Page 936
... Remote Authentication Dial-In User Service, see RADIUS remote desktop connections 660 Remote Desktop Protocol see RDP remote management CNM 720 configuration overview 106 FTP, see FTP prerequisites 106 see also service control 689 Telnet 711 to-ZyWALL firewall 359 WWW, see WWW remote network 375 remote user screen links 659 replay detection 382 reports anti-spam 203 ZyWALL USG 50...
... Remote Authentication Dial-In User Service, see RADIUS remote desktop connections 660 Remote Desktop Protocol see RDP remote management CNM 720 configuration overview 106 FTP, see FTP prerequisites 106 see also service control 689 Telnet 711 to-ZyWALL firewall 359 WWW, see WWW remote network 375 remote user screen links 659 replay detection 382 reports anti-spam 203 ZyWALL USG 50...
User Manual
Page 940
...TightVNC 660 time 676 time servers (default) 679 time to live 498 timestamp 498 token 618 to-ZyWALL firewall 358 and NAT 327 and NAT traversal (VPN) 768 and OSPF 300 and remote management 359 and RIP 298 and service control 689 and VPN 768 global rules 358 see also firewall 358...770 anti-virus 760, 763 anti-virus signatures update 760 application patrol 760, 766, 769 application patrol signatures update 760 bandwidth limit 763 bandwidth management 763 cellular 762 certificate 771 configuration file 772 connection resets 766 content filter 760 DDNS 765 device access 759 ZyWALL USG 50 User's Guide
...TightVNC 660 time 676 time servers (default) 679 time to live 498 timestamp 498 token 618 to-ZyWALL firewall 358 and NAT 327 and NAT traversal (VPN) 768 and OSPF 300 and remote management 359 and RIP 298 and service control 689 and VPN 768 global rules 358 see also firewall 358...770 anti-virus 760, 763 anti-virus signatures update 760 application patrol 760, 766, 769 application patrol signatures update 760 bandwidth limit 763 bandwidth management 763 cellular 762 certificate 771 configuration file 772 connection resets 766 content filter 760 DDNS 765 device access 759 ZyWALL USG 50 User's Guide