User Manual
Page 4
... www.zyxel.com for additional support documentation and product certifications. About This User's Guide • Web Configurator Online Help Click the help icon in any screen for help in order to better understand how to previously asked questions about your product. • Knowledge Base If you have a specific question about ZyXEL products. 4 ZyWALL USG 50 User...
... www.zyxel.com for additional support documentation and product certifications. About This User's Guide • Web Configurator Online Help Click the help icon in any screen for help in order to better understand how to previously asked questions about your product. • Knowledge Base If you have a specific question about ZyXEL products. 4 ZyWALL USG 50 User...
User Manual
Page 5
...Support Should problems arise that the information in which you should contact your experiences as well. See http://www.zyxel.com/web/contact_us.php for the region in this book may differ slightly from others who use ZyXEL products and share your vendor. About This User's Guide • Forum This contains discussions on ZyXEL... you cannot contact your device. If you installed updated firmware/software for your vendor, then contact a ZyXEL office for contact information. ZyWALL USG 50 User's Guide 5 Learn from the product due to differences in this manual is accurate.
...Support Should problems arise that the information in which you should contact your experiences as well. See http://www.zyxel.com/web/contact_us.php for the region in this book may differ slightly from others who use ZyXEL products and share your vendor. About This User's Guide • Forum This contains discussions on ZyXEL... you cannot contact your device. If you installed updated firmware/software for your vendor, then contact a ZyXEL office for contact information. ZyWALL USG 50 User's Guide 5 Learn from the product due to differences in this manual is accurate.
User Manual
Page 25
...45.6.6 Customizing the WWW Login Page 695 45.6.7 HTTPS Example ...699 45.7 SSH ...706 45.7.1 How SSH Works ...707 45.7.2 SSH Implementation on the ZyWALL 708 45.7.3 Requirements for Using SSH 708 45.7.4 Configuring SSH ...708 45.7.5 Secure Telnet Using SSH Examples 710 45.8 Telnet ...711 45.8.1 Configuring Telnet ...712 45.9 FTP ...713 45.9.1 Configuring FTP ...713 45.10 SNMP ...715 45.10.1 Supported MIBs 717 45.10.2 SNMP Traps ...717 45.10.3 Configuring SNMP 717 45.11 Vantage CNM ...719 ZyWALL USG 50 User's Guide 25
...45.6.6 Customizing the WWW Login Page 695 45.6.7 HTTPS Example ...699 45.7 SSH ...706 45.7.1 How SSH Works ...707 45.7.2 SSH Implementation on the ZyWALL 708 45.7.3 Requirements for Using SSH 708 45.7.4 Configuring SSH ...708 45.7.5 Secure Telnet Using SSH Examples 710 45.8 Telnet ...711 45.8.1 Configuring Telnet ...712 45.9 FTP ...713 45.9.1 Configuring FTP ...713 45.10 SNMP ...715 45.10.1 Supported MIBs 717 45.10.2 SNMP Traps ...717 45.10.3 Configuring SNMP 717 45.11 Vantage CNM ...719 ZyWALL USG 50 User's Guide 25
User Manual
Page 32
... the included bracket screws (smaller than the rack-mounting screws). 2 Attach the other equipment. Figure 1 Attaching Mounting Brackets and Screws 32 ZyWALL USG 50 User's Guide Make sure the rack will safely support the combined weight of all necessary precautions to use the proper screws may damage the unit. 1.2.1 Rack-Mounted Installation Procedure 1 Align...
... the included bracket screws (smaller than the rack-mounting screws). 2 Attach the other equipment. Figure 1 Attaching Mounting Brackets and Screws 32 ZyWALL USG 50 User's Guide Make sure the rack will safely support the combined weight of all necessary precautions to use the proper screws may damage the unit. 1.2.1 Rack-Mounted Installation Procedure 1 Align...
User Manual
Page 49
...Menu Screens Summary (continued) FOLDER OR LINK TAB FUNCTION Interface Port Role Use this screen to each supported interface. DDNS Profile Define and manage the ZyWALL's DDNS domain names. IP/MAC Binding Summary Configure IP to MAC address bindings for load balancing and...Trunk Create and manage trunks (groups of concurrent client NAT/firewall sessions. Zone Configure zones used to all connections. ZyWALL USG 50 User's Guide 49 Routing Policy Route Create and manage routing policies. Static Route Create and manage IP static routing information...
...Menu Screens Summary (continued) FOLDER OR LINK TAB FUNCTION Interface Port Role Use this screen to each supported interface. DDNS Profile Define and manage the ZyWALL's DDNS domain names. IP/MAC Binding Summary Configure IP to MAC address bindings for load balancing and...Trunk Create and manage trunks (groups of concurrent client NAT/firewall sessions. Zone Configure zones used to all connections. ZyWALL USG 50 User's Guide 49 Routing Policy Route Create and manage routing policies. Static Route Create and manage IP static routing information...
User Manual
Page 89
... interfaces, and virtual bridge interfaces. 6.2.2 Default Interface and Zone Configuration This section introduces the ZyWALL's default zone member physical interfaces and the default configuration of interfaces in the ZyWALL. ZyWALL USG 50 User's Guide 89 Then, you use the Interface > Port Roles screen to set multiple ...Port groups are created when you can only be part of the same (lan1, lan2 or dmz) interface. • PPP interfaces support Point-to configure zone-level security between Ethernet or VLAN interfaces at the layer2 (data link, MAC address) level. There are ...
... interfaces, and virtual bridge interfaces. 6.2.2 Default Interface and Zone Configuration This section introduces the ZyWALL's default zone member physical interfaces and the default configuration of interfaces in the ZyWALL. ZyWALL USG 50 User's Guide 89 Then, you use the Interface > Port Roles screen to set multiple ...Port groups are created when you can only be part of the same (lan1, lan2 or dmz) interface. • PPP interfaces support Point-to configure zone-level security between Ethernet or VLAN interfaces at the layer2 (data link, MAC address) level. There are ...
User Manual
Page 96
... > Registration PREREQUISITES Internet access to myZyXEL.com 6.5.3 Licensing Update Use these screens to register your ZyWALL and subscribe to services like antivirus, IDP and application patrol, more SSL VPN tunnels, and content...support Ethernet, PPPoE/PPTP, cellular, VLAN, and bridge interfaces. MENU ITEM(S) Configuration > Network > Interface (except Network > Interface > Trunk) PREREQUISITES Port groups (configured in the DMZ zone and uses a private IP address. To configure dmz's settings, click Network > Interface > Ethernet and then the dmz's Edit icon. 96 ZyWALL USG 50...
... > Registration PREREQUISITES Internet access to myZyXEL.com 6.5.3 Licensing Update Use these screens to register your ZyWALL and subscribe to services like antivirus, IDP and application patrol, more SSL VPN tunnels, and content...support Ethernet, PPPoE/PPTP, cellular, VLAN, and bridge interfaces. MENU ITEM(S) Configuration > Network > Interface (except Network > Interface > Trunk) PREREQUISITES Port groups (configured in the DMZ zone and uses a private IP address. To configure dmz's settings, click Network > Interface > Ethernet and then the dmz's Edit icon. 96 ZyWALL USG 50...
User Manual
Page 216
... specific to the same zone. • Layer-3 virtualization (IP alias, for defining other types of interfaces--Ethernet, PPP, cellular, VLAN, bridge, and 216 ZyWALL USG 50 User's Guide You can belong to each type of interface). • An interface is a logical entity through which (layer-3) packets pass. • An ...be associated with one zone. • Many interfaces can also assign an IP address and subnet mask to the bridge. • PPP interfaces support Point-to the same port role forms a port group. See Section 11.2 on page 218 and Chapter 12 on page 271 for 3G ...
... specific to the same zone. • Layer-3 virtualization (IP alias, for defining other types of interfaces--Ethernet, PPP, cellular, VLAN, bridge, and 216 ZyWALL USG 50 User's Guide You can belong to each type of interface). • An interface is a logical entity through which (layer-3) packets pass. • An ...be associated with one zone. • Many interfaces can also assign an IP address and subnet mask to the bridge. • PPP interfaces support Point-to the same port role forms a port group. See Section 11.2 on page 218 and Chapter 12 on page 271 for 3G ...
User Manual
Page 220
They restrict the amount of configuration and management. The ZyWALL supports two routing protocols, RIP and OSPF. Figure 152 Configuration > Network > Interface > Ethernet (USG 20W) 220 ZyWALL USG 50 User's Guide Chapter 11 Interfaces Unlike other types of interfaces in many ways. The more routing...similar to control which physical ports exchange routing information with other routers and how much information is effectively removed from the ZyWALL, but you delete any physical ports assigned to make routing decisions. However, the routers also generate more efficient the ...
They restrict the amount of configuration and management. The ZyWALL supports two routing protocols, RIP and OSPF. Figure 152 Configuration > Network > Interface > Ethernet (USG 20W) 220 ZyWALL USG 50 User's Guide Chapter 11 Interfaces Unlike other types of interfaces in many ways. The more routing...similar to control which physical ports exchange routing information with other routers and how much information is effectively removed from the ZyWALL, but you delete any physical ports assigned to make routing decisions. However, the routers also generate more efficient the ...
User Manual
Page 222
...or do both. • Select which version of RIP to support in each direction - The ZyWALL can use subnet broadcasting or multicasting. The ZyWALL supports RIP-1, RIP-2, and both . • Set the priority used by RIP-2 packets - The ZyWALL can use Ethernet interfaces to do the following things. •...physical port or port group. • Select the area to identify the DR or BDR if one does not exist. 222 ZyWALL USG 50 User's Guide The ZyWALL can receive routing information, send routing information, or do both versions. • Select the broadcasting method used to which the ...
...or do both. • Select which version of RIP to support in each direction - The ZyWALL can use subnet broadcasting or multicasting. The ZyWALL supports RIP-1, RIP-2, and both . • Set the priority used by RIP-2 packets - The ZyWALL can use Ethernet interfaces to do the following things. •...physical port or port group. • Select the area to identify the DR or BDR if one does not exist. 222 ZyWALL USG 50 User's Guide The ZyWALL can receive routing information, send routing information, or do both versions. • Select the broadcasting method used to which the ...
User Manual
Page 242
... outgoing calls. however, PAP is readily available on more secure than None. User Name PAP - Your ZyWALL accepts PAP requests only. This field displays when you select an authentication type other than PAP; If this...card exactly as the service provider gave it to you select an authentication type other than None. The ZyWALL supports PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol). This field is configurable, enter ... if your ISP disabled PIN code authentication, enter an arbitrary number. 242 ZyWALL USG 50 User's Guide
... outgoing calls. however, PAP is readily available on more secure than None. User Name PAP - Your ZyWALL accepts PAP requests only. This field displays when you select an authentication type other than PAP; If this...card exactly as the service provider gave it to you select an authentication type other than None. The ZyWALL supports PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol). This field is configurable, enter ... if your ISP disabled PIN code authentication, enter an arbitrary number. 242 ZyWALL USG 50 User's Guide
User Manual
Page 257
...To use the whole ZyWALL as a transparent bridge, add all of the bridge interface. Virtual interfaces are automatically added to or remove from the routing table and adds the bridge interface's entries to the routing table. The bridge interfaces also support more functions, like interface...Ethernet interfaces (and any associated virtual Ethernet interfaces) When you create bridge interface br0 (250.250.250.0/23) between lan1 and vlan1. ZyWALL USG 50 User's Guide 257 Table 65 Example: Bridge Table After Computer B Responds to Computer A MAC ADDRESS PORT 0A:0A:0A:0A:0A:0A...
...To use the whole ZyWALL as a transparent bridge, add all of the bridge interface. Virtual interfaces are automatically added to or remove from the routing table and adds the bridge interface's entries to the routing table. The bridge interfaces also support more functions, like interface...Ethernet interfaces (and any associated virtual Ethernet interfaces) When you create bridge interface br0 (250.250.250.0/23) between lan1 and vlan1. ZyWALL USG 50 User's Guide 257 Table 65 Example: Bridge Table After Computer B Responds to Computer A MAC ADDRESS PORT 0A:0A:0A:0A:0A:0A...
User Manual
Page 267
... assign the IP address and subnet mask manually. ZyWALL USG 50 User's Guide 267 In PPPoE/PPTP interfaces, the other computer is a point-to the network. • Ingress bandwidth sets the amount of writing, the ZyWALL does not support ingress bandwidth management. However, if there is possible... for each interface. • Egress bandwidth sets the amount of traffic the ZyWALL sends out through the interface to -point interface.
... assign the IP address and subnet mask manually. ZyWALL USG 50 User's Guide 267 In PPPoE/PPTP interfaces, the other computer is a point-to the network. • Ingress bandwidth sets the amount of writing, the ZyWALL does not support ingress bandwidth management. However, if there is possible... for each interface. • Egress bandwidth sets the amount of traffic the ZyWALL sends out through the interface to -point interface.
User Manual
Page 270
...; PPPoE does not usually require any special configuration of several network services. This makes it easier for the service provider to make sure that firewalls support both PPTP sessions. 270 ZyWALL USG 50 User's Guide
...; PPPoE does not usually require any special configuration of several network services. This makes it easier for the service provider to make sure that firewalls support both PPTP sessions. 270 ZyWALL USG 50 User's Guide
User Manual
Page 297
... manage OSPF areas. • Use the OSPF Area Add/Edit screen (see Section 14.3.2 on routing protocols. ZyWALL USG 50 User's Guide 297 CHAPTER 14 Routing Protocols 14.1 Routing Protocols Overview Routing protocols give the ZyWALL routing information about the network from other routers. See Section 6.6 on page 105 for background information on page... used in networks using multiple routers like campuses or large enterprises. 14.1.1 What You Can Do in the routing table it uses to Know The ZyWALL supports two standards, RIP and OSPF, for routing protocols.
... manage OSPF areas. • Use the OSPF Area Add/Edit screen (see Section 14.3.2 on routing protocols. ZyWALL USG 50 User's Guide 297 CHAPTER 14 Routing Protocols 14.1 Routing Protocols Overview Routing protocols give the ZyWALL routing information about the network from other routers. See Section 6.6 on page 105 for background information on page... used in networks using multiple routers like campuses or large enterprises. 14.1.1 What You Can Do in the routing table it uses to Know The ZyWALL supports two standards, RIP and OSPF, for routing protocols.
User Manual
Page 300
... to which it is also more areas. It does not have any routing information about the OSPF AS and networks outside the OSPF AS. 300 ZyWALL USG 50 User's Guide It relies on a default route to send information outside the OSPF AS. • A Not So Stubby Area (NSSA, RFC ... networks. All other areas. Chapter 14 Routing Protocols System (AS). OSPF offers some advantages over vector-space routing protocols like RIP. • OSPF supports variable-length subnet masks, which can be expressed as an integer or as the loss of a router, more quickly. • OSPF considers several...
... to which it is also more areas. It does not have any routing information about the OSPF AS and networks outside the OSPF AS. 300 ZyWALL USG 50 User's Guide It relies on a default route to send information outside the OSPF AS. • A Not So Stubby Area (NSSA, RFC ... networks. All other areas. Chapter 14 Routing Protocols System (AS). OSPF offers some advantages over vector-space routing protocols like RIP. • OSPF supports variable-length subnet masks, which can be expressed as an integer or as the loss of a router, more quickly. • OSPF considers several...
User Manual
Page 309
Please see the respective interface sections for RIP and OSPF routing protocols: • None - ZyWALL USG 50 User's Guide 309 The transmitting and receiving routers must have to update the authentication information for the area to encrypt the received ... in RIP version 1. This method is usually used . • Text - In RIP version 2, you set to prevent network problems. • MD5 - The ZyWALL supports three types of routing updates. For RIP, authentication is sent over the network. Alternatively, you can override the default in an interface or virtual link...
Please see the respective interface sections for RIP and OSPF routing protocols: • None - ZyWALL USG 50 User's Guide 309 The transmitting and receiving routers must have to update the authentication information for the area to encrypt the received ... in RIP version 1. This method is usually used . • Text - In RIP version 2, you set to prevent network problems. • MD5 - The ZyWALL supports three types of routing updates. For RIP, authentication is sent over the network. Alternatively, you can override the default in an interface or virtual link...
User Manual
Page 315
... What You Need to Know DNS maps a domain name to edit the configuration of writing, the ZyWALL supports the following DNS service providers. As a result, anyone can use the domain name to contact you...SUPPORTED WEBSITE DynDNS Dynamic DNS, Static DNS, and Custom DNS www.dyndns.com Dynu Basic, Premium www.dynu.com No-IP No-IP www.no-ip.com Peanut Hull Peanut Hull www.oray.cn 3322 3322 Dynamic DNS, 3322 Static DNS www.3322.org ZyWALL USG 50... User's Guide 315 Similarly, dynamic DNS maps a domain name to use a domain name with the ZyWALL.
... What You Need to Know DNS maps a domain name to edit the configuration of writing, the ZyWALL supports the following DNS service providers. As a result, anyone can use the domain name to contact you...SUPPORTED WEBSITE DynDNS Dynamic DNS, Static DNS, and Custom DNS www.dyndns.com Dynu Basic, Premium www.dynu.com No-IP No-IP www.no-ip.com Peanut Hull Peanut Hull www.oray.cn 3322 3322 Dynamic DNS, 3322 Static DNS www.3322.org ZyWALL USG 50... User's Guide 315 Similarly, dynamic DNS maps a domain name to use a domain name with the ZyWALL.
User Manual
Page 325
...on which translated destination IP address this NAT rule supports. Select this to create a virtual interface for the NAT rule must be an Ethernet, VLAN, bridge, or PPPoE/PPTP interface. Select to access the server. ZyWALL USG 50 User's Guide 325 Virtual Server - Select the interface... on a private network behind the ZyWALL available to perform. It can be received. Specify the destination IP address of the...
...on which translated destination IP address this NAT rule supports. Select this to create a virtual interface for the NAT rule must be an Ethernet, VLAN, bridge, or PPPoE/PPTP interface. Select to access the server. ZyWALL USG 50 User's Guide 325 Virtual Server - Select the interface... on a private network behind the ZyWALL available to perform. It can be received. Specify the destination IP address of the...
User Manual
Page 326
... to forward traffic from the users to packets received on the rule's specified incoming interface. 326 ZyWALL USG 50 User's Guide this NAT rule supports. Enter the beginning of the range of original destination ports this NAT rule supports a range of translated destination ports if this NAT rule forwards packets. Enter the beginning of the...
... to forward traffic from the users to packets received on the rule's specified incoming interface. 326 ZyWALL USG 50 User's Guide this NAT rule supports. Enter the beginning of the range of original destination ports this NAT rule supports a range of translated destination ports if this NAT rule forwards packets. Enter the beginning of the...