User Manual
Page 3
...highly recommended you how to configure the ZyWALL. About This User's Guide About This User's Guide Intended Audience This manual is intended for detailed information on essential terms used in the Web Configurator. E-mail techwriters@zyxel.com.tw if you cannot find specific information in this guide, use the Command-Line Interface (... 109 for detailed information on page 31 chapter for an overview of Contents, the Index, or search the PDF file. ZyWALL USG 50 User's Guide 3 Read each screen.) It also contains a connection diagram and package contents list. • CLI Reference...
...highly recommended you how to configure the ZyWALL. About This User's Guide About This User's Guide Intended Audience This manual is intended for detailed information on essential terms used in the Web Configurator. E-mail techwriters@zyxel.com.tw if you cannot find specific information in this guide, use the Command-Line Interface (... 109 for detailed information on page 31 chapter for an overview of Contents, the Index, or search the PDF file. ZyWALL USG 50 User's Guide 3 Read each screen.) It also contains a connection diagram and package contents list. • CLI Reference...
User Manual
Page 4
... how to use e-mail instead. E-mail: techwriters@zyxel.com.tw Need More Help? Send all User Guide-related comments, questions or suggestions for improvement to previously asked questions about your product. • Knowledge Base If you have a specific question about ZyXEL products. 4 ZyWALL USG 50 User's Guide This is available at www.zyxel.com. • Download Library Search for additional...
... how to use e-mail instead. E-mail: techwriters@zyxel.com.tw Need More Help? Send all User Guide-related comments, questions or suggestions for improvement to previously asked questions about your product. • Knowledge Base If you have a specific question about ZyXEL products. 4 ZyWALL USG 50 User's Guide This is available at www.zyxel.com. • Download Library Search for additional...
User Manual
Page 5
Every effort has been made to ensure that the information in this book may differ slightly from others who use ZyXEL products and share your vendor. Please have the following information ready when you contact an office. • Product model and serial ...device. See http://www.zyxel.com/web/contact_us.php for the region in this manual is accurate. Learn from the product due to solve it. If you installed updated firmware/software for your vendor, then contact a ZyXEL office for contact information. ZyWALL USG 50 User's Guide 5 About This User's Guide • Forum This ...
Every effort has been made to ensure that the information in this book may differ slightly from others who use ZyXEL products and share your vendor. Please have the following information ready when you contact an office. • Product model and serial ...device. See http://www.zyxel.com/web/contact_us.php for the region in this manual is accurate. Learn from the product due to solve it. If you installed updated firmware/software for your vendor, then contact a ZyXEL office for contact information. ZyWALL USG 50 User's Guide 5 About This User's Guide • Forum This ...
User Manual
Page 6
...; Product labels, screen names, field labels and field choices are shown in other words". 6 ZyWALL USG 50 User's Guide Syntax Conventions • The ZyWALL may be referred to as the "ZyWALL", the "device", the "system" or the "product" in this User's Guide. For example, "k" for kilo may denote "1000" or "1024", "M" for mega may denote "1000000" or "1048576" and...
...; Product labels, screen names, field labels and field choices are shown in other words". 6 ZyWALL USG 50 User's Guide Syntax Conventions • The ZyWALL may be referred to as the "ZyWALL", the "device", the "system" or the "product" in this User's Guide. For example, "k" for kilo may denote "1000" or "1024", "M" for mega may denote "1000000" or "1048576" and...
User Manual
Page 7
ZyWALL Computer Notebook computer Server Firewall Telephone Switch Router ZyWALL USG 50 User's Guide 7 The ZyWALL icon is not an exact representation of your device. Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons.
ZyWALL Computer Notebook computer Server Firewall Telephone Switch Router ZyWALL USG 50 User's Guide 7 The ZyWALL icon is not an exact representation of your device. Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons.
User Manual
Page 8
... to connect the cables to the correct ports. • Place connecting cables carefully so that used electrical and electronic products should not be treated separately. 8 ZyWALL USG 50 User's Guide There is known as insufficient airflow may harm your device. Dispose them . • Always disconnect all the connections are indoors. WEEE stands for example, in...
... to connect the cables to the correct ports. • Place connecting cables carefully so that used electrical and electronic products should not be treated separately. 8 ZyWALL USG 50 User's Guide There is known as insufficient airflow may harm your device. Dispose them . • Always disconnect all the connections are indoors. WEEE stands for example, in...
User Manual
Page 9
Contents Overview Contents Overview User's Guide ...29 Introducing the ZyWALL ...31 Features and Applications ...37 Web Configurator ...43 Installation Setup Wizard ...59 Quick Setup ...69 Configuration Basics ...87 Tutorials ...109...MAC Binding ...343 Authentication Policy ...349 Firewall ...357 IPSec VPN ...375 SSL VPN ...411 SSL User Screens ...421 SSL User Application Screens 431 ZyWALL SecuExtender ...433 Application Patrol ...437 Anti-Virus ...463 IDP ...479 ADP ...513 Content Filtering ...533 Content Filter Reports ...557 Anti-Spam ...565 User/Group ...583 ZyWALL USG 50 User's Guide 9
Contents Overview Contents Overview User's Guide ...29 Introducing the ZyWALL ...31 Features and Applications ...37 Web Configurator ...43 Installation Setup Wizard ...59 Quick Setup ...69 Configuration Basics ...87 Tutorials ...109...MAC Binding ...343 Authentication Policy ...349 Firewall ...357 IPSec VPN ...375 SSL VPN ...411 SSL User Screens ...421 SSL User Application Screens 431 ZyWALL SecuExtender ...433 Application Patrol ...437 Anti-Virus ...463 IDP ...479 ADP ...513 Content Filtering ...533 Content Filter Reports ...557 Anti-Spam ...565 User/Group ...583 ZyWALL USG 50 User's Guide 9
User Manual
Page 10
Contents Overview Addresses ...599 Services ...605 Schedules ...611 AAA Server ...617 Authentication Method ...627 Certificates ...633 ISP Accounts ...655 SSL Application ...659 Endpoint Security ...665 System ...675 Log and Report ...723 File Manager ...737 Diagnostics ...749 Reboot ...755 Shutdown ...757 Troubleshooting ...759 Product Specifications ...775 10 ZyWALL USG 50 User's Guide
Contents Overview Addresses ...599 Services ...605 Schedules ...611 AAA Server ...617 Authentication Method ...627 Certificates ...633 ISP Accounts ...655 SSL Application ...659 Endpoint Security ...665 System ...675 Log and Report ...723 File Manager ...737 Diagnostics ...749 Reboot ...755 Shutdown ...757 Troubleshooting ...759 Product Specifications ...775 10 ZyWALL USG 50 User's Guide
User Manual
Page 11
... the ZyWALL 35 Chapter 2 Features and Applications ...37 2.1 Features ...37 2.2 Applications ...39 2.2.1 VPN Connectivity ...40 2.2.2 SSL VPN Network Access 40 2.2.3 User-Aware Access Control 42 2.2.4 Multiple WAN Interfaces 42 Chapter 3 Web Configurator...43 3.1 Web Configurator Requirements 43 3.2 Web Configurator Access ...43 3.3 Web Configurator Screens Overview 45 3.3.1 Title Bar ...45 3.3.2 Navigation Panel ...47 ZyWALL USG 50 User's Guide...
... the ZyWALL 35 Chapter 2 Features and Applications ...37 2.1 Features ...37 2.2 Applications ...39 2.2.1 VPN Connectivity ...40 2.2.2 SSL VPN Network Access 40 2.2.3 User-Aware Access Control 42 2.2.4 Multiple WAN Interfaces 42 Chapter 3 Web Configurator...43 3.1 Web Configurator Requirements 43 3.2 Web Configurator Access ...43 3.3 Web Configurator Screens Overview 45 3.3.1 Title Bar ...45 3.3.2 Navigation Panel ...47 ZyWALL USG 50 User's Guide...
User Manual
Page 12
... 6 Configuration Basics...87 6.1 Object-based Configuration 87 6.2 Zones, Interfaces, and Physical Ports 88 6.2.1 Interface Types ...89 6.2.2 Default Interface and Zone Configuration 89 6.3 Terminology in the ZyWALL 91 12 ZyWALL USG 50 User's Guide
... 6 Configuration Basics...87 6.1 Object-based Configuration 87 6.2 Zones, Interfaces, and Physical Ports 88 6.2.1 Interface Types ...89 6.2.2 Default Interface and Zone Configuration 89 6.3 Terminology in the ZyWALL 91 12 ZyWALL USG 50 User's Guide
User Manual
Page 13
...18 Anti-Virus ...103 6.5.19 IDP ...103 6.5.20 ADP ...103 6.5.21 Content Filter ...104 6.5.22 Anti-Spam ...104 6.6 Objects ...105 6.6.1 User/Group ...106 6.7 System ...106 6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Vantage CNM 106 6.7.2 Logs and Reports ...107 6.7.3 File Manager...Roles 111 7.1.3 Configure the DMZ Interface for a Local Network 111 7.1.4 Configure Zones ...112 7.2 How to Configure a Cellular Interface 113 ZyWALL USG 50 User's Guide 13 Table of Contents 6.4 Packet Flow ...91 6.4.1 Routing Table Checking Flow 92 6.4.2 NAT Table Checking Flow 94 6.5 Feature Configuration Overview...
...18 Anti-Virus ...103 6.5.19 IDP ...103 6.5.20 ADP ...103 6.5.21 Content Filter ...104 6.5.22 Anti-Spam ...104 6.6 Objects ...105 6.6.1 User/Group ...106 6.7 System ...106 6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Vantage CNM 106 6.7.2 Logs and Reports ...107 6.7.3 File Manager...Roles 111 7.1.3 Configure the DMZ Interface for a Local Network 111 7.1.4 Configure Zones ...112 7.2 How to Configure a Cellular Interface 113 ZyWALL USG 50 User's Guide 13 Table of Contents 6.4 Packet Flow ...91 6.4.1 Routing Table Checking Flow 92 6.4.2 NAT Table Checking Flow 94 6.5 Feature Configuration Overview...
User Manual
Page 14
... 124 7.5.4 Web Surfing Policies With Bandwidth Restrictions 126 7.5.5 Set Up MSN Policies 129 7.5.6 Set Up Firewall Rules 130 7.6 How to Use a RADIUS Server to Authenticate User Accounts based on Groups 131 7.7 How to Use Endpoint Security and Authentication Policies 133 7.7.1 Configure the Endpoint Security Objects 133 7.7.2 Configure the Authentication Policy 135... 152 7.12.1 Create the Public IP Address Range Object 152 7.12.2 Configure the Policy Route 153 Part II: Technical Reference 155 Chapter 8 Dashboard ...157 14 ZyWALL USG 50 User's Guide
... 124 7.5.4 Web Surfing Policies With Bandwidth Restrictions 126 7.5.5 Set Up MSN Policies 129 7.5.6 Set Up Firewall Rules 130 7.6 How to Use a RADIUS Server to Authenticate User Accounts based on Groups 131 7.7 How to Use Endpoint Security and Authentication Policies 133 7.7.1 Configure the Endpoint Security Objects 133 7.7.2 Configure the Authentication Policy 135... 152 7.12.1 Create the Public IP Address Range Object 152 7.12.2 Configure the Policy Route 153 Part II: Technical Reference 155 Chapter 8 Dashboard ...157 14 ZyWALL USG 50 User's Guide
User Manual
Page 15
...Active Sessions Screen 164 8.2.4 The VPN Status Screen 165 8.2.5 The DHCP Table Screen 165 8.2.6 The Number of Login Users Screen 166 Chapter 9 Monitor...169 9.1 Overview ...169 9.1.1 What You Can Do in this Chapter 169 9.2 The Port... 9.5 The Session Monitor Screen 178 9.6 The DDNS Status Screen 181 9.7 IP/MAC Binding Monitor ...181 9.8 The Login Users Screen 182 9.9 Cellular Status Screen ...183 9.9.1 More Information ...185 9.10 Application Patrol Statistics 186 9.10.1 Application Patrol ...Screen ...206 Chapter 10 Registration ...209 10.1 Overview ...209 ZyWALL USG 50 User's Guide 15
...Active Sessions Screen 164 8.2.4 The VPN Status Screen 165 8.2.5 The DHCP Table Screen 165 8.2.6 The Number of Login Users Screen 166 Chapter 9 Monitor...169 9.1 Overview ...169 9.1.1 What You Can Do in this Chapter 169 9.2 The Port... 9.5 The Session Monitor Screen 178 9.6 The DDNS Status Screen 181 9.7 IP/MAC Binding Monitor ...181 9.8 The Login Users Screen 182 9.9 Cellular Status Screen ...183 9.9.1 More Information ...185 9.10 Application Patrol Statistics 186 9.10.1 Application Patrol ...Screen ...206 Chapter 10 Registration ...209 10.1 Overview ...209 ZyWALL USG 50 User's Guide 15
User Manual
Page 16
... Routes Overview 281 13.1.1 What You Can Do in this Chapter 281 13.1.2 What You Need to Know 282 13.2 Policy Route Screen ...284 16 ZyWALL USG 50 User's Guide
... Routes Overview 281 13.1.1 What You Can Do in this Chapter 281 13.1.2 What You Need to Know 282 13.2 Policy Route Screen ...284 16 ZyWALL USG 50 User's Guide
User Manual
Page 17
... to Know 322 17.2 The NAT Screen ...322 17.2.1 The NAT Add/Edit Screen 324 17.3 NAT Technical Reference 327 Chapter 18 HTTP Redirect ...331 ZyWALL USG 50 User's Guide 17
... to Know 322 17.2 The NAT Screen ...322 17.2.1 The NAT Add/Edit Screen 324 17.3 NAT Technical Reference 327 Chapter 18 HTTP Redirect ...331 ZyWALL USG 50 User's Guide 17
User Manual
Page 18
... 22.1.4 Firewall Rule Configuration Example 363 22.2 The Firewall Screen ...365 22.2.1 Configuring the Firewall Screen 366 22.2.2 The Firewall Add/Edit Screen 369 18 ZyWALL USG 50 User's Guide
... 22.1.4 Firewall Rule Configuration Example 363 22.2 The Firewall Screen ...365 22.2.1 Configuring the Firewall Screen 366 22.2.2 The Firewall Add/Edit Screen 369 18 ZyWALL USG 50 User's Guide
User Manual
Page 19
... You Need to Know 421 25.2 Remote User Login ...422 25.3 The SSL VPN User Screens 427 25.4 Bookmarking the ZyWALL 428 25.5 Logging Out of the SSL VPN User Screens 428 Chapter 26 SSL User Application Screens 431 26.1 SSL User Application Screens Overview 431 26.2 The Application Screen 431 Chapter 27 ZyWALL SecuExtender...433 ZyWALL USG 50 User's Guide 19
... You Need to Know 421 25.2 Remote User Login ...422 25.3 The SSL VPN User Screens 427 25.4 Bookmarking the ZyWALL 428 25.5 Logging Out of the SSL VPN User Screens 428 Chapter 26 SSL User Application Screens 431 26.1 SSL User Application Screens Overview 431 26.2 The Application Screen 431 Chapter 27 ZyWALL SecuExtender...433 ZyWALL USG 50 User's Guide 19
User Manual
Page 20
... Icon 433 27.2 Statistics ...434 27.3 View Log ...435 27.4 Suspend and Resume the Connection 435 27.5 Stop the Connection ...436 27.6 Uninstalling the ZyWALL SecuExtender 436 Chapter 28 Application Patrol ...437 28.1 Overview ...437 28.1.1 What You Can Do in this Chapter 437 28.1.2 What You Need to Know ... Need To Know 479 30.1.3 Before You Begin 480 30.2 The IDP General Screen 481 30.3 Introducing IDP Profiles 483 30.3.1 Base Profiles ...484 20 ZyWALL USG 50 User's Guide
... Icon 433 27.2 Statistics ...434 27.3 View Log ...435 27.4 Suspend and Resume the Connection 435 27.5 Stop the Connection ...436 27.6 Uninstalling the ZyWALL SecuExtender 436 Chapter 28 Application Patrol ...437 28.1 Overview ...437 28.1.1 What You Can Do in this Chapter 437 28.1.2 What You Need to Know ... Need To Know 479 30.1.3 Before You Begin 480 30.2 The IDP General Screen 481 30.3 Introducing IDP Profiles 483 30.3.1 Base Profiles ...484 20 ZyWALL USG 50 User's Guide
User Manual
Page 21
... You Need to Know 533 32.1.3 Before You Begin 535 32.2 Content Filter General Screen 535 32.3 Content Filter Policy Add or Edit Screen 538 ZyWALL USG 50 User's Guide 21
... You Need to Know 533 32.1.3 Before You Begin 535 32.2 Content Filter General Screen 535 32.3 Content Filter Policy Add or Edit Screen 538 ZyWALL USG 50 User's Guide 21
User Manual
Page 22
... White List Screen 575 34.6 The DNSBL Screen ...576 34.7 Anti-Spam Technical Reference 578 Chapter 35 User/Group ...583 35.1 Overview ...583 35.1.1 What You Can Do in this Chapter 583 35.1.2 What You Need To Know...User Summary Screen ...586 35.2.1 User Add/Edit Screen 586 35.3 User Group Summary Screen 589 35.3.1 Group Add/Edit Screen 590 35.4 Setting Screen ...591 35.4.1 Default User Authentication Timeout Settings Edit Screens 594 35.4.2 User Aware Login Example 596 35.5 User /Group Technical Reference 597 Chapter 36 Addresses...599 36.1 Overview ...599 22 ZyWALL USG 50 User's Guide
... White List Screen 575 34.6 The DNSBL Screen ...576 34.7 Anti-Spam Technical Reference 578 Chapter 35 User/Group ...583 35.1 Overview ...583 35.1.1 What You Can Do in this Chapter 583 35.1.2 What You Need To Know...User Summary Screen ...586 35.2.1 User Add/Edit Screen 586 35.3 User Group Summary Screen 589 35.3.1 Group Add/Edit Screen 590 35.4 Setting Screen ...591 35.4.1 Default User Authentication Timeout Settings Edit Screens 594 35.4.2 User Aware Login Example 596 35.5 User /Group Technical Reference 597 Chapter 36 Addresses...599 36.1 Overview ...599 22 ZyWALL USG 50 User's Guide