ZyXEL Communications USG-50 - V2.21 ED 1 User's Guide

www.zyxel.comUSG ZyWALL SeriesCLI Reference GuideVersion 3.002/2012Edition 2DEFAULT LOGINUser Name adminPassword 1234

Table of ContentsZyWALL (ZLD) CLI Reference Guide101.9 Saving Configuration Changes ...

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide100The following example creates a spill-over trunk for Ethernet interfaces ge1 and ge3, which will ap

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide1014 File server C finds that the request comes from WAN2’s IP address instead of WAN1’s IP address a

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide102

ZyWALL (ZLD) CLI Reference Guide 103CHAPTER 8RouteThis chapter shows you how to configure policies for IP routing and static routes on your ZyWALL.8

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide104The following table describes the commands available for policy route. You must use the configure te

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide105[no] dscp {any | <0..63>} Sets a custom DSCP code point (0~63). This is the DSCP value of inc

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide106[no] tunnel tunnel_name Sets the incoming interface to an IPSec VPN tunnel. The no command removes t

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide107[no] source {address6_object|any} Sets the source IPv6 IP address that the matched packets must hav

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide1088.2.1 Assured Forwarding (AF) PHB for DiffServAssured Forwarding (AF) behavior is defined in RFC 25

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide1098.3 IP Static RouteThe ZyWALL has no knowledge of the networks beyond the network that is directly

Table of ContentsZyWALL (ZLD) CLI Reference Guide116.4.1 Virtual Interface Command Examples ...

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide1108.4.1 Static Route Commands ExamplesThe following command sets a static route with IP address 10.10

ZyWALL (ZLD) CLI Reference Guide 111CHAPTER 9Routing ProtocolThis chapter describes how to set up RIP and OSPF routing protocols for the ZyWALL.9.1

Chapter 9 Routing ProtocolZyWALL (ZLD) CLI Reference Guide1129.2.1 RIP CommandsThis table lists the commands for RIP.9.2.2 General OSPF CommandsThis

Chapter 9 Routing ProtocolZyWALL (ZLD) CLI Reference Guide1139.2.3 OSPF Area CommandsThis table lists the commands for OSPF areas.9.2.4 Virtual Lin

Chapter 9 Routing ProtocolZyWALL (ZLD) CLI Reference Guide1149.2.5 Learned Routing Information CommandsThis table lists the commands to look at learn

ZyWALL (ZLD) CLI Reference Guide 115CHAPTER 10ZonesSet up zones to configure network security and network policies in the ZyWALL. 10.1 Zones Overvi

Chapter 10 ZonesZyWALL (ZLD) CLI Reference Guide11610.2 Zone Commands SummaryThe following table describes the values required for many zone commands

Chapter 10 ZonesZyWALL (ZLD) CLI Reference Guide11710.2.1 Zone Command ExamplesThe following commands add Ethernet interfaces ge1 and ge2 to zone A

Chapter 10 ZonesZyWALL (ZLD) CLI Reference Guide118

ZyWALL (ZLD) CLI Reference Guide 119CHAPTER 11DDNSThis chapter describes how to configure dynamic DNS (DDNS) services for the ZyWALL.11.1 DDNS Over

Table of ContentsZyWALL (ZLD) CLI Reference Guide129.1 Routing Protocol Overview ...

Chapter 11 DDNSZyWALL (ZLD) CLI Reference Guide12011.2 DDNS Commands SummaryThe following table describes the values required for many DDNS commands.

Chapter 11 DDNSZyWALL (ZLD) CLI Reference Guide121[no] backup-iface interface_name Sets the backup WAN interface in the specified DDNS profile. The n

Chapter 11 DDNSZyWALL (ZLD) CLI Reference Guide122

ZyWALL (ZLD) CLI Reference Guide 123CHAPTER 12Virtual ServersThis chapter describes how to set up, manage, and remove virtual servers. Virtual serve

Chapter 12 Virtual ServersZyWALL (ZLD) CLI Reference Guide124The following table lists the virtual server commands.Table 60 ip virtual-server Comman

Chapter 12 Virtual ServersZyWALL (ZLD) CLI Reference Guide12512.2.1 Virtual Server Command ExamplesThe following command creates virtual server WAN-

Chapter 12 Virtual ServersZyWALL (ZLD) CLI Reference Guide12612.2.2 Tutorial - How to Allow Public Access to a ServerThis is an example of making an

ZyWALL (ZLD) CLI Reference Guide 127CHAPTER 13HTTP RedirectThis chapter shows you how to configure HTTP redirection on your ZyWALL.13.1 HTTP Redire

Chapter 13 HTTP RedirectZyWALL (ZLD) CLI Reference Guide12813.2 HTTP Redirect CommandsThe following table identifies the values required for many of

Chapter 13 HTTP RedirectZyWALL (ZLD) CLI Reference Guide12913.2.1 HTTP Redirect Command ExamplesThe following commands create a HTTP redirect rule,

Table of ContentsZyWALL (ZLD) CLI Reference Guide1315.1 IP/MAC Binding Overview ...

Chapter 13 HTTP RedirectZyWALL (ZLD) CLI Reference Guide130

ZyWALL (ZLD) CLI Reference Guide 131CHAPTER 14ALGThis chapter covers how to use the ZyWALL’s ALG feature to allow certain applications to pass throu

Chapter 14 ALGZyWALL (ZLD) CLI Reference Guide13214.2 ALG Commands The following table lists the alg commands. You must use the configure terminal co

Chapter 14 ALGZyWALL (ZLD) CLI Reference Guide13314.3 ALG Commands ExampleThe following example turns on pass through for SIP and turns it off for H

Chapter 14 ALGZyWALL (ZLD) CLI Reference Guide134

ZyWALL (ZLD) CLI Reference Guide 135CHAPTER 15IP/MAC Binding15.1 IP/MAC Binding OverviewIP address to MAC address binding helps ensure that only th

Chapter 15 IP/MAC BindingZyWALL (ZLD) CLI Reference Guide13615.3 IP/MAC Binding Commands ExampleThe following example enables IP/MAC binding on the L

ZyWALL (ZLD) CLI Reference Guide 137CHAPTER 16FirewallThis chapter introduces the ZyWALL’s firewall and shows you how to configure your ZyWALL’s fir

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide13816.2 Firewall CommandsThe following table identifies the values required for many of these comm

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide139firewall zone_object {zone_object|ZyWALL} delete <1..5000>Removes a direction specific th

Table of ContentsZyWALL (ZLD) CLI Reference Guide1419.5.3 Configuring the L2TP VPN Settings Example ...

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide140firewall6 zone_object {zone_object|ZyWALL} append Enters the IPv6 firewall sub-command mode to a

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide14116.2.1 Firewall Sub-CommandsThe following table describes the sub-commands for several firewal

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide14216.2.2 Firewall Command ExamplesThese are IPv4 firewall configuration examples. The IPv6 firewa

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide143The following command displays the default IPv6 firewall rule that applies to the WAN to ZyWALL

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide144session-limit append Enters the session-limit sub-command mode to add a session-limit rule to th

ZyWALL (ZLD) CLI Reference Guide 145CHAPTER 17IPSec VPNThis chapter explains how to set up and maintain IPSec VPNs in the ZyWALL. 17.1 IPSec VPN Ov

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide146which the ZyWALL and remote IPSec router can send data between computers on the local network a

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide147The following sections list the IPSec VPN commands.17.2.1 IKE SA CommandsThis table lists the

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide14817.2.2 IPSec SA Commands (except Manual Keys)This table lists the commands for IPSec SAs, excl

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide149crypto map rename map_name map_name Renames the specified IPSec SA (first map_name) to the spe

Table of ContentsZyWALL (ZLD) CLI Reference Guide1522.6 IDP Statistics ...

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide150[no] nail-up Automatically re-negotiates the SA as needed. The no command does not.[no] replay-

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide15117.2.3 IPSec SA Commands (for Manual Keys)This table lists the additional commands for IPSec

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide15217.2.5 VPN Configuration Provisioning CommandsThis table lists the commands for VPN configurat

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide15317.2.6 SA Monitor CommandsThis table lists the commands for the SA monitor.Table 76 sa Comm

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide154

ZyWALL (ZLD) CLI Reference Guide 155CHAPTER 18SSL VPNThis chapter shows you how to set up secure SSL VPN access for remote user login.18.1 SSL Acce

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide156The following sections list the SSL VPN commands.18.2.1 SSL VPN CommandsThis table lists the com

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide15718.2.2 Setting an SSL VPN Rule TutorialHere is an example SSL VPN configuration. The SSL VPN ru

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide1581 First of all, configure 10.1.1.254/24 for the IP address of interface ge2 which is an external

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide1596 Displays the SSL VPN rule settings.Router(config)# show sslvpn policy SSL_VPN_TESTindex: 1 ac

Table of ContentsZyWALL (ZLD) CLI Reference Guide16Chapter 26User/Group...

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide160

ZyWALL (ZLD) CLI Reference Guide 161CHAPTER 19L2TP VPNThis chapter explains how to set up and maintain L2TP VPNs in the ZyWALL. 19.1 L2TP VPN Overv

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide16219.2.1 Using the Default L2TP VPN ConnectionDefault_L2TP_VPN_Connection is pre-configured to be

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide16319.4 L2TP VPN CommandsThe following table describes the values required for some L2TP VPN comm

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide16419.5 L2TP VPN ExampleThis example uses the following settings in creating a basic L2TP VPN tunn

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide165• You configure an IP address pool object named L2TP_POOL to assign the remote users IP address

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide166• Enable the connection. 19.5.4 Configuring the Policy Route for L2TP ExampleThe following co

ZyWALL (ZLD) CLI Reference Guide 167CHAPTER 20Application PatrolThis chapter describes how to set up application patrol for the ZyWALL. 20.1 Applic

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide168The following sections list the application patrol commands.20.2.1 Pre-defined Applic

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide16920.2.2.1 Rule Sub-commandsThe following table describes the sub-commands for several

Table of ContentsZyWALL (ZLD) CLI Reference Guide17Chapter 31Authentication Objects...

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide17020.2.3 Exception Commands for Pre-defined ApplicationsThis table lists the commands f

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide17120.2.4 Other Application CommandsThis table lists the commands for other application

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide17220.2.5.1 Other Rule Sub-commandsThe following table describes the sub-commands for se

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide173This table lists the general commands for application patrol.Table 90 app Commands:

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide17420.2.6.1 General Command ExamplesThe following examples show the information that is

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide175Router# configure terminalRouter(config)# show app other configbandwidth-graph: yesRo

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide176

ZyWALL (ZLD) CLI Reference Guide 177CHAPTER 21Anti-VirusThis chapter introduces and shows you how to configure the anti-virus scanner. 21.1 Anti-Vi

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide17821.2.1 General Anti-virus CommandsThe following table describes general anti-virus commands.

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide179anti-virus rule <1..32> Enters the anti-virus sub-command mode to edit the specified di

Table of ContentsZyWALL (ZLD) CLI Reference Guide1837.1 System Overview ...

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide18021.2.2.1 Zone to Zone Anti-virus Rule ExampleThis example shows how to configure (and display

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide18121.2.3.1 White and Black Lists ExampleThis example shows how to enable the white list and co

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide18221.2.4.1 Signature Search ExampleThis example shows how to search for anti-virus signatures w

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide18321.3.1 Update Signature ExamplesThese examples show how to enable/disable automatic anti-vir

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide18421.4.1 Anti-virus Statistics ExampleThis example shows how to collect and display anti-virus

ZyWALL (ZLD) CLI Reference Guide 185CHAPTER 22IDP CommandsThis chapter introduces IDP-related commands.22.1 OverviewCommands mostly mirror web conf

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide186This table shows the IDP signature, anomaly, and system-protect activation commands.22.2.1.1

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide18722.3.1.1 Example of Global Profile CommandsIn this example we rename an IDP signature prof

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide18822.3.2.1 Example of IDP Zone to Zone Rule CommandsThe following example creates IDP zone to

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide189Note: You CANNOT change the base profile later!Table 103 Editing/Creating Anomaly Profile

Table of ContentsZyWALL (ZLD) CLI Reference Guide1938.12 Language Commands ...

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide190[no] http-inspection {http-xxx} activate Activates or deactivates http-inspection options wh

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide191show idp anomaly profile scan-detection {tcp-portscan | tcp-decoy-portscan | tcp-portsweep

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide19222.3.4.1 Creating an Anomaly Profile ExampleIn this example we create a profile named “test

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide193Note: It is recommended you use the web configurator to search for signatures.22.3.6.1 Sea

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide194example, to search for signatures for Windows NT, Windows XP and Windows 2000 computers, the

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide19522.3.6.2 Signature Search ExampleThis example command searches for all signatures in the L

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide19622.4.1 Custom Signature ExamplesThese examples show how to create a custom signature, edit

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide197This example shows you how to display custom signature details. Router(config)# show idp si

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide198This example shows you how to display custom signature contents. Router(config)# show idp si

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide199This example shows you how to display all details of a custom signature. This example shows

Table of ContentsZyWALL (ZLD) CLI Reference Guide2041.2.1 Email Daily Report Example ...

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide20022.5.1 Update Signature ExamplesThese examples show how to enable/disable automatic IDP dow

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide20122.6.1 IDP Statistics ExampleThis example shows how to collect and display IDP statistics.

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide202

ZyWALL (ZLD) CLI Reference Guide 203CHAPTER 23Content FilteringThis chapter covers how to use the content filtering feature to control web access. 2

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20423.5 Content Filter Command Input ValuesThe following table explains the values you ca

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20523.6 General Content Filter CommandsThe following table lists the commands that you c

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide206mode to be able to use these commands. See Table 111 on page 204 for details about the

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20723.7 Content Filter Filtering Profile CommandsThe following table lists the commands

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide208content-filter profile filtering_profile custom-list keywordEnters the sub-command for

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20923.8 Content Filter URL Cache Commands The following table lists the commands that yo

21PART IIntroduction

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide210Use the configure terminal command to enter the configuration mode to be able to use th

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide21123.9.1 Content Filtering Statistics ExampleThis example shows how to collect and disp

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide2128 Activate the customization.Router# configure terminalRouter(config)# address-object s

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide213Use this command to display the settings of the profile.Router(config)# show content-f

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide214

ZyWALL (ZLD) CLI Reference Guide 215CHAPTER 24Anti-SpamThis chapter introduces and shows you how to configure the anti-spam scanner. 24.1 Anti-Spam

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide21624.2.1.1 Activate/Deactivate Anti-Spam ExampleThis example shows how to activate and deactivat

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide217show anti-spam {smtp | pop3} defaultportDisplay the SMTP or POP3 TCP ports the ZyWALL checks f

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide21824.2.2.1 Zone to Zone Anti-spam Rule ExampleThis example shows how to configure (and display)

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide219Use the white list to identify legitimate e-mail and the black list to identify spam e-mail. T

22

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide22024.2.3.1 White and Black Lists ExampleThis example shows how to configure and enable a white l

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide221This table describes the DNSBL commands. Table 122 DNSBL CommandsCOMMAND DESCRIPTION[no] ant

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide22224.2.4.1 DNSBL ExampleThis example:• Sets the ZyWALL to use “DNSBL-example.com” as a DNSBL.• T

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide22324.3 Anti-Spam StatisticsThe following table describes the commands for collecting and displa

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide224

ZyWALL (ZLD) CLI Reference Guide 225CHAPTER 25Device HAUse device HA to increase network reliability. Device HA lets a backup ZyWALL (B) automatical

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide226Otherwise you must manually configure the master ZyWALL’s settings on the backup (by editing co

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide227Virtual Router and Management IP Addresses• If a backup takes over for the master, it uses the

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide228[no] device-ha ap-mode interface_name manage-ip ip subnet_maskSets the management IP address fo

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide22925.4.2 Active-Passive Mode Device HA Command ExampleThis example configures a ZyWALL to be a

ZyWALL (ZLD) CLI Reference Guide 23CHAPTER 1Command Line InterfaceThis chapter describes how to access and use the CLI (Command Line Interface).1.1

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide23025.6.1 VRRP Group CommandsThis table lists the commands for VRRP groups.25.6.2 VRRP Synchroni

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide23125.6.3 Link Monitoring CommandsThis table lists the commands for link monitoring. Link monito

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide232

ZyWALL (ZLD) CLI Reference Guide 233CHAPTER 26User/GroupThis chapter describes how to set up user accounts, user groups, and user settings for the Z

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23426.2 User/Group Commands SummaryThe following table identifies the values required for many u

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23526.2.2 User Group CommandsThis table lists the commands for groups.26.2.3 User Setting Comm

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23626.2.3.1 User Setting Command ExamplesThe following commands show the current settings for th

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23726.2.4 Force User Authentication CommandsThis table lists the commands for forcing user auth

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23826.2.4.1 force-auth Sub-commandsThe following table describes the sub-commands for several fo

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide239• Description: EPS-on-LAN• Source: use address object “LAN1_SUBNET”• Destination: use address

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide241.2.1 Console PortThe default settings for the console port are as follows. When yo

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide24026.2.5.1 Additional User Command ExamplesThe following commands display the users that are cu

ZyWALL (ZLD) CLI Reference Guide 241CHAPTER 27AddressesThis chapter describes how to set up addresses and address groups for the ZyWALL.27.1 Addres

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide242The following sections list the address object and address group commands.27.2.1 Address Objec

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide24327.2.1.1 Address Object Command ExamplesThe following example creates three IPv4 address obje

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide244The following example creates host, range, subnet, and link local IPv6 address objects and then

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide24527.2.2.1 Address Group Command ExamplesThe following commands create three address objects A0

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide246

ZyWALL (ZLD) CLI Reference Guide 247CHAPTER 28ServicesUse service objects to define TCP applications, UDP applications, and ICMP messages. You can a

Chapter 28 ServicesZyWALL (ZLD) CLI Reference Guide24828.2.1.1 Service Object Command ExamplesThe following commands create four services, displays t

Chapter 28 ServicesZyWALL (ZLD) CLI Reference Guide24928.2.2.1 Service Group Command ExamplesThe following commands create service ICMP_ECHO, create

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide25When you access the CLI using the web console, your computer establishes a SSH (Sec

Chapter 28 ServicesZyWALL (ZLD) CLI Reference Guide250

ZyWALL (ZLD) CLI Reference Guide 251CHAPTER 29SchedulesUse schedules to set up one-time and recurring schedules for policy routes, firewall rules, a

Chapter 29 SchedulesZyWALL (ZLD) CLI Reference Guide25229.2.1 Schedule Command ExamplesThe following commands create recurring schedule SCHEDULE1 and

ZyWALL (ZLD) CLI Reference Guide 253CHAPTER 30AAA ServerThis chapter introduces and shows you how to configure the ZyWALL to use external authentica

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25430.2.2 ldap-server Commands The following table lists the ldap-server commands you use to set

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25530.2.3 radius-server Commands The following table lists the radius-server commands you use t

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25630.2.6 aaa group server ldap Commands The following table lists the aaa group server ldap com

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25730.2.7 aaa group server radius Commands The following table lists the aaa group server radiu

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25830.2.8 aaa group server Command ExampleThe following example creates a RADIUS server group wi

ZyWALL (ZLD) CLI Reference Guide 259CHAPTER 31Authentication ObjectsThis chapter shows you how to select different authentication methods for user a

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide26Note: The default login username is admin. It is case-sensitive.Figure 5 Web Conso

Chapter 31 Authentication ObjectsZyWALL (ZLD) CLI Reference Guide26031.2.1 aaa authentication Command ExampleThe following example creates an authent

Chapter 31 Authentication ObjectsZyWALL (ZLD) CLI Reference Guide261• Bind-dn: zyxel\engineerABC• Password: abcdefg• Login-name-attribute: sAMAccount

Chapter 31 Authentication ObjectsZyWALL (ZLD) CLI Reference Guide262

ZyWALL (ZLD) CLI Reference Guide 263CHAPTER 32CertificatesThis chapter explains how to use the Certificates.32.1 Certificates OverviewThe ZyWALL ca

Chapter 32 CertificatesZyWALL (ZLD) CLI Reference Guide26432.4 Certificates Commands SummaryThe following table lists the commands that you can use t

Chapter 32 CertificatesZyWALL (ZLD) CLI Reference Guide265ca validation remote_certificate Enters the sub command mode for validation of certificates

Chapter 32 CertificatesZyWALL (ZLD) CLI Reference Guide266show ca category {local|remote} name certificate_name certpathDisplays the certification pat

Chapter 32 CertificatesZyWALL (ZLD) CLI Reference Guide26732.5 Certificates Commands ExamplesThe following example creates a self-signed X.509 certi

ZyWALL (ZLD) CLI Reference Guide 268CHAPTER 33ISP AccountsUse ISP accounts to manage Internet Service Provider (ISP) account information for PPPoE,

Chapter 33 ISP AccountsZyWALL (ZLD) CLI Reference Guide26933.1.2 Cellular Account CommandsThe following table lists the cellular ISP account command

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide271.2.3 TelnetUse the following steps to Telnet into your ZyWALL.1 If your computer

ZyWALL (ZLD) CLI Reference Guide 270CHAPTER 34SSL ApplicationThis chapter describes how to configure SSL application objects for use in SSL VPN.34.1

Chapter 34 SSL ApplicationZyWALL (ZLD) CLI Reference Guide271server-type file-sharing share-path share-pathSpecifies the IP address, domain name or N

Chapter 34 SSL ApplicationZyWALL (ZLD) CLI Reference Guide27234.1.2 SSL Application Command ExamplesThe following commands create and display a serve

ZyWALL (ZLD) CLI Reference Guide 273CHAPTER 35Endpoint SecurityThis chapter describes how to configure endpoint security objects for use in authenti

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide274RequirementsUser computers must have Sun’s Java (Java Runtime Environment or ‘JRE’) ins

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide275[no] personal-firewall personal_firewall_software_name detect-auto-protection {enable

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide276windows-version {windows-2000 | windows-xp | windows-2003 | windows-2008 | windows-vist

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide27735.1.3 Endpoint Security Object Command ExamplePeter wants to create and display an e

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide278However, he needs to check the Anti-Virus software name defined on the ZyWALL. The foll

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide279Now Peter can create the EPS object profile as the example shown next. Note that he us

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide281.4 How Commands Are ExplainedEach chapter explains the commands for one keyword. T

ZyWALL (ZLD) CLI Reference Guide 280CHAPTER 36DHCPv6 ObjectsThis chapter describes how to configure and view DHCPv6 request and lease objects. 36.1

Chapter 36 DHCPv6 ObjectsZyWALL (ZLD) CLI Reference Guide28136.1.2 DHCPv6 Object Command ExamplesThis example creates and displays a DHCPv6 lease ob

Chapter 36 DHCPv6 ObjectsZyWALL (ZLD) CLI Reference Guide282This example creates and displays a DHCPv6 pre-fix delegation lease object named “pfx” for

ZyWALL (ZLD) CLI Reference Guide 283CHAPTER 37SystemThis chapter provides information on the commands that correspond to what you can configure in t

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide284Figure 26 Access Page Customization You can specify colors in one of the following ways:• color

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide28537.3 Host Name CommandsThe following table describes the commands available for the hostname and

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide28637.4.1 Date/Time CommandsThe following table describes the commands available for date and time s

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide28737.6 DNS Overview DNS (Domain Name System) is for mapping a domain name to its corresponding IP

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide28837.6.3 DNS Command ExampleThis command sets an A record that specifies the mapping of a fully qua

ZyWALL (ZLD) CLI Reference Guide 289CHAPTER 38System Remote ManagementThis chapter shows you how to determine which services/protocols can access wh

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide29•Enter range exactly as it appears, followed by two numbers between 1 and 65535.1.4

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29038.2 Common System Command Input ValuesThe following table identifies the value

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide291[no] ip http secure-server cert certificate_name Specifies a certificate used b

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29238.3.1 HTTP/HTTPS Command ExamplesThis following example adds a service control

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29338.4.3 SSH CommandsThe following table describes the commands available for SS

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29438.5 Telnet You can configure your ZyWALL for remote Telnet access.38.6 Telnet

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide295This command displays Telnet settings.38.7 Configuring FTP You can upload and

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29638.7.2 FTP Commands ExamplesThis command sets a service control rule that allow

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29738.8.3 SNMP CommandsThe following table describes the commands available for S

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide298The following command sets the password (secret) for read-write (rw) access.The

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29938.10.1 AT Command StringsFor regular telephone lines, the default Dial string

About This CLI Reference GuideZyWALL (ZLD) CLI Reference Guide3About This CLI Reference GuideIntended AudienceThis manual is intended for people who

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide301.6 Shortcuts and Help1.6.1 List of Available CommandsA list of valid commands can

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide30038.10.4.1 Dial-in Management Command ExamplesThe following commands show you ho

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide30138.11.1.1 Vantage CNM Command ExamplesThe following example turns on Vantage C

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide30238.13 IPv6 Commands Use the ipv6 commands to enable or disable IPv6 support. Yo

ZyWALL (ZLD) CLI Reference Guide 303CHAPTER 39File ManagerThis chapter covers how to work with the ZyWALL’s firmware, certificates, configuration fi

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide304 These files have the same syntax, which is also identical to the way you run CLI commands m

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide305Line 3 in the following example exits sub command mode.Lines 1 and 3 in the following examp

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide306• When the ZyWALL reboots, if the startup-config.conf file passes the error check, the ZyWAL

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide30739.4 File Manager Commands SummaryThe following table lists the commands that you can use

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide30839.5 File Manager Command ExamplesThis example saves a back up of the current configuration

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide309The firmware update can take up to five minutes. Do not turn off or reset the ZyWALL while

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide311.6.3 Entering Partial CommandsThe CLI does not accept partial or incomplete comma

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide31039.6.4 Command Line FTP Configuration File Download ExampleThe following example gets a con

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide31139.8 Notification of a Damaged Recovery Image or FirmwareThe ZyWALL’s recovery image and/o

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide3124 If “Connect a computer to port 1 and FTP to 192.168.1.1 to upload the new file” displays

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide313Note: You only need to use the atuk or atur command if the recovery image is damaged. Figur

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide3147 Enter atgo. The ZyWALL starts up. If “Connect a computer to port 1 and FTP to 192.168.1.1

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide3157 Wait for the file transfer to complete.Figure 41 FTP Firmware Transfer Complete8 After

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide31610 The username prompt displays after the ZyWALL starts up successfully. The firmware recove

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide317If the default system database file is not valid, the ZyWALL displays a warning message in

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide318example, "1.01(XL.0)C0.db". Do the following after you have obtained the default s

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide3197 Hit enter to log in anonymously.8 Set the transfer mode to binary (type bin).9 Transfer t

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide321.7 Input ValuesYou can use the ? or [TAB] to get more information about the next i

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide32012 The username prompt displays after the ZyWALL starts up successfully. The default system

ZyWALL (ZLD) CLI Reference Guide 321CHAPTER 40LogsThis chapter provides information about the ZyWALL’s logs. Note: When the system log reaches the m

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide32240.1.1 Log Entries CommandsThis table lists the commands to look at log entries.40.1.2 System Log

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide32340.1.2.1 System Log Command ExamplesThe following command displays the current status of the syste

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide324This table lists the commands for the remote syslog server settings.This table lists the commands fo

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide325[no] logging mail <1..2> address {ip | hostname}Sets the URL or IP address of the mail server

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide32640.1.4.1 E-mail Profile Command ExamplesThe following commands set up e-mail log 1.40.1.5 Console

ZyWALL (ZLD) CLI Reference Guide 327CHAPTER 41Reports and RebootThis chapter provides information about the report associated commands and how to re

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide32841.1.2 Report Command ExamplesThe following commands start collecting data, display t

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide32941.2 Email Daily Report CommandsThe following table identifies the values used in so

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide33domain name Used in content filtering0+ lower-case letters, numbers, or .-Used in i

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide33041.2.1 Email Daily Report ExampleThis example sets the following about sending a dail

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide331• Has the ZyWALL provide username 12345 and password 12345 to the SMTP server for aut

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide332This displays the email daily report settings and has the ZyWALL send the report.41.3

ZyWALL (ZLD) CLI Reference Guide 333CHAPTER 42Session TimeoutUse these commands to modify and display the session timeout values. You must use the c

Chapter 42 Session TimeoutZyWALL (ZLD) CLI Reference Guide334

ZyWALL (ZLD) CLI Reference Guide 335CHAPTER 43 DiagnosticsThis chapter covers how to use the diagnostics feature. 43.1 DiagnosticsThe diagnostics

Chapter 43 DiagnosticsZyWALL (ZLD) CLI Reference Guide336

ZyWALL (ZLD) CLI Reference Guide 337CHAPTER 44Packet Flow ExploreThis chapter covers how to use the packet flow explore feature. 44.1 Packet Flow

Chapter 44 Packet Flow ExploreZyWALL (ZLD) CLI Reference Guide33844.3 Packet Flow Explore Commands ExampleThe following example shows all routing rel

Chapter 44 Packet Flow ExploreZyWALL (ZLD) CLI Reference Guide339The following example shows all activated dynamic VPN rules.The following example sh

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide34key length -- 512, 768, 1024, 1536, 2048license key 25 “S-” + 6 upper-case letters o

Chapter 44 Packet Flow ExploreZyWALL (ZLD) CLI Reference Guide340The following example shows the default WAN trunk settings.Router> show system sna

ZyWALL (ZLD) CLI Reference Guide 341CHAPTER 45Packet Flow FilterThis chapter covers how to use the packet flow filter feature. 45.1 Packet Flow Fi

Chapter 45 Packet Flow FilterZyWALL (ZLD) CLI Reference Guide34245.3 Packet Flow Filter Commands ExamplesThe following example configures packet flow

Chapter 45 Packet Flow FilterZyWALL (ZLD) CLI Reference Guide343This example displays the packet flow filter 1’s settings. This example displays the

Chapter 45 Packet Flow FilterZyWALL (ZLD) CLI Reference Guide344This example activates the packet flow ring buffer feature. Router> configure term

ZyWALL (ZLD) CLI Reference Guide 345CHAPTER 46Maintenance ToolsUse the maintenance tool commands to check the conditions of other devices through th

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide346file-suffix <profile_name> Specifies text to add to the end of the file name (bef

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide347Here are maintenance tool commands that you can use in configuration mode. 46.1 Maint

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide348Here are maintenance tool commands that you can use in configure mode.The following exa

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide349• IP address: any•Host IP: any• Host port: any (then you do not need to configure this

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide351.8 Ethernet InterfacesHow you specify an Ethernet interface depends on the ZyWALL

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide350

ZyWALL (ZLD) CLI Reference Guide 351CHAPTER 47Watchdog TimerThis chapter provides information about the ZyWALL’s watchdog timers. 47.1 Hardware Wat

Chapter 47 Watchdog TimerZyWALL (ZLD) CLI Reference Guide35247.3 Application WatchdogThe application watchdog has the system restart a process that f

Chapter 47 Watchdog TimerZyWALL (ZLD) CLI Reference Guide353Application Watch Dog Setting: activate: yes alert: yes console print: always retry c

Chapter 47 Watchdog TimerZyWALL (ZLD) CLI Reference Guide354

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide355List of Commands (Alphabetical)This section lists the commands and sub-commands in

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide356[no] ad-server ssl ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide357[no] app-watch-dog cpu-threshold min <1..100> max <1..100> ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide358{fri|mon|sat|sun|thu|tue|wed} hh:mm offset ...2

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide359[no] description description ...

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide361.10 Logging OutEnter the exit or end command in configure mode to go to privilege

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide360[no] eps profile profile_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide361[no] interface {num|interface-name} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide362[no] ipv6 dhcp6-request-object dhcp6_profile ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide363[no] logging syslog <1..4> {disable | level normal | level all} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide364[no] out-snat activate ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide365[no] security dot1x acct ip port <1..65535> ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide366[no] source {address_object|any} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide367[no] wan-iface interface_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide368anti-spam tag {dnsbl | dnsbl-timeout} [tag] ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide369bandwidth priority <1..7> ...

ZyWALL (ZLD) CLI Reference Guide 37CHAPTER 2User and Privilege ModesThis chapter describes how to use these two modes.2.1 User And Privilege Modes

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide370content-filter profile filtering_profile url match {block | log | warn | pass} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide371debug system ipv6 ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide372eps warning-message {windows-auto-update | windows-security-patch | anti-virus | pe

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide373force-auth policy flush ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide374interface dial interface_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide375ip virtual-server profile_name interface interface_name original-ip {any | ip | ad

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide376login-page window-color {color-rgb | color-name | color-number} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide377no content-filter profile filtering_profile url offline {log} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide378object-group service rename group_name group_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide379renew dhcp interface-name ...

Chapter 2 User and Privilege ModesZyWALL (ZLD) CLI Reference Guide38Subsequent chapters in this guide describe the configuration commands. User/privil

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide380session-limit delete rule_number ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide381show anti-spam tag {dnsbl | dnsbl-timeout} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide382show comport status ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide383show firewall ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide384show idp profiles ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide385show ipv6 nd ra status config_interface ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide386show reference object aaa authentication [default | auth_method] ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide387show sslvpn application [application_object] ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide388sslvpn no connection username user_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide389username username user-type ext-user ...

Chapter 2 User and Privilege ModesZyWALL (ZLD) CLI Reference Guide39is a Linux equivalent, it is displayed in this chapter for your reference. You mu

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide390

Document ConventionsZyWALL (ZLD) CLI Reference Guide4Document ConventionsWarnings and NotesThese are how warnings and notes are shown in this User’s G

Chapter 2 User and Privilege ModesZyWALL (ZLD) CLI Reference Guide40debug system ipv6 IPv6 debug commandsdebug [cmdexec|corefile|ip |kernel|mac-id-rew

41PART IIReference

42

ZyWALL (ZLD) CLI Reference Guide 43CHAPTER 3Object ReferenceThis chapter describes how to use object reference commands.3.1 Object Reference Comman

Chapter 3 Object ReferenceZyWALL (ZLD) CLI Reference Guide443.1.1 Object Reference Command ExampleThis example shows how to check which configuration

ZyWALL (ZLD) CLI Reference Guide 45CHAPTER 4StatusThis chapter explains some commands you can use to display information about the ZyWALL’s current

Chapter 4 StatusZyWALL (ZLD) CLI Reference Guide46Here are examples of the commands that display the fan speed, MAC address, memory usage, RAM size, a

Chapter 4 StatusZyWALL (ZLD) CLI Reference Guide47Here is an example of the command that displays the open ports. Router(config)# show socket openNo.

Chapter 4 StatusZyWALL (ZLD) CLI Reference Guide48Here are examples of the commands that display the system uptime and model, firmware, and build info

ZyWALL (ZLD) CLI Reference Guide 49CHAPTER 5RegistrationThis chapter introduces myzyxel.com and shows you how to register the ZyWALL for IDP/AppPatr

Document ConventionsZyWALL (ZLD) CLI Reference Guide5Server Firewall TelephoneSwitch Router

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide50suppose you purchase a one-year Kaspersky engine anti-virus service subscription and use it fo

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide515.2.1 Command ExamplesThe following commands allow you to register your device with an exist

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide52The following command displays the service registration status and type and how many days rema

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide53039 Canada 040 Cape Verde041 Cayman Islands 042 Central African Republic043 Chad 044 Chile045

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide54119 Latvia 120 Lebanon121 Lesotho 122 Liberia123 Liechtenstein 124 Lithuania125 Luxembourg 126

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide55197 St Pierre and Miquelon 198 St. Helena199 Suriname 200 Svalbard and Jan Mayen Islands201 S

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide56

ZyWALL (ZLD) CLI Reference Guide 57CHAPTER 6InterfacesThis chapter shows you how to use interface-related commands.6.1 Interface OverviewIn general

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide58•The auxiliary interface, along with an external modem, provides an interface the ZyWALL can use

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide59* - Each name consists of 2-4 letters (interface type), followed by a number (x). For most inte

Document ConventionsZyWALL (ZLD) CLI Reference Guide6

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide606.1.2 Relationships Between InterfacesIn the ZyWALL, interfaces are usually created on top of o

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide616.2 Interface General Commands SummaryThe following table identifies the values required for m

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide62show interface send statistics interval Displays the interval for how often the ZyWALL refreshes

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide63enable Turns on the IPv6 interface.nd ra accept Sets the IPv6 interface to accept IPv6 neighbor

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide64nd ra prefix-advertisement dhcp6_profile dhcp6_suffix_64Configures the network prefix to use a d

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide65nd ra hop-limit Removes the maximum number of hops setting for router advertisements and all IP

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide666.2.1.1 Basic Interface Properties Command ExamplesThe following commands make Ethernet interfa

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide67This example shows how to restart an interface. You can check all interface names on the ZyWALL

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide68[no] host ip Specifies the static IP address the ZyWALL should assign. Use this command, along w

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide69[no] starting-address ip pool-size <1..65535>Sets the IP start address and maximum pool s

Contents OverviewZyWALL (ZLD) CLI Reference Guide7Contents OverviewIntroduction ...

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide706.2.2.1 DHCP Setting Command ExamplesThe following example uses these commands to configure DHC

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide716.2.3 Interface Parameter Command ExamplesThis table shows an example of each interface type’s

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide726.2.4 RIP CommandsThis table lists the commands for RIP settings.6.2.5 OSPF CommandsThis table

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide73[no] passive-interface interface_name Sets the OSPF direction of the specified interface to in-

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide746.2.6 Connectivity Check (Ping-check) CommandsUse these commands to have an interface regularly

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide756.2.6.1 Connectivity Check Command ExampleThe following commands show you how to set the WAN1

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide766.3.2 Port Grouping CommandsThis section covers commands that are specific to port grouping.Not

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide776.3.2.1 Port Grouping Command ExamplesThe following commands add physical port 5 to representa

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide78gateway 4.6.7.8, upstream bandwidth 345, downstream bandwidth 123, and description “I am vir int

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide796.5.1 PPPoE/PPTP Interface Command ExamplesThe following commands show you how to configure PP

Contents OverviewZyWALL (ZLD) CLI Reference Guide8DHCPv6 Objects ...

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide802.2.2.2, MTU 1200, upstream bandwidth 345, downstream bandwidth 123, description “I am ppp0”, an

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide81[no] network-selection {auto|home} Home network is the network to which you are originally subs

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide826.6.1 Cellular StatusThe following table describes the different kinds of cellular connection s

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide83Limited service returned by the service provider in cases where the SIM card is expired, the us

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide846.6.2 Cellular Interface Command ExamplesThis example shows the configuration of a cellular int

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide856.7 Tunnel Interface Specific CommandsThe ZyWALL uses tunnel interfaces in Generic Routing Enc

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide866.7.1 Tunnel Interface Command ExamplesThis example creates a tunnel interface called tunnel0 t

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide876.8.1 USB Storage General Commands ExampleThis example shows how to display the status of the

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide886.9.1 WLAN General CommandsUse these commands to configure global settings that apply to all of

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide896.9.1.1 WLAN General Commands ExampleThis example sets wireless slot 1 to use the IEEE 802.11b

Table of ContentsZyWALL (ZLD) CLI Reference Guide9Table of ContentsAbout This CLI Reference Guide...

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide90[no] mtu <576..2304> Specifies the Maximum Transmission Unit, which is the maximum number

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide916.9.2.1 WLAN Interface Commands ExampleThis example configures WLAN AP interface 2 for slot 1

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide926.9.3.1 WLAN MAC Filter Commands ExampleThis example creates a MAC filter entry for MAC address

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide936.10.1 VLAN Interface Command ExamplesThe following commands show you how to set up VLAN vlan1

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide946.11.1 Bridge Interface Command ExamplesThe following commands show you how to set up a bridge

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide956.12.1 Auxiliary Interface Command ExamplesThe following commands show you how to set up the a

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide96

ZyWALL (ZLD) CLI Reference Guide 97CHAPTER 7TrunksThis chapter shows you how to configure trunks on your ZyWALL.7.1 Trunks OverviewYou can group mu

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide987.3 Trunk Commands Input ValuesThe following table explains the values you can input with the inter

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide997.5 Trunk Command ExamplesThe following example creates a weighted round robin trunk for Ethernet