Zyxel-communications ZyXEL ZyAIR 100 User Manual

ZyWALL 10/10W/30W/50/100 Internet Security Gateway User’s Guide Version 3.61 July 2003

ZyWALL 10~100 Series Internet Security Gateway x Table of Contents Chapter 11 Firewalls ...

ZyWALL 10~100 Series Internet Security Gateway 8-4 WAN Screens Table 8-2 Ethernet Encapsulation LABEL DESCRIPTION Relogin Period (min) (Telia Login

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-5 Figure 8-3 PPPoE Encapsulation The following table describes the fie

ZyWALL 10~100 Series Internet Security Gateway 8-6 WAN Screens Table 8-3 PPPoE Encapsulation LABEL DESCRIPTION Retype to Confirm Type your password

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-7 Figure 8-4 PPTP Encapsulation The following table describes the fiel

ZyWALL 10~100 Series Internet Security Gateway 8-8 WAN Screens Table 8-4 PPTP Encapsulation LABEL DESCRIPTION Password Type the password associ

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-9 Figure 8-5 RR Service Type The following table describes the fields

ZyWALL 10~100 Series Internet Security Gateway 8-10 WAN Screens 8.5 Configuring WAN IP To change your ZyWALL’s WAN IP settings, click WAN, then th

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-11 Table 8-6 IP Setup LABEL DESCRIPTION WAN IP Address Assignment Get

ZyWALL 10~100 Series Internet Security Gateway 8-12 WAN Screens Table 8-6 IP Setup LABEL DESCRIPTION RIP Direction RIP (Routing Information Protoc

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-13 Table 8-6 IP Setup LABEL DESCRIPTION Allow From WAN to DMZ Select t

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xi VPN/IPSec ...

ZyWALL 10~100 Series Internet Security Gateway 8-14 WAN Screens 8.7 Traffic Redirect Traffic redirect forwards WAN traffic to a backup gateway when

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-15 8.8 Configuring Traffic Redirect To change your ZyWALL’s Traffic Re

ZyWALL 10~100 Series Internet Security Gateway 8-16 WAN Screens Table 8-7 Traffic Redirect LABEL DESCRIPTION Check WAN IP Address Configuration

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-17 Figure 8-11 Dial Backup Setup

ZyWALL 10~100 Series Internet Security Gateway 8-18 WAN Screens The following table describes the fields in this screen. Table 8-8Dial Backup Setup

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-19 Table 8-8Dial Backup Setup LABEL DESCRIPTION Get IP Address Automati

ZyWALL 10~100 Series Internet Security Gateway 8-20 WAN Screens Table 8-8Dial Backup Setup LABEL DESCRIPTION RIP Direction RIP (Routing Information

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-21 8.10 Advanced Modem Setup 8.10.1 AT Command Strings For regular tel

ZyWALL 10~100 Series Internet Security Gateway 8-22 WAN Screens Figure 8-12 Advanced Setup The following table describes the fields in this screen.

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-23 Table 8-9 Advanced Setup LABEL DESCRIPTION EXAMPLE Drop DTR When Han

ZyWALL 10~100 Series Internet Security Gateway xii Table of Contents 16.1 Remote Management Overview...

NAT and Static Route IV Part IV: NAT and Static Route This part covers Network Address Translation and setting up static routes.

ZyWALL 10~100 Series Internet Security Gateway NAT 9-1 Chapter 9 Network Address Translation (NAT) Screens This chapter discusses how to c

ZyWALL 10~100 Series Internet Security Gateway 9-2 NAT NAT never changes the IP address (either local or global) of an outside host. 9.1.2

ZyWALL 10~100 Series Internet Security Gateway NAT 9-3 Figure 9-1 How NAT Works 9.1.4 NAT Application

ZyWALL 10~100 Series Internet Security Gateway 9-4 NAT The following figure illustrates a possible NAT application, where three inside LANs

ZyWALL 10~100 Series Internet Security Gateway NAT 9-5  Many One to One: In Many-One-to-One mode, the ZyWALL maps each local IP address t

ZyWALL 10~100 Series Internet Security Gateway 9-6 NAT 9.2 Using NAT You must create a firewall rule in addition to setting up SUA/NAT, to a

ZyWALL 10~100 Series Internet Security Gateway NAT 9-7 desired server. The port number identifies a service; for example, web service is

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xiii Chapter 19 Logs Screens...

ZyWALL 10~100 Series Internet Security Gateway 9-8 NAT Figure 9-3 Multiple Servers Behind NAT Example 9.4 Configuring SUA Server If you

ZyWALL 10~100 Series Internet Security Gateway NAT 9-9 Figure 9-4 SUA/NAT Setup The following table describes the fields in this screen.

ZyWALL 10~100 Series Internet Security Gateway 9-10 NAT Table 9-4 SUA/NAT Setup LABEL DESCRIPTION Start Port End Port Enter a port number he

ZyWALL 10~100 Series Internet Security Gateway NAT 9-11 Figure 9-5 Address Mapping The following table describes the fields in this scree

ZyWALL 10~100 Series Internet Security Gateway 9-12 NAT Table 9-5 Address Mapping LABEL DESCRIPTION Type 1. One-to-One mode maps one local I

ZyWALL 10~100 Series Internet Security Gateway NAT 9-13 Table 9-6 Address Mapping Edit LABEL DESCRIPTION Type Choose the port mapping ty

ZyWALL 10~100 Series Internet Security Gateway 9-14 NAT request a service with a specific port number and protocol (a "trigger" po

ZyWALL 10~100 Series Internet Security Gateway NAT 9-15 Figure 9-7 Trigger Port The following table describes the fields in this screen.

ZyWALL 10~100 Series Internet Security Gateway 9-16 NAT Table 9-7 Trigger Port LABEL DESCRIPTION Start Port Type a port number or the start

ZyWALL 10~100 Series Internet Security Gateway Static Route 10-1 Chapter 10 Static Route Screens This chapter shows you how to configure static r

ZyWALL 10~100 Series Internet Security Gateway xiv Table of Contents 23.5 Advanced WAN Setup...

ZyWALL 10~100 Series Internet Security Gateway 10-2 Static Route Figure 10-2 Static Route Screen The following table describes the fields in this s

ZyWALL 10~100 Series Internet Security Gateway Static Route 10-3 Table 10-1 IP Static Route Summary LABEL DESCRIPTION Gateway This is the IP addr

ZyWALL 10~100 Series Internet Security Gateway 10-4 Static Route Table 10-2 Edit IP Static Route LABEL DESCRIPTION Destination IP Address This param

Firewall and Content Filters V Part V: Firewall and Content Filters This part introduces firewalls in general and the ZyWALL firewall. It also ex

ZyWALL 10~100 Series Internet Security Gateway Firewalls 11-1 Chapter 11 Firewalls This chapter gives some background information on firewalls and i

ZyWALL 10~100 Series Internet Security Gateway 11-2 Firewalls i. Information hiding prevents the names of internal systems from being made known via

ZyWALL 10~100 Series Internet Security Gateway Firewalls 11-3 Figure 11-1 ZyWALL Firewall Application 11.4 Denial of Service Denials of Service (

ZyWALL 10~100 Series Internet Security Gateway 11-4 Firewalls for use over a single port, such as Web on port 80, other ports are also active. If the

ZyWALL 10~100 Series Internet Security Gateway Firewalls 11-5 Figure 11-2 Three-Way Handshake Under normal circumstances, the application that init

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xv 27.4 Edit IP ...

ZyWALL 10~100 Series Internet Security Gateway 11-6 Firewalls 2-b In a LAND Attack, hackers flood SYN packets into the network with a spoofed source

ZyWALL 10~100 Series Internet Security Gateway Firewalls 11-7 The only legal NetBIOS commands are the following - all others are illegal. Table 11-3

ZyWALL 10~100 Series Internet Security Gateway 11-8 Firewalls  Allows all sessions originating from the LAN (local network) to the WAN (Internet).

ZyWALL 10~100 Series Internet Security Gateway Firewalls 11-9 3. The packet is inspected by a firewall rule to determine and record information abo

ZyWALL 10~100 Series Internet Security Gateway 11-10 Firewalls The ability to define firewall rules is a very powerful tool. Using custom rules, it i

ZyWALL 10~100 Series Internet Security Gateway Firewalls 11-11 little tracking information. For instance, ICMP redirect packets are never allowed in

ZyWALL 10~100 Series Internet Security Gateway 11-12 Firewalls 11.7 Packet Filtering Vs Firewall Below are some comparisons between the ZyWALL’s fil

ZyWALL 10~100 Series Internet Security Gateway Firewalls 11-13 2. A range of source and destination IP addresses as well as port numbers can be spe

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-1 Chapter 12 Firewall Screens This chapter shows you how to configure your ZyWA

ZyWALL 10~100 Series Internet Security Gateway xvi Table of Contents 33.4 Log and Trace ...

ZyWALL 10~100 Series Internet Security Gateway 12-2 Firewall Screens This prevents computers on the WAN from using the ZyWALL as a gateway to communi

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-3 5. What computers on the LAN or DMZ are to be affected (if any)? 6. What com

ZyWALL 10~100 Series Internet Security Gateway 12-4 Firewall Screens Destination Address What is the connection’s destination address; is it on the L

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-5 12.4.2 WAN to LAN Rules The default rule for WAN to LAN traffic blocks all inc

ZyWALL 10~100 Series Internet Security Gateway 12-6 Firewall Screens Figure 12-3 Enabling the Firewall (ZyWALL 100) The following table describes th

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-7 Table 12-1 Firewall Rules Summary: First Screen LABEL DESCRIPTION Total Confi

ZyWALL 10~100 Series Internet Security Gateway 12-8 Firewall Screens Table 12-1 Firewall Rules Summary: First Screen LABEL DESCRIPTION Alert This fi

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-9 Figure 12-4 Creating/Editing A Firewall Rule (ZyWALL100) The following table

ZyWALL 10~100 Series Internet Security Gateway 12-10 Firewall Screens Table 12-2 Creating/Editing A Firewall Rule LABEL DESCRIPTION Source Address

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-11 Figure 12-5 Adding/Editing Source and Destination Addresses The following ta

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xvii 39.3 IPSec Setup ...

ZyWALL 10~100 Series Internet Security Gateway 12-12 Firewall Screens Figure 12-6 Creating/Editing A Custom Port The following table describes the f

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-13 Step 2. In the Summary screen, type the index number for where you want to p

ZyWALL 10~100 Series Internet Security Gateway 12-14 Firewall Screens Figure 12-8 Firewall Rule Edit IP Example Step 7. In the firewall rule config

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-15 Custom ports show up with an “*” before their names in the Services list box

ZyWALL 10~100 Series Internet Security Gateway 12-16 Firewall Screens On completing the configuration procedure for this Internet firewall rule, the

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-17 12.7 Predefined Services The Available Services list box in the Rule Config(u

ZyWALL 10~100 Series Internet Security Gateway 12-18 Firewall Screens Table 12-5 Predefined Services SERVICE DESCRIPTION IPSEC_TUNNEL(ESP:0) The I

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-19 Table 12-5 Predefined Services SERVICE DESCRIPTION SMTP(TCP:25) Simple Ma

ZyWALL 10~100 Series Internet Security Gateway 12-20 Firewall Screens 12.9 Configuring Attack Alert Attack alerts are the first defense against DOS a

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-21 When the rate of new connection attempts rises above a threshold (one-minute

ZyWALL 10~100 Series Internet Security Gateway xviii List of Figures List of Figures Figure 1-1 Secure Internet Access via Cable, DSL or Wireless Mo

ZyWALL 10~100 Series Internet Security Gateway 12-22 Firewall Screens Figure 12-12 Attack Alert The following table describes the fields in this scr

ZyWALL 10~100 Series Internet Security Gateway Firewall Screens 12-23 Table 12-6 Attack Alert LABEL DESCRIPTION DEFAULT VALUES One Minute High T

ZyWALL 10~100 Series Internet Security Gateway 12-24 Firewall Screens Table 12-6 Attack Alert LABEL DESCRIPTION DEFAULT VALUES Blocking Time When T

ZyWALL 10~100 Series Internet Security Gateway Content Filtering Screens 13-1 Chapter 13 Content Filtering Screens This chapter provides a brief ov

ZyWALL 10~100 Series Internet Security Gateway 13-2 Content Filtering Screens Figure 13-1Content Filter: Categories The following table describe

ZyWALL 10~100 Series Internet Security Gateway Content Filtering Screens 13-3 Table 13-1 Content Filter: Categories LABEL DESCRIPTION Java A progr

ZyWALL 10~100 Series Internet Security Gateway 13-4 Content Filtering Screens Table 13-1 Content Filter: Categories LABEL DESCRIPTION Intolerance

ZyWALL 10~100 Series Internet Security Gateway Content Filtering Screens 13-5 Table 13-1 Content Filter: Categories LABEL DESCRIPTION Always Block

ZyWALL 10~100 Series Internet Security Gateway 13-6 Content Filtering Screens Figure 13-2 Content Filter: Free The following table describes the

ZyWALL 10~100 Series Internet Security Gateway Content Filtering Screens 13-7 13.4 Configuring iCard Use this screen to re-register the ZyWALL afte

ZyWALL 10~100 Series Internet Security Gateway List of Figures xix Figure 9-1 How NAT Works ...

ZyWALL 10~100 Series Internet Security Gateway 13-8 Content Filtering Screens Table 13-3 Content Filter: iCard LABEL DESCRIPTION Company Type th

ZyWALL 10~100 Series Internet Security Gateway Content Filtering Screens 13-9 Table 13-4 Content Filter: List Update LABEL DESCRIPTION Download Now

ZyWALL 10~100 Series Internet Security Gateway 13-10 Content Filtering Screens Figure 13-5 Content Filter: Exempt Zone The following table descr

ZyWALL 10~100 Series Internet Security Gateway Content Filtering Screens 13-11 Table 13-5 Content Filter: Exempt Zone LABEL DESCRIPTION From Addres

ZyWALL 10~100 Series Internet Security Gateway 13-12 Content Filtering Screens Figure 13-6 Content Filter: Customize The following table describ

ZyWALL 10~100 Series Internet Security Gateway Content Filtering Screens 13-13 Table 13-6 Content Filter: Customize LABEL DESCRIPTION Disable all w

ZyWALL 10~100 Series Internet Security Gateway 13-14 Content Filtering Screens 13.8 Configuring Keyword Blocking Use this screen to block sites c

ZyWALL 10~100 Series Internet Security Gateway Content Filtering Screens 13-15 Table 13-7 Content Filter: Keyword Blocking LABEL DESCRIPTION Add Cl

VPN/IPSec VI Part VI: VPN/IPSec This part provides information on how to configure VPN/IPSec.

ZyWALL 10~100 Series Internet Security Gateway ii Copyright Copyright Copyright © 2003 by ZyXEL Communications Corporation. The contents of this publ

ZyWALL 10~100 Series Internet Security Gateway xx List of Figures Figure 15-4 VPN IKE ...

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 14-1 Chapter 14 Introduction to IPSec This chapter introduces the basics of IP

ZyWALL 10~100 Series Internet Security Gateway 14-2 Introduction to IPSec Figure 14-1 Encryption and Decryption  Data Confidentiality The IPSec

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 14-3 Figure 14-2 VPN Application 14.2 IPSec Architecture The overall IPSec ar

ZyWALL 10~100 Series Internet Security Gateway 14-4 Introduction to IPSec Figure 14-3 IPSec Architecture 14.2.1 IPSec Algorithms The ESP (Encapsu

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 14-5 14.3 Encapsulation The two modes of operation for IPSec VPNs are Transpor

ZyWALL 10~100 Series Internet Security Gateway 14-6 Introduction to IPSec A NAT device in between the IPSec endpoints will rewrite either the sour

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-1 Chapter 15 VPN Screens This chapter introduces the VPN Web Configurator. See the

ZyWALL 10~100 Series Internet Security Gateway 15-2 VPN Screens Table 15-1 AH and ESP ESP AH Select DES for minimal security and 3DES for maximum. S

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-3 for telecommuters initiating a VPN tunnel to the company network. See section 15.17

ZyWALL 10~100 Series Internet Security Gateway List of Figures xxi Figure 20-8 Firmware Upload Error ...

ZyWALL 10~100 Series Internet Security Gateway 15-4 VPN Screens Figure 15-2 Summary The following table describes the fields in this screen. Table

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-5 Table 15-2 Summary LABEL DESCRIPTION Local Address This is the IP address(es) of c

ZyWALL 10~100 Series Internet Security Gateway 15-6 VPN Screens 15.6 Keep Alive When you initiate an IPSec tunnel with keep alive enabled, the ZyWAL

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-7  Enable NAT traversal on both IPSec endpoints. In order for IPSec router A (see th

ZyWALL 10~100 Series Internet Security Gateway 15-8 VPN Screens Table 15-4 Peer ID Type and Content Fields PEER ID TYPE= CONTENT= DNS Type a domai

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-9 15.9 Pre-Shared Key A pre-shared key identifies a communicating party during a phas

ZyWALL 10~100 Series Internet Security Gateway 15-10 VPN Screens Figure 15-4 VPN IKE The following table describes the fields in this screen.

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-11 Table 15-7 VPN IKE LABEL DESCRIPTION Active Select this check box to activate thi

ZyWALL 10~100 Series Internet Security Gateway 15-12 VPN Screens Table 15-7 VPN IKE LABEL DESCRIPTION End/ Subnet Mask When the Address Type field i

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-13 Table 15-7 VPN IKE LABEL DESCRIPTION Content When you select IP in the Local ID Ty

ZyWALL 10~100 Series Internet Security Gateway xxii List of Figures Figure 27-2 Menu 11.1: Remote Node Profile for Ethernet Encapsulation ...

ZyWALL 10~100 Series Internet Security Gateway 15-14 VPN Screens Table 15-7 VPN IKE LABEL DESCRIPTION Content When you select IP in the Peer ID Type

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-15 Table 15-7 VPN IKE LABEL DESCRIPTION Authentication Algorithm Select SHA1 or MD5 f

ZyWALL 10~100 Series Internet Security Gateway 15-16 VPN Screens Figure 15-5 Two Phases to Set Up the IPSec SA In phase 1 you must:  Choose a nego

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-17  Main Mode ensures the highest level of security when the communicating parties a

ZyWALL 10~100 Series Internet Security Gateway 15-18 VPN Screens Figure 15-6 VPN IKE: Advanced The following table describes the fields in this scr

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-19 Table 15-8 VPN IKE: Advanced LABEL DESCRIPTION Enable Replay Detection As a VPN se

ZyWALL 10~100 Series Internet Security Gateway 15-20 VPN Screens Table 15-8 VPN IKE: Advanced LABEL DESCRIPTION Encryption Algorithm Select DES or 3

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-21 Table 15-8 VPN IKE: Advanced LABEL DESCRIPTION SA Life Time (seconds) Define the l

ZyWALL 10~100 Series Internet Security Gateway 15-22 VPN Screens Figure 15-7 Manual Setup The following table describes the fields in this screen.

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-23 Table 15-9 VPN Manual Setup LABEL DESCRIPTION Name Type up to 32 characters to id

ZyWALL 10~100 Series Internet Security Gateway List of Figures xxiii Figure 31-8 Menu 21.1.4.1: Generic Filter Rule...

ZyWALL 10~100 Series Internet Security Gateway 15-24 VPN Screens Table 15-9 VPN Manual Setup LABEL DESCRIPTION Address Start address on the network

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-25 Table 15-9 VPN Manual Setup LABEL DESCRIPTION AH Select AH if you want to use AH (

ZyWALL 10~100 Series Internet Security Gateway 15-26 VPN Screens Figure 15-8 SA Monitor The following table describes the fields in this screen. Ta

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-27 Table 15-10 SA Monitor LABEL DESCRIPTION Previous Page (if applicable) Click Prev

ZyWALL 10~100 Series Internet Security Gateway 15-28 VPN Screens Table 15-11 SA Monitor LABEL DESCRIPTION Allow Through IP/Sec Tunnel Select this c

ZyWALL 10~100 Series Internet Security Gateway VPN Screens 15-29 Figure 15-10 Telecommuters Sharing One VPN Rule Example 15.17.2 Telecommuters Us

ZyWALL 10~100 Series Internet Security Gateway 15-30 VPN Screens Figure 15-11 Telecommuters Using Unique VPN Rules Example 15.18 VPN and Remote Man

Remote Management and UPnP VII Part VII: Remote Management and UPnP This part provides information and configuration instructions for remote mana

ZyWALL 10~100 Series Internet Security Gateway Remote Management Screens 16-1 Chapter 16 Remote Management Screens This chapter provides informatio

ZyWALL 10~100 Series Internet Security Gateway xxiv List of Figures Figure 35-3 Call Control...

ZyWALL 10~100 Series Internet Security Gateway 16-2 Remote Management Screens 3. The IP address in the Secured Client IP field does not match the

ZyWALL 10~100 Series Internet Security Gateway Remote Management Screens 16-3 Figure 16-1 Telnet Configuration on a TCP/IP Network 16.3 Configurin

ZyWALL 10~100 Series Internet Security Gateway 16-4 Remote Management Screens Table 16-1 Telnet LABEL DESCRIPTION Server Port You may change the s

ZyWALL 10~100 Series Internet Security Gateway Remote Management Screens 16-5 Figure 16-3 FTP The following table describes the fields in this scr

ZyWALL 10~100 Series Internet Security Gateway 16-6 Remote Management Screens Figure 16-4 WWW The following table describes the fields in this scr

ZyWALL 10~100 Series Internet Security Gateway Remote Management Screens 16-7 16.6 Configuring SNMP Simple Network Management Protocol is a protoco

ZyWALL 10~100 Series Internet Security Gateway 16-8 Remote Management Screens An agent is a management software module that resides in a managed de

ZyWALL 10~100 Series Internet Security Gateway Remote Management Screens 16-9 Table 16-4 SNMP Traps 4 authenticationFailure (defined in RFC-1215)

ZyWALL 10~100 Series Internet Security Gateway 16-10 Remote Management Screens Figure 16-6 SNMP The following table describes the fields in this s

ZyWALL 10~100 Series Internet Security Gateway Remote Management Screens 16-11 Table 16-5 SNMP LABEL DESCRIPTION Trusted Host If you enter a trust

ZyWALL 10~100 Series Internet Security Gateway List of Tables xxv List of Tables Table 1-1 Model Specific Features...

ZyWALL 10~100 Series Internet Security Gateway 16-12 Remote Management Screens Figure 16-7 DNS The following table describes the fields in this sc

ZyWALL 10~100 Series Internet Security Gateway Remote Management Screens 16-13 If an outside user attempts to probe an unsupported port on your ZyW

ZyWALL 10~100 Series Internet Security Gateway 16-14 Remote Management Screens Table 16-7 Security LABEL DESCRIPTION Do not respond to requests for

ZyWALL 10~100 Series Internet Security Gateway UPnP 17-1 Chapter 17 UPnP This chapter introduces the Universal Plug and Play feature. UPnP applies t

ZyWALL 10~100 Series Internet Security Gateway 17-2 UPnP See the SUA/NAT chapter for further information about NAT. 17.1.3 Cautions with UPnP The au

ZyWALL 10~100 Series Internet Security Gateway UPnP 17-3 Figure 17-1 Configuring UPnP The following table describes the fields in this screen. Tabl

ZyWALL 10~100 Series Internet Security Gateway 17-4 UPnP Table 17-1 Configuring UPnP FIELD DESCRIPTION Allow UPnP to pass through firewall Select

ZyWALL 10~100 Series Internet Security Gateway UPnP 17-5 In the Communications window, select the Universal Plug and Play check box in the Component

ZyWALL 10~100 Series Internet Security Gateway 17-6 UPnP In the Networking Services window, select the Universal Plug and Play check box. Click OK t

ZyWALL 10~100 Series Internet Security Gateway UPnP 17-7 In the Internet Connection Properties window, click Settings to see the port mappings that

ZyWALL 10~100 Series Internet Security Gateway xxvi List of Tables Table 11-1 Common IP Ports...

ZyWALL 10~100 Series Internet Security Gateway 17-8 UPnP Double-click the icon to display your current Internet connection status. 17.5.2 Web Config

ZyWALL 10~100 Series Internet Security Gateway UPnP 17-9 An icon with the description for each UPnP-enabled device displays under Local Network. Ri

Bandwidth Management VIII Part VIII: Bandwidth Management This part provides information on the functions and configuration of bandwidth manageme

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-1 Chapter 18 Bandwidth Management Screens This chapter describes the

ZyWALL 10~100 Series Internet Security Gateway 18-2 Bandwidth Management Screens application and/or subnet. Use the Class Configuration tab (see se

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-3 Figure 18-1 Application-based Bandwidth Management Example 18.4.2

ZyWALL 10~100 Series Internet Security Gateway 18-4 Bandwidth Management Screens Table 18-1 Application and Subnet-based Bandwidth Management Examp

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-5 18.5.1 Priority-based Scheduler With the priority-based scheduler,

ZyWALL 10~100 Series Internet Security Gateway List of Tables xxvii Table 18-4 Bandwidth Manager: Class Configuration ...

ZyWALL 10~100 Series Internet Security Gateway 18-6 Bandwidth Management Screens Step 2. Do not enable the interface’s Maximize Bandwidth Usage op

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-7 In this case, suppose that all of the classes except for the admin

ZyWALL 10~100 Series Internet Security Gateway 18-8 Bandwidth Management Screens 18.7 Bandwidth Borrowing Bandwidth borrowing allows a child-class

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-9 Figure 18-6 Bandwidth Borrowing Example  The Bill class can borr

ZyWALL 10~100 Series Internet Security Gateway 18-10 Bandwidth Management Screens  The Bill class cannot borrow unused bandwidth from the Root cla

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-11 Figure 18-7 Bandwidth Manager: Summary The following table descr

ZyWALL 10~100 Series Internet Security Gateway 18-12 Bandwidth Management Screens Table 18-2 Bandwidth Manager: Summary LABEL DESCRIPTION LAN WAN D

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-13 The example reserves 15 Mbps of unbudgeted bandwidth for traffic

ZyWALL 10~100 Series Internet Security Gateway 18-14 Bandwidth Management Screens Table 18-3 Bandwidth Manager: Class Setup LABEL DESCRIPTION Edit

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-15 The following table describes the fields in this screen. Table 18

ZyWALL 10~100 Series Internet Security Gateway xxviii List of Tables Table 29-2 SUA Address Mapping Rules ...

ZyWALL 10~100 Series Internet Security Gateway 18-16 Bandwidth Management Screens Table 18-4 Bandwidth Manager: Class Configuration LABEL DESCRIPTI

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-17 Figure 18-10 Bandwidth Management Statistics The following tabl

ZyWALL 10~100 Series Internet Security Gateway 18-18 Bandwidth Management Screens Table 18-6 Bandwidth Management Statistics LABEL DESCRIPTION Clea

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management Screens 18-19 LABEL DESCRIPTION Interface Select an interface from the drop-do

Logs IX Part IX: Logs This part provides information and instructions for the logs and reports.

ZyWALL 10~100 Series Internet Security Gateway Log Screens 19-1 Chapter 19 Logs Screens This chapter contains information about configuring general

ZyWALL 10~100 Series Internet Security Gateway 19-2 Log Screens Figure 19-1 View Log The following table describes the fields in this screen.

ZyWALL 10~100 Series Internet Security Gateway Log Screens 19-3 Table 19-1 View Log LABEL DESCRIPTION Display The categories that you select in th

ZyWALL 10~100 Series Internet Security Gateway Preface xxix Preface About Your ZyWALL Congratulations on your purchase of the ZyWALL Internet Securi

ZyWALL 10~100 Series Internet Security Gateway 19-4 Log Screens Figure 19-2 Log Settings (ZyWALL 10W) The following table describes the fields in th

ZyWALL 10~100 Series Internet Security Gateway Log Screens 19-5 Table 19-2 Log Settings Screen (ZyWALL 10W) LABEL DESCRIPTION Address Info Mail Se

ZyWALL 10~100 Series Internet Security Gateway 19-6 Log Screens Table 19-2 Log Settings Screen (ZyWALL 10W) LABEL DESCRIPTION Send Immediate Alert

ZyWALL 10~100 Series Internet Security Gateway Log Screens 19-7 Figure 19-3 Reports Enabling the ZyWALL’s reporting function decreases the overall

ZyWALL 10~100 Series Internet Security Gateway 19-8 Log Screens All of the recorded reports data is erased when you turn off the ZyWALL. 19.3.1 Viewi

ZyWALL 10~100 Series Internet Security Gateway Log Screens 19-9 Figure 19-4 Web Site Hits Report Example The following table describes the fields

ZyWALL 10~100 Series Internet Security Gateway 19-10 Log Screens 19.3.2 Viewing Protocol/Port In the Reports screen, select Protocol/Port from the Re

ZyWALL 10~100 Series Internet Security Gateway Log Screens 19-11 19.3.3 Viewing LAN IP Address In the Reports screen, select LAN IP Address from th

ZyWALL 10~100 Series Internet Security Gateway 19-12 Log Screens 19.3.4 Reports Specifications The following table lists detailed specifications on t

Maintenance X Part X: Maintenance This part covers the maintenance screens.

ZyWALL 10~100 Series Internet Security Gateway FCC iii Federal Communications Commission (FCC) Interference Statement This device complies with Part

ZyWALL 10~100 Series Internet Security Gateway xxx Preface Please refer to www.zyxel.com for an online glossary of networking terms and additional

ZyWALL 10~100 Series Internet Security Gateway Maintenance 20-1 Chapter 20 Maintenance This chapter displays system information such as ZyNOS firmwar

ZyWALL 10~100 Series Internet Security Gateway 20-2 Maintenance Table 20-1 System Status LABEL DESCRIPTION System Name This is the System Name you

ZyWALL 10~100 Series Internet Security Gateway Maintenance 20-3 Figure 20-2 System Status: Show Statistics The following table describes the fields

ZyWALL 10~100 Series Internet Security Gateway 20-4 Maintenance Table 20-2 System Status: Show Statistics LABEL DESCRIPTION Stop Click Stop to stop

ZyWALL 10~100 Series Internet Security Gateway Maintenance 20-5 Table 20-3 DHCP Table LABEL DESCRIPTION MAC Address This field shows the MAC address

ZyWALL 10~100 Series Internet Security Gateway 20-6 Maintenance Figure 20-5 Firmware Upload LABEL DESCRIPTION File Path Type in the location of the

ZyWALL 10~100 Series Internet Security Gateway Maintenance 20-7 If the upload was not successful, the following screen will appear. Click Return to

ZyWALL 10~100 Series Internet Security Gateway 20-8 Maintenance Figure 20-9 Configuration 20.5.1 Back to Factory Defaults Pressing the Reset button

ZyWALL 10~100 Series Internet Security Gateway Maintenance 20-9 Figure 20-10 Reset Warning Message You can also press the RESET button on the rear p

Getting Started I Part I: Getting Started This part helps you get to know your ZyWALL, introduces the web configurator and covers how to config

ZyWALL 10~100 Series Internet Security Gateway 20-10 Maintenance Figure 20-11 Configuration Upload Successful The device automatically restarts in t

ZyWALL 10~100 Series Internet Security Gateway Maintenance 20-11 Figure 20-13 Configuration Upload Error 20.6 Restart Screen System restart allows

SMT General Configuration XI Part XI: SMT General Configuration This part introduces the System Management Terminal and covers the General setup

ZyWALL 10~100 Series Internet Security Gateway Introducing the SMT 21-1 Chapter 21 Introducing the SMT This chapter explains how to access the Sy

ZyWALL 10~100 Series Internet Security Gateway 21-2 Introducing the SMT For your first login, enter the default password “1234”. As you type the pa

ZyWALL 10~100 Series Internet Security Gateway Introducing the SMT 21-3 Table 21-1 Main Menu Commands OPERATION KEYSTROKES DESCRIPTION N/A fields

ZyWALL 10~100 Series Internet Security Gateway 21-4 Introducing the SMT Table 21-2 Main Menu Summary NO. Menu Title FUNCTION 3 LAN Setup Use th

ZyWALL 10~100 Series Internet Security Gateway Introducing the SMT 21-5 21.3.2 SMT Menus at a Glance The available SMT screens vary by ZyWALL mod

ZyWALL 10~100 Series Internet Security Gateway 21-6 Introducing the SMT Figure 21-5 Advanced Management SMT Menus

ZyWALL 10~100 Series Internet Security Gateway Introducing the SMT 21-7 Figure 21-6 Schedule Setup and IPSec VPN Configuration SMT Menus 21.4 Cha

ZyWALL 10~100 Series Internet Security Gateway 21-8 Introducing the SMT 21.5 Resetting the ZyWALL If you forget your password or cannot access the

ZyWALL 10~100 Series Internet Security Gateway Introducing the SMT 21-9 Step 1. Press the RESET button for ten seconds, and then release it. If th

ZyWALL 10~100 Series Internet Security Gateway SMT Menu 1 – General Setup 22-1 Chapter 22 SMT Menu 1 - General Setup Menu 1 - General Setup contai

ZyWALL 10~100 Series Internet Security Gateway 22-2 SMT Menu 1 – General Setup Table 22-1 General Setup Menu Field FIELD DESCRIPTION EXAMPLE Do

ZyWALL 10~100 Series Internet Security Gateway SMT Menu 1 – General Setup 22-3 Table 22-2 Configure Dynamic DNS Menu Fields FIELD DESCRIPTION E

ZyWALL 10~100 Series Internet Security Gateway 22-4 SMT Menu 1 – General Setup Table 22-2 Configure Dynamic DNS Menu Fields FIELD DESCRIPTION E

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 23-1 Chapter 23 WAN and Dial Backup Setup This chapter describes how to c

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-1 Chapter 1 Getting to Know Your ZyWALL This chapter introduces the m

ZyWALL 10~100 Series Internet Security Gateway 23-2 WAN and Dial Backup Setup Table 23-1 MAC Address Cloning in WAN Setup FIELD DESCRIPTION EXAMP

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 23-3 Figure 23-2 Menu 2: Dial Backup Setup The following table describ

ZyWALL 10~100 Series Internet Security Gateway 23-4 WAN and Dial Backup Setup Table 23-2 Menu 2: Dial Backup Setup FIELD DESCRIPTION EXAMPLE When

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 23-5 Table 23-3 Advanced WAN Port Setup: AT Commands Fields FIELD DESCRI

ZyWALL 10~100 Series Internet Security Gateway 23-6 WAN and Dial Backup Setup Table 23-4 Advanced WAN Port Setup: Call Control Parameters FIELD D

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 23-7 Table 23-5 Fields in Menu 11.1 Remote Node Profile (Backup ISP) FIELD

ZyWALL 10~100 Series Internet Security Gateway 23-8 WAN and Dial Backup Setup Table 23-5 Fields in Menu 11.1 Remote Node Profile (Backup ISP) FIELD

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 23-9 Figure 23-5 Menu 11.2: Remote Node PPP Options This table describes

ZyWALL 10~100 Series Internet Security Gateway 23-10 WAN and Dial Backup Setup 23.8 Editing TCP/IP Options Move the cursor to the Edit IP field in

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 23-11 Table 23-6 Remote Node Network Layer Options Menu Fields FIELD DESC

ZyWALL 10~100 Series Internet Security Gateway 1-2 Getting to Know Your ZyWALL 1.1.5 ZyWALL 100 Internet Security Gateway for Small to Medium Busi

ZyWALL 10~100 Series Internet Security Gateway 23-12 WAN and Dial Backup Setup Table 23-6 Remote Node Network Layer Options Menu Fields FIELD DESC

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 23-13 manual call and watch the trace display to see if the sequence of me

ZyWALL 10~100 Series Internet Security Gateway 23-14 WAN and Dial Backup Setup Use menu 11.5 to specify the filter set(s) to apply to the incoming

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 24-1 Chapter 24 LAN Setup This chapter describes how to configure the LAN using Menu 3: L

ZyWALL 10~100 Series Internet Security Gateway 24-2 LAN Setup Figure 24-2 Menu 3.1: LAN Port Filter Setup 24.4 TCP/IP and DHCP Ethernet Setup Men

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 24-3 Figure 24-4 Menu 3.2: TCP/IP and DHCP Ethernet Setup Follow the instructions in the n

ZyWALL 10~100 Series Internet Security Gateway 24-4 LAN Setup Table 24-1 DHCP Ethernet Setup Menu Fields FIELD DESCRIPTION EXAMPLE DHCP Server Addr

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 24-5 24.4.1 IP Alias Setup You must use menu 3.2 to configure the first network. Move the

ZyWALL 10~100 Series Internet Security Gateway 24-6 LAN Setup Table 24-3 IP Alias Setup Menu Fields FIELD DESCRIPTION EXAMPLE Incoming Protocol F

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 24-7 The settings of all client stations on the wireless LAN must match those of the ZyWAL

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-3 PCMCIA Port The PCMCIA port provides the option of a wireless LAN. T

ZyWALL 10~100 Series Internet Security Gateway 24-8 LAN Setup

ZyWALL 10~100 Series Internet Security Gateway DMZ Setup 25-1Chapter 25 DMZ Setup This chapter describes how to configure the ZyWALL 100’s DMZ usin

ZyWALL 10~100 Series Internet Security Gateway 25-2 DMZ Setup 25.3 TCP/IP Setup For more detailed information about RIP setup, IP Multicast and IP al

ZyWALL 10~100 Series Internet Security Gateway DMZ Setup 25-3 Figure 25-4 Menu 5.2: TCP/IP Setup The TCP/IP setup fields are the same as the ones i

ZyWALL 10~100 Series Internet Security Gateway 25-4 DMZ Setup Figure 25-5 Menu 5.2.1: IP Alias Setup Refer to Table 24-3 for instructions on configu

ZyWALL 10~100 Series Internet Security Gateway Internet Access 26-1Chapter 26 Internet Access This chapter shows you how to configure your ZyWALL f

ZyWALL 10~100 Series Internet Security Gateway 26-2 Internet Access Table 26-1 Menu 4: Internet Access Setup Menu Fields FIELD DESCRIPTION Encapsul

ZyWALL 10~100 Series Internet Security Gateway Internet Access 26-3Table 26-1 Menu 4: Internet Access Setup Menu Fields FIELD DESCRIPTION Network

ZyWALL 10~100 Series Internet Security Gateway 26-4 Internet Access Figure 26-2 Internet Access Setup (PPTP) The following table contains instruction

ZyWALL 10~100 Series Internet Security Gateway Internet Access 26-5 Figure 26-3 Internet Access Setup (PPPoE) The following table describes the fie

ZyWALL 10~100 Series Internet Security Gateway 1-4 Getting to Know Your ZyWALL administrator to define time periods and days during which content f

SMT Advanced Applications XII Part XII: SMT Advanced Applications This part covers setting up remote nodes, IP static routes and Network Address

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 27-1 Chapter 27 Remote Node Setup This chapter shows you how to configure a remote

ZyWALL 10~100 Series Internet Security Gateway 27-2 Remote Node Setup Figure 27-1 Menu 11 Remote Node Setup 27.3 Remote Node Profile Setup The fo

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 27-3 Figure 27-2 Menu 11.1: Remote Node Profile for Ethernet Encapsulation The fol

ZyWALL 10~100 Series Internet Security Gateway 27-4 Remote Node Setup Table 27-1 Fields in Menu 11.1 FIELD DESCRIPTION EXAMPLE My Password Ente

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 27-5 Figure 27-3 Menu 11.1: Remote Node Profile for PPPoE Encapsulation Outgoing

ZyWALL 10~100 Series Internet Security Gateway 27-6 Remote Node Setup Metric See the Metric section in the WAN and Dial Backup Setup chapter for de

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 27-7 Figure 27-4 Menu 11.1: Remote Node Profile for PPTP Encapsulation The next t

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-5 IP Multicast Deliver IP packets to a specific group of hosts using I

ZyWALL 10~100 Series Internet Security Gateway 27-8 Remote Node Setup Table 27-3 Fields in Menu 11.1 (PPTP Encapsulation) FIELD DESCRIPTION EXAMP

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 27-9 Table 27-4 Remote Node Network Layer Options Menu Fields FIELD DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway 27-10 Remote Node Setup Table 27-4 Remote Node Network Layer Options Menu Fields FIELD DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 27-11 Figure 27-6 Menu 11.5: Remote Node Filter (Ethernet Encapsulation) Figure 27

ZyWALL 10~100 Series Internet Security Gateway 27-12 Remote Node Setup Figure 27-8 Menu 11.1: Remote Node Profile To configure traffic redirect pro

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 27-13 Figure 27-9 Menu 11.6: Traffic Redirect Setup The following table describes

ZyWALL 10~100 Series Internet Security Gateway 27-14 Remote Node Setup Table 27-6 Menu 11.6: Traffic Redirect Setup FIELD DESCRIPTION EXAMPLE Che

ZyWALL 10~100 Series Internet Security Gateway IP Static Route Setup 28-1Chapter 28 IP Static Route Setup This chapter shows you how to configure

ZyWALL 10~100 Series Internet Security Gateway 28-2 IP Static Route Setup Figure 28-2 Menu 12. 1: Edit IP Static Route `The following table describ

ZyWALL 10~100 Series Internet Security Gateway IP Static Route Setup 28-3Table 28-1 IP Static Route Menu Fields FIELD DESCRIPTION Private This pa

ZyWALL 10~100 Series Internet Security Gateway 1-6 Getting to Know Your ZyWALL capability, enabled by default, which means it can assign IP address

ZyWALL 10~100 Series Internet Security Gateway NAT 29-1Chapter 29 Network Address Translation (NAT) This chapter discusses how to configure NAT on t

ZyWALL 10~100 Series Internet Security Gateway 29-2 NAT . Figure 29-1 Menu 4: Applying NAT for Internet Access The following figure shows how you app

ZyWALL 10~100 Series Internet Security Gateway NAT 29-3 Figure 29-2 Menu 11.3: Applying NAT to the Remote Node The following table describes the fiel

ZyWALL 10~100 Series Internet Security Gateway 29-4 NAT 29.2 NAT Setup Use the address mapping sets menus and submenus to create the mapping table us

ZyWALL 10~100 Series Internet Security Gateway NAT 29-5 Figure 29-4 Menu 15.1: Address Mapping Sets SUA Address Mapping Set Enter 255 to display the

ZyWALL 10~100 Series Internet Security Gateway 29-6 NAT Menu 15.1.255 is read-only. Table 29-2 SUA Address Mapping Rules FIELD DESCRIPTION EXAMPLE

ZyWALL 10~100 Series Internet Security Gateway NAT 29-7The entire set will be deleted if you leave the Set Name field blank and press [ENTER] are the

ZyWALL 10~100 Series Internet Security Gateway 29-8 NAT Table 29-3 Fields in Menu 15.1.1 FIELD DESCRIPTION EXAMPLE Action The default is Edit. Edit

ZyWALL 10~100 Series Internet Security Gateway NAT 29-9Table 29-4 Menu 15.1.1.1: Editing/Configuring an Individual Rule in a Set FIELD DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-7 Table 1-1 Model Specific Features ZYWALL MODEL FEATURES 100 50 30W

ZyWALL 10~100 Series Internet Security Gateway 29-10 NAT Step 5. Press [ENTER] at the “Press ENTER to confirm …” prompt to save your configuration

ZyWALL 10~100 Series Internet Security Gateway NAT 29-1129.4 General NAT Examples The following are some examples of NAT configuration. 29.4.1 Intern

ZyWALL 10~100 Series Internet Security Gateway 29-12 NAT From menu 4 shown above, simply choose the SUA Only option from the Network Address Transla

ZyWALL 10~100 Series Internet Security Gateway NAT 29-13 Figure 29-13 Menu 15.2: Specifying an Inside Server 29.4.3 Example 3: Multiple Public IP Add

ZyWALL 10~100 Series Internet Security Gateway 29-14 NAT Figure 29-14 NAT Example 3 Step 1. In this case you need to configure Address Mapping Se

ZyWALL 10~100 Series Internet Security Gateway NAT 29-15 Figure 29-15 Example 3: Menu 11.3 The following figure shows how to configure the first rule

ZyWALL 10~100 Series Internet Security Gateway 29-16 NAT Figure 29-17 Example 3: Final Menu 15.1.1 Now configure the IGA3 to map to our web server

ZyWALL 10~100 Series Internet Security Gateway NAT 29-1729.4.4 Example 4: NAT Unfriendly Application Programs Some applications do not support NAT Ma

ZyWALL 10~100 Series Internet Security Gateway 29-18 NAT Figure 29-20 Example 4: Menu 15.1.1.1: Address Mapping Rule After you’ve configured your r

ZyWALL 10~100 Series Internet Security Gateway NAT 29-19the server on the WAN) to the IP address of a computer on the client side (LAN). The problem

ZyWALL 10~100 Series Internet Security Gateway iv Information for Canadian Users Information for Canadian Users The Industry Canada label identifie

ZyWALL 10~100 Series Internet Security Gateway 1-8 Getting to Know Your ZyWALL 1.2.4 ZyWALL 100 Note The ZyWALL 100 is designed to act as a secure

ZyWALL 10~100 Series Internet Security Gateway 29-20 NAT 5. Only Jane can connect to the Real Audio server until the connection is closed or times

ZyWALL 10~100 Series Internet Security Gateway NAT 29-21Table 29-5 Menu 15.3: Trigger Port Setup Description FIELD DESCRIPTION EXAMPLE Rule This i

ZyWALL 10~100 Series Internet Security Gateway Introducing the ZyXEL Firewall 30-1 Chapter 30 Introducing the ZyWALL Firewall This chapter shows y

ZyWALL 10~100 Series Internet Security Gateway 30-2 Introducing the ZyXEL Firewall 30.1.1 Activating the Firewall Enter option 2 in this menu t

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-1Chapter 31 Filter Configuration This chapter shows you how to create and ap

ZyWALL 10~100 Series Internet Security Gateway 31-2 Filter Configuration Figure 31-1 Outgoing Packet Filtering Process For incoming packets, your Zy

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-3StartFetch FirstFilter SetFetch FirstFilter RuleActive?ExecuteFilter RuleFe

ZyWALL 10~100 Series Internet Security Gateway 31-4 Filter Configuration You can apply up to four filter sets to a particular port to block multiple

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-5Step 4. Enter a descriptive name or comment in the Edit Comments field and

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-9 Figure 1-1 Secure Internet Access via Cable, DSL or Wireless Modem

ZyWALL 10~100 Series Internet Security Gateway 31-6 Filter Configuration Table 31-2 Rule Abbreviations Used ABBREVIATION DESCRIPTION IP Pr Protocol

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-7To configure TCP/IP rules, select TCP/IP Filter Rule from the Filter Type f

ZyWALL 10~100 Series Internet Security Gateway 31-8 Filter Configuration Table 31-3 TCP/IP Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Port #

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-9Table 31-3 TCP/IP Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Log Pr

ZyWALL 10~100 Series Internet Security Gateway 31-10 Filter Configuration Packetinto IP FilterMatchedMatchedYesAction MatchedAction Not MatchedMore?N

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-1131.2.3 Configuring a Generic Filter Rule This section shows you how to co

ZyWALL 10~100 Series Internet Security Gateway 31-12 Filter Configuration Table 31-4 Generic Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Fil

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-1331.3 Example Filter Let’s look at an example to block outside users from a

ZyWALL 10~100 Series Internet Security Gateway 31-14 Filter Configuration Step 6. Enter 1 to configure the first filter rule (the only filter rule

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-15 Figure 31-11 Example Filter Rules Summary: Menu 21.1.3 After you’ve creat

ZyWALL 10~100 Series Internet Security Gateway 1-10 Getting to Know Your ZyWALL Figure 1-2 VPN Application

ZyWALL 10~100 Series Internet Security Gateway 31-16 Filter Configuration Address Translation) is enabled, the inside IP address and port number are

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 31-17If you do not activate the firewall, it is advisable to apply filters. 31.

ZyWALL 10~100 Series Internet Security Gateway 31-18 Filter Configuration Figure 31-14Filtering DMZ Traffic 31.6.3 Applying Remote Node Filters Go t

ZyWALL 10~100 Series Internet Security Gateway SNMP Configuration 32-1 Chapter 32 SNMP Configuration This chapter explains SNMP configuration menu

ZyWALL 10~100 Series Internet Security Gateway 32-2 SNMP Configuration Table 32-1 SNMP Configuration Menu Fields FIELD DESCRIPTION EXAMPLE Trap C

SMT System Maintenance XIII Part XIII: SMT System Maintenance This part covers system information and diagnosis, firmware and configuration file

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 33-1 Chapter 33 System Information & Diagnosis This chapter co

ZyWALL 10~100 Series Internet Security Gateway 33-2 System Information and Diagnosis monitor your ZyWALL. Specifically, it gives you information o

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 33-3 Table 33-1 System Maintenance: Status Menu Fields FIELD DESCR

ZyWALL 10~100 Series Internet Security Gateway Introducing the Web Configurator 2-1 Chapter 2 Introducing the Web Configurator This chapt

ZyWALL 10~100 Series Internet Security Gateway 33-4 System Information and Diagnosis Step 1. Enter 24 to go to Menu 24 – System Maintenance. Ste

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 33-5 Table 33-2 Fields in System Maintenance: Information FIELD DE

ZyWALL 10~100 Series Internet Security Gateway 33-6 System Information and Diagnosis 33.4 Log and Trace There are two logging facilities in the Zy

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 33-7 Figure 33-7 Examples of Error and Information Messages 33.4.2

ZyWALL 10~100 Series Internet Security Gateway 33-8 System Information and Diagnosis You need to configure the UNIX syslog parameters described in

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 33-9 2. Packet triggered Packet triggered Message Format SdcmdSys

ZyWALL 10~100 Series Internet Security Gateway 33-10 System Information and Diagnosis 5. Firewall log Firewall Log Message Format SdcmdSyslogSend

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 33-11 Figure 33-9 Call-Triggering Packet Example 33.5 Diagnostic

ZyWALL 10~100 Series Internet Security Gateway 33-12 System Information and Diagnosis Step 2. From this menu, select option 4. Diagnostic. This w

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 33-13 Figure 33-11 WAN & LAN DHCP The following table describ

ZyWALL 10~100 Series Internet Security Gateway 2-2 Introducing the Web Configurator The ZyWALL automatically times out after five minutes of inact

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-1 Chapter 34 Firmware and Configuration File Maintena

ZyWALL 10~100 Series Internet Security Gateway 34-2 Firmware and Configuration File Maintenance This is a sample FTP session showing the transfer o

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-3 preferred method for backing up your current config

ZyWALL 10~100 Series Internet Security Gateway 34-4 Firmware and Configuration File Maintenance Step 6. Use “get” to transfer files from the ZyWAL

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-5 Table 34-2 General Commands for GUI-based FTP Clien

ZyWALL 10~100 Series Internet Security Gateway 34-6 Firmware and Configuration File Maintenance Step 5. Use the TFTP client (see the example below

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-7 34.3.9 Backup Via Console Port Back up configuratio

ZyWALL 10~100 Series Internet Security Gateway 34-8 Firmware and Configuration File Maintenance Figure 34-6 Successful Backup Confirmation Screen

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-9 Figure 34-7 Telnet into Menu 24.6 Step 1. Launch

ZyWALL 10~100 Series Internet Security Gateway Introducing the Web Configurator 2-3 Figure 2-2 Example Xmodem Upload Step 12. After succ

ZyWALL 10~100 Series Internet Security Gateway 34-10 Firmware and Configuration File Maintenance 34.4.2 Restore Using FTP Session Example Figure 34

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-11 Figure 34-11 Restore Configuration Example Step 4.

ZyWALL 10~100 Series Internet Security Gateway 34-12 Firmware and Configuration File Maintenance WARNING! Do not interrupt the file transfer proces

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-13 34.5.2 Configuration File Upload You see the follo

ZyWALL 10~100 Series Internet Security Gateway 34-14 Firmware and Configuration File Maintenance transfers the configuration file on the ZyWALL to

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-15 Step 3. Enter the command “sys stdio 0” to disabl

ZyWALL 10~100 Series Internet Security Gateway 34-16 Firmware and Configuration File Maintenance 34.5.8 Uploading Firmware File Via Console Port St

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-17 34.5.9 Example Xmodem Firmware Upload Using HyperT

ZyWALL 10~100 Series Internet Security Gateway 34-18 Firmware and Configuration File Maintenance Figure 34-18 Menu 24.7.2 As Seen Using the Consol

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 34-19 Figure 34-19 Example Xmodem Upload After the confi

ZyWALL 10~100 Series Internet Security Gateway 2-4 Introducing the Web Configurator Figure 2-3 The MAIN MENU Screen of the Web Configurator Click

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 35-1 Chapter 35 System Maintenance Menus 8 to 10 This chapte

ZyWALL 10~100 Series Internet Security Gateway 35-2 System Maintenance & Information 35.1.1 Command Syntax The command keywords are in courier

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 35-3 Table 35-1 Valid Commands aux These commands display dia

ZyWALL 10~100 Series Internet Security Gateway 35-4 System Maintenance & Information 35.2.1 Budget Management Menu 24.9.1 shows the budget mana

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 35-5 35.2.2 Call History This is the second option in Menu 24.

ZyWALL 10~100 Series Internet Security Gateway 35-6 System Maintenance & Information 35.3 Time and Date Setting The Real Time Chip (RTC) keep

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 35-7 Figure 35-7 Menu 24.10 System Maintenance: Time and Date

ZyWALL 10~100 Series Internet Security Gateway 35-8 System Maintenance & Information Table 35-4 Time and Date Setting Fields FIELD DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Remote Management 36-1 Chapter 36 Remote Management This chapter covers remote management found in S

ZyWALL 10~100 Series Internet Security Gateway Wizard Setup 3-1 Chapter 3 Wizard Setup This chapter provides information on the Wizard Setup scree

ZyWALL 10~100 Series Internet Security Gateway 36-2 Remote Management To disable remote management of a service, select Disable in the corresponding

ZyWALL 10~100 Series Internet Security Gateway Remote Management 36-3 36.1.1 Remote Management Limitations Remote management over LAN or WAN will n

SMT Advanced Management XIV Part XIV: SMT Advanced Management This part provides information on how to configure IP Policy Routing, call schedu

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 37-1 Chapter 37 IP Policy Routing This chapter covers setting and applying polici

ZyWALL 10~100 Series Internet Security Gateway 37-2 IP Policy Routing address and port, ToS and precedence (fields in the IP header) and length. Th

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 37-3 Step 2. Type the index of the policy set you want to configure to open Menu

ZyWALL 10~100 Series Internet Security Gateway 37-4 IP Policy Routing Table 37-1 IP Routing Policy Setup ABBREVIATION MEANING T Outgoing Type

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 37-5 Table 37-2 IP Routing Policy FIELD DESCRIPTION Active Press [SPACE BAR] and t

ZyWALL 10~100 Series Internet Security Gateway 3-2 Wizard Setup Figure 3-1 Wizard 1 3.3 Wizard Setup: Screen 2 The ZyWALL offers three choices of

ZyWALL 10~100 Series Internet Security Gateway 37-6 IP Policy Routing Table 37-2 IP Routing Policy FIELD DESCRIPTION When you have completed this m

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 37-7 37.6 IP Policy Routing Example If a network has both Internet and remote nod

ZyWALL 10~100 Series Internet Security Gateway 37-8 IP Policy Routing Figure 37-8 IP Routing Policy Example Step 3. Check Menu 25.1 - IP Routing

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 37-9 Step 5. Create a rule in menu 25.1.1 for this set to route packets from any

ZyWALL 10~100 Series Internet Security Gateway 37-10 IP Policy Routing Figure 37-10 Applying IP Policies Menu 3.2 - TCP/IP and DHCP Ethernet Setup

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 38-1 Chapter 38 Call Scheduling Call scheduling allows you to dictate when a remote

ZyWALL 10~100 Series Internet Security Gateway 38-2 Call Scheduling To set up a schedule set, select the schedule set you want to setup from menu 26

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 38-3 Table 38-1Schedule Set Setup Fields FIELD DESCRIPTION OPTIONS Weekday: Day If

ZyWALL 10~100 Series Internet Security Gateway 38-4 Call Scheduling Figure 38-3 Applying Schedule Set(s) to a Remote Node (PPPoE) You can apply up to

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 38-5 Figure 38-4 Applying Schedule Set(s) to a Remote Node (PPTP)

ZyWALL 10~100 Series Internet Security Gateway Wizard Setup 3-3 Figure 3-2 Wizard 2: Ethernet Encapsulation The following table describes the fiel

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 39-1 Chapter 39 VPN/IPSec Setup This chapter introduces the VPN SMT menus. 39.1 In

ZyWALL 10~100 Series Internet Security Gateway 39-2 VPN/IPSec Setup Figure 39-2 Menu 27: VPN/IPSec Setup 39.2 IPSec Summary Screen Type 1 in menu 27

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 39-3 Table 39-1 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE # This is the VP

ZyWALL 10~100 Series Internet Security Gateway 39-4 VPN/IPSec Setup Table 39-1 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE IPSec Algorithm Thi

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 39-5 Table 39-1 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE Remote Addr End W

ZyWALL 10~100 Series Internet Security Gateway 39-6 VPN/IPSec Setup 39.3 IPSec Setup Select Edit in the Select Command field; type the index number o

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 39-7 Table 39-2 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE Keep Alive Press

ZyWALL 10~100 Series Internet Security Gateway 39-8 VPN/IPSec Setup Table 39-2 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE My IP Addr Enter t

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 39-9 Table 39-2 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE Local Local IP a

ZyWALL 10~100 Series Internet Security Gateway Warranty v ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this produ

ZyWALL 10~100 Series Internet Security Gateway 3-4 Wizard Setup Table 3-1 Ethernet Encapsulation LABEL DESCRIPTION Login Server IP Address Type the

ZyWALL 10~100 Series Internet Security Gateway 39-10 VPN/IPSec Setup Table 39-2 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE Remote Remote IP

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 39-11 Table 39-2 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE End Enter a por

ZyWALL 10~100 Series Internet Security Gateway 39-12 VPN/IPSec Setup Figure 39-5 Menu 27.1.1.1: IKE Setup Table 39-3 Menu 27.1.1.1: IKE Setup FIELD

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 39-13 Table 39-3 Menu 27.1.1.1: IKE Setup FIELD DESCRIPTION EXAMPLEEncryption Algori

ZyWALL 10~100 Series Internet Security Gateway 39-14 VPN/IPSec Setup Table 39-3 Menu 27.1.1.1: IKE Setup FIELD DESCRIPTION EXAMPLEPerfect Forward Sec

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 39-15 Figure 39-6 Menu 27.1.1.2: Manual Setup Table 39-5 Menu 27.1.1.2: Manual Setup

ZyWALL 10~100 Series Internet Security Gateway 39-16 VPN/IPSec Setup Table 39-5 Menu 27.1.1.2: Manual Setup FIELD DESCRIPTION EXAMPLE Authentication

ZyWALL 10~100 Series Internet Security Gateway SA Monitor 40-1 Chapter 40 SA Monitor This chapter teaches you how to manage your SAs by using the

ZyWALL 10~100 Series Internet Security Gateway 40-2 SA Monitor Table 40-1 Menu 27.2: SA Monitor FIELD DESCRIPTION EXAMPLE # This is the security ass

Appendices and Index XV Part XV: Appendices and Index This part provides information about hardware specifications, safety warnings, how to chan

ZyWALL 10~100 Series Internet Security Gateway Wizard Setup 3-5 The ZYWALL supports one PPTP server connection at any given time. Figure 3-3 Wizar

ZyWALL 10~100 Series Internet Security Gateway Troubleshooting A Appendix A Troubleshooting This chapter covers potential problems and possible reme

ZyWALL 10~100 Series Internet Security Gateway B Troubleshooting Problems with the LAN Interface Chart 2 Troubleshooting the LAN Interface PROBLEM CO

ZyWALL 10~100 Series Internet Security Gateway Troubleshooting C Problems with the WAN Interface Chart 4 Troubleshooting the WAN Interface PROBLEM C

ZyWALL 10~100 Series Internet Security Gateway D Troubleshooting Problems with the Password Chart 6 Troubleshooting the Password PROBLEM CORRECTIVE A

ZyWALL 10~100 Series Internet Security Gateway Hardware Specifications E Appendix B Hardware Specifications Chart 8 General Specifications Power Sp

ZyWALL 10~100 Series Internet Security Gateway F Hardware Specifications Cable Pin Assignments In a serial communications connection, generally a com

ZyWALL 10~100 Series Internet Security Gateway Hardware Specifications G Chart 10 Ethernet Cable Pin Assignments WAN/LAN/DMZ Ethernet Cable Pin Lay

ZyWALL 10~100 Series Internet Security Gateway H Hardware Specifications Chart -12 European Union AC Power Adaptor Specifications Output power: DC12

ZyWALL 10~100 Series Internet Security Gateway Hardware Specifications I Chart 15 Australia and New Zealand AC Power Adaptor Specifications AC Po

ZyWALL 10~100 Series Internet Security Gateway 3-6 Wizard Setup Table 3-2 PPTP Encapsulation LABEL DESCRIPTION Password Type the password associated

ZyWALL 10~100 Series Internet Security Gateway J Safety Warnings and Instructions Appendix C Safety Warnings and Instructions 1. Be sure to read a

ZyWALL 10~100 Series Internet Security Gateway Removing and Installing a ZyWALL 100 Fuse K Appendix D Removing and Installing a ZyWALL 100 Fuse Thi

ZyWALL 10~100 Series Internet Security Gateway Index M Index 1 10/100 Mbps Ethernet WAN ... 1-2 A Access Point...

ZyWALL 10~100 Series Internet Security Gateway N Index Call-Trigerring Packet ... 33-10 Canada ...

ZyWALL 10~100 Series Internet Security Gateway Index O And the Firewall ... 7-1 IP Alias ...

ZyWALL 10~100 Series Internet Security Gateway P Index Generic Filter Rule ... 31-11 Generic Rule ...

ZyWALL 10~100 Series Internet Security Gateway Index Q H Half-Open Sessions... 12-20 Hidden Menus...

ZyWALL 10~100 Series Internet Security Gateway R Index Setup ... 37-2 IP Spoofing...

ZyWALL 10~100 Series Internet Security Gateway Index S My Server IP Addr... 27-7 My WAN Address ...

ZyWALL 10~100 Series Internet Security Gateway Wizard Setup 3-7 Figure 3-4 Wizard2: PPPoE Encapsulation The following table describes the fields i

ZyWALL 10~100 Series Internet Security Gateway T Index Power Current... E Power Specification...

ZyWALL 10~100 Series Internet Security Gateway Index U Direction ... 24-5 Version...

ZyWALL 10~100 Series Internet Security Gateway V Index Stateful Inspection ... 1-3, 11-1, 11-2, 11-7, 11-8 Process...

ZyWALL 10~100 Series Internet Security Gateway Index W Trigger Port Forwarding ... 29-18 Process ...

ZyWALL 10~100 Series Internet Security Gateway X Index ZyXEL’s Firewall Introduction ...11-2

ZyWALL 10~100 Series Internet Security Gateway 3-8 Wizard Setup Table 3-3 PPPoE Encapsulation LABEL DESCRIPTION Idle Timeout Type the time in second

ZyWALL 10~100 Series Internet Security Gateway Wizard Setup 3-9 Regardless of your particular situation, do not create an arbitrary IP address; alw

ZyWALL 10~100 Series Internet Security Gateway 3-10 Wizard Setup You can configure the WAN port's MAC address by either using the factory defaul

ZyWALL 10~100 Series Internet Security Gateway Wizard Setup 3-11 Figure 3-5 Wizard 3 The following table describes the fields in this screen. Tabl

ZyWALL 10~100 Series Internet Security Gateway 3-12 Wizard Setup Table 3-6 WAN Setup LABEL DESCRIPTION Gateway IP Address Enter the gateway IP add

System, LAN and Wireless LAN II Part II: System, LAN and Wireless LAN This part covers configuration of the system, LAN, and wireless LAN screen

ZyWALL 10~100 Series Internet Security Gateway vi Customer Support Customer Support When you contact your customer support representative please have

ZyWALL 10~100 Series Internet Security Gateway System 4-1 Chapter 4 System Screens This chapter provides information on the System screens. 4.1 Syst

ZyWALL 10~100 Series Internet Security Gateway 4-2 System Table 4-1 System General Setup LABEL DESCRIPTION Domain Name Enter the domain name (if yo

ZyWALL 10~100 Series Internet Security Gateway System 4-3 Figure 4-2 DDNS The following table describes the fields in this screen. Table 4-2 DDNS L

ZyWALL 10~100 Series Internet Security Gateway 4-4 System Table 4-2 DDNS LABEL DESCRIPTION Enable Wildcard Select the check box to enable DYNDNS Wi

ZyWALL 10~100 Series Internet Security Gateway System 4-5 Table 4-3 Password LABEL DESCRIPTION Old Password Type the default password or the exist

ZyWALL 10~100 Series Internet Security Gateway 4-6 System The following table describes the fields in this screen. Table 4-4 Time Zone LABEL DESCRIP

ZyWALL 10~100 Series Internet Security Gateway System 4-7 Table 4-4 Time Zone LABEL DESCRIPTION Apply Click Apply to save your changes back to the Z

ZyWALL 10~100 Series Internet Security Gateway LAN 5-1 Chapter 5 LAN Screens This chapter describes how to configure LAN settings. Static DH

ZyWALL 10~100 Series Internet Security Gateway Table of Contents vii Table of Contents Copyright...

ZyWALL 10~100 Series Internet Security Gateway 5-2 LAN These parameters should work for the majority of installations. If your ISP gives you explicit

ZyWALL 10~100 Series Internet Security Gateway LAN 5-3 5.4 Configuring IP Click LAN to open the IP screen. Figure 5-1 IP The following tab

ZyWALL 10~100 Series Internet Security Gateway 5-4 LAN Table 5-1 IP LABEL DESCRIPTION DHCP Server DHCP (Dynamic Host Configuration Protocol, RFC 21

ZyWALL 10~100 Series Internet Security Gateway LAN 5-5 Table 5-1 IP LABEL DESCRIPTION RIP Version The RIP Version field controls the format

ZyWALL 10~100 Series Internet Security Gateway 5-6 LAN Figure 5-2 Static DHCP The following table describes the fields in this screen. Table 5-2 St

ZyWALL 10~100 Series Internet Security Gateway LAN 5-7 To change your ZyWALL’s IP Alias settings, click LAN, then the IP Alias tab. The scree

ZyWALL 10~100 Series Internet Security Gateway 5-8 LAN Table 5-3 IP Alias LABEL DESCRIPTION RIP Direction RIP (Routing Information Protocol, RFC1058

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Screens 6-1 Chapter 6 Wireless LAN Screens This chapter discusses how to configure Wire

ZyWALL 10~100 Series Internet Security Gateway 6-2 Wireless LAN Screens access point (AP) or wireless gateway, but out-of-range of each other, so th

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Screens 6-3 Enabling the RTS Threshold causes redundant network overhead that could neg

ZyWALL 10~100 Series Internet Security Gateway viii Table of Contents Chapter 4 System Screens...

ZyWALL 10~100 Series Internet Security Gateway 6-4 Wireless LAN Screens 6.3.1 WEP WEP provides a mechanism for encrypting data using encryption keys

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Screens 6-5 The following table describes the fields in this screen. Table 6-1 Wireless

ZyWALL 10~100 Series Internet Security Gateway 6-6 Wireless LAN Screens Table 6-1 Wireless LABEL DESCRIPTION Key 1 to Key 4 If you chose 64-bit WEP

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Screens 6-7 Figure 6-4 MAC Address Filter The following table describes the fields in

ZyWALL 10~100 Series Internet Security Gateway 6-8 Wireless LAN Screens Table 6-2 MAC Address Filter LABEL DESCRIPTION Apply Click Apply to save yo

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Screens 6-9 • Access-Challenge Sent by a RADIUS server requesting more information in

ZyWALL 10~100 Series Internet Security Gateway 6-10 Wireless LAN Screens • The wireless station replies with identity information, including userna

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Screens 6-11 Table 6-3 802.1X Authentication LABEL DESCRIPTION Active Select Force Auth

ZyWALL 10~100 Series Internet Security Gateway 6-12 Wireless LAN Screens Figure 6-7 Local User Database The following table describes the fields in

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Screens 6-13 Table 6-4 Local User Database LABEL DESCRIPTION Active Select this check

ZyWALL 10~100 Series Internet Security Gateway Table of Contents ix Chapter 7 DMZ Screens...

ZyWALL 10~100 Series Internet Security Gateway 6-14 Wireless LAN Screens The following table describes the fields in this screen. Table 6-5 RADIUS

DMZ and WAN III Part III: DMZ and WAN This part covers configuration of the DMZ and WAN screens.

ZyWALL 10~100 Series Internet Security Gateway DMZ Screens 7-1 Chapter 7 DMZ Screens This chapter describes how to configure the ZyW

ZyWALL 10~100 Series Internet Security Gateway 7-2 DMZ Screens Figure 7-1 DMZ The following table describes the fields in this screen. Table 7-1 DM

ZyWALL 10~100 Series Internet Security Gateway DMZ Screens 7-3 Table 7-1 DMZ LABEL DESCRIPTION RIP Version The RIP Version field co

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-1 Chapter 8 WAN Screens This chapter describes how to configure WAN set

ZyWALL 10~100 Series Internet Security Gateway 8-2 WAN Screens Figure 8-1 WAN Setup: Route The following table describes the fields in this screen.

ZyWALL 10~100 Series Internet Security Gateway WAN Screens 8-3 Figure 8-2 Ethernet Encapsulation The following table describes the