ZyXEL Communications ZyXEL ZyWALL 35 User Manual
Zywall 35, User’s guide
Table of contents
Document Outline
- User’s Guide
- Copyright
- Federal Communications Commission (FCC) Interference Statement
- ZyXEL Limited Warranty
- Customer Support
- Table of Contents
- List of Figures
- List of Tables
- Preface
- 1. Getting to Know Your ZyWALL
- 1.1 ZyWALL 35 Internet Security Appliance Overview
- 1.2 ZyWALL Features
- 1.2.1 Physical Features
- 1.2.1.1 Auto-negotiating 10/100 Mbps Ethernet LAN
- 1.2.1.2 Auto-crossover 10/100 Mbps Ethernet LAN
- 1.2.1.3 Auto-negotiating 10/100 Mbps Ethernet DMZ
- 1.2.1.4 Auto-crossover 10/100 Mbps Ethernet DMZ
- 1.2.1.5 LAN/DMZ Interface
- 1.2.1.6 Dual Auto-negotiating 10/100 Mbps Ethernet WAN
- 1.2.1.7 Dual Auto-crossover 10/100 Mbps Ethernet WAN
- 1.2.1.8 Dial Backup WAN
- 1.2.1.9 Time and Date
- 1.2.1.10 Reset Button
- 1.2.1.11 Dual PCMCIA and CardBus Slot
- 1.2.1.12 IEEE 802.11 b/g Wireless LAN
- 1.2.2 Non-Physical Features
- 1.2.2.1 Load Balancing
- 1.2.2.2 SIP Passthrough
- 1.2.2.3 Transparent Firewall
- 1.2.2.4 STP (Spanning Tree Protocol) / RSTP (Rapid STP)
- 1.2.2.5 Bandwidth Management
- 1.2.2.6 IPSec VPN Capability
- 1.2.2.7 X-Auth (Extended Authentication)
- 1.2.2.8 Certificates
- 1.2.2.9 SSH
- 1.2.2.10 HTTPS
- 1.2.2.11 Firewall
- 1.2.2.12 Content Filtering
- 1.2.2.13 Universal Plug and Play (UPnP)
- 1.2.2.14 RADIUS (RFC2138, 2139)
- 1.2.2.15 IEEE 802.1x for Network Security
- 1.2.2.16 Wi-Fi Protected Access
- 1.2.2.17 Wireless LAN MAC Address Filtering
- 1.2.2.18 WEP Encryption
- 1.2.2.19 Packet Filtering
- 1.2.2.20 Call Scheduling
- 1.2.2.21 PPPoE
- 1.2.2.22 PPTP Encapsulation
- 1.2.2.23 Dynamic DNS Support
- 1.2.2.24 IP Multicast
- 1.2.2.25 IP Alias
- 1.2.2.26 IP Policy Routing
- 1.2.2.27 Central Network Management
- 1.2.2.28 SNMP
- 1.2.2.29 Network Address Translation (NAT)
- 1.2.2.30 Traffic Redirect
- 1.2.2.31 Port Forwarding
- 1.2.2.32 DHCP (Dynamic Host Configuration Protocol)
- 1.2.2.33 Full Network Management
- 1.2.2.34 RoadRunner Support
- 1.2.2.35 Logging and Tracing
- 1.2.2.36 Upgrade ZyWALL Firmware via LAN
- 1.2.2.37 Embedded FTP and TFTP Servers
- 1.2.1 Physical Features
- 1.3 Applications for the ZyWALL
- 2. Introducing the Web Configurator
- 3. Wizard Setup
- 4. LAN Screens
- 5. Bridge Screens
- 6. Wireless LAN and Authentication Server
- 6.1 Wireless LAN Overview
- 6.2 Wireless LAN Basics
- 6.3 Wireless Security
- 6.4 Security Parameters Summary
- 6.5 WEP Encrytion
- 6.6 802.1x Overview
- 6.7 Dynamic WEP Key Exchange
- 6.8 Introduction to WPA
- 6.9 WPA-PSK Application Example
- 6.10 WPA with RADIUS Application Example
- 6.11 Wireless Client WPA Supplicants
- 6.12 Inserting a PCMCIA/CardBus Wireless LAN Card
- 6.13 Configuring Wireless LAN
- 6.14 Configuring MAC Filter
- 6.15 Introduction to RADIUS
- 6.16 Introduction to Local User Database
- 6.17 Authentication Server
- 6.18 Configuring Local User Database
- 6.19 Configuring RADIUS
- 7. WAN Screens
- 7.1 WAN Overview
- 7.2 Multiple WAN
- 7.3 Load Balancing Introduction
- 7.4 Load Balancing Algorithms
- 7.5 TCP/IP Priority (Metric)
- 7.6 Configuring General
- 7.7 Configuring Load Balancing
- 7.8 Configuring WAN Setup
- 7.9 Traffic Redirect
- 7.10 Configuring Traffic Redirect
- 7.11 Configuring Dial Backup
- 7.12 Advanced Modem Setup
- 7.13 Configuring Advanced Modem Setup
- 8. DMZ Screens
- 9. Firewalls
- 10. Firewall Screens
- 11. Content Filtering Screens
- 12. Content Filtering Registration and Reports
- 13. Introduction to IPSec
- 14. VPN Screens
- 14.1 VPN/IPSec Overview
- 14.2 IPSec Algorithms
- 14.3 My IP Address
- 14.4 Secure Gateway Address
- 14.5 Summary Screen
- 14.6 Keep Alive
- 14.7 NAT Traversal
- 14.8 ID Type and Content
- 14.9 Pre-Shared Key
- 14.10 Editing VPN Policies
- 14.11 IKE Phases
- 14.12 Configuring Advanced VPN Rule
- 14.13 Manual Key Setup
- 14.14 Configuring Manual Key
- 14.15 Viewing SA Monitor
- 14.16 Configuring Global Setting
- 14.17 Telecommuter VPN/IPSec Examples
- 14.18 VPN and Remote Management
- 15. Certificates
- 15.1 Certificates Overview
- 15.2 Self-signed Certificates
- 15.3 Configuration Summary
- 15.4 My Certificates
- 15.5 Certificate File Formats
- 15.6 Importing a Certificate
- 15.7 Creating a Certificate
- 15.8 My Certificate Details
- 15.9 Trusted CAs
- 15.10 Importing a Trusted CA’s Certificate
- 15.11 Trusted CA Certificate Details
- 15.12 Trusted Remote Hosts
- 15.13 Verifying a Trusted Remote Host’s Certificate
- 15.14 Importing a Trusted Remote Host’s Certificate
- 15.15 Trusted Remote Host Certificate Details
- 15.16 Directory Servers
- 15.17 Add or Edit a Directory Server
- 16. Network Address Translation (NAT)
- 17. Static Route
- 18. Policy Route
- 19. Bandwidth Management
- 20. DNS
- 21. Remote Management
- 21.1 Remote Management Overview
- 21.2 Introduction to HTTPS
- 21.3 Configuring WWW
- 21.4 HTTPS Example
- 21.5 SSH Overview
- 21.6 How SSH works
- 21.7 SSH Implementation on the ZyWALL
- 21.8 Configuring SSH
- 21.9 Secure Telnet Using SSH Examples
- 21.10 Secure FTP Using SSH Example
- 21.11 Telnet
- 21.12 Configuring TELNET
- 21.13 Configuring FTP
- 21.14 Configuring SNMP
- 21.15 Configuring DNS
- 21.16 Introducing Vantage CNM
- 21.17 Configuring CNM
- 22. UPnP
- 23. Logs Screens
- 24. Maintenance
- 25. Introducing the SMT
- 26. SMT Menu 1 - General Setup
- 27. WAN and Dial Backup Setup
- 28. LAN Setup
- 29. Internet Access
- 30. DMZ Setup
- 31. Route Setup
- 32. Remote Node Setup
- 33. IP Static Route Setup
- 34. Network Address Translation (NAT)
- 35. Introducing the ZyWALL Firewall
- 36. Filter Configuration
- 37. SNMP Configuration
- 38. System Information & Diagnosis
- 39. Firmware and Configuration File Maintenance
- 39.1 Introduction
- 39.2 Filename Conventions
- 39.3 Backup Configuration
- 39.3.1 Backup Configuration
- 39.3.2 Using the FTP Command from the Command Line
- 39.3.3 Example of FTP Commands from the Command Line
- 39.3.4 GUI-based FTP Clients
- 39.3.5 File Maintenance Over WAN
- 39.3.6 Backup Configuration Using TFTP
- 39.3.7 TFTP Command Example
- 39.3.8 GUI-based TFTP Clients
- 39.3.9 Backup Via Console Port
- 39.4 Restore Configuration
- 39.5 Uploading Firmware and Configuration Files
- 39.5.1 Firmware File Upload
- 39.5.2 Configuration File Upload
- 39.5.3 FTP File Upload Command from the DOS Prompt Example
- 39.5.4 FTP Session Example of Firmware File Upload
- 39.5.5 TFTP File Upload
- 39.5.6 TFTP Upload Command Example
- 39.5.7 Uploading Via Console Port
- 39.5.8 Uploading Firmware File Via Console Port
- 39.5.9 Example Xmodem Firmware Upload Using HyperTerminal
- 39.5.10 Uploading Configuration File Via Console Port
- 39.5.11 Example Xmodem Configuration Upload Using HyperTerminal
- 40. System Maintenance Menus 8 to 10
- 41. Remote Management
- 42. IP Policy Routing
- 43. Call Scheduling
- 44. VPN/IPSec Setup
- 45. SA Monitor
- 46. Troubleshooting
- Appendix A. Hardware Specifications
- Appendix B. Setting up Your Computer’s IP Address
- Appendix C. IP Subnetting
- Appendix D. PPPoE
- Appendix E. PPTP
- Appendix F. Wireless LAN and IEEE 802.11
- Appendix G. Wireless LAN With IEEE 802.1x
- Appendix H. Types of EAP Authentication
- Appendix I. Triangle Route
- Appendix J. SIP Passthrough
- SIP
- SIP Identities
- SIP Number
- SIP Service Domain
- SIP Call Progression
- SIP Servers
- SIP User Agent Server
- SIP Proxy Server
- SIP Redirect Server
- SIP Register Server
- RTP
- SIP ALG
- STUN
- ZyXEL SIP ALG
- SIP ALG and NAT
- SIP ALG and Firewall
- SIP ALG and Multiple WAN
- Enabling/Disabling the SIP ALG
- Signaling Session Timeout
- Audio Session Timeout
- Appendix K. VPN Setup
- Appendix L. Importing Certificates
- Appendix M. Command Interpreter
- Appendix N. Firewall Commands
- Appendix O. NetBIOS Filter Commands
- Appendix P. Certificates Commands
- Appendix Q. Brute-Force Password Guessing Protection
- Appendix R. Boot Commands
- Appendix S. Log Descriptions
- Index