ZyXEL Communications ISG50 User Manual

Chapter 52 System

ISG50 User’s Guide

The following figure shows secure and insecure management of the ISG50 coming in from the WAN. 
HTTPS and SSH access are secure. HTTP and Telnet access are not secure. 

• See 

 for related information on these screens.

Note: To allow the ISG50 to be accessed from a specified computer using a service, make 

sure you do not have a service control rule or to-ISG50 firewall rule to block that 

traffic. 

• See 

 for more on To-ISG50 firewall rules.

• See 

 for an example of configuring service control to block administrator 

HTTPS access from all zones except the LAN. 

To stop a service from accessing the ISG50, clear Enable in the corresponding service screen. 

A service cannot be used to access the ISG50 when:

You have disabled that service in the corresponding screen.

The allowed IP address (address object) in the Service Control table does not match the client IP 
address (the ISG50 disallows the session).

The IP address (address object) in the Service Control table is not in the allowed zone or the 
action is set to Deny. 

There is a firewall rule that blocks it.

There is a lease timeout for administrators. The ISG50 automatically logs you out if the 
management session remains idle for longer than this timeout period. The management session 
does not time out when a statistics screen is polling. 

Zone

Select ALL to allow or prevent DNS queries through any zones.

Select a predefined zone on which a DNS query to the ISG50 is allowed or denied.

Action

Select Accept to have the ISG50 allow the DNS queries from the specified 
computer.

Select Deny to have the ISG50 reject the DNS queries from the specified 
computer.

OK

Click OK to save your customized settings and exit this screen. 

Cancel

Click Cancel to exit this screen without saving

Configuration > System > DNS > Service Control Rule Add (continued)