ZyXEL Communications 1000 User Manual
Chapter 50 System
ZyWALL USG 1000 User’s Guide
801
Server Port
The HTTPS server listens on port 443 by default. If you change the
HTTPS server port to a different number on the ZyWALL, for example
8443, then you must notify people who need to access the ZyWALL
Web Configurator to use “https://ZyWALL IP Address:8443” as the
URL.
HTTPS server port to a different number on the ZyWALL, for example
8443, then you must notify people who need to access the ZyWALL
Web Configurator to use “https://ZyWALL IP Address:8443” as the
URL.
Authenticate Client
Certificates
Certificates
Select Authenticate Client Certificates (optional) to require the
SSL client to authenticate itself to the ZyWALL by sending the
ZyWALL a certificate. To do that the SSL client must have a CA-
signed certificate from a CA that has been imported as a trusted CA
on the ZyWALL (see
SSL client to authenticate itself to the ZyWALL by sending the
ZyWALL a certificate. To do that the SSL client must have a CA-
signed certificate from a CA that has been imported as a trusted CA
on the ZyWALL (see
on importing
certificates for details).
Server Certificate
Select a certificate the HTTPS server (the ZyWALL) uses to
authenticate itself to the HTTPS client. You must have certificates
already configured in the My Certificates screen.
authenticate itself to the HTTPS client. You must have certificates
already configured in the My Certificates screen.
Redirect HTTP to
HTTPS
HTTPS
To allow only secure Web Configurator access, select this to redirect
all HTTP connection requests to the HTTPS server.
all HTTP connection requests to the HTTPS server.
Admin/User
Service Control
Service Control
Admin Service Control specifies from which zones an administrator
can use HTTPS to manage the ZyWALL (using the Web Configurator).
You can also specify the IP addresses from which the administrators
can manage the ZyWALL.
can use HTTPS to manage the ZyWALL (using the Web Configurator).
You can also specify the IP addresses from which the administrators
can manage the ZyWALL.
User Service Control specifies from which zones a user can use
HTTPS to log into the ZyWALL (to log into SSL VPN for example). You
can also specify the IP addresses from which the users can access
the ZyWALL.
HTTPS to log into the ZyWALL (to log into SSL VPN for example). You
can also specify the IP addresses from which the users can access
the ZyWALL.
Add
Click this to create a new entry. Select an entry and click Add to
create a new entry after the selected entry.
create a new entry after the selected entry.
Edit
Double-click an entry or select it and click Edit to be able to modify
the entry’s settings.
the entry’s settings.
Remove
To remove an entry, select it and click Remove. The ZyWALL
confirms you want to remove it before doing so. Note that
subsequent entries move up by one when you take this action.
confirms you want to remove it before doing so. Note that
subsequent entries move up by one when you take this action.
Move
To change an entry’s position in the numbered list, select the method
and click Move to display a field to type a number for where you
want to put it and press [ENTER] to move the rule to the number
that you typed.
and click Move to display a field to type a number for where you
want to put it and press [ENTER] to move the rule to the number
that you typed.
#
This is the index number of the service control rule.
The entry with a hyphen (-) instead of a number is the ZyWALL’s
(non-configurable) default policy. The ZyWALL applies this to traffic
that does not match any other configured rule. It is not an editable
rule. To apply other behavior, configure a rule that traffic will match
so the ZyWALL will not have to use the default policy.
(non-configurable) default policy. The ZyWALL applies this to traffic
that does not match any other configured rule. It is not an editable
rule. To apply other behavior, configure a rule that traffic will match
so the ZyWALL will not have to use the default policy.
Zone
This is the zone on the ZyWALL the user is allowed or denied to
access.
access.
Address
This is the object name of the IP address(es) with which the
computer is allowed or denied to access.
computer is allowed or denied to access.
Action
This displays whether the computer with the IP address specified
above can access the ZyWALL zone(s) configured in the Zone field
(Accept) or not (Deny).
above can access the ZyWALL zone(s) configured in the Zone field
(Accept) or not (Deny).
Table 232 Configuration > System > WWW > Service Control (continued)
LABEL
DESCRIPTION