ZyXEL Communications ZyWALL 2 Series Manuales de usuario

Tabla de contenidos

• ZyWALL 2 Series

  1
• Copyright

  2
• FCC Interference Statement

  3
• Information for Canadian Users

  4
• ZyXEL Limited Warranty

  5
• Customer Support

  6
• Table of Contents

  7
• List of Figures

  15
• List of Tables

  22
• Preface

  26
• Part I Getting Started

  29
  • 1. Getting to Know Your ZyWALL

    31
    • Introducing the ZyWALL

      31
    • Features

      31
    • Applications for the ZyWALL

      36
  • 2. Introducing the Web Configurator

    39
    • Web Configurator Overview

      39
    • Accessing the ZyWALL Web Configurator

      39
    • Resetting the ZyWALL

      40
    • Navigating the ZyWALL Web Configurator

      41
  • 3. Wizard Setup

    47
    • Wizard Setup Overview

      47
    • General Setup and System Name

      47
    • Internet Access

      48
    • WAN and DNS

      54
    • Basic Setup Complete

      58
• Part II System and LAN

  61
  • 4. System Screens

    63
    • System Overview

      63
    • Configuring General Setup

      63
    • Dynamic DNS

      65
    • Configuring Dynamic DNS

      65
    • Configuring Password

      67
    • Pre-defined NTP Time Servers List

      68
    • Configuring Time Setting

      69
  • 5. LAN Screens

    73
    • LAN Overview

      73
    • DHCP Setup

      73
    • IP Address and Subnet Mask

      73
    • DNS Server Address Assignment

      74
    • LAN TCP/IP

      74
    • Configuring IP

      75
    • Configuring Static DHCP

      78
    • Configuring IP Alias

      79
• Part III WAN and Wireless LAN

  83
  • 6. WAN Screens

    85
    • WAN Overview

      85
    • TCP/IP Priority (Metric)

      85
    • WAN IP Address Assignment

      85
    • Configuring Route

      86
    • Configuring WAN ISP

      87
    • Configuring WAN IP

      93
    • Configuring WAN MAC

      97
    • Traffic Redirect

      98
    • Configuring Traffic Redirect

      99
    • Configuring Dial Backup

      101
    • Advanced Modem Setup

      106
    • Configuring Advanced Modem Setup

      107
  • 7. Wireless LAN Screens

    111
    • Wireless LAN Overview

      111
    • Wireless LAN Basics

      111
    • Wireless Security

      113
    • Configuring Wireless LAN

      114
    • Configuring MAC Filter

      116
    • 802.1x Overview

      117
    • Local User Database

      119
    • Configuring 802.1X

      119
• Part IV NAT and Static Route

  121
  • 8. Network Address Translation (NAT)

    123
    • NAT Overview

      123
    • Using NAT

      126
    • SUA Server

      127
    • Configuring SUA Server

      129
    • Configuring Address Mapping

      130
    • Configuring Trigger Port

      133
  • 9. Static Route Screens

    137
    • Static Route Overview

      137
    • Configuring IP Static Route

      137
• Part V Firewall and Content Filters

  141
  • 10. Firewalls

    143
    • Firewall Overview

      143
    • Types of Firewalls

      143
    • Introduction to Nortel Networks Firewall

      144
    • Denial of Service

      145
    • Stateful Inspection

      149
    • Guidelines For Enhancing Security With Your Firewall

      153
    • Packet Filtering Vs Firewall

      153
  • 11. Firewall Screens

    157
    • Access Methods

      157
    • Firewall Policies Overview

      157
    • Rule Logic Overview

      158
    • Connection Direction Examples

      159
    • Alerts

      161
    • Configuring Firewall

      161
    • Example Firewall Rule

      169
    • Predefined Services

      174
    • Configuring Attack Alert

      176
  • 12. Content Filtering Screens

    181
    • Introduction to Content Filtering

      181
    • General Content Filter Configuration

      181
    • Content Filtering with an External Server

      184
    • Checking Content Filtering Activation

      185
    • Configuring Categories

      185
    • Configuring Customization

      194
• Part VI VPN/IPSec

  199
  • 13. Introduction to IPSec

    201
    • VPN Overview

      201
    • IPSec Architecture

      203
    • Encapsulation

      204
    • IPSec and NAT

      205
  • 14. VPN Screens

    207
    • VPN/IPSec Overview

      207
    • IPSec Algorithms

      207
    • My IP Address

      208
    • Secure Gateway Address

      208
    • Summary Screen

      209
    • Keep Alive

      211
    • NAT Traversal

      212
    • ID Type and Content

      214
    • Pre-Shared Key

      216
    • VPN Implementation

      216
    • Configuring Basic IKE VPN Rule Setup

      217
    • IKE Phases

      227
    • Configuring Advanced IKE Setup

      230
    • Manual Key Setup

      234
    • Configuring Edit Manual Setup

      234
    • SA Monitor

      239
    • Global Settings

      240
    • Telecommuter VPN/IPSec Examples

      241
    • VPN and Remote Management

      244
• PartVII Certificates

  245
  • 15. Certificates

    247
    • Certificates Overview

      247
    • Self-signed Certificates

      248
    • Configuration Summary

      248
    • My Certificates

      249
    • Certificate File Formats

      251
    • Importing a Certificate

      252
    • Creating a Certificate

      253
    • My Certificate Details

      256
    • Trusted CAs

      260
    • Importing a Trusted CA’s Certificate

      262
    • Trusted CA Certificate Details

      263
    • Trusted Remote Hosts

      267
    • Verifying a Trusted Remote Host’s Certificate

      269
    • Importing a Trusted Remote Host’s Certificate

      270
    • Trusted Remote Host Certificate Details

      271
    • Directory Servers

      275
    • Add or Edit a Directory Server

      276
• Part VIII Authentication Server, Remote Management and UPnP

  279
  • 16. Authentication Server

    281
    • Authentication Server Overview

      281
    • Local User Database

      281
    • Configuring Local User Database

      281
    • Configuring RADIUS

      283
  • 17. Remote Management Screens

    287
    • Remote Management Overview

      287
    • Introduction to HTTPS

      288
    • Configuring WWW

      290
    • HTTPS Example

      292
    • SSH Overview

      299
    • How SSH works

      300
    • SSH Implementation on the ZyWALL

      301
    • Configuring SSH

      301
    • Secure Telnet Using SSH Examples

      302
    • Secure FTP Using SSH Example

      304
    • Telnet

      305
    • Configuring TELNET

      306
    • Configuring FTP

      307
    • Configuring SNMP

      308
    • Configuring DNS

      312
    • Configuring Security

      314
  • 18. UPnP

    317
    • Universal Plug and Play Overview

      317
    • UPnP Implementation

      318
    • Configuring UPnP

      318
    • Displaying UPnP Port Mapping

      320
    • Installing UPnP in Windows Example

      321
    • Using UPnP in Windows XP Example

      324
• Part IX Logs

  327
  • 19. Logs Screens

    329
    • Configuring View Log

      329
    • Configuring Log Settings

      331
    • Configuring Reports

      334
• Part X Maintenance

  341
  • 20. Maintenance

    343
    • Maintenance Overview

      343
    • Status Screen

      343
    • DHCP Table Screen

      346
    • F/W Upload Screen

      347
    • Configuration Screen

      349
    • Restart Screen

      353
• Part XI SMT General Configuration

  355
  • 21. Introducing the SMT

    357
    • Introduction to the SMT

      357
    • Accessing the SMT via the Console Port

      357
    • Navigating the SMT Interface

      358
    • Changing the System Password

      362
    • Resetting the ZyWALL

      362
  • 22. SMT Menu 1 - General Setup

    363
    • Introduction to General Setup

      363
    • Configuring General Setup

      363
  • 23. WAN and Dial Backup Setup

    367
    • Introduction to WAN

      367
    • Dial Backup

      368
    • Configuring Dial Backup in Menu 2

      368
    • Advanced WAN Setup

      369
    • Remote Node Profile (Backup ISP)

      371
    • Editing PPP Options

      374
    • Editing TCP/IP Options

      375
    • Editing Login Script

      377
    • Remote Node Filter

      378
  • 24. LAN Setup

    381
    • Introduction to LAN Setup

      381
    • Accessing the LAN Menus

      381
    • LAN Port Filter Setup

      381
    • TCP/IP and DHCP Ethernet Setup Menu

      382
    • Wireless LAN Setup

      386
  • 25. Internet Access

    391
    • Introduction to Internet Access Setup

      391
    • Ethernet Encapsulation

      391
    • PPTP Encapsulation

      393
    • PPPoE Encapsulation

      394
    • Basic Setup Complete

      395
• Part XII SMT Advanced Applications

  397
  • 26. Remote Node Setup

    399
    • Introduction to Remote Node Setup

      399
    • Remote Node Setup

      399
    • Edit IP

      405
    • Remote Node Filter

      407
    • Traffic Redirect

      408
  • 27. IP Static Route Setup

    413
    • IP Static Route Setup

      413
  • 28. Network Address Translation (NAT)

    415
    • Using NAT

      415
    • NAT Setup

      417
    • Configuring a Server behind NAT

      422
    • General NAT Examples

      423
    • Trigger Port Forwarding

      430
  • 29. Introducing the Firewall

    435
    • Using SMT Menus

      435
  • 30. Filter Configuration

    437
    • Introduction to Filters

      437
    • Configuring a Filter Set

      440
    • Example Filter

      449
    • Filter Types and NAT

      452
    • Firewall Versus Filters

      452
    • Applying a Filter

      453
  • 31. SNMP Configuration

    455
    • SNMP Configuration

      455
    • SNMP Traps

      456
• Part XIII SMT System Maintenance

  457
  • 32. System Information & Diagnosis

    459
    • Introduction to System Status

      459
    • System Status

      459
    • System Information and Console Port Speed

      461
    • Log and Trace

      463
  • 33. Firmware and Configuration File Maintenance

    471
    • Introduction

      471
    • Filename Conventions

      471
    • Backup Configuration

      472
    • Restore Configuration

      478
    • Uploading Firmware and Configuration Files

      481
  • 34. System Maintenance Menus 8 to 10

    489
    • Command Interpreter Mode

      489
    • Call Control Support

      491
    • Time and Date Setting

      493
  • 35. Remote Management

    497
    • Remote Management

      497
• Part XIV SMT Advanced Management

  501
  • 36. Call Scheduling

    503
    • Introduction to Call Scheduling

      503
  • 37. VPN/IPSec Setup

    507
    • Introduction

      507
    • IPSec Summary Screen

      508
    • IPSec Setup

      511
    • IKE Setup

      517
    • Manual Setup

      520
  • 38. SA Monitor

    523
    • Introduction

      523
    • Using SA Monitor

      523
• Part XV General Appendices

  525
  • A. Troubleshooting

    527
  • B. Setting up Your Computer’s IP Address

    531
  • C. Triangle Route

    543
  • D. Wireless LAN and IEEE 802.11

    547
  • E. Wireless LAN With IEEE 802.1x

    551
  • F. Types of EAP Authentication

    553
  • G. PPPoE

    555
  • H. PPTP

    557
  • I. IP Subnetting

    561
  • J. Safety Warnings and Instructions

    569
• Part XVI Command, Log Appendices and Index

  571
  • K. Command Interpreter

    573
  • L. Firewall Commands

    575
  • M. NetBIOS Filter Commands

    581
  • N. Boot Commands

    585
  • O. Log Descriptions

    587
  • P. Brute-Force Password Guessing Protection

    605
  • Q. Index

    607