ZyXEL ZyWALL 2WG User Manual

ZyWALL 2WG Security Appliance Support Notes Version 4.03 Sep. 2007

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 10Utilize 3G and Wireless for the Internet Access Fol

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 100Pre-Shared Key must be identical on both entitiesL

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 101As the figure shown below, each branch office have

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 1022. check Active check box and give a name to

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 103 You can setup IKE phase 1 and phase 2 parameters

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 104 2. Setup VPN in branch office B Be very careful

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 105

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 106Note that since Branch B's LAN is also includ

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 107

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 108 2. The correspondent rule for Branch_B

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 109

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 11 3). Then the 3G wireless card will be dialed up au

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 110 NAT over IPSec on ZyNOS Network Topology The

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 111change at least one of the LAN IP addresses in ord

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 112 ZyWALL 2 (Remote) STEP 2: Create the Gateway Pol

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 113 Gateway Policy on ZyWALL 1 Click “Apply” in orde

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 114 Gateway Policy on ZyWALL 2 Gateway Policy on Zy

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 115policy. Check the “Active” checkbox in the “Virtu

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 116 On ZyWALL 1, the remote network will be changed t

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 117 On ZyWALL 2, the Virtual IP Addresses starts fro

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 118Click Security > VPN > Connect in order to e

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 1191) Ping the local gateway. 2) Ping the IPSec Rem

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 12 4) If dialed up successfully, you can see the GUI

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 120 The VPN high availability is design for securing

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 121 3. Give a name for your policy, for example “Dua

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 122

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 123Access control and security VPN connection (Securi

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 124 3. For example, the remote VPN policy is 192.168

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 125 4. Click the Insert button to insert a new rule.

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 126 6. The service type is Any to block all kind of

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 127 7. We can see a new rule had been configured and

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 128 How to configure Web filtering rule over VPN –

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 129

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 13Utilize the embedded wireless card to provide LAN u

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 130 ZyWALL vs 3rd Party VPN Gateway SonicWALL with Z

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 13111. Go to SECURITY->VPN->Press Add button

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 132 16. Select Negotiation Mode to Main mode, Encryp

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 133 18. Check Active check box and give a name to th

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 13420. On Local Network, choose Subnet Address for yo

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 135 23. When you finished doing your settings, you w

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 136 2. Click General tab, on Security Policy settin

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 137 4. Network IP Address and Subnet Mask are your r

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 138 6. When you finished doing your settings, you wi

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 139 NetScreen with ZyWALL VPN Tunneling 1. Setup Z

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 14 To configure the security and the MAC filter, go t

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 140The IP addresses we use in this example are as sho

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 141 6. In Authentication Key, enter the key string

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 1428. You will see an IKE rule on your VPN page, cli

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 143type 192.168.2.0 on Starting IP Address field and

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 144 14. When you finished doing your settings, you w

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 145 Note: About the settings, you could reference to

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 146 6. On Security Level settings, you could set up

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 147 8. To edit your IPSec rule, click VPNs -> Au

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 148 11. Check VPN Monitor check box, thus you can mo

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 149 14. Give a name for your policy, for example “ZyW

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 15

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 150 17. When you finished doing the settings, you wi

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 15118. Move your policy rules to top, thus your devic

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 152This page guides us to setup a VPN connection betw

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 153 3. Give a name for your policy, for example “ToC

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 154 7. Select Negotiation Mode to Main mode, Encrypt

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 155 10. On Gateway Policy Information, you should cho

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 15613. On IPSec Proposal, select Encapsulation Mode t

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 157 1. on your PC, clicking Start->Programmer->

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 158 6. On General Properties, the IP Addrrss field i

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 159 7. On Topology settings, you should see two int

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 16

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 160 8. Selecting 172.22.2.58 interface, and press Edi

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 161 II. Setup Interoperable Device 10. On the main

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 162 11. You will see the network objects window, pre

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 16312. On General Properties settings, give a name an

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 16414. Giving a name for the interface, and assign th

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 165 17. Giving a name for the interface, and assign

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 166 19. Pressing OK button to save the settings.

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 167 III. Setup Networks

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 168 20. Selecting Networks object and click the right

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 169 22. To add another network policy, and set the ne

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 17After you have configured the Security and MAC filt

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 170 26. On Center Gateways settings, press Add butto

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 17127. If you have already done the previous settings

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 17229. If you have already done the previous settings

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 17331. On Tunnel Management, leave the settings to de

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 174 33. On Shared Secret settings, choose ToZyWALL op

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 175 36. Press OK button to save your settings.

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 176 37. After you press OK button, you should see a

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 177 39. Press Add button to add a rule. 40. On the

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 178 42. To use the same way to add another network o

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 17944. On the VPN field, click right button of your m

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 18Seamless Incorporation into your network Using Tra

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 180 47. Clicking OK button to save your settings.

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 181 49. On the track field, click right button of yo

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 18251. Pressing add button to add another rule which

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 183 54. Waiting few seconds for the installation.

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 184 55. If you install the policy successfully, your

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 185 FortiNet with ZyWALL VPN Tunneling 1. Setup Z

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 186 The IP addresses we use in this example are as sh

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 187 6. In Authentication Key, enter the key string

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 1888. After you press the Apply button, you will see

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 189 12. On Remote Network, choose Subnet Address for

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 19 Deploying a transparent mode firewall doesn’t req

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 19014. After you press the Apply button, you will see

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 191 4. On P1 proposal settings, select Encryption to

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 192 6. After you press the OK button, you will see a

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 193 9. On P2 Proposal settings, select Encryption t

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 194 11. After you press the OK button, you will see

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 19513. To define the IP source address of the Network

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 196 17. On the main page, click Firewall -> Policy

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 197 21. After you press the OK button, you will the

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 198 Remote Access VPN Scenario The remote access V

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 199existing Internet Key Exchange (IKE) Protocol feat

ZyWALL 2WG Support Notes 2INDEX Application Notes...

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 20User can configure ZyWALL to act as a router mode f

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 200 Local User RADIUS When external “RADIUS” is s

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 2011. Setup ZyWALL VPN Client 2. Setup ZyWALL Th

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 202 Remote Party Identity and Addressing settings:4.

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 203 Pre-Share Key Settings: 6. Extend ZyWALL icon, y

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 204 Security Policy Settings:9. Click Security Policy

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 205 10. Extend Security Policy icon, you will see tw

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 206

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 207 2. Setup ZyWALL VPN 1. Using a web browser, log

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 208 You can further adjust IKE Phase 1/Phase 2 parame

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 209 Content Filter Application To filter non-work rel

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 21assign a management IP for ZyWALL. The Gateway IP A

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 210 1. Minimize Spyware Attack As mentioned earlier,

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 211“Violence/Hate/Racism”, “Gay/Lesbian”, “Gambling”,

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 212 2. Proactively Prevent Phishing Phishing – The

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 213 2.1.2  Customize the Forbidden web sites which

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 214 3. Prevent non-business web surfing Below is an

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 215 3.2 Using external database content filte

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 216to www.zyxel.com with “(Website Blocking)” message

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 217 To manage your ZyWALLs through Vantage CNM, user

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 218the following section, we will explain how to regi

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 2191. device type 2. device name 3. device&apo

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 22Step3. After rebooting, login ZyWALL’s GUI by ac

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 220 Step 4. On the device, go to ADVANCED->REMOTE

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 221 On Vantage CNM, the device icon will turn green a

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 222A02. Will the ZyWALL work with my Internet connect

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 223A08. How can I configure the ZyWALL?  Telnet r

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 224table. Therefore, to make a local server accessibl

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 225A20. My ZyWALL can not get an IP address from the

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 226computer to be more easily accessed from various l

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 227understand the ESP packet with protocol number 50,

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 228B01. What is a network firewall? A firewall is a

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 229B04. What kind of firewall is the ZyWALL? 1. Th

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 23

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 230B07. What is Ping of Death attack? Ping of Death

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 231B12. What is IP Spoofing attack? Many DoS attack

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 232The above figure indicates the "triangle rout

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 233(C) To resolve this conflict, we add an option for

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 234• Destination IP Mask =w.x.y.z • Action Matche

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 235C06. What kind of iCard should I buy? It depends o

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 236In summary, myZyXEL.com delivers a convenient, cen

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 237 D05. If I were new to myZyXEL.com, what are the r

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 238 D09. Who maintains mySecurityZone & Update Se

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 239E04. Can I decide whether to forward or drop the H

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 24Internet Connection A typical Internet access appl

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 240E10. Who needs ZyXEL Content Filtering? Is ZyXEL C

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 241E16. How do I keep database of Content Filtering s

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 242BlueCoat uses expert Web content raters to train t

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 243· Sex Education · Violence/Hate/Racism · Weapons

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 244· Sports/Recreation/Hobbies · Streaming Media/MP3

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 245E29. Which User Name & Password should I input

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 246policy, Gateway_1. In this case, this will be coun

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 247company to carry the data traffic over its Interne

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 248In this case, Transport mode only protects the upp

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 249 F11. What are Local ID and Peer ID? Local ID a

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 25Following picture is an example while PPPoE is sele

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 250F14. What VPN protocols are supported by ZyWALL? A

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 251172.31.255.255 (these address ranges are reserved

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 252 F21. Will ZyXEL support Secure Remote Management?

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 253If firewall is turned on in ZyWALL, you must forwa

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 254F28. Single, Range, Subnet, which types of IP addr

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 255cryptography as asymmetric. Symmetric cryptograph

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 256Certificate Policies A Certification Practice St

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 257describe the rules governing the different uses of

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 258When Bob clicks on the digital signature option on

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 259G12. Does ZyXEL provide CA service? No, ZyXEL does

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 262. When choosing DHCP setting as a ‘Server’, the

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 260configuration to the local computer. Then import t

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 261b. Installation Speed and Simplicity: Installing a

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 262at 11 Mbps or lower depending on range. The range

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 2632. Building Materials: metal door, aluminum studs.

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 264see the SSID. H17. What is 802.1x? IEEE 802.1x Po

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 27 • How NAT works If we define the local IP address

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 285. Server In Server mode, the ZyWALL maps multiple

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 29 Step 1. Applying NAT in WAN Interface You can cho

ZyWALL 2WG Support Notes 3To filter non-work related and unproductive web surfing to mitigate spyware and phishing threats ...

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 30 Key Settings Field Options Description Full Fe

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 31Step 3. Using Multiple Global IP addresses for clie

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 32Rule 2 Setup: Selecting One-to -One type to map the

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 33 Now we configure all other incoming traffic to go

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 34 Application for Non NAT Friendly Support Som

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 35 Optimize network performance & availabilit

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 36 How Bandwidth Management in ZyWALL? ZyWALL achiev

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 37Go to ADVANCED->BW MGMT->Summary, activate ba

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 38 Key Settings: Class Name Give this class a name, f

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 39Source IP Address Enter the IP address of source th

ZyWALL 2WG Support Notes 4gateway behind ZyWALL? ...226 A28. How do I setup my Z

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 40 Step1. Activate Bandwidth Management on the interf

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 41 Step3. Add another service and allocate 800kbps fo

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 42Step4. Add another service and allocate 800kbps for

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 43Secure Connections across the Internet Site-to-Sit

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 44 1) Configure the static Public IP address to WAN

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 45address is assigned to ZyWALL’s WAN interface, ZyWA

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 46 4) Configure the DDNS entry under DNS-> DDNS

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 47placed behind the NAT router. For example, the NAT

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 48when peer VPN entity also support NAT Traversal fun

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 49The configuration goal is to achieve following two:

ZyWALL 2WG Support Notes 5D02. In addition to registration, what can I do with myZyXEL.com?235 D03. Is there anything changed on myZyXEL.com becau

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 50 6) Extended Authentication (xAuth) can be enabled

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 51 10) Click on the icon to add a new “Network Policy

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 52 14) Under “Remote Network”, choose “Single” and in

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 53 18) Follow the same procedures as step 10~16 to ad

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 54DNS, E-mail, Subject Name and Any. Depending how c

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 55The factory default self-signed certificates are th

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 56 2) Or mark the certificate in PEM (Base-64) Encod

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 57 When you configure VPN rule with certificate, s

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 58servers, and finally get a certificate for further

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 59 Step 2. Create certificate request and enroll cert

ZyWALL 2WG Support Notes 6E15. How many URL keywords does ZyWALL support?...240 E16. How do I keep database of Content Filtering

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 60 After pressing the Apply button, ZyWALL would crea

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 611. Input a name, for this Certificate so you

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 62After pressing the Apply button, ZyWALL would creat

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 63 13. You can check detailed settings by clicking Ad

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 64 Step 5. Using Certifica e in VPN on ZyWALL B

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 65 13. You can check detailed settings by clicking Ad

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 66 Offline Enroll Certificates In this guide, we de

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 67 LAN 1 ZyWALL A ZyWALL B LAN 210.1.133.0/24 LAN:

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 68 2. Input a name, for this Certificate so you can i

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 69 5. In My Certificates tab, you can get a new entry

ZyWALL 2WG Support Notes 7What do I need to know?...250 F18. Does ZyWALL sup

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 70 In this support note, we utilize certificate enrol

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 71 3, Select Request a Certificate, then press Next&g

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 72 4. Choose Advanced request, the press Next> but

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 73 5. Choose "Submit a certificate request using

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 74 6. Right click your mouse, then paste the certific

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 75 7. Click "Download CA certification path"

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 769. Double click the saved file, Select Certificates

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 7711. Choose DER encoded binary X.509(.CER), then pre

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 7813. Click Finish. 14. Go to ZyWALL WEB GUI -> V

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 79 16. After a while, if you see the gray entry turns

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 8G16. Will Self-signed certificate be erased if I res

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 80 After import CA's certificate, you will get t

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 81 2. Input a name, for this Certificate so you can

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 823. Wait for 1-2 minutes until "Request Generat

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 83 Step 4. Enroll Certificate Request on ZyWALLB

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 84 3, Select Request a Certificate, then press Next&g

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 85 4. Choose Advanced request, the press Next> but

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 86 5. Choose "Submit a certificate request using

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 87 6. Right click your mouse, then paste the certific

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 88 7. Click "Download CA certification path"

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 899. Double click the saved file, Select Certificates

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 9Application Notes Mobility Internet Access You may

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 90 11. Choose DER encoded binary X.509(.CER), then pr

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 91 12. Specify the path to store your exported Certif

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 9213. Click Finish. 14. Go to ZyWALL WEB GUI -> V

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 93 16. After a while, if you see the gray entry turns

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 94 18. After import CA's certificate, you will g

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 959. Peer ID type= "ANY". 10. Secure Gatewa

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 96 13. You can check detailed settings by clicking Ad

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 97 Step 6. Using Certificate in VPN on ZyWALL B

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 98 13. You can check detailed settings by clicking Ad

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 99 Using Pre-Shared Key for Device Authentication T