Summary of the content on the page No. 1
ZyWALL 2/2WE
Internet Security Gateway
User’s Guide
Version 3.60
March 2003
Summary of the content on the page No. 2
ZyWALL 2 and ZyWALL 2WE Copyright Copyright © 2003 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporati
Summary of the content on the page No. 3
ZyWALL 2 and ZyWALL 2WE Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: This device may not cause harmful interference. This device must accept any interference received, including interference that may cause undesired operations. This equipment has been tested and found to comply with the limits for a CLASS B digital device pursuant to Part 15 of the FCC Rules. These limi
Summary of the content on the page No. 4
ZyWALL 2 and ZyWALL 2WE Information for Canadian Users The Industry Canada label identifies certified equipment. This certification means that the equipment meets certain telecommunications network protective, operation, and safety requirements. The Industry Canada does not guarantee that the equipment will operate to a user's satisfaction. Before installing this equipment, users should ensure that it is permissible to be connected to the facilities of the local telecommunications company.
Summary of the content on the page No. 5
ZyWALL 2 and ZyWALL 2WE ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts
Summary of the content on the page No. 6
ZyWALL 2 and ZyWALL 2WE Customer Support When you contact your customer support representative please have the following information ready: Please have the following information ready when you contact customer support. • Product model and serial number. • Information in Menu 24.2.1 – System Information. • Warranty Information. • Date that you received your device. • Brief description of the problem and the steps you took to solve it. METHOD E-MAIL TELEPHONE/FAX WEB SITE/ FTP SITE RE
Summary of the content on the page No. 7
ZyWALL 2 and ZyWALL 2WE Table of Contents Copyright......................................................................................................................................................ii Federal Communications Commission (FCC) Interference Statement................................................. iii Information for Canadian Users ...............................................................................................................iv ZyXEL Limited Warranty .....
Summary of the content on the page No. 8
ZyWALL 2 and ZyWALL 2WE 3.2 Accessing the ZyWALL Web Configurator ...............................................................................3-1 3.3 Web Configurator Navigation.....................................................................................................3-2 Chapter 4 Introducing the SMT..............................................................................................................4-1 4.1 Introduction to the SMT.........................................
Summary of the content on the page No. 9
ZyWALL 2 and ZyWALL 2WE 8.2 Levels of Security ...................................................................................................................... 8-1 8.3 Data Encryption with WEP........................................................................................................8-2 8.4 Network Authentication ............................................................................................................. 8-3 8.5 Local User Authentication ...................
Summary of the content on the page No. 10
ZyWALL 2 and ZyWALL 2WE 12.5 General NAT Examples......................................................................................................12-17 12.6 Trigger Port Forwarding .....................................................................................................12-24 Firewall and Content Filters.........................................................................................................................IV Chapter 13 Firewalls ..............................
Summary of the content on the page No. 11
ZyWALL 2 and ZyWALL 2WE 16.7 Creating/Editing A Custom Port ........................................................................................ 16-14 16.8 Example Firewall Rule....................................................................................................... 16-15 Chapter 17 Content Filtering................................................................................................................ 17-1 17.1 Introduction to Content Filtering.....................
Summary of the content on the page No. 12
ZyWALL 2 and ZyWALL 2WE 21.1 Introduction to System Status ...............................................................................................21-1 21.2 System Status........................................................................................................................21-1 21.3 System Information and Console Port Speed........................................................................21-3 21.4 Log and Trace ....................................................
Summary of the content on the page No. 13
ZyWALL 2 and ZyWALL 2WE 25.1 Introduction to Call Scheduling ........................................................................................... 25-1 25.2 Configuring Call Scheduling................................................................................................ 25-1 25.3 Applying Schedule Sets ....................................................................................................... 25-3 Chapter 26 Introduction to IPSec...................................
Summary of the content on the page No. 14
ZyWALL 2 and ZyWALL 2WE 23.1 Problems Starting Up the ZyWALL .....................................................................................28-1 28.1 Problems with a LAN Interface ............................................................................................28-2 28.2 Problems with the WAN Interface........................................................................................28-2 28.3 Problems with Internet Access..................................................
Summary of the content on the page No. 15
ZyWALL 2 and ZyWALL 2WE Index ............................................................................................................................................................A Table of Contents xv
Summary of the content on the page No. 16
ZyWALL 2 and ZyWALL 2WE List of Figures Figure 1-1 Secure Internet Access and VPN Application ...............................................................................1-6 Figure 1-2 ZyWALL 2WE Wireless LAN Application...................................................................................1-6 Figure 2-1 ZyWALL 2WE Front Panel...........................................................................................................2-1 Figure 2-2 ZyWALL 2 Front Panel........
Summary of the content on the page No. 17
ZyWALL 2 and ZyWALL 2WE Figure 7-7 Menu 3.2.1: IP Alias Setup........................................................................................................... 7-9 Figure 7-8 RTS Threshold............................................................................................................................7-11 Figure 7-9 Menu 3.5 – Wireless LAN Setup................................................................................................ 7-12 Figure 8-1 ZyWALL Wireless
Summary of the content on the page No. 18
ZyWALL 2 and ZyWALL 2WE Figure 12-1 How NAT Works.......................................................................................................................12-3 Figure 12-2 NAT Application With IP Alias .................................................................................................12-4 Figure 12-3 Menu 4: Applying NAT for Internet Access..............................................................................12-7 Figure 12-4 Menu 11.3: Applying NAT to the R
Summary of the content on the page No. 19
ZyWALL 2 and ZyWALL 2WE Figure 13-3 SYN Flood................................................................................................................................ 13-5 Figure 13-4 Smurf Attack ............................................................................................................................ 13-6 Figure 13-5 Stateful Inspection.................................................................................................................... 13-8 Figure 14
Summary of the content on the page No. 20
ZyWALL 2 and ZyWALL 2WE Figure 19-3 Menu 21: Filter and Firewall Setup...........................................................................................19-4 Figure 19-4 Menu 21.1: Filter Set Configuration .........................................................................................19-4 Figure 19-5 Menu 21.1.1.1: TCP/IP Filter Rule ...........................................................................................19-7 Figure 19-6 Executing an IP Filter............