ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1 Podręcznik Użytkownika Strona 126
- Strona / 386
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
Chapter 15 Firewall
ZyWALL (ZLD) CLI Reference Guide
126
Your customized rules take precedence and override the ZyWALL’s default settings. The
ZyWALL checks the schedule, user name (user’s login name on the ZyWALL), source IP
address, destination IP address and IP protocol type of network traffic against the firewall
rules (in the order you list them). When the traffic matches a rule, the ZyWALL takes the
action specified in the rule.
For example, if you want to allow a specific user from any computer to access one zone by
logging in to the ZyWALL, you can set up a rule based on the user name only. If you also
apply a schedule to the firewall rule, the user can only access the network at the scheduled
time. A user-aware firewall rule is activated whenever the user logs in to the ZyWALL and
will be disabled after the user logs out of the ZyWALL.
15.2 Firewall Commands
The following table identifies the values required for many of these commands. Other input
values are discussed with the corresponding commands.
The following table describes the commands available for the firewall. You must use the
configure terminal command to enter the configuration mode before you can use these
commands.
Table 62 Input Values for General Firewall Commands
LABEL DESCRIPTION
address_object The name of the IP address (group) object. You may use 1-31 alphanumeric
characters, underscores(
_), or dashes (-), but the first character cannot be a
number. This value is case-sensitive.
user_name The name of a user (group). You may use 1-31 alphanumeric characters,
underscores(_), or dashes (-), but the first character cannot be a number.
This value is case-sensitive.
zone_object The name of the zone. For the ZyWALL USG 300 and above, use up to 31
characters (a-zA-Z0-9_-). The name cannot start with a number. This value is
case-sensitive.
The ZyWALL USG 100 and 200 models use pre-defined zone names like
DMZ, LAN1, SSL VPN, WLAN, IPSec VPN, OPT, and WAN.
rule_number The priority number of a firewall rule. 1 - X where X is the highest number of
rules the ZyWALL model supports. See the ZyWALL’s User’s Guide for
details.
schedule_object The name of the schedule. You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number.
This value is case-sensitive.
service_name The name of the service (group). You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number.
This value is case-sensitive.
Table 63 Command Summary: Firewall
COMMAND DESCRIPTION
[no] connlimit max-per-host <1..8192> Sets he highest number of sessions that the
ZyWALL will permit a host to have at one time.
The
no command removes the settings.
firewall rule_number Enters the firewall sub-command mode to set
a firewall rule. See Table 64 on page 128 for
the sub-commands.
- ZyWALL (ZLD) 1
- Document Conventions 4
- Icons Used in Figures 5
- Contents Overview 7
- Introduction 9
- CHAPTER 1 11
- 1.2.1 Console Port 12
- 1.2.3 Telnet 15
- 1.2.4 SSH (Secure SHell) 15
- Figure 8 SSH Login Example 16
- 1.5 CLI Modes 17
- 1.6 Shortcuts and Help 18
- Router# c [TAB] 20
- Router# co [TAB] 20
- 1.7 Input Values 21
- 1.8 Ethernet Interfaces 24
- 1.10 Logging Out 25
- CHAPTER 2 27
- 2.1.1 Debug Commands 29
- CHAPTER 3 31
- Chapter 3 Object Reference 32
- CHAPTER 4 33
- RAM size, and serial number 34
- Chapter 4 Status 35
- Chapter 4 Status 36
- CHAPTER 5 37
- Chapter 5 Registration 38
- 5.2 Registration Commands 39
- 5.3 Country Code 40
- Chapter 5 Registration 41
- CHAPTER 6 47
- Chapter 6 Interfaces 49
- Chapter 6 Interfaces 50
- 6.2.2 DHCP Setting Commands 55
- 6.2.4 RIP Commands 59
- 6.2.5 OSPF Commands 60
- 6.3.2 Port Grouping Commands 64
- _), or dashes (-) 70
- _), or dashes 70
- 6.6.1 Cellular Status 71
- Table 28 Cellular Status 72
- 6.7 WLAN Specific Commands 73
- 6.9 Bridge Specific Commands 79
- CHAPTER 7 83
- 7.4 Trunk Commands Summary 84
- 7.5 Trunk Command Examples 85
- Chapter 7 Trunks 86
- 7.6 Link Sticking 87
- CHAPTER 8 89
- Chapter 8 Route 93
- 8.3 IP Static Route 94
- 8.4 Static Route Commands 95
- Chapter 8 Route 96
- CHAPTER 9 97
- 9.2.1 RIP Commands 98
- 9.2.2 General OSPF Commands 98
- 9.2.3 OSPF Area Commands 99
- 9.2.4 Virtual Link Commands 99
- CHAPTER 10 101
- 10.2 Zone Commands Summary 102
- 10.2.1 Zone Command Examples 103
- Chapter 10 Zones 104
- CHAPTER 11 105
- 11.2 DDNS Commands Summary 106
- Chapter 11 DDNS 108
- CHAPTER 12 109
- Chapter 12 Virtual Servers 110
- Chapter 12 Virtual Servers 111
- 192.168.3.7 112
- CHAPTER 13 115
- 13.2 HTTP Redirect Commands 116
- Chapter 13 HTTP Redirect 117
- Chapter 13 HTTP Redirect 118
- CHAPTER 14 119
- 14.2 ALG Commands 120
- 14.3 ALG Commands Example 121
- Chapter 14 ALG 122
- PART III 123
- CHAPTER 15 125
- 15.2 Firewall Commands 126
- Chapter 15 Firewall 127
- 15.2.1 Firewall Sub-Commands 128
- 15.3 Session Limit Commands 130
- means all IP 131
- means all users 131
- Chapter 15 Firewall 132
- IPSec VPN (135) 133
- SSL VPN (145) 133
- L2TP VPN (151) 133
- CHAPTER 16 135
- 16.2.1 IKE SA Commands 137
- VPN gateways) 139
- SA in a VPN concentrator 140
- Chapter 16 IPSec VPN 141
- 16.2.5 SA Monitor Commands 143
- Chapter 16 IPSec VPN 144
- CHAPTER 17 145
- 17.2.1 SSL VPN Commands 146
- Chapter 17 SSL VPN 147
- Table 74 SSL VPN Commands 147
- Chapter 17 SSL VPN 148
- CHAPTER 18 151
- 18.3 Policy Route 152
- 18.4 L2TP VPN Commands 153
- 18.5 L2TP VPN Example 154
- Chapter 18 L2TP VPN 155
- Figure 23 L2TP VPN Example 155
- Chapter 18 L2TP VPN 156
- • Enable the policy route 157
- Application Patrol 159
- CHAPTER 19 161
- 19.2.2.1 Rule Sub-commands 163
- Chapter 19 Application Patrol 164
- Anti-Virus (175) 173
- IDP Commands (183) 173
- Content Filtering (201) 173
- Anti-Spam (211) 173
- CHAPTER 20 175
- 20.2.3 White and Black Lists 178
- Chapter 20 Anti-Virus 179
- Chapter 20 Anti-Virus 180
- Table 92 Update Signatures 180
- 20.4 Anti-virus Statistics 181
- CHAPTER 21 183
- 21.3 IDP Profile Commands 184
- Chapter 21 IDP Commands 185
- old_profile new_profile 185
- Chapter 21 IDP Commands 186
- 21.3.6 Signature Search 191
- 21.4 IDP Custom Signatures 193
- Table 104 Custom Signatures 194
- 21.5 Update IDP Signatures 197
- 21.6 IDP Statistics 198
- CHAPTER 22 201
- Chapter 22 Content Filtering 203
- Chapter 22 Content Filtering 204
- (see Chapter 5 on page 37) 209
- CHAPTER 23 211
- 23.2.3 White and Black Lists 213
- Chapter 23 Anti-Spam 214
- Chapter 23 Anti-Spam 215
- Table 119 DNSBL Commands 216
- 23.3 Anti-Spam Statistics 218
- PART VII 221
- CHAPTER 24 223
- 24.1.1 Before You Begin 224
- Chapter 24 Device HA 225
- 24.6.1 VRRP Group Commands 228
- Chapter 24 Device HA 230
- PART VIII 231
- CHAPTER 25 233
- 25.2.1 User Commands 234
- 25.2.2 User Group Commands 235
- 25.2.3 User Setting Commands 235
- Chapter 25 User/Group 237
- Chapter 25 User/Group 240
- CHAPTER 26 241
- Chapter 26 Addresses 242
- CHAPTER 27 245
- ICMP_ECHO to SG1 247
- Chapter 27 Services 248
- CHAPTER 28 249
- Chapter 28 Schedules 250
- Table 143 schedule Commands 250
- CHAPTER 29 251
- 29.2.1 ad-server Commands 252
- 29.2.2 ldap-server Commands 252
- Chapter 29 AAA Server 258
- CHAPTER 30 259
- 30.3 test aaa Command 261
- CHAPTER 31 263
- Chapter 31 Certificates 265
- Chapter 31 Certificates 266
- CHAPTER 32 269
- Chapter 32 ISP Accounts 272
- CHAPTER 33 273
- Chapter 33 SSL Application 274
- Chapter 33 SSL Application 275
- CHAPTER 34 277
- Chapter 34 Endpoint Security 278
- Chapter 34 Endpoint Security 279
- System (287) 285
- CHAPTER 35 287
- Chapter 35 System 288
- 35.3 Host Name Commands 289
- 35.4 Time and Date 289
- 35.4.1 Date/Time Commands 290
- 35.5 Console Port Speed 291
- 35.6 DNS Overview 291
- 35.6.2 DNS Commands 292
- 35.7 SNAT Overview 293
- CHAPTER 36 295
- 36.3 HTTP/HTTPS Commands 296
- 36.4 SSH 298
- 36.4.3 SSH Commands 299
- 36.4.4 SSH Command Examples 299
- 36.5 Telnet 300
- 36.6 Telnet Commands 300
- 36.7 Configuring FTP 301
- 36.8 SNMP 302
- 36.8.1 Supported MIBs 303
- 36.8.2 SNMP Traps 303
- 36.8.3 SNMP Commands 303
- 36.9 ICMP Filter 305
- 36.10 Dial-in Management 305
- 36.10.3 Response Strings 306
- 36.11 Vantage CNM 307
- 36.12 Language Commands 308
- Maintenance 309
- CHAPTER 37 311
- Chapter 37 File Manager 312
- Chapter 37 File Manager 313
- 37.6 FTP File Transfer 316
- Figure 34 Firmware Damaged 320
- Figure 35 Enter Debug Mode 320
- Figure 45 Restart Complete 324
- Figure 49 Enter Debug Mode 326
- Figure 55 Startup Complete 328
- CHAPTER 38 329
- 38.1.2 System Log Commands 330
- 38.1.3 Debug Log Commands 331
- Vantage Report) server 332
- Chapter 38 Logs 334
- CHAPTER 39 335
- 39.1.3 Session Commands 336
- Chapter 39 Reports and Reboot 338
- 39.3 Reboot 339
- CHAPTER 40 341
- Chapter 40 Session Timeout 342
- CHAPTER 41 343
- Chapter 41 Diagnostics 344
- CHAPTER 42 345
- Chapter 42 Maintenance Tools 346
- 42.0.1 Command Examples 347
- Chapter 42 Maintenance Tools 349
- CHAPTER 43 351
- 43.3 Application Watchdog 352
- Chapter 43 Watchdog Timer 353
- Chapter 43 Watchdog Timer 354
- Command List 355
Powiązane produkty i podręczniki dla Bramy / kontrolery ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1
(20 strony)
(32 strony)
(40 strony)
(2 strony)© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.166 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji