Zyxel-communications 10 Instrukcja Użytkownika

ZyWALL 10/10W/50/100 Internet Security Gateway User’s Guide Versions 3.52 and 3.60 December 2002

ZyWALL 10~100 Series Internet Security Gateway x Table of Contents 13.2 Types of Firewalls...

ZyWALL 10~100 Series Internet Security Gateway 7-2 Wireless LAN Security Setup Your ZyWALL allows you to configure up to four 64-bit or 128-bit WEP

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-3 Table 7-1 Wireless LAN FIELD DESCRIPTION EXAMPLE Enable Wireless LA

ZyWALL 10~100 Series Internet Security Gateway 7-4 Wireless LAN Security Setup • Authorization Determines the network services available to authen

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-5 7.3.3 Sequence for EAP Authentication The following figure shows th

ZyWALL 10~100 Series Internet Security Gateway 7-6 Wireless LAN Security Setup Figure 7-4 Wireless LAN 802.1X Authentication The following table

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-7 Figure 7-5 Authentication RADIUS The following table describes the

ZyWALL 10~100 Series Internet Security Gateway 7-8 Wireless LAN Security Setup Table 7-3 Authentication RADIUS FIELD DESCRIPTION EXAMPLE Port Numb

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-9 Figure 7-6 Local User Database

ZyWALL 10~100 Series Internet Security Gateway 7-10 Wireless LAN Security Setup The following table describes the fields in this screen. Table 7-4

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-11 Figure 7-7 WLAN MAC Address Filter The following table describes

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xi 17.4 List Update...

ZyWALL 10~100 Series Internet Security Gateway 7-12 Wireless LAN Security Setup Table 7-5 WLAN MAC Address Filter FIELD DESCRIPTION Click Apply to

ZyWALL 10~100 Series Internet Security Gateway DMZ Setup 8-1Chapter 8 DMZ Setup This chapter describes how to configure the ZyWALL 100’s DMZ using

ZyWALL 10~100 Series Internet Security Gateway 8-2 DMZ Setup 8.2 DMZ Port Filter Setup This menu allows you to specify the filter sets that you wish

ZyWALL 10~100 Series Internet Security Gateway DMZ Setup 8-3 Figure 8-4 Menu 5.2: TCP/IP Setup The TCP/IP setup fields are the same as the ones in

ZyWALL 10~100 Series Internet Security Gateway 8-4 DMZ Setup Figure 8-5 Menu 5.2.1: IP Alias Setup Refer to Table 6-5 for instructions on configurin

ZyWALL 10~100 Series Internet Security Gateway Internet Access 9-1Chapter 9 Internet Access This chapter shows you how to configure your ZyWALL for

ZyWALL 10~100 Series Internet Security Gateway 9-2 Internet Access Table 9-1 Menu 4: Internet Access Setup Menu Fields FIELD DESCRIPTION Encapsulat

ZyWALL 10~100 Series Internet Security Gateway Internet Access 9-3The ZyWALL supports only one PPTP server connection at any given time. 9.1.3 Con

ZyWALL 10~100 Series Internet Security Gateway 9-4 Internet Access 9.1.4 PPPoE Encapsulation The ZyWALL supports PPPoE (Point-to-Point Protocol over

ZyWALL 10~100 Series Internet Security Gateway Internet Access 9-5Table 9-3 New Fields in Menu 4 (PPPoE) screen FIELD DESCRIPTION EXAMPLE Encap

ZyWALL 10~100 Series Internet Security Gateway xii Table of Contents 22.1 Filename Conventions ...

Advanced Applications III Part III: Advanced Applications This part covers Remote Node Setup, IP Static Route Setup and Network Address Transla

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-1 Chapter 10 Remote Node Setup This chapter shows you how to configure a remote

ZyWALL 10~100 Series Internet Security Gateway 10-2 Remote Node Setup 10.2 Remote Node Profile The following explains how to configure the remote

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-3 Table 10-1 Fields in Menu 11.1 FIELD DESCRIPTION EXAMPLE Service Type Press

ZyWALL 10~100 Series Internet Security Gateway 10-4 Remote Node Setup The ZyWALL supports PPPoE (Point-to-Point Protocol over Ethernet). You can on

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-5 Do not specify a nailed-up connection unless your telephone company offers fl

ZyWALL 10~100 Series Internet Security Gateway 10-6 Remote Node Setup Figure 10-4 Menu 11.1: Remote Node Profile for PPTP Encapsulation The next t

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-7 10.3 Editing TCP/IP Options (with Ethernet Encapsulation) Move the cursor t

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xiii 25.7 Bandwidth Borrowing...

ZyWALL 10~100 Series Internet Security Gateway 10-8 Remote Node Setup Table 10-4 Remote Node Network Layer Options Menu Fields FIELD DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-9 10.3.1 Editing TCP/IP Options (with PPTP Encapsulation) Make sure that Encaps

ZyWALL 10~100 Series Internet Security Gateway 10-10 Remote Node Setup Table 10-5 Remote Node Network Layer Options Menu Fields FIELD DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-11 10.3.2 Editing TCP/IP Options (with PPPoE Encapsulation) Make sure Encapsula

ZyWALL 10~100 Series Internet Security Gateway 10-12 Remote Node Setup Figure 10-8 Menu 11.5: Remote Node Filter (PPPoE or PPTP Encapsulation) 10.5

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-13 one subnet (Subnet 1 in the following figure) and the backup gateway in anot

ZyWALL 10~100 Series Internet Security Gateway 10-14 Remote Node Setup Table 10-6 Menu 11.1: Remote Node Profile (Traffic Redirect Field) FIELD DE

ZyWALL 10~100 Series Internet Security Gateway Remote Node Setup 10-15 Table 10-7 Traffic Redirect Setup FIELD DESCRIPTION EXAMPLE Configuration:

ZyWALL 10~100 Series Internet Security Gateway IP Static Route Setup 11-1Chapter 11 IP Static Route Setup This chapter shows you how to configure

ZyWALL 10~100 Series Internet Security Gateway xiv Table of Contents Troubleshooting ...

ZyWALL 10~100 Series Internet Security Gateway 11-2 IP Static Route Setup 11.1 IP Static Route Setup Enter 12 from the main menu. Select one of th

ZyWALL 10~100 Series Internet Security Gateway IP Static Route Setup 11-3 Figure 11-3 Menu 12. 1: Edit IP Static Route `The following table describ

ZyWALL 10~100 Series Internet Security Gateway 11-4 IP Static Route Setup Table 11-1 IP Static Route Menu Fields FIELD DESCRIPTION Private This p

ZyWALL 10~100 Series Internet Security Gateway NAT 12-1Chapter 12 Network Address Translation (NAT) This chapter discusses how to configure NAT on t

ZyWALL 10~100 Series Internet Security Gateway 12-2 NAT NAT never changes the IP address (either local or global) of an outside host. 12.1.2 What NAT

ZyWALL 10~100 Series Internet Security Gateway NAT 12-3 Figure 12-1 How NAT Works

ZyWALL 10~100 Series Internet Security Gateway 12-4 NAT 12.1.4 NAT Application The following figure illustrates a possible NAT application, where thr

ZyWALL 10~100 Series Internet Security Gateway NAT 12-52. Many to One: In Many-to-One mode, the ZyWALL maps multiple local IP addresses to one globa

ZyWALL 10~100 Series Internet Security Gateway 12-6 NAT Table 12-2 NAT Mapping Types TYPE IP MAPPING SMT ABBREVIATION Many-One-to-One ILA1ÅÆ IGA1 ILA

ZyWALL 10~100 Series Internet Security Gateway NAT 12-7. Figure 12-3 Menu 4: Applying NAT for Internet Access The following figure shows how you appl

ZyWALL 10~100 Series Internet Security Gateway Table of Contents xv Appendix Q Log Descriptions...

ZyWALL 10~100 Series Internet Security Gateway 12-8 NAT Figure 12-4 Menu 11.3: Applying NAT to the Remote Node The following table describes the opt

ZyWALL 10~100 Series Internet Security Gateway NAT 12-911.3, the SMT will use Set 1, which supports all mapping types as outlined in Table 12-2. When

ZyWALL 10~100 Series Internet Security Gateway 12-10 NAT Figure 12-7 Menu 15.1.255: SUA Address Mapping Rules The following table explains the field

ZyWALL 10~100 Series Internet Security Gateway NAT 12-11Table 12-4 SUA Address Mapping Rules FIELD DESCRIPTION EXAMPLE Once you have finished confi

ZyWALL 10~100 Series Internet Security Gateway 12-12 NAT ignored. If there are any empty rules before your new configured rule, your configured rule

ZyWALL 10~100 Series Internet Security Gateway NAT 12-13An IP End address must be numerically greater than its corresponding IP Start address. Figure

ZyWALL 10~100 Series Internet Security Gateway 12-14 NAT 12.4 NAT Server Sets – Port Forwarding A NAT server set is a list of inside (behind NAT on

ZyWALL 10~100 Series Internet Security Gateway NAT 12-15Table 12-7 Services & Port Numbers SERVICES PORT NUMBER DNS (Domain Name System) 53 Fin

ZyWALL 10~100 Series Internet Security Gateway 12-16 NAT Figure 12-10 Menu 15.2: NAT Server Setup Figure 12-11 Multiple Servers Behind NAT Example

ZyWALL 10~100 Series Internet Security Gateway NAT 12-1712.5 General NAT Examples 12.5.1 Internet Access Only In the following Internet access exampl

ZyWALL 10~100 Series Internet Security Gateway xvi List of Figures List of Figures Figure 1-1 Secure Internet Access via Cable, DSL or Wireless Mode

ZyWALL 10~100 Series Internet Security Gateway 12-18 NAT From menu 4 shown above, simply choose the SUA Only option from the Network Address Transla

ZyWALL 10~100 Series Internet Security Gateway NAT 12-19 Figure 12-15 Menu 15.2: Specifying an Inside Server 12.5.3 Example 3: Multiple Public IP Add

ZyWALL 10~100 Series Internet Security Gateway 12-20 NAT Figure 12-16 NAT Example 3 Step 1. In this case you need to configure Address Mapping Se

ZyWALL 10~100 Series Internet Security Gateway NAT 12-21 Figure 12-17 Example 3: Menu 11.3 The following figure shows how to configure the first rul

ZyWALL 10~100 Series Internet Security Gateway 12-22 NAT Figure 12-19 Example 3: Final Menu 15.1.1 Now configure the IGA3 to map to our web server

ZyWALL 10~100 Series Internet Security Gateway NAT 12-2312.5.4 Example 4: NAT Unfriendly Application Programs Some applications do not support NAT Ma

ZyWALL 10~100 Series Internet Security Gateway 12-24 NAT Figure 12-22 Example 4: Menu 15.1.1.1: Address Mapping Rule After you’ve configured your r

ZyWALL 10~100 Series Internet Security Gateway NAT 12-25the server on the WAN) to the IP address of a computer on the client side (LAN). The problem

ZyWALL 10~100 Series Internet Security Gateway 12-26 NAT 5. Only Jane can connect to the Real Audio server until the connection is closed or times

ZyWALL 10~100 Series Internet Security Gateway NAT 12-27 Table 12-8 Menu 15.3—Trigger Port Setup Description FIELD DESCRIPTION EXAMPLE Rule This i

ZyWALL 10~100 Series Internet Security Gateway List of Figures xvii Figure 5-6 Remote Node PPP Options Menu Fields...

Firewall and Content Filters IV Part IV: Firewall and Content Filters This part introduces firewalls in general and the ZyWALL firewall. It also

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-1 Chapter 13 Firewalls This chapter gives some background information on firewalls and e

ZyWALL 10~100 Series Internet Security Gateway 13-2 Firewalls i. Information hiding prevents the names of internal systems from being made known via

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-3 Figure 13-1 ZyWALL Firewall Application 13.4 Denial of Service Denials of Service (

ZyWALL 10~100 Series Internet Security Gateway 13-4 Firewalls for use over a single port, such as Web on port 80, other ports are also active. If the

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-5 Figure 13-2 Three-Way Handshake Under normal circumstances, the application that init

ZyWALL 10~100 Series Internet Security Gateway 13-6 Firewalls 2-b In a LAND Attack, hackers flood SYN packets into the network with a spoofed source

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-7  Illegal Commands (NetBIOS and SMTP) The only legal NetBIOS commands are the followi

ZyWALL 10~100 Series Internet Security Gateway xviii List of Figures Figure 9-2 Internet Access Setup (PPTP) ...

ZyWALL 10~100 Series Internet Security Gateway 13-8 Firewalls all communications to the Internet that originate from the LAN, and blocks all traffic

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-9 1. The packet travels from the firewall's LAN to the WAN. 2. The packet is eval

ZyWALL 10~100 Series Internet Security Gateway 13-10 Firewalls These custom rules work by evaluating the network traffic’s Source IP address, Destina

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-11 A similar situation exists for ICMP, except that the ZyWALL is even more restrictive.

ZyWALL 10~100 Series Internet Security Gateway 13-12 Firewalls 7. Keep the firewall in a secured (locked) room. 13.6.1 Security In General You can

ZyWALL 10~100 Series Internet Security Gateway Firewalls 13-13 13.7.1 Packet Filtering:  The router filters packets as they pass through the route

ZyWALL 10~100 Series Internet Security Gateway 13-14 Firewalls 3. To selectively block/allow inbound or outbound traffic between inside host/network

ZyWALL 10~100 Series Internet Security Gateway Introducing the ZyWALL Firewall 14-1 Chapter 14 Introducing the ZyWALL Firewall This chapter shows y

ZyWALL 10~100 Series Internet Security Gateway 14-2 Introducing the ZyWALL Firewall 14.3.1 Activating the Firewall Enter option 2 in this menu to b

ZyWALL 10~100 Series Internet Security Gateway Using the ZyWALL Web Configurator 15-1 Chapter 15 Using the ZyWALL Web Configurator This chapter show

ZyWALL 10~100 Series Internet Security Gateway List of Figures xix Figure 12-11 Multiple Servers Behind NAT Example ...

ZyWALL 10~100 Series Internet Security Gateway 15-2 Using the ZyWALL Web Configurator Figure 15-1 Enabling the Firewall (ZyWALL 100) 15.2.1 Alerts

ZyWALL 10~100 Series Internet Security Gateway Using the ZyWALL Web Configurator 15-3 determine when to drop sessions that do not become fully estab

ZyWALL 10~100 Series Internet Security Gateway 15-4 Using the ZyWALL Web Configurator threshold (one-minute low). The rate is the number of new att

ZyWALL 10~100 Series Internet Security Gateway Using the ZyWALL Web Configurator 15-5 Figure 15-2 Attack Alert The following table describes the fi

ZyWALL 10~100 Series Internet Security Gateway 15-6 Using the ZyWALL Web Configurator Table 15-1 Attack Alert FIELD DESCRIPTION DEFAULT VALUES One

ZyWALL 10~100 Series Internet Security Gateway Using the ZyWALL Web Configurator 15-7 Table 15-1 Attack Alert FIELD DESCRIPTION DEFAULT VALUES Bloc

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-1 Chapter 16 Creating Custom Rules This chapter contains instructions for d

ZyWALL 10~100 Series Internet Security Gateway 16-2 Creating Custom Rules This prevents computers on the DMZ from communicating between networks or

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-3 16.2.2 Security Ramifications Once the logic of the rule has been defined

ZyWALL 10~100 Series Internet Security Gateway ii Copyright Copyright Copyright © 2002 by ZyXEL Communications Corporation. The contents of this publ

ZyWALL 10~100 Series Internet Security Gateway xx List of Figures Figure 16-4 Creating/Editing A Firewall Rule (ZyWALL100)...

ZyWALL 10~100 Series Internet Security Gateway 16-4 Creating Custom Rules 16.3 Connection Direction Examples This section describes examples for f

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-5 See the following figure. Figure 16-2 WAN to LAN Traffic 16.4 Rule Summ

ZyWALL 10~100 Series Internet Security Gateway 16-6 Creating Custom Rules Figure 16-3 Firewall Rules Summary: First Screen (ZyWALL100) The followi

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-7 Table 16-1 Firewall Rules Summary: First Screen FIELD DESCRIPTION Vacant

ZyWALL 10~100 Series Internet Security Gateway 16-8 Creating Custom Rules Table 16-1 Firewall Rules Summary: First Screen FIELD DESCRIPTION Insert

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-9 Table 16-2 Predefined Services SERVICE DESCRIPTION CU-SEEME(TCP/UDP:764

ZyWALL 10~100 Series Internet Security Gateway 16-10 Creating Custom Rules Table 16-2 Predefined Services SERVICE DESCRIPTION NNTP(TCP:119) Net

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-11 Table 16-2 Predefined Services SERVICE DESCRIPTION TACACS(UDP:49) Lo

ZyWALL 10~100 Series Internet Security Gateway 16-12 Creating Custom Rules Figure 16-4 Creating/Editing A Firewall Rule (ZyWALL100) Table 16-3 Cr

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-13 Table 16-3 Creating/Editing A Firewall Rule FIELD DESCRIPTION OPTIONS

ZyWALL 10~100 Series Internet Security Gateway List of Figures xxi Figure 19-12 Protocol and Device Filter Sets ...

ZyWALL 10~100 Series Internet Security Gateway 16-14 Creating Custom Rules Table 16-3 Creating/Editing A Firewall Rule FIELD DESCRIPTION OPTIONS

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-15 Table 16-4 Adding/Editing Source and Destination Addresses FIELD DESCRI

ZyWALL 10~100 Series Internet Security Gateway 16-16 Creating Custom Rules Figure 16-6 Creating/Editing A Custom Port The next table describes the

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-17 16.8 Example Firewall Rule The following Internet firewall rule examp

ZyWALL 10~100 Series Internet Security Gateway 16-18 Creating Custom Rules Step 6. Configure the Firewall IP Config screen as follows and click Ap

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-19 Figure 16-9 Custom Port for MyService Step 8. The firewall rule confi

ZyWALL 10~100 Series Internet Security Gateway 16-20 Creating Custom Rules Figure 16-10 MyService Rule Configuration (ZyWALL100) This is your “My

ZyWALL 10~100 Series Internet Security Gateway Creating Custom Rules 16-21 Step 9. On completing the configuration procedure for this Internet fir

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-1 Chapter 17 Content Filtering This chapter provides a brief overview of conten

ZyWALL 10~100 Series Internet Security Gateway xxii List of Figures Figure 22-11 Restore Configuration Example ...

ZyWALL 10~100 Series Internet Security Gateway 17-2 Content Filtering Figure 17-1Content Filter: Categories Table 17-1 Content Filter: Categories L

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-3 Table 17-1 Content Filter: Categories LABEL DESCRIPTION Java A programming

ZyWALL 10~100 Series Internet Security Gateway 17-4 Content Filtering Table 17-1 Content Filter: Categories LABEL DESCRIPTION Gross Depictions Sel

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-5 Table 17-1 Content Filter: Categories LABEL DESCRIPTION Sports/ Entertainm

ZyWALL 10~100 Series Internet Security Gateway 17-6 Content Filtering Figure 17-2 Content Filter: Free Table 17-2 Content Filter: Free LABEL DESCRI

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-7 17.3 iCard Click Content on the navigation panel, and then the iCard tab to o

ZyWALL 10~100 Series Internet Security Gateway 17-8 Content Filtering Table 17-3 Content Filter: iCard LABEL DESCRIPTION E-mail Type your e-mail ad

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-9 Figure 17-4 Content Filter: List Update Table 17-4 Content Filter: List Upd

ZyWALL 10~100 Series Internet Security Gateway 17-10 Content Filtering 17.5 Exempt Computers Click Content on the navigation panel, and then the Exem

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-11 Table 17-5 Content Filter: Exempt Zone LABEL DESCRIPTION Exclude specified a

ZyWALL 10~100 Series Internet Security Gateway List of Figures xxiii Figure 25-10 Bandwidth Management Statistics ...

ZyWALL 10~100 Series Internet Security Gateway 17-12 Content Filtering Figure 17-6 Content Filter: Customize Table 17-6 Content Filter: Customize LA

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-13 Table 17-6 Content Filter: Customize LABEL DESCRIPTION Disable all web traf

ZyWALL 10~100 Series Internet Security Gateway 17-14 Content Filtering 17.7 Domain Name Click Content on the navigation panel, and then the Domain Na

ZyWALL 10~100 Series Internet Security Gateway Content Filtering 17-15 Table 17-7 Content Filter: Domain Name LABEL DESCRIPTION Add Keyword Click A

Logs, Filter Configuration, and SNMP Configuration V Part V: Logs, Filter Configuration, and SNMP Configuration This part provides informatio

ZyWALL 10~100 Series Internet Security Gateway Centralized Logs 18-1Chapter 18 Centralized Logs This chapter contains information about configuring

ZyWALL 10~100 Series Internet Security Gateway 18-2 Centralized Logs Figure 18-1 View Log Table 18-1 View Log FIELD DESCRIPTION Display The catego

ZyWALL 10~100 Series Internet Security Gateway Centralized Logs 18-3Table 18-1 View Log FIELD DESCRIPTION Destination This field lists the desti

ZyWALL 10~100 Series Internet Security Gateway xxiv List of Figures Figure 29-10 Menu 27.1.1.2: Manual Setup ...

ZyWALL 10~100 Series Internet Security Gateway 18-4 Centralized Logs Figure 18-2 Log Settings

ZyWALL 10~100 Series Internet Security Gateway Centralized Logs 18-5 Table 18-2 Log Settings Screen FIELD DESCRIPTION Address Info Mail Server E

ZyWALL 10~100 Series Internet Security Gateway 18-6 Centralized Logs Table 18-2 Log Settings Screen FIELD DESCRIPTION Log Schedule This drop-down m

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-1Chapter 19 Filter Configuration This chapter shows you how to create and ap

ZyWALL 10~100 Series Internet Security Gateway 19-2 Filter Configuration Figure 19-1 Outgoing Packet Filtering Process For incoming packets, your Zy

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-3StartFetch FirstFilter SetFetch FirstFilter RuleActive?ExecuteFilter RuleFe

ZyWALL 10~100 Series Internet Security Gateway 19-4 Filter Configuration You can apply up to four filter sets to a particular port to block multiple

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-5Step 3. Select the filter set you wish to configure (1-12) and press [ENTE

ZyWALL 10~100 Series Internet Security Gateway 19-6 Filter Configuration Table 19-2 Rule Abbreviations Used ABBREVIATION DESCRIPTION IP Pr Protocol

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-7To configure TCP/IP rules, select TCP/IP Filter Rule from the Filter Type f

ZyWALL 10~100 Series Internet Security Gateway List of Tables xxv List of Tables Table 1-1 Model Specific Features...

ZyWALL 10~100 Series Internet Security Gateway 19-8 Filter Configuration Table 19-3 TCP/IP Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS IP Mask

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-9Table 19-3 TCP/IP Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Log Pr

ZyWALL 10~100 Series Internet Security Gateway 19-10 Filter Configuration Packetinto IP FilterMatchedMatchedYesAction MatchedAction Not MatchedMore?N

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-1119.2.3 Generic Filter Rule This section shows you how to configure a gener

ZyWALL 10~100 Series Internet Security Gateway 19-12 Filter Configuration Table 19-4 Generic Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Fil

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-1319.3 Example Filter Let’s look at an example to block outside users from t

ZyWALL 10~100 Series Internet Security Gateway 19-14 Filter Configuration Step 6. Enter 1 to configure the first filter rule (the only filter rule

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-15Figure 19-11 Example Filter Rules Summary: Menu 21.1.3 After you’ve create

ZyWALL 10~100 Series Internet Security Gateway 19-16 Filter Configuration 19.4 Filter Types and NAT There are two classes of filter rules, Generic F

ZyWALL 10~100 Series Internet Security Gateway Filter Configuration 19-1719.6 Applying a Filter and Factory Defaults This section shows you where

ZyWALL 10~100 Series Internet Security Gateway xxvi List of Tables Table 9-1 Menu 4: Internet Access Setup Menu Fields ...

ZyWALL 10~100 Series Internet Security Gateway 19-18 Filter Configuration outgoing traffic from the ZyWALL. The ZyWALL already has filters to prevent

ZyWALL 10~100 Series Internet Security Gateway SNMP Configuration 20-1 Chapter 20 SNMP Configuration This chapter explains SNMP configuration menu

ZyWALL 10~100 Series Internet Security Gateway 20-2 SNMP Configuration Figure 20-1 SNMP Management Model An SNMP managed network consists of two mai

ZyWALL 10~100 Series Internet Security Gateway SNMP Configuration 20-3 • GetNext - Allows the manager to retrieve the next object variable from a

ZyWALL 10~100 Series Internet Security Gateway 20-4 SNMP Configuration Table 20-1 SNMP Configuration Menu Fields FIELD DESCRIPTION EXAMPLE Set Com

System Information and Diagnosis and Firmware and Configuration File Maintenance VI Part VI: System Information and Diagnosis and Firmware and C

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-1 Chapter 21 System Information & Diagnosis This chapter co

ZyWALL 10~100 Series Internet Security Gateway 21-2 System Information and Diagnosis Step 1. Enter number 24 to go to Menu 24 - System Maintenanc

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-3 Table 21-1 System Maintenance: Status Menu Fields FIELD DESCR

ZyWALL 10~100 Series Internet Security Gateway List of Tables xxvii Table 16-4 Adding/Editing Source and Destination Addresses...

ZyWALL 10~100 Series Internet Security Gateway 21-4 System Information and Diagnosis 21.2.1 System Information System Information gives you inform

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-5 21.2.2 Console Port Speed You can change the speed of the con

ZyWALL 10~100 Series Internet Security Gateway 21-6 System Information and Diagnosis After the ZyWALL finishes displaying, you will have the opti

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-7 The ZyWALL uses the UNIX syslog facility to log the CDR (Cal

ZyWALL 10~100 Series Internet Security Gateway 21-8 System Information and Diagnosis Table 21-3 System Maintenance Menu Syslog Parameters PARAMETE

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-9 3. Filter log Filter log Message Format SdcmdSyslogSend(S

ZyWALL 10~100 Series Internet Security Gateway 21-10 System Information and Diagnosis 21.3.3 Call-Triggering Packet Call-Triggering Packet display

ZyWALL 10~100 Series Internet Security Gateway System Information and Diagnosis 21-11 Follow the procedure below to get to Menu 24.4 - System Main

ZyWALL 10~100 Series Internet Security Gateway 21-12 System Information and Diagnosis Figure 21-11 WAN & LAN DHCP The following table describ

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-1 Chapter 22 Firmware and Configuration File Mainten

ZyWALL 10~100 Series Internet Security Gateway xxviii List of Tables Table 24-1 Menu 24.11 – Remote Management Control...

ZyWALL 10~100 Series Internet Security Gateway 22-2 Firmware and Configuration File Maintenance local network or FTP site and so the name (but not

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-3 22.2.1 Backup Configuration Follow the instruction

ZyWALL 10~100 Series Internet Security Gateway 22-4 Firmware and Configuration File Maintenance Figure 22-2 FTP Session Example 22.2.4 GUI-based

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-5 1. The firewall is active (turn the firewall off

ZyWALL 10~100 Series Internet Security Gateway 22-6 Firmware and Configuration File Maintenance 22.2.7 TFTP Command Example The following is an ex

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-7 Figure 22-3 System Maintenance: Backup Configurat

ZyWALL 10~100 Series Internet Security Gateway 22-8 Firmware and Configuration File Maintenance 22.3 Restore Configuration This section shows you

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-9 Figure 22-7 Telnet into Menu 24.6 Step 1. Launch

ZyWALL 10~100 Series Internet Security Gateway 22-10 Firmware and Configuration File Maintenance 22.3.2 Restore Using FTP Session Example Figure 2

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-11 Figure 22-11 Restore Configuration Example Step 4

ZyWALL 10~100 Series Internet Security Gateway List of Tables xxix Table 31-4 Troubleshooting the WAN interface...

ZyWALL 10~100 Series Internet Security Gateway 22-12 Firmware and Configuration File Maintenance WARNING! Do not interrupt the file transfer proce

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-13 22.4.2 Configuration File Upload You see the foll

ZyWALL 10~100 Series Internet Security Gateway 22-14 Firmware and Configuration File Maintenance transfers the configuration file on the ZyWALL to

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-15 Step 3. Enter the command “sys stdio 0” to disab

ZyWALL 10~100 Series Internet Security Gateway 22-16 Firmware and Configuration File Maintenance 22.4.8 Uploading Firmware File Via Console Port S

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-17 22.4.9 Example Xmodem Firmware Upload Using Hyper

ZyWALL 10~100 Series Internet Security Gateway 22-18 Firmware and Configuration File Maintenance Figure 22-18 Menu 24.7.2 as seen using the Conso

ZyWALL 10~100 Series Internet Security Gateway Firmware and Configuration File Maintenance 22-19 Figure 22-19 Example Xmodem Upload After the conf

System Maintenance and Information and Remote Management VII Part VII: System Maintenance and Information and Remote Management This part provid

ZyWALL 10~100 Series Internet Security Gateway FCC iii Federal Communications Commission (FCC) Interference Statement This device complies with Part

ZyWALL 10~100 Series Internet Security Gateway xxx Preface Preface About Your ZyWALL Congratulations on your purchase of the ZyWALL 10, 10W, 50 or 10

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 23-1 Chapter 23 System Maintenance & Information This ch

ZyWALL 10~100 Series Internet Security Gateway 23-2 System Maintenance & Information Figure 23-2 Valid Commands 23.2 Call Control Support The

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 23-3 23.2.1 Budget Management Menu 24.9.1 shows the budget man

ZyWALL 10~100 Series Internet Security Gateway 23-4 System Maintenance & Information 23.2.2 Call History This is the second option in Menu 24.9

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 23-5 23.3 Time and Date Setting The Real Time Chip (RTC) kee

ZyWALL 10~100 Series Internet Security Gateway 23-6 System Maintenance & Information Figure 23-7 Menu 24.10 System Maintenance: Time and Date S

ZyWALL 10~100 Series Internet Security Gateway System Maintenance & Information 23-7 Table 23-3 Time and Date Setting Fields FIELD DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Remote Management 24-1Chapter 24 Remote Management This chapter covers remote management found in S

ZyWALL 10~100 Series Internet Security Gateway Preface xxxi • Mouse action sequences are denoted using a comma. For example, “click the Apple icon,

ZyWALL 10~100 Series Internet Security Gateway 24-2 Remote Management 24.3 FTP You can upload and download the ZyWALL’s firmware and configuration fi

ZyWALL 10~100 Series Internet Security Gateway Remote Management 24-3 LAN only,  Neither (Disable). When you Choose WAN only or ALL (LAN &

ZyWALL 10~100 Series Internet Security Gateway 24-4 Remote Management Table 24-1 Menu 24.11 – Remote Management Control FIELD DESCRIPTION EXAMPLE S

ZyWALL 10~100 Series Internet Security Gateway Remote Management 24-524.9 System Timeout There is a system timeout of five minutes (three hundred

Bandwidth Management VIII Part VIII: Bandwidth Management This part provides information on the functions and configuration of Bandwidth Managem

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-1 Chapter 25 Bandwidth Management This chapter describes the functions and

ZyWALL 10~100 Series Internet Security Gateway 25-2 Bandwidth Management application and/or subnet. Use the Class Configuration tab (see section 25.8

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-3 Figure 25-1 Application-based Bandwidth Management Example 25.4.2 Subnet

ZyWALL 10~100 Series Internet Security Gateway 25-4 Bandwidth Management Table 25-1 Application and Subnet-based Bandwidth Management Example TRAFFIC

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-5 25.5.1 Priority-based Scheduler With the priority-based scheduler, the Zy

ZyWALL 10~100 Series Internet Security Gateway 25-6 Bandwidth Management Step 2. Do not enable the interface’s Maximize Bandwidth Usage option. Step

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-7 In this case, suppose that all of the classes except for the administrati

ZyWALL 10~100 Series Internet Security Gateway 25-8 Bandwidth Management 25.7 Bandwidth Borrowing Bandwidth borrowing allows a child-class to borrow

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-9 Figure 25-6 Bandwidth Borrowing Example  The Bill class can borrow unus

ZyWALL 10~100 Series Internet Security Gateway 25-10 Bandwidth Management  The Bill class cannot borrow unused bandwidth from the Root class because

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-11 25.8.1 Bandwidth Manager Summary Enable bandwidth management on an inter

ZyWALL 10~100 Series Internet Security Gateway 25-12 Bandwidth Management Table 25-2 Bandwidth Manager: Summary FIELD DESCRIPTION LAN WAN DMZ WLAN T

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-13 bigger bandwidth budgets than the total of the budgets of their child-cl

Overview I Part I: Overview This part covers Getting to Know Your ZyWALL and Hardware Installation.

ZyWALL 10~100 Series Internet Security Gateway 25-14 Bandwidth Management 25.8.3 Bandwidth Manager Class Configuration Configure a bandwidth manageme

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-15 Table 25-4 Bandwidth Manager: Class Configuration FIELD DESCRIPTION BW B

ZyWALL 10~100 Series Internet Security Gateway 25-16 Bandwidth Management Table 25-5Services and Port Numbers SERVICES PORT NUMBER ECHO 7 FTP (File T

ZyWALL 10~100 Series Internet Security Gateway Bandwidth Management 25-17 Table 25-6 Bandwidth Management Statistics FIELD DESCRIPTION Class Nam

ZyWALL 10~100 Series Internet Security Gateway 25-18 Bandwidth Management Figure 25-11 Bandwidth Manager Monitor Table 25-7 Bandwidth Manager Monit

IPPR, Call Scheduling and VPN/IPSec IX Part IX: IP Policy Routing, Call Scheduling and VPN/IPSec This part provides information on how to conf

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-1 Chapter 26 IP Policy Routing This chapter covers setting and applying polici

ZyWALL 10~100 Series Internet Security Gateway 26-2 IP Policy Routing address and port, ToS and precedence (fields in the IP header) and length. Th

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-3 Step 2. Type the index of the policy set you want to configure to open Menu

ZyWALL 10~100 Series Internet Security Gateway 26-4 IP Policy Routing Table 26-1 IP Routing Policy Setup ABBREVIATION MEANING T Outgoing Type

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-5 Table 26-2 IP Routing Policy FIELD DESCRIPTION Active Press [SPACE BAR] and t

ZyWALL 10~100 Series Internet Security Gateway 26-6 IP Policy Routing Table 26-2 IP Routing Policy FIELD DESCRIPTION When you have completed this m

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-7 26.6 IP Policy Routing Example If a network has both Internet and remote nod

ZyWALL 10~100 Series Internet Security Gateway 26-8 IP Policy Routing Figure 26-8 IP Routing Policy Example Step 3. Check Menu 25.1 - IP Routing

ZyWALL 10~100 Series Internet Security Gateway IP Policy Routing 26-9 Step 5. Create a rule in menu 25.1.1 for this set to route packets from any

ZyWALL 10~100 Series Internet Security Gateway 26-10 IP Policy Routing Figure 26-10 Applying IP Policies Menu 3.2 - TCP/IP and DHCP Ethernet Setup

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 27-1 Chapter 27 Call Scheduling Call scheduling allows you to dictate when a remote

ZyWALL 10~100 Series Internet Security Gateway 27-2 Call Scheduling To delete a schedule set, enter the set number and press [SPACE BAR] and then [EN

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 27-3 Table 27-1Schedule Set Setup Fields FIELD DESCRIPTION OPTIONS Once: Date

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-1 Chapter 1 Getting to Know Your ZyWALL This chapter introduces the m

ZyWALL 10~100 Series Internet Security Gateway 27-4 Call Scheduling Figure 27-3 Applying Schedule Set(s) to a Remote Node (PPPoE) You can apply up to

ZyWALL 10~100 Series Internet Security Gateway Call Scheduling 27-5 Figure 27-4 Applying Schedule Set(s) to a Remote Node (PPTP)

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 28-1 Chapter 28 Introduction to IPSec This chapter introduces the basics of IP

ZyWALL 10~100 Series Internet Security Gateway 28-2 Introduction to IPSec Figure 28-1 Encryption and Decryption  Data Confidentiality The IPSec

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 28-3 Figure 28-2 VPN Application 28.2 IPSec Architecture The overall IPSec ar

ZyWALL 10~100 Series Internet Security Gateway 28-4 Introduction to IPSec Figure 28-3 IPSec Architecture 28.2.1 IPSec Algorithms The ESP (Encapsul

ZyWALL 10~100 Series Internet Security Gateway Introduction to IPSec 28-5 28.3 Encapsulation The two modes of operation for IPSec VPNs are Transpor

ZyWALL 10~100 Series Internet Security Gateway 28-6 Introduction to IPSec A NAT device in between the IPSec endpoints will rewrite either the sourc

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-1 Chapter 29 VPN/IPSec Setup This chapter introduces the VPN SMT menus. See the

ZyWALL 10~100 Series Internet Security Gateway 1-2 Getting to Know Your ZyWALL Table 1-1 Model Specific Features ZYWALL MODEL FEATURES 100 50 10W

ZyWALL 10~100 Series Internet Security Gateway 29-2 VPN/IPSec Setup Figure 29-2 Menu 27: VPN/IPSec Setup 29.2 IPSec Algorithms The ESP and AH protoc

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-3 Table 29-1 AH and ESP ESP AH Select DES for minimal security and 3DES for maxi

ZyWALL 10~100 Series Internet Security Gateway 29-4 VPN/IPSec Setup IPSec SA lifetime period expires. If there is no traffic when the IPSec SA lifeti

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-5 Table 29-3 Peer Fields LOCAL ID TYPE= CONTENT= IP N/A, do not enter anythi

ZyWALL 10~100 Series Internet Security Gateway 29-6 VPN/IPSec Setup Table 29-5 Mismatching ID Type and Content Configuration Example ZYWALL A ZYWAL

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-7 Table 29-6 Telecommuter and Headquarters Configuration Example TELECOMMUTER H

ZyWALL 10~100 Series Internet Security Gateway 29-8 VPN/IPSec Setup The Secure Gateway IP Address may be configured as 0.0.0.0 only when using IKE ke

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-9 Table 29-7 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE Local Addr Start

ZyWALL 10~100 Series Internet Security Gateway 29-10 VPN/IPSec Setup Table 29-7 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE Remote Addr Start

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-11 Table 29-7 Menu 27.1: IPSec Summary FIELD DESCRIPTION EXAMPLE Select Command P

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-3 10/100 Mbps Ethernet WAN The 10/100 Mbps Ethernet WAN port attaches

ZyWALL 10~100 Series Internet Security Gateway 29-12 VPN/IPSec Setup Figure 29-7 Menu 27.1.1: IPSec Setup You must also configure menu 27.1.1.1 or

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-13 Table 29-8 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE Keep Alive Press

ZyWALL 10~100 Series Internet Security Gateway 29-14 VPN/IPSec Setup Table 29-8 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE Content This field

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-15 Table 29-8 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE End When the Add

ZyWALL 10~100 Series Internet Security Gateway 29-16 VPN/IPSec Setup Table 29-8 Menu 27.1.1: IPSec Setup FIELD DESCRIPTION EXAMPLE End When the Addr

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-17 29.5 IKE Setup To edit this menu, the Key Management field Menu 27.1.1 – IPSec

ZyWALL 10~100 Series Internet Security Gateway 29-18 VPN/IPSec Setup  Set the IPSec SA lifetime. This field allows you to determine how long the IPS

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-19 secret (which may have security implications in the long run) but allows faste

ZyWALL 10~100 Series Internet Security Gateway 29-20 VPN/IPSec Setup Table 29-9 Menu 27.1.1.1: IKE Setup FIELD DESCRIPTION EXAMPLEEncryption Algorith

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-21 Table 29-9 Menu 27.1.1.1: IKE Setup FIELD DESCRIPTION EXAMPLEPerfect Forward S

ZyWALL 10~100 Series Internet Security Gateway 1-4 Getting to Know Your ZyWALL Firewall The ZyWALL is a stateful inspection firewall with DoS (Deni

ZyWALL 10~100 Series Internet Security Gateway 29-22 VPN/IPSec Setup Figure 29-10 Menu 27.1.1.2: Manual Setup Table 29-11 Menu 27.1.1.2: Manual Set

ZyWALL 10~100 Series Internet Security Gateway VPN/IPSec Setup 29-23 Table 29-11 Menu 27.1.1.2: Manual Setup FIELD DESCRIPTION EXAMPLE Key3 Enter

ZyWALL 10~100 Series Internet Security Gateway SA Monitor 30-1 Chapter 30 SA Monitor This chapter teaches you how to manage your SAs by using the S

ZyWALL 10~100 Series Internet Security Gateway 30-2 SA Monitor Table 30-1 Menu 27.2: SA Monitor FIELD DESCRIPTION EXAMPLE # This is the security a

Troubleshooting X Part X: Troubleshooting This part provides possible remedies for potential problems.

ZyWALL 10~100 Series Internet Security Gateway Troubleshooting 31-1 Chapter 31 Troubleshooting This chapter covers potential problems and possible

ZyWALL 10~100 Series Internet Security Gateway 31-2 Troubleshooting 31.2 Problems with the LAN Interface Table 31-2 Troubleshooting the LAN Interfac

ZyWALL 10~100 Series Internet Security Gateway Troubleshooting 31-3 31.4 Problems with the WAN Interface Table 31-4 Troubleshooting the WAN inter

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-5 Universal Plug and Play (UPnP) Using the standard TCP/IP protocol, t

ZyWALL 10~100 Series Internet Security Gateway 31-4 Troubleshooting 31.6 Problems with the Password Table 31-6 Troubleshooting the Password PROBLEM

General Appendices XI Part XI: General Appendices This part provides background information about setting up your computer’s IP address, triang

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 1 Appendix A Setting up Your Computer’s IP Address All compute

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 2The Network window Configuration tab displays a list of instal

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 3 1. Click the IP Address tab. -If your IP address is dynamic,

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 43. Click the Gateway tab. -If you do not know your gateway’s

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 5 1. For Windows XP, click start, Control Panel. In Windows 20

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 64. Select Internet Protocol (TCP/IP) (under the General tab in

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 7 6. -If you do not know your gateway's IP address, remo

ZyWALL 10~100 Series Internet Security Gateway iv Information for Canadian Users Information for Canadian Users The Industry Canada label identifie

ZyWALL 10~100 Series Internet Security Gateway 1-6 Getting to Know Your ZyWALL SNMP SNMP (Simple Network Management Protocol) is a protocol used fo

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 8 7. In the Internet Protocol TCP/IP Properties window (the Gen

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 9 1. Click the Apple menu, Control Panel and double-click TCP/

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 104. For statically assigned settings, do the following: -Fro

ZyWALL 10~100 Series Internet Security Gateway Setting Up Your Computer’s IP Address 11 2. Click Network in the icon bar. - Select Automatic fro

ZyWALL 10~100 Series Internet Security Gateway Triangle Route 12Appendix B Triangle Route The Ideal Setup When the firewall is on, your ZyWALL act

ZyWALL 10~100 Series Internet Security Gateway Triangle Route 13 Diagram B-2 “Triangle Route” Problem The “Triangle Route” Solutions This section

ZyWALL 10~100 Series Internet Security Gateway Triangle Route 14Gateways on the WAN Side A second solution to the “triangle route” problem is to put

ZyWALL 10~100 Series Internet Security Gateway The Big Picture 15 Appendix C The Big Picture The following figure gives an overview of how filteri

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN and IEEE 802.11 16Appendix D Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provi

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN and IEEE 802.11 17 The IEEE 802.11 specifies three different transmission methods for t

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-7 Upgrade ZyWALL Firmware via LAN The firmware of the ZyWALL can be up

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN and IEEE 802.11 18 Diagram D-1 Peer-to-Peer Communication in an Ad-hoc Network Infrast

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN and IEEE 802.11 19 could be any type of network, it is almost invariably an Ethernet LA

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN with IEEE 802.1x 20Appendix E Wireless LAN With IEEE 802.1x As wireless networks becom

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN with IEEE 802.1x 21 • Support for RADIUS (Remote Authentication Dial In User Service,

ZyWALL 10~100 Series Internet Security Gateway PPPoE 23 Appendix F PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP over

ZyWALL 10~100 Series Internet Security Gateway 24 PPPoE How PPPoE Works The PPPoE driver makes the Ethernet appear as a serial link to the PC and the

ZyWALL 10~100 Series Internet Security Gateway PPTP 25 Appendix G PPTP What is PPTP? PPTP (Point-to-Point Tunneling Protocol) is a Microsoft propri

ZyWALL 10~100 Series Internet Security Gateway 26 PPTP PPTP Protocol Overview PPTP is very similar to L2TP, since L2TP is based on both PPTP and L2F

ZyWALL 10~100 Series Internet Security Gateway PPTP 27 Diagram G-3 Example Message Exchange between PC and an ANT PPP Data Connection The PPP fram

ZyWALL 10~100 Series Internet Security Gateway 1-8 Getting to Know Your ZyWALL Figure 1-1 Secure Internet Access via Cable, DSL or Wireless Modem

ZyWALL 10~100 Series Internet Security Gateway 28 Hardware Specifications Appendix H Hardware Specifications Chart H-1 General Specifications Power S

ZyWALL 10~100 Series Internet Security Gateway Hardware Specifications 29 Cable Pin Assignments In a serial communications connection, generally a

ZyWALL 10~100 Series Internet Security Gateway 30 Hardware Specifications Chart H-3 Ethernet Cable Pin Assignments WAN/LAN/DMZ Ethernet Cable Pin Lay

ZyWALL 10~100 Series Internet Security Gateway Hardware Specifications 31 Chart H-5 European Union AC Power Adaptor Specifications Power consumpti

ZyWALL 10~100 Series Internet Security Gateway 32 Hardware Specifications Chart H-8 Australia and New Zealand AC Power Adaptor Specifications AC Pow

ZyWALL 10~100 Series Internet Security Gateway UPnP 33 Appendix I Universal Plug and Play What is Universal Plug and Play? Universal Plug and Play

ZyWALL 10~100 Series Internet Security Gateway 34 UPnP Are there any cautions about UPnP? The automated nature of NAT Traversal applications in estab

ZyWALL 10~100 Series Internet Security Gateway UPnP 35 Chart I-1 UPnPLABEL DESCRIPTION Enable the Universal Plug and Play (UPnP) feature Select

ZyWALL 10~100 Series Internet Security Gateway 36 UPnP Step 1. Click Start and Control Panel. Double-click Add/Remove Programs. Step 2. Click the

ZyWALL 10~100 Series Internet Security Gateway UPnP 37 Step 4. Select Networking Service in the Components selection box and click Details. Step

ZyWALL 10~100 Series Internet Security Gateway Getting to Know Your ZyWALL 1-9 1.3.2 VPN Application ZyWALL VPN is an ideal cost-effective way to c

ZyWALL 10~100 Series Internet Security Gateway 38 UPnP Step 1. Click start and Control Panel. Double-click Network Connections. An icon displays und

ZyWALL 10~100 Series Internet Security Gateway UPnP 39 When the UPnP-enabled device is disconnected from your computer, all port mappings will be de

ZyWALL 10~100 Series Internet Security Gateway 40 UPnP Step 1. Click start and then Control Panel. Step 2. Double-click Network Connections. Step

ZyWALL 10~100 Series Internet Security Gateway UPnP 41 Step 6. Right-click on the icon for your ZyXEL device and select Properties. A properties wi

ZyWALL 10~100 Series Internet Security Gateway 42 IP Subnetting Appendix J IP Subnetting IP Addressing Routers “route” based on the network number.

ZyWALL 10~100 Series Internet Security Gateway IP Subnetting 43  A class “B” address (16 host bits) can have 216 –2 or 65534 hosts. A class “A” a

ZyWALL 10~100 Series Internet Security Gateway 44 IP Subnetting With subnetting, the class arrangement of an IP address is ignored. For example, a cl

ZyWALL 10~100 Series Internet Security Gateway IP Subnetting 45 The first three octets of the address make up the network number (class “C”). You w

ZyWALL 10~100 Series Internet Security Gateway 46 IP Subnetting 192.168.1.0 with mask 255.255.255.128 is the subnet itself, and 192.168.1.127 with ma

ZyWALL 10~100 Series Internet Security Gateway IP Subnetting 47 Subnet Address: 192.168.1.128 Lowest Host ID: 192.168.1.129 Broadcast Address: 192.

ZyWALL 10~100 Series Internet Security Gateway 48 IP Subnetting Chart J-12 Class C Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNET

ZyWALL 10~100 Series Internet Security Gateway IP Subnetting 49 Chart J-13 Class B Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNE

ZyWALL 10~100 Series Internet Security Gateway 50 Safety Warnings and Instructions Appendix K Safety Warnings and Instructions 1. Be sure to read

ZyWALL 10~100 Series Internet Security Gateway Removing and Installing a ZyWALL 100 Fuse 51 Appendix L Removing and Installing a ZyWALL 100 Fuse Th

Command and Log Appendices XII Part XII: Command and Log Appendices This part provides information on the command line interface, firewall and

ZyWALL 10~100 Series Internet Security Gateway Command Interpreter 55 Appendix M Command Interpreter The following describes how to use the command

ZyWALL 10~100 Series Internet Security Gateway 56 Firewall Commands Appendix N Firewall Commands The following describes the firewall commands. See

ZyWALL 10~100 Series Internet Security Gateway Firewall Commands 57 Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION config display

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-1 Chapter 2 Hardware Installation This chapter explains the LEDs and ports

ZyWALL 10~100 Series Internet Security Gateway 58 Firewall Commands Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION AAttttaacckk config

ZyWALL 10~100 Series Internet Security Gateway Firewall Commands 59 Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION SSeettss config edi

ZyWALL 10~100 Series Internet Security Gateway 60 Firewall Commands Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION Config edit firewall

ZyWALL 10~100 Series Internet Security Gateway Firewall Commands 61 Chart N-1 Firewall Commands FUNCTION COMMAND DESCRIPTION config edit firewa

ZyWALL 10~100 Series Internet Security Gateway 62 Firewall Commands

ZyWALL 10~100 Series Internet Security Gateway NetBIOS Filter Commands 63 Appendix O NetBIOS Filter Commands The following describes the NetBIOS pa

ZyWALL 10~100 Series Internet Security Gateway 64 NetBIOS Filter Commands This command gives a read-only list of the current NetBIOS filter modes

ZyWALL 10~100 Series Internet Security Gateway NetBIOS Filter Commands 65 Chart O-1 NetBIOS Filter Default Settings NAME DESCRIPTION EXAMPLE WAN to

ZyWALL 10~100 Series Internet Security Gateway 66 NetBIOS Filter Commands <on|off> = For types 0 and 1, use on to enable the filter and blo

ZyWALL 10~100 Series Internet Security Gateway Boot Commands 67 Appendix P Boot Commands The BootModule AT commands execute from within the router’

ZyWALL 10~100 Series Internet Security Gateway 2-2 Hardware Installation Figure 2-4 ZyWALL 10 Front Panel The following table describes the LED func

ZyWALL 10~100 Series Internet Security Gateway 68 Boot Commands Diagram P-2 Boot Module Commands AT just answer OK ATHE print

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 69 Appendix Q Log Descriptions Chart Q-1 System Error Logs LOG MESSAGE DESCRIPTIO

ZyWALL 10~100 Series Internet Security Gateway 70 Log Descriptions Chart Q-2 System Maintenance Logs TELNET Login Fail Someone has failed to log on

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 71 Chart Q-5 Attack Logs LOG MESSAGE DESCRIPTION attack IGMP The firewall detected

ZyWALL 10~100 Series Internet Security Gateway 72 Log Descriptions Chart Q-5 Attack Logs LOG MESSAGE DESCRIPTION syn flood TCP The firewall detecte

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 73 Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Firewall default policy: TCP (set

ZyWALL 10~100 Series Internet Security Gateway 74 Log Descriptions Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Firewall rule match: IGMP (set:%d,

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 75 Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Firewall rule NOT match: OSPF (se

ZyWALL 10~100 Series Internet Security Gateway 76 Log Descriptions Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Filter match DROP <set %d/rule

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 77 Chart Q-6 Access Logs LOG MESSAGE DESCRIPTION Firewall sent TCP reset packets

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-3 Table 2-1 LED Descriptions LED COLOR STATUS MEANING Orange Off The 10

ZyWALL 10~100 Series Internet Security Gateway 78 Log Descriptions Chart Q-7 ACL Setting Notes ACL SET NUMBER DIRECTION DESCRIPTION 9 DMZ to DMZ/ZyW

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 79 Chart Q-8 ICMP Notes TYPE CODE DESCRIPTION 0 Echo message 11 Time Exceeded 0

ZyWALL 10~100 Series Internet Security Gateway 80 Log Descriptions Diagram Q-1 Example VPN Initiator IPSec Log VPN Responder IPSec Log The followin

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 81 The following table shows sample log messages during IKE key exchange. Chart Q

ZyWALL 10~100 Series Internet Security Gateway 82 Log Descriptions Chart Q-10 Sample IKE Key Exchange Logs LOG MESSAGE DESCRIPTION !! Remote IP <

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 83 Chart Q-10 Sample IKE Key Exchange Logs LOG MESSAGE DESCRIPTION vs. My Local &l

ZyWALL 10~100 Series Internet Security Gateway 84 Log Descriptions Chart Q-11 Sample IPSec Logs During Packet Transmission LOG MESSAGE DESCRIPTION

ZyWALL 10~100 Series Internet Security Gateway Log Descriptions 85 Log Commands Go to the command line interface (the Command Interpreter Appendix

ZyWALL 10~100 Series Internet Security Gateway 86 Log Descriptions Use the sys logs display [log category] command to show the logs in an individual

ZyWALL 10~100 Series Internet Security Gateway Brute-Force Password Guessing Protection 87 Appendix R Brute-Force Password Guessing Protection The

ZyWALL 10~100 Series Internet Security Gateway 2-4 Hardware Installation Figure 2-5 ZyWALL 100 Rear Panel Figure 2-6 ZyWALL 50 Rear Panel

Index XIII Part XIII: Index This part provides an Index of key terms.

ZyWALL 10~100 Series Internet Security Gateway Index A Index 1 10/100 Mbps Ethernet WAN ... 1-3 A Access Point...

ZyWALL 10~100 Series Internet Security Gateway B Index call back delay ... 5-6 Call Control ...

ZyWALL 10~100 Series Internet Security Gateway Index C Default Policy Log... 16-7 DeMilitarized Zone...

ZyWALL 10~100 Series Internet Security Gateway D Index ESS ... See Extended Service Set ESS ID ...

ZyWALL 10~100 Series Internet Security Gateway Index E When To Use ... 13-13 Firmware File Maintenance...

ZyWALL 10~100 Series Internet Security Gateway F Index Infrastructure Configuration ...18 Initial Screen...

ZyWALL 10~100 Series Internet Security Gateway Index G ISP’s Name ... 9-1 K Key Fields For Config

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-5 Figure 2-7 ZyWALL 10W Rear Panel Figure 2-8 ZyWALL 10 Rear Panel This s

ZyWALL 10~100 Series Internet Security Gateway H Index Applying NAT in the SMT Menus ... 12-6 Configuring...

ZyWALL 10~100 Series Internet Security Gateway Index I Precedence ...26-2, 26-5 Priority ...

ZyWALL 10~100 Series Internet Security Gateway J Index Rules ... 16-1, 16-4 Checklist ...

ZyWALL 10~100 Series Internet Security Gateway Index K Subnet Masks... 43 Subnetting ...

ZyWALL 10~100 Series Internet Security Gateway L Index Troubleshooting...1 Internet Access...

ZyWALL 10~100 Series Internet Security Gateway Index M ZyNOS F/W Version ...21-3, 21-4, 22-2 ZyWALL Firewall Application...

ZyWALL 10~100 Series Internet Security Gateway Warranty v ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this produ

ZyWALL 10~100 Series Internet Security Gateway 2-6 Hardware Installation 2.2.1 Connecting the Console Port Use terminal emulator software on a compu

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-7 Other ZyWALL models have an uplink button that allows you to switch When

ZyWALL 10~100 Series Internet Security Gateway 2-8 Hardware Installation Do not force, bend or twist the wireless LAN card. Figure 2-9 Inserting the

ZyWALL 10~100 Series Internet Security Gateway Hardware Installation 2-9 After the ZyWALL is properly set up, you can make future changes to the co

Initial Setup and Configuration II Part II: Initial Setup and Configuration This part covers Initial Setup, SMT Menu 1 General Setup, WAN and Di

ZyWALL 10~100 Series Internet Security Gateway Initial Setup 3-1 Chapter 3 Initial Setup This chapter explains how to perform the initial ZyWALL s

ZyWALL 10~100 Series Internet Security Gateway 3-2 Initial Setup Figure 3-2 Password Screen 3.2 Navigating the SMT Interface The SMT (System Manage

ZyWALL 10~100 Series Internet Security Gateway Initial Setup 3-3 Table 3-1 Main Menu Commands OPERATION KEYSTROKES DESCRIPTION Exit the SMT Type

ZyWALL 10~100 Series Internet Security Gateway vi Customer Support Customer Support When you contact your customer support representative please have

ZyWALL 10~100 Series Internet Security Gateway 3-4 Initial Setup Table 3-2 Main Menu Summary NO. MENU TITLE FUNCTION 4 Internet Access Setup Conf

ZyWALL 10~100 Series Internet Security Gateway Initial Setup 3-5 3.2.3 SMT Menus at a Glance The available SMT screens vary by ZyWALL model. The

ZyWALL 10~100 Series Internet Security Gateway 3-6 Initial Setup Figure 3-5 Advanced Management SMT Menus

ZyWALL 10~100 Series Internet Security Gateway Initial Setup 3-7 Figure 3-6 Schedule Setup and IPSec VPN Configuration SMT Menus 3.3 Changing the

ZyWALL 10~100 Series Internet Security Gateway 3-8 Initial Setup 3.4 Resetting the ZyWALL If you forget your password or cannot access the ZyWALL, y

ZyWALL 10~100 Series Internet Security Gateway SMT Menu 1 – General Setup 4-1Chapter 4 SMT Menu 1 - General Setup Menu 1 - General Setup contains

ZyWALL 10~100 Series Internet Security Gateway 4-2 SMT Menu 1 – General Setup 4.2.1 DYNDNS Wildcard Enabling the wildcard feature for your host ca

ZyWALL 10~100 Series Internet Security Gateway SMT Menu 1 – General Setup 4-34.3.1 Configuring Dynamic DNS To configure Dynamic DNS, go to Menu 1:

ZyWALL 10~100 Series Internet Security Gateway 4-4 SMT Menu 1 – General Setup Table 4-2 Configure Dynamic DNS Menu Fields FIELD DESCRIPTION EXA

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-1Chapter 5 WAN and Dial Backup Setup This chapter describes how to conf

ZyWALL 10~100 Series Internet Security Gateway Table of Contents vii Table of Contents Copyright...

ZyWALL 10~100 Series Internet Security Gateway 5-2 WAN and Dial Backup Setup Table 5-1 MAC Address Cloning in WAN Setup FIELD DESCRIPTION EXAMPLE

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-3 Figure 5-2 Menu 2: Dial Backup Setup Table 5-2 Menu 2: Dial Backup

ZyWALL 10~100 Series Internet Security Gateway 5-4 WAN and Dial Backup Setup Table 5-2 Menu 2: Dial Backup Setup FIELD DESCRIPTION EXAMPLE When y

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-5 Figure 5-3 Menu 2.1 Advanced WAN Setup The following table describes f

ZyWALL 10~100 Series Internet Security Gateway 5-6 WAN and Dial Backup Setup Table 5-3 Advanced WAN Port Setup: AT Commands Fields FIELD DESCRIPT

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-73. Dial-backup route (see the Backup Remote Node Setup chapter) For ex

ZyWALL 10~100 Series Internet Security Gateway 5-8 WAN and Dial Backup Setup Table 5-5 Fields in Menu 11.1 Remote Node Profile (Backup ISP) FIELD

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-9Table 5-5 Fields in Menu 11.1 Remote Node Profile (Backup ISP) FIELD D

ZyWALL 10~100 Series Internet Security Gateway 5-10 WAN and Dial Backup Setup Figure 5-5 Menu 11.2 - Remote Node PPP Options This table describes

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-115.9 Editing TCP/IP Options Move the cursor to the Edit IP field in men

ZyWALL 10~100 Series Internet Security Gateway viii Table of Contents 4.1 System Name ...

ZyWALL 10~100 Series Internet Security Gateway 5-12 WAN and Dial Backup Setup Table 5-6 Remote Node Network Layer Options Menu Fields FIELD DESCRI

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-13upper or lower case. Similarly, you specify “word: ” as the ‘Expect’ s

ZyWALL 10~100 Series Internet Security Gateway 5-14 WAN and Dial Backup Setup Figure 5-8 Menu 11.4 – Remote Node Setup Script The following table

ZyWALL 10~100 Series Internet Security Gateway WAN and Dial Backup Setup 5-15 Use menu 11.5 to specify the filter set(s) to apply to the incoming a

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-1 Chapter 6 LAN Setup This chapter describes how to configure the LAN using Menu 3: LAN

ZyWALL 10~100 Series Internet Security Gateway 6-2 LAN Setup Figure 6-2 Menu 3.1: LAN Port Filter Setup 6.3 TCP/IP and LAN DHCP The ZyWALL has buil

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-3 There are two ways that an ISP disseminates the DNS server addresses. The first is fo

ZyWALL 10~100 Series Internet Security Gateway 6-4 LAN Setup Table 6-2 Private IP Address Ranges 10.0.0.0 — 10.255.255.255 172.16.0.0 — 172.31.255.25

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-5 information about interoperability between IGMP version 2 and version 1, please see se

ZyWALL 10~100 Series Internet Security Gateway Table of Contents ix 7.5 MAC Address Filtering...

ZyWALL 10~100 Series Internet Security Gateway 6-6 LAN Setup Figure 6-5 Menu 3: TCP/IP and DHCP Setup From menu 3, select the submenu option TCP/IP

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-7 Follow the instructions in the next table on how to configure the DHCP fields. Table 6

ZyWALL 10~100 Series Internet Security Gateway 6-8 LAN Setup Table 6-4 LAN TCP/IP Setup Menu Fields FIELD DESCRIPTION EXAMPLE RIP Direction Press

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-9 Figure 6-7 Menu 3.2.1: IP Alias Setup Use the instructions in the following table to

ZyWALL 10~100 Series Internet Security Gateway 6-10 LAN Setup 6.5 Wireless LAN This section introduces the wireless LAN and some basic configuration

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-11 Figure 6-8 RTS Threshold The RTS Threshold mechanism provides a solution to prevent

ZyWALL 10~100 Series Internet Security Gateway 6-12 LAN Setup See section 7.2 for instructions on WEP and section 7.5 for instructions on configuring

ZyWALL 10~100 Series Internet Security Gateway LAN Setup 6-13 Table 6-6 Wireless LAN Setup Menu Fields FIELD DESCRIPTION EXAMPLE Hide ESSID Press

ZyWALL 10~100 Series Internet Security Gateway Wireless LAN Security Setup 7-1 Chapter 7 Wireless LAN Security Setup This chapter describes the typ