Zyxel 2WG - Manual

Zyxel 2WG

Zyxel 2WG – Manual, read for free online in PDF format. We hope this helps you resolve any issues you may have. If you have further questions, please contact us through the contact form.

1 Page 1
2 Page 2
3 Page 3
4 Page 4
5 Page 5
6 Page 6
7 Page 7
8 Page 8
9 Page 9
10 Page 10
11 Page 11
12 Page 12
13 Page 13
14 Page 14
15 Page 15
16 Page 16
17 Page 17
18 Page 18
19 Page 19
20 Page 20
21 Page 21
22 Page 22
23 Page 23
24 Page 24
25 Page 25
26 Page 26
27 Page 27
28 Page 28
29 Page 29
30 Page 30
31 Page 31
32 Page 32
33 Page 33
34 Page 34
35 Page 35
36 Page 36
37 Page 37
38 Page 38
39 Page 39
40 Page 40
41 Page 41
42 Page 42
43 Page 43
44 Page 44
45 Page 45
46 Page 46
47 Page 47
48 Page 48
49 Page 49
50 Page 50
51 Page 51
52 Page 52
53 Page 53
54 Page 54
55 Page 55
56 Page 56
57 Page 57
58 Page 58
59 Page 59
60 Page 60
61 Page 61
62 Page 62
63 Page 63
64 Page 64
65 Page 65
66 Page 66
67 Page 67
68 Page 68
69 Page 69
70 Page 70
71 Page 71
72 Page 72
73 Page 73
74 Page 74
75 Page 75
76 Page 76
77 Page 77
78 Page 78
79 Page 79
80 Page 80
81 Page 81
82 Page 82
83 Page 83
84 Page 84
85 Page 85
86 Page 86
87 Page 87
88 Page 88
89 Page 89
90 Page 90
91 Page 91
92 Page 92
93 Page 93
94 Page 94
95 Page 95
96 Page 96
97 Page 97
98 Page 98
99 Page 99
100 Page 100
101 Page 101
102 Page 102
103 Page 103
104 Page 104
105 Page 105
106 Page 106
107 Page 107
108 Page 108
109 Page 109
110 Page 110
111 Page 111
112 Page 112
113 Page 113
114 Page 114
115 Page 115
116 Page 116
117 Page 117
118 Page 118
119 Page 119
120 Page 120
121 Page 121
122 Page 122
123 Page 123
124 Page 124
125 Page 125
126 Page 126
127 Page 127
128 Page 128
129 Page 129
130 Page 130
131 Page 131
132 Page 132
133 Page 133
134 Page 134
135 Page 135
136 Page 136
137 Page 137
138 Page 138
139 Page 139
140 Page 140
141 Page 141
142 Page 142
143 Page 143
144 Page 144
145 Page 145
146 Page 146
147 Page 147
148 Page 148
149 Page 149
150 Page 150
151 Page 151
152 Page 152
153 Page 153
154 Page 154
155 Page 155
156 Page 156
157 Page 157
158 Page 158
159 Page 159
160 Page 160
161 Page 161
162 Page 162
163 Page 163
164 Page 164
165 Page 165
166 Page 166
167 Page 167
168 Page 168
169 Page 169
170 Page 170
171 Page 171
172 Page 172
173 Page 173
174 Page 174
175 Page 175
176 Page 176
177 Page 177
178 Page 178
179 Page 179
180 Page 180
181 Page 181
182 Page 182
183 Page 183
184 Page 184
185 Page 185
186 Page 186
187 Page 187
188 Page 188
189 Page 189
190 Page 190
191 Page 191
192 Page 192
193 Page 193
194 Page 194
195 Page 195
196 Page 196
197 Page 197
198 Page 198
199 Page 199
200 Page 200
201 Page 201
202 Page 202
203 Page 203
204 Page 204
205 Page 205
206 Page 206
207 Page 207
208 Page 208
209 Page 209
210 Page 210
211 Page 211
212 Page 212
213 Page 213
214 Page 214
215 Page 215
216 Page 216
217 Page 217
218 Page 218
219 Page 219
220 Page 220
221 Page 221
222 Page 222
223 Page 223
224 Page 224
225 Page 225
226 Page 226
227 Page 227
228 Page 228
229 Page 229
230 Page 230
231 Page 231
232 Page 232
233 Page 233
234 Page 234
235 Page 235
236 Page 236
237 Page 237
238 Page 238
239 Page 239
240 Page 240
241 Page 241
242 Page 242
243 Page 243
244 Page 244
245 Page 245
246 Page 246
247 Page 247
248 Page 248
249 Page 249
250 Page 250
251 Page 251
252 Page 252
253 Page 253
254 Page 254
255 Page 255
256 Page 256
257 Page 257
258 Page 258
259 Page 259
260 Page 260
261 Page 261
262 Page 262
263 Page 263
264 Page 264
Page: / 264

Table of Contents:

  • Page 2 – ZyWALL 2WG Support Notes; INDEX; Access control and security VPN connection (Security policy
  • Page 6 – E24. How does the ZyXEL content filtering handle dynamically
  • Page 8 – G16. Will Self-signed certificate be erased if I reset to default
  • Page 9 – Application Notes; Mobility Internet Access; provide wireless access for your LAN users.
  • Page 10 – Utilize 3G and Wireless for the Internet Access; Following we will show you how to configure it step-by-step.
  • Page 13 – Utilize the embedded wireless card to provide LAN users access
  • Page 14 – further configure it.
  • Page 17 – of wireless card setting as shown
  • Page 18 – Seamless Incorporation into your network; Using Transparent (Bridge Mode) Firewall
  • Page 21 – ZyWALL will restart after applying the change.
  • Page 22 – Go to
  • Page 24 – Internet Connection; configure ZyWALL to gain the Internet access.; ZyWALL; menu and click; LAN; Internet
  • Page 25 – Following picture is an example while PPPoE is selected.; Finish; ” button to apply the setting
  • Page 26 – gateway and DNS to the associated clients.; inside; network and the other is the; outside; preventing intruders from probing your network.
  • Page 27 – How NAT works; One to One; In Many One to One, the ZyWALL maps each ILA to unique IGA.
  • Page 28 – Server; each server to one unique IGA please use the One-to-One mode.; NAT Type; Overload
  • Page 29 – Step 1. Applying NAT in WAN Interface
  • Page 30 – Key Settings; Step 2. Configuring NAT Address Mapping
  • Page 31 – the following way using 4 NAT rules.
  • Page 32 – When we have configured all four rules in the rule summary page.
  • Page 34 – Application for Non NAT Friendly Support
  • Page 35 – Optimize network performance & availability; Using Bandwidth Management
  • Page 36 – How Bandwidth Management in ZyWALL?; Bandwidth Borrowing; from the interface.
  • Page 39 – Scenario
  • Page 40 – then click on “Add Sub-Class” to create and add a new class under root.; Service; as FTP
  • Page 42 – Select the; address as Destination IP Address.
  • Page 43 – Secure Connections across the Internet; locations with encryption technology.; Configure ZyWALLs with Static WAN IP Address
  • Page 44 – Remote Gateway Address
  • Page 46 – My Domain
  • Page 47 – ZyWALL behind NAT router.; NAT Traversal; ” no matter if the front NAT router supports NAT Traversal
  • Page 48 – private IP address
  • Page 49 – WAN
  • Page 50 – Click on “Apply” to save profile
  • Page 51 – the event of SA Lifetime expires, failure on the link.
  • Page 53 – Follow the same procedures as step 10~16 to add 2; Using Certificate for Device Authentication; Digital Signatures
  • Page 54 – Online Enroll Certificates; Using Self-signed Certificates; be exchanged and imported into; Trusted Remote Hosts; before making a VPN connection.
  • Page 55 – you login to ZyWALL.
  • Page 56 – Or mark the certificate in
  • Page 57 – Therefore, configure Peer ID Type and content on peer ZyWALL.
  • Page 58 – enroll certificates.; ZyWALL A; Step 1. Download CA server's Certificate
  • Page 59 – either enter them or not.
  • Page 62 – Step 4. Using Certifica e in VPN on ZyWALL A; Activate the rule
  • Page 63 – You can check detailed settings by clicking Advanced button.
  • Page 64 – Step 5. Using Certifica e in VPN on ZyWALL B
  • Page 66 – Offline Enroll Certificates; Windows 2000 server in this example. The whole procedure includes
  • Page 67 – Step 1. Create Certificate Reques on ZyWALL A; Go to VPN->My Certificates -> Click Create button.
  • Page 69 – Click Details to export the request.; Step 2. Enroll Certificate Request; mouse, and select Copy. Keep your copy in clipboard for later paste.
  • Page 77 – Specify the path to store your exported Certificate.
  • Page 79 – certificate is successful.
  • Page 80 – Step 3. Create Certificate Reques on ZyWALL_B
  • Page 83 – Step 4. Enroll Certificate Request on ZyWALLB
  • Page 94 – Step 5. Using Certifica e in VPN on ZyWALL A
  • Page 97 – Step 6. Using Certificate in VPN
  • Page 99 – Using Pre-Shared Key for Device Authentication
  • Page 100 – If “; ID Type; If “; Setup VPN in Branch Office A
  • Page 101 – The IP addresses we use in this example are as shown below.; Setup VPN in branch office A
  • Page 102 – check Active check box and give a name to this policy.
  • Page 104 – Setup VPN in branch office B
  • Page 106 – , so that local management traffic from; Setup VPN in Headquar er; The correspondent rule for Branch_A in headquarter
  • Page 108 – The correspondent rule for Branch_B
  • Page 110 – NAT over IPSec on ZyNOS
  • Page 112 – STEP 2: Create the Gateway Policy (Phase 1) on the ZyWALL 1 and ZyWALL 2
  • Page 113 – Gateway Policy on ZyWALL 1
  • Page 114 – Gateway Policy on ZyWALL 2
  • Page 116 – Click “Apply” in order to complete the setting.
  • Page 117 – STEP 4: Establish the IPSec VPN Tunnel Connection
  • Page 118 – click “Return” to back to VPN page.
  • Page 119 – Ping the local gateway.; Never lost your VPN connection (IPSec High Availability); Setup ZyWALL VPN with high availability
  • Page 120 – administrator to configure the network setting.; Add; button
  • Page 123 – Setup ZyWALL VPN with access control - Firewall; IPSec Tunnel; IPSec Local Gateway; How to configure access control rule over VPN; default is
  • Page 125 – Click the Insert button to insert a new rule.
  • Page 126 – The service type is; Any; to block all kind of traffic from 192.168.2.33 to access LAN subnet; Action for Matched Packets; is; Drop; and then click apply to save and activate the
  • Page 128 – How to configure Web filtering rule over VPN – Content Filter
  • Page 130 – ZyWALL vs 3rd Party VPN Gateway; SonicWALL with ZyWALL VPN Tunneling; Setup ZyWALL VPN; the tunneling endpoints are ZyWALL router and SonicWALL router.
  • Page 133 – Check; Active; check box and give a name to this policy.; ToSonicWALL; IKE policy for your IPSec
  • Page 135 – Setup SonicWALL VPN; Enable VPN; check box, and then press; button, it will bring up a page which; VPN Policy Wizard; to set up your VPN rules as
  • Page 138 – When your VPN tunnel is up, you will see the following page.
  • Page 139 – NetScreen with ZyWALL VPN Tunneling; the tunneling endpoints are ZyWALL router and NetScreen router.
  • Page 140 – PC 1
  • Page 144 – Setup NetScreen VPN; Check your WAN/LAN IP address; Click; Network; used for
  • Page 146 – DES; for; Encryption Algorithm; and; Authentication Algorithm
  • Page 151 – Check Point with ZyWALL VPN Tunneling
  • Page 152 – shown in the following figure,; the tunneling endpoints are ZyWALL router and a PC which uses
  • Page 156 – Setup CheckPoint VPN
  • Page 157 – check point object is; Check Point Gateway; not a; Convert To Gateway; to change its settings.
  • Page 158 – General Properties; field is the; WAN IP of your PC; type; Check Point Products; check box
  • Page 159 – On; Topology
  • Page 161 – II. Setup Interoperable Device
  • Page 162 – You will see the network objects window, press; new; button and select; Interoperable Device
  • Page 163 – example, the IP address is ZyWALL’s WAN IP address.; button to add a new interface.
  • Page 164 – example, you should assign ZyWALL’s WAN port settings.; press OK button to save the settings.; button to add another interface.
  • Page 165 – example, you should assign ZyWALL’s LAN port settings.; Network defined by; for the interface, then press; OK; button to save the settings.
  • Page 166 – Pressing OK button to save the settings.
  • Page 168 – Networks; object and click the right button of your mouse, and choose; New Network
  • Page 169 – To add another network policy, and set the network IP address; IV. Setup VPN Communities; Click VPN communities tab to do the settings.; New
  • Page 170 – Center Gateways; button to add a center gateway.
  • Page 171 – gateway, and then press; button to add a remote gateway.
  • Page 173 – Tunnel Management; , leave the settings to default settings.; To center, or through the center to other satellites, to internet
  • Page 174 – Enter the secret key in the text box, and then press; On Advanced VPN Properties settings, choose; Group 1
  • Page 175 – button to save your settings.
  • Page 176 – After you press OK button, you should see a new object here.; Security; tab on the right side to do the security settings.
  • Page 177 – Add...; option to add your network objects.
  • Page 178 – To use the same way to add another network object (
  • Page 179 – On the VPN field, click right button of your mouse, and choose; Edit Cell...; option to add your VPN; Only connections encrypted in specific VPN Communities; button to add community to your rule.
  • Page 180 – accept; option for your rule.
  • Page 181 – On the track field, click right button of your mouse, and choose; Log
  • Page 182 – Selecting your policy rule, and press; button to install the policy.
  • Page 183 – Waiting few seconds for the installation.
  • Page 185 – FortiNet with ZyWALL VPN Tunneling; the tunneling endpoints are ZyWALL router and FortiNet router.
  • Page 190 – Setup FortiNet VPN
  • Page 191 – Encryption; to
  • Page 193 – P2 Proposal; button to save
  • Page 194 – On the main page, click; Create New; button to edit your address
  • Page 195 – Fortinet network
  • Page 197 – After you press the; button, you will the policy rule on this page.; VPN
  • Page 198 – network over a public networking infrastructure.; of; domain name; ” is used as; Remote
  • Page 199 – authenticated during normal IKE authentication.
  • Page 200 – Local User; ZyXEL VPN Client to ZyWALL Tunneling
  • Page 201 – Setup ZyWALL VPN Client; Open ZyWALL VPN Client Security Policy Editor
  • Page 202 – Remote Party Identity and Addressing settings:
  • Page 204 – Security Policy Settings:
  • Page 205 – they should match whatever you enter in ZyWALL.
  • Page 207 – See the VPN rule screen shot
  • Page 209 – Content Filter Application
  • Page 210 – Minimize Spyware Attack; CF License Activation; In; Registration; do is, first select “; Existing myZyXEL.com account; ” and enter your username password, and; Enable external database content filtering in the; Sex Educatio
  • Page 211 – Gambling; most spyware comes from such kind of websites; Demonstrate Content Filtering by an example:
  • Page 212 – Proactively Prevent Phishing
  • Page 213 – as our own. Just as the settings in the; Enable Web site; check box. Enter the distrusted web site in the; Forbidden Web Site; Demonstrate “Customization” Content filtering by an example:
  • Page 215 – Using external database content filtering; CONTENT; ” and “; Financial Services; Demonstrate Content Filtering by an example:; Using a browser to browse the sports website, for example,
  • Page 216 – Centralized Management; Using Vantage CNM for Management; manage and monitor ZyWALL devices from any location.
  • Page 217 – please refer to; Vantage CNM Support Note
  • Page 218 – for detailed
  • Page 220 – , enable Vantage CNM and
  • Page 221 – IP of the device will be shown on the content screen.; FAQ; A01. What is the ZyWALL Internet Access Sharing Router?; simultaneously provide a high quality networking environment.
  • Page 222 – A02. Will the ZyWALL work with my Internet connection?; PPPoE had been supported in the ZyWALL.; A03. What do I need to use the ZyWALL?; configuration management.; A07. Why does my Internet Service Provider use PPPoE?
  • Page 223 – Telnet remote management- CLI command line; A10. Does ZyWALL support dynamic IP addressing?; The ZyWALL supports both static and dynamic IP address from ISP.
  • Page 224 – address of the server must be configured in NAT menu.; A14. What DHCP capability does the ZyWALL support?; able to receive downstream packets via ZyWALL.
  • Page 225 – troubleshoot the problem as described below.
  • Page 226 – first apply an account from several free Web servers such as; A24. What DDNS servers does the ZyWALL support?; The DDNS servers the ZyWALL supports currently is; A26. Does the ZyWALL support DDNS wildcard?; Yes, the ZyWALL supports DDNS wildcard that
  • Page 227 – not allowed to be changed.; A28. How do I setup my ZyWALL for routing IPSec packets over NAT?; service port) in menu 15 when it acts a server gateway.; A30. What is the flow ZyWALL handles inbound and outgoing traffic?
  • Page 228 – B03. What are the basic types of firewalls?; Conceptually, there are three types of firewalls:
  • Page 229 – B04. What kind of firewall is the ZyWALL?
  • Page 230 – unavailable while the target system tries to respond to itself.
  • Page 231 – be allowed through the router or firewall.; B13. What are the default ACL firewall rules in ZyWALL?
  • Page 232 – triangle route
  • Page 233 – Triangle Route
  • Page 234 – C. Security Service licenses FAQ; C02. Where can I buy the iCard and how much does it cost?
  • Page 235 – AS; ZyWALL 2Plus; ZyWALL 5; The activation will fail.; Content Filtering service?; Yes, you can try the Content Filtering service for free.; D. Security Service Activation and UpdateFAQ; Access firmware and security service updates.
  • Page 236 – Which ZyWALL models can be registered via myZyXEL.com?; following table for model mappings.
  • Page 238 – D10. What’s the URL for these service portals?; mySecurityZone; E. Content Filter FAQ
  • Page 239 – data center is timed out?
  • Page 240 – or for large corporations?; - 68% of all Internet porn traffic occurs during the 9 to 5 workday.; E15. How many URL keywords does ZyWALL support?; 4 keywords are supported.
  • Page 241 – E16. How do I keep database of Content Filtering service updated?
  • Page 242 – Site Submissions; E23. How many and what categories do you provide?; Potential Liable & Objectionable Content Categories
  • Page 243 – Potential Non-Productive Categories
  • Page 244 – geographically load balanced?
  • Page 245 – bottom of the device as below,; F01. How to count my VPN tunnels on ZyWALL?; ZyWALL counts the Network policies as VPN tunnels.
  • Page 247 – F04. What are most common VPN protocols?; What secure protocols does IPSec support?
  • Page 249 – F12. Is my ZyWALL ready for IPSec VPN?
  • Page 250 – F14. What VPN protocols are supported by ZyWALL?; authentication/integrity with or without confidentiality.; Source IP/Destination IP; indistinguishable, and VPN will not work.; Secure Gateway IP Address
  • Page 251 – F18. Does ZyWALL support dynamic secure gateway IP?
  • Page 252 – F21. Will ZyXEL support Secure Remote Management?
  • Page 253 – IKE
  • Page 254 – WAN to LAN; symmetric
  • Page 255 – G03. What are the security services PKI provides?
  • Page 257 – G09. How does a PKI ensure data confidentiality?; recipient's private key can decrypt the message.
  • Page 258 – before applying the hash function to the message.)
  • Page 259 – party) in order to use PKI functionality on ZyWALL.; G14. How can I have Self-signed certificate for ZyXEL appliance?; You can check content of Self-signed certificate in WEB GUI.; G18. What can I do prior to reset appliance's configuration?
  • Page 260 – the certificates by importing them afterward.; H01. What are the capability of wireless feature of ZyWALL?; authentication and WEP/WPA/WPA2 for security access control.; H02. What is the coverage range of Wireless in ZyWALL?; centre of the wireless client population.; H04. What are the advantages of Wireless LANs?
  • Page 261 – Wireless technology allows the network to go where wire cannot go.
  • Page 262 – will solve this problem.; H11. Can wireless signals pass through walls?
  • Page 263 – Minimizing the number of walls and ceilings
  • Page 264 – digital certificate.
Loading the manual

ZyWALL 2WG

Security Appliance

Support Notes

Version 4.03

Sep. 2007

"Loading the manual" means you need to wait until the file loads and becomes available for online reading. Some manuals are very large, and the time they take to appear depends on your internet speed.

Summary

Page 2 - ZyWALL 2WG Support Notes; INDEX; Access control and security VPN connection (Security policy

ZyWALL 2WG Support Notes 2 INDEX Application Notes ...................................................................................................... 9 Mobility Internet Access ........................................................................................9 Utilize 3G and Wireless for t...

Page 6 - E24. How does the ZyXEL content filtering handle dynamically

ZyWALL 2WG Support Notes 6 E15. How many URL keywords does ZyWALL support?.................... 240 E16. How do I keep database of Content Filtering service updated? . 241 E17. What is BlueCoat Filter list? .......................................................... 241 E18. How many ratings does the ...

Page 8 - G16. Will Self-signed certificate be erased if I reset to default

ZyWALL 2WG Support Notes All contents copyright (c) 2006 ZyXEL Communications Corporation. 8 G16. Will Self-signed certificate be erased if I reset to default configuration file? .................................................................................... 259 G17. Will certificates stored in...

Other Zyxel Models

All Zyxel Other