ZyXEL Communications Network Card unified security gateway Manuel d'utilisateur Page 392
- Page / 959
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Chapter 23 IPSec VPN
ZyWALL USG 20/20W User’s Guide
392
•Use the VPN Gateway screens (see Section 23.2.1 on page 396) to manage
the ZyWALL’s VPN gateways. A VPN gateway specifies the IPSec routers at
either end of a VPN tunnel and the IKE SA settings (phase 1 settings). You can
also activate and deactivate each VPN gateway.
23.1.2 What You Need to Know
An IPSec VPN tunnel is usually established in two phases. Each phase establishes
a security association (SA), a contract indicating what security parameters the
ZyWALL and the remote IPSec router will use. The first phase establishes an
Internet Key Exchange (IKE) SA between the ZyWALL and remote IPSec router.
The second phase uses the IKE SA to securely establish an IPSec SA through
which the ZyWALL and remote IPSec router can send data between computers on
the local network and remote network. This is illustrated in the following figure.
Figure 239 VPN: IKE SA and IPSec SA
In this example, a computer in network A is exchanging data with a computer in
network B. Inside networks A and B, the data is transmitted the same way data is
normally transmitted in the networks. Between routers X and Y, the data is
protected by tunneling, encryption, authentication, and other security features of
the IPSec SA. The IPSec SA is secure because routers X and Y established the IKE
SA first.
- ZyWALL USG 20/20W 1
- About This User's Guide 3
- User Guide Feedback 4
- Need More Help? 4
- Customer Support 5
- Disclaimer 5
- Document Conventions 6
- Icons Used in Figures 7
- Safety Warnings 8
- Contents Overview 9
- Table of Contents 11
- Chapter 7 13
- Chapter 8 14
- Chapter 12 16
- Chapter 13 16
- Chapter 44 24
- User’s Guide 27
- CHAPTER 1 29
- 1.3 Front Panel 32
- 1.4 Management Overview 33
- Console Port 34
- CHAPTER 2 37
- Firewall 38
- Bandwidth Management 38
- Content Filter 38
- Anti-Spam 38
- 2.2 Applications 39
- 2.2.2.1 Full Tunnel Mode 40
- CHAPTER 3 43
- Figure 6 Login Screen 44
- Figure 8 Dashboard 45
- 3.3.1 Title Bar 46
- 3.3.2 Navigation Panel 47
- 3.3.2.2 Monitor Menu 48
- 3.3.2.3 Configuration Menu 48
- Chapter 3 Web Configurator 49
- FOLDER OR 49
- TAB FUNCTION 49
- Chapter 3 Web Configurator 50
- 3.3.2.4 Maintenance Menu 51
- 3.3.3 Main Window 52
- 3.3.3.2 Site Map 53
- 3.3.3.3 Object Reference 53
- 3.3.4 Tables and Lists 54
- 3.3.4.3 Working with Lists 57
- CHAPTER 4 59
- 4.1.3 Internet Access: PPPoE 61
- 4.1.4 Internet Access: PPTP 63
- 4.1.5 ISP Parameters 63
- 4.1.5.1 PPTP Configuration 64
- 4.2 Device Registration 65
- Figure 29 Registration 66
- CHAPTER 5 69
- 5.2.2 Select WAN Type 70
- 5.2.3 Configure WAN Settings 71
- Chapter 5 Quick Setup 73
- 5.3 VPN Quick Setup 75
- Chapter 5 Quick Setup 80
- CHAPTER 6 87
- Figure 49 88
- 6.2.1 Interface Types 89
- 6.4 Packet Flow 91
- Figure 51 Packet Flow 92
- 6.5.1 Feature 95
- 6.5.2 Licensing Registration 96
- 6.5.3 Interface 96
- 6.5.4 Trunks 96
- 6.5.5 Policy Routes 96
- 6.5.6 Static Routes 98
- 6.5.7 Zones 98
- 6.5.8 DDNS 98
- 6.5.9 NAT 98
- 6.5.10 HTTP Redirect 99
- 6.5.11 ALG 100
- 6.5.12 Auth. Policy 100
- 6.5.13 Firewall 100
- 6.5.14 IPSec VPN 101
- 6.5.15 SSL VPN 101
- 6.5.16 Bandwidth Management 102
- 6.5.17 ADP 102
- 6.5.18 Content Filter 102
- 6.6 Objects 103
- 6.6.1 User/Group 104
- 6.7 System 105
- 6.7.3 File Manager 106
- 6.7.4 Diagnostics 106
- 6.7.5 Shutdown 106
- CHAPTER 7 107
- 7.1.2 Configure Port Roles 109
- 7.1.4 Configure Zones 110
- Figure 62 Trunk Example 113
- wan1: 1 Mbps 113
- cellular1: 512 Kbps 113
- 7.4.1 Set Up the VPN Gateway 117
- 7.5.1 Set Up User Accounts 120
- 7.5.2 Set Up User Groups 121
- User Accounts based on Groups 124
- Authentication Policies 126
- Configured) 131
- 7.9.1 Turn On the ALG 133
- 7.10.2 Configure NAT 137
- Chapter 7 Tutorials 140
- 7.11.1 Turn On the ALG 141
- 7.13.1 Set Up User Accounts 147
- Chapter 7 Tutorials 149
- 6 Click Activate Now 153
- 5 Click Networks > Add 156
- Certificates button 158
- 2 Click Import 158
- Technical Reference 163
- CHAPTER 8 165
- Chapter 8 Dashboard 166
- Table 19 Dashboard 167
- LABEL DESCRIPTION 168
- Chapter 8 Dashboard 169
- 8.2.1 The CPU Usage Screen 171
- 8.2.4 The VPN Status Screen 174
- 8.2.5 The DHCP Table Screen 174
- CHAPTER 9 177
- Chapter 9 Monitor 179
- 9.3 Interface Status Screen 181
- Chapter 9 Monitor 182
- 9.6 The DDNS Status Screen 189
- 9.7 IP/MAC Binding Monitor 189
- 9.8 The Login Users Screen 190
- 9.9 WLAN Status Screen 191
- 9.10.1 More Information 194
- 9.11 USB Storage Screen 195
- 9.18 Log Screen 207
- Table 44 Monitor > Log 208
- CHAPTER 10 211
- 10.2 The Registration Screen 212
- Chapter 10 Registration 213
- 10.3 The Service Screen 214
- Chapter 10 Registration 216
- CHAPTER 11 217
- Interface Characteristics 218
- Types of Interfaces 218
- 11.2 Port Role 220
- Physical Ports 221
- Interfaces 221
- 11.3 Ethernet Summary Screen 222
- 11.3.1 Ethernet Edit 223
- Chapter 11 Interfaces 225
- Chapter 11 Interfaces 226
- 11.3.2 Object References 232
- 11.4 PPP Interfaces 233
- 11.4.1 PPP Interface Summary 234
- 11.6.1 WLAN Add/Edit Screen 252
- Security) 261
- 11.8 VLAN Interfaces 264
- VLAN Interfaces Overview 265
- 11.8.1 VLAN Summary Screen 266
- 11.8.2 VLAN Add/Edit 267
- 11.9 Bridge Interfaces 274
- Bridge Interface Overview 275
- 11.9.1 Bridge Summary 276
- 11.9.2 Bridge Add/Edit 277
- IP Address Assignment 284
- Interface Parameters 285
- DHCP Settings 286
- PPPoE/PPTP Overview 288
- CHAPTER 12 289
- 12.1.2 What You Need to Know 290
- Spillover 291
- Finding Out More 291
- 12.3 Configuring a Trunk 293
- Chapter 12 Trunks 294
- CHAPTER 13 297
- Policy Routing 298
- Static Routes 298
- DiffServ 299
- 13.2 Policy Route Screen 300
- 13.3 IP Static Route Screen 307
- NAT and SNAT 309
- Port Triggering 310
- Maximize Bandwidth Usage 311
- CHAPTER 14 313
- 14.2 The RIP Screen 314
- 14.3 The OSPF Screen 315
- OSPF Areas 316
- OSPF Routers 317
- Virtual Links 318
- OSPF Configuration 319
- Chapter 14 Routing Protocols 321
- Authentication Types 325
- Chapter 14 Routing Protocols 326
- CHAPTER 15 327
- 15.1.2 What You Need to Know 328
- 15.2 The Zone Screen 329
- 15.3 Zone Edit 330
- CHAPTER 16 331
- 16.2 The DDNS Screen 332
- Chapter 16 DDNS 333
- DDNS server 335
- CHAPTER 17 337
- 17.2 The NAT Screen 338
- Chapter 17 NAT 339
- Chapter 17 NAT 342
- 17.3 NAT Technical Reference 343
- CHAPTER 18 347
- 18.1.2 What You Need to Know 348
- CHAPTER 19 351
- 19.1.2 What You Need to Know 352
- 19.2 The ALG Screen 355
- Chapter 19 ALG 356
- 19.3 ALG Technical Reference 357
- CHAPTER 20 359
- 20.2 IP/MAC Binding Summary 360
- 20.2.1 IP/MAC Binding Edit 361
- 20.2.2 Static DHCP Edit 362
- Chapter 20 IP/MAC Binding 364
- CHAPTER 21 365
- 21.1.2 What You Need to Know 366
- CHAPTER 22 373
- 22.1.2 What You Need to Know 374
- To-ZyWALL Rules 375
- Global Firewall Rules 375
- Firewall Rule Criteria 375
- User Specific Firewall Rules 375
- Firewall and VPN Traffic 376
- Session Limits 376
- 1 Any Any Any Any IRC Deny 377
- 2 Any Any Any Any Any Allow 377
- 22.2 The Firewall Screen 381
- Chapter 22 Firewall 383
- Chapter 22 Firewall 384
- CHAPTER 23 391
- 23.1.2 What You Need to Know 392
- Application Scenarios 393
- 23.1.3 Before You Begin 394
- Chapter 23 IPSec VPN 397
- Chapter 23 IPSec VPN 398
- Manual Key 403
- Key (continued) 404
- 23.3 The VPN Gateway Screen 406
- IKE SA Overview 415
- Authentication 417
- Additional Topics for IKE SA 419
- Negotiation Mode 419
- VPN, NAT, and NAT Traversal 419
- Extended Authentication 420
- IPSec SA Overview 421
- Encapsulation 422
- IPSec SA using Manual Keys 423
- CHAPTER 24 427
- SSL Access Policy Objects 428
- Chapter 24 SSL VPN 431
- Chapter 24 SSL VPN 432
- Figure 256 Login Screen 435
- CHAPTER 25 437
- 25.2 Remote User Login 438
- Figure 261 Login Screen 439
- Chapter 25 SSL User Screens 443
- # DESCRIPTION 443
- 25.4 Bookmarking the ZyWALL 444
- Chapter 25 SSL User Screens 446
- CHAPTER 26 447
- CHAPTER 27 449
- 27.2 Statistics 450
- 27.3 View Log 451
- 27.5 Stop the Connection 452
- CHAPTER 28 453
- Bandwidth Management Priority 455
- Configured Rate Effect 456
- Priority Effect 456
- CHAPTER 29 467
- 29.1.4 Before You Begin 468
- 29.2 The ADP General Screen 469
- 29.3.1 Base Profiles 471
- Chapter 29 ADP 473
- Chapter 29 ADP 474
- 29.4 ADP Technical Reference 479
- Decoy Port Scans 480
- Distributed Port Scans 480
- Port Sweeps 480
- Filtered Port Scans 480
- Flood Detection 481
- ICMP Flood Attack 481
- TCP SYN Flood Attack 481
- LAND Attack 482
- UDP Flood Attack 483
- CHAPTER 30 487
- Content Filtering Profiles 488
- Keyword Blocking URL Checking 488
- 30.1.3 Before You Begin 489
- Chapter 30 Content Filtering 491
- Chapter 30 Content Filtering 492
- CHAPTER 31 513
- CHAPTER 32 521
- Black List 522
- SMTP and POP3 522
- E-mail Headers 522
- 32.2 Before You Begin 523
- White List) > Add 529
- 32.6 The DNSBL Screen 532
- Chapter 32 Anti-Spam 533
- Chapter 32 Anti-Spam 538
- CHAPTER 33 539
- Ext-User Accounts 540
- Ext-Group-User Accounts 541
- User Groups 541
- User Awareness 541
- 33.2 User Summary Screen 542
- •adm •admin •any •bin •daemon 543
- • sync • uucp • zyxel 543
- Chapter 33 User/Group 544
- 33.3.1 Group Add/Edit Screen 546
- 33.4 Setting Screen 547
- Chapter 33 User/Group 549
- CHAPTER 34 555
- Chapter 34 Addresses 560
- CHAPTER 35 561
- CHAPTER 36 567
- Chapter 36 Schedules 570
- CHAPTER 37 573
- 37.1.2 RADIUS Server 574
- 37.1.3 ASAS 574
- 37.1.5 What You Need To Know 575
- Distinguished Name (DN) 576
- Base DN 576
- Bind DN 576
- 37.3 RADIUS Server Summary 579
- Chapter 37 AAA Server 582
- CHAPTER 38 583
- CHAPTER 39 589
- Advantages of Certificates 590
- Self-signed Certificates 590
- Factory Default Certificate 591
- Certificate File Formats 591
- Chapter 39 Certificates 594
- Chapter 39 Certificates 595
- characters 596
- CHAPTER 40 611
- 40.2.1 ISP Account Edit 612
- Chapter 40 ISP Accounts 613
- Chapter 40 ISP Accounts 614
- CHAPTER 41 615
- Remote Desktop Connections 616
- Weblinks 616
- Chapter 41 SSL Application 619
- Chapter 41 SSL Application 620
- CHAPTER 42 621
- Requirements 622
- Chapter 42 Endpoint Security 625
- Chapter 42 Endpoint Security 626
- CHAPTER 43 629
- 43.2 Host Name 630
- 43.3 USB Storage 631
- 43.4 Date and Time 631
- Chapter 43 System 633
- 43.5 Console Port Speed 636
- 43.6 DNS Overview 636
- Chapter 43 System 638
- 43.6.3 Address Record 640
- 43.6.4 PTR Record 640
- 43.6.8 MX Record 642
- 43.6.9 Adding a MX Record 643
- 43.7 WWW Overview 644
- 43.7.2 System Timeout 645
- 43.7.3 HTTPS 645
- 43.7.5 Service Control Rules 650
- 43.7.7 HTTPS Example 654
- 43.7.7.4 Login Screen 656
- 43.8 SSH 661
- 43.8.1 How SSH Works 662
- 43.8.4 Configuring SSH 663
- 43.9 Telnet 666
- 43.9.1 Configuring Telnet 667
- 43.10 FTP 668
- 43.11 SNMP 670
- 43.11.1 Supported MIBs 672
- 43.11.2 SNMP Traps 672
- 43.11.3 Configuring SNMP 672
- 43.12 Vantage CNM 674
- Note: HTTPS is recommended 676
- 43.13 Language Screen 677
- CHAPTER 44 679
- Chapter 44 Log and Report 680
- 44.3 Log Setting Screens 681
- 44.3.1 Log Setting Summary 682
- Chapter 44 Log and Report 685
- CHAPTER 45 693
- Chapter 45 File Manager 697
- Chapter 45 File Manager 698
- CHAPTER 46 705
- Chapter 46 Diagnostics 708
- Chapter 46 Diagnostics 709
- 46.4 Core Dump Screen 712
- 46.5 The System Log Screen 714
- CHAPTER 47 715
- 47.3 The SNAT Status Screen 719
- CHAPTER 48 723
- Chapter 48 Reboot 724
- CHAPTER 49 725
- Chapter 49 Shutdown 726
- CHAPTER 50 727
- 50.1 Resetting the ZyWALL 738
- Chapter 50 Troubleshooting 740
- CHAPTER 51 741
- FEATURE STANDARDS REFERENCED 745
- APPENDIX A 747
- Appendix A Log Descriptions 748
- LOG MESSAGE DESCRIPTION 748
- Table 241 Anti-Spam Logs 749
- Table 242 SSL VPN Logs 751
- Appendix A Log Descriptions 753
- Table 243 ZySH Logs 754
- Table 244 ADP Logs 756
- Table 245 User Logs 757
- Table 246 myZyXEL.com Logs 758
- Table 247 IKE Logs 762
- Table 248 IPSec Logs 766
- Table 249 Firewall Logs 767
- Table 251 Policy Route Logs 768
- Table 253 System Logs 773
- Table 256 NAT Logs 781
- Table 257 PKI Logs 782
- CODE DESCRIPTION 784
- Table 258 Interface Logs 785
- Table 259 WLAN Logs 791
- Table 260 Account Logs 792
- Table 263 File Manager Logs 793
- Table 264 DHCP Logs 794
- Table 267 Auth. Policy Logs 796
- Table 268 EPS Logs 796
- APPENDIX B 799
- Appendix B Common Services 800
- Appendix B Common Services 801
- APPENDIX C 803
- Figure 452 RTS/CTS 806
- Fragmentation Threshold 807
- Preamble Type 807
- IEEE 802.11g Wireless LAN 807
- Wireless Security Overview 808
- IEEE 802.1x 808
- Types of RADIUS Messages 809
- Types of EAP Authentication 810
- Dynamic WEP Key Exchange 811
- WPA and WPA2 812
- User Authentication 813
- Security Parameters Summary 816
- Antenna Overview 817
- Antenna Characteristics 817
- Types of Antennas for WLAN 817
- Positioning Antennas 818
- APPENDIX D 819
- Konqueror 840
- APPENDIX E 845
- APPENDIX F 935
- ZyXEL Limited Warranty 937
- Registration 938
- Numerics 939
Produits connexes et manuels pour Routeurs ZyXEL Communications Network Card unified security gateway
Routeurs ZyXEL ZYAIR B-2000 Manuel d'utilisateur
(204 pages)
(204 pages)
Routeurs ZyXEL FMG3024-D10A Manuel d'utilisateur
(316 pages)
(316 pages)
Routeurs ZyXEL P-870HW-51a Manuel d'utilisateur
(276 pages)
(276 pages)
Routeurs ZyXEL PLA-402 Manuel d'utilisateur
(60 pages)
(60 pages)
Routeurs ZyXEL AMG1202-T10A Manuel d'utilisateur
(296 pages)
(296 pages)
Routeurs ZyXEL P-335WT Manuel d'utilisateur
(485 pages)
(485 pages)
Routeurs ZyXEL NBG318S Manuel d'utilisateur
(83 pages)
(83 pages)
Routeurs ZyXEL WAP3205 Manuel d'utilisateur
(196 pages)
(196 pages)
Routeurs ZyXEL P-2602HWLNI Manuel d'utilisateur
(496 pages)
(496 pages)
Routeurs ZyXEL 1-Bay Manuel d'utilisateur
(162 pages)
(162 pages)
Routeurs ZyXEL P-334WHD Manuel d'utilisateur
(131 pages)
(131 pages)
© 2020, manymanuals.fr. Tous droits réservés | 0.085 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels