ZyXEL Communications Network Card unified security gateway Manuel d'utilisateur Page 811
- Page / 959
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Appendix C Wireless LANs
ZyWALL USG 20/20W User’s Guide
811
authentication method does not support data encryption with dynamic session
key. You must configure WEP encryption keys for data encryption.
EAP-TLS (Transport Layer Security)
With EAP-TLS, digital certifications are needed by both the server and the wireless
clients for mutual authentication. The server presents a certificate to the client.
After validating the identity of the server, the client sends a different certificate to
the server. The exchange of certificates is done in the open before a secured
tunnel is created. This makes user identity vulnerable to passive attacks. A digital
certificate is an electronic ID card that authenticates the sender’s identity.
However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle
certificates, which imposes a management overhead.
EAP-TTLS (Tunneled Transport Layer Service)
EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for
only the server-side authentications to establish a secure connection. Client
authentication is then done by sending username and password through the
secure connection, thus client identity is protected. For client authentication, EAP-
TTLS supports EAP methods and legacy authentication methods such as PAP,
CHAP, MS-CHAP and MS-CHAP v2.
PEAP (Protected EAP)
Like EAP-TTLS, server-side certificate authentication is used to establish a secure
connection, then use simple username and password methods through the
secured connection to authenticate the clients, thus hiding client identity.
However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2
and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is
implemented only by Cisco.
LEAP
LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of
IEEE 802.1x.
Dynamic WEP Key Exchange
The AP maps a unique key that is generated with the RADIUS server. This key
expires when the wireless connection times out, disconnects or reauthentication
times out. A new WEP key is generated each time reauthentication is performed.
If this feature is enabled, it is not necessary to configure a default encryption key
in the wireless security configuration screen. You may still configure and store
keys, but they will not be used while dynamic WEP is enabled.
- ZyWALL USG 20/20W 1
- About This User's Guide 3
- User Guide Feedback 4
- Need More Help? 4
- Customer Support 5
- Disclaimer 5
- Document Conventions 6
- Icons Used in Figures 7
- Safety Warnings 8
- Contents Overview 9
- Table of Contents 11
- Chapter 7 13
- Chapter 8 14
- Chapter 12 16
- Chapter 13 16
- Chapter 44 24
- User’s Guide 27
- CHAPTER 1 29
- 1.3 Front Panel 32
- 1.4 Management Overview 33
- Console Port 34
- CHAPTER 2 37
- Firewall 38
- Bandwidth Management 38
- Content Filter 38
- Anti-Spam 38
- 2.2 Applications 39
- 2.2.2.1 Full Tunnel Mode 40
- CHAPTER 3 43
- Figure 6 Login Screen 44
- Figure 8 Dashboard 45
- 3.3.1 Title Bar 46
- 3.3.2 Navigation Panel 47
- 3.3.2.2 Monitor Menu 48
- 3.3.2.3 Configuration Menu 48
- Chapter 3 Web Configurator 49
- FOLDER OR 49
- TAB FUNCTION 49
- Chapter 3 Web Configurator 50
- 3.3.2.4 Maintenance Menu 51
- 3.3.3 Main Window 52
- 3.3.3.2 Site Map 53
- 3.3.3.3 Object Reference 53
- 3.3.4 Tables and Lists 54
- 3.3.4.3 Working with Lists 57
- CHAPTER 4 59
- 4.1.3 Internet Access: PPPoE 61
- 4.1.4 Internet Access: PPTP 63
- 4.1.5 ISP Parameters 63
- 4.1.5.1 PPTP Configuration 64
- 4.2 Device Registration 65
- Figure 29 Registration 66
- CHAPTER 5 69
- 5.2.2 Select WAN Type 70
- 5.2.3 Configure WAN Settings 71
- Chapter 5 Quick Setup 73
- 5.3 VPN Quick Setup 75
- Chapter 5 Quick Setup 80
- CHAPTER 6 87
- Figure 49 88
- 6.2.1 Interface Types 89
- 6.4 Packet Flow 91
- Figure 51 Packet Flow 92
- 6.5.1 Feature 95
- 6.5.2 Licensing Registration 96
- 6.5.3 Interface 96
- 6.5.4 Trunks 96
- 6.5.5 Policy Routes 96
- 6.5.6 Static Routes 98
- 6.5.7 Zones 98
- 6.5.8 DDNS 98
- 6.5.9 NAT 98
- 6.5.10 HTTP Redirect 99
- 6.5.11 ALG 100
- 6.5.12 Auth. Policy 100
- 6.5.13 Firewall 100
- 6.5.14 IPSec VPN 101
- 6.5.15 SSL VPN 101
- 6.5.16 Bandwidth Management 102
- 6.5.17 ADP 102
- 6.5.18 Content Filter 102
- 6.6 Objects 103
- 6.6.1 User/Group 104
- 6.7 System 105
- 6.7.3 File Manager 106
- 6.7.4 Diagnostics 106
- 6.7.5 Shutdown 106
- CHAPTER 7 107
- 7.1.2 Configure Port Roles 109
- 7.1.4 Configure Zones 110
- Figure 62 Trunk Example 113
- wan1: 1 Mbps 113
- cellular1: 512 Kbps 113
- 7.4.1 Set Up the VPN Gateway 117
- 7.5.1 Set Up User Accounts 120
- 7.5.2 Set Up User Groups 121
- User Accounts based on Groups 124
- Authentication Policies 126
- Configured) 131
- 7.9.1 Turn On the ALG 133
- 7.10.2 Configure NAT 137
- Chapter 7 Tutorials 140
- 7.11.1 Turn On the ALG 141
- 7.13.1 Set Up User Accounts 147
- Chapter 7 Tutorials 149
- 6 Click Activate Now 153
- 5 Click Networks > Add 156
- Certificates button 158
- 2 Click Import 158
- Technical Reference 163
- CHAPTER 8 165
- Chapter 8 Dashboard 166
- Table 19 Dashboard 167
- LABEL DESCRIPTION 168
- Chapter 8 Dashboard 169
- 8.2.1 The CPU Usage Screen 171
- 8.2.4 The VPN Status Screen 174
- 8.2.5 The DHCP Table Screen 174
- CHAPTER 9 177
- Chapter 9 Monitor 179
- 9.3 Interface Status Screen 181
- Chapter 9 Monitor 182
- 9.6 The DDNS Status Screen 189
- 9.7 IP/MAC Binding Monitor 189
- 9.8 The Login Users Screen 190
- 9.9 WLAN Status Screen 191
- 9.10.1 More Information 194
- 9.11 USB Storage Screen 195
- 9.18 Log Screen 207
- Table 44 Monitor > Log 208
- CHAPTER 10 211
- 10.2 The Registration Screen 212
- Chapter 10 Registration 213
- 10.3 The Service Screen 214
- Chapter 10 Registration 216
- CHAPTER 11 217
- Interface Characteristics 218
- Types of Interfaces 218
- 11.2 Port Role 220
- Physical Ports 221
- Interfaces 221
- 11.3 Ethernet Summary Screen 222
- 11.3.1 Ethernet Edit 223
- Chapter 11 Interfaces 225
- Chapter 11 Interfaces 226
- 11.3.2 Object References 232
- 11.4 PPP Interfaces 233
- 11.4.1 PPP Interface Summary 234
- 11.6.1 WLAN Add/Edit Screen 252
- Security) 261
- 11.8 VLAN Interfaces 264
- VLAN Interfaces Overview 265
- 11.8.1 VLAN Summary Screen 266
- 11.8.2 VLAN Add/Edit 267
- 11.9 Bridge Interfaces 274
- Bridge Interface Overview 275
- 11.9.1 Bridge Summary 276
- 11.9.2 Bridge Add/Edit 277
- IP Address Assignment 284
- Interface Parameters 285
- DHCP Settings 286
- PPPoE/PPTP Overview 288
- CHAPTER 12 289
- 12.1.2 What You Need to Know 290
- Spillover 291
- Finding Out More 291
- 12.3 Configuring a Trunk 293
- Chapter 12 Trunks 294
- CHAPTER 13 297
- Policy Routing 298
- Static Routes 298
- DiffServ 299
- 13.2 Policy Route Screen 300
- 13.3 IP Static Route Screen 307
- NAT and SNAT 309
- Port Triggering 310
- Maximize Bandwidth Usage 311
- CHAPTER 14 313
- 14.2 The RIP Screen 314
- 14.3 The OSPF Screen 315
- OSPF Areas 316
- OSPF Routers 317
- Virtual Links 318
- OSPF Configuration 319
- Chapter 14 Routing Protocols 321
- Authentication Types 325
- Chapter 14 Routing Protocols 326
- CHAPTER 15 327
- 15.1.2 What You Need to Know 328
- 15.2 The Zone Screen 329
- 15.3 Zone Edit 330
- CHAPTER 16 331
- 16.2 The DDNS Screen 332
- Chapter 16 DDNS 333
- DDNS server 335
- CHAPTER 17 337
- 17.2 The NAT Screen 338
- Chapter 17 NAT 339
- Chapter 17 NAT 342
- 17.3 NAT Technical Reference 343
- CHAPTER 18 347
- 18.1.2 What You Need to Know 348
- CHAPTER 19 351
- 19.1.2 What You Need to Know 352
- 19.2 The ALG Screen 355
- Chapter 19 ALG 356
- 19.3 ALG Technical Reference 357
- CHAPTER 20 359
- 20.2 IP/MAC Binding Summary 360
- 20.2.1 IP/MAC Binding Edit 361
- 20.2.2 Static DHCP Edit 362
- Chapter 20 IP/MAC Binding 364
- CHAPTER 21 365
- 21.1.2 What You Need to Know 366
- CHAPTER 22 373
- 22.1.2 What You Need to Know 374
- To-ZyWALL Rules 375
- Global Firewall Rules 375
- Firewall Rule Criteria 375
- User Specific Firewall Rules 375
- Firewall and VPN Traffic 376
- Session Limits 376
- 1 Any Any Any Any IRC Deny 377
- 2 Any Any Any Any Any Allow 377
- 22.2 The Firewall Screen 381
- Chapter 22 Firewall 383
- Chapter 22 Firewall 384
- CHAPTER 23 391
- 23.1.2 What You Need to Know 392
- Application Scenarios 393
- 23.1.3 Before You Begin 394
- Chapter 23 IPSec VPN 397
- Chapter 23 IPSec VPN 398
- Manual Key 403
- Key (continued) 404
- 23.3 The VPN Gateway Screen 406
- IKE SA Overview 415
- Authentication 417
- Additional Topics for IKE SA 419
- Negotiation Mode 419
- VPN, NAT, and NAT Traversal 419
- Extended Authentication 420
- IPSec SA Overview 421
- Encapsulation 422
- IPSec SA using Manual Keys 423
- CHAPTER 24 427
- SSL Access Policy Objects 428
- Chapter 24 SSL VPN 431
- Chapter 24 SSL VPN 432
- Figure 256 Login Screen 435
- CHAPTER 25 437
- 25.2 Remote User Login 438
- Figure 261 Login Screen 439
- Chapter 25 SSL User Screens 443
- # DESCRIPTION 443
- 25.4 Bookmarking the ZyWALL 444
- Chapter 25 SSL User Screens 446
- CHAPTER 26 447
- CHAPTER 27 449
- 27.2 Statistics 450
- 27.3 View Log 451
- 27.5 Stop the Connection 452
- CHAPTER 28 453
- Bandwidth Management Priority 455
- Configured Rate Effect 456
- Priority Effect 456
- CHAPTER 29 467
- 29.1.4 Before You Begin 468
- 29.2 The ADP General Screen 469
- 29.3.1 Base Profiles 471
- Chapter 29 ADP 473
- Chapter 29 ADP 474
- 29.4 ADP Technical Reference 479
- Decoy Port Scans 480
- Distributed Port Scans 480
- Port Sweeps 480
- Filtered Port Scans 480
- Flood Detection 481
- ICMP Flood Attack 481
- TCP SYN Flood Attack 481
- LAND Attack 482
- UDP Flood Attack 483
- CHAPTER 30 487
- Content Filtering Profiles 488
- Keyword Blocking URL Checking 488
- 30.1.3 Before You Begin 489
- Chapter 30 Content Filtering 491
- Chapter 30 Content Filtering 492
- CHAPTER 31 513
- CHAPTER 32 521
- Black List 522
- SMTP and POP3 522
- E-mail Headers 522
- 32.2 Before You Begin 523
- White List) > Add 529
- 32.6 The DNSBL Screen 532
- Chapter 32 Anti-Spam 533
- Chapter 32 Anti-Spam 538
- CHAPTER 33 539
- Ext-User Accounts 540
- Ext-Group-User Accounts 541
- User Groups 541
- User Awareness 541
- 33.2 User Summary Screen 542
- •adm •admin •any •bin •daemon 543
- • sync • uucp • zyxel 543
- Chapter 33 User/Group 544
- 33.3.1 Group Add/Edit Screen 546
- 33.4 Setting Screen 547
- Chapter 33 User/Group 549
- CHAPTER 34 555
- Chapter 34 Addresses 560
- CHAPTER 35 561
- CHAPTER 36 567
- Chapter 36 Schedules 570
- CHAPTER 37 573
- 37.1.2 RADIUS Server 574
- 37.1.3 ASAS 574
- 37.1.5 What You Need To Know 575
- Distinguished Name (DN) 576
- Base DN 576
- Bind DN 576
- 37.3 RADIUS Server Summary 579
- Chapter 37 AAA Server 582
- CHAPTER 38 583
- CHAPTER 39 589
- Advantages of Certificates 590
- Self-signed Certificates 590
- Factory Default Certificate 591
- Certificate File Formats 591
- Chapter 39 Certificates 594
- Chapter 39 Certificates 595
- characters 596
- CHAPTER 40 611
- 40.2.1 ISP Account Edit 612
- Chapter 40 ISP Accounts 613
- Chapter 40 ISP Accounts 614
- CHAPTER 41 615
- Remote Desktop Connections 616
- Weblinks 616
- Chapter 41 SSL Application 619
- Chapter 41 SSL Application 620
- CHAPTER 42 621
- Requirements 622
- Chapter 42 Endpoint Security 625
- Chapter 42 Endpoint Security 626
- CHAPTER 43 629
- 43.2 Host Name 630
- 43.3 USB Storage 631
- 43.4 Date and Time 631
- Chapter 43 System 633
- 43.5 Console Port Speed 636
- 43.6 DNS Overview 636
- Chapter 43 System 638
- 43.6.3 Address Record 640
- 43.6.4 PTR Record 640
- 43.6.8 MX Record 642
- 43.6.9 Adding a MX Record 643
- 43.7 WWW Overview 644
- 43.7.2 System Timeout 645
- 43.7.3 HTTPS 645
- 43.7.5 Service Control Rules 650
- 43.7.7 HTTPS Example 654
- 43.7.7.4 Login Screen 656
- 43.8 SSH 661
- 43.8.1 How SSH Works 662
- 43.8.4 Configuring SSH 663
- 43.9 Telnet 666
- 43.9.1 Configuring Telnet 667
- 43.10 FTP 668
- 43.11 SNMP 670
- 43.11.1 Supported MIBs 672
- 43.11.2 SNMP Traps 672
- 43.11.3 Configuring SNMP 672
- 43.12 Vantage CNM 674
- Note: HTTPS is recommended 676
- 43.13 Language Screen 677
- CHAPTER 44 679
- Chapter 44 Log and Report 680
- 44.3 Log Setting Screens 681
- 44.3.1 Log Setting Summary 682
- Chapter 44 Log and Report 685
- CHAPTER 45 693
- Chapter 45 File Manager 697
- Chapter 45 File Manager 698
- CHAPTER 46 705
- Chapter 46 Diagnostics 708
- Chapter 46 Diagnostics 709
- 46.4 Core Dump Screen 712
- 46.5 The System Log Screen 714
- CHAPTER 47 715
- 47.3 The SNAT Status Screen 719
- CHAPTER 48 723
- Chapter 48 Reboot 724
- CHAPTER 49 725
- Chapter 49 Shutdown 726
- CHAPTER 50 727
- 50.1 Resetting the ZyWALL 738
- Chapter 50 Troubleshooting 740
- CHAPTER 51 741
- FEATURE STANDARDS REFERENCED 745
- APPENDIX A 747
- Appendix A Log Descriptions 748
- LOG MESSAGE DESCRIPTION 748
- Table 241 Anti-Spam Logs 749
- Table 242 SSL VPN Logs 751
- Appendix A Log Descriptions 753
- Table 243 ZySH Logs 754
- Table 244 ADP Logs 756
- Table 245 User Logs 757
- Table 246 myZyXEL.com Logs 758
- Table 247 IKE Logs 762
- Table 248 IPSec Logs 766
- Table 249 Firewall Logs 767
- Table 251 Policy Route Logs 768
- Table 253 System Logs 773
- Table 256 NAT Logs 781
- Table 257 PKI Logs 782
- CODE DESCRIPTION 784
- Table 258 Interface Logs 785
- Table 259 WLAN Logs 791
- Table 260 Account Logs 792
- Table 263 File Manager Logs 793
- Table 264 DHCP Logs 794
- Table 267 Auth. Policy Logs 796
- Table 268 EPS Logs 796
- APPENDIX B 799
- Appendix B Common Services 800
- Appendix B Common Services 801
- APPENDIX C 803
- Figure 452 RTS/CTS 806
- Fragmentation Threshold 807
- Preamble Type 807
- IEEE 802.11g Wireless LAN 807
- Wireless Security Overview 808
- IEEE 802.1x 808
- Types of RADIUS Messages 809
- Types of EAP Authentication 810
- Dynamic WEP Key Exchange 811
- WPA and WPA2 812
- User Authentication 813
- Security Parameters Summary 816
- Antenna Overview 817
- Antenna Characteristics 817
- Types of Antennas for WLAN 817
- Positioning Antennas 818
- APPENDIX D 819
- Konqueror 840
- APPENDIX E 845
- APPENDIX F 935
- ZyXEL Limited Warranty 937
- Registration 938
- Numerics 939
Produits connexes et manuels pour Routeurs ZyXEL Communications Network Card unified security gateway
Routeurs ZyXEL ZYAIR B-2000 Manuel d'utilisateur
(204 pages)
(204 pages)
Routeurs ZyXEL FMG3024-D10A Manuel d'utilisateur
(316 pages)
(316 pages)
Routeurs ZyXEL P-870HW-51a Manuel d'utilisateur
(276 pages)
(276 pages)
Routeurs ZyXEL PLA-402 Manuel d'utilisateur
(60 pages)
(60 pages)
Routeurs ZyXEL AMG1202-T10A Manuel d'utilisateur
(296 pages)
(296 pages)
Routeurs ZyXEL P-335WT Manuel d'utilisateur
(485 pages)
(485 pages)
Routeurs ZyXEL NBG318S Manuel d'utilisateur
(83 pages)
(83 pages)
Routeurs ZyXEL WAP3205 Manuel d'utilisateur
(196 pages)
(196 pages)
Routeurs ZyXEL P-2602HWLNI Manuel d'utilisateur
(496 pages)
(496 pages)
Routeurs ZyXEL 1-Bay Manuel d'utilisateur
(162 pages)
(162 pages)
Routeurs ZyXEL P-334WHD Manuel d'utilisateur
(131 pages)
(131 pages)
© 2020, manymanuals.fr. Tous droits réservés | 0.248 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels