ZyXEL Communications Network Router ZLD Manuel d'utilisateur

www.zyxel.comQuick Start GuideZyWALL (ZLD) SeriesSecurity FirewallsVersions: 3.10Edition 2, 12/2013Copyright © 2011 ZyXEL Communications CorporationCL

Table of ContentsZyWALL (ZLD) CLI Reference Guide10Chapter 20Application Patrol...

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide100The following table describes the commands available for policy route. You must use the configure te

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide101[no] dscp {any | <0..63>} Sets a custom DSCP code point (0~63). This is the DSCP value of inc

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide102[no] tunnel tunnel_name Sets the incoming interface to an IPSec VPN tunnel. The no command removes t

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide103[no] source {address6_object|any} Sets the source IPv6 IP address that the matched packets must hav

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide1048.2.1 Assured Forwarding (AF) PHB for DiffServAssured Forwarding (AF) behavior is defined in RFC 25

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide1058.3 IP Static RouteThe ZyWALL has no knowledge of the networks beyond the network that is directly

Chapter 8 RouteZyWALL (ZLD) CLI Reference Guide1068.4.1 Static Route Commands ExamplesThe following command sets a static route with IP address 10.10

ZyWALL (ZLD) CLI Reference Guide 107CHAPTER 9Routing ProtocolThis chapter describes how to set up RIP and OSPF routing protocols for the ZyWALL.9.1

Chapter 9 Routing ProtocolZyWALL (ZLD) CLI Reference Guide1089.2.1 RIP CommandsThis table lists the commands for RIP.9.2.2 General OSPF CommandsThis

Chapter 9 Routing ProtocolZyWALL (ZLD) CLI Reference Guide1099.2.3 OSPF Area CommandsThis table lists the commands for OSPF areas.9.2.4 Virtual Lin

Table of ContentsZyWALL (ZLD) CLI Reference Guide11Chapter 23Content Filtering...

Chapter 9 Routing ProtocolZyWALL (ZLD) CLI Reference Guide1109.2.5 Learned Routing Information CommandsThis table lists the commands to look at learn

ZyWALL (ZLD) CLI Reference Guide 111CHAPTER 10ZonesSet up zones to configure network security and network policies in the ZyWALL. 10.1 Zones Overvi

Chapter 10 ZonesZyWALL (ZLD) CLI Reference Guide11210.2 Zone Commands SummaryThe following table describes the values required for many zone commands

Chapter 10 ZonesZyWALL (ZLD) CLI Reference Guide11310.2.1 Zone Command ExamplesThe following commands add Ethernet interfaces ge1 and ge2 to zone A

Chapter 10 ZonesZyWALL (ZLD) CLI Reference Guide114

ZyWALL (ZLD) CLI Reference Guide 115CHAPTER 11DDNSThis chapter describes how to configure dynamic DNS (DDNS) services for the ZyWALL.11.1 DDNS Over

Chapter 11 DDNSZyWALL (ZLD) CLI Reference Guide11611.2 DDNS Commands SummaryThe following table describes the values required for many DDNS commands.

Chapter 11 DDNSZyWALL (ZLD) CLI Reference Guide117[no] backup-iface interface_name Sets the backup WAN interface in the specified DDNS profile. The n

Chapter 11 DDNSZyWALL (ZLD) CLI Reference Guide118

ZyWALL (ZLD) CLI Reference Guide 119CHAPTER 12Virtual ServersThis chapter describes how to set up, manage, and remove virtual servers. Virtual serve

Table of ContentsZyWALL (ZLD) CLI Reference Guide1226.1.1 User Types ...

Chapter 12 Virtual ServersZyWALL (ZLD) CLI Reference Guide120The following table lists the virtual server commands.Table 60 ip virtual-server Comman

Chapter 12 Virtual ServersZyWALL (ZLD) CLI Reference Guide12112.2.1 Virtual Server Command ExamplesThe following command creates virtual server WAN-

Chapter 12 Virtual ServersZyWALL (ZLD) CLI Reference Guide12212.2.2 Tutorial - How to Allow Public Access to a ServerThis is an example of making an

ZyWALL (ZLD) CLI Reference Guide 123CHAPTER 13HTTP RedirectThis chapter shows you how to configure HTTP redirection on your ZyWALL.13.1 HTTP Redire

Chapter 13 HTTP RedirectZyWALL (ZLD) CLI Reference Guide12413.2 HTTP Redirect CommandsThe following table identifies the values required for many of

Chapter 13 HTTP RedirectZyWALL (ZLD) CLI Reference Guide12513.2.1 HTTP Redirect Command ExamplesThe following commands create a HTTP redirect rule,

Chapter 13 HTTP RedirectZyWALL (ZLD) CLI Reference Guide126

ZyWALL (ZLD) CLI Reference Guide 127CHAPTER 14ALGThis chapter covers how to use the ZyWALL’s ALG feature to allow certain applications to pass throu

Chapter 14 ALGZyWALL (ZLD) CLI Reference Guide12814.2 ALG Commands The following table lists the alg commands. You must use the configure terminal co

Chapter 14 ALGZyWALL (ZLD) CLI Reference Guide12914.3 ALG Commands ExampleThe following example turns on pass through for SIP and turns it off for H

Table of ContentsZyWALL (ZLD) CLI Reference Guide1331.1 Authentication Objects Overview ...

Chapter 14 ALGZyWALL (ZLD) CLI Reference Guide130

ZyWALL (ZLD) CLI Reference Guide 131CHAPTER 15IP/MAC Binding15.1 IP/MAC Binding OverviewIP address to MAC address binding helps ensure that only th

Chapter 15 IP/MAC BindingZyWALL (ZLD) CLI Reference Guide13215.3 IP/MAC Binding Commands ExampleThe following example enables IP/MAC binding on the L

ZyWALL (ZLD) CLI Reference Guide 133CHAPTER 16FirewallThis chapter introduces the ZyWALL’s firewall and shows you how to configure your ZyWALL’s fir

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide13416.2 Firewall CommandsThe following table identifies the values required for many of these comm

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide135firewall zone_object {zone_object|ZyWALL} delete <1..5000>Removes a direction specific th

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide136firewall6 zone_object {zone_object|ZyWALL} append Enters the IPv6 firewall sub-command mode to a

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide13716.2.1 Firewall Sub-CommandsThe following table describes the sub-commands for several firewal

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide13816.2.2 Firewall Command ExamplesThese are IPv4 firewall configuration examples. The IPv6 firewa

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide139The following command displays the default IPv6 firewall rule that applies to the WAN to ZyWALL

Table of ContentsZyWALL (ZLD) CLI Reference Guide1437.3 Host Name Commands ...

Chapter 16 FirewallZyWALL (ZLD) CLI Reference Guide140session-limit append Enters the session-limit sub-command mode to add a session-limit rule to th

ZyWALL (ZLD) CLI Reference Guide 141CHAPTER 17IPSec VPNThis chapter explains how to set up and maintain IPSec VPNs in the ZyWALL. 17.1 IPSec VPN Ov

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide142which the ZyWALL and remote IPSec router can send data between computers on the local network a

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide143The following sections list the IPSec VPN commands.17.2.1 IKE SA CommandsThis table lists the

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide14417.2.2 IPSec SA Commands (except Manual Keys)This table lists the commands for IPSec SAs, excl

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide145crypto map rename map_name map_name Renames the specified IPSec SA (first map_name) to the spe

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide146[no] nail-up Automatically re-negotiates the SA as needed. The no command does not.[no] replay-

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide14717.2.3 IPSec SA Commands (for Manual Keys)This table lists the additional commands for IPSec

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide14817.2.5 VPN Configuration Provisioning CommandsThis table lists the commands for VPN configurat

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide14917.2.6 SA Monitor CommandsThis table lists the commands for the SA monitor.Table 76 sa Comm

Table of ContentsZyWALL (ZLD) CLI Reference Guide15Chapter 39File Manager...

Chapter 17 IPSec VPNZyWALL (ZLD) CLI Reference Guide150

ZyWALL (ZLD) CLI Reference Guide 151CHAPTER 18SSL VPNThis chapter shows you how to set up secure SSL VPN access for remote user login.18.1 SSL Acce

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide152The following sections list the SSL VPN commands.18.2.1 SSL VPN CommandsThis table lists the com

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide15318.2.2 Setting an SSL VPN Rule TutorialHere is an example SSL VPN configuration. The SSL VPN ru

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide1541 First of all, configure 10.1.1.254/24 for the IP address of interface ge2 which is an external

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide1556 Displays the SSL VPN rule settings.Router(config)# show sslvpn policy SSL_VPN_TESTindex: 1 ac

Chapter 18 SSL VPNZyWALL (ZLD) CLI Reference Guide156

ZyWALL (ZLD) CLI Reference Guide 157CHAPTER 19L2TP VPNThis chapter explains how to set up and maintain L2TP VPNs in the ZyWALL. 19.1 L2TP VPN Overv

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide15819.2.1 Using the Default L2TP VPN ConnectionDefault_L2TP_VPN_Connection is pre-configured to be

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide15919.4 L2TP VPN CommandsThe following table describes the values required for some L2TP VPN comm

Table of ContentsZyWALL (ZLD) CLI Reference Guide16Chapter 42Session Timeout ...

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide16019.5 L2TP VPN ExampleThis example uses the following settings in creating a basic L2TP VPN tunn

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide161• You configure an IP address pool object named L2TP_POOL to assign the remote users IP address

Chapter 19 L2TP VPNZyWALL (ZLD) CLI Reference Guide162• Enable the connection. 19.5.4 Configuring the Policy Route for L2TP ExampleThe following co

ZyWALL (ZLD) CLI Reference Guide 163CHAPTER 20Application PatrolThis chapter describes how to set up application patrol for the ZyWALL. 20.1 Applic

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide164The following sections list the application patrol commands.20.2.1 Pre-defined Applic

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide16520.2.2.1 Rule Sub-commandsThe following table describes the sub-commands for several

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide16620.2.3 Exception Commands for Pre-defined ApplicationsThis table lists the commands f

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide16720.2.4 Other Application CommandsThis table lists the commands for other application

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide16820.2.5.1 Other Rule Sub-commandsThe following table describes the sub-commands for se

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide169This table lists the general commands for application patrol.Table 90 app Commands:

17PART IIntroduction

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide17020.2.6.1 General Command ExamplesThe following examples show the information that is

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide171Router# configure terminalRouter(config)# show app other configbandwidth-graph: yesRo

Chapter 20 Application PatrolZyWALL (ZLD) CLI Reference Guide172

ZyWALL (ZLD) CLI Reference Guide 173CHAPTER 21Anti-VirusThis chapter introduces and shows you how to configure the anti-virus scanner. 21.1 Anti-Vi

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide17421.2.1 General Anti-virus CommandsThe following table describes general anti-virus commands.

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide175anti-virus rule <1..32> Enters the anti-virus sub-command mode to edit the specified di

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide17621.2.2.1 Zone to Zone Anti-virus Rule ExampleThis example shows how to configure (and display

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide17721.2.3.1 White and Black Lists ExampleThis example shows how to enable the white list and co

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide17821.2.4.1 Signature Search ExampleThis example shows how to search for anti-virus signatures w

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide17921.3.1 Update Signature ExamplesThese examples show how to enable/disable automatic anti-vir

18

Chapter 21 Anti-VirusZyWALL (ZLD) CLI Reference Guide18021.4.1 Anti-virus Statistics ExampleThis example shows how to collect and display anti-virus

ZyWALL (ZLD) CLI Reference Guide 181CHAPTER 22IDP CommandsThis chapter introduces IDP-related commands.22.1 OverviewCommands mostly mirror web conf

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide182This table shows the IDP signature, anomaly, and system-protect activation commands.22.2.1.1

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide18322.3.1.1 Example of Global Profile CommandsIn this example we rename an IDP signature prof

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide18422.3.2.1 Example of IDP Zone to Zone Rule CommandsThe following example creates IDP zone to

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide185Note: You CANNOT change the base profile later!Table 103 Editing/Creating Anomaly Profile

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide186[no] http-inspection {http-xxx} activate Activates or deactivates http-inspection options wh

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide187show idp anomaly profile scan-detection {tcp-portscan | tcp-decoy-portscan | tcp-portsweep

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide18822.3.4.1 Creating an Anomaly Profile ExampleIn this example we create a profile named “test

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide189Note: It is recommended you use the web configurator to search for signatures.22.3.6.1 Sea

ZyWALL (ZLD) CLI Reference Guide 19CHAPTER 1Command Line InterfaceThis chapter describes how to access and use the CLI (Command Line Interface).1.1

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide190example, to search for signatures for Windows NT, Windows XP and Windows 2000 computers, the

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide19122.3.6.2 Signature Search ExampleThis example command searches for all signatures in the L

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide19222.4.1 Custom Signature ExamplesThese examples show how to create a custom signature, edit

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide193This example shows you how to display custom signature details. Router(config)# show idp si

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide194This example shows you how to display custom signature contents. Router(config)# show idp si

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide195This example shows you how to display all details of a custom signature. This example shows

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide19622.5.1 Update Signature ExamplesThese examples show how to enable/disable automatic IDP dow

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide19722.6.1 IDP Statistics ExampleThis example shows how to collect and display IDP statistics.

Chapter 22 IDP CommandsZyWALL (ZLD) CLI Reference Guide198

ZyWALL (ZLD) CLI Reference Guide 199CHAPTER 23Content FilteringThis chapter covers how to use the content filtering feature to control web access. 2

This is a Reference Guide for a series of products intended for people who want to configure ZLD- based ZyWALLs via Command Line Interface (CLI). Som

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide201.2.1 Console PortThe default settings for the console port are as follows. When yo

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20023.5 Content Filter Command Input ValuesThe following table explains the values you ca

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20123.6 General Content Filter CommandsThe following table lists the commands that you c

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide202mode to be able to use these commands. See Table 111 on page 200 for details about the

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20323.7 Content Filter Filtering Profile CommandsThe following table lists the commands

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide204content-filter profile filtering_profile custom-list keywordEnters the sub-command for

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20523.8 Content Filter URL Cache Commands The following table lists the commands that yo

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide206Use the configure terminal command to enter the configuration mode to be able to use th

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide20723.9.1 Content Filtering Statistics ExampleThis example shows how to collect and disp

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide2088 Activate the customization.Router# configure terminalRouter(config)# address-object s

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide209Use this command to display the settings of the profile.Router(config)# show content-f

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide21When you access the CLI using the web console, your computer establishes a SSH (Sec

Chapter 23 Content FilteringZyWALL (ZLD) CLI Reference Guide210

ZyWALL (ZLD) CLI Reference Guide 211CHAPTER 24Anti-SpamThis chapter introduces and shows you how to configure the anti-spam scanner. 24.1 Anti-Spam

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide21224.2.1.1 Activate/Deactivate Anti-Spam ExampleThis example shows how to activate and deactivat

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide213show anti-spam {smtp | pop3} defaultportDisplay the SMTP or POP3 TCP ports the ZyWALL checks f

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide21424.2.2.1 Zone to Zone Anti-spam Rule ExampleThis example shows how to configure (and display)

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide215Use the white list to identify legitimate e-mail and the black list to identify spam e-mail. T

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide21624.2.3.1 White and Black Lists ExampleThis example shows how to configure and enable a white l

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide217This table describes the DNSBL commands. Table 122 DNSBL CommandsCOMMAND DESCRIPTION[no] ant

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide21824.2.4.1 DNSBL ExampleThis example:• Sets the ZyWALL to use “DNSBL-example.com” as a DNSBL.• T

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide21924.3 Anti-Spam StatisticsThe following table describes the commands for collecting and displa

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide22Note: The default login username is admin. It is case-sensitive.Figure 5 Web Conso

Chapter 24 Anti-SpamZyWALL (ZLD) CLI Reference Guide220

ZyWALL (ZLD) CLI Reference Guide 221CHAPTER 25Device HAUse device HA to increase network reliability. Device HA lets a backup ZyWALL (B) automatical

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide222Otherwise you must manually configure the master ZyWALL’s settings on the backup (by editing co

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide223Virtual Router and Management IP Addresses• If a backup takes over for the master, it uses the

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide224[no] device-ha ap-mode interface_name manage-ip ip subnet_maskSets the management IP address fo

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide22525.4.2 Active-Passive Mode Device HA Command ExampleThis example configures a ZyWALL to be a

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide22625.6.1 VRRP Group CommandsThis table lists the commands for VRRP groups.25.6.2 VRRP Synchroni

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide22725.6.3 Link Monitoring CommandsThis table lists the commands for link monitoring. Link monito

Chapter 25 Device HAZyWALL (ZLD) CLI Reference Guide228

ZyWALL (ZLD) CLI Reference Guide 229CHAPTER 26User/GroupThis chapter describes how to set up user accounts, user groups, and user settings for the Z

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide231.2.3 TelnetUse the following steps to Telnet into your ZyWALL.1 If your computer

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23026.2 User/Group Commands SummaryThe following table identifies the values required for many u

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23126.2.2 User Group CommandsThis table lists the commands for groups.26.2.3 User Setting Comm

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23226.2.3.1 User Setting Command ExamplesThe following commands show the current settings for th

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23326.2.4 Force User Authentication CommandsThis table lists the commands for forcing user auth

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23426.2.4.1 force-auth Sub-commandsThe following table describes the sub-commands for several fo

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide235• Description: EPS-on-LAN• Source: use address object “LAN1_SUBNET”• Destination: use address

Chapter 26 User/GroupZyWALL (ZLD) CLI Reference Guide23626.2.5.1 Additional User Command ExamplesThe following commands display the users that are cu

ZyWALL (ZLD) CLI Reference Guide 237CHAPTER 27AddressesThis chapter describes how to set up addresses and address groups for the ZyWALL.27.1 Addres

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide238The following sections list the address object and address group commands.27.2.1 Address Objec

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide23927.2.1.1 Address Object Command ExamplesThe following example creates three IPv4 address obje

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide241.4 How Commands Are ExplainedEach chapter explains the commands for one keyword. T

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide240The following example creates host, range, subnet, and link local IPv6 address objects and then

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide24127.2.2.1 Address Group Command ExamplesThe following commands create three address objects A0

Chapter 27 AddressesZyWALL (ZLD) CLI Reference Guide242

ZyWALL (ZLD) CLI Reference Guide 243CHAPTER 28ServicesUse service objects to define TCP applications, UDP applications, and ICMP messages. You can a

Chapter 28 ServicesZyWALL (ZLD) CLI Reference Guide24428.2.1.1 Service Object Command ExamplesThe following commands create four services, displays t

Chapter 28 ServicesZyWALL (ZLD) CLI Reference Guide24528.2.2.1 Service Group Command ExamplesThe following commands create service ICMP_ECHO, create

Chapter 28 ServicesZyWALL (ZLD) CLI Reference Guide246

ZyWALL (ZLD) CLI Reference Guide 247CHAPTER 29SchedulesUse schedules to set up one-time and recurring schedules for policy routes, firewall rules, a

Chapter 29 SchedulesZyWALL (ZLD) CLI Reference Guide24829.2.1 Schedule Command ExamplesThe following commands create recurring schedule SCHEDULE1 and

ZyWALL (ZLD) CLI Reference Guide 249CHAPTER 30AAA ServerThis chapter introduces and shows you how to configure the ZyWALL to use external authentica

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide25•Enter range exactly as it appears, followed by two numbers between 1 and 65535.1.4

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25030.2.2 ldap-server Commands The following table lists the ldap-server commands you use to set

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25130.2.3 radius-server Commands The following table lists the radius-server commands you use t

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25230.2.6 aaa group server ldap Commands The following table lists the aaa group server ldap com

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25330.2.7 aaa group server radius Commands The following table lists the aaa group server radiu

Chapter 30 AAA ServerZyWALL (ZLD) CLI Reference Guide25430.2.8 aaa group server Command ExampleThe following example creates a RADIUS server group wi

ZyWALL (ZLD) CLI Reference Guide 255CHAPTER 31Authentication ObjectsThis chapter shows you how to select different authentication methods for user a

Chapter 31 Authentication ObjectsZyWALL (ZLD) CLI Reference Guide25631.2.1 aaa authentication Command ExampleThe following example creates an authent

Chapter 31 Authentication ObjectsZyWALL (ZLD) CLI Reference Guide257• Bind-dn: zyxel\engineerABC• Password: abcdefg• Login-name-attribute: sAMAccount

Chapter 31 Authentication ObjectsZyWALL (ZLD) CLI Reference Guide258

ZyWALL (ZLD) CLI Reference Guide 259CHAPTER 32CertificatesThis chapter explains how to use the Certificates.32.1 Certificates OverviewThe ZyWALL ca

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide261.6 Shortcuts and Help1.6.1 List of Available CommandsA list of valid commands can

Chapter 32 CertificatesZyWALL (ZLD) CLI Reference Guide26032.4 Certificates Commands SummaryThe following table lists the commands that you can use t

Chapter 32 CertificatesZyWALL (ZLD) CLI Reference Guide261ca validation remote_certificate Enters the sub command mode for validation of certificates

Chapter 32 CertificatesZyWALL (ZLD) CLI Reference Guide262show ca category {local|remote} name certificate_name certpathDisplays the certification pat

Chapter 32 CertificatesZyWALL (ZLD) CLI Reference Guide26332.5 Certificates Commands ExamplesThe following example creates a self-signed X.509 certi

ZyWALL (ZLD) CLI Reference Guide 264CHAPTER 33ISP AccountsUse ISP accounts to manage Internet Service Provider (ISP) account information for PPPoE,

Chapter 33 ISP AccountsZyWALL (ZLD) CLI Reference Guide26533.1.2 Cellular Account CommandsThe following table lists the cellular ISP account command

ZyWALL (ZLD) CLI Reference Guide 266CHAPTER 34SSL ApplicationThis chapter describes how to configure SSL application objects for use in SSL VPN.34.1

Chapter 34 SSL ApplicationZyWALL (ZLD) CLI Reference Guide267server-type file-sharing share-path share-pathSpecifies the IP address, domain name or N

Chapter 34 SSL ApplicationZyWALL (ZLD) CLI Reference Guide26834.1.2 SSL Application Command ExamplesThe following commands create and display a serve

ZyWALL (ZLD) CLI Reference Guide 269CHAPTER 35Endpoint SecurityThis chapter describes how to configure endpoint security objects for use in authenti

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide271.6.3 Entering Partial CommandsThe CLI does not accept partial or incomplete comma

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide270RequirementsUser computers must have Sun’s Java (Java Runtime Environment or ‘JRE’) ins

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide271[no] personal-firewall personal_firewall_software_name detect-auto-protection {enable

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide272windows-version {windows-2000 | windows-xp | windows-2003 | windows-2008 | windows-vist

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide27335.1.3 Endpoint Security Object Command ExamplePeter wants to create and display an e

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide274However, he needs to check the Anti-Virus software name defined on the ZyWALL. The foll

Chapter 35 Endpoint SecurityZyWALL (ZLD) CLI Reference Guide275Now Peter can create the EPS object profile as the example shown next. Note that he us

ZyWALL (ZLD) CLI Reference Guide 276CHAPTER 36DHCPv6 ObjectsThis chapter describes how to configure and view DHCPv6 request and lease objects. 36.1

Chapter 36 DHCPv6 ObjectsZyWALL (ZLD) CLI Reference Guide27736.1.2 DHCPv6 Object Command ExamplesThis example creates and displays a DHCPv6 lease ob

Chapter 36 DHCPv6 ObjectsZyWALL (ZLD) CLI Reference Guide278This example creates and displays a DHCPv6 pre-fix delegation lease object named “pfx” for

ZyWALL (ZLD) CLI Reference Guide 279CHAPTER 37SystemThis chapter provides information on the commands that correspond to what you can configure in t

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide281.7 Input ValuesYou can use the ? or [TAB] to get more information about the next i

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide280Figure 26 Access Page Customization You can specify colors in one of the following ways:• color

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide28137.3 Host Name CommandsThe following table describes the commands available for the hostname and

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide28237.4.1 Date/Time CommandsThe following table describes the commands available for date and time s

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide28337.6 DNS Overview DNS (Domain Name System) is for mapping a domain name to its corresponding IP

Chapter 37 SystemZyWALL (ZLD) CLI Reference Guide28437.6.3 DNS Command ExampleThis command sets an A record that specifies the mapping of a fully qua

ZyWALL (ZLD) CLI Reference Guide 285CHAPTER 38System Remote ManagementThis chapter shows you how to determine which services/protocols can access wh

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide28638.2 Common System Command Input ValuesThe following table identifies the value

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide287[no] ip http secure-server cert certificate_name Specifies a certificate used b

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide28838.3.1 HTTP/HTTPS Command ExamplesThis following example adds a service control

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide28938.4.3 SSH CommandsThe following table describes the commands available for SS

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide29domain name Used in content filtering0+ lower-case letters, numbers, or .-Used in i

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29038.5 Telnet You can configure your ZyWALL for remote Telnet access.38.6 Telnet

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide291This command displays Telnet settings.38.7 Configuring FTP You can upload and

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29238.7.2 FTP Commands ExamplesThis command sets a service control rule that allow

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29338.8.3 SNMP CommandsThe following table describes the commands available for S

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide294The following command sets the password (secret) for read-write (rw) access.The

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29538.10.1 AT Command StringsFor regular telephone lines, the default Dial string

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29638.10.4.1 Dial-in Management Command ExamplesThe following commands show you ho

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29738.11.1.1 Vantage CNM Command ExamplesThe following example turns on Vantage C

Chapter 38 System Remote ManagementZyWALL (ZLD) CLI Reference Guide29838.13 IPv6 Commands Use the ipv6 commands to enable or disable IPv6 support. Yo

ZyWALL (ZLD) CLI Reference Guide 299CHAPTER 39File ManagerThis chapter covers how to work with the ZyWALL’s firmware, certificates, configuration fi

ZyWALL (ZLD) CLI Reference Guide3Introduction ...

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide30key length -- 512, 768, 1024, 1536, 2048license key 25 “S-” + 6 upper-case letters o

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide300 These files have the same syntax, which is also identical to the way you run CLI commands m

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide301Line 3 in the following example exits sub command mode.Lines 1 and 3 in the following examp

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide302• When the ZyWALL reboots, if the startup-config.conf file passes the error check, the ZyWAL

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide30339.4 File Manager Commands SummaryThe following table lists the commands that you can use

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide30439.5 File Manager Command ExamplesThis example saves a back up of the current configuration

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide305The firmware update can take up to five minutes. Do not turn off or reset the ZyWALL while

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide30639.6.4 Command Line FTP Configuration File Download ExampleThe following example gets a con

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide30739.8 Notification of a Damaged Recovery Image or FirmwareThe ZyWALL’s recovery image and/o

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide3084 If “Connect a computer to port 1 and FTP to 192.168.1.1 to upload the new file” displays

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide309Note: You only need to use the atuk or atur command if the recovery image is damaged. Figur

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide311.8 Ethernet InterfacesHow you specify an Ethernet interface depends on the ZyWALL

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide3107 Enter atgo. The ZyWALL starts up. If “Connect a computer to port 1 and FTP to 192.168.1.1

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide3117 Wait for the file transfer to complete.Figure 41 FTP Firmware Transfer Complete8 After

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide31210 The username prompt displays after the ZyWALL starts up successfully. The firmware recove

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide313If the default system database file is not valid, the ZyWALL displays a warning message in

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide314example, "1.01(XL.0)C0.db". Do the following after you have obtained the default s

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide3157 Hit enter to log in anonymously.8 Set the transfer mode to binary (type bin).9 Transfer t

Chapter 39 File ManagerZyWALL (ZLD) CLI Reference Guide31612 The username prompt displays after the ZyWALL starts up successfully. The default system

ZyWALL (ZLD) CLI Reference Guide 317CHAPTER 40LogsThis chapter provides information about the ZyWALL’s logs. Note: When the system log reaches the m

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide31840.1.1 Log Entries CommandsThis table lists the commands to look at log entries.40.1.2 System Log

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide31940.1.2.1 System Log Command ExamplesThe following command displays the current status of the syste

Chapter 1 Command Line InterfaceZyWALL (ZLD) CLI Reference Guide321.10 Logging OutEnter the exit or end command in configure mode to go to privilege

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide320This table lists the commands for the remote syslog server settings.This table lists the commands fo

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide321[no] logging mail <1..2> address {ip | hostname}Sets the URL or IP address of the mail server

Chapter 40 LogsZyWALL (ZLD) CLI Reference Guide32240.1.4.1 E-mail Profile Command ExamplesThe following commands set up e-mail log 1.40.1.5 Console

ZyWALL (ZLD) CLI Reference Guide 323CHAPTER 41Reports and RebootThis chapter provides information about the report associated commands and how to re

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide32441.1.2 Report Command ExamplesThe following commands start collecting data, display t

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide32541.2 Email Daily Report CommandsThe following table identifies the values used in so

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide32641.2.1 Email Daily Report ExampleThis example sets the following about sending a dail

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide327• Has the ZyWALL provide username 12345 and password 12345 to the SMTP server for aut

Chapter 41 Reports and RebootZyWALL (ZLD) CLI Reference Guide328This displays the email daily report settings and has the ZyWALL send the report.41.3

ZyWALL (ZLD) CLI Reference Guide 329CHAPTER 42Session TimeoutUse these commands to modify and display the session timeout values. You must use the c

ZyWALL (ZLD) CLI Reference Guide 33CHAPTER 2User and Privilege ModesThis chapter describes how to use these two modes.2.1 User And Privilege Modes

Chapter 42 Session TimeoutZyWALL (ZLD) CLI Reference Guide330

ZyWALL (ZLD) CLI Reference Guide 331CHAPTER 43 DiagnosticsThis chapter covers how to use the diagnostics feature. 43.1 DiagnosticsThe diagnostics

Chapter 43 DiagnosticsZyWALL (ZLD) CLI Reference Guide332

ZyWALL (ZLD) CLI Reference Guide 333CHAPTER 44Packet Flow ExploreThis chapter covers how to use the packet flow explore feature. 44.1 Packet Flow

Chapter 44 Packet Flow ExploreZyWALL (ZLD) CLI Reference Guide33444.3 Packet Flow Explore Commands ExampleThe following example shows all routing rel

Chapter 44 Packet Flow ExploreZyWALL (ZLD) CLI Reference Guide335The following example shows all activated dynamic VPN rules.The following example sh

Chapter 44 Packet Flow ExploreZyWALL (ZLD) CLI Reference Guide336The following example shows the default WAN trunk settings.Router> show system sna

ZyWALL (ZLD) CLI Reference Guide 337CHAPTER 45Packet Flow FilterThis chapter covers how to use the packet flow filter feature. 45.1 Packet Flow Fi

Chapter 45 Packet Flow FilterZyWALL (ZLD) CLI Reference Guide33845.3 Packet Flow Filter Commands ExamplesThe following example configures packet flow

Chapter 45 Packet Flow FilterZyWALL (ZLD) CLI Reference Guide339This example displays the packet flow filter 1’s settings. This example displays the

Chapter 2 User and Privilege ModesZyWALL (ZLD) CLI Reference Guide34Subsequent chapters in this guide describe the configuration commands. User/privil

Chapter 45 Packet Flow FilterZyWALL (ZLD) CLI Reference Guide340This example activates the packet flow ring buffer feature. Router> configure term

ZyWALL (ZLD) CLI Reference Guide 341CHAPTER 46Maintenance ToolsUse the maintenance tool commands to check the conditions of other devices through th

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide342file-suffix <profile_name> Specifies text to add to the end of the file name (bef

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide343Here are maintenance tool commands that you can use in configuration mode. 46.1 Maint

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide344Here are maintenance tool commands that you can use in configure mode.The following exa

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide345• IP address: any•Host IP: any• Host port: any (then you do not need to configure this

Chapter 46 Maintenance ToolsZyWALL (ZLD) CLI Reference Guide346

ZyWALL (ZLD) CLI Reference Guide 347CHAPTER 47Watchdog TimerThis chapter provides information about the ZyWALL’s watchdog timers. 47.1 Hardware Wat

Chapter 47 Watchdog TimerZyWALL (ZLD) CLI Reference Guide34847.3 Application WatchdogThe application watchdog has the system restart a process that f

Chapter 47 Watchdog TimerZyWALL (ZLD) CLI Reference Guide349Application Watch Dog Setting: activate: yes alert: yes console print: always retry c

Chapter 2 User and Privilege ModesZyWALL (ZLD) CLI Reference Guide35is a Linux equivalent, it is displayed in this chapter for your reference. You mu

Chapter 47 Watchdog TimerZyWALL (ZLD) CLI Reference Guide350

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide351List of Commands (Alphabetical)This section lists the commands and sub-commands in

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide352[no] ad-server ssl ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide353[no] app-watch-dog cpu-threshold min <1..100> max <1..100> ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide354{fri|mon|sat|sun|thu|tue|wed} hh:mm offset ...2

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide355[no] description description ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide356[no] eps profile profile_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide357[no] interface {num|interface-name} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide358[no] ipv6 dhcp6-request-object dhcp6_profile ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide359[no] logging syslog <1..4> {disable | level normal | level all} ...

Chapter 2 User and Privilege ModesZyWALL (ZLD) CLI Reference Guide36debug system ipv6 IPv6 debug commandsdebug [cmdexec|corefile|ip |kernel|mac-id-rew

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide360[no] out-snat activate ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide361[no] security dot1x acct ip port <1..65535> ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide362[no] source {address_object|any} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide363[no] wan-iface interface_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide364anti-spam tag {dnsbl | dnsbl-timeout} [tag] ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide365bandwidth priority <1..7> ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide366content-filter profile filtering_profile url match {block | log | warn | pass} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide367debug system ipv6 ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide368eps warning-message {windows-auto-update | windows-security-patch | anti-virus | pe

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide369force-auth policy flush ...

37PART IIReference

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide370interface dial interface_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide371ip virtual-server profile_name interface interface_name original-ip {any | ip | ad

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide372login-page window-color {color-rgb | color-name | color-number} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide373no content-filter profile filtering_profile url offline {log} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide374object-group service rename group_name group_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide375renew dhcp interface-name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide376session-limit delete rule_number ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide377show anti-spam tag {dnsbl | dnsbl-timeout} ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide378show comport status ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide379show firewall ...

38

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide380show idp profiles ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide381show ipv6 nd ra status config_interface ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide382show reference object aaa authentication [default | auth_method] ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide383show sslvpn application [application_object] ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide384sslvpn no connection username user_name ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide385username username user-type ext-user ...

List of Commands (Alphabetical)ZyWALL (ZLD) CLI Reference Guide386

ZyWALL (ZLD) CLI Reference Guide 39CHAPTER 3Object ReferenceThis chapter describes how to use object reference commands.3.1 Object Reference Comman

ZyWALL (ZLD) CLI Reference Guide4Logs ...

Chapter 3 Object ReferenceZyWALL (ZLD) CLI Reference Guide403.1.1 Object Reference Command ExampleThis example shows how to check which configuration

ZyWALL (ZLD) CLI Reference Guide 41CHAPTER 4StatusThis chapter explains some commands you can use to display information about the ZyWALL’s current

Chapter 4 StatusZyWALL (ZLD) CLI Reference Guide42Here are examples of the commands that display the fan speed, MAC address, memory usage, RAM size, a

Chapter 4 StatusZyWALL (ZLD) CLI Reference Guide43Here is an example of the command that displays the open ports. Router(config)# show socket openNo.

Chapter 4 StatusZyWALL (ZLD) CLI Reference Guide44Here are examples of the commands that display the system uptime and model, firmware, and build info

ZyWALL (ZLD) CLI Reference Guide 45CHAPTER 5RegistrationThis chapter introduces myzyxel.com and shows you how to register the ZyWALL for IDP/AppPatr

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide46suppose you purchase a one-year Kaspersky engine anti-virus service subscription and use it fo

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide475.2.1 Command ExamplesThe following commands allow you to register your device with an exist

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide48The following command displays the service registration status and type and how many days rema

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide49039 Canada 040 Cape Verde041 Cayman Islands 042 Central African Republic043 Chad 044 Chile045

Table of ContentsZyWALL (ZLD) CLI Reference Guide5Table of ContentsTable of Contents ...

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide50119 Latvia 120 Lebanon121 Lesotho 122 Liberia123 Liechtenstein 124 Lithuania125 Luxembourg 126

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide51197 St Pierre and Miquelon 198 St. Helena199 Suriname 200 Svalbard and Jan Mayen Islands201 S

Chapter 5 RegistrationZyWALL (ZLD) CLI Reference Guide52

ZyWALL (ZLD) CLI Reference Guide 53CHAPTER 6InterfacesThis chapter shows you how to use interface-related commands.6.1 Interface OverviewIn general

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide54•The auxiliary interface, along with an external modem, provides an interface the ZyWALL can use

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide55* - Each name consists of 2-4 letters (interface type), followed by a number (x ). For most int

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide566.1.2 Relationships Between InterfacesIn the ZyWALL, interfaces are usually created on top of o

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide576.2 Interface General Commands SummaryThe following table identifies the values required for m

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide58show interface send statistics interval Displays the interval for how often the ZyWALL refreshes

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide59enable Turns on the IPv6 interface.nd ra accept Sets the IPv6 interface to accept IPv6 neighbor

Table of ContentsZyWALL (ZLD) CLI Reference Guide62.1 User And Privilege Modes ...

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide60nd ra prefix-advertisement dhcp6_profile dhcp6_suffix_64Configures the network prefix to use a d

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide61nd ra hop-limit Removes the maximum number of hops setting for router advertisements and all IP

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide626.2.1.1 Basic Interface Properties Command ExamplesThe following commands make Ethernet interfa

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide63This example shows how to restart an interface. You can check all interface names on the ZyWALL

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide64[no] host ip Specifies the static IP address the ZyWALL should assign. Use this command, along w

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide65[no] starting-address ip pool-size <1..65535>Sets the IP start address and maximum pool s

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide666.2.2.1 DHCP Setting Command ExamplesThe following example uses these commands to configure DHC

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide676.2.3 Interface Parameter Command ExamplesThis table shows an example of each interface type’s

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide686.2.4 RIP CommandsThis table lists the commands for RIP settings.6.2.5 OSPF CommandsThis table

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide69[no] passive-interface interface_name Sets the OSPF direction of the specified interface to in-

Table of ContentsZyWALL (ZLD) CLI Reference Guide76.6.2 Cellular Interface Command Examples ...

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide706.2.6 Connectivity Check (Ping-check) CommandsUse these commands to have an interface regularly

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide716.2.6.1 Connectivity Check Command ExampleThe following commands show you how to set the WAN1

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide726.3.2 Port Grouping CommandsThis section covers commands that are specific to port grouping.Not

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide736.3.2.1 Port Grouping Command ExamplesThe following commands add physical port 5 to representa

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide74gateway 4.6.7.8, upstream bandwidth 345, downstream bandwidth 123, and description “I am vir int

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide756.5.1 PPPoE/PPTP Interface Command ExamplesThe following commands show you how to configure PP

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide762.2.2.2, MTU 1200, upstream bandwidth 345, downstream bandwidth 123, description “I am ppp0”, an

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide77[no] network-selection {auto|home} Home network is the network to which you are originally subs

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide786.6.1 Cellular StatusThe following table describes the different kinds of cellular connection s

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide79Limited service returned by the service provider in cases where the SIM card is expired, the us

Table of ContentsZyWALL (ZLD) CLI Reference Guide89.2.3 OSPF Area Commands ...

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide806.6.2 Cellular Interface Command ExamplesThis example shows the configuration of a cellular int

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide816.7 Tunnel Interface Specific CommandsThe ZyWALL uses tunnel interfaces in Generic Routing Enc

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide826.7.1 Tunnel Interface Command ExamplesThis example creates a tunnel interface called tunnel0 t

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide836.8.1 USB Storage General Commands ExampleThis example shows how to display the status of the

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide846.9.1 WLAN General CommandsUse these commands to configure global settings that apply to all of

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide856.9.1.1 WLAN General Commands ExampleThis example sets wireless slot 1 to use the IEEE 802.11b

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide86[no] mtu <576..2304> Specifies the Maximum Transmission Unit, which is the maximum number

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide876.9.2.1 WLAN Interface Commands ExampleThis example configures WLAN AP interface 2 for slot 1

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide886.9.3.1 WLAN MAC Filter Commands ExampleThis example creates a MAC filter entry for MAC address

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide896.10.1 VLAN Interface Command ExamplesThe following commands show you how to set up VLAN vlan1

Table of ContentsZyWALL (ZLD) CLI Reference Guide9Chapter 16Firewall ...

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide906.11.1 Bridge Interface Command ExamplesThe following commands show you how to set up a bridge

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide916.12.1 Auxiliary Interface Command ExamplesThe following commands show you how to set up the a

Chapter 6 InterfacesZyWALL (ZLD) CLI Reference Guide92

ZyWALL (ZLD) CLI Reference Guide 93CHAPTER 7TrunksThis chapter shows you how to configure trunks on your ZyWALL.7.1 Trunks OverviewYou can group mu

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide947.3 Trunk Commands Input ValuesThe following table explains the values you can input with the inter

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide957.5 Trunk Command ExamplesThe following example creates a weighted round robin trunk for Ethernet

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide96The following example creates a spill-over trunk for Ethernet interfaces ge1 and ge3, which will app

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide974 File server C finds that the request comes from WAN2’s IP address instead of WAN1’s IP address an

Chapter 7 TrunksZyWALL (ZLD) CLI Reference Guide98

ZyWALL (ZLD) CLI Reference Guide 99CHAPTER 8RouteThis chapter shows you how to configure policies for IP routing and static routes on your ZyWALL.8.