1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. ZyWALL-USG50
    5. /
  5. 139
Page 691 / 944 Scroll up to view Page 686 - 690
Chapter 45 System
ZyWALL USG 50 User’s Guide
691
Please refer to the following figure.
1
HTTPS connection requests from an SSL-aware web browser go to port 443 (by
default) on the ZyWALL’s web server.
2
HTTP connection requests from a web browser go to port 80 (by default) on the
ZyWALL’s web server.
Figure 391
HTTP/HTTPS Implementation
Note: If you disable
HTTP
in the
WWW
screen, then the ZyWALL blocks all HTTP
connection attempts.
45.6.4
Configuring WWW Service Control
Click
Configuration > System > WWW
to open the
WWW
screen. Use this
screen to specify from which zones you can access the ZyWALL using HTTP or
HTTPS. You can also specify which IP addresses the access can come from.
Page 692 / 944
Chapter 45 System
ZyWALL USG 50 User’s Guide
692
Note:
Admin Service Control
deals with management access (to the Web
Configurator).
User Service Control
deals with user access to the ZyWALL (logging into SSL
VPN for example).
Figure 392
Configuration > System > WWW > Service Control
The following table describes the labels in this screen.
Table 218
Configuration > System > WWW > Service Control
LABEL
DESCRIPTION
HTTPS
Enable
Select the check box to allow or disallow the computer with the IP
address that matches the IP address(es) in the
Service Control
table to access the ZyWALL Web Configurator using secure HTTPs
connections.
Page 693 / 944
Chapter 45 System
ZyWALL USG 50 User’s Guide
693
Server Port
The HTTPS server listens on port 443 by default. If you change the
HTTPS server port to a different number on the ZyWALL, for example
8443, then you must notify people who need to access the ZyWALL
Web Configurator to use “https://ZyWALL IP Address:
8443
” as the
URL.
Authenticate Client
Certificates
Select
Authenticate Client Certificates
(optional) to require the
SSL client to authenticate itself to the ZyWALL by sending the
ZyWALL a certificate. To do that the SSL client must have a CA-
signed certificate from a CA that has been imported as a trusted CA
on the ZyWALL (see
Section 45.6.7.5 on page 701
on importing
certificates for details).
Server Certificate
Select a certificate the HTTPS server (the ZyWALL) uses to
authenticate itself to the HTTPS client. You must have certificates
already configured in the
My Certificates
screen.
Redirect HTTP to
HTTPS
To allow only secure Web Configurator access, select this to redirect
all HTTP connection requests to the HTTPS server.
Admin/User
Service Control
Admin Service Control
specifies from which zones an administrator
can use HTTPS to manage the ZyWALL (using the Web Configurator).
You can also specify the IP addresses from which the administrators
can manage the ZyWALL.
User Service Control
specifies from which zones a user can use
HTTPS to log into the ZyWALL (to log into SSL VPN for example). You
can also specify the IP addresses from which the users can access
the ZyWALL.
Add
Click this to create a new entry. Select an entry and click
Add
to
create a new entry after the selected entry.
Edit
Double-click an entry or select it and click
Edit
to be able to modify
the entry’s settings.
Remove
To remove an entry, select it and click
Remove
. The ZyWALL
confirms you want to remove it before doing so. Note that
subsequent entries move up by one when you take this action.
Move
To change an entry’s position in the numbered list, select the method
and click
Move
to display a field to type a number for where you
want to put it and press [ENTER] to move the rule to the number
that you typed.
#
This is the index number of the service control rule.
The entry with a hyphen (-) instead of a number is the ZyWALL’s
(non-configurable) default policy. The ZyWALL applies this to traffic
that does not match any other configured rule. It is not an editable
rule. To apply other behavior, configure a rule that traffic will match
so the ZyWALL will not have to use the default policy.
Zone
This is the zone on the ZyWALL the user is allowed or denied to
access.
Address
This is the object name of the IP address(es) with which the
computer is allowed or denied to access.
Action
This displays whether the computer with the IP address specified
above can access the ZyWALL zone(s) configured in the
Zone
field
(
Accept
) or not (
Deny
).
Table 218
Configuration > System > WWW > Service Control (continued)
LABEL
DESCRIPTION
Page 694 / 944
Chapter 45 System
ZyWALL USG 50 User’s Guide
694
HTTP
Enable
Select the check box to allow or disallow the computer with the IP
address that matches the IP address(es) in the
Service Control
table to access the ZyWALL Web Configurator using HTTP
connections.
Server Port
You may change the server port number for a service if needed,
however you must use the same port number in order to use that
service to access the ZyWALL.
Admin/User
Service Control
Admin Service Control
specifies from which zones an administrator
can use HTTP to manage the ZyWALL (using the Web Configurator).
You can also specify the IP addresses from which the administrators
can manage the ZyWALL.
User Service Control
specifies from which zones a user can use
HTTP to log into the ZyWALL (to log into SSL VPN for example). You
can also specify the IP addresses from which the users can access
the ZyWALL.
Add
Click this to create a new entry. Select an entry and click
Add
to
create a new entry after the selected entry.
Edit
Double-click an entry or select it and click
Edit
to be able to modify
the entry’s settings.
Remove
To remove an entry, select it and click
Remove
. The ZyWALL
confirms you want to remove it before doing so. Note that
subsequent entries move up by one when you take this action.
Move
To change an entry’s position in the numbered list, select the method
and click
Move
to display a field to type a number for where you
want to put it and press [ENTER] to move the rule to the number
that you typed.
#
This is the index number of the service control rule.
The entry with a hyphen (-) instead of a number is the ZyWALL’s
(non-configurable) default policy. The ZyWALL applies this to traffic
that does not match any other configured rule. It is not an editable
rule. To apply other behavior, configure a rule that traffic will match
so the ZyWALL will not have to use the default policy.
Zone
This is the zone on the ZyWALL the user is allowed or denied to
access.
Address
This is the object name of the IP address(es) with which the
computer is allowed or denied to access.
Action
This displays whether the computer with the IP address specified
above can access the ZyWALL zone(s) configured in the
Zone
field
(
Accept
) or not (
Deny
).
Authentication
Client
Authentication
Method
Select a method the HTTPS or HTTP server uses to authenticate a
client.
You must have configured the authentication methods in the
Auth.
method
screen.
Table 218
Configuration > System > WWW > Service Control (continued)
LABEL
DESCRIPTION
Page 695 / 944
Chapter 45 System
ZyWALL USG 50 User’s Guide
695
45.6.5
Service Control Rules
Click
Add
or
Edit
in the
Service Control
table in a
WWW
,
SSH
,
Telnet
,
FTP
or
SNMP
screen to add a service control rule.
Figure 393
Configuration > System > Service Control Rule > Edit
The following table describes the labels in this screen.
45.6.6
Customizing the WWW Login Page
Click
Configuration > System > WWW > Login Page
to open the
Login Page
screen. Use this screen to customize the Web Configurator login screen. You can
Apply
Click
Apply
to save your changes back to the ZyWALL.
Reset
Click
Reset
to return the screen to its last-saved settings.
Table 218
Configuration > System > WWW > Service Control (continued)
LABEL
DESCRIPTION
Table 219
Configuration > System > Service Control Rule > Edit
LABEL
DESCRIPTION
Create new
Object
Use this to configure any new settings objects that you need to use in
this screen.
Address
Object
Select
ALL
to allow or deny any computer to communicate with the
ZyWALL using this service.
Select a predefined address object to just allow or deny the computer
with the IP address that you specified to access the ZyWALL using this
service.
Zone
Select
ALL
to allow or prevent any ZyWALL zones from being accessed
using this service.
Select a predefined ZyWALL zone on which a incoming service is allowed
or denied.
Action
Select
Accept
to allow the user to access the ZyWALL from the specified
computers.
Select
Deny
to block the user’s access to the ZyWALL from the specified
computers.
OK
Click
OK
to save your customized settings and exit this screen.
Cancel
Click
Cancel
to exit this screen without saving

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top