Page 931 / 944
Scroll up to view Page 926 - 930
Index
ZyWALL USG 50 User’s Guide
931
Internet Protocol Security, see IPSec
Internet Protocol (IP)
497
intrusions
host
510
network
511
Intrusion, Detection and Prevention see IDP
479
IP address
32
IP alias, see virtual interfaces
IP decoy portscan
526
IP distributed portscan
526
IP options
498
,
503
IP policy routing, see policy routes
IP pool
416
IP portscan
525
IP portsweep
526
IP protocols
605
and service objects
606
ICMP, see ICMP
TCP, see TCP
UDP, see UDP
IP security option
498
IP static routes, see static routes
IP stream identifier
498
IP v4 packet headers
497
IP (Internet Protocol)
497
IPSec
375
active protocol
383
AH
383
and certificates
378
authentication
384
basic troubleshooting
767
certificates
394
connections
378
connectivity check
384
encapsulation
383
encryption
384
ESP
383
established in two phases
376
local network
375
local policy
383
manual key
383
NetBIOS
382
peer
375
Perfect Forward Secrecy
384
PFS
384
phase 2 settings
383
policy enforcement
383
remote access
382
remote IPSec router
375
remote network
375
remote policy
383
replay detection
382
SA life time
383
SA monitor
191
SA see also IPSec SA
405
see also VPN
site-to-site with dynamic peer
382
static site-to-site
382
transport encapsulation
383
tunnel encapsulation
383
VPN gateway
378
IPSec SA
active protocol
405
and firewall
360
,
768
and to-ZyWALL firewall
768
authentication algorithms
399
,
400
authentication key (manual keys)
407
destination NAT for inbound traffic
409
encapsulation
406
encryption algorithms
400
encryption key (manual keys)
407
local policy
405
manual keys
407
NAT for inbound traffic
408
NAT for outbound traffic
408
Perfect Forward Secrecy (PFS)
406
proposal
406
remote policy
405
search by name
192
search by policy
192
Security Parameter Index (SPI) (manual
keys)
407
see also IPSec
see also VPN
source NAT for inbound traffic
409
source NAT for outbound traffic
408
status
191
transport mode
406
tunnel mode
406
when IKE SA is disconnected
405
IPSec VPN
configuration overview
102
prerequisites
100
,
102
see also IPSec
troubleshooting
767
tutorial
118
where used
102
Page 932 / 944
Index
ZyWALL USG 50 User’s Guide
932
IP/MAC binding
343
exempt list
347
monitor
181
static DHCP
346
ISP account
CHAP
657
CHAP/PAP
657
MPPE
657
MSCHAP
657
MSCHAP-V2
657
PAP
657
ISP accounts
655
and PPPoE/PPTP interfaces
231
,
655
authentication type
657
encryption method
657
stac compression
658
J
Java
554
permissions
43
JavaScripts
43
K
key pairs
633
L
LAN
interface
32
IP address
32
LAND attack
528
lastgood.conf
740
,
744
LDAP
617
and users
584
Base DN
620
Bind DN
620
,
623
directory
617
directory structure
619
Distinguished Name, see DN
DN
620
,
621
,
623
,
624
password
623
port
622
,
625
search time limit
623
SSL
623
user attributes
597
least load first load balancing
273
LED troubleshooting
759
legitimate e-mail
565
level-4 inspection
438
level-7 inspection
438
license
key
214
upgrading
214
licensing
209
Lightweight Directory Access Protocol, see
LDAP
load balancing
271
algorithms
273
,
278
least load first
273
round robin
279
see also trunks
271
session-oriented
273
spillover
274
tutorial
115
weighted round robin
274
local user database
619
log
troubleshooting
772
log messages
categories
730
,
733
,
734
,
735
debugging
206
regular
206
types of
206
log options
470
,
570
(IDP)
488
,
490
,
521
,
524
logged in users
166
login
custom page
695
default settings
775
SSL user
422
logo
troubleshooting
771
logo in SSL
418
logout
SSL user
428
Web Configurator
46
logs
and firewall
355
,
370
Page 933 / 944
Index
ZyWALL USG 50 User’s Guide
933
configuration overview
107
descriptions
783
e-mail profiles
725
e-mailing log messages
207
,
729
formats
727
log consolidation
730
settings
725
syslog servers
725
system
725
types of
725
loose source routing
498
M
MAC address
and VLAN
247
Ethernet interface
225
range
159
macro virus
477
mail sessions threshold
568
malware
545
managed web pages
543
management access
troubleshooting
771
Management Information Base (MIB)
716
,
717
managing bandwidth
439
manual key IPSec
383
MD5
400
memory usage
159
,
163
message bar
52
Message Digest 5, see MD5
messages
CLI
54
warning
52
metrics, see reports
Microsoft
Challenge-Handshake Authentication
Protocol Version 2 (MSCHAP-V2)
657
Challenge-Handshake Authentication
Protocol (MSCHAP)
657
Point-to-Point Encryption (MPPE)
657
model name
159
monitor
193
SA
191
monitor profile
ADP
518
IDP
486
MPPE (Microsoft Point-to-Point Encryption)
657
MSCHAP (Microsoft Challenge-Handshake
Authentication Protocol)
657
MSCHAP-V2 (Microsoft Challenge-Handshake
Authentication Protocol Version 2)
657
MTU
243
multiple slash encoding
530
multi-slash-encoding attack
530
mutation virus
477
My Certificates, see also certificates
637
MyDoom
511
myZyXEL.com
209
accounts, creating
209
and IDP
482
N
NAT
293
,
321
address mapping, see policy routes
ALG, see ALG
and address objects
290
and address objects (HOST)
325
and ALG
336
,
338
and firewall
366
and interfaces
325
and policy routes
282
,
289
and to-ZyWALL firewall
327
and VoIP pass through
338
and VPN
403
and VPN, see also VPN
configuration overview
99
limitations
294
loopback
327
port forwarding, see NAT
port translation, see NAT
port triggering
294
port triggering, see also policy routes
prerequisites
99
traversal
404
trigger port, see also policy routes
tutorial
143
,
146
NBNS
228
,
253
,
263
,
269
,
416
NetBIOS
Broadcast over IPSec
382
Page 934 / 944
Index
ZyWALL USG 50 User’s Guide
934
Name Server, see NBNS.
NetBIOS Name Server, see NBNS
NetMeeting
342
see also H.323
Netscape Navigator
43
network access mode
40
full tunnel
41
,
411
Network Address Translation, see NAT
network list, see SSL
416
network policy, see VPN connections
Network Time Protocol (NTP)
679
network-based intrusions
511
Nimda
511
Nmap
525
no IP options
498
No-IP
315
non-RFC
characters
530
defined-char attack
530
HTTP-delimiter attack
530
NSSA
300
O
object
end-point security
665
object-based configuration
87
objects
87
,
105
,
412
AAA server
617
addresses and address groups
599
authentication method
627
certificates
633
for configuration
87
introduction to
87
schedules
611
services and service groups
605
SSL application
659
users, user groups
583
obsolete-options attack
531
offset (patterns)
505
One-Time Password (OTP)
618
Online Certificate Status Protocol (OCSP)
653
vs CRL
653
Open Shortest Path First, see OSPF
order of feature application
91
OSI level-4
438
OSI level-7
438
OSI (Open System Interconnection)
479
,
483
OSPF
299
and Ethernet interfaces
222
and RIP
302
and static routes
302
and to-ZyWALL firewall
300
area 0
301
areas, see OSPF areas
authentication method
222
autonomous system (AS)
299
backbone
301
configuration steps
303
direction
222
link cost
222
priority
222
redistribute
302
redistribute type (cost)
304
,
305
routers, see OSPF routers
virtual links
302
vs RIP
297
,
299
OSPF areas
300
and Ethernet interfaces
222
backbone
300
Not So Stubby Area (NSSA)
300
stub areas
300
types of
300
OSPF routers
301
area border (ABR)
301
autonomous system boundary (ASBR)
302
backbone (BR)
302
backup designated (BDR)
302
designated (DR)
302
internal (IR)
301
link state advertisements
priority
302
types of
301
other documentation
3
OTP (One-Time Password)
618
outgoing bandwidth
243
oversize
chunk-encoding attack
530
len attack
531
offset attack
531
request-uri-directory attack
530
Page 935 / 944
Index
ZyWALL USG 50 User’s Guide
935
P
P2P (Peer-to-peer)
490
attacks
490
see also Peer-to-peer
packet
flow
91
inspection signatures
483
,
487
scan
464
statistics
170
,
172
packet capture
750
example
753
files
752
troubleshooting
773
packet captures
downloading files
752
padding
498
PAP (Password Authentication Protocol)
657
password
32
Password Authentication Protocol (PAP)
657
payload
option
504
size
505
Peanut Hull
315
Peer-to-peer (P2P)
490
calls
139
,
337
managing
437
Perfect Forward Secrecy (PFS)
384
Diffie-Hellman key group
406
performance
troubleshooting
763
,
764
,
765
Personal Identification Number code, see PIN
code
PFS (Perfect Forward Secrecy)
384
,
406
phishing
544
physical ports
and interfaces
88
packet statistics
170
,
172
PIN code
242
PIN generator
618
pointer record
685
Point-to-Point Protocol over Ethernet, see
PPPoE.
Point-to-Point Tunneling Protocol, see PPTP
policy enforcement in IPSec
383
policy route
troubleshooting
761
,
770
policy routes
282
actions
284
and address objects
288
and ALG
337
,
338
,
341
and HTTP redirect
332
and interfaces
289
and NAT
282
and schedules
288
,
451
,
454
,
457
,
460
and service objects
606
and trunks
272
,
289
and user groups
287
,
288
,
451
,
454
,
457
,
460
and users
287
,
288
,
451
,
454
,
457
,
460
and VoIP pass through
337
,
338
and VPN connections
289
,
767
bandwidth management
291
benefits
282
BWM
285
configuration overview
97
criteria
284
overriding direct routes
285
prerequisites
97
polymorphic virus
477
POP
POP2
566
POP3
566
pop-up windows
43
port forwarding, see NAT
port groups
109
,
216
,
219
port roles
218
and Ethernet interfaces
218
and physical ports
218
port scanning
525
port scan, filtered
526
port sweep
526
port translation, see NAT
port triggering
294
and firewall
290
,
765
and policy routes
290
and service groups
290
and services
290
troubleshooting
765
Post Office Protocol, see POP
566
power off
35
,
757
power on
35
PPP
270
troubleshooting
762
19216811.live