ZyXEL ZyWALL SSL 10 User's Manual
Contents
1. ZyWALL 443 7 2 ZyWALL SSL VPN ZyWALL SSL10 DSL web cepBep WWW ZyWALL web cepBepa VPN TyHHenb ZYWALL e https m a A SSL10 WWW2. Internet Explorer 5 5 Microsoft XML MSXML Internet Explorer 6 0 Netscape 7 2 Firefox 1 0 Mozilla 1 7 3 e Windows 2000 Professional Windows XP Home Professional Service Pack 2 Linux e Sun Java Virtual Machine JVM 1 4 2 07 Netscape Mozilla Firefox 1 4 2_02 Internet Explorer Linux e Java B Internet Explorer Ha c Windows 80 2 WAN LAN 10 100 ZyXEL ZyWALL SSL 10 INTEGRATED SSL VPN APPLIANCE o 5 lt 1 Ethernet WAN 2 Ethernet
3. 31 0 9 a z A 2 64 0 9 a z AK A LES 4 SSL VPN ZyWALL ZEH IP ZyWALL SSL VPN 5 Next 6 Activate SSL VPN License SSL VPN ES myZyXEL com ZyWALL 10 65 CT ZyWALL SSL VPN M ZyWALL UTM STEP1 Internet Access WAN IP Address Assigment IP Address Assigment Static My WAN IP Address My WAN IP Subnet Mask Gateway IP Address STEP1 Internet Access ISP Parameters for Internet Access Ethernet v WAN IP Address Assigment IP Address Assigment Static v My WAN IP Address My WAN IP Subnet Mask Gateway IP Address Encapsulation STEP2 Adding a User for default policy
4. IP anpec Web 5 1 Web koHcpurypaTop Object gt SSL Application Add 84 2 Web Application 3 Address http 192 168 1 200 4 Server Web Server 5 8080 80 Virtual Web Port
5. Next gt 54 7 F 7 7 7 7 1 E 9 Welcome to the ZyWALL SSL VPN Setup Wizard 18 A K Setup W Zard Y 7 geg SSL 10 Setup Wizard is not compatible with yo ently configured networking gt gt 1105 AN ou may go to the Advanced Network configuration to vake indivi jan eee king change n Y o r you may continue with this s ZyWALL Sst EM Se zard current network configuration will be lost The ard will c na W M this s policy already existed this wizard will o ove Heu its settin GC ZyWALL ed ie ZyWALL SSL VPN dev mye tada atom s DMZ a port tu a po Install on Gateway DMZ port DM Am E iam ic ZyWALL NAT SSL VPN Install as a New Gateway 2 ZyWALL ET
6. SSL 66 8 SSL Ok SSL cini SSL VPN ad 9 uides eg we ZyWALL SSL YPN SecuExtender IV allow Full Network Access VPN Remote Network List 6 sui ZyWALL WAN IP Status RAS 1 2 Web URL ZyWALL WAN IP 3 OK Yes 4 ww Login ZyWALL SSL 10 n 5 ZyWALL VPN
7. 3 69 SVENSKA Introduktion ZyWALL SSL 10 ar en SSL VPN gateway som later dig installera ett sakert fj rrn tverk och applikations tkomst utan f rinstallerad klientprogramvara Denna guide visar hur du ansluter och konfigurerar ZyWALL SSL10 s att en fj rranv ndare A kan fa tkomst till en webbserver WWW pa ditt lokala natverk via an SSL VPN anslutning Eventuellt behover du anslutningsinformationen for ditt Internet konto https e II A SSL10 WWW Konfigurationssted 1 Systemkrav 2 Inledande maskinvaruanslutning 3 Fa atkomst till webbkonfigurator 4 Konfigurera installationsguide 5 Skapa webblankar for enkel fjarratkomst 6 Testa fj rranv ndaranslutning fran Internet 7 Anvanda ZyWALL i ditt natverk 1 Systemkrav F ljande listar webbl sare och datorsystemkrav for fjarranvandarinloggning Internet Explorer 5 5 med Microsoft XML MSXML servicepaket installerat eller 6 0 och hogre Netscape 7 2 och hogre Firefox 1 0 och hogre Mozilla 1 7 3 och hogre Windows 2000 Professional Windows XP Home Professional med servicepaket 2 och h gre eller Linux Sun Java Virtual Machine JVM installerat med en minimiversion pa 1 4 2 07 for Netscape Mozilla Firefox och 1 4 2 02 for Internet Explorer och Linux datorer Java aktiverat i Internet Explorer pa Win
8. IP anpec ZyWALL 2 Web 6paysep B about blank Microsoft Internet Explorer 192 168 1 1 Fle Edt view Favorites Tools ZyWALL 4 Back gt 3 Asearh Ga Address 192 168 1 1 81 3 Yes 4 admin 1234 password Login 5 Yes 6 ZyWALL Setup Wizard 4 Setup Wizard Security Alert Security Alert Information you exchange with this site cannot be viewed or Any information you exchange
9. A SSL VPN Web WWW ZyWALL SSL10 d LL Il ES NE H SSL10 1 2 3Web 4 5 Web 6 1 ZyWALL 1 LEWTT Internet Explorer 5 5 Microsoft XML MSXML SP IE 6 0 Netscape 7 2 Firefox 1 0 Mozilla 1 7 3 Windows 2000 Professional Windows XP Home Professional SP2 Linux Netscape Mozilla Firefox Sun Java Virtual Machine JVM 1 4 2 07 Ilnternet Explorer Linux 1 4 2 02
10. 58 Continue El 8 ZyWALL VPN 9 Web Web Web ZyWALL er Ried Writing i in IR Wel Web Java Virtual Machine Sun Java Web Offline Installation
11. 61 GEI ZyWALL SSL 10 SSL VPN ZyWALL SSL10 A SSL VPN Web WWW EN https A S Internet A JJ SEES 1 2 3 4 B WS Im 5 Web 6 7 ZyWALL 1 Internet Explorer 5 5 Microsoft XML MSXML Service Pack Internet Explorer 6 0 Netscape 7 2 Firefox 1 0 Mozilla 1 7 3 Windows 2000 Professional Windows XP Home Professional Service Pack 2 Linux Sun Java Virtual Machine JVM H 1 4 2 07 Netscape Mozilla Firefox 1 4 2 02 Internet Explorer 5 Linux Windows Internet Explorer AA Java 62 2 ZyXEL i e ZyWAL
12. ee ZyWALL IP 7 vies TE ZyWALL Lu ad me ST Loa Internet Access ISP Parameters for Internet Access Encapsulation Ethernet e WAN IP Address Assigment IP Address Assigment Static My WAN IP Address My WAN IP Subnet Mask ZyWALL SSL VPN Gateway IP Address 3 H JL 5 Adding a User for default policy by using SSL VPN to access BE 31 0 9 az A 2 64 m cg cr rta sateen ur 0 9 a z A Z BS admin 55 4 ZyWALL SSL VPN IP mm 7 y REZA 7 TE gt provide remote din aces tres
13. Offline Installation ZyWALL e Job Request s The Admin page contains various reports the Job Request Form JI 7 ZyWALL ZyWALL 7 1 ZyWALL DMZ ZyWALL ZyWALL SSL10 web cepBep WWW GW Web cepBepy VPN TyHHenb 87 https m m SO ONT A ES ZyWALL
14. ZyWALL WAN IP Status 1 2 Web ZyWALL WAN IP URL 3 OK Ye 4 Login A ZyWALL seL 10 FAY ge 5 ZyWALL VPN 2 6 Sun Java Web Offline RM CE UM Installation n EM
15. LAN WAN E SU SSL VPN e SEN ZyWALL an HR BE e Next gt Date 1 f P EH Welcome to the ZyWALL SSL VPN Setup Wizard Setup Wi Za rd Ze s S The ZyWALL SSL 10 Setup Wizar d is not compatible with your currently configured networking ou may go to the Advanced Network sonfiquration to make individual networking changes e INR ER ZYWALL Er 9 SEHV configuration wil b be or Ned default IF ths ia ady Install on Gateway s DMZ port ZEE instal n Gateway s DMZ Port ZyWALL UTM I have ZyWALL or Ga is En I wou He to install my sud DMZ pg pau SSL VPN device on my existed Gateway s DMZ SJL SEA ZyWALL RAGE RARES EB NAT FH zx SSL VPN ENES gt Ins tal l as Lo a have n Gg o Gat one My ZyWALL ssi VPN device can be New Gateway ZAR LAN 22 PAC 2 ZyWALL LES SRE ZAR gt z Re ARE ZyWALL IP ax TE ZyWALL a gt 3 ETA een RSR be HAT 31 O 9 a z K A Z 64
16. F ZyWALL 1 ZyWALL ZyWALL 2 59 11 ZyWALL DMZ ZyWALL ZyWALL SSL10 Web WW GW Web N VPN https dub GW BS ZyWALL
17. ZyWALL ZyWALL ZyWALL 7 1 ZyWALL DMZ ZyWALL ZyWALL SSL10 Web WWW X GW EM Web Ra RAW VPN 68 f https m Bet ann lt n BB ps Ez 1 QU GW gt ES ZyWALL NAT HAS FORE D AV TCP 443 ZyWALL 7 2 ZyWALL SSL VPN ZyWALL SSLIO DSL Cable Web WWW ZyWALL 2 Web A GE VPN ZyWALL https cl gt J SSL10 1 www zyxel com 2 ZyXEL
18. F amp F cn GA gt 5 ROVE A o ZyWALL VPN IEEE EE ZyWALL SSL 10 Welcome to SSL 10 Enter User Name Pa ord and click to login ric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer able Javascript on your Browser Login Reset 6 AR EB DERE JVM u sg EAP Ri R F EN Sun Java ER pepicaton ie sharin HAGA Offline Installation HEAR oe EH o Ar Warning Fo e Error Occure d old v s to hay of J ofthis de site s marn not be fully fun netio nal ru lease go L Download J may n not be D ly fa najo nal if s Ge nstead of d 95 PAC 7 RR RS Continue Warnind Fo ante Bam ccure d Plea me ex as Wi Bee ny com instead of IP Addre sex oh VA ZIA order to be fu ily functi 8 EUR AE ZyWALL VPN SC 9 ml SAT gt RATE NE Rate Ne gt Web alee asi ZyWALL 89228 FRESSEN ENTER
19. VPN coenuHeHue C User Names TTT ZyWALL MR en P max 30 alphanumeric printable characters and n I am connecting via my own computer C Iam connecting via Public computer D Note Please enable Javascript on your Browser Login Reset 6 o 13 1 Java Virtual S Machine JVM Ha E Ha web Sun Java ge A Because of the the site may not be fully functional Y you wish to update your browser s java version please go to URL Download JVM Port based reverse proxy may not be fully functional if Sloe cies is Offline Installation accessed using ip address instead of domain name Warning A 7 1j P Continue ee Warning Following Error Occured Please use Domain Name ex http sslvpn yourcompany com instead of IP Address ex http 1 2 3 4 to access this site in order to be fully functional Continue 8 B
20. The Admin page contains various reports the Job Request Foi Web Java Virtual Machine JVM Sun Java Aus gt Offline Installation Bele PER ES gt AZ REL EGRE S ZyWALL 7 ZyWALL ZyWALL 96 7 1 ARE R ZyWALL DMZ Ha gt m ZyWALL EJIRE NEREO ZyWALL SSL10 EH Web WWW ar GW BETEN Web falas RE mie VPN HIE ASH ACE RE gt https N A I LOS ou ZyWALL Fre ER NAT ER gt EE ASE TCP 443 ZyWALL Sn DU EE EURE RSE mo 7 2 ERIE ES ZyWALL REBANE SSL VPN ZyWALL SSL10 DSL Cable Web WWW ZyWALL Web
21. Windows Java Internet Explorer 52 Og a T1 1 Ethernet WAN 2 Ethernet LAN 3 POWER 12V LED PWR LED SYS LED WAN LAN LED LED 3 Web LAN Web ZyWALL Internet Explorer 6 0 Netscape 7 0 1
22. ZyWALL IP 2 Web FT about blank 7 Microsoft Internet Explorer 192 168 1 1 ZyWALL LAN IP Se ss e peste een ie ee MERO UE Address 192 168 1 1 93 3 lt gt 1 You are about to view pages o 5 a T OK Y e S d L amp 4 I D 4 m d Information you exchange with this site cannot be viewed or um D Ary information you exchange changed by others However there is a problem with the site s wed by anyone else on the security certificate 3 gt L O In the future do not show t Sy The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to trust the certifying authority The security certificate date is valid The name on the security certificate is invalid or does not match the name of the site Do you want to proceed 3 No View Certificate 4 admin 1234 LEF Login
23. ZyWALL 56 IP s Web 1 5 Web Web Web 1 Web 0Object gt SSL Application SSL LEF Add 74 2 Web Application Web RL Service Nam 3 Address L
24. 1 Ha web caMT www zyxel ru 2 ZyXEL 3 88 89 ZyWALL SSL 10 SSL VPN Bias gt 95787 2 DITA ZEITEN AZ AXE ZyWALL SSL10 gt 2 SSL VPN 61 EA Web Res WWW gt aie RAA ARR EX CH gt ge https Fa e e A JJ SSL10 RIESI ER 1 2 FRERE 3 OG PT TBI 4 BEXEHYAETHSE 5 fr up AMENA Web 6 EL ERE ER THU iac A RER 7 ZyWALL 1 DA FIER m AGA A 952 gt Internet Explorer 5 5 Microsoft XML MSXML Service Pack Internet Explorer 6 0 Netscape 7 2 Firefox 1 0 Mozilla 1 7 3 Windows 2000 Professional gt Windows XP Home Professional 2 Service Pack 2 DI Linux lt Sun Java Virtual Machine JVM H 1 4 2 07 Netscape Mozilla Firefox 1 4 2 02 Internet Explorer fil Linux Windows Internet Explorer
25. A SORTE N E VPN ZyWALL https WWW m O d A SSL10 Am BE E 1 www zyxel com 2 ZyXEL gt 3 A eH e e 97
26. Receive 195 MAIRE ZyWALL 86 9 ZyWALL Denen emeng o chuical W in B s enini 2 B Java Virtual Machine JVM Sun Java
27. ZyWALL IP 5 Web Web BER 1 ii Object gt SSL Application gt SSL Add Al 2 Web Application Web Service Name FR Mo s hi e fm NK 3 Address penser mum lll http 192 168 1 200 e i gt E os Optional 4 Server Type Web E e n Server Web 5 8080 80 Virtual Web Port Web 6 Ok 7 SSL Hi Edit
28. LAN 3 POWER 12V PWR SYS WAN LAN lt 3 Web koHcpurypaTop LAN ZyWALL Internet Explorer 6 0 Netscape 7 0 1
29. SSL ZyWALL SSL10 web cepBepy WWW VPN coenuHeHue 551 https e a NE A SSL10 1 2 3 Web koHcburypatopy 4 5 6 7 ZyWALL 1
30. TCP 443 ZyWALL 7 2 SSL VPN ZyWALL ZyWALL SSL10 DSL Web WWW ZyWALL Web A VPN ZyWALL https N E SN 2 ww A SSL10 WWW 60 1 www zyxel com 2 ZyXEL 3
31. Yes Information you exchange with this site cannot be viewed or cl anged by others However there is a problem with the site s viewer security certificate In the future do not show The security certificate was issued by a not chosen ta trust View the certificate company you hi to determi you want to trust the certifying authority ou have ine whether security certificate date is valid A The name on the security certificate is invalid or does not match the name of the site 63 4 admin 1234 Login ZyWALL SSL 10 5 AR EAN SE HAr Hilf Yes My H assword max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer 6 ZyWALL T Setup Wi zard n o Please select wizard or advanced mode us Sa tup Wizard walks um Uo ugh the e most c u uration ngs We uode st Yo this mode if ki the fr tim ime Ms ost aur devics r if yo sed to make basic configuratio Use advanced mode if you need access to more advanced features no included in pe mode rd Pe ard is designed for first time users that will help you quickly Wee e
32. 5 Yes max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer Q Note Please enable Javascript on your Browser Login Reset 6 ZyWALL SetUD W zard 7 Please select wizard or advanced mode bus Se tu qa Wizard Wee syo amro ugh ue most common configuration ngs We sugges e this if it is the first time you are settin J mi our device or if S N need to sake asic configuration changes mode if you need access to more advanced features no Use advanced mo included in wizard mode 4 Setup Wiz rd The wizard is designed for first time users that will help you quickly onfigure ZyWALL SSL 10 Advanced Setup The adva ced setup is designed for nced user that can directly make iSdividualin working chai gae 4 LAN WAN SSL VPN ZyWALL ZyWALL
33. Se possibile accedere alla pagina Web Sa lo ZyWALL e stato correttamente ee configurato Consultare la guida em echnical Writing i iN PEVAC Wel dell utente per le informazioni sulla 2 ie configurazione avanzata Assicurarsi di utilizzare un browser con le impostazioni specificate in Requisiti di sistema Se viene richiesto di installare o aggiornare la JVM Java Virtual Machine fare clic sul link per accedere al sito Web del software Sun Java e scaricare il software tramite l opzione Offline Installation installazione offline oe non e possibile accedere alla schermata dell utente remoto verificare di aver correttamente eseguito la registrazione dello ZyWALL 7 Implementazione dello ZyWALL nella propria rete Lo ZyWALL puo essere installato in due modi dietro un gateway o come nuovo gateway 49 ITALIANO 7 1 Dietro un gateway Non e possibile collegare lo ZyWALL a un gateway esistente sulla rete Se il gateway e dotato di una porta DMZ collegare lo ZyWALL a tale porta per avere maggiore protezione Nella figura che segue viene mostrato un esempio di rete in cui lo ZyWALL SSL10 e il server Web WWW sono collegati a un gateway GW Per accedere al server Web il traffico proveniente dall utente remoto A deve passare attraverso il tunnel VPN e passare i controlli di sicurezza sul gateway https m m Ca A 2 77 SSL10 ES Se lo ZyWALL si trova dietro un firewall o un router NAT n
34. ENGLISH 3 If you see a security or warning screen click OK or Yes to continue E i You are about to view pages o My Information you exchange with this site cannot be viewed or Any information you ex change changed by others However there is a problem with the site s viewed by anyone else on the security certificate Inthe future do not show t Sy The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to trust the certifying authority o The security certificate date is valid The name on the security certificate is invalid or does not match the name of the site Do you want to proceed 4 The login screen displays Enter admin as the user name and 1234 as the password For initial setup leave the One Time Password field blank aa MES Waleo ome yix JE as Se Ee and click Login ter User Name Password and dick to login 5 If another certificate screen displays click Yes to continue EE I am connecting via my own computer C Iam connecting via Public computer Q Note Please enable Javascript on your Browser 6 This is the first time that you log into the ZyWALL The initial main screen displays as shown ick Setup Wizard Please select wizard or advanced mode bus Se tu qa Wizard Wee syo amro ugh the most common configuration ngs We sugges e this ifitis the first time you are setting mi vo r device or if S N e sake s
35. ZyWALL VPN Welcome to the ZyWALL SSL Setup Wizard The ZyWALL SSL 10 Setup Wizard is not compatible with your currently configured networking settings You may go to the Advanced Network configuration to make individual networking changes Or you may continue with this ZyWALL SSL 10 Setup Wizard but your current network configuration will be lost The wizard will create a policy named default If this policy already existed this wizard will overwrite its setting Install on Gateway s DMZ Port ZyWALL UTM DMZ LL WAN I have ZyWALL Gateway I would like to install my KR ZyWALL SSL VPN device on my existed Gateway s DMZ F port ZyWALL SSL VPN C Install as New Gateway Internet ZyWALL SSL VPN ZyWALL SSL VPN za x ZyWALL UTM I have no Gateway My ZyWALL SSL VPN device can be ER Gateway and provide SSL VPN features STEP1 Internet Access WAN IP Address Assigment IP Address Assigment Static My WAN IP Address A My IP Subnet Mask Gateway IP Address sii a Optional First DNS Server Second DNS Server STEP1 Internet Access ISP Parameters for Internet Access Encapsulation Ethernet WAN IP Address Assigment IP Address Assigment Static My WAN IP Address My WAN IP Subnet Mask Gateway IP Address Optional First DNS
36. Java 90 PAC 2 FIG ZyXEL ZyWALL SSL 10 INTEGRATED SSL VPN APPLIANCE CONSOLE R RESET E 1 WAN op 2 ERZIEHER LAN H HH 3 BE LSS AT II ee ee RIE ERI POWER 12V iH ete BEA FCR gt LED FAIRE gt PWR LED SYS LED gt BUDD Bere TEME Re eee URGE BAA ENEA gt WAN LAN LED F RI S TE e FORE H ER et 3 am cha PAJA ER gt X LAN i 6 0 Netscape 7 0 1 TERO EK ORERE R9 eZ 2 Fenn ARE 192 168 1 1 ZyWALL LAN IP gt 3 Net Yes 7 WEE 91 ZyWALL IP e gt RR ETE E THE niil Hir gt ZyWALL Internet 2 about blank Microsoft Internet Explorer File Edit View Favorites Tools Help bak amp Address 192 168 1 1 Security Alert D You Information you exchange with this si ot be viewed or Any information you exchan
37. I am connecting via my own computer C Iam connecting via Public computer nable Javascript on your Browser Login Reset 6 Anm ERA ZX JVM ER Sun Java es Offline Installation Warning e enen Error Occure d old v s to hav of J Tno tele he ito emayn not be fully fu io nal Ty 67 7 Continue 8 ZyWALL VPN 9 Web ZyWALL Wd Web ux HJ WR bt UREN ER RES ZX Java Virtual Machine JVM Sun Java Offline Installation
38. mio US ZyWALL SSL VPN eonmye Gin s DMZ ort Instalar en el puerto DMZ de la puerta de enlace si desea conectar el ZyWALL a una puerta de enlace en su red My ZyWALL SSL VPN device be ZyWALL SSL VPN I have no Gat az Gateway and provide SSL VPN feat Seleccione Install as a New Gateway Insta lar como puerta de enlace nueva si desea configurar el ZyWALL como router NAT y como puerta de enlace SSL VPN en su red 2 Si instala el ZyWALL detr s de otra puerta de enlace ajuste la configuraci n IP del Ee ZyWALL en la primera pantalla del asistente a a mer E Si instala el ZyWALL como una nueva puerta Lex de enlace ajuste la configuraci n de Internet T_ en la primera pantalla del asistente ni Internet Access ISP Parameters for Internet Access Encapsulation Ethernet WAN IP Address Assigment IP Address Assigment Static My WAN IP Address My WAN IP Subnet Mask pe ZYWALL SSL VPN Gateway IP Address 3 Cree una nueva cuenta de usuario remoto STEP2 pa ra pe rm iti r q U e U n U S U a ri O re moto acced a E Adding a User for default policy by using SSL VPN to access here a su red local Escriba un nico nombre de usuario hasta 31 caracteres utilizando O 9 a z A Z y una contrase a hasta 64 you have created users already ond don t want to add new user caracteres utilizando 0 9 a z A Z sn Ran se LS No puede utilizar la cuenta
39. 1 Utilizzare un cavo Ethernet per collegare la porta WAN a un modem broadband o a un gateway 2 Utilizzare un cavo Ethernet per collegare un computer di gestione a una porta LAN 3 Utilizzare l alimentatore fornito a corredo per collegare la porta POWER 12V situata sul pannello posteriore a una sorgente di alimentazione Dopo aver collegato l alimentazione e acceso l unit controllare lo stato dei LED Il LED PWR si accende Il LED SYS lampeggia mentre viene eseguito il test del sistema e quindi resta acceso in caso di test riuscito Quando le porte corrispondenti vengono collegate LED WAN LANSsi accendono e oe quando viene collegata l alimentazione non si accende alcun LED controllare i collegamenti delle porte e verificare che l unit sia accesa 3 Accesso allo strumento di configurazione Web Attenersi alla procedura seguente per eseguire il login dallo strumento di configurazione Web tramite una porta LAN e configurare lo ZyWALL necessario utilizzare Internet Explorer 6 0 Netscape 7 0 o versioni successive 1 Verificare che il computer sia configurato per ricevere un indirizzo IP dallo ZyWALL 2 Avviare il browser Immettere l indirizzo RN k BGGa 192 168 1 1 l indirizzo IP LAN predefinito dello File Edit View inimi TN Help ZyWALL Back f 9 B al Search Gal Address 192 168 1 1 43 ITALIANO Security Alert Information you exchange with this site cannot be viewed or changed by erg How
40. 0 9 a z e A Z e una password lunga massimo 64 caratteri tra quelli consentiti 0 9 a z e A Z BS Non possibile utilizzare l account admin per accedere alle risorse della rete 45 Welcome to the ZyWALL SSL VPN Setup Wizard The WAM SSL 10 Setup Wizard is not compatible with your c ngs may go to the Advanced Network configuration to vake in Or yo ay continue with this Zy WALL SSL 10 Setu eate po Install on Gateway s DMZ Port ZyWALL UTM Ihave ZyWALL or Ga hd ZyWALL SSL VPN dev ort C Install as New Gateway ZyWALL SSL VPN I have no Gat uay My ZyWALL SSL VPN device can be aa Gateway and provide SSL VPN feat STEP1 ently configured networking Widi an Sech Ger a nge yo ork efault UT this ONG Mi ady CRE to TaT my existed G tew s DMZ Internet Access WAN IP Address Assigment IP Address Assigment My WAN IP Address My WAN IP Subnet Mask Gateway IP Address gt STEP1 Internet Access ISP Parameters for Intern et Access Encapsulation Ethernet WAN IP Address Assigment IP Address Assigment Static My WAN IP Address ZyWALL SSL VPN Gateway IP Address STEP2 My WAN IP Subnet Mask Adding a User for default policy by using SSL VPN to access alre a xs ae wan os add new user ha u have created u uc skip this step to kee n the default ITALIANO 4 Specificare l indirizzo IP e la maschera di I n subnet della rete locale dietro
41. Install as New Gateway 2 ZyWALL IP ZyWALL ZyWALL 3 31 0 9 a z A Z 64 0 9 a z A Z LS 4 IP anpec 3a ZyWALL SSL VPN
42. detta avsnitt beskrivs hur du specificerar en webbaserad applikation och skapar webblankar pa fjarranvandarskarmen 1 Logga in i webbkonfiguratorn som administrator och klicka pa Object gt SSL Application objekt SSL applikation Klicka pa ikonen Add l gg till 2 Skapa en webbapplikation och ange ett beskrivande namn i faltet Service Name tjanstenamn 3 Ange serveradress i faltet Address address Till exempel http 192 168 1 200 4 V lj Web Server webbserver i faltet Server Type servertyp 5 Om du anvander ett icke standard portnummer t ex 8080 i st llet for 80 ange detta nummer i faltet Virtual Web Port virtuell webbport 6 Klicka pa OK for att spara installningarna 7 Klicka pa SSL i navigationspanelen och klicka pa ikonen Edit redigera for att konfigurera den standard SSL policy som du skapade med hjalp av installationsguiden 15 SVENSKA 8 P konfigurationssk rmen som visas ska du SE valja namnet pa den SSL applikation som du Poly Name just skapat och klicka pa OK f r att spara WE installningarna SSL Application Detta tillampar applikationsinstallningen pa SSL SSL Application List policyn och l ter fj rranv ndaren f tkomst till servern ver en SSL VPN anslutning 9 Kontrollera att servern r r tt konfigurerad och ZYWALL SSL VPN SecuExtender ansluten till det lokala n tverket Alow Full Network Aces VPN Remote Network List Endpoint Private IP Po
43. un PS If the ZyWALL is behind a firewall or NAT router you must configure the device to allow connection to the ZyWALL on TCP port 443 You can do this using port forwarding or a firewall rule 7 2 As a Gateway If you do not already have a gateway on your network you can set up the ZyWALL as a gateway with SSL VPN access The following figure shows a network example where the ZyWALL SSL10 is connected to a DSL cable modem for Internet access and the web server WWW is connected to the ZyWALL To access the web server traffic from the remote user A is sent through the VPN tunnel For security you can configure access control and end point control policies on the ZyWALL e https m nen A SSL10 WWW Procedure to View a Product s Certification s 1 Go to www zyxel com 2 Select your product from the drop down list box on the ZyXEL home page to go to that product s page 3 Select the certification you wish to view from this page 10 ENGLISH 11 DEUTSCH Einfuhrung Das ZyWALL SSL 10 ist ein SSL VPN Gateway mit dem Sie sichere Remote Netzwerke und Programmzugriffe einrichten k nnen ohne zuvor eine Client Software installieren zu m ssen In dieser Anleitung wird beschrieben wie Sie das ZyWALL SSL10 installieren und konfigurieren m ssen damit ein Remote Benutzer A in Ihrem lokalen Netzwerk ber eine SSL VPN Verbindung auf einen Web Server WWW zugreifen kann Halten
44. 0 9 a z A Z 25 HEH a hc A 4 SSL VPN ZyWALL IP IP ZyWALLe SSL VPN XEUUR 5 HF Next P Tele 6 Activate SSL VPN License 5 SSL VPN ES myZyXEL com WRR ZyWALL weft 10 93 STEP1 Internet Access WAN IP Address Assigment IP Address Assigment My WAN IP Address My WAN IP Subnet Mask Gateway IP Address gt STEP1 Internet Access ISP Parameters for Internet Access Encapsulation WAN IP Address Assigment IP Address Assigment Static My WAN IP Address My WAN IP Subnet Mask Gateway IP Address STEP2 Adding a User for default policy by using SSL VPN to access sud nado Denan ie adain cha ted u alre skip this res n the detal ult STEP3 SSL VPN Network Settings VPN Network Enter the IP addre ei da ch stake on ch yo TUM MIS IBN to provide remote clients s to reso r local network VPN Network IP Address 192 1
45. Virus IDP inspection to SSL VPN traffic The Zy WALL UTM should activate and enable Anti Virus IDP first IP Address y E Q Note gt If you have no UTM installed you can skip this step ZyWALL UTM PS 10 ZyWALL Ha web caMTe myZyXEL com amp 7 i ETT Ha myZyXEL com Activate SSL VPN License Finished GE E EMEN QU OF ES 8 ARE mt C lose ne Check you can click to check if username exists Confirm Password E Mail Address Country Code lt Back e a ZyWALL
46. Yes ja for att forts tta gi Information you exchange with this site cannot be viewed or Any information E ex gag A changed by others However there is a problem with the site s viewed by anyone else on the security certificate Inthe future do not show t Sy The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to trust the certifying authority o The security certificate date is valid The name on the security certificate is invalid or does not match the name of the site Do you want to proceed 4 Inloggningssk rmen visas Ange admin som anv ndarnamn och 1234 som l senord Klicka p Login inloggning ee Saar SSL 10 ord and click to login 5 Om en annan certifikatsk rm visas klicka pa Yes ja f r att forts tta max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer Q Note Please enable Javascript on your Browser Login Reset 6 Detta galler forsta gangen du logger in i ZyWALL Den inledande huvudskarmen visas enligt exemplet naine M o bus ca tup Wizard Wee ivo u thro ugh the most common configuration 4 Klicka pa Setup Wiza rd installationsgu ide e ou gs We su Or if you SAN nee pope s SE the frst time you are SS Use advanced mode if you need access to more advanced features no included in wizard mode Qe Setup Wiza
47. ZyWALL SSL 10 Advanced Setup The advanced setup is designed for experienced user that can dire make individual networking changes 4 W LAN WAN SSL VPN ZyWALL Ta RRR SU I SP BER E Rech Next gt C Br XP Bf 1 JL nu EL Welcome to the ZyWALL SSL VPN Setup Wizard Setup Wi zard Da BEL n wT ye SE SSL 10 Setup Wizard is not compatible with yo ently configured networking WIRE ZyWALL EE oe on Gateway S DMZ port UR lt Mer as ihe e ZyWALL o usar I wou Sr to install my DMZ D OE eq ANN 1 ZyWALL SSL VPN devio on my existed Gateway s DMZ ZyWALL NAT PR SSL VPN RIA Install as a WS Cap Gen Sue SEN GE SS VPN device can be New Gateway LAN 64 2 WARE ZyWALL ZyWALL IP ZyWALL 3
48. by using SSL VPN to access created users already and don t want to add new user now you can skip this step to keep users no change in the default STEP3 SSL VPN Network Settings VPN Network Enter the IP address of the trusted network to which you would like to provide remote clients access ources on your local network cess to resour VPN Network IP Address 192 168 1 0 Subnet Mask 255 255 255 0 Remote Users IP Add Pool The IP range defines the IP address pool from which addresses will be assigned to remote users during SSL VPN sessions The range must not overlap or collide with any assigned addresses IP Address Range Begin IP Address Range End STEP4 Anti Virus IDP Integration with ZyWALL UTM ZyWALL UTM IP Address IP address of the Zy WALL UTM to which you would like to provide P inspection to SSL VPN traffic The Zy WALL UTM should d 1 t te and enable Anti Virus IDP firs e ou have no UTM installed you can skip this step 7 myZyXEL com H i Fini shed i E is device is not registered to myZyXEL co ter infor lease ect new EURE com secur belon meen please go to www myZyXEL com for help 8 FE Close new C existing myZyXEL
49. de administrador para acceder a los recursos de red 25 ESPANOL 4 Especifique la direcci n IP y mascara de I n subred de una red local detras del ZyWALL a EN c n la que desee permitir el acceso SSL VPN rode remit ars user testo on your rl ee Especifique el rango de direcciones IP D La privadas para asignar a los usuarios remotos y sents eames sr during SSL VEN session The rage mu not Be x ord IP Address Range Begin al ZyWALL Esto se utiliza para establecer una ie conexi n SSL VPN y permitir que los usuarios remotos accedan a los recursos como si estuvieran en la red local 5 Haga clic en Next Siguiente para continuar 6 Compruebe la configuraci n de red en la siguiente pantalla del asistente y haga clic rnnt en Activate SSL VPN License Activar KC ae taper Sin Ne licencia SSL VPN IP Addre TEES Q Note e If you have no UTM installed you can ski ZyWALL UTM a PS Debe registrar su ZyWALL en myZyXEL com para permitir que hasta 10 usuarios remotos puedan acceder al mismo tiempo 7 Siga las instrucciones en pantalla para introducir la informacion de la cuenta en See myZyXEL com haga clic Finished DES ton Finalizar para completar el asistente para la instalacion e iniciar el proceso de registro 8 Tras completar el proceso haga clic en Close Cerrar SE lt Back E Si falla el registro del dispositivo compruebe
50. ein zweites Netzwerksymbol angezeigt Dieses zeigt an dass zwischen dem Computer und dem ZyWALL eine Verbindung besteht 9 Das Remote Benutzerfenster wird d ug angezeigt Klicken Sie auf einen Link CS um die entsprechende Website aufzurufen Wenn Sie die Adresse der Website kennen k nnen Sie auch einfach ein neues Browserfenster Offnen und diese Adresse eingeben Das ZyWALL ist richtig installiert wenn Eeer Sie Zugriff auf die Website haben Weitere weet ee Informationen ber die erweiterte reme chyical Writing i iN D ae Konfiguration finden Sie im See OAM e Job Request The Admin page contains various reports the Job Request Form ORF and Source File Reques Benutzerhandbuch E Stellen Sie sicher dass der Internetbrowser die unter oystemvoraussetzungen aufgef hrten Anforderungen erf llt Wenn Sie dazu aufgefordert werden Java Virtual Machine JVM zu installieren oder aktualisieren klicken Sie auf die Verkn pfung um die 19 DEUTSCH Website von Sun Java aufzurufen und dort die Software mit der Option Offline Installation Offline installieren herunterzuladen Wenn Sie das Remote Benutzerfenster nicht aufrufen k nnen pr fen Sie ob die ZyWALL erfolgreich registriert wurde 7 Benutzen der ZyWALL im Netzwerk Sie k nnen den ZyWALL auf zwei Arten benutzen hinter einem Gateway oder als ein neues Gateway 7 1 Hinter einem Gateway Sie k nnen den ZyWALL an ein vorhandene
51. for uppratta en SSL VPN gt anslutning och lata fjarranvandare fa atkomst till resurser pa samma satt som om de befann sig i det lokala natverket 5 Klicka pa Next n sta for att fortsatta 6 Kontrollera natverksinstallningarna pa nasta guideskarm och klicka pa Activate Ss i REDNER SSL VPN License aktivera SSL VPN ae Po op epecon to SSL VPN vai The ZYWALL UTM shoud licens wg Q Note e If you have no UTM installed you can ski ZyWALL UTM a BS Du maste registrera din ZyWALL pa myZyXEL com for att gora det mojligt for upp till 10 fjarranvandare att fa tkomst samtidigt 7 F lj instruktionerna pa skarmen for att ange myZyXEL com kontoinformation och klicka pa Pen License Finished slutf rd f r att slutf ra 2 SE E Pe installationsguiden och starta please qu to mm ZYXEL com for help registreringsprocessen 8 Nar processen ar slutford klicka pa Close stang ua lt Back Om enhetsregistreringen misslyckades kontrollera att du har angett ratt kontoinformation och att ZyWALL kan ansluta till Internet 74 SVENSKA Nu kan du logga in som fj rranv ndare med det anv ndarkonto du just skapade Du kan f atkomst till valfri resurs i det lokala natverket med anvandning av IP adress eller dom nnamn Om du vill kan du skapa l nkar for fjarranvandarskarmen som till ter atkomst med ett klick till webbaserade applikationer 5 Skapa webblankar for enkel fjarratkomst
52. gt dp IR Service Name ATE A TH 3 Address EE ARAS AYALA http 192 168 1 200 e 4 Server Type 5 Web Server Web OD s 5 8080 E 80 gt S Virtual Web Port Web fA gt 6 Ok 7 SSL Biz F Edit BEIT Tease SSL 94 HS 8 SSL HE Ok SSL HOA SSL VPN ei SSL Application List 9 Henle ase IE MENT H ASSE RE EE ZyWALL SSL YPN SecuExtender IV allow Full Network Access VPN Remote Network List MA P AER DA NIE i f VRAT iB ZyWALL AY WAN IP Status EHEN 1 JEFES D ZH P MIA gt 2 Web GIS zs ZC URL ZyWALL WAN IP 3 OK BK Yes 4 AT BEAT gt hey A soe ne HR Ca RTE SE PTE LAN
53. les informations concernant la configuration avanc e 202 I jFovortes f 1172 23 wem schuical Wet i iN aies Wel Twidmn in the r ation panel on the left e Job Request The Admin page quest Form ORF and Source File Reques 2 Assurez vous que vous utilisez un navigateur web avec les param tres sp cifi s dans Configuration requise Si vous tes invit installer ou mettre niveau Java Virtual Machine JVM cliquez sur le lien pour acc der au site web du logiciel Sun Java et 39 FRAN AIS t l chargez le logiciel en utilisant l option Offline Installation Installation hors connexion Si vous ne pouvez pas acc der l cran de l utilisateur distant v rifiez que vous avez correctement enregistr votre ZyWALL 7 Deployez le ZyWALL dans votre r seau Vous pouvez d ployer le ZyWALL de l une des deux mani res suivantes derri re une passerelle ou comme nouvelle passerelle 7 1 Derri re une passerelle Vous pouvez connecter leZyWALL une passerelle existante sur votre r seau Si la passerelle comporte un port DMZ connectez le ZyWALL ce port pour plus de s curit La figure suivante vous donne un exemple de r seau o le ZyWALL SSL10 et le serveur web WWW sont connect s la passerelle GW Pour acc der au serveur web le trafic provenant de l utilisateur distant A doit passer par le tunnel VPN et passer les contr les de s curit su
54. lo ZyWALL a S ue md cui si desidera consentire l accesso SSL VPN oe ete cn as esse your sl ee Specificare l intervallo di indirizzi IP privati da a assegnare agli utenti remoti e allo ZyWALL I sents mee users dura SSL VEN seine The range must ili Wh Be x ord IP Address Range Begin Utilizzato per stabilire una connessione SSL A VPN e consentire agli utenti remoti di accedere alle risorse come se si trovassero sulla rete locale 5 Fare clic su Next successivo per continuare 6 Controllare le impostazioni di rete nella schermata successiva della procedura ii guidata e fare clic su Activate SSL VPN im inspection to SSL VPN traffic The ZYWALL UTM should License attiva licenza SSL VPN 2 5 Q Note e If you have no UTM installed you can ski ZyWALL UTM a LES necessario registrare lo ZyWALL su myZyXEL com per consentire a un massimo di 10 utenti remoti di accedere contemporaneamente 7 Seguire le istruzioni visualizzate a schermo per immettere le informazioni sull account Besser myZyXEL com e fare clic su Finished fine A E LL o Pe per completare la configurazione guidata e please go to n o f r help avviare il processo di registrazione 8 Una volta completato il processo fare clic su Close chiudi E lt Back Se la registrazione del dispositivo riesce verificare di aver immesso correttamente le informazioni sull account e che lo ZyWALL p
55. si ha introducido correctamente la informaci n de la cuenta y si el ZyWALL puede acceder a Internet 26 ESPANOL Ahora puede acceder como usuario remoto con la cuenta de usuario que acaba de crear Puede acceder a cualquier recurso en la red local utilizando la direcci n IP o nombre de dominio Opcionalmente puede crear enlaces para la pantalla del usuario remoto y asi permitir el acceso con un clic a las aplicaciones basadas en web 5 Crear enlaces Web para un acceso remoto facil Esta seccion le muestra c mo especificar una aplicaci n basada en web y crear enlaces web en la pantalla del usuario remoto 1 Acceda al configurador web como administrador y haga clic en Object Objeto gt SSL Application Aplicaci n SSL Haga clic en el icono Add Agregar 2 Cree una Web Application Aplicaci n web y escriba un nombre descriptivo en el campo n Service Nombre del servicio Add Web Application D y D e eForm 3 En el campo Address Direcci n escriba la E rz ex http 192 168 1 1 or https 192 168 1 1 direcci n del servidor Por ejemplo http bos optional 192 168 1 200 es E ote You need to allow this port on your network nly IE Mozilla and Netscape browser 4 Seleccione Web Server Servidor web en el campo Server Type Tipo de servidor corea 5 Si utiliza un numero de puerto no estandar por ejemplo 8080 en lugar de 80 escribalo en el campo Vi
56. to specify a web based application and create web links on the remote user screen 1 Log into the web configurator as an administrator and click Object gt SSL Application Click the Add icon ENGLISH 2 Create a Web Application and enter a descriptive name in the Service Name field 3 In the Address field enter the address of the server For example http 192 168 1 200 4 Select Web Server in the Server Type field 5 If you use a non standard port number for example 8080 instead of 80 enteritin the Virtual Web Port field 6 Click Ok to save the settings 7 Click SSL in the navigation panel and click the Edit icon to configure the default SSL policy you created using the setup wizard 8 In the configuration screen that displays select the name of the SSL application you have just created and click Ok to save the settings This applies the application setting to the SSL policy and allows the remote user to access the server over an SSL VPN connection 9 Make sure the server is configured properly and connected to the local network 6 Test Remote User Connection From the Internet Follow the steps below to access the local network as a remote user from the Internet You must know the WAN IP address of the ZyWALL get this information in the Status screen 1 Connect your computer to a network outside your company firewall 2 Open your web browser and enter the WAN IP address of the ZyWALL as the U
57. usuario y contrasefia de la cuenta del usuario remoto creada con el asistente para la instalaci n Haga clic en Login Entrar 5 Cuando haya entrado su ordenador iniciar el establecimiento de una conexi n VPN al ZyWALL Esto puede tardar hasta dos minutos 6 Descargue el software de instalaci n si se le pide que actualice JVM haga clic en el enlace para acceder al sitio web del software Sun Java Se recomienda que seleccione la opci n Offline Installation Instalaci n sin conexi n ZyXEL ZyWALL SSL 10 LL SSL 10 assword and click to login max 30 alphanumeric printable characters and no spaces I am connecting via my own C Iam conne computer cting via Public computer D Note Please enable Javascript on your Browser Login Reset 43 Application Warning Following Error Occure d Your b Id vers rowser appears to have ano ion of Java or no Java at all Because of this the site may not be fully functional If you wish to update java versio ease go to your browser s j sion p to URL Download JVM gt gt Port based reverse proxy may not be fully functional if sslvpn site is cessed using ip address instead of domain name Back 28 ESPANOL 7 Si aparece una pantalla de aviso haga clic en Continue Continuar Warning Fo ante Bam ccure mi Plea Re nyo em ny com instead of IP Addre sss lvl vs this site in order to be fully functi 8 A
58. virtuale 6 Fare clic su Ok per salvare le impostazioni 7 Fare clic su SSL nel pannello di zx navigazione e fare clic sull icona Edit modifica per configurare il criterio SSL predefinito creato utilizzando la configurazione guidata 47 ITALIANO 8 Nella schermata di configurazione visualizzata scegliere il nome dell applicazione SSL appena creata e fare clic su Ok per salvare le impostazioni In questo modo la configurazione dell applicazione al criterio SSL e consente all utente remoto di accedere al server su una connessione SSL VPN 9 Verificare che il server sia correttamente configurato e collegato alla rete locale Configuration Policy Name User List SSL Application SSL Application List ZyWALL SSL PN SecuExtender IV allow Full Network Access VPN Remote Network List Endpoint Private IP Pool default e 6 Test della connessione utente remota da Internet Attenersi alla procedura seguente per accedere alla rete locale da Internet come utente x remoto E necessario conoscere l indirizzo IP della WAN dello ZyWALL tali informazioni possono essere lette nella schermata Status stato 1 Collegare il computer a una rete esterna al firewall dell azienda 2 Aprire il browser e inserire l indirizzo IP della WAN dello ZyWALL come URL 3 Fare clic su OK o su Si nel caso venga visualizzata una schermata di protezione 4 Viene visualizzata una schermata di login Immettere il nome utente e
59. 6 7 SSL Policy Object Web Application e Type Add Web Application eForm http 192 168 1200 ex http 192 168 1 1 or https 192 168 1 1 Web Server Y Display Name Address Server Type Optional Virtual Web Port Note You need to allow this port on your network Only IE Mozilla and Netscape browsers can support this option Optional Cancel Suffix Edit SSL 8 SSL SSL VPN SSL 9 List of Policy default Policy Name User List SSL Application SSL Applic
60. 68 1 0 255 255 255 0 Subnet Mask Remote Users IP Add P SC nge defin ehe ae addre s po ol tum GH ch acere sign edt ng SSL que The overlap coll ide with ya signed addre e IP Address Range Begin ss Range End sses an be nge must not IP Addre STEP4 Anti Virus IDP Integration with ZyWALL UTM ZyWALL UTM IP Addre dai BET o which you would like to provide gp Scio n to SSL Hs affic The ZyWALL UTM should das Anti Virus IDP ave no UTM installed you can skip this step ZyWALL UTM amp PAC 7 myZyXEL com SU BHE TF Finished gt sm TI Sc dat Ht fe gt 1 Close oo DRE E ARN EA AMES VES ZyWALL ER gt IP RER RE SEN DEF A SE DDR RS EERE FEE 5 ENA RE RAE T im DND Web ARENA H3 AUTRE TR XE DER EES EHER IM Ace ne SE LET Web 1 Object gt SSL Application gt SSL Add 2 Web Application Web
61. Internet See Einstellungen im ersten Fenster des Internet Access Assistenten konfiguriert werden RR ene WAN IP Address Assigment IP Address Assigment Static v My WAN IP Address WAN IP Subnet Mask ZyWALL SSL VPN Gateway IP Address Second DNS Server Optional WAN MAC Address 3 Erstellen Sie ein neues Remote Adding a User for default policy by using SSL VPN to access Benutzerkonto damit sich ein Remote Benutzer im lokalen Netzwerk anmelden kann Geben Sie dem Konto einen einmaligen Namen bis zu 31 Zeichen Sae Hyen bave srgated users already end don t mant to adg nen waer wobei die Zeichen 0 9 a z und A Z verwendet werden und Kennwort bis zu 64 Zeichen wobei die Zeichen 0 9 a z und A Z verwendet werden k nnen ES Mit dem Administratorkonto k nnen Sie nicht auf die Netzwerkressourcen zugreifen DEUTSCH 4 Geben Sie die IP Adresse und die Subnetzmaske Ihres lokalen Netzwerks EN hinter dem ZyWALL ein auf das mit dem SSL preve me x cente ene on your local network VPN erreichbar sein soll Subnet Mask Geben Sie den Bereich der privaten IP HE e GE Adressen ein die den Remote Benutzern und Poet dem ZyWALL zugewiesen werden sollen Dieser wird f r den Aufbau einer SSL VPN Verbindung verwendet und erm glicht es den Remote Benutzern so auf die Ressourcen zuzugreifen als w ren sie Teil des lok
62. L SSL 10 INTEGRATED SSL VPN APPLIANCE EE 1 WAN 2 LAN POWER 12V LED PWR LED SYS LED WAN LAN LED LED 3 LAN ZyWALL Internet Explorer 6 0 Netscape 7 0 1 ZyWALL IP 2 192 168 1 1 ZyWALL LAN IP 2 about blank Microsoft Internet Explorer File Edit View Favorites Tools Help de Back 9 2 Aa A Search Ga Address 192 168 1 1 3 OK
63. RL 3 Click OK or Yes if a security screen displays ENGLISH 4 A login screen displays Enter the user name and password of the remote user account you created using the setup wizard Click Login in ob SSL 10 ord a nd click to login 5 After the login is successful your computer starts establishing a VPN connection to the ZyWALL This may take up to two minutes i I am connecting via my own computer C Iam connecting via Public computer D Note Please enable Javascript on your Browser Login Reset Downl he installation software if 6 Download the installation software if you ZyXEL m mm are prompted to upgrade the JVM Click ater 59 the link to access the Sun Java software web site It is recommended you select Warning the Offline Installation option ye an ola yersan o rorem n wser s java version Blass o to URL Download gt gt Port base rn fiot ba fully fun nal if s on ei accesse dd a dde nstead of dom ame A 7 warning screen displays click 43 wech Continue ZyXEL DI gt Application File Sharing Warning Fo Mr CENTO ccure d unm d han nyo this site ei me ex sex WE 3 to Continue 8 A new network icon displays in the system e Ge tray This indicates that a VPN connection has been established between your computer and the ZyWALL ENGLISH 9 The remote user screen displays You can click on a link to access th
64. Remote Benutzerverbindung uber das Internet Fuhren Sie die folgenden Schritte aus um als Remote Benutzer Uber das Internet auf das lokale Netzwerk zuzugreifen Dazu ben tigen Sie die WAN IP Adresse der ZyWALL diese erhalten Sie im Status Fenster 1 Schlie en Sie Ihren Computer an ein Netzwerk au erhalb der Firewall Ihres Unternehmens an 2 Offnen Sie Ihren Internetbrowser und geben Sie als URL die WAN IP Adresse der ZyWALL ein 3 Klicken Sie im nachsten Sicherheitsfenster auf OK oder Yes 4 Das Anmeldefenster wird angezeigt Geben Sie den Benutzernamen und das Kennwort des Remote Benutzerkontos ein das Sie mit dem en Installationsassistenten konfiguriert haben Klicken Sie auf Login Anmelden 5 Wenn der Computer erfolgreich angemeldet wurde beginnt er eine VPN Verbindung mit dem ZyWALL herzustellen Dieser Vorgang kann bis zu zwei Minuten dauern 18 DEUTSCH 6 Laden Sie sich die Installationssoftware zur Aktualisierung von JVM aufgefordert werden Klicken Sie auf den Link um auf die Website von Sun Java zu gelangen Warning Es wird empfohlen die Option Offline ta em E a version of3 Installation Offline installieren zu SE reverse pro Een wahlen 7 Klicken Sie im Warnfenster auf Continue Fortfahren Warning Fo prie a ccure Plea sido Cap nyo utcompe ny com instead of iP Adare sss RAE d this site in order to be fully fi 8 Im Systembereich der Taskleiste wird
65. Server Second DNS Server WAN MAC Address STEP2 Adding a User for default policy by using SSL VPN to access here Username user Password Confirm Password Q Note If you have created users already and don t want to add new user now you can skip this step to keep users no change in the default policy STEP3 SSL VPN Network Settings VPN Network Enter the IP address of the trusted network to which you would like to provide remote clients access to resources on your local network VPN Network IP Address 192 168 1 0 Subnet Mask 255 255 255 0 Remote Users IP Address Pool The IP range defines the IP address pool from which addresses will be assigned to remote users during SSL VPN sessions The range must not overlap or collide with any assigned addresses m IP Address Range Begin IP Address Range End c SSL n 83 5 Next 6 INE sr Activate SSL va Anti Virus IDP Integration with ZyWALL UTM VP N Lice n se e Enter the IP address of the ZyWALL UTM to which you would like to provide Anti
66. Sie die Daten f r Ihren Internetzugang bereit ups Il ere ee N H SSL10 Schritte f r die Konfiguration 1 Systemvoraussetzungen 2 Anschlie en der Hardware 3 Zugreifen auf den Web Konfigurator 4 Konfigurieren mit dem Installationsassistenten 5 Erstellen von Internetverkn pfungen f r den Schnellzugriff 6 Testen der Remote Benutzerverbindung ber das Internet 7 Benutzen des ZyWALL im Netzwerk 1 Systemvoraussetzungen Im Folgenden sind die Browser und Systemanforderungen aufgef hrt die ein Remote Benutzer erf llen muss Internet Explorer 5 5 mit Microsoft Service Pack MSXML oder 6 0 und h her Netscape 7 2 und h her Firefox 1 0 und h her Mozilla 1 7 3 und h her Windows 2000 Professional Windows XP Home Professional mit Service Pack 2 und h her oder Linux Sun Java Virtual Machine JVM mindestens Version 1 4 2_07 f r Netscape Mozilla Fire fox und 1 4 2 02 f r Internet Explorer und Linux Computer Im Internet Explorer aktiviertes Java bei Windows Computern 12 DEUTSCH 2 Anschlie en der Hardware ZyXEL ZyWALL SSL 10 INTEGRATED SSL VPN APPLIANCE Ti 1 Verbinden Sie den WAN Anschluss mit einem Ethernet Kabel mit Ihrem Breitbandmodem oder Router 2 Schlie en Sie den Management Computer mit einem Ethernetkabel an den LAN Anschluss an 3 Schlie en Sie das mitgelieferte Netzteil an der R ckseite der ZyWALL an W hrend des Systemtests blinkt die SYS LED Wu
67. ZyWALL comme f Fe Eit Wew Favos Tes Hep adresse iind ADI UNE A about blank Microsoft Internet Explorer File Edit View Favorites Tools Help Address 192 168 1 1 33 FRAN AIS 3 Si vous voyez appara tre un cran de s curit ou d avertissement cliquez sur OK ou sur Yes Oui pour continuer 4 L cran d ouverture de session apparait Entrez admin comme nom d utilisateur et 1234 comme mot de passe Cliquez sur Login Ouvrir une session 5 Si un autre cran de certificat apparait cliquez sur Yes Oui pour continuer 6 C est la premi re fois que vous ouvrez une session sur le ZyWALL L cran principal initial s affiche comme indiqu Cliquez sur Setup Wizard Assistant d installation Security Alert Security Alert Information you exchange with this site cannot be viewed or Any information you exchange y changed by others However there is a problem with the site s iewed by anyone else on the security certificate 4 i You are about to view pages o Inthe future do not show t Sy The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to trust the certifying authority o The security certificate date is valid The name on the security certificate is invalid or does not match the name of the site Do you want to proceed No View Certificate ZyWALL SSL 10 Saar SSL 10 ord and click to lo
68. ZyWALL SSL 10 Integrated SSL VPN Appliance Quick Start Guide Version 1 00 12 2006 Edition 1 Table of Contents ENGLISH 2 DEUTSCH 12 ESPANOL 22 FRAN AIS 32 ITALIANO 42 52 62 SVENSKA 70 80 90 ZyXEL Copyright 2006 All rights reserved ENGLISH Introduction The ZyWALL SSL 10 is an SSL VPN gateway that allows you to set up secure remote network and application access without pre installing client software This guide shows you how to connect and configure the ZyWALL SSL10 to allow a remote user A to access a web server WWW on your local network via an SSL VPN connection You may need your Internet access account information https e NA is SSL10 WWW Configuration Steps 1 System Requirements 2 Initial Hardware Connection 3 Access the Web Configurator 4 Configure Setup Wizard 5 Create Web Links for Easy Remote Access 6 Test Remote User Connection From the Internet 7 Deploy the ZyWALL in Your Network 1 System Requirements The following lists the browser and computer system requiremens for remote user login Internet Explorer 5 5 with Microsoft XML MSXML service pack installed or 6 0 and above Netscape 7 2 and above Firefox 1 0 and above Mozilla 1 7 3 and above Windows 2000 Professional Windows XP Home Professional with service pack 2 and above or Linux Sun Java Virtual Machine JVM i
69. alen Netzwerks 5 Klicken Sie zum Fortfahren auf Next Weiter 6 Pr fen Sie im n chsten Fenster die Netzwerkeinstellungen und klicken Sie auf m pae iii Activate SSL VPN License SSL VPN i im a u inspection to SSL VPN ae The ZyWALL UTM shoul IP Addre e Lizenz aktivieren DU Note If you have no UTM installed you can ski ZyWALL UTM LS Registrieren Sie das ZyWALL unter myZyXEL com damit bis zu 10 Remote Benutzer gleichzeitig zugreifen k nnen 7 Geben Sie die Kontoinformationen entsprechend der Anweisungen bei nm myZyXEL com ein und klicken Sie auf i ee ina Finished Fertig um den Installationsassistenten zu beenden und die ce a _Check you can click to check if username exists Registrierung zu starten E Mail Address 8 Klicken Sie abschlie end auf Close on Schlie en lt Back 16 DEUTSCH Wenn die Registrierung fehlgeschlagen ist prufen Sie ob die eingegebenen Kontoinformationen richtig sind und ob die ZyWALL Zugriff auf das Internet hat Jetzt k nnen Sie sich mit dem gerade erzeugten Benutzerkonto als Remote Benutzer anmelden Sie haben Zugriff auf jede Ressource des lokalen Netzwerks mit IP Adresse oder Domainnamen Sie haben auch die M glichkeit f r das Remote Benutzerfenster link zu erzeugen sodass Internetanwendungen durch einfaches Anklicken angewahlt werden konnen 5 Erstellen von Internetverknupfungen fur den Sch
70. armen visas Du kan klicka pa en Iank f r att komma till webbplatsen Eller om du kanner till webbplatsadressen kan du helt enkelt Oppna ett nytt webblasarfonster och ange webbplatsadressen for att komma dit Om du kan fa atkomst till webbsidan ar du fardig med installningen av ZyWALL Se bruksanvisningen for information om avancerad konfiguration Kontrollera att du anv nder en webblasare med installningar som ar specificerade under avsnittet Systemkrav Om du uppmanas att installera eller uppgradera Java Virtual Machine JVM klicka pa lanken for att komma till webbplatsen for Sun Java programvara och ladda ner programvaran med alternativet Offline Installation Om du inte kan fa tkomst till farranvandarskarmen kontrollera att du har slutfort registreringen av ZyWALL 7 Anvanda ZyWALL i ditt natverk Du kan anvanda ZyWALL pa ett av tva satt bakom en gateway eller som en ny gateway 7 SVENSKA 7 1 Bakom en gateway Du kan ansluta ZyWALL till en befintlig gateway i ditt n tverk Om en gateway har en DMZ port anslut ZyWALL till denna port f r kad sakerhet F ljande figur visar ett natverksexempel i vilket ZyWALL SSL10 och webbservern WWW ar anslutna till en gateway GW For att fa atkomst till webbservern maste trafiken fran fj rranv ndaren A ga genom VPN tunneln och passera sakerhetskontrollerna i denna gateway https m LS Om ZyWALL finns bakom en brandvagg e
71. ation List ZyWALL SSL YPN SecuExtender IV Allow Full Network Access VPN Remote Network List default Endpoint Private IP Pool default e Cancel 6 IP anpec WAN IP address ZyWALL Status 1 2 B IP anpec ZyWALL 3 Yes 85 4 Login ZyWALL SSL 10 5 B Enter user Name Password and dick to login
72. blir et de s curiser un acc s des r seaux et des applications sans pr installer de logiciel client Ce guide vous indique comment connecter et configurer le ZyWALL SSL10 afin de permettre a un utilisateur distant A d acc der un serveur web WWW sur votre r seau local via une connexion VPN SSL Pr parez les informations concernant votre acc s Internet vous pourriez en avoir besoin ag DE Il m ee E A SSL10 Etapes de la configuration 1 Configuration requise 2 Connexion mat rielle initiale 3 Acc der au configurateur Web 4 Configurer l assistant d installation 5 Cr er des liens web pour permettre un acc s distant facile 6 Tester la connexion de l utilisateur distant depuis Internet 7 D ployez le dans votre r seau ZyWALL 1 Configuration requise Vous trouverez ci dessous les configurations requises pour le navigateur et l ordinateur pour l ouverture de session de l utilisateur distant Votre syst me doit comporter Internet Explorer 5 5 avec le service pack Microsoft XML MSXML ou 6 0 et version plus r cente Netscape 7 2 et version plus r cente Firefox 1 0 et version plus r cente Mozilla 1 7 3 et version plus r cente Windows 2000 Professionnel Windows XP Familial Professionnel avec service pack 2 et version plus r cente ou Linux Sun Java Virtual Machine JVM install avec comme version minimum 1 4 2 07 pour Netscape Mozilla Firefox et 1 4 2 02 pour Internet Explorer et les ordinateu
73. cios 2 y posteriores o Linux Sun Java Virtual Machine JVM instalada con la versi n m nima 1 4 2 07 para Netscape Mozilla Firefox y 1 4 2 02 para ordenadores con Internet Explorer y Linux Java habilitado en Internet Explorer en ordenadores con Windows 22 ESPANOL 2 Conexion inicial del hardware ZyXEL ZyWALL SSL 10 INTEGRATED SSL VPN APPLIANCE mm oi 1 Utilice un cable Ethernet para conectar el puerto WAN a un modem de banda ancha o puerta de enlace 2 Utilice un cable Ethernet para conectar un ordenador de administracion a un puerto LAN 3 Utilice el adaptador de alimentaci n incluido para conectar el puerto POWER 12V del panel posterior a una fuente de alimentaci n Tras conectar la alimentaci n y encender la fuente de alimentaci n compruebe los LEDs EI LED PWR se encender El LED SYS parpadea mientras realiza la prueba del sistema y se queda fijo si la prueba tiene xito Los LEDs WAN y LAN se encienden cuando los puertos correspondientes est n conectados Si no se enciende ninguno de los LEDs con la alimentaci n conectada compruebe las conexiones de los puertos y asegurese de que la alimentaci n est encendida 3 Acceder al Configurador Web Siga los pasos siguientes para acceder al configurador web a trav s de un puerto LAN y configurar el ZyWALL Debe utilizar Internet Explorer 6 0 Netscape 7 0 o versiones posteriores 1 Compruebe que el ordenador est conf
74. com 2 Wahlen Sie auf der ZyXEL Startseite aus der Drop down Liste Ihr Produkt aus um die Seite des Produkts aufzurufen 3 Wahlen Sie auf dieser die Zertifizierung aus die angezeigt werden soll 21 ESPANOL Introduccion El ZyWALL SSL 10 es una puerta de enlace SSL VPN que le permite configurar el acceso a una red remota segura a aplicaci n sin preinstalaci n del software cliente Esta gu a le muestra c mo conectar y configurar el ZyWALL SSL10 para que el usuario remoto A pueda acceder al servidor web WWW en su red local a trav s de una conexi n SSL VPN Puede que necesite la informaci n de su cuenta de acceso a Internet https e uw SSL10 WWW Pasos para la configuraci n 1 Requisitos del sistema 2 Conexi n inicial del hardware 3 Acceder al Configurador Web 4 Configurar el Asistente para la instalaci n 5 Crear enlaces Web para un acceso remoto f cil 6 Probar la conexi n del usuario remoto desde Internet 7 Desplegar el ZyWALL en su red 1 Requisitos del sistema A continuaci n se muestra la lista de los requisitos del explorador y del sistema del ordenador para el acceso del usuario remoto Internet Explorer 5 5 con paquete de servicios Microsoft XML MSXML instalado o 6 0 y posteriores Netscape 7 2 y posteriores Firefox 1 0 y posteriores Mozilla 1 7 3 y posteriores Windows 2000 Professional Windows XP Home Professional con paquete de servi
75. d Hl http 192 168 1 200 4 Server Type Web Server Web 5 80 8080 Virtual Web Port Web RF 60K 7 SSL L Edit MR ME SSL 57 8 SSL OK SSL SSL VPN 6
76. dows datorer 70 SVENSKA 2 Inledande maskinvaruanslutning ZyXEL CONSOLE PWR RESET ZyWALL SSL 10 INTEGRATED SSL VPN APPLIANCE v5 N Og 1 Anvand en Ethernet kabel for att ansluta WAN porten till ett bredbandsmodem eller gateway 2 Anvand en Ethernet kabel for att ansluta en administrationsdator till en LAN port 3 Anvand den medf ljande str madaptern for att ansluta POWER 12V porten pa bakpanelen till en stromkalla Nar du har anslutit str mmen och satt pa str mk llan kontrollera indikatorlamporna Indikatorlampan PWR t nds Indikatorlampan SYS blinkar medan systemtest utf rs och f rblir d refter t nd om testet Iyckats Indikatorlamporna WAN och LAN t nds n r motsvarande portar r anslutna e Om ingen av indikatorlamporna tands nar strommen ar ansluten kontrollera portanslutningarna och sakerstall att str mk llan ar paslagen 3 Fa atkomst till webbkonfigurator F lj stegen nedan for att logga in i webbkonfiguratorn genom en LAN port och konfigurera ZyWALL Du maste anvanda Internet Explorer 6 0 Netscape 7 0 eller senare versioner 1 Kontrollera att din dator ar installd pa att ta emot en IP adress fran ZyWALL ZyWALL s standard IP adress som adress Back gt 3 A Ga Address 192 168 1 1 71 SVENSKA 3 Om du ser en s kerhets eller varningssk rm iy er You are about to view pages o 3 klicka pa OK eller
77. e changed by others However there is a problem with the site s viewed by anyone else on the security certificate 4 i You are about to view pages o Inthe future do not show t Sy The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to trust the certifying authority o The security certificate date is valid A The name on the security certificate is invalid or does not match the name of the site Do you want to proceed i No View Certificate ZyWALL SSL 10 Welcome to ZyWALL SSL 10 Enter User Name Password and click to login User Name Password One Time Password Optional max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer Q Note Please enable Javascript on your Browser Login Reset Please select wizard or advanced mode The Setup Wizard walks you through the most common configuration settings We suggest you use this mode if it is the first time you are setting up your device or if you need to make basic configuration changes Use advanced mode if you need access to more advanced features not included in wizard mode Qe Setup Wizard The wizard is designed for first time users that will help you quickly configure ZyWALL SSL 10 iQ Advanced Setup The advanced setup is designed for experienced user that can directly make
78. e web site Or if you know the site address simply open a new web browser window and enter the site address to access If you can access the web page you have successfully set up your ZyWALL Refer to the user s guide for information on advanced configuration sl h mese ChNical Writing in 2 XELI e TW Admin Favortes eds 3 Gy So xj z ums ource File Request s The Admin page contains various reports the Job Request Fo Make sure that you are using a web browser with settings specified in oystem Requirements If you are prompted to install or upgrade Java Virtual Machine JVM click the link to access the Sun Java software web site and download the software using the Offline Installation option If you cannot access the remote user screen check that you have successfully registered your ZyWALL 7 Deploy the ZyWALL in Your Network You can deploy the ZyWALL in one of two ways behind a gateway or as a new gateway 7 1 Behind a Gateway You can connect the ZyWALL to an existing gateway on your network If the gateway comes with a DMZ port connect the ZyWALL to that port for added security The following figure shows a network example where the ZyWALL SSL10 and the web server WWW are connected to the gateway GW To access the web server traffic from the remote user A must go through the VPN tunnel and pass the security checks on the gateway ENGLISH https m a
79. ecessario configurare il dispositivo per consentire la connessione allo ZyWALL sulla porta TCP numero 443 Questa operazione pu essere eseguita utilizzando il port forwarding o una regola di firewall 7 2 Come nuovo gateway Se nella rete non gi presente un gateway possibile configurare lo ZyWALL come gateway con accesso SSL VPN La figura seguente mostra un esempio di rete in cui lo ZyWALL SSL10 collegato a un modem DSL via cavo per l accesso a Internet e il server Web WWW connesso allo ZyWALL Per accedere al server Web il traffico proveniente dall utente remoto A viene inviato tramite il tunnel VPN Per motivi di sicurezza possibile configurare il controllo di accesso e i criteri di controllo dell end point sullo ZyWALL Tax e https ere anms RU A SSL10 WWW 50 ITALIANO Procedura per visualizzare le certificazioni di un prodotto 1 Aprire la pagina www zyxel com 2 Selezionare il prodotto dall elenco di riepilogo a discesa nella Home Page di ZyXEL per passare alla pagina del prodotto in questione 3 Selezionare da questa pagina la certificazione che si desidera visualizzare 51 ZyWALL SSL 10 SSL VPN
80. ever there is a problem with the site s 3 Se viene visualizzata una schermata di Scano ner protezione o attenzione fare clic su OK oppure S 8777777 gs ges per continuare a A The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to trust the certifying authority o The security certificate date is valid The name on the security certificate is invalid or does not match the name of the site Do you want to proceed No View Certificate 4 Viene visualizzata la schermata di login Immettere admin come nome utente e 1234 come password Fare clic su Login Saar SSL 10 ord and click to login 5 Se viene visualizzata una schermata relativa ai certificati fare clic su Si per continuare max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer Q Note Please enable Javascript on your Browser Login Reset 6 Questa la prima volta che si esegue il login nello ZyWALL La schermata principale iniziale visualizzata quella illustrata di seguito Please select wizard or advanced mode H bus ca tup Wiz ard walks Que u thro ugh the most common configuration 4 Fare clic su Setup Wizard configurazione guidata en Use advanced mode if you need access to more advanced features no included in wizard mode Qe Setup Wizard The wizard is designed for first t
81. exion VPN au 6 1 am connecting via my own computer C Iam connecting via Public computer ZyWALL Cela peut prendre jusqu deux n minutes Please enable Javascript on your Browser Login Reset 38 FRAN AIS 6 T l chargez le logiciel d installation si vous tes invit mettre niveau le JVM cliquez sur le lien pour acc der au site ZyXEL web du logiciel Sun Java Il est Warning recommand de s lectionner l option ca eer have an ol version of3 Offline Installation Installation hors For bosed reverse 3 EE ston s connexion 7 Si un cran d avertissement apparait cliquez sur Continue Continuer Warning Fo ror 0 ccure Plea sido EN vpn yo utcompe ny com instead of IP Addre sex ra m2 2 5 4 to this site in order to be fu ily f Continue 8 Une nouvelle ic ne de r seau apparait dans la barre d tat Cela indique qu une connexion VPN a t tablie entre votre ordinateur et le ZyWALL 9 L cran de l utilisateur distant apparait Vous pouvez cliquer sur un lien pour acc der au site web Ou si vous connaissez l adresse du site ouvrez simplement une nouvelle fen tre du navigateur et entrez l adresse du site pour y acc der Application File Sharing Add to Favorite E J Application Si vous pouvez acc der la page web vous avez correctement install votre ZyWALL Reportez vous au guide de l utilisateur pour
82. ge w ij Inge andi However there i dech oble ah the site s viewed by anyone else on the urity certifica A Thes ue ertificate was issued by a ou hav not vem n to trust View the certificate to ther Sr u eech st the certifying authority These A Then Fr f ecuril ty Alert x e about to view pages o Inthe future do not show tl certificate date is valid on the ee certificate is invalid or does not matel ht the ze of the sit Do you want to proceed Di 4 ONS MA admin gt 6 pum 1234 f2 F Login SA 5 E t is de Yes AE a A gt D Note Please enable Javascript on your Browser Login Reset ZyWALL FAX 208 A SI pi N Se tup Wi Za rd SU TASSE Please select wizard or advanced mode de a tup SE ard walks um Uo ugh the e most c u ura We ugge st yo this mode if Di the fr st time your devio rif you Sad to make basic configuratio ges Use advanced mode if you need access to more advanced features no included in See mode ER Setup Wizard us ard is designed for first time users that will help you quickly Wee e ZyWALL SSL 10 Advanced Setup The advanc ed setup is designed for experienced user that can directly make individual networking chan nase BEAR RENTRER i Bee
83. gin max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer Q Note Please enable Javascript on your Browser Login Please select wizard or advanced mode bus Se tup Wizard Wee syo amro ugh the most common configuration ngs s We sugges e this if it is the first time you are setting mi vo r device or if S N e sake sic configuration ng Use advanced mode if you need access to more advanced features no included in wizard mode Qe Setup Wizard The wizard is designed for first time users that will help you quickly onfigure ZyWALL SSL 10 5 Advanced Setup The advanced s ned for make ar dads dd ng i 4 Setup Wizard Assistant d installation Pour la configuration initiale utilisez les crans de l assistant d installation pour effectuer les op rations suivantes Configurer les param tres LAN WAN Cr er un compte d utilisateur distant Cr er une strat gie d acc s VPN SSL Enregistrer le ZyWALL Suivez les tapes pour configurer les crans de l assistant Cliquez sur Next gt Suivant gt dans chaque cran de l assistant pour continuer 34 FRAN AIS 1 Pour afficher l assistant d installation cliquez sur Setup Wizard Assistant d installation The aa Ae ard is not compatible with your currently configured networking dans l cran principal initial You may got the Advanced corsari E pe etu eate a po name GE Ir
84. ic configuration ng Use advanced mode if you need access to more advanced features no included in wizard mode Qe Setup Wizard The wizard is designed for first time users that will help you quickly onfigure ZyWALL SSL 10 Advanced Setup The adva ced setup is designed for nced user that can directly make iSdividualin working chai gae 4 Setup Wizard For initial configuration use the setup wizard screens to do the following Configure the LAN WAN settings Create a remote user account Create an SSL VPN access policy Register the ZyWALL Follow the steps to configure the wizard screens Click Next in each wizard screen to continue ENGLISH 1 To display the setup wizard click Setup it Welcome to the ZyWALL SSL VPN Setup Wizard Wizard In the initial main screen he re SSL 10 up Wizard is not compa E with your currently configured networking ngs i may go to the Advanced Network configuration to vake in ividu an Va kin Ger a nge Gi i ontinue with this Zy WALL Se EM Se I Select Install on Gateway s DMZ port if you cu un Ped eri E TU eng want to connect the ZyWALL to a gateway in install on Gateway s DMZ Port ZyWALL UTM I have ZyWALL or Ga ba Ener I wou M like to nee st my ZyWALL SSL VPN device on my existed G Gate s DMZ your network e 2 Select Install as a New Gateway if you want to configure the ZyWALL both as a NAT router Va scm cu ihave tem ZA SSL VPN de
85. igurado para recibir una direcci n IP desde el ZyWALL 2 Abra su explorador de web Escriba 192 168 1 1 A about blank Microsoft Internet Explorer la direcci n IP de la LAN predeterminada del in Wi Wer ts ZyWALL como direcci n DE lt Address 192 168 1 1 23 ESPANOL 3 Si ve una pantalla de seguridad o aviso haga clic sz i You are about to view pages o en OK Aceptar o Yes Si para continuar gi Information you exchange with this site cannot be viewed or Any information you exchange e changed by others However there is a problem with the site s iewed by anyone else on the security certificate Inthe future do not show t Sy The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to trust the certifying authority o The security certificate date is valid The name on the security certificate is invalid or does not match the name of the site Do you want to proceed No View Certificate 4 Aparecera la pantalla de acceso Escriba admin como nombre de usuario y 1234 como contrasena Haga clic en Login Entrar Saar SSL 10 ord and click to login 5 Siaparece otra pantalla de certificado haga clic en Yes Si para continuar max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer Q Note Please enable Javasc
86. ime users that will help you quickly onfigure ZyWALL SSL 10 5 Advanced Setup The advanced s s designed for make Geet e ges 4 Configurazione guidata Per la configurazione iniziale utilizzare la configurazione guidata per eseguire le operazioni seguenti Configurare le impostazioni LAN WAN Creare un account utente remoto Creare un criterio di accesso SSL VPN Registrare lo ZyWALL Attenersi alla procedura per configurare le schermate della procedura guidata Fare clic su Next gt avanti gt in ogni schermata per poter continuare 44 ITALIANO 1 Per visualizzare la configurazione guidata fare clic su Setup Wizard nella schermata principale iniziale Selezionare Install on Gateway s DMZ port installa sulla porta DMZ del gateway per col legare lo ZyWALL a un gateway nella rete Selezionare Install as a New Gateway installa come nuovo gateway per configurare lo ZyWALL sia come router NAT e sia come gateway SSL VPN nella rete 2 Se si installa lo ZyWALL dietro un altro gateway configurare le impostazioni IP dello ZyWALL nella prima schermata della procedura guidata Se si installa lo ZyWALL come nuovo gateway configurare le impostazioni Internet nella prima schermata della procedura guidata 3 Creare un nuovo account utente remoto per consentire a un utente remoto di eseguire il login nella rete locale Immettere un nome utente univoco lungo massimo 31 caratteri tra quelli consentiti
87. individual networking changes e LAN WAN Settings e VPN coenuHeHMM SSL e ZyWALL Uns Next gt 82 1 Setup Wizard e ZyWALL Install Gateway s DMZ port ZyWALL B SSL
88. l cran de configuration qui appara t T s lectionnez le nom de l application SSL que Policy Name vous venez de cr er et cliquez sur Ok pour enregistrer les param tres SSL Application Cela applique le param tre de l application la SSL Application List strat gie SSL et permet l utilisateur distant d acc der au serveur l aide d une connexion SSL VPN 9 Assurez vous que le serveur est correctement configur et connect au r seau local ZyWALL SSL YPN SecuExtender Endpoint Private IP Pool 6 Tester la connexion de l utilisateur distant depuis Internet Suivez les tapes ci dessous pour acc der au r seau local comme utilisateur distant par Internet Vous devez conna tre l adresse IP WAN du ZyWALL acc dez a l cran Status Etat pour obtenir cette information 1 Connectez votre ordinateur a un r seau l ext rieur de votre pare feu d entreprise 2 Ouvrez votre navigateur web et entrez l adresse IP WAN du ZyWALL comme URL 3 Cliquez sur OK ou Yes Oui si un cran de s curit appara t 4 Un cran d ouverture de session appara t Entrez le nom d utilisateur et le mot de passe du compte de l utilisateur distant que vous avez cr l aide ZyWALL SSL 10 de l assistant d installation Cliquez sur Login rer User Name Password and ciek to login Ouvrir une session 5 Apr s l ouverture de la session votre ordinateur I I ee commence tablir une conn
89. l Entrez un nom d utilisateur unique jusqu 31 caract res parmi 0 9 you have created users already and don t want to add new user a z et A Z et un mot de passe jusqu M 64 caract res parmi 0 9 a z et A Z LES Vous ne pouvez pas utiliser le compte d administration pour acceder aux ressources du reseau 35 FRAN AIS 4 Sp cifiez l adresse IP et le masque de sous r seau d un r seau local derri re le ZyWALL auquel vous voulez permettre l acc s VPN SSL Sp cifiez la plage d adresses IP priv es a attribuer aux utilisateurs distants et au ZyWALL Ceci est utilis pour tablir une connexion VPN SSL et permettre aux utilisateurs distants d acc der aux ressources comme s ils se trouvaient sur le r seau local 5 Cliquez sur Next Suivant pour continuer 6 Consultez les param tres r seau dans le prochain cran de l assistant et cliquez sur Activate SSL VPN License Activer la licence VPN SSL ZyWALL UTM K LS Vous devez enregistrer votre ZyWALL a myZyXEL com pour permettre jusqu 10 utilisateurs distants d acc der simultan ment 7 Suivez les instructions l cran pour acc der aux informations du compte myZyXEL com et cliquez sur Finished Termin pour terminer l assistant d installation et lancer l enregistrement 8 Une fois que le processus est termin cliquez sur Close Fermer STEP3 SSL VPN Network Settings VPN Network Enter the IP bd of the
90. la password dell account utente remoto creato tramite la configurazione guidata Fare clic su Login 5 Una volta eseguito il login con successo il computer inizia a stabilire una connessione VPN allo ZyWALL L operazione pu richiedere fino a due minuti 6 Se viene richiesto di aggiornare la JVM scaricare il software di installazione Fare clic sul link per accedere al sito Web del software Sun Java Si consiglia di selezionare l opzione Offline Installation installazione offline ZyXEL ZyWALL SSL 10 LL SSL 10 max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer D Note Please enable Javascript on your Browser Login Reset 43 Application 48 ITALIANO 7 Se viene visualizzata una schermata di avviso fare clic su Continue continua Warning Fo ded Bam ccure ei Plea pee Re nyo em ny com instead of IP Addre sss ie this site in order to be fully functi 8 Nell area di notifica del sistema viene visualizzata una nuova icona di rete Et Questa indica che stata stabilita una a connessione VPN tra il computer e lo ZyWALL 9 Viene visualizzata la schermata dell utente remoto E possibile fare clic su un link per accedere al sito Web O in alternativa se si conosce l indirizzo del sito sufficiente aprire una nuova finestra del browser e immettere l indirizzo del sito a cui accedere
91. lishing an SSL VPN e connection and allow the remote users to access resources as if they are on the local network ENGLISH 5 Click Next to continue 6 Check the network settings in the next STEP4 wizard screen and click Activate SSL VPN e RE ZyWALL UTM IP Agire v i Enter the IP addre f the gt ZyWALL UTM to o which you would like d License ou wou ovide Anti EN mE nto SSL E affic The ZyWALL UTM de activ nable Anti Virus IDP IP Addre mum Q Note ms If you have no UTM installed you can skip this step ZyWALL UTM PS You must register your ZyWALL at myZyXEL com to allow up to 10 remote users to access at the same time 7 Follow the on screen instruction to enter the i myZyXEL com account information and click ANN Finished to complete the setup wizard and start the registration process 8 After the process is complete click Close STEP6 E Mail Address Country Code ra If device registration failed check that you have entered the account information correctly and that the ZyWALL can access the Internet Now you can log in as a remote user with the user account you have just created You can access any resource on the local network using IP address or domain name Optionally you can create links for the remote user screen to allow one click access to web based applications 5 Create Web Links for Easy Remote Access This section shows you how
92. ller en NAT router maste du konfigurera enheten att till ta anslutning till ZyWALL TCP port 443 Du kan gora detta med hjalp av portforwarding eller en brandvaggsregel 7 2 Som gateway Om du inte redan har en gateway i ditt natverk kan du stalla in ZyWALL som en gateway med SSL VPN tkomst F ljande figur visar ett naatverksexempel i vilket ZyWALL SSL10 ar ansluten till ett DSL kabelmodem for Internet atkomst och webbservern WWW ar ansluten till ZyWALL For att fa atkomst till webbservern skickas trafiken fran fjarranvandaren A genom VPN tunneln For s kerhets skull kan du konfigurera atkomstkontroll och policy for andpunktskontroll i ZyWALL https m er A SSL10 WWW 78 SVENSKA Kundsupport Ha foljande information tillhands nar du kontaktar kundsupporten Produktmodell och serienummer Garantiinformation Datum d du tog emot din enhet En kortfattad beskrivning av problemet och de tg rder du vidtagit for att l sa det Se www support zyxel se lt http www support zyxel se gt for ytterligare guider Procedur for att visa en produkts certifikat 1 G till www zyxel com 2 Valj din produkt fran rullgardinslistrutan pa ZyXEL s hemsida for att ga till denna produkts sida 3 Valj det certifikat du vill titta pa fran denna sida 19 ZyWALL SSL 10 VPN
93. n ejemplo de red donde ZyWALL SSL10 y el servidor WWW estan conectados a la puerta de enlace GW Para acceder al servidor web el trafico desde el usuario remoto A debe ir desde el tunel VPN y pasar las verificaciones de seguridad en la puerta de enlace e https m m A LES Si el ZyWALL est detr s de un cortafuegos o router NAT debe configurar el dispositivo para que permita la conexi n al ZyWALL en el puerto TCP 443 Puede hacerlo utilizando el redireccionamiento de puertos o una regla de cortafuegos 7 2 Como una puerta de enlace Si no ha tiene todavia una puerta de enlace en su red puede configurar el ZyWALL como puerta de enlace con acceso SSL VPN La siguiente figura muestra un ejemplo de red donde ZyWALL SSL10 es conectado a un m dem DSL cable para acceso a Internet y el servidor de web WWW es conectado al ZyWALL Para acceder al servidor de web el tr fico desde el usuario remoto A se env a a trav s del tunel VPN Por seguridad puede configurar las pol ticas de control de acceso y control de punto final en el ZyWALL e https T A SSL10 www 30 ESPANOL Procedimiento para ver la s certificacion es del producto 1 Vaya a www zyxel com 2 Seleccione su producto de la lista desplegable en la pagina inicial de ZyXEL para ir a la pagina de ese producto 31 FRAN AIS Introduction Le ZyWALL SSL 10 est une passerelle VPN SSL vous permettant d ta
94. nellzugriff In diesem Abschnitt wird beschrieben wie Sie eine Internetanwendung festlegen und dazu auf dem Remote Benutzerfenster einen Link erzeugen k nnen 1 Melden Sie sich beim Web Konfigurator als Administrator an und klicken Sie auf Object gt SSL Application Klicken Sie auf die Schaltflache Add Hinzuf gen 2 Erstellen Sie eine Web Application und geben Sie im Feld Service Name einen Namen ein 3 Geben Sie im Feld Address die Adresse des Servers ein z B http 192 168 1 200 4 Wahlen Sie im Feld Server Type die Option Web Server 5 Wenn Sie eine nicht standardm ige Portnummer verwenden z B 8080 anstelle von 80 mussen Sie diese im Feld Virtual Web Port eingeben 6 Klicken Sie auf Ok um die Einstellungen zu speichern 7 Klicken Sie im Navigationsfeld auf SSL und dann auf die Schaltflache Edit Bearbeiten um die SSL Standardregel zu konfigurieren die Sie mit dem Installationsassistenten festgelegt haben 17 DEUTSCH 8 Wahlen Sie im nachsten Konfigurationsfenster den Namen der SSL Anwendung ein die Sie gerade erstellt haben und klicken Sie auf Ok um die Einstellungen zu speichern Mit diesem Schritt werden die Einstellungen fur die SSL Regel ubernommen Gleichzeitig wird den Remote Benutzern der Zugriff auf den Server uber eine SSL VPN Verbindung gewahrt 9 Stellen Sie sicher dass der Server richtig konfiguriert und mit dem lokalen Netzwerk verbunden ist 6 Testen der
95. nstalled with a minimum version of 1 4 2 07 for Netscape Mozilla Firefox and 1 4 2 02 for Internet Explorer and Linux computers Java enabled in Internet Explorer on Windows computers ENGLISH 2 Initial Hardware Connection ZyXEL ZyWALL SSL 10 INTEGRATED SSL VPN APPLIANCE E 1 Use an Ethernet cable to connect the WAN port to a broadband modem or gateway 2 Use an Ethernet cable to connect a management computer to a LAN port 3 Use the included power adaptor to connect the POWER 12V port on the rear panel to a power source After you have connected the power and turned on the power source check the LEDs The PWR LED turns on The SYS LED blinks while performing system testing and stays on when the testing is successful The WAN and LAN LEDs turn on when the corresponding ports are connected If none of the LEDs turn on when the power is connected check the port connections and make sure the power source is turned on 3 Access the Web Configurator Follow the steps below to log into the web configurator through a LAN port and configure the ZyWALL You must use Internet Explorer 6 0 Netscape 7 0 or later versions 1 Make sure your computer is set to receive an IP address from the ZyWALL 2 Launch your web browser Enter 192 168 1 1 the A about blank Microsoft Internet Explorer ZyWALL s default LAN IP address as the address pala it AREA IE Address 192 168 1 1
96. ol 6 Testa fj rranv ndaranslutning fr n Internet F lj stegen nedan f r att f tkomst till det lokala n tverket som en fj rranv ndare fr n Internet Du m ste k nna till WAN IP adressen for ZyWALL h mta denna information p sk rmen Status 1 Anslut din dator till ett n tverk utanf r din foretagsbrandvagg 2 ppna din webbl sare och ange WAN IP adress f r ZyWALL som URL 3 Klicka p OK eller Yes ja om en s kerhetssk rm visas 4 En varningssk rm visas Ange anv ndarnamn och l senord f r det fj rranv ndarkonto som du skapade med hj lp av installationsguiden Klicka ZyWALL SSL 10 p Login inloggning RS 5 Nar inloggningen ar klar borjar din dator uppratta en VPN anslutning till ZyWALL Detta kan ta upp eee a till tva minuter C Iam connecting via Public computer D Note Please enable Javascript on your Browser Login Reset 6 Ladda ner installationsprogramvaran om 2 du uppmanas att uppgradera JVM Klicka 2 lanken for att komma till webbplatsen med Sun Java programvara Du Warning rekommenderas att valja alternativet ge PP Offline Installation p Ue UE IM Back 76 SVENSKA 7 Om en varningsskarm visas klicka pa Continue forts tt A Warning Following Error Occure d 8 En ny natverksikon visas i aktivitetsfaltet Detta indikerar att en VPN anslutning har feces cas upprattats mellan din dator och ZyWALL 9 Fjarranvandarsk
97. ossa accedere a Internet 46 ITALIANO A questo punto e possibile eseguire il login come utente remoto utilizzando l account utente appena creato E possibile accedere a qualsiasi risorsa sulla rete locale utilizzando l indirizzo IP o il nome di dominio In alternativa possibile creare link per gli utenti remoti per la schermata dell utente remoto al fine di consentire allo stesso di accedere alle applicazioni Web con un semplice clic del mouse 5 Creazione di link Web per semplificare l accesso remoto Nella presente sezione viene illustrato come specificare un applicazione Web e creare link Web sulla schermata dell utente remoto 1 Eseguire il login nello strumento di configurazione Web in qualit di amministratore e quindi fare clic su Object oggetto SSL Application applicazione SSL Fare clic sull icona Add aggiungi 2 Creare un applicazione Web e immettere un nome descrittivo nel campo Service Name E nome servizio Add Web Application D n D e eForm 3 Nel campo Address indirizzo immettere KR ERE TT l indirizzo del server Ad esempio http FRR optional 192 168 1 200 irtual Web Po rt on ote You need to allow this po a and Netscape your network ozilla and Netscape browser 4 Selezionare Web Server nel campo Server Type tipo di server 5 Se si utilizza un numero di porta non standard ad esempio 8080 invece di 80 immetterlo nel campo Virtual Web Port porta Web
98. parecer un icono de red nuevo en la bandeja del sistema ste indica que se Et ha establecido una conexi n VPN entre su ordenador y el ZyWALL 9 Aparecer la pantalla del usuario remoto Puede hacer clic en un enlace para acceder al sitio web O si sabe la direcci n del sitio simplemente abra una ventana nueva de explorador y escriba la direcci n del sitio para acceder Si puede acceder a la p gina web ha configurado correctamente su ZyWALL d Consulte la guia del usuario para rm See Writing iN FIRE Wel informacion sobre la configuraci n PO a avanzada Asegurese de estar utilizando un explorador de web con la configuracion especificada en Requisitos del sistema Si se le pide que instale o actualice Java Virtual Machine JVM haga clic en el enlace para acceder al sitio web del software Sun Java y descargar el software utilizando la opci n Offline Installation Instalacion sin conexi n Si no puede acceder a la pantalla del usuario remoto compruebe si ha registrado con exito su ZyWALL 7 Desplegar el ZyWALL en su red Puede desplegar el ZyWALL de dos maneras detras de una puerta de enlace 0 como una puerta de enlace nueva 29 ESPANOL 7 1 Detras de una puerta de enlace Puede conectar el ZyWALL en una puerta de enlace existente en su red Si la puerta de enlace viene con un puerto DMZ conecte el ZyWALL a ese puerto para una seguridad a adida La siguiente figura muestra u
99. questa guida viene mostrato come collegare e configurare lo ZyWALL SSL10 per consentire a un utente remoto A di accedere a un server Web WWW sulla rete locale tramite una connessione SSL VPN E possibile che occorra reperire le informazioni sul proprio accesso a Internet ag De Il m ug BB E A SSL10 Procedura di configurazione 1 Requisiti di sistema 2 Collegamento iniziale dell hardware 3 Accesso allo strumento di configurazione Web 4 Configurazione guidata 5 Creazione di link Web per semplificare l accesso remoto 6 Test della connessione utente remota da Internet 7 Implementazione dello ZyWALL nella propria rete 1 Requisiti di sistema Di seguito vengono elencati il browser e i requisiti minimi del computer per consentire l accesso remoto dell utente Internet Explorer 5 5 con Microsoft XML MSXML Service Pack installato oppure versione 6 0 e successive Netscape 7 2 o versione successiva Firefox 1 0 o versione successiva Mozilla 1 7 3 o versione successiva Windows 2000 Professional Windows XP Home Professional con Service Pack 2 o suc cessivo oppure Linux Sun JVM Java Virtual Machine installata con versione minima 1 4 2 07 per Netscape Mozilla Firefox e 1 4 2 02 per computer Internet Explorer e Linux Java abilitato in Internet Explorer sui computer Windows 42 ITALIANO 2 Collegamento iniziale dell hardware ZyXEL ZyWALL SSL 10 INTEGRATED SSL VPN APPLIANCE oi
100. r la passerelle https m m Wet A BS Si le ZyWALL se trouve derri re un pare feu ou un routeur NAT vous devez configurer le p riph rique de mani re a permettre la connexion au ZyWALL sur le port TCP 443 Pour cela utilisez le reacheminement de port ou une regle de pare feu 40 FRAN AIS 7 2 Comme passerelle Si vous n avez pas d j une passerelle sur votre r seau vous pouvez installer le ZyWALL comme une passerelle avec acc s VPN SSL La figure suivante montre un exemple de r seau o le ZyWALL SSL10 est connect un modem DSL cable pour l acc s Internet et le serveur web WWW connect au ZyWALL Pour acc der au serveur web le trafic provenant de l utilisateur distant A est envoy par le tunnel VPN Pour la s curit vous pouvez configurer les strat gies de contr le d acc s et de contr le de point de fin sur le ZyWALL e https UN m Internet Jesse NA A SSL10 WWW Procedure pour afficher la les certification S d un produit 1 Allez www zyxel com 2 S lectionnez votre produit dans la liste d roulante dans la page d accueil du ZyXEL pour aller la page de ce produit 3 S lectionnez la certification que vous d sirez consulter dans cette page 41 ITALIANO Introduzione Lo ZyWALL SSL 10 un gateway SSL VPN che consente di configurare un accesso sicuro a una rete e ad applicazioni remote senza la necessit di preinstallare software client In
101. rd The wizard is designed for first time users that will help you quickly onfigure ZyWALL SSL 10 5 Advanced Setup The adva ced setup is designed for nced user that can directly make iSdividualin working chai gae 4 Installationsguide For inledande konfiguration anvand installningsguidens skarmar for att gora foljande Konfigurera LAN WAN installningar e Skapa ett fj rranv ndarkonto Skapa en SSL VPN tkomstpolicy Registrera ZyWALL F lj stegen for att konfigurera guideskarmarna Klicka pa Next gt n sta p varje guideskarm for att fortsatta 12 SVENSKA 1 Du startar installningsguiden genom att o e x a n S Welcome to the ZyWALL SSL VPN Setup Wizard klicka paSetup Wizard installningsguide pa he up Wizard is not compa with your currently configured networking ROM an Sech Ger a nge yo t rd ork ate a po name GE FANS pow al ds ngs q den inledande huvudsk rmen Ges Dono r5 S ZYWALL SSL 10 Setup Y gt wiser configuration will be x ie wizard will cre xisted tl iza rwrite its setti e V lj Install on Gateway s DMZ port Se etm installera pa gatewayens DMZ port om du vill Sg ansluta ZyWALL till en gateway i ditt natverk C Install as New Gateway V lj Install as a New Gateway installera som a amass y have no Gateway My ZYWALL SSL VPN device can be ny gateway om du vill konfigurera ZyWALL Zu b de som en NAT router och en SSL VPN gateway i ditt n
102. rde der Test erfolgreich abgeschlossen leuchtet das SYS LED dauerhaft Die LED Anzeigen WAN und LAN leuchten wenn die Anschl sse verbunden sind nd Sollte keine der LED Anzeigen leuchten pr fen Sie ob das Ger t eingeschaltet ist und ob die Kabel richtig angeschlossen wurden 3 Zugreifen auf den Web Konfigurator Fuhren Sie die folgenden Schritte aus um uber einen LAN Anschluss auf den Web Konfigurator zuzugreifen und das ZyWALL zu konfigurieren Verwenden Sie Internet Explorer 6 0 Netscape 7 0 und neuere Versionen davon 1 Der Computer muss so eingestellt sein dass er eine IP Adresse vom ZyWALL empfangen kann 2 Starten Sie Ihren Webbrowser Geben Sie als e about blank Microsoft Internet Explorer Adresse 192 168 1 1 die LAN IP File Edit View oe ias Help Standardadresse des ZyWALL Gok CSR Ri D 192 168 1 1 13 DEUTSCH 3 Klicken Sie im Sicherheits oder Warnfenster auf Wo O K O d e r Yes J a a 8 PERSE UO ss Information you exchange with this site cannot be viewed or Any information you exchange changed by others However there is a problem with the site s iewed by anyone else on the security certificate Inthe future do not show t Sy The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to trust the certifying authority o The security certificate date is valid The name on the security certificate i
103. ript on your Browser Login Reset 6 Esta es la primera vez que accede al ZyWALL La pantalla inicial aparecer como se muestra Haga clic en Setup Wizard Asistente para la Please select wizard or advanced mode 7 te ca tup Wiz ard walks Que u thro ugh the most common configuration 4 instalacion e ou 5 We su or if you 0001 nee en Ste v tis the first time you are SES use adyenced made ar need access to more advanced features no included in wizard mode Qe Setup Wizard The wizard is designed for first time users that will help you quickly onfigure ZyWALL SSL 10 5 Advanced Setup The advanced s s designed for make Geet e ges 4 Asistente para la instalaci n Para la configuraci n inicial utilice las pantallas del asistente para la instalaci n para realizar lo siguiente Ajustar la configuraci n LAN WAN Crear una cuenta de usuario remoto Crear una pol tica de acceso SSL VPN Registrar el ZyWALL Siga los pasos para configurar las pantallas del asistente Haga clic en Next gt Siguiente gt en cada pantalla del asistente para continuar 24 ESPANOL 1 Para mostrar el asistente para la instalacion Welcome to the ZyWALL SSL VPN Setup Wizard haga clic en Setup Wizard Asistente para la he aa Ae ard is not compatible with your currently configured networking instalaci n en la pantalla principal inicial You may go to te advan corsari rene Seleccione Install on Gateway s DMZ port
104. rs sous Linux Java activ dans Internet Explorer sur les ordinateurs travaillant sous Windows 32 FRAN AIS 2 Connexion mat rielle initiale ZyXEL ZyWALL SSL 10 INTEGRATED SSL VPN APPLIANCE CONSOLE PWR RESET v5 ne o 1 Utilisez un c ble Ethernet pour connecter le port WAN un modem large bande ou une passerelle 8 2 Utilisez un c ble Ethernet pour connecter un ordinateur de gestion un port LAN 3 Utilisez l adaptateur d alimentation inclus pour connecter le port POWER 12V ALIMENTATION 12V sur le panneau arri re une source d alimentation Apr s avoir connect l alimentation et mis sous tension examinez les LED La LED PWR s allume La LED SYS clignote lors du test du syst me et reste allum e si le test a r ussi Les LED WAN et LAN s allument quand les ports correspondants sont connect s Si aucune LED ne s allume lors de la mise sous tension v rifiez les connexions des ports et assurez vous que la source d alimentation est sous tension 3 Acc der au configurateur web Suivez les tapes ci dessous pour ouvrir une session dans le configurateur web travers un port LAN et configurer le ZyWALL Vous devez utiliser Internet Explorer 6 0 Netscape 7 0 ou des versions plus r centes 1 V rifiez que votre ordinateur est configur pour recevoir une adresse IP du ZyWALL 2 Lancez votre navigateur web Entrez 192 168 1 1 l adresse IP LAN par d faut du
105. rtual Web Port Puerto Web virtual 6 Haga clic en OK Aceptar para guardar la configuracion 7 Haga clic en SSL en el panel de Policy BB navegacion y haga clic en el icono Edit Editar para configurar la politica SSL predeterminada creada utilizando el asistente para la instalacion 2 ESPANOL 8 En la pantalla de configuraci n que aparece seleccione el nombre de la aplicaci n SSL que acaba de crear y haga clic en Ok Aceptar para guardar la configuracion Esto aplica la configuraci n de la aplicaci n a la politica SSL y permite al usuario remoto acceder al servidor sobre una conexi n SSL VPN 9 Compruebe que el servidor este configurado correctamente y conectado a la red local Configuration Policy Name User List SSL Application SSL Application List ZyWALL SSL PN SecuExtender IV allow Full Network Access VPN Remote Network List Endpoint Private IP Pool 6 Probar la conexion del usuario remoto desde Internet Siga los pasos siguientes para acceder a la red local como usuario remoto desde Internet Debe conocer la direcci n WAN IP del ZyWALL obtenga esta informaci n en la pantalla Status Estado 1 Conecte su ordenador a una red fuera del cortafuegos de su compania 2 Abra su explorador de web y escriba la direcci n WAN IP del ZyWALL como URL 3 Haga clic en OK Aceptar o Yes S si aparece una pantalla de seguridad 4 Aparecer una pantalla de acceso Escriba el nombre de
106. s Gateway im Netzwerk anschlie en Wenn das Gateway mit einem DMZ Anschluss ausgestattet ist sollte das ZyWALL zur Sicherheit an diesen Anschluss angeschlossen werden Die folgende Abbildung zeigt ein Netzwerkbeispiel bei dem das ZyWALL SSL10 und der Internetserver WWW an das Gateway GW angeschlossen sind Um auf den Webserver zuzugreifen m ssen die Daten vom Remote Benutzer A den VPN Tunnel passieren und die Sicherheitspr fungen am Gateway bestehen https m m We A LS Wenn sich das ZyWALL hinter einer Firewall oder einem NAT Router befindet mussen Sie das Gerat so konfigurieren dass das Gerat eine Verbindung zum ZyWALL Uber TCP Port 443 zulasst Das kann mit Hilfe einer Port Weiterleitung oder einer Firewall Regel erfolgen 20 DEUTSCH 7 2 Als Gateway Wenn Sie noch kein Gateway im Netzwerk haben k nnen Sie das ZyWALL als Gateway mit SSL VPN Zugriff benutzen Die folgende Abbildung zeigt ein Netzwerkbeispiel bei dem das ZyWALL SSL10 fur den Internetzugriff mit einem DSL Kabelmodem und der Internetserver WWW mit der ZyWALL verbunden ist Um auf den Internetserver zuzugreifen werden die Daten des Remote Benutzers A durch den VPN Tunnel gesendet Aus Sicherheitsgrunden konnen Sie zusatzliche Regeln fur den Zugriff und fur den Schutz des angebotenen Services konfigurieren e https UN m Internet Jesse NA A SSL10 WWW Schritte zum Ansehen von Produktzertifizierung en 1 Zu www zyxel
107. s invalid or does not match the name of the site Do you want to proceed mi No View Certificate 4 Das Anmeldefenster wird angezeigt Geben Sie admin als den Anwendernamen und 1234 als das Passwort ein Klicken Sie auf Login Anmelden Saar SSL 10 ord and click to login 5 Wenn ein anderes Zertifikatsfenster angezeigt wird klicken Sie zum Fortfahren auf Yes Ja max 30 alphanumeric printable characters and no spaces I am connecting via my own computer C Iam connecting via Public computer Q Note 6 Das ist das erste Mal dass Sie sich beim ZyWALL anmelden Das erste Hauptfenster wird angezeigt siehe Abbildung stunt bus Se tup Wizard Wee syo u thro ugh the most common configuration D KI icken Sie a uf Setu p Wiza rd ps vo Sur 5 We su or if you 0001 nee en Ste CIS the first time you are SES n stal latio n sa ssiste nt Useradyoncodimode yog need access to more advanced features no 4 Setup Wiz rd The wizard is designed for first time users that will help you quickly onfigure ZyWALL SSL 10 5 Advanced Setup The advanced s ned for make ar dads dd ng i 4 Setup Wizard Installationsassistent F hren Sie f r die Erstkonfiguration den Installationsassistenten aus Die folgenden Schritte sind notwendig Konfigurieren der LAN WAN Einstellungen Erstellen eines Remote Benutzerkontos Erstellen einer SSL VPN Zugriffsregel Registrieren der ZyWALL F hren Sie die Schritte des A
108. ses ZyWALL en IP Bieten SSL VPN 5 Next RN 6 eegenen TEES Activate SSL VPN License SSL SS eee VPN 7 b Ant Virus DP isp nspection ta SSL VPN tra affic The ZyWALL UTM s should d ress W ZyWALL UTM e no UTM installed you can skip this step LES myZyXEL com ZyWALL 10 myZyXEL com DE Finished T 2 P en ee 8 r Close
109. ssistenten aus Klicken Sie in jedem Fenster des Assistenten auf Next Weiter gt 14 DEUTSCH 1 Um den Installationsassistenten aufzurufen klicken Sie im Hauptfenster auf Setup Welcome to the ZyWALL SSL VPN Setup Wizard The SSL 10 Setup Wizard is not compatible with yo ently configured networking ngs Wizard Installationsassistent EE Or yo ay continue with this ru EE 10 Se tu zard yo SCH etwork SC ill be lost The wizard wi eate a po name efa W wee Ge already xisted this wizard will overwrite its setting Wahlen Sie die Option Install on Gateway s Install on Gatemay s DMZ Port DMZ port An DMZ Anschluss des Gateways installieren wenn die ZyWALL an ein Gate way im Netzwerk angeschlossen werden soll Wahlen Sie Install as a New Gateway Als neues Gateway installieren wenn das ZyWALL im Netzwerk sowohl als NAT Router als auch als SSL VPN Gateway installiert wer e ZyWALL or Ga a pu I wou to nee st my dev ted G I aa ZyWALL SSL VPN e on my e Gin s DMZ r port Seon My ZyWALL SSL VPN device can be vide SSL VPN feat den soll 2 Wenn das ZyWALL hinter einem anderen Gateway installiert wird mussen die IP Re Internet Access Einstellungen des ZyWALL im ersten Fenster des Assistenten konfiguriert werden WAN IP Address As asioment Static My WAN IP Addre My WAN IP Subnet Mask Gateway IP Address Wenn das ZyWALL als neues Gateway installiert wird m ssen die
110. thio pow al ds Welcome to the ZyWALL SSL VPN Setup Wizard S lectionnez Install on Gateway s DMZ port Install on Gatemay s DMZ Port Installer sur le port DMZ de la passerelle si vous voulez connecter le ZyWALL a une passerelle dans votre r seau Mine ZyWALL SSL VPN I have no Gat uay My ZyWALL SSL VPN device can be aa Gateway and provide SSL VPN feat ZYWALL UTM I have ZyWALL or Ga ba Ener I wou M like to nee st my ZyWALL SSL VPN device my existed G Gate s DMZ ort S lectionnez Install as a New Gateway Installer une nouvelle passerelle si vous voulez configurer le ZyWALL la fois comme un routeur NAT et une passerelle VPN SSL dans votre r seau 2 Si vous installez le ZyWALL derri re une autre passerelle configurez les parametres gm Internet Access IP du ZyWALL dans le premier cran de Coen l assistant D vano sr Si vous installez le ZyWALL comme une nouvelle passerelle configurez les param tres Internet dans le premier cran de l assistant ere Encapsulation Ethernet e WAN IP Address Assigment IP Address Assigment Static v My WAN IP Address NA My WAN IP Subnet Mask ZyWALL SSL VPN Gateway IP Address Second DNS Server Optional WAN MAC Address 3 Cr ez un nouveau compte d utilisateur distant pour permettre un utilisateur Adding a User for default policy by using SSL VPN to access distant d ouvrir une session sur votre r seau loca
111. trusted network to which you would like to provide remote clients access to resources on your local network VPN Network IP Address 192 168 1 0 Subnet Mask 255 255 255 0 Remote Users IP don DA The IP nge T m sihe IP addre s po ol fro rom hh ch sses will sign edt E ng SSL VPN The range must not Overlap coll Ve a nya signed addresses IP Address Range Begin IP Address Range End STEP4 Anti Virus IDP Integration with ZyWALL UTM Zy WALL UTM IP re Enter the IP addre Sie ZYWALL an to which you would like rovide Anti Virus IDP in E ERA nto SSL Y rag The e ZyWALL UTM sh wuld activate and enable Anti Vir ae fs IP Addre DU Note If you have no UTM installed you can ski STEP6 Activate SSL VPN License This device is not r aos hte Raa ZyXEL com Please enter information geroch o register y de Tf you ke n t have myZyXEL com account elect new ny ZyXEL unt below fyon anay om account but you ho SN et you r User Na r Pas ssword please go to www m WZ XEL com for help E Mail Address Country Code lt Back Si l enregistrement du p riph rique choue v rifiez que vous avez correctement entr les informations sur le compte et que le ZyWALL peut acc der Internet 36 FRAN AIS Vous pouvez maintenant ouvrir une session comme utilisateur distant avec le compte utilisateur que vous venez de cr er Vous pouvez acc der toutes les resso
112. tverk 2 Om du installerar ZyWALL bakom en annan gateway konfigurera ZyWALL s IP u Internet Access WAN IP Address Assigment inst llningar p den f rsta guidesk rmen A I Address Assigment Om du installerar ZyWALL som en ny O ere ia gateway konfigurera Internet installningarna pa den forsta guideskarmen ui Internet Access ISP Parameters for Internet Access Encapsulation Ethernet WAN IP Address Assigment IP Address Assigment Static My WAN IP Address My WAN IP Subnet Mask ZyWALL SSL VPN Gateway IP Address 3 Skapa ett nytt fj rranv ndarkonto for att STEP2 lata en fj rranv ndare logga in i ditt lokala Adding a User for default policy by using SSL VPN to access natverk Ange ett unikt anvandarnamn upp till 31 tecken med 0 9 a z och A Z och l senord upp till 64 tecken med 0 9 you have created users already and don t want to add new user skip this ste Spite oke sche n the default a z och A Z ES Du kan inte anvanda administrationskontot for att fa atkomst till natverksresurser 13 SVENSKA 4 Specificera IP adress och subnetmask f r I n ett lokalt natverk bakom den ZyWALL som du We ue md vill ge SSL VPN atkomst preve me a deris on your local network Specificera rackvidden av privata IP adresser la m som ska tilldelas fj rranv ndare och ZyWALL T L GC GE Be x ord IP Address Range Begin Detta anvands
113. urces sur le r seau local en utilisant l adresse IP ou le nom de domaine Vous pouvez aussi cr er des liens pour l cran de l utilisateur distant pour permettre l acc s en un clic aux applications web 5 Cr er des liens web pour un acc s distant facile Cette section vous permet de sp cifier une application web et de cr er des liens web sur l cran de l utilisateur distant 1 Ouvrez une session dans le configurateur web comme administrateur et cliquez sur Object gt SSL Application Objet gt Application SSL Cliquez sur l ic ne Add Ajouter 2 Cr ez une application web et entrez un nom descriptif dans le champ Service Name Nom du se rvice Add Web Application e Fom 3 Dans le champ Address Adresse entrez u l adresse du serveur Par exemple http a 5 optional 192 168 1 200 RG e T TAA d to allow this po lla and Netscape on your network ozi n rowsers b 4 S lectionnez Web Server Serveur web dans le champ Server Type Type de serveur cas 5 Si vous utilisez un num ro de port non standard par exemple 8080 la place de 80 entrez le dans le champ Virtual Web Port Port web virtuel 6 Cliquez sur OK pour enregistrer les param tres 7 Cliquez sur SSL dans le panneau de FT navigation et cliquez sur l ic ne Edit Editer pour configurer la strat gie SSL par d faut que vous avez cr e l aide de l assistant d installation 37 FRAN AIS 8 Dans
114. vice oan be and an SSL VPN gateway in your network 2 If you install the ZyWALL behind another gateway configure the ZyWALL s IP settings Ge pes in the first first wizard screen a Pare ae S If you install the ZyWALL as a new gateway A Cesa EE configure Internet settings in the first wizard yi pa si screen EX Internet Access ISP Parameters for Internet Access Encapsulation Ethernet e WAN IP Address Assigment IP Address Assigment Static v My WAN IP Address US 2 My WAN IP Subnet Mask ZYWALL SSL VPN Gateway IP Address Second DNS Server Optional WAN MAC Address 3 Create a new remote user account to allow a remote user to log into your local network Adding a User for default policy by using SSL VPN to access Enter a unique user name up to 31 characters using 0 9 a z and A Z and password up to 64 characters using 0 9 Ifyou have created users already and dort want to add new user a z and A Z BEE LS You cannot use the admin account to access network resources 4 Specify the IP address and subnet mask of a local network behind the ZyWALL you want to E al low SS L VPN access ROY ae EE on your local network Specify the range of private IP addresses to 4 cm pi assign to the remote users and the ZyWALL Wr Lg e Piper during SSL VEN sezione The onde must nat Spi 0 s Range Begin E This is used for estab
Download Pdf Manuals
Related Search