Filter
Top Products
Chapter 50 System
ZyWALL USG 1000 User’s Guide
799
It relies upon certificates, public keys, and private keys (see Chapter 46 on page
739 for more information).
HTTPS on the ZyWALL is used so that you can securely access the ZyWALL using
the Web Configurator. The SSL protocol specifies that the HTTPS server (the
ZyWALL) must always authenticate itself to the HTTPS client (the computer which
requests the HTTPS connection with the ZyWALL), whereas the HTTPS client only
should authenticate itself when the HTTPS server requires it to do so (select
Authenticate Client Certificates in the WWW screen). Authenticate Client
Certificates is optional and if selected means the HTTPS client must send the
ZyWALL a certificate. You must apply for a certificate for the browser from a CA
that is a trusted CA on the ZyWALL.
Please refer to the following figure.
1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by
default) on the ZyWALL’s web server.
2 HTTP connection requests from a web browser go to port 80 (by default) on the
ZyWALL’s web server.
Figure 519 HTTP/HTTPS Implementation
Note: If you disable HTTP in the WWW screen, then the ZyWALL blocks all HTTP
connection attempts.
50.6.4 Configuring WWW Service Control
Click Configuration > System > WWW to open the WWW screen. Use this
screen to specify from which zones you can access the ZyWALL using HTTP or
HTTPS. You can also specify which IP addresses the access can come from.