Filter
Top Products
Chapter 37 System
ZyWALL 110/310/1100 Series User’s Guide
457
It relies upon certificates, public keys, and private keys (see Chapter 33 on page 413 for more
information).
HTTPS on the ZyWALL is used so that you can securely access the ZyWALL using the Web
Configurator. The SSL protocol specifies that the HTTPS server (the ZyWALL) must always
authenticate itself to the HTTPS client (the computer which requests the HTTPS connection with the
ZyWALL), whereas the HTTPS client only should authenticate itself when the HTTPS server requires
it to do so (select Authenticate Client Certificates in the WWW screen). Authenticate Client
Certificates is optional and if selected means the HTTPS client must send the ZyWALL a certificate.
You must apply for a certificate for the browser from a CA that is a trusted CA on the ZyWALL.
Please refer to the following figure.
1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the
ZyWALL’s web server.
2 HTTP connection requests from a web browser go to port 80 (by default) on the ZyWALL’s web
server.
Figure 303 HTTP/HTTPS Implementation
Note: If you disable HTTP in the WWW screen, then the ZyWALL blocks all HTTP
connection attempts.
37.7.4 Configuring WWW Service Control
Click Configuration > System > WWW to open the WWW screen. Use this screen to specify
from which zones you can access the ZyWALL using HTTP or HTTPS. You can also specify which IP
addresses the access can come from.
Note: Admin Service Control deals with management access (to the Web Configurator).
User Service Control deals with user access to the ZyWALL (logging into SSL VPN
for example).