Filter
Top Products
Chapter 43 System
ZyWALL USG 100/200 Series User’s Guide
680
Server Port The HTTPS server listens on port 443 by default. If you change the HTTPS server
port to a different number on the ZyWALL, for example 8443, then you must notify
people who need to access the ZyWALL web configurator to use “https://ZyWALL
IP Address:8443” as the URL.
Authenticate
Client
Certificates
Select Authenticate Client Certificates (optional) to require the SSL client to
authenticate itself to the ZyWALL by sending the ZyWALL a certificate. To do that
the SSL client must have a CA-signed certificate from a CA that has been imported
as a trusted CA on the ZyWALL (see Section 43.6.6.5 on page 684 on importing
certificates for details).
Server
Certificate
Select a certificate the HTTPS server (the ZyWALL) uses to authenticate itself to
the HTTPS client. You must have certificates already configured in the My
Certificates screen.
Redirect HTTP
to HTTPS
To allow only secure web configurator access, select this to redirect all HTTP
connection requests to the HTTPS server.
Admin/User
Service Control
Admin Service Control specifies from which zones an administrator can use
HTTPS to manage the ZyWALL (using the web configurator). You can also specify
the IP addresses from which the administrators can manage the ZyWALL.
User Service Control specifies from which zones a user can use HTTPS to log into
the ZyWALL (to log into SSL VPN for example). You can also specify the IP
addresses from which the users can access the ZyWALL.
# This is the index number of the service control rule.
The entry with a hyphen (-) instead of a number is the ZyWALL’s (non-configurable)
default policy. The ZyWALL applies this to traffic that does not match any other
configured rule. It is not an editable rule. To apply other behavior, configure a rule
that traffic will match so the ZyWALL will not have to use the default policy.
Zone This is the zone on the ZyWALL the user is allowed or denied to access.
Address This is the object name of the IP address(es) with which the computer is allowed or
denied to access.
Action This displays whether the computer with the IP address specified above can access
the ZyWALL zone(s) configured in the Zone field (Accept) or not (Deny).
Add icon Click the Add icon in the heading row to open a screen where you can add a new
rule. Refer to Table 239 on page 682 for information on the fields.
Click the Edit icon to go to the screen where you can edit the rule.
Click the Add icon in an entry to add a rule below the current entry.
Click the Delete icon to remove an existing rule. A window display asking you to
confirm that you want to delete the rule. Note that subsequent rules move up by one
when you take this action.
Click the Move to N icon to display a field to type a number for where you want to
put that rule and press [ENTER] to move the rule to the number that you typed.
HTTP
Enable Select the check box to allow or disallow the computer with the IP address that
matches the IP address(es) in the Service Control table to access the ZyWALL
web configurator using HTTP connections.
Server Port You may change the server port number for a service if needed, however you must
use the same port number in order to use that service to access the ZyWALL.
Admin/User
Service Control
Admin Service Control specifies from which zones an administrator can use HTTP
to manage the ZyWALL (using the web configurator). You can also specify the IP
addresses from which the administrators can manage the ZyWALL.
User Service Control specifies from which zones a user can use HTTP to log into
the ZyWALL (to log into SSL VPN for example). You can also specify the IP
addresses from which the users can access the ZyWALL.
Table 238 System > WWW (continued)
LABEL DESCRIPTION