ZyXEL Communications VPN Series

To Next Page

To Previous Page

Chapter 37 IDP

ZyWALL/USG Series User’s Guide

663

37.3.2.1 Understand the Vulnerability

Check the ZyWALL/USG logs when the attack occurs. Use web sites such as Google or Security

Focus to get as much information about the attack as you can. The more specific your signature,

the less chance it will cause false positives.

As an example, say you want to check if your router is being overloaded with DNS queries so you

create a signature to detect DNS query traffic.

37.3.2.2 Analyze Packets

Use the packet capture screen and a packet analyzer (also known as a network or protocol

analyzer) such as Wireshark or Ethereal to investigate some more.

Figure 456 DNS Query Packet Details

Main Page

Default Chapter3
- Table of Contents3
PART I User's Guide23
Chapter 1 Introduction25
- Overview25
  - Applications26
    - Vpn Connectivity27
    - Ssl Vpn Network Access27
- Management Overview28
- Web Configurator29
Chapter 2 Installation Setup Wizard46
- Installation Setup Wizard Screens46
Chapter 3 Hardware, Interfaces and Zones57
- Hardware Overview57
  - Front Panels57
  - Rear Panels61
- Mounting63
- Default Zones, Interfaces, and Ports68
- Stopping the Zywall/Usg70
Chapter 4 Easy Mode71
- Overview71
- Initial Setup Wizard Screen 1 - Language and Overview75
- Initial Setup Wizard Screen 7 - Security Service83
- Initial Setup Wizard Screen 8 - Port Forwarding85
- Initial Setup Wizard Screen 9 - Guest LAN86
  - Connecting AP Scenarios87
- Initial Setup Wizard Screen 10 - VPN88
- VPN Settings for Configuration Provisioning Wizard: Wizard Type98
- VPN Settings for L2TP VPN Settings Wizard109
- Port Forwarding114
- Wi-Fi and Guest Network Wizard117
  - Guest LAN (Wired Network)118
  - Connecting AP Scenarios119
- Security Service Wizard120
- Myzyxel Portal126
- One Security Portal127
Chapter 5 Quick Setup Wizards129
- Quick Setup Overview129
- WAN Interface Quick Setup130
- VPN Setup Wizard135
- VPN Settings for Configuration Provisioning Wizard: Wizard Type146
- VPN Settings for L2TP VPN Settings Wizard157
Chapter 6 Dashboard162
- Overview162
  - What You Can Do in this Chapter162
- Main Dashboard Screen162
Part II: Technical Reference179
Chapter 7 Monitor181
- Overview181
  - What You Can Do in this Chapter181
- The Port Statistics Screen182
  - The Port Statistics Graph Screen184
- Interface Status Screen185
- The Traffic Statistics Screen187
- The Session Monitor Screen190
- IGMP Statistics191
- The DDNS Status Screen192
- IP/MAC Binding193
- The Login Users Screen193
- The Dynamic Guest Screen194
- Cellular Status Screen196
  - More Information198
- The Upnp Port Status Screen199
- USB Storage Screen200
- Ethernet Neighbor Screen201
- Wireless202
  - Wireless AP Information: AP List202
  - AP List more Information204
  - Config AP206
  - Wireless AP Information: Radio List207
  - Radio List more Information209
  - Wireless Station Info210
  - Detected Device211
- The Printer Status Screen212
- The Ipsec Monitor Screen213
  - Regular Expressions in Searching Ipsec Sas214
- The SSL Screen214
- The L2TP over Ipsec Session Monitor Screen215
- The App Patrol Screen215
- The Content Filter Screen217
- The IDP Screen218
- The Anti-Virus Screen220
- The Anti-Spam Screens222
  - Anti-Spam Report222
  - The Anti-Spam Status Screen225
- The SSL Inspection Screens226
  - Certificate Cache List227
- Log Screens228
  - View Log228
  - View AP Log230
  - Dynamic Users Log233
Chapter 8 Licensing235
- Registration Overview235
- Signature Update237
- Wireless241
  - Overview241
    - What You Can Do in this Chapter241
  - Controller Screen241
Chapter 9 Wireless241
- AP Management Screens242
- MON Mode253
  - Add/Edit Rogue/Friendly List254
- Auto Healing255
- RTLS Overview256
- Technical Reference258
  - Dynamic Channel Selection258
  - Load Balancing259
Chapter 10 Interfaces261
- Interface Overview261
- Port Role Screen266
- Ethernet Summary Screen267
- PPP Interfaces289
  - PPP Interface Summary290
  - PPP Interface Add or Edit291
- Cellular Configuration Screen296
  - Cellular Choose Slot299
  - Add / Edit Cellular Configuration299
- Tunnel Interfaces305
  - Configuring a Tunnel307
  - Tunnel Add or Edit Screen308
- VLAN Interfaces312
  - VLAN Summary Screen313
  - VLAN Add/Edit315
- Bridge Interfaces324
  - Bridge Summary326
  - Bridge Add/Edit327
- Lag336
  - LAG Summary Screen336
  - LAG Add/Edit338
- Vti343
- Trunk Overview346
  - What You Need to Know347
- The Trunk Summary Screen349
  - Configuring a User-Defined Trunk351
  - Configuring the System Default Trunk353
- Interface Technical Reference354
Chapter 11 Routing359
- Policy and Static Routes Overview359
  - What You Can Do in this Chapter359
  - What You Need to Know360
- Policy Route Screen361
  - Policy Route Edit Screen363
- IP Static Route Screen368
  - Static Route Add/Edit Screen368
- Policy Routing Technical Reference370
- Routing Protocols Overview371
  - What You Need to Know371
- The RIP Screen371
- The OSPF Screen373
- Routing Protocol Technical Reference380
Chapter 12 DDNS382
- DDNS Overview382
  - What You Can Do in this Chapter382
  - What You Need to Know382
- The DDNS Screen383
  - The Dynamic DNS Add/Edit Screen384
- Nat388
  - NAT Overview388
    - What You Can Do in this Chapter388
    - What You Need to Know388
  - The NAT Screen388
Chapter 13 NAT388
- The NAT Add/Edit Screen390
- NAT Technical Reference393
Chapter 14 Redirect Service395
- Overview395
- The Redirect Service Screen398
  - The Redirect Service Edit Screen399
- Alg401
  - ALG Overview401
    - What You Need to Know401
Chapter 15 ALG401
- Sip Alg402
- Before You Begin404
- The ALG Screen404
- ALG Technical Reference407
- Upnp409
  - Upnp and NAT-PMP Overview409
  - What You Need to Know409
    - NAT Traversal409
Chapter 16 Upnp409
- Cautions with Upnp and NAT-PMP410
- Upnp Screen410
- Technical Reference411
- IP/MAC Binding418
  - IP/MAC Binding Overview418
    - What You Can Do in this Chapter418
    - What You Need to Know418
Chapter 17 IP/MAC Binding418
- IP/MAC Binding Summary419
  - IP/MAC Binding Edit419
  - Static DHCP Edit420
- IP/MAC Binding Exempt List421
- Layer 2 Isolation423
  - Overview423
    - What You Can Do in this Chapter423
Chapter 18 Layer 2 Isolation423
- Layer-2 Isolation General Screen424
- White List Screen424
  - Add/Edit White List Rule425
- DNS Inbound LB427
  - DNS Inbound Load Balancing Overview427
    - What You Can Do in this Chapter427
Chapter 19 DNS Inbound LB427
- The DNS Inbound LB Screen428
  - The DNS Inbound LB Add/Edit Screen429
  - The DNS Inbound LB Add/Edit Member Screen431
Chapter 20 Web Authentication433
- Web Auth Overview433
  - What You Can Do in this Chapter433
  - What You Need to Know434
- Web Authentication General Screen434
- SSO Overview450
- SSO - Zywall/Usg Configuration452
- SSO Agent Configuration458
- Hotspot462
  - Overview462
  - Billing Overview462
    - What You Need to Know462
Chapter 21 Hotspot462
- The General Screen463
- The Billing Profile Screen466
Label Description472
- The Discount Screen473
- The Payment Service General Screen475
  - The Payment Service Desktop View / Mobile View Screen477
- Printer Manager481
  - Printer Manager Overview481
    - What You Can Do in this Chapter481
  - The General Setting Screen481
Chapter 22 Printer Manager481
- Add Printer Rule484
- Edit Printer Rule484
- Discover Printer485
- Edit Printer Manager (Discover Printer)486
- The Printout Configuration Screen487
- Printer Reports Overview488
- Freetime492
  - Free Time Overview492
    - What You Can Do in this Chapter492
  - The Free Time Screen492
Chapter 23 Freetime492
- Sms496
  - SMS Overview496
    - What You Can Do in this Chapter496
  - The SMS Screen496
Chapter 24 SMS496
- Ipnp498
  - Ipnp Overview498
    - What You Can Do in this Chapter498
Chapter 25 Ipnp498
- Ipnp Screen499
Chapter 26 Walled Garden500
- Walled Garden Overview500
- General Screen500
- URL Base Screen501
  - Adding/Editing a Walled Garden URL502
- Domain/Ip Base Screen503
  - Adding/Editing a Walled Garden Domain or IP504
  - Walled Garden Login Example504
Chapter 27 Advertisement Screen506
- Advertisement Overview506
  - Adding/Editing an Advertisement URL507
Chapter 28 Security Policy508
- Overview508
- One Security509
- What You Can Do in this Chapter512
  - What You Need to Know513
- The Security Policy Screen514
  - Configuring the Security Policy Control Screen515
  - The Security Policy Control Add/Edit Screen518
- Anomaly Detection and Prevention Overview520
- The Session Control Screen529
  - The Session Control Add/Edit Screen530
- Security Policy Example Applications531
Chapter 29 Ipsec VPN534
- Virtual Private Networks (VPN) Overview534
- The VPN Connection Screen539
  - The VPN Connection Add/Edit Screen541
- The VPN Gateway Screen548
  - The VPN Gateway Add/Edit Screen549
- VPN Concentrator556
- Zywall/Usg Ipsec VPN Client Configuration Provisioning558
- Ipsec VPN Background Information560
Chapter 30 SSL VPN570
- Overview570
  - What You Can Do in this Chapter570
  - What You Need to Know570
- The SSL Access Privilege Screen571
  - The SSL Access Privilege Policy Add/Edit Screen572
- The SSL Global Setting Screen575
  - How to Upload a Custom Logo576
- Zywall/Usg Secuextender577
  - Example: Configure Zywall/Usg for Secuextender578
Chapter 31 SSL User Screens581
- Overview581
  - What You Need to Know581
- Remote SSL User Login582
- The SSL VPN User Screens585
- Bookmarking the Zywall/Usg586
- Logging out of the SSL VPN User Screens587
- SSL User Application Screen587
- SSL User File Sharing588
Chapter 32 Zywall/Usg Secuextender (Windows)594
- The Zywall/Usg Secuextender Icon594
- Status594
- View Log595
- Suspend and Resume the Connection596
- Stop the Connection596
- Uninstalling the Zywall/Usg Secuextender596
Chapter 33 L2TP VPN598
- Overview598
  - What You Can Do in this Chapter598
  - What You Need to Know598
- L2TP VPN Screen599
  - Example: L2TP and Zywall/Usg Behind a NAT Router601
Chapter 34 BWM (Bandwidth Management)603
- Overview603
  - What You Can Do in this Chapter603
  - What You Need to Know603
- The Bandwidth Management Screen607
  - The Bandwidth Management Add/Edit Screen610
Chapter 35 Application Patrol618
- Overview618
  - What You Can Do in this Chapter618
  - What You Need to Know618
- Application Patrol Profile619
  - The Application Patrol Profile Add/Edit Screen621
  - The Application Patrol Profile Rule Add Application Screen622
Chapter 36 Content Filtering624
- Overview624
- Content Filter Profile Screen626
- Content Filter Profile Add or Edit Screen628
  - Content Filter Add Profile Category Service628
  - Content Filter Add Filter Profile Custom Service636
- Content Filter Trusted Web Sites Screen639
- Content Filter Forbidden Web Sites Screen640
- Content Filter Technical Reference641
Chapter 37 IDP643
- Overview643
- The IDP Profile Screen644
- IDP Custom Signatures655
- IDP Technical Reference665
Chapter 38 Anti-Virus668
- Overview668
  - What You Can Do in this Chapter668
  - What You Need to Know669
- Anti-Virus Profile Screen670
  - Anti-Virus Profile Add or Edit672
- Anti-Virus Black List674
  - Anti-Virus Black List or White List Add/Edit675
  - Anti-Virus White List676
- AV Signature Searching677
- Anti-Virus Technical Reference678
- Anti-Spam680
  - Overview680
    - What You Can Do in this Chapter680
    - What You Need to Know680
Chapter 39 Anti-Spam680
- Before You Begin681
- The Anti-Spam Profile Screen682
  - The Anti-Spam Profile Add or Edit Screen683
- The Mail Scan Screen685
- The Anti-Spam Black List Screen687
  - The Anti-Spam Black or White List Add/Edit Screen689
  - Regular Expressions in Black or White List Entries690
- The Anti-Spam White List Screen690
- The DNSBL Screen692
- Anti-Spam Technical Reference694
- SSL Inspection698
  - Overview698
    - What You Can Do in this Chapter698
    - What You Need to Know698
Chapter 40 SSL Inspection698
- Before You Begin699
- The SSL Inspection Profile Screen699
  - Add / Edit SSL Inspection Profiles700
- Exclude List Screen702
- Certificate Update Screen704
- Install a CA Certificate in a Browser705
Chapter 41 Device HA707
- Overview707
  - What You Can Do in These Screens707
- Device HA General708
  - Before You Begin708
- Device HA Pro710
  - Deploying Device HA Pro711
  - Configuring Device HA Pro711
- The Active-Passive Mode Screen713
  - Configuring Active-Passive Mode Device HA715
- Active-Passive Mode Edit Monitored Interface718
- Device HA Technical Reference719
Chapter 42 Object723
- Zones Overview723
  - What You Need to Know723
  - The Zone Screen724
- User/Group Overview725
- AP Profile Overview740
  - Radio Screen741
  - SSID Screen746
- MON Profile755
  - Overview755
  - Technical Reference758
- Application759
  - Add Application Rule761
  - Application Group Screen764
- Address/Geo IP Overview765
- Service Overview773
- Schedule Overview778
- AAA Server Overview784
- Auth. Method Overview792
- Certificate Overview795
- ISP Account Overview810
  - ISP Account Summary811
- SSL Application Overview813
  - What You Need to Know813
  - The SSL Application Screen815
- Dhcpv6 Overview818
  - The Dhcpv6 Request Screen819
  - The Dhcpv6 Lease Screen820
Chapter 43 System822
- Overview822
  - What You Can Do in this Chapter822
- Host Name823
- USB Storage823
- Date and Time824
  - Pre-Defined NTP Time Servers List827
  - Time Server Synchronization827
- Console Port Speed828
- DNS Overview829
- WWW Overview839
- Ssh856
- Telnet860
  - Configuring Telnet860
- Ftp862
  - Configuring FTP862
- Snmp863
- Authentication Server868
  - Add/Edit Trusted RADIUS Client870
- Cloudcnm Screen870
- Language Screen873
- Ipv6 Screen873
- Zyxel One Network (ZON) Utility874
  - Zyxel One Network (ZON) System Screen875
Chapter 44 Log and Report877
- Overview877
  - What You Can Do in this Chapter877
- Email Daily Report877
- Log Setting Screens879
- File Manager896
  - Overview896
    - What You Can Do in this Chapter896
    - What You Need to Know896
Chapter 45 File Manager896
- Comments in Configuration Files or Shell Scripts897
- The Configuration File Screen898
- Firmware Management902
  - Cloud Helper903
  - The Firmware Management Screen905
- The Shell Script Screen907
- Diagnostics909
  - Overview909
    - What You Can Do in this Chapter909
  - The Diagnostic Screen909
Chapter 46 Diagnostics909
- The Diagnostics Files Screen910
- The Packet Capture Screen911
  - The Packet Capture Files Screen913
- The System Log Screen914
- The Network Tool Screen915
- The Wireless Frame Capture Screen916
  - The Wireless Frame Capture Files Screen918
Chapter 47 Packet Flow Explore919
- Overview919
  - What You Can Do in this Chapter919
- The Routing Status Screen919
- The SNAT Status Screen924
Chapter 48 Shutdown927
- Overview927
  - What You Need to Know927
- The Shutdown Screen927
Chapter 49 Troubleshooting928
- Resetting the Zywall/Usg940
  - Getting more Troubleshooting Help941
  - Customer Support942
Appendix A Customer Support943
Appendix B Legal Information949
- Safety Warnings957
Appendix C Product Features965
- Index976

ZyXEL Communications VPN Series - Page 663

Table of Contents

Other manuals for ZyXEL Communications VPN Series

Related product manuals