ZyXEL Communications ZYWALL 70 - V4.04 Guía de usuario descargar pdf (Pagina 99)

1. When Local ID Content is blank which means user doesn’t type anything here, during

IKE negotiation, my ID content will be “My IP Addr” (if it’s not 0.0.0.0) or local’s

WAN IP.

2. When “Peer ID Content” is not blank, ID of incoming packet has to match our setting.

Or the connection request will be rejected.

3. When “Secure Gateway IP Addr” is 0.0.0.0 and “Peer ID Content” is blank, system

can only check ID type. This is a kind of “dynamic rule” which means it accepts

incoming request from any IP, and these requests’ ID type is IP. So if user put a such

kind of rule in top of rule list, it may be matched first. To avoid this problem, we will

enhance it in the future.

Appendix 6 Embedded HTTPS proxy server

HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a

Web protocol developed by Netscape and built into its browser that encrypts and decrypts

user page requests as well as the pages that are returned by the Web server. HTTPS is

really just the use of Netscape's Secure Socket Layer (SSL) as a sublayer under its regular

HTTP application layering.

The ZyWALL’s embedded HTTPS proxy server is basically an SSL server which

performs SSL transactions, on behalf of the embedded HTTP server, with an SSL client

such as MSIE or Netscape. As depicted by the figure below, when receiving a secure

HTTPS request from an SSL-aware Web browser, the HTTPS proxy server converts it

into a non-secure HTTP request and sends it to the HTTP server. On the other hand, when

receiving a non-secure HTTP response from the HTTP server, the HTTPS proxy server

converts it into a secure HTTPS response and sends it to the SSL-aware Web browser.

By default, the HTTPS proxy server listens on port 443 instead of the HTTP default port

80. If the ZyWALL’s HTTPS proxy server port is changed to a different number, say

8443, then the URL for accessing the ZyWALL’s Web user interface should be changed

to https://hostname:8443/ accordingly.

Appendix 7 Multiple WAN Access

Because of the expansion of broad band service, the bandwidth is more and more cheap.

Some of audio and video applications become usable, such as VoIP and video conference.

The company will subscribe several links for different application. They may use it for

VoIP, Backup line, Load sharing, and extend bandwidth. Thus they will need a device to

manage these kinds of application.

The ZyWALL has two independent WAN ports, so it offers the ability to configure a

secondary WAN port for highly reliable network connectivity and robust performance.

The user can connect WAN 1 to one ISP(or network), and connect the other to a second

1 2 ... 94 95 96 97 98 99 100 101 102 103 104 ... 111 112

Sin comentarios

ZyXEL Communications ZYWALL 70 - V4.04 Guía de usuario Pagina 99