Certs and remote access Question

Author	All Replies
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS kudos:3	Certs and remote access Question Generated a usg100 cert on my router. I imported into both remote sources and trusted CAs in the zywall 35. I had to change the name of it, as there seemed to be a conflict (perhaps the name of the zywall 35s own cert is too similar). In any case when I try to remote https into the z35 from behind my usg100, it does not work if I set the box on the remote access to utilize certificates............ Why is that?? Finally, what is recommended instead for remote access from USG100 to zywall 35. SHould I setup a vpn tunnel and then just do https through that with no certificate? -- Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner" LlamaWorks Equipment
	to forum · permalink · 2012-02-11 11:07:36 ·

Brano I hate Vogons Premium,MVM join:2002-06-25 Burlington, ON kudos:3 Reviews: ·Bell Fibe	If you talking about "Authenticate Client Certificates" in Remote Management -> HTTPs access, then you have to generate a cert for your browser and load it into your browser or use a cert for your browser issued by CA that is also trusted by the ZyWall. HTTPs to the router should be secure enough provided you use strong password. As mentioned above, you can enhance the security by using cert.
	to forum · permalink · 2012-02-12 22:51:44 ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS kudos:3	Okay, but how do I https without a cert but within a vpn tunnel I create.
	to forum · permalink · 2012-02-12 23:00:29 ·
Brano I hate Vogons Premium,MVM join:2002-06-25 Burlington, ON kudos:3	Uncheck "Authenticate Client Certificates" in Remote Management -> HTTPs access ..and of course ensure https access is enabled
	to forum · permalink · 2012-02-12 23:01:50 ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS kudos:3	Okay so with the tunnel up everything I point at the rem0te gateay be it ftp, etc including https will be put through the tunnel? and since the protocol is zero. its like carte blanche anything will go thru............. So at the zywall I should put rules for what I want to allow int he tunnel and then followed by a rule to block all. Wan to vpn in the zywall rules that is
	to forum · permalink · 2012-02-12 23:04:26 ·
Brano I hate Vogons Premium,MVM join:2002-06-25 Burlington, ON kudos:3	Not sure what you mean. If you have tunnel from site A to B and you need to access the B router from A just enter B's LAN IP in browser https://B_router_LAN_IP
	to forum · permalink · 2012-02-12 23:08:15 ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS kudos:3	Yes okay, so in that case with the tunnel up using a client on a PC, if I do that at that PC, then the https request will go through the tunnel. If I try it from another PC then it will not go thru the tunnel and unless I have a firewall rule wan to zywall, it wont get through. In either case I need remote management set up on the router.. I also want to limit traffic within the tunnel and I think I use wan to vPN firewall rules for that -- Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner" LlamaWorks Equipment
	to forum · permalink · 2012-02-12 23:14:00 ·

Equipment Support > Hardware By Brand > ZyXEL > Certs and remote access Question