2. Computers & electronics
  3. Networking
  4. Routers
  5. ZyXEL
  6. VPN300

ZyXEL VPN300 User guide

  • Hello! I am an AI chatbot trained to assist you with the ZyXEL VPN300 User guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Default Login Details
User’s Guide
ZyWALL VPN/USG Series
Copyright © 2017 Zyxel Communications Corporation
LAN Port IP Address https://192.168.1.1
User Name admin
Password 1234
Version 4.30 Edition 1, 12/2017
ZyWALL VPN/USG Series User’s Guide
2
IMPORTANT!
READ CAREFULLY BEFORE USE.
KEEP THIS GUIDE FOR FUTURE REFERENCE.
This is a User’s Guide for a series of products. Not all products support all firmware features.
Screenshots and graphics in this book may differ slightly from your product due to differences in
product features or web configurator brand style. Most screen shots in this guide come from the
USG110 and USG60W. Screen shots for other models may vary. Every effort has been made to
ensure that the information in this manual is accurate.
Note: The version number on the cover page refers to the latest firmware version supported
by the Zyxel Device. This guide applies to versions 4.10, 4.11, 4.13, 4.15, 4.16, 4.20, 4.25,
and 4.30 at the time of writing.
Related Documentation
•Quick Start Guide
The Quick Start Guide shows how to connect the Zyxel Device and access the Web Configurator
wizards. (See the wizard real time help for information on configuring each screen.) It also contains a
connection diagram and package contents list.
•CLI Reference Guide
The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the
Zyxel Device.
Note: It is recommended you use the Web Configurator to configure the Zyxel Device.
Web Configurator Online Help
Click the help icon in any screen for help in configuring that screen and supplementary information.
•More Information
Go to support.zyxel.com to find other information on
Zyxel Device.
ZyWALL VPN/USG Series User’s Guide
3
Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this guide.
Warnings tell you about things that could harm you or your device.
Note: Notes tell you other important information (for example, other things you may need to
configure or helpful tips) or recommendations.
Syntax Conventions
All models in this series may be referred to as the “Zyxel Device” in this guide.
Product labels, screen names, field labels and field choices are all in bold font.
A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Configuration >
Network > Interface > Ethernet means you first click Configuration in the navigation panel, then
Network, then the Interface sub menu and finally the Ethernet tab to get to that screen.
Icons Used in Figures
Figures in this user guide may use the following generic icons. The Zyxel Device icon is not an exact
representation of your device.
Zyxel Device Generic Router Wireless Router / Access Point
Switch Firewall Server
Internet Network Cloud Smartphone
USB Dongle
Contents Overview
ZyWALL VPN/USG Series User’s Guide
5
Contents Overview
Introduction ........................................................................................................................................... 29
Initial Setup Wizard ............................................................................................................................... 55
Hardware, Interfaces and Zones ........................................................................................................ 70
Easy Mode ............................................................................................................................................. 87
Quick Setup Wizards ........................................................................................................................... 151
Dashboard .......................................................................................................................................... 184
Monitor ................................................................................................................................................. 200
Licensing .............................................................................................................................................. 265
Wireless ................................................................................................................................................. 272
Interfaces ............................................................................................................................................. 296
Routing ................................................................................................................................................. 399
DDNS .................................................................................................................................................. 426
NAT ....................................................................................................................................................... 432
Redirect Service .................................................................................................................................. 439
.............................................................................................................................................................. 445
ALG ....................................................................................................................................................... 445
UPnP ..................................................................................................................................................... 453
IP/MAC Binding ................................................................................................................................... 462
Layer 2 Isolation .................................................................................................................................. 467
DNS Inbound LB .................................................................................................................................. 471
Web Authentication .......................................................................................................................... 477
Hotspot ................................................................................................................................................ 509
Printer Manager .................................................................................................................................. 527
Free Time ............................................................................................................................................. 539
SMS ....................................................................................................................................................... 544
IPnP ....................................................................................................................................................... 546
Walled Garden ................................................................................................................................... 549
Advertisement Screen ....................................................................................................................... 555
Security Policy ..................................................................................................................................... 558
Cloud CNM ....................................................................................................................................... 584
Amazon VPC ...................................................................................................................................... 591
IPSec VPN ............................................................................................................................................ 593
SSL VPN ................................................................................................................................................ 629
SSL User Screens .................................................................................................................................. 640
Zyxel Device SecuExtender (Windows) ............................................................................................653
L2TP VPN .............................................................................................................................................. 657
BWM (Bandwidth Management) ..................................................................................................662
Application Patrol ............................................................................................................................... 677
Content Filtering ................................................................................................................................. 683
Contents Overview
ZyWALL VPN/USG Series User’s Guide
6
IDP ........................................................................................................................................................ 703
Anti-Virus .............................................................................................................................................. 729
Anti-Spam ............................................................................................................................................ 740
SSL Inspection ...................................................................................................................................... 759
Device HA ........................................................................................................................................... 769
Object .................................................................................................................................................. 789
System .................................................................................................................................................. 892
Log and Report ................................................................................................................................... 946
File Manager ....................................................................................................................................... 964
Diagnostics ......................................................................................................................................... 978
Packet Flow Explore .......................................................................................................................... 996
Shutdown ........................................................................................................................................... 1004
Troubleshooting ................................................................................................................................ 1006
Table of Contents
ZyWALL VPN/USG Series User’s Guide
7
Table of Contents
Document Conventions ......................................................................................................................3
Contents Overview .............................................................................................................................5
Table of Contents.................................................................................................................................7
Part I: User’s Guide..........................................................................................28
Chapter 1
Introduction ........................................................................................................................................29
1.1 Overview ......................................................................................................................................... 29
1.2 Registration at myZyxel .................................................................................................................. 31
1.2.1 Grace Period ......................................................................................................................... 31
1.2.2 Applications ........................................................................................................................... 32
1.3 Management Overview ................................................................................................................ 34
1.4 Web Configurator ........................................................................................................................... 36
1.4.1 Web Configurator Access .................................................................................................... 36
1.4.2 Web Configurator Screens Overview ................................................................................. 39
1.4.3 Navigation Panel .................................................................................................................. 43
1.4.4 Tables and Lists ...................................................................................................................... 51
Chapter 2
Initial Setup Wizard.............................................................................................................................55
2.1 Initial Setup Wizard Screens .......................................................................................................... 55
2.1.1 Internet Access Setup - WAN Interface ............................................................................. 56
2.1.2 Internet Access: Ethernet .................................................................................................... 56
2.1.3 Internet Access: PPPoE ......................................................................................................... 58
2.1.4 Internet Access: PPTP ........................................................................................................... 59
2.1.5 Internet Access: L2TP ............................................................................................................ 60
2.1.6 Internet Access Setup - Second WAN Interface ............................................................... 62
2.1.7 Internet Access: Congratulations ....................................................................................... 63
2.1.8 Date and Time Settings ........................................................................................................ 63
2.1.9 Register Device ..................................................................................................................... 64
2.1.10 Activate Service .................................................................................................................. 65
2.1.11 Wireless Settings: AP Controller ......................................................................................... 66
2.1.12 Wireless Settings: SSID & Security ...................................................................................... 67
2.1.13 Remote Management ......................................................................................................68
Table of Contents
ZyWALL VPN/USG Series User’s Guide
8
Chapter 3
Hardware, Interfaces and Zones......................................................................................................70
3.1 Hardware Overview ....................................................................................................................... 70
3.1.1 Front Panels ............................................................................................................................ 70
3.1.2 Rear Panels ............................................................................................................................ 75
3.2 Mounting ......................................................................................................................................... 77
3.2.1 Rack-mounting ...................................................................................................................... 77
3.2.2 USG2200-VPN Rack Mounting ............................................................................................. 78
3.2.3 Wall-mounting ....................................................................................................................... 82
3.2.4 USG20-VPN, USG20W-VPN, VPN50, USG40, USG40W, USG60, USG60W Wall-mounting 82
3.3 Default Zones, Interfaces, and Ports ............................................................................................ 84
3.4 Stopping the Zyxel Device ............................................................................................................ 86
Chapter 4
Easy Mode..........................................................................................................................................87
4.1 Overview ........................................................................................................................................ 87
4.1.1 Wizards and Links .................................................................................................................. 87
4.1.2 Easy Mode Settings ............................................................................................................... 88
4.1.3 Easy Mode Dashboard ......................................................................................................... 89
4.2 Initial Setup Wizard - Language and Overview ........................................................................ 92
4.2.1 Initial Setup Wizard - Internet ........................................................................................... 93
4.2.2 Initial Setup Wizard - Internet Access Errors ..................................................................... 94
4.2.3 Initial Setup Wizard - Date and Time ................................................................................ 95
4.2.4 Initial Setup Wizard - Register Device .............................................................................. 96
4.2.5 Initial Setup Wizard - Activate Services ............................................................................ 97
4.2.6 Initial Setup Wizard - Wi-Fi .................................................................................................. 99
4.2.7 Initial Setup Wizard - Congratulations ............................................................................ 100
4.3 Initial Setup Wizard - Security Service ..................................................................................... 101
4.4 Initial Setup Wizard - Port Forwarding ....................................................................................... 103
4.5 Initial Setup Wizard - Guest LAN ............................................................................................... 104
4.5.1 Connecting AP Scenarios ..................................................................................................106
4.6 Initial Setup Wizard - Remote Management .......................................................................... 108
4.7 Initial Setup Wizard - VPN ........................................................................................................... 109
4.7.1 VPN Setup Wizard: Wizard Type ...................................................................................... 110
4.7.2 VPN Express Wizard - Scenario ......................................................................................... 110
4.7.3 VPN Express Wizard - Configuration ................................................................................ 112
4.7.4 VPN Express Wizard - Summary ........................................................................................ 113
4.7.5 VPN Express Wizard - Finish ............................................................................................... 113
4.7.6 VPN Advanced Wizard - Scenario .................................................................................. 114
4.7.7 VPN Advanced Wizard - Phase 1 Settings ..................................................................... 115
4.7.8 VPN Advanced Wizard - Phase 2 .................................................................................... 117
4.7.9 VPN Advanced Wizard - Summary ................................................................................. 118
4.7.10 VPN Advanced Wizard - Finish ...................................................................................... 119
Table of Contents
ZyWALL VPN/USG Series User’s Guide
9
4.8 VPN Settings for Configuration Provisioning Wizard: Wizard Type ......................................... 119
4.8.1 Configuration Provisioning Express Wizard - VPN Settings ............................................ 120
4.8.2 Configuration Provisioning VPN Express Wizard - Configuration ................................. 121
4.8.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ..................... 122
4.8.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 123
4.8.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................ 124
4.8.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 125
4.8.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 ................. 126
4.8.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ............... 127
4.8.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish ....................... 129
4.9 VPN Settings for L2TP VPN Settings Wizard ............................................................................... 130
4.9.1 L2TP VPN Settings 1 ............................................................................................................. 131
4.9.2 L2TP VPN Settings 2 ............................................................................................................ 132
4.9.3 VPN Settings for L2TP VPN Setting Wizard - Summary ................................................... 133
4.9.4 VPN Settings for L2TP VPN Setting Wizard Completed .................................................. 134
4.10 Port Forwarding ......................................................................................................................... 135
4.10.1 Port Forwarding > Add Client ........................................................................................ 136
4.10.2 Port Forwarding > Add Service ...................................................................................... 136
4.10.3 Port Forwarding > UPnP .................................................................................................. 136
4.11 Wi-Fi and Guest Network Wizard ........................................................................................... 138
4.11.1 Guest LAN (Wired Network) ........................................................................................... 139
4.11.2 Connecting AP Scenarios ................................................................................................ 140
4.12 Security Service Wizard .......................................................................................................... 141
4.12.1 Security Service Wizard 2 - Content Filter Categories ............................................... 143
4.12.2 Security Service Wizard 3 - Websites ........................................................................... 145
4.12.3 Security Service Wizard 4 - Exemptions ...................................................................... 146
4.12.4 Security Service Wizard 5 - IDP/AV .............................................................................. 147
4.13 MyZyxel Portal ......................................................................................................................... 148
4.14 One Security Portal ................................................................................................................. 149
Chapter 5
Quick Setup Wizards........................................................................................................................151
5.1 Quick Setup Overview ................................................................................................................. 151
5.2 WAN Interface Quick Setup ........................................................................................................ 152
5.2.1 Choose an Ethernet Interface ........................................................................................... 152
5.2.2 Select WAN Type ................................................................................................................. 153
5.2.3 Configure WAN IP Settings ................................................................................................. 153
5.2.4 ISP and WAN and ISP Connection Settings ...................................................................... 154
5.2.5 Quick Setup Interface Wizard: Summary ......................................................................... 157
5.3 VPN Setup Wizard ......................................................................................................................... 158
5.3.1 Welcome .............................................................................................................................. 158
5.3.2 VPN Setup Wizard: Wizard Type ........................................................................................ 159
5.3.3 VPN Express Wizard - Scenario .......................................................................................... 160
Table of Contents
ZyWALL VPN/USG Series User’s Guide
10
5.3.4 VPN Express Wizard - Configuration ................................................................................. 161
5.3.5 VPN Express Wizard - Summary ......................................................................................... 162
5.3.6 VPN Express Wizard - Finish ................................................................................................ 163
5.3.7 VPN Advanced Wizard - Scenario ................................................................................... 163
5.3.8 VPN Advanced Wizard - Phase 1 Settings ...................................................................... 165
5.3.9 VPN Advanced Wizard - Phase 2 ..................................................................................... 166
5.3.10 VPN Advanced Wizard - Summary ................................................................................ 167
5.3.11 VPN Advanced Wizard - Finish ....................................................................................... 167
5.4 VPN Settings for Configuration Provisioning Wizard: Wizard Type ........................................... 168
5.4.1 Configuration Provisioning Express Wizard - VPN Settings ............................................. 169
5.4.2 Configuration Provisioning VPN Express Wizard - Configuration .................................. 170
5.4.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ...................... 171
5.4.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 172
5.4.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................. 173
5.4.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 174
5.4.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 .................. 175
5.4.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ................ 176
5.4.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish ........................ 178
5.5 VPN Settings for L2TP VPN Settings Wizard ................................................................................. 179
5.5.1 L2TP VPN Settings ................................................................................................................ 180
5.5.2 L2TP VPN Settings ................................................................................................................ 181
5.5.3 VPN Settings for L2TP VPN Setting Wizard - Summary .................................................... 182
5.5.4 VPN Settings for L2TP VPN Setting Wizard Completed ................................................... 183
Chapter 6
Dashboard........................................................................................................................................184
6.1 Overview ....................................................................................................................................... 184
6.1.1 What You Can Do in this Chapter ..................................................................................... 184
6.2 Main Dashboard Screen .............................................................................................................. 184
6.2.1 Device Information Screen ................................................................................................187
6.2.2 System Status Screen .......................................................................................................... 188
6.2.3 DHCP Table Screen ............................................................................................................. 189
6.2.4 Number of Login Users Screen ........................................................................................... 190
6.2.5 System Resources Screen ................................................................................................... 191
6.2.6 Extension Slot Screen .......................................................................................................... 192
6.2.7 Interface Status Summary Screen ..................................................................................... 192
6.2.8 Secured Service Status Screen .......................................................................................... 194
6.2.9 Content Filter Statistics Screen ........................................................................................... 194
6.2.10 Top 5 Viruses Screen ......................................................................................................... 195
6.2.11 Top 5 Intrusions Screen ..................................................................................................... 196
6.2.12 Top 5 IPv4/IPv6 Security Policy Rules that Blocked Traffic Screen ............................... 196
6.2.13 The Latest Alert Logs Screen ............................................................................................197
6.3 VPN Screen .................................................................................................................................... 197
Table of Contents
ZyWALL VPN/USG Series User’s Guide
11
Part II: Technical Reference.........................................................................199
Chapter 7
Monitor..............................................................................................................................................200
7.1 Overview ....................................................................................................................................... 200
7.1.1 What You Can Do in this Chapter ..................................................................................... 200
7.2 The Port Statistics Screen ............................................................................................................ 202
7.2.1 The Port Statistics Graph Screen ....................................................................................... 203
7.3 Interface Status Screen ................................................................................................................ 204
7.4 The Traffic Statistics Screen .......................................................................................................... 208
7.5 The Session Monitor Screen ........................................................................................................ 211
7.6 IGMP Statistics ............................................................................................................................... 213
7.7 The DDNS Status Screen ............................................................................................................... 214
7.8 IP/MAC Binding ............................................................................................................................. 214
7.9 The Login Users Screen ................................................................................................................ 215
7.10 The Dynamic Guest Screen ...................................................................................................... 216
7.11 Cellular Status Screen ................................................................................................................ 218
7.11.1 More Information .............................................................................................................. 220
7.12 The UPnP Port Status Screen ..................................................................................................... 221
7.13 USB Storage Screen .................................................................................................................... 222
7.14 Ethernet Neighbor Screen ........................................................................................................ 223
7.15 FQDN Object Screen ................................................................................................................ 224
7.16 AP Information: AP List ............................................................................................................... 226
7.16.1 AP List: More Information ................................................................................................ 228
7.16.2 AP List: Config AP ............................................................................................................. 231
7.17 AP Information: Radio List .......................................................................................................... 232
7.17.1 Radio List: More Information ............................................................................................234
7.18 AP Information: Top N APs ........................................................................................................ 235
7.19 AP Information: Single AP .......................................................................................................... 237
7.20 ZyMesh ......................................................................................................................................... 238
7.21 SSID Info ....................................................................................................................................... 238
7.22 Station Info: Station List .............................................................................................................. 239
7.23 Station Info: Top N Stations ........................................................................................................ 240
7.24 Station Info: Single Station ......................................................................................................... 241
7.25 Detected Device ....................................................................................................................... 242
7.26 The Printer Status Screen ........................................................................................................... 243
7.27 The IPSec Screen ........................................................................................................................ 243
7.28 The SSL Screen ............................................................................................................................. 245
7.29 The L2TP over IPSec Screen ....................................................................................................... 246
7.30 The App Patrol Screen ............................................................................................................... 246
7.31 The Content Filter Screen .......................................................................................................... 247
7.32 The IDP Screen ............................................................................................................................ 249
7.33 The Anti-Virus Screen .................................................................................................................. 251
Table of Contents
ZyWALL VPN/USG Series User’s Guide
12
7.34 The Anti-Spam Screens .............................................................................................................. 253
7.34.1 Anti-Spam Summary ......................................................................................................... 253
7.34.2 The Anti-Spam Status Screen ........................................................................................... 255
7.35 The SSL Inspection Screens ........................................................................................................ 257
7.35.1 Certificate Cache List ....................................................................................................... 258
7.36 Log Screens ................................................................................................................................. 259
7.36.1 View Log ............................................................................................................................ 259
7.36.2 View AP Log ....................................................................................................................... 261
7.36.3 Dynamic Users Log ............................................................................................................ 263
Chapter 8
Licensing...........................................................................................................................................265
8.1 Registration Overview .................................................................................................................. 265
8.1.1 What you Need to Know ....................................................................................................265
8.1.2 Registration Screen ............................................................................................................. 265
8.1.3 Service Screen ..................................................................................................................... 266
8.2 Signature Update ......................................................................................................................... 268
8.2.1 What you Need to Know ....................................................................................................268
8.2.2 The Anti-Virus Update Screen ............................................................................................ 268
8.2.3 The IDP/AppPatrol Update Screen ................................................................................... 270
Chapter 9
Wireless.............................................................................................................................................272
9.1 Overview ....................................................................................................................................... 272
9.1.1 What You Can Do in this Chapter ..................................................................................... 272
9.2 Controller Screen ......................................................................................................................... 272
9.3 AP Management Screens ........................................................................................................... 273
9.3.1 Mgnt. AP List ....................................................................................................................... 273
9.3.2 AP Policy .............................................................................................................................. 277
9.3.3 AP Group ............................................................................................................................. 278
9.3.4 Firmware ............................................................................................................................... 285
9.4 MON Mode ................................................................................................................................... 287
9.4.1 Add/Edit Rogue/Friendly List .............................................................................................. 289
9.5 Auto Healing ................................................................................................................................. 290
9.6 RTLS Overview ............................................................................................................................... 290
9.6.1 What You Can Do in this Chapter ..................................................................................... 291
9.6.2 Before You Begin ................................................................................................................. 291
9.6.3 Configuring RTLS .................................................................................................................. 292
9.7 Technical Reference .................................................................................................................... 293
9.7.1 Dynamic Channel Selection .............................................................................................. 293
9.7.2 Load Balancing ................................................................................................................... 294
Chapter 10
Interfaces..........................................................................................................................................296
Table of Contents
ZyWALL VPN/USG Series User’s Guide
13
10.1 Interface Overview .................................................................................................................... 296
10.1.1 What You Can Do in this Chapter ................................................................................... 296
10.1.2 What You Need to Know ................................................................................................. 297
10.1.3 What You Need to Do First ...............................................................................................301
10.2 Port Role ....................................................................................................................................... 301
10.3 Port Group ................................................................................................................................... 302
10.4 Ethernet Summary Screen ......................................................................................................... 303
10.4.1 Ethernet Edit ...................................................................................................................... 305
10.4.2 Proxy ARP ........................................................................................................................... 321
10.4.3 Virtual Interfaces .............................................................................................................. 322
10.4.4 Object References ............................................................................................................ 324
10.4.5 Add/Edit DHCPv6 Request/Release Options ................................................................. 324
10.4.6 Add/Edit DHCP Extended Options ................................................................................. 325
10.5 PPP Interfaces ............................................................................................................................. 327
10.5.1 PPP Interface Summary .................................................................................................... 327
10.5.2 PPP Interface Add or Edit ................................................................................................ 329
10.6 Cellular Configuration Screen ................................................................................................... 333
10.6.1 Cellular Choose Slot ......................................................................................................... 336
10.6.2 Add / Edit Cellular Configuration .................................................................................... 336
10.7 Tunnel Interfaces ........................................................................................................................ 342
10.7.1 Configuring a Tunnel ........................................................................................................ 344
10.7.2 Tunnel Add or Edit Screen ................................................................................................ 345
10.8 VLAN Interfaces ......................................................................................................................... 348
10.8.1 VLAN Summary Screen .....................................................................................................350
10.8.2 VLAN Add/Edit ................................................................................................................. 351
10.9 Bridge Interfaces ........................................................................................................................ 362
10.9.1 Bridge Summary ................................................................................................................ 364
10.9.2 Bridge Add/Edit ................................................................................................................ 365
10.10 LAG ............................................................................................................................................ 374
10.10.1 LAG Summary Screen .....................................................................................................375
10.10.2 LAG Add/Edit ................................................................................................................. 376
10.11 VTI ............................................................................................................................................... 382
10.11.1 Restrictions for IPSec Virtual Tunnel Interface .............................................................. 382
10.11.2 VTI Screen ........................................................................................................................ 382
10.11.3 VTI Add/Edit ..................................................................................................................... 383
10.12 Trunk Overview ......................................................................................................................... 386
10.12.1 What You Need to Know ............................................................................................... 387
10.13 The Trunk Summary Screen ...................................................................................................... 390
10.13.1 Configuring a User-Defined Trunk ................................................................................. 391
10.13.2 Configuring the System Default Trunk .......................................................................... 393
10.14 Interface Technical Reference ............................................................................................... 394
Chapter 11
Routing..............................................................................................................................................399
Table of Contents
ZyWALL VPN/USG Series User’s Guide
14
11.1 Policy and Static Routes Overview ........................................................................................... 399
11.1.1 What You Can Do in this Chapter ................................................................................... 399
11.1.2 What You Need to Know ................................................................................................ 400
11.2 Policy Route Screen ................................................................................................................... 401
11.2.1 Policy Route Edit Screen .................................................................................................. 404
11.3 IP Static Route Screen ................................................................................................................ 408
11.3.1 Static Route Add/Edit Screen .......................................................................................... 408
11.4 Policy Routing Technical Reference ........................................................................................410
11.5 Routing Protocols Overview ..................................................................................................... 410
11.5.1 What You Need to Know ................................................................................................. 411
11.6 The RIP Screen ............................................................................................................................. 411
11.7 The OSPF Screen ......................................................................................................................... 413
11.7.1 Configuring the OSPF Screen .......................................................................................... 416
11.7.2 OSPF Area Add/Edit Screen ........................................................................................... 417
11.7.3 Virtual Link Add/Edit Screen ...........................................................................................419
11.8 BGP (Border Gateway Protocol) .............................................................................................. 420
11.8.1 Allow BGP Packets to Enter the Zyxel Device ................................................................ 421
11.8.2 Configuring the BGP Screen ............................................................................................ 421
11.8.3 The BGP Neighbors Screen .............................................................................................. 423
11.8.4 Example Scenario ............................................................................................................. 424
Chapter 12
DDNS ...............................................................................................................................................426
12.1 DDNS Overview ........................................................................................................................... 426
12.1.1 What You Can Do in this Chapter ................................................................................... 426
12.1.2 What You Need to Know ................................................................................................. 426
12.2 The DDNS Screen ........................................................................................................................ 427
12.2.1 The Dynamic DNS Add/Edit Screen ................................................................................ 428
Chapter 13
NAT....................................................................................................................................................432
13.1 NAT Overview ............................................................................................................................. 432
13.1.1 What You Can Do in this Chapter ................................................................................... 432
13.1.2 What You Need to Know ................................................................................................. 432
13.2 The NAT Screen ........................................................................................................................... 432
13.2.1 The NAT Add/Edit Screen .................................................................................................434
13.3 NAT Technical Reference .......................................................................................................... 437
Chapter 14
Redirect Service...............................................................................................................................439
14.1 Overview ..................................................................................................................................... 439
14.1.1 HTTP Redirect ..................................................................................................................... 439
14.1.2 SMTP Redirect .................................................................................................................... 439
Table of Contents
ZyWALL VPN/USG Series User’s Guide
15
14.1.3 What You Can Do in this Chapter ................................................................................... 440
14.1.4 What You Need to Know ................................................................................................. 440
14.2 The Redirect Service Screen ..................................................................................................... 442
14.2.1 The Redirect Service Edit Screen ..................................................................................... 443
Chapter 15
...........................................................................................................................................................445
ALG....................................................................................................................................................445
15.1 ALG Overview ............................................................................................................................. 445
15.1.1 What You Need to Know ................................................................................................. 446
15.1.2 Before You Begin ............................................................................................................... 448
15.2 The ALG Screen .......................................................................................................................... 448
15.3 ALG Technical Reference ......................................................................................................... 451
Chapter 16
UPnP...................................................................................................................................................453
16.1 UPnP and NAT-PMP Overview ................................................................................................... 453
16.2 What You Need to Know ........................................................................................................... 453
16.2.1 NAT Traversal ..................................................................................................................... 453
16.2.2 Cautions with UPnP and NAT-PMP .................................................................................. 454
16.3 UPnP Screen ................................................................................................................................ 454
16.4 Technical Reference .................................................................................................................. 455
16.4.1 Turning on UPnP in Windows 7 Example ......................................................................... 455
16.4.2 Using UPnP in Windows XP Example ................................................................................ 457
16.4.3 Web Configurator Easy Access ....................................................................................... 459
Chapter 17
IP/MAC Binding................................................................................................................................462
17.1 IP/MAC Binding Overview ......................................................................................................... 462
17.1.1 What You Can Do in this Chapter ................................................................................... 462
17.1.2 What You Need to Know ................................................................................................. 462
17.2 IP/MAC Binding Summary ......................................................................................................... 463
17.2.1 IP/MAC Binding Edit .......................................................................................................... 463
17.2.2 Static DHCP Edit ................................................................................................................ 464
17.3 IP/MAC Binding Exempt List ....................................................................................................... 465
Chapter 18
Layer 2 Isolation...............................................................................................................................467
18.1 Overview ..................................................................................................................................... 467
18.1.1 What You Can Do in this Chapter ................................................................................... 467
18.2 Layer-2 Isolation General Screen ............................................................................................. 467
18.3 White List Screen ......................................................................................................................... 468
Table of Contents
ZyWALL VPN/USG Series User’s Guide
16
18.3.1 Add/Edit White List Rule ................................................................................................... 469
Chapter 19
DNS Inbound LB................................................................................................................................471
19.1 DNS Inbound Load Balancing Overview ................................................................................. 471
19.1.1 What You Can Do in this Chapter ................................................................................... 471
19.2 The DNS Inbound LB Screen ...................................................................................................... 472
19.2.1 The DNS Inbound LB Add/Edit Screen ............................................................................ 473
19.2.2 The DNS Inbound LB Add/Edit Member Screen ............................................................ 475
Chapter 20
Web Authentication ........................................................................................................................477
20.1 Web Auth Overview ................................................................................................................... 477
20.1.1 What You Can Do in this Chapter ................................................................................... 477
20.1.2 What You Need to Know ................................................................................................. 478
20.2 Web Authentication General Screen ...................................................................................... 478
20.2.1 User-aware Access Control Example ............................................................................. 483
20.2.2 Authentication Type Screen ............................................................................................ 488
20.2.3 Custom Web Portal / User Agreement File Screen ....................................................... 492
20.2.4 Facebook Wi-Fi Screen ..................................................................................................... 494
20.3 SSO Overview .............................................................................................................................. 497
20.4 SSO - Zyxel Device Configuration ............................................................................................. 499
20.4.1 Configuration Overview ................................................................................................... 499
20.4.2 Configure the Zyxel Device to Communicate with SSO .............................................. 499
20.4.3 Enable Web Authentication ............................................................................................ 500
20.4.4 Create a Security Policy ................................................................................................... 501
20.4.5 Configure User Information ..............................................................................................502
20.4.6 Configure an Authentication Method ........................................................................... 503
20.4.7 Configure Active Directory ..............................................................................................504
20.5 SSO Agent Configuration .......................................................................................................... 505
Chapter 21
Hotspot..............................................................................................................................................509
21.1 Overview ..................................................................................................................................... 509
21.2 Billing Overview ........................................................................................................................... 509
21.2.1 What You Need to Know ................................................................................................. 509
21.3 The Billing > General Screen ...................................................................................................... 510
21.4 The Billing > Billing Profile Screen ............................................................................................... 512
21.4.1 The Account Generator Screen ...................................................................................... 513
21.4.2 The Account Redeem Screen ......................................................................................... 516
21.4.3 The Billing Profile Add/Edit Screen ................................................................................... 518
21.5 The Billing > Discount Screen ..................................................................................................... 519
21.5.1 The Discount Add/Edit Screen ......................................................................................... 521
Table of Contents
ZyWALL VPN/USG Series User’s Guide
17
21.6 The Billing > Payment Service Screen ....................................................................................... 521
21.6.1 The Payment Service > Desktop / Mobile View Screen ............................................... 523
Chapter 22
Printer Manager ...............................................................................................................................527
22.1 Printer Manager Overview ........................................................................................................ 527
22.1.1 What You Can Do in this Chapter ................................................................................... 527
22.2 The Printer Manager > General Screen ................................................................................... 527
22.2.1 Add Printer Rule ................................................................................................................. 530
22.2.2 Edit Printer Rule .................................................................................................................. 530
22.2.3 Discover Printer ................................................................................................................. 531
22.2.4 Edit Printer Manager (Discover Printer) .......................................................................... 533
22.3 The Printout Configuration Screen ............................................................................................ 534
22.4 Printer Reports Overview ........................................................................................................... 535
22.4.1 Key Combinations ............................................................................................................. 535
22.4.2 Daily Account Summary .................................................................................................. 535
22.4.3 Monthly Account Summary ............................................................................................. 536
22.4.4 Account Report Notes ..................................................................................................... 536
22.4.5 System Status ..................................................................................................................... 537
Chapter 23
Free Time...........................................................................................................................................539
23.1 Free Time Overview .................................................................................................................... 539
23.1.1 What You Can Do in this Chapter ................................................................................... 539
23.2 The Free Time Screen ................................................................................................................. 539
Chapter 24
SMS....................................................................................................................................................544
24.1 SMS Overview ........................................................................................................................... 544
24.1.1 What You Can Do in this Chapter ................................................................................... 544
24.2 The SMS Screen ........................................................................................................................... 544
Chapter 25
IPnP....................................................................................................................................................546
25.1 IPnP Overview ............................................................................................................................ 546
25.1.1 What You Can Do in this Chapter ................................................................................... 547
25.2 IPnP Screen .................................................................................................................................. 547
Chapter 26
Walled Garden.................................................................................................................................549
26.1 Walled Garden Overview ........................................................................................................ 549
26.2 Walled Garden > General Screen ........................................................................................... 549
26.3 Walled Garden > URL Base Screen .......................................................................................... 550
Table of Contents
ZyWALL VPN/USG Series User’s Guide
18
26.3.1 Adding/Editing a Walled Garden URL ........................................................................... 551
26.4 Walled Garden > Domain/IP Base Screen .............................................................................. 552
26.4.1 Adding/Editing a Walled Garden Domain or IP ........................................................... 553
26.4.2 Walled Garden Login Example ....................................................................................... 554
Chapter 27
Advertisement Screen.....................................................................................................................555
27.1 Advertisement Overview ........................................................................................................... 555
27.1.1 Adding/Editing an Advertisement URL .......................................................................... 556
Chapter 28
Security Policy..................................................................................................................................558
28.1 Overview ..................................................................................................................................... 558
28.2 One Security ................................................................................................................................ 559
28.3 What You Can Do in this Chapter ............................................................................................ 562
28.3.1 What You Need to Know ................................................................................................. 563
28.4 The Security Policy Screen ......................................................................................................... 564
28.4.1 Configuring the Security Policy Control Screen ............................................................ 565
28.4.2 The Security Policy Control Add/Edit Screen ................................................................. 568
28.5 Anomaly Detection and Prevention Overview ...................................................................... 570
28.5.1 The Anomaly Detection and Prevention General Screen ........................................... 571
28.5.2 Creating New ADP Profiles ..............................................................................................572
28.5.3 Traffic Anomaly Profiles ................................................................................................... 573
28.5.4 Protocol Anomaly Profiles ................................................................................................ 576
28.6 The Session Control Screen ........................................................................................................ 579
28.6.1 The Session Control Add/Edit Screen .............................................................................. 580
28.7 Security Policy Example Applications ......................................................................................581
Chapter 29
Cloud CNM.....................................................................................................................................584
29.1 Cloud CNM Overview ................................................................................................................ 584
29.1.1 What You Can Do in this Chapter ................................................................................... 584
29.2 Cloud CNM SecuManager ........................................................................................................ 584
29.3 Cloud CNM SecuReporter ......................................................................................................... 587
Chapter 30
Amazon VPC ...................................................................................................................................591
30.1 Overview ..................................................................................................................................... 591
30.2 Amazon VPC Configuration Process ........................................................................................ 591
Chapter 31
IPSec VPN .........................................................................................................................................593
31.1 Virtual Private Networks (VPN) Overview ................................................................................. 593
Table of Contents
ZyWALL VPN/USG Series User’s Guide
19
31.1.1 What You Can Do in this Chapter ................................................................................... 595
31.1.2 What You Need to Know ................................................................................................. 595
31.1.3 Before You Begin ............................................................................................................... 598
31.2 The VPN Connection Screen ..................................................................................................... 598
31.2.1 The VPN Connection Add/Edit Screen .......................................................................... 600
31.3 The VPN Gateway Screen ......................................................................................................... 607
31.3.1 The VPN Gateway Add/Edit Screen ............................................................................... 608
31.4 VPN Concentrator ..................................................................................................................... 615
31.4.1 VPN Concentrator Requirements and Suggestions ...................................................... 615
31.4.2 VPN Concentrator Screen ............................................................................................... 616
31.4.3 The VPN Concentrator Add/Edit Screen ........................................................................ 616
31.5 Zyxel Device IPSec VPN Client Configuration Provisioning .................................................... 617
31.6 IPSec VPN Background Information ......................................................................................... 619
Chapter 32
SSL VPN..............................................................................................................................................629
32.1 Overview ..................................................................................................................................... 629
32.1.1 What You Can Do in this Chapter ................................................................................... 629
32.1.2 What You Need to Know ................................................................................................. 629
32.2 The SSL Access Privilege Screen ................................................................................................ 630
32.2.1 The SSL Access Privilege Policy Add/Edit Screen ......................................................... 631
32.3 The SSL Global Setting Screen ................................................................................................... 634
32.3.1 How to Upload a Custom Logo ...................................................................................... 635
32.4 Zyxel Device SecuExtender ....................................................................................................... 636
32.4.1 Example: Configure Zyxel Device for SecuExtender ..................................................... 637
Chapter 33
SSL User Screens...............................................................................................................................640
33.1 Overview ..................................................................................................................................... 640
33.1.1 What You Need to Know ................................................................................................. 640
33.2 Remote SSL User Login ............................................................................................................... 641
33.3 The SSL VPN User Screens ........................................................................................................... 644
33.4 Bookmarking the Zyxel Device .................................................................................................. 645
33.5 Logging Out of the SSL VPN User Screens ................................................................................ 646
33.6 SSL User Application Screen ...................................................................................................... 646
33.7 SSL User File Sharing .................................................................................................................... 647
33.7.1 The Main File Sharing Screen ........................................................................................... 647
33.7.2 Opening a File or Folder ................................................................................................... 648
33.7.3 Downloading a File ........................................................................................................... 649
33.7.4 Saving a File ....................................................................................................................... 649
33.7.5 Creating a New Folder ..................................................................................................... 650
33.7.6 Renaming a File or Folder ................................................................................................ 650
33.7.7 Deleting a File or Folder .................................................................................................... 651
Table of Contents
ZyWALL VPN/USG Series User’s Guide
20
33.7.8 Uploading a File ................................................................................................................ 651
Chapter 34
Zyxel Device SecuExtender (Windows).........................................................................................653
34.1 The Zyxel Device SecuExtender Icon ....................................................................................... 653
34.2 Status ............................................................................................................................................ 653
34.3 View Log ...................................................................................................................................... 654
34.4 Suspend and Resume the Connection ................................................................................... 655
34.5 Stop the Connection ................................................................................................................. 655
34.6 Uninstalling the Zyxel Device SecuExtender ............................................................................ 655
Chapter 35
L2TP VPN............................................................................................................................................657
35.1 Overview ..................................................................................................................................... 657
35.1.1 What You Can Do in this Chapter ................................................................................... 657
35.1.2 What You Need to Know ................................................................................................. 657
35.2 L2TP VPN Screen ......................................................................................................................... 658
35.2.1 Example: L2TP and Zyxel Device Behind a NAT Router ................................................ 660
Chapter 36
BWM (Bandwidth Management) .................................................................................................662
36.1 Overview ..................................................................................................................................... 662
36.1.1 What You Can Do in this Chapter ................................................................................... 662
36.1.2 What You Need to Know ................................................................................................ 662
36.2 The Bandwidth Management Configuration .......................................................................... 666
36.2.1 The Bandwidth Management Add/Edit Screen ............................................................ 669
Chapter 37
Application Patrol............................................................................................................................677
37.1 Overview ..................................................................................................................................... 677
37.1.1 What You Can Do in this Chapter ................................................................................... 677
37.1.2 What You Need to Know ................................................................................................ 677
37.2 Application Patrol Profile ........................................................................................................... 678
37.2.1 The Application Patrol Profile Add/Edit Screen ............................................................. 680
37.2.2 The Application Patrol Profile Rule Add Application Screen ....................................... 681
Chapter 38
Content Filtering...............................................................................................................................683
38.1 Overview ..................................................................................................................................... 683
38.1.1 What You Can Do in this Chapter ................................................................................... 683
38.1.2 What You Need to Know ................................................................................................. 683
38.1.3 Before You Begin ............................................................................................................... 685
38.2 Content Filter Profile Screen ...................................................................................................... 685
Table of Contents
ZyWALL VPN/USG Series User’s Guide
21
38.2.1 Content Filter Add Profile Category Service .................................................................. 687
38.2.2 Content Filter Add Filter Profile Custom Service ........................................................... 695
38.3 Content Filter Trusted Web Sites Screen ................................................................................. 698
38.4 Content Filter Forbidden Web Sites Screen ............................................................................ 699
38.5 Content Filter Technical Reference ......................................................................................... 700
Chapter 39
IDP .....................................................................................................................................................703
39.1 Overview ..................................................................................................................................... 703
39.1.1 What You Can Do in this Chapter ................................................................................... 703
39.1.2 What You Need To Know ................................................................................................. 703
39.1.3 Before You Begin ............................................................................................................... 703
39.2 The IDP Profile Screen ................................................................................................................. 704
39.2.1 Base Profiles ....................................................................................................................... 705
39.2.2 Adding / Editing Profiles .................................................................................................. 706
39.2.3 Profile > Group View Screen ............................................................................................ 707
39.2.4 Add Profile > Query View ................................................................................................ 710
39.2.5 Query Example .................................................................................................................. 714
39.3 IDP Custom Signatures .............................................................................................................. 715
39.3.1 Add / Edit Custom Signatures ......................................................................................... 718
39.3.2 Custom Signature Example ............................................................................................. 722
39.3.3 Applying Custom Signatures ............................................................................................ 724
39.3.4 Verifying Custom Signatures ............................................................................................ 724
39.4 IDP Technical Reference ........................................................................................................... 725
Chapter 40
Anti-Virus...........................................................................................................................................729
40.1 Overview ..................................................................................................................................... 729
40.1.1 What You Can Do in this Chapter ................................................................................... 729
40.1.2 What You Need to Know ................................................................................................. 730
40.2 Anti-Virus Profile Screen ............................................................................................................. 731
40.2.1 Anti-Virus Profile Add or Edit ............................................................................................. 733
40.3 Anti-Virus Black List ...................................................................................................................... 735
40.3.1 Anti-Virus Black List or White List Add/Edit ...................................................................... 735
40.3.2 Anti-Virus White List ............................................................................................................ 736
40.4 AV Signature Searching ............................................................................................................. 737
40.5 Anti-Virus Technical Reference ................................................................................................. 738
Chapter 41
Anti-Spam.........................................................................................................................................740
41.1 Overview ..................................................................................................................................... 740
41.1.1 What You Can Do in this Chapter ................................................................................... 740
41.1.2 What You Need to Know ................................................................................................. 740
/