ZyXEL VPN300 User guide

Default Login Details

User’s Guide

ZyWALL USG/VPN

Series

LAN Port IP Address https://192.168.1.1

User Name admin

Password 1234

Version 4.60 Ed

ition 1, 10/2020

ZyWALL USG/VPN Series User’s Guide

2

IMPORTANT!

READ CAREFULLY BEFORE USE.

KEEP THIS GUIDE FOR FUTURE REFERENCE.

This is a User’s Guide for a series of products. Not all products support all firmware features. Screenshots

and graphics in this book may differ slightly from your product due to differences in product features or

web configurator brand style. Most screen shots in this guide come from the USG110 and USG60W.

Screen shots for other models may vary. Every effort has been made to ensure that the information in

this manual is accurate.

Note: The version number on the cover page refers to the Zyxel Device’s latest firmware

version to which this User’s Guide applies.

Related Documentation

•Quick Start Guide

The Quick Start Guide shows how to connect the Zyxel Device and access the Web Configurator

wizards. (See the wizard real time help for information on configuring each screen.) It also contains a

connection diagram and package contents list.

•CLI Reference Guide

The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the

Zyxel Device.

Note: It is recommended you use the Web Configurator to configure the Zyxel Device.

• Web Configurator Online Help

Click the help icon in any screen for help in configuring that screen and supplementary information.

•More Information

Go to https://businessforum.zyxel.com for product discussions.

•Go to support.zyxel.com to find other information on the Zyxel Device

.

ZyWALL USG/VPN Series User’s Guide

3

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this guide.

Warnings tell you about things that could harm you or your device.

Note: Notes tell you other important information (for example, other things you may need to

configure or helpful tips) or recommendations.

Syntax Conventions

• All models in this series may be referred to as the “Zyxel Device” in this guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Configuration >

Network > Interface > Ethernet means you first click Configuration in the navigation panel, then

Network, then the Interface sub menu and finally the Ethernet tab to get to that screen.

Icons Used in Figures

Figures in this user guide may use the following generic icons. The Zyxel Device icon is not an exact

representation of your device.

Zyxel Device Generic Router Wireless Router / Access Point

Switch Firewall Server

Internet Network Cloud Smartphone

USB Dongle

Contents Overview

ZyWALL USG/VPN Series User’s Guide

4

Contents Overview

Introduction ........................................................................................................................................... 29

Initial Setup Wizard ............................................................................................................................... 59

Hardware, Interfaces and Zones ........................................................................................................ 74

Easy Mode ............................................................................................................................................. 91

Quick Setup Wizards ........................................................................................................................... 158

Dashboard .......................................................................................................................................... 201

Monitor ................................................................................................................................................. 216

Licensing .............................................................................................................................................. 292

Wireless ................................................................................................................................................. 299

Interfaces ............................................................................................................................................. 329

Routing ................................................................................................................................................. 439

DDNS ................................................................................................................................................... 466

NAT ....................................................................................................................................................... 472

Redirect Service .................................................................................................................................. 491

ALG ....................................................................................................................................................... 497

UPnP ..................................................................................................................................................... 505

IP/MAC Binding ................................................................................................................................... 521

Layer 2 Isolation .................................................................................................................................. 526

DNS Inbound LB .................................................................................................................................. 530

Web Authentication .......................................................................................................................... 536

Hotspot ................................................................................................................................................ 570

Printer Manager .................................................................................................................................. 588

Free Time ............................................................................................................................................. 600

IPnP ....................................................................................................................................................... 605

Walled Garden ................................................................................................................................... 608

Advertisement Screen ....................................................................................................................... 614

Security Policy ..................................................................................................................................... 617

Cloud CNM ........................................................................................................................................ 643

Amazon VPC ...................................................................................................................................... 651

IPSec VPN ............................................................................................................................................ 653

SSL VPN ................................................................................................................................................ 689

SSL User Screens ................................................................................................................................. 697

Zyxel Device SecuExtender (Windows) ............................................................................................710

L2TP VPN .............................................................................................................................................. 714

BWM (Bandwidth Management) ..................................................................................................719

Application Patrol ............................................................................................................................... 734

Content Filtering ................................................................................................................................. 740

IDP ........................................................................................................................................................ 766

Anti-Virus .............................................................................................................................................. 791

Contents Overview

ZyWALL USG/VPN Series User’s Guide

5

Anti-Spam ............................................................................................................................................ 803

SSL Inspection ...................................................................................................................................... 820

Device HA ........................................................................................................................................... 830

Object .................................................................................................................................................. 846

System .................................................................................................................................................. 971

Log and Report ................................................................................................................................. 1032

File Manager ..................................................................................................................................... 1050

Diagnostics ....................................................................................................................................... 1066

Packet Flow Explore ........................................................................................................................ 1087

Shutdown/Reboot ............................................................................................................................ 1095

Troubleshooting ................................................................................................................................ 1098

Table of Contents

ZyWALL USG/VPN Series User’s Guide

6

Table of Contents

Document Conventions ......................................................................................................................3

Contents Overview .............................................................................................................................4

Table of Contents.................................................................................................................................6

Part I: User’s Guide..........................................................................................28

Chapter 1

Introduction ........................................................................................................................................29

1.1 Overview ......................................................................................................................................... 29

1.2 SD-WAN Mode ................................................................................................................................ 32

1.2.1 Switching to SD-WAN mode ................................................................................................ 33

1.3 Registration at myZyxel .................................................................................................................. 36

1.3.1 Grace Period ......................................................................................................................... 36

1.4 Applications .................................................................................................................................... 36

1.5 Management Overview ................................................................................................................ 39

1.6 Web Configurator ........................................................................................................................... 41

1.6.1 Web Configurator Access .................................................................................................... 42

1.6.2 Web Configurator Screens Overview ................................................................................. 45

1.6.3 Navigation Panel .................................................................................................................. 48

1.6.4 Tables and Lists ...................................................................................................................... 56

Chapter 2

Initial Setup Wizard.............................................................................................................................59

2.1 Initial Setup Wizard Screens .......................................................................................................... 59

2.1.1 Internet Access Setup - WAN Interface ............................................................................. 60

2.1.2 Internet Access: Ethernet .................................................................................................... 60

2.1.3 Internet Access: PPPoE ......................................................................................................... 62

2.1.4 Internet Access: PPTP ........................................................................................................... 63

2.1.5 Internet Access: L2TP ............................................................................................................ 65

2.1.6 Internet Access Setup - Second WAN Interface ............................................................... 66

2.1.7 Internet Access: Congratulations ....................................................................................... 67

2.1.8 Date and Time Settings ........................................................................................................ 67

2.1.9 Register Device ..................................................................................................................... 68

2.1.10 Activate Service .................................................................................................................. 69

2.1.11 Wireless Settings: AP Controller ......................................................................................... 70

2.1.12 Wireless Settings: SSID & Security ...................................................................................... 71

Table of Contents

ZyWALL USG/VPN Series User’s Guide

7

2.1.13 Remote Management ......................................................................................................72

Chapter 3

Hardware, Interfaces and Zones......................................................................................................74

3.1 Hardware Overview ....................................................................................................................... 74

3.1.1 Front Panels ............................................................................................................................ 74

3.1.2 Rear Panels ............................................................................................................................ 79

3.2 Installation Scenarios ...................................................................................................................... 81

3.2.1 Desk-mounting ...................................................................................................................... 81

3.2.2 Rack-mounting ...................................................................................................................... 82

3.2.3 USG2200-VPN/USG2200 Rack Mounting ............................................................................ 83

3.2.4 Wall-mounting ....................................................................................................................... 86

3.3 Default Zones, Interfaces, and Ports ............................................................................................ 88

3.4 Stopping the Zyxel Device ............................................................................................................ 90

Chapter 4

Easy Mode..........................................................................................................................................91

4.1 Overview ........................................................................................................................................ 91

4.1.1 Objects and Rules ................................................................................................................. 91

4.1.2 Wizards and Links .................................................................................................................. 92

4.1.3 Easy Mode Settings ............................................................................................................... 93

4.1.4 Easy Mode Dashboard ......................................................................................................... 94

4.2 Initial Setup Wizard - Language and Overview ........................................................................ 96

4.2.1 Initial Setup Wizard - Internet ........................................................................................... 98

4.2.2 Initial Setup Wizard - Internet Access Errors ..................................................................... 99

4.2.3 Initial Setup Wizard - Date and Time .............................................................................. 100

4.2.4 Initial Setup Wizard - Register Device ............................................................................ 101

4.2.5 Initial Setup Wizard - Activate Services .......................................................................... 103

4.2.6 Initial Setup Wizard - Wi-Fi ................................................................................................ 105

4.2.7 Initial Setup Wizard - Remote Management ................................................................ 105

4.2.8 Initial Setup Wizard - Congratulations ............................................................................ 107

4.3 Initial Setup Wizard - Security Service ..................................................................................... 108

4.4 Initial Setup Wizard - Port Forwarding ....................................................................................... 110

4.5 Initial Setup Wizard - Guest LAN ............................................................................................... 111

4.5.1 Connecting AP Scenarios ..................................................................................................113

4.6 Initial Setup Wizard - VPN ........................................................................................................... 115

4.6.1 VPN Setup Wizard: Wizard Type ...................................................................................... 116

4.6.2 VPN Express Wizard - Scenario ......................................................................................... 116

4.6.3 VPN Express Wizard - Configuration ................................................................................ 119

4.6.4 VPN Express Wizard - Summary ........................................................................................ 119

4.6.5 VPN Express Wizard - Finish ............................................................................................... 120

4.6.6 VPN Advanced Wizard - Scenario .................................................................................. 121

4.6.7 VPN Advanced Wizard - Phase 1 Settings ..................................................................... 122

Table of Contents

ZyWALL USG/VPN Series User’s Guide

8

4.6.8 VPN Advanced Wizard - Phase 2 .................................................................................... 123

4.6.9 VPN Advanced Wizard - Summary ................................................................................. 124

4.6.10 VPN Advanced Wizard - Finish ...................................................................................... 125

4.7 VPN Settings for Configuration Provisioning Wizard: Wizard Type ......................................... 126

4.7.1 Configuration Provisioning Express Wizard - VPN Settings ............................................ 127

4.7.2 Configuration Provisioning VPN Express Wizard - Configuration ................................. 128

4.7.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ..................... 129

4.7.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 130

4.7.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................ 131

4.7.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 132

4.7.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 ................. 133

4.7.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ............... 134

4.7.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish ....................... 137

4.8 VPN Settings for L2TP VPN Settings Wizard ............................................................................... 138

4.8.1 L2TP VPN Settings 1 ............................................................................................................. 138

4.8.2 L2TP VPN Settings 2 ............................................................................................................ 139

4.8.3 VPN Settings for L2TP VPN Setting Wizard - Summary ................................................... 140

4.8.4 VPN Settings for L2TP VPN Setting Wizard Completed .................................................. 141

4.9 Port Forwarding ........................................................................................................................... 142

4.9.1 Port Forwarding > Add Client .......................................................................................... 143

4.9.2 Port Forwarding > Add Service ........................................................................................ 143

4.9.3 Port Forwarding > UPnP .................................................................................................... 143

4.10 Wi-Fi and Guest Network Wizard ........................................................................................... 144

4.10.1 Guest LAN (Wired Network) ........................................................................................... 145

4.10.2 Connecting AP Scenarios ................................................................................................ 147

4.11 Security Service Wizard .......................................................................................................... 148

4.11.1 Security Service Wizard 2 - Content Filter Categories ............................................... 150

4.11.2 Security Service Wizard 3 - Websites ........................................................................... 152

4.11.3 Security Service Wizard 4 - Exemptions ...................................................................... 153

4.11.4 Security Service Wizard 5 - IDP/AV .............................................................................. 154

4.12 MyZyxel Portal ......................................................................................................................... 155

4.13 One Security Portal ................................................................................................................. 156

Chapter 5

Quick Setup Wizards........................................................................................................................158

5.1 Quick Setup Overview ................................................................................................................. 158

5.2 WAN Interface Quick Setup ........................................................................................................ 159

5.2.1 Choose an Ethernet Interface ........................................................................................... 159

5.2.2 Select WAN Type ................................................................................................................. 160

5.2.3 Configure WAN IP Settings ................................................................................................. 161

5.2.4 ISP and WAN and ISP Connection Settings ...................................................................... 162

5.2.5 Quick Setup Interface Wizard: Summary ......................................................................... 164

5.3 Remote Access VPN Setup Wizard .............................................................................................165

Table of Contents

ZyWALL USG/VPN Series User’s Guide

9

5.4 Remote Access VPN Setup- Scenario ........................................................................................ 166

5.4.1 Zyxel VPN Client- VPN Configuration ................................................................................ 166

5.4.2 Zyxel VPN Client- User Authentication .............................................................................. 168

5.4.3 Zyxel VPN Client- Summary ................................................................................................169

5.4.4 L2TP over IPSec Client-VPN Configuration ....................................................................... 170

5.4.5 L2TP over IPSec Client- User Authentication .................................................................... 172

5.4.6 L2TP over IPSec Client- Summary ...................................................................................... 173

5.4.7 L2TP over IPSec Client- Config Provision ........................................................................... 174

5.5 VPN Setup ...................................................................................................................................... 175

5.5.1 VPN Setup Wizard: Wizard Type ........................................................................................ 176

5.5.2 VPN Express Wizard - Scenario .......................................................................................... 177

5.5.3 VPN Express Wizard - Configuration ................................................................................. 178

5.5.4 VPN Express Wizard - Summary ......................................................................................... 178

5.5.5 VPN Express Wizard - Finish ................................................................................................ 179

5.5.6 VPN Advanced Wizard - Scenario ................................................................................... 180

5.5.7 VPN Advanced Wizard - Phase 1 Settings ...................................................................... 181

5.5.8 VPN Advanced Wizard - Phase 2 ..................................................................................... 182

5.5.9 VPN Advanced Wizard - Summary .................................................................................. 183

5.5.10 VPN Advanced Wizard - Finish ....................................................................................... 185

5.6 VPN Settings for Configuration Provisioning Wizard: Wizard Type ........................................... 185

5.6.1 Configuration Provisioning Express Wizard - VPN Settings ............................................. 186

5.6.2 Configuration Provisioning VPN Express Wizard - Configuration .................................. 187

5.6.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ...................... 188

5.6.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 189

5.6.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................. 190

5.6.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 191

5.6.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 .................. 192

5.6.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ................ 193

5.6.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish ........................ 195

5.7 VPN Settings for L2TP VPN Settings Wizard ................................................................................. 196

5.7.1 L2TP VPN Settings ................................................................................................................ 197

5.7.2 L2TP VPN Settings ................................................................................................................ 198

5.7.3 VPN Settings for L2TP VPN Setting Wizard - Summary .................................................... 199

5.7.4 VPN Settings for L2TP VPN Setting Wizard Completed ................................................... 200

Chapter 6

Dashboard........................................................................................................................................201

6.1 Overview ....................................................................................................................................... 201

6.1.1 What You Can Do in this Chapter ..................................................................................... 201

6.2 Main Dashboard Screen .............................................................................................................. 201

6.2.1 Device Information Screen ................................................................................................203

6.2.2 System Status Screen .......................................................................................................... 204

6.2.3 DHCP Table Screen ............................................................................................................. 205

Table of Contents

ZyWALL USG/VPN Series User’s Guide

10

6.2.4 Number of Login Users Screen ........................................................................................... 206

6.2.5 System Resources Screen ................................................................................................... 207

6.2.6 Extension Slot Screen .......................................................................................................... 208

6.2.7 Interface Status Summary Screen ..................................................................................... 209

6.2.8 Secured Service Status Screen .......................................................................................... 210

6.2.9 Content Filter Statistics Screen ........................................................................................... 211

6.2.10 Top 5 Viruses Screen ......................................................................................................... 211

6.2.11 Top 5 Intrusions Screen ..................................................................................................... 212

6.2.12 Top 5 IPv4/IPv6 Security Policy Rules that Blocked Traffic Screen ............................... 212

6.2.13 The Latest Alert Logs Screen ............................................................................................213

6.3 VPN Screen .................................................................................................................................... 213

Part II: Technical Reference.........................................................................215

Chapter 7

Monitor..............................................................................................................................................216

7.1 Overview ....................................................................................................................................... 216

7.1.1 What You Can Do in this Chapter ..................................................................................... 216

7.2 The Port Statistics Screen ............................................................................................................ 218

7.2.1 The Port Statistics Graph Screen ....................................................................................... 219

7.3 Interface Status Screen ................................................................................................................ 220

7.4 The Traffic Statistics Screen .......................................................................................................... 224

7.5 The Session Monitor Screen ........................................................................................................ 227

7.6 IGMP Statistics ............................................................................................................................... 229

7.7 The DDNS Status Screen ............................................................................................................... 230

7.8 IP/MAC Binding ............................................................................................................................. 230

7.9 The Login Users Screen ................................................................................................................ 231

7.10 The Dynamic Guest Screen ...................................................................................................... 232

7.11 Cellular Status Screen ................................................................................................................ 234

7.11.1 More Information .............................................................................................................. 236

7.12 The UPnP Port Status Screen ..................................................................................................... 237

7.13 USB Storage Screen .................................................................................................................... 238

7.14 Ethernet Neighbor Screen ........................................................................................................ 239

7.15 FQDN Object Screen ................................................................................................................ 240

7.16 Virtual Server Load Balancing .................................................................................................. 242

7.17 AP Information: AP List ............................................................................................................... 243

7.17.1 AP List: More Information ................................................................................................. 247

7.17.2 AP List: Config AP ............................................................................................................. 250

7.18 AP Information: Radio List .......................................................................................................... 253

7.18.1 Radio List: More Information ............................................................................................255

7.19 AP Information: Top N APs ........................................................................................................ 256

Table of Contents

ZyWALL USG/VPN Series User’s Guide

11

7.20 AP Information: Single AP .......................................................................................................... 258

7.21 ZyMesh ......................................................................................................................................... 259

7.22 SSID Info ....................................................................................................................................... 260

7.23 Station Info: Station List .............................................................................................................. 260

7.24 Station Info: Top N Stations ........................................................................................................ 262

7.25 Station Info: Single Station ......................................................................................................... 263

7.26 Detected Device ....................................................................................................................... 264

7.27 The Printer Status Screen ........................................................................................................... 265

7.28 The SecuDeployer Monitor Screen ...........................................................................................266

7.28.1 Device Information (for Zyxel Device Server) ............................................................... 267

7.28.2 Device Information (for Zyxel Device Client) ................................................................ 269

7.29 The IPSec Screen ........................................................................................................................ 270

7.30 The SSL Screen ............................................................................................................................. 272

7.31 The L2TP over IPSec Screen ....................................................................................................... 272

7.32 The App Patrol Screen ............................................................................................................... 273

7.33 The Content Filter Screen .......................................................................................................... 274

7.34 The IDP Screen ............................................................................................................................ 276

7.35 The Anti-Virus Screen .................................................................................................................. 278

7.36 The Anti-Spam Screens .............................................................................................................. 280

7.36.1 Anti-Spam Summary ......................................................................................................... 280

7.36.2 The Anti-Spam Status Screen ........................................................................................... 282

7.37 The SSL Inspection Screens ........................................................................................................ 283

7.37.1 Certificate Cache List ....................................................................................................... 285

7.38 Log Screens ................................................................................................................................. 286

7.38.1 View Log ............................................................................................................................ 286

7.38.2 View AP Log ....................................................................................................................... 288

7.38.3 Dynamic Users Log ............................................................................................................ 290

Chapter 8

Licensing...........................................................................................................................................292

8.1 Registration Overview .................................................................................................................. 292

8.1.1 What you Need to Know ....................................................................................................292

8.1.2 Registration Screen ............................................................................................................. 292

8.1.3 Service Screen ..................................................................................................................... 293

8.2 Signature Update ......................................................................................................................... 295

8.2.1 What you Need to Know ....................................................................................................295

8.2.2 The Anti-Virus Update Screen ............................................................................................ 295

8.2.3 The IDP/AppPatrol Update Screen ................................................................................... 296

Chapter 9

Wireless.............................................................................................................................................299

9.1 Overview ....................................................................................................................................... 299

9.1.1 What You Can Do in this Chapter ..................................................................................... 299

Table of Contents

ZyWALL USG/VPN Series User’s Guide

12

9.2 Controller Screen ......................................................................................................................... 299

9.3 AP Management Screens ........................................................................................................... 300

9.3.1 Mgnt. AP List ....................................................................................................................... 300

9.3.2 AP Policy .............................................................................................................................. 310

9.3.3 AP Group ............................................................................................................................. 312

9.3.4 Firmware ............................................................................................................................... 319

9.4 Rogue AP ....................................................................................................................................... 321

9.4.1 Add/Edit Rogue/Friendly List .............................................................................................. 323

9.5 Auto Healing ................................................................................................................................. 324

9.6 RTLS Overview ............................................................................................................................... 325

9.6.1 What You Can Do in this Chapter ..................................................................................... 325

9.6.2 Before You Begin ................................................................................................................. 325

9.6.3 Configuring RTLS .................................................................................................................. 326

9.7 Technical Reference .................................................................................................................... 327

9.7.1 Dynamic Channel Selection .............................................................................................. 327

9.7.2 Load Balancing ................................................................................................................... 328

Chapter 10

Interfaces..........................................................................................................................................329

10.1 Interface Overview .................................................................................................................... 329

10.1.1 What You Can Do in this Chapter ................................................................................... 329

10.1.2 What You Need to Know ................................................................................................. 330

10.1.3 What You Need to Do First ...............................................................................................334

10.2 Port Role ....................................................................................................................................... 334

10.3 Port Configuration ...................................................................................................................... 335

10.4 Ethernet Summary Screen ......................................................................................................... 336

10.4.1 Ethernet Edit ...................................................................................................................... 338

10.4.2 Proxy ARP ........................................................................................................................... 357

10.4.3 Virtual Interfaces .............................................................................................................. 359

10.4.4 References ......................................................................................................................... 360

10.4.5 Add/Edit DHCPv6 Request/Release Options ................................................................. 361

10.4.6 Add/Edit DHCP Extended Options ................................................................................. 361

10.5 PPP Interfaces ............................................................................................................................. 363

10.5.1 PPP Interface Summary .................................................................................................... 363

10.5.2 PPP Interface Add or Edit ................................................................................................ 365

10.6 Cellular Configuration Screen ................................................................................................... 369

10.6.1 Cellular Choose Slot ......................................................................................................... 373

10.6.2 Add / Edit Cellular Configuration .................................................................................... 373

10.7 Tunnel Interfaces ........................................................................................................................ 379

10.7.1 Configuring a Tunnel ........................................................................................................ 381

10.7.2 Tunnel Add or Edit Screen ................................................................................................ 382

10.8 VLAN Interfaces ......................................................................................................................... 386

10.8.1 VLAN Summary Screen .....................................................................................................387

Table of Contents

ZyWALL USG/VPN Series User’s Guide

13

10.8.2 VLAN Add/Edit ................................................................................................................. 389

10.9 Bridge Interfaces ........................................................................................................................ 401

10.9.1 Bridge Summary ................................................................................................................ 403

10.9.2 Bridge Add/Edit ................................................................................................................ 404

10.10 LAG ............................................................................................................................................ 415

10.10.1 LAG Summary Screen .....................................................................................................415

10.10.2 LAG Add/Edit ................................................................................................................. 417

10.11 VTI ............................................................................................................................................... 422

10.11.1 Restrictions for IPSec Virtual Tunnel Interface .............................................................. 422

10.11.2 VTI Screen ........................................................................................................................ 422

10.11.3 VTI Add/Edit ..................................................................................................................... 423

10.12 Trunk Overview ......................................................................................................................... 427

10.12.1 What You Need to Know ............................................................................................... 427

10.13 The Trunk Summary Screen ...................................................................................................... 430

10.13.1 Configuring a User-Defined Trunk ................................................................................. 431

10.13.2 Configuring the System Default Trunk .......................................................................... 433

10.14 Interface Technical Reference ............................................................................................... 434

Chapter 11

Routing..............................................................................................................................................439

11.1 Policy and Static Routes Overview ........................................................................................... 439

11.1.1 What You Can Do in this Chapter ................................................................................... 439

11.1.2 What You Need to Know ................................................................................................ 440

11.2 Policy Route Screen ................................................................................................................... 441

11.2.1 Policy Route Edit Screen .................................................................................................. 443

11.3 IP Static Route Screen ................................................................................................................ 448

11.3.1 Static Route Add/Edit Screen .......................................................................................... 448

11.4 Policy Routing Technical Reference ........................................................................................450

11.5 Routing Protocols Overview ..................................................................................................... 450

11.5.1 What You Need to Know ................................................................................................. 451

11.6 The RIP Screen ............................................................................................................................. 451

11.7 The OSPF Screen ......................................................................................................................... 453

11.7.1 Configuring the OSPF Screen .......................................................................................... 456

11.7.2 OSPF Area Add/Edit Screen ........................................................................................... 457

11.7.3 Virtual Link Add/Edit Screen ...........................................................................................459

11.8 BGP (Border Gateway Protocol) .............................................................................................. 460

11.8.1 Allow BGP Packets to Enter the Zyxel Device ................................................................ 461

11.8.2 Configuring the BGP Screen ............................................................................................ 461

11.8.3 The BGP Neighbors Screen .............................................................................................. 463

11.8.4 Example Scenario ............................................................................................................. 464

Chapter 12

DDNS ................................................................................................................................................466

Table of Contents

ZyWALL USG/VPN Series User’s Guide

14

12.1 DDNS Overview ........................................................................................................................... 466

12.1.1 What You Can Do in this Chapter ................................................................................... 466

12.1.2 What You Need to Know ................................................................................................. 466

12.2 The DDNS Screen ........................................................................................................................ 467

12.2.1 The Dynamic DNS Add/Edit Screen ................................................................................ 468

Chapter 13

NAT....................................................................................................................................................472

13.1 Overview ..................................................................................................................................... 472

13.2 NAT Overview ............................................................................................................................. 472

13.2.1 What You Can Do in this Chapter ................................................................................... 472

13.2.2 What You Need to Know ................................................................................................. 473

13.3 The NAT Screen ........................................................................................................................... 474

13.3.1 The NAT Add/Edit Screen .................................................................................................475

13.4 NAT Technical Reference .......................................................................................................... 478

13.5 Virtual Server Load Balancing ................................................................................................... 480

13.5.1 Load Balancing Example 1 .............................................................................................. 480

13.5.2 Load Balancing Example 2 .............................................................................................. 481

13.5.3 Virtual Server Load Balancing Process ........................................................................... 482

13.5.4 Load Balancing Rules ....................................................................................................... 483

13.5.5 Virtual Server Load Balancing Algorithms ...................................................................... 484

13.6 The Virtual Server Load Balancer Screen ................................................................................. 485

13.6.1 Adding/Editing a Virtual Server Load Balancing Rule .................................................. 486

Chapter 14

Redirect Service...............................................................................................................................491

14.1 Overview ..................................................................................................................................... 491

14.1.1 HTTP Redirect ..................................................................................................................... 491

14.1.2 SMTP Redirect .................................................................................................................... 491

14.1.3 What You Can Do in this Chapter ................................................................................... 492

14.1.4 What You Need to Know ................................................................................................. 492

14.2 The Redirect Service Screen ..................................................................................................... 494

14.2.1 The Redirect Service Edit Screen ..................................................................................... 495

Chapter 15

ALG....................................................................................................................................................497

15.1 ALG Overview ............................................................................................................................. 497

15.1.1 What You Need to Know ................................................................................................. 497

15.1.2 Before You Begin ............................................................................................................... 500

15.2 The ALG Screen .......................................................................................................................... 500

15.3 ALG Technical Reference ......................................................................................................... 503

Chapter 16

UPnP...................................................................................................................................................505

Table of Contents

ZyWALL USG/VPN Series User’s Guide

15

16.1 UPnP and NAT-PMP Overview ................................................................................................... 505

16.2 What You Need to Know ........................................................................................................... 505

16.2.1 NAT Traversal ..................................................................................................................... 505

16.2.2 Cautions with UPnP and NAT-PMP .................................................................................. 506

16.3 UPnP Screen ................................................................................................................................ 506

16.4 Technical Reference .................................................................................................................. 507

16.4.1 Turning on UPnP in Windows 7 Example ......................................................................... 507

16.4.2 Turn on UPnP in Windows 10 Example ............................................................................ 511

16.4.3 Auto-discover Your UPnP-enabled Network Device .................................................... 513

16.4.4 Web Configurator Easy Access in Windows 7 ............................................................... 516

16.4.5 Web Configurator Easy Access in Windows 10 ............................................................. 518

Chapter 17

IP/MAC Binding................................................................................................................................521

17.1 IP/MAC Binding Overview ......................................................................................................... 521

17.1.1 What You Can Do in this Chapter ................................................................................... 521

17.1.2 What You Need to Know ................................................................................................. 521

17.2 IP/MAC Binding Summary ......................................................................................................... 522

17.2.1 IP/MAC Binding Edit .......................................................................................................... 522

17.2.2 Static DHCP Edit ................................................................................................................ 524

17.3 IP/MAC Binding Exempt List ....................................................................................................... 524

Chapter 18

Layer 2 Isolation...............................................................................................................................526

18.1 Overview ..................................................................................................................................... 526

18.1.1 What You Can Do in this Chapter ................................................................................... 526

18.2 Layer-2 Isolation General Screen ............................................................................................. 526

18.3 White List Screen ......................................................................................................................... 527

18.3.1 Add/Edit White List Rule ................................................................................................... 528

Chapter 19

DNS Inbound LB................................................................................................................................530

19.1 DNS Inbound Load Balancing Overview ................................................................................. 530

19.1.1 What You Can Do in this Chapter ................................................................................... 530

19.2 The DNS Inbound LB Screen ...................................................................................................... 531

19.2.1 The DNS Inbound LB Add/Edit Screen ............................................................................ 532

19.2.2 The DNS Inbound LB Add/Edit Member Screen ............................................................ 535

Chapter 20

Web Authentication ........................................................................................................................536

20.1 Web Auth Overview ................................................................................................................... 536

20.1.1 What You Can Do in this Chapter ................................................................................... 536

20.1.2 What You Need to Know ................................................................................................. 537

Table of Contents

ZyWALL USG/VPN Series User’s Guide

16

20.2 Web Authentication General Screen ...................................................................................... 537

20.2.1 User-aware Access Control Example ............................................................................. 542

20.2.2 Authentication Type Screen ............................................................................................ 548

20.2.3 Custom Web Portal / User Agreement File Screen ....................................................... 552

20.2.4 Facebook Wi-Fi Screen ..................................................................................................... 553

20.3 SSO Overview .............................................................................................................................. 557

20.4 SSO - Zyxel Device Configuration ............................................................................................. 559

20.4.1 Configuration Overview ................................................................................................... 559

20.4.2 Configure the Zyxel Device to Communicate with SSO .............................................. 559

20.4.3 Enable Web Authentication ............................................................................................ 560

20.4.4 Create a Security Policy ................................................................................................... 562

20.4.5 Configure User Information ..............................................................................................563

20.4.6 Configure an Authentication Method ........................................................................... 564

20.4.7 Configure Active Directory ..............................................................................................565

20.5 SSO Agent Configuration .......................................................................................................... 566

Chapter 21

Hotspot..............................................................................................................................................570

21.1 Overview ..................................................................................................................................... 570

21.2 Billing Overview ........................................................................................................................... 570

21.2.1 What You Need to Know ................................................................................................. 570

21.3 The Billing > General Screen ...................................................................................................... 571

21.4 The Billing > Billing Profile Screen ............................................................................................... 573

21.4.1 The Account Generator Screen ...................................................................................... 574

21.4.2 The Account Redeem Screen ......................................................................................... 577

21.4.3 The Billing Profile Add/Edit Screen ................................................................................... 579

21.5 The Billing > Discount Screen ..................................................................................................... 580

21.5.1 The Discount Add/Edit Screen ......................................................................................... 582

21.6 The Billing > Payment Service Screen ....................................................................................... 582

21.6.1 The Payment Service > Desktop / Mobile View Screen ............................................... 584

Chapter 22

Printer Manager ...............................................................................................................................588

22.1 Printer Manager Overview ........................................................................................................ 588

22.1.1 What You Can Do in this Chapter ................................................................................... 588

22.2 The Printer Manager > General Screen ................................................................................... 588

22.2.1 Add Printer Rule ................................................................................................................. 591

22.2.2 Edit Printer Rule .................................................................................................................. 591

22.2.3 Discover Printer ................................................................................................................. 592

22.2.4 Edit Printer Manager (Discover Printer) .......................................................................... 594

22.3 The Printout Configuration Screen ............................................................................................ 595

22.4 Printer Reports Overview ........................................................................................................... 596

22.4.1 Key Combinations ............................................................................................................. 596

Table of Contents

ZyWALL USG/VPN Series User’s Guide

17

22.4.2 Daily Account Summary .................................................................................................. 596

22.4.3 Monthly Account Summary ............................................................................................. 597

22.4.4 Account Report Notes ..................................................................................................... 597

22.4.5 System Status ..................................................................................................................... 598

Chapter 23

Free Time...........................................................................................................................................600

23.1 Free Time Overview .................................................................................................................... 600

23.1.1 What You Can Do in this Chapter ................................................................................... 600

23.2 The Free Time Screen ................................................................................................................. 600

Chapter 24

IPnP....................................................................................................................................................605

24.1 IPnP Overview ............................................................................................................................ 605

24.1.1 What You Can Do in this Chapter ................................................................................... 606

24.1.2 IPnP Screen ........................................................................................................................ 606

Chapter 25

Walled Garden.................................................................................................................................608

25.1 Walled Garden Overview ........................................................................................................ 608

25.2 Walled Garden > General Screen ........................................................................................... 608

25.3 Walled Garden > URL Base Screen .......................................................................................... 609

25.3.1 Adding/Editing a Walled Garden URL ........................................................................... 610

25.4 Walled Garden > Domain/IP Base Screen .............................................................................. 611

25.4.1 Adding/Editing a Walled Garden Domain or IP ........................................................... 612

25.4.2 Walled Garden Login Example ....................................................................................... 612

Chapter 26

Advertisement Screen.....................................................................................................................614

26.1 Advertisement Overview ........................................................................................................... 614

26.1.1 Adding/Editing an Advertisement URL .......................................................................... 615

Chapter 27

Security Policy..................................................................................................................................617

27.1 Overview ..................................................................................................................................... 617

27.2 One Security ................................................................................................................................ 618

27.3 What You Can Do in this Chapter ............................................................................................ 621

27.3.1 What You Need to Know ................................................................................................. 622

27.4 The Security Policy Screen ......................................................................................................... 623

27.4.1 Configuring the Security Policy Control Screen ............................................................ 624

27.4.2 The Security Policy Control Add/Edit Screen ................................................................. 627

27.5 Anomaly Detection and Prevention Overview ...................................................................... 629

27.5.1 The Anomaly Detection and Prevention General Screen ........................................... 630

Table of Contents

ZyWALL USG/VPN Series User’s Guide

18

27.5.2 Creating New ADP Profiles ..............................................................................................631

27.5.3 Traffic Anomaly Profiles ................................................................................................... 632

27.5.4 Protocol Anomaly Profiles ................................................................................................ 635

27.6 The Session Control Screen ........................................................................................................ 638

27.6.1 The Session Control Add/Edit Screen .............................................................................. 639

27.7 Security Policy Example Applications ......................................................................................640

Chapter 28

Cloud CNM......................................................................................................................................643

28.1 Cloud CNM Overview ................................................................................................................ 643

28.1.1 What You Can Do in this Chapter ................................................................................... 643

28.2 Cloud CNM SecuManager ....................................................................................................... 643

28.3 Cloud CNM SecuReporter ......................................................................................................... 646

Chapter 29

Amazon VPC ...................................................................................................................................651

29.1 Overview ..................................................................................................................................... 651

29.2 Amazon VPC Configuration Process ........................................................................................ 651

Chapter 30

IPSec VPN .........................................................................................................................................653

30.1 Virtual Private Networks (VPN) Overview ................................................................................. 653

30.1.1 What You Can Do in this Chapter ................................................................................... 655

30.1.2 What You Need to Know ................................................................................................. 655

30.1.3 Before You Begin ............................................................................................................... 658

30.2 The VPN Connection Screen ..................................................................................................... 658

30.2.1 The VPN Connection Add/Edit Screen .......................................................................... 660

30.3 The VPN Gateway Screen ......................................................................................................... 667

30.3.1 The VPN Gateway Add/Edit Screen ............................................................................... 668

30.4 VPN Concentrator ..................................................................................................................... 675

30.4.1 VPN Concentrator Requirements and Suggestions ...................................................... 675

30.4.2 VPN Concentrator Screen ............................................................................................... 676

30.4.3 The VPN Concentrator Add/Edit Screen ........................................................................ 676

30.5 Zyxel Device IPSec VPN Client Configuration Provisioning .................................................... 677

30.6 IPSec VPN Background Information ......................................................................................... 679

Chapter 31

SSL VPN..............................................................................................................................................689

31.1 Overview ..................................................................................................................................... 689

31.1.1 What You Can Do in this Chapter ................................................................................... 689

31.1.2 What You Need to Know ................................................................................................. 689

31.2 The SSL Access Privilege Screen ................................................................................................ 690

31.2.1 The SSL Access Privilege Policy Add/Edit Screen ......................................................... 691

Table of Contents

ZyWALL USG/VPN Series User’s Guide

19

31.3 The SSL Global Setting Screen ................................................................................................... 694

31.3.1 How to Upload a Custom Logo ...................................................................................... 695

Chapter 32

SSL User Screens..............................................................................................................................697

32.1 Overview ..................................................................................................................................... 697

32.1.1 What You Need to Know ................................................................................................. 697

32.2 Remote SSL User Login ............................................................................................................... 698

32.3 The SSL VPN User Screens ........................................................................................................... 700

32.4 Bookmarking the Zyxel Device .................................................................................................. 700

32.5 Logging Out of the SSL VPN User Screens ................................................................................ 701

32.6 SSL User Application Screen ...................................................................................................... 701

32.7 SSL User File Sharing .................................................................................................................... 702

32.7.1 The Main File Sharing Screen ........................................................................................... 702

32.7.2 Opening a File or Folder ................................................................................................... 703

32.7.3 Downloading a File ........................................................................................................... 704

32.7.4 Saving a File ....................................................................................................................... 704

32.7.5 Creating a New Folder ..................................................................................................... 705

32.7.6 Renaming a File or Folder ................................................................................................ 705

32.7.7 Deleting a File or Folder .................................................................................................... 706

32.7.8 Uploading a File ................................................................................................................ 706

32.8 SecuExtender Screen ................................................................................................................ 707

32.8.1 Installing the SecuExtender Client ................................................................................... 707

Chapter 33

Zyxel Device SecuExtender (Windows).........................................................................................710

33.1 The Zyxel Device SecuExtender Icon ....................................................................................... 710

33.2 Status ............................................................................................................................................ 710

33.3 View Log ...................................................................................................................................... 711

33.4 Suspend and Resume the Connection ................................................................................... 712

33.5 Stop the Connection ................................................................................................................. 712

33.6 Uninstalling the Zyxel Device SecuExtender ............................................................................ 712

Chapter 34

L2TP VPN............................................................................................................................................714

34.1 Overview ..................................................................................................................................... 714

34.1.1 What You Can Do in this Chapter ................................................................................... 714

34.1.2 What You Need to Know ................................................................................................. 714

34.2 L2TP VPN Screen ......................................................................................................................... 715

34.2.1 Example: L2TP and Zyxel Device Behind a NAT Router ................................................ 717

Chapter 35

BWM (Bandwidth Management) .................................................................................................719

Table of Contents

ZyWALL USG/VPN Series User’s Guide

20

35.1 Overview ..................................................................................................................................... 719

35.1.1 What You Can Do in this Chapter ................................................................................... 719

35.1.2 What You Need to Know ................................................................................................ 719

35.2 The Bandwidth Management Configuration .......................................................................... 723

35.2.1 The Bandwidth Management Add/Edit Screen ............................................................ 726

Chapter 36

Application Patrol............................................................................................................................734

36.1 Overview ..................................................................................................................................... 734

36.1.1 What You Can Do in this Chapter ................................................................................... 734

36.1.2 What You Need to Know ................................................................................................ 734

36.2 Application Patrol Profile ........................................................................................................... 735

36.2.1 The Application Patrol Profile Add/Edit Screen ............................................................. 737

36.2.2 The Application Patrol Profile Rule Add Application Screen ....................................... 738

Chapter 37

Content Filtering...............................................................................................................................740

37.1 Overview ..................................................................................................................................... 740

37.1.1 What You Can Do in this Chapter ................................................................................... 740

37.1.2 What You Need to Know ................................................................................................. 740

37.1.3 Before You Begin ............................................................................................................... 742

37.2 Content Filter Profile Screen ...................................................................................................... 742

37.2.1 Content Filter Add Profile Category Service .................................................................. 744

37.2.2 Content Filter Add Filter Profile Custom Service ........................................................... 759

37.3 Content Filter Trusted Web Sites Screen ................................................................................. 762

37.4 Content Filter Forbidden Web Sites Screen ............................................................................ 763

37.5 Content Filter Technical Reference ......................................................................................... 764

Chapter 38

IDP .....................................................................................................................................................766

38.1 Overview ..................................................................................................................................... 766

38.1.1 What You Can Do in this Chapter ................................................................................... 766

38.1.2 What You Need To Know ................................................................................................. 766

38.1.3 Before You Begin ............................................................................................................... 766

38.2 The IDP Profile Screen ................................................................................................................. 767

38.2.1 Base Profiles ....................................................................................................................... 768

38.2.2 Adding / Editing Profiles .................................................................................................. 769

38.2.3 Profile > Group View Screen ............................................................................................ 770

38.2.4 Add Profile > Query View ................................................................................................ 773

38.2.5 Query Example .................................................................................................................. 777

38.3 IDP Custom Signatures .............................................................................................................. 778

38.3.1 Add / Edit Custom Signatures ......................................................................................... 781

38.3.2 Custom Signature Example ............................................................................................. 785

Page is loading ...

ZyXEL VPN300, VPN100, VPN50 User guide

Related papers

Other documents