2. Computers & electronics
  3. Networking
  4. Routers
  5. ZyXEL
  6. VPN100
VPN100

ZyXEL VPN100, VPN300, VPN50 User guide

  • Hello! I am an AI chatbot trained to assist you with the ZyXEL VPN100 User guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Default Login Details
User’s Guide
ZyWALL USG/VPN
Series
Copyright © 2018 Zyxel Communications Corporation
LAN Port IP Address https://192.168.1.1
User Name admin
Password 1234
Version 4.31 Edition 1, 3/2018
ZyWALL USG/VPN Series User’s Guide
2
IMPORTANT!
READ CAREFULLY BEFORE USE.
KEEP THIS GUIDE FOR FUTURE REFERENCE.
This is a User’s Guide for a series of products. Not all products support all firmware features.
Screenshots and graphics in this book may differ slightly from your product due to differences in
product features or web configurator brand style. Most screen shots in this guide come from the
USG110 and USG60W. Screen shots for other models may vary. Every effort has been made to
ensure that the information in this manual is accurate.
Note: The version number on the cover page refers to the latest firmware version supported
by the Zyxel Device. This guide applies to versions 4.10, 4.11, 4.13, 4.15, 4.16, 4.20, 4.25,
4.30 and 4.31 at the time of writing.
Related Documentation
•Quick Start Guide
The Quick Start Guide shows how to connect the Zyxel Device and access the Web Configurator
wizards. (See the wizard real time help for information on configuring each screen.) It also contains a
connection diagram and package contents list.
•CLI Reference Guide
The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the
Zyxel Device.
Note: It is recommended you use the Web Configurator to configure the Zyxel Device.
Web Configurator Online Help
Click the help icon in any screen for help in configuring that screen and supplementary information.
•More Information
Go to support.zyxel.com to find other information on
Zyxel Device.
ZyWALL USG/VPN Series User’s Guide
3
Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this guide.
Warnings tell you about things that could harm you or your device.
Note: Notes tell you other important information (for example, other things you may need to
configure or helpful tips) or recommendations.
Syntax Conventions
All models in this series may be referred to as the “Zyxel Device” in this guide.
Product labels, screen names, field labels and field choices are all in bold font.
A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Configuration >
Network > Interface > Ethernet means you first click Configuration in the navigation panel, then
Network, then the Interface sub menu and finally the Ethernet tab to get to that screen.
Icons Used in Figures
Figures in this user guide may use the following generic icons. The Zyxel Device icon is not an exact
representation of your device.
Zyxel Device Generic Router Wireless Router / Access Point
Switch Firewall Server
Internet Network Cloud Smartphone
USB Dongle
Contents Overview
ZyWALL USG/VPN Series User’s Guide
4
Contents Overview
Introduction ........................................................................................................................................... 28
Initial Setup Wizard ............................................................................................................................... 54
Hardware, Interfaces and Zones ........................................................................................................ 69
Easy Mode ............................................................................................................................................. 85
Quick Setup Wizards ........................................................................................................................... 146
Dashboard .......................................................................................................................................... 179
Monitor ................................................................................................................................................. 195
Licensing .............................................................................................................................................. 260
Wireless ................................................................................................................................................. 267
Interfaces ............................................................................................................................................. 290
Routing ................................................................................................................................................. 394
DDNS ................................................................................................................................................... 421
NAT ....................................................................................................................................................... 427
Redirect Service .................................................................................................................................. 434
ALG ....................................................................................................................................................... 440
UPnP ..................................................................................................................................................... 448
IP/MAC Binding ................................................................................................................................... 457
Layer 2 Isolation .................................................................................................................................. 462
DNS Inbound LB .................................................................................................................................. 466
Web Authentication .......................................................................................................................... 472
Hotspot ................................................................................................................................................ 504
Printer Manager .................................................................................................................................. 522
Free Time ............................................................................................................................................. 534
SMS ....................................................................................................................................................... 539
IPnP ....................................................................................................................................................... 541
Walled Garden ................................................................................................................................... 544
Advertisement Screen ....................................................................................................................... 550
Security Policy ..................................................................................................................................... 553
Cloud CNM ........................................................................................................................................ 579
Amazon VPC ...................................................................................................................................... 583
IPSec VPN ............................................................................................................................................ 585
SSL VPN ................................................................................................................................................ 621
SSL User Screens .................................................................................................................................. 632
Zyxel Device SecuExtender (Windows) ............................................................................................645
L2TP VPN .............................................................................................................................................. 649
BWM (Bandwidth Management) ..................................................................................................654
Application Patrol ............................................................................................................................... 669
Content Filtering ................................................................................................................................. 675
IDP ........................................................................................................................................................ 694
Contents Overview
ZyWALL USG/VPN Series User’s Guide
5
Anti-Virus .............................................................................................................................................. 719
Anti-Spam ............................................................................................................................................ 730
SSL Inspection ...................................................................................................................................... 748
Device HA ........................................................................................................................................... 757
Object .................................................................................................................................................. 777
System .................................................................................................................................................. 880
Log and Report ................................................................................................................................... 936
File Manager ....................................................................................................................................... 954
Diagnostics ......................................................................................................................................... 968
Packet Flow Explore .......................................................................................................................... 986
Shutdown ............................................................................................................................................. 994
Troubleshooting .................................................................................................................................. 995
Table of Contents
ZyWALL USG/VPN Series User’s Guide
6
Table of Contents
Document Conventions ......................................................................................................................3
Contents Overview .............................................................................................................................4
Table of Contents.................................................................................................................................6
Part I: User’s Guide..........................................................................................27
Chapter 1
Introduction ........................................................................................................................................28
1.1 Overview ......................................................................................................................................... 28
1.2 Registration at myZyxel .................................................................................................................. 30
1.2.1 Grace Period ......................................................................................................................... 30
1.2.2 Applications ........................................................................................................................... 31
1.3 Management Overview ................................................................................................................ 33
1.4 Web Configurator ........................................................................................................................... 35
1.4.1 Web Configurator Access .................................................................................................... 35
1.4.2 Web Configurator Screens Overview ................................................................................. 38
1.4.3 Navigation Panel .................................................................................................................. 42
1.4.4 Tables and Lists ...................................................................................................................... 50
Chapter 2
Initial Setup Wizard.............................................................................................................................54
2.1 Initial Setup Wizard Screens .......................................................................................................... 54
2.1.1 Internet Access Setup - WAN Interface ............................................................................. 55
2.1.2 Internet Access: Ethernet .................................................................................................... 55
2.1.3 Internet Access: PPPoE ......................................................................................................... 57
2.1.4 Internet Access: PPTP ........................................................................................................... 58
2.1.5 Internet Access: L2TP ............................................................................................................ 59
2.1.6 Internet Access Setup - Second WAN Interface ............................................................... 61
2.1.7 Internet Access: Congratulations ....................................................................................... 62
2.1.8 Date and Time Settings ........................................................................................................ 62
2.1.9 Register Device ..................................................................................................................... 63
2.1.10 Activate Service .................................................................................................................. 64
2.1.11 Wireless Settings: AP Controller ......................................................................................... 65
2.1.12 Wireless Settings: SSID & Security ...................................................................................... 66
2.1.13 Remote Management ......................................................................................................67
Table of Contents
ZyWALL USG/VPN Series User’s Guide
7
Chapter 3
Hardware, Interfaces and Zones......................................................................................................69
3.1 Hardware Overview ....................................................................................................................... 69
3.1.1 Front Panels ............................................................................................................................ 69
3.1.2 Rear Panels ............................................................................................................................ 73
3.2 Mounting ......................................................................................................................................... 75
3.2.1 Rack-mounting ...................................................................................................................... 76
3.2.2 USG2200-VPN Rack Mounting ............................................................................................. 76
3.2.3 Wall-mounting ....................................................................................................................... 80
3.2.4 USG20(W)-VPN/USG40(W)/USG60(W)/VPN50 Wall-mounting ......................................... 80
3.3 Default Zones, Interfaces, and Ports ............................................................................................ 82
3.4 Stopping the Zyxel Device ............................................................................................................ 84
Chapter 4
Easy Mode..........................................................................................................................................85
4.1 Overview ........................................................................................................................................ 85
4.1.1 Wizards and Links .................................................................................................................. 85
4.1.2 Easy Mode Settings ............................................................................................................... 86
4.1.3 Easy Mode Dashboard ......................................................................................................... 87
4.2 Initial Setup Wizard - Language and Overview ........................................................................ 90
4.2.1 Initial Setup Wizard - Internet ........................................................................................... 91
4.2.2 Initial Setup Wizard - Internet Access Errors ..................................................................... 92
4.2.3 Initial Setup Wizard - Date and Time ................................................................................ 93
4.2.4 Initial Setup Wizard - Register Device .............................................................................. 94
4.2.5 Initial Setup Wizard - Activate Services ............................................................................ 95
4.2.6 Initial Setup Wizard - Wi-Fi .................................................................................................. 97
4.2.7 Initial Setup Wizard - Congratulations .............................................................................. 98
4.3 Initial Setup Wizard - Security Service ....................................................................................... 99
4.4 Initial Setup Wizard - Port Forwarding ....................................................................................... 101
4.5 Initial Setup Wizard - Guest LAN ............................................................................................... 102
4.5.1 Connecting AP Scenarios ..................................................................................................103
4.6 Initial Setup Wizard - Remote Management .......................................................................... 104
4.7 Initial Setup Wizard - VPN ........................................................................................................... 105
4.7.1 VPN Setup Wizard: Wizard Type ...................................................................................... 106
4.7.2 VPN Express Wizard - Scenario ......................................................................................... 106
4.7.3 VPN Express Wizard - Configuration ................................................................................ 108
4.7.4 VPN Express Wizard - Summary ........................................................................................ 109
4.7.5 VPN Express Wizard - Finish ............................................................................................... 109
4.7.6 VPN Advanced Wizard - Scenario .................................................................................. 110
4.7.7 VPN Advanced Wizard - Phase 1 Settings ..................................................................... 111
4.7.8 VPN Advanced Wizard - Phase 2 .................................................................................... 113
4.7.9 VPN Advanced Wizard - Summary ................................................................................. 114
4.7.10 VPN Advanced Wizard - Finish ...................................................................................... 115
Table of Contents
ZyWALL USG/VPN Series User’s Guide
8
4.8 VPN Settings for Configuration Provisioning Wizard: Wizard Type ......................................... 115
4.8.1 Configuration Provisioning Express Wizard - VPN Settings ............................................ 116
4.8.2 Configuration Provisioning VPN Express Wizard - Configuration ................................. 117
4.8.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ..................... 118
4.8.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 119
4.8.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................ 120
4.8.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 121
4.8.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 ................. 122
4.8.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ............... 123
4.8.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish ....................... 125
4.9 VPN Settings for L2TP VPN Settings Wizard ............................................................................... 126
4.9.1 L2TP VPN Settings 1 ............................................................................................................. 127
4.9.2 L2TP VPN Settings 2 ............................................................................................................ 128
4.9.3 VPN Settings for L2TP VPN Setting Wizard - Summary ................................................... 129
4.9.4 VPN Settings for L2TP VPN Setting Wizard Completed .................................................. 130
4.10 Port Forwarding ......................................................................................................................... 131
4.10.1 Port Forwarding > Add Client ........................................................................................ 132
4.10.2 Port Forwarding > Add Service ...................................................................................... 132
4.10.3 Port Forwarding > UPnP .................................................................................................. 132
4.11 Wi-Fi and Guest Network Wizard ........................................................................................... 134
4.11.1 Guest LAN (Wired Network) ........................................................................................... 135
4.11.2 Connecting AP Scenarios ................................................................................................ 136
4.12 Security Service Wizard .......................................................................................................... 137
4.12.1 Security Service Wizard 2 - Content Filter Categories ............................................... 138
4.12.2 Security Service Wizard 3 - Websites ........................................................................... 140
4.12.3 Security Service Wizard 4 - Exemptions ...................................................................... 141
4.12.4 Security Service Wizard 5 - IDP/AV .............................................................................. 142
4.13 MyZyxel Portal ......................................................................................................................... 143
4.14 One Security Portal ................................................................................................................. 144
Chapter 5
Quick Setup Wizards........................................................................................................................146
5.1 Quick Setup Overview ................................................................................................................. 146
5.2 WAN Interface Quick Setup ........................................................................................................ 147
5.2.1 Choose an Ethernet Interface ........................................................................................... 147
5.2.2 Select WAN Type ................................................................................................................. 148
5.2.3 Configure WAN IP Settings ................................................................................................. 148
5.2.4 ISP and WAN and ISP Connection Settings ...................................................................... 149
5.2.5 Quick Setup Interface Wizard: Summary ......................................................................... 152
5.3 VPN Setup Wizard ......................................................................................................................... 153
5.3.1 Welcome .............................................................................................................................. 153
5.3.2 VPN Setup Wizard: Wizard Type ........................................................................................ 154
5.3.3 VPN Express Wizard - Scenario .......................................................................................... 155
Table of Contents
ZyWALL USG/VPN Series User’s Guide
9
5.3.4 VPN Express Wizard - Configuration ................................................................................. 156
5.3.5 VPN Express Wizard - Summary ......................................................................................... 157
5.3.6 VPN Express Wizard - Finish ................................................................................................ 158
5.3.7 VPN Advanced Wizard - Scenario ................................................................................... 158
5.3.8 VPN Advanced Wizard - Phase 1 Settings ...................................................................... 160
5.3.9 VPN Advanced Wizard - Phase 2 ..................................................................................... 161
5.3.10 VPN Advanced Wizard - Summary ................................................................................ 162
5.3.11 VPN Advanced Wizard - Finish ....................................................................................... 162
5.4 VPN Settings for Configuration Provisioning Wizard: Wizard Type ........................................... 163
5.4.1 Configuration Provisioning Express Wizard - VPN Settings ............................................. 164
5.4.2 Configuration Provisioning VPN Express Wizard - Configuration .................................. 165
5.4.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ...................... 166
5.4.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 167
5.4.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................. 168
5.4.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 169
5.4.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 .................. 170
5.4.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ................ 171
5.4.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish ........................ 173
5.5 VPN Settings for L2TP VPN Settings Wizard ................................................................................. 174
5.5.1 L2TP VPN Settings ................................................................................................................ 175
5.5.2 L2TP VPN Settings ................................................................................................................ 176
5.5.3 VPN Settings for L2TP VPN Setting Wizard - Summary .................................................... 177
5.5.4 VPN Settings for L2TP VPN Setting Wizard Completed ................................................... 178
Chapter 6
Dashboard........................................................................................................................................179
6.1 Overview ....................................................................................................................................... 179
6.1.1 What You Can Do in this Chapter ..................................................................................... 179
6.2 Main Dashboard Screen .............................................................................................................. 179
6.2.1 Device Information Screen ................................................................................................182
6.2.2 System Status Screen .......................................................................................................... 183
6.2.3 DHCP Table Screen ............................................................................................................. 184
6.2.4 Number of Login Users Screen ........................................................................................... 185
6.2.5 System Resources Screen ................................................................................................... 186
6.2.6 Extension Slot Screen .......................................................................................................... 187
6.2.7 Interface Status Summary Screen ..................................................................................... 187
6.2.8 Secured Service Status Screen .......................................................................................... 189
6.2.9 Content Filter Statistics Screen ........................................................................................... 189
6.2.10 Top 5 Viruses Screen ......................................................................................................... 190
6.2.11 Top 5 Intrusions Screen ..................................................................................................... 191
6.2.12 Top 5 IPv4/IPv6 Security Policy Rules that Blocked Traffic Screen ............................... 191
6.2.13 The Latest Alert Logs Screen ............................................................................................192
6.3 VPN Screen .................................................................................................................................... 192
Table of Contents
ZyWALL USG/VPN Series User’s Guide
10
Part II: Technical Reference.........................................................................194
Chapter 7
Monitor..............................................................................................................................................195
7.1 Overview ....................................................................................................................................... 195
7.1.1 What You Can Do in this Chapter ..................................................................................... 195
7.2 The Port Statistics Screen ............................................................................................................ 197
7.2.1 The Port Statistics Graph Screen ....................................................................................... 198
7.3 Interface Status Screen ................................................................................................................ 199
7.4 The Traffic Statistics Screen .......................................................................................................... 203
7.5 The Session Monitor Screen ........................................................................................................ 206
7.6 IGMP Statistics ............................................................................................................................... 208
7.7 The DDNS Status Screen ............................................................................................................... 209
7.8 IP/MAC Binding ............................................................................................................................. 209
7.9 The Login Users Screen ................................................................................................................ 210
7.10 The Dynamic Guest Screen ...................................................................................................... 211
7.11 Cellular Status Screen ................................................................................................................ 213
7.11.1 More Information .............................................................................................................. 215
7.12 The UPnP Port Status Screen ..................................................................................................... 216
7.13 USB Storage Screen .................................................................................................................... 217
7.14 Ethernet Neighbor Screen ........................................................................................................ 218
7.15 FQDN Object Screen ................................................................................................................ 219
7.16 AP Information: AP List ............................................................................................................... 221
7.16.1 AP List: More Information ................................................................................................ 223
7.16.2 AP List: Config AP ............................................................................................................. 226
7.17 AP Information: Radio List .......................................................................................................... 227
7.17.1 Radio List: More Information ............................................................................................229
7.18 AP Information: Top N APs ........................................................................................................ 230
7.19 AP Information: Single AP .......................................................................................................... 232
7.20 ZyMesh ......................................................................................................................................... 233
7.21 SSID Info ....................................................................................................................................... 233
7.22 Station Info: Station List .............................................................................................................. 234
7.23 Station Info: Top N Stations ........................................................................................................ 235
7.24 Station Info: Single Station ......................................................................................................... 236
7.25 Detected Device ....................................................................................................................... 237
7.26 The Printer Status Screen ........................................................................................................... 238
7.27 The IPSec Screen ........................................................................................................................ 238
7.28 The SSL Screen ............................................................................................................................. 240
7.29 The L2TP over IPSec Screen ....................................................................................................... 241
7.30 The App Patrol Screen ............................................................................................................... 241
7.31 The Content Filter Screen .......................................................................................................... 242
7.32 The IDP Screen ............................................................................................................................ 244
7.33 The Anti-Virus Screen .................................................................................................................. 246
Table of Contents
ZyWALL USG/VPN Series User’s Guide
11
7.34 The Anti-Spam Screens .............................................................................................................. 248
7.34.1 Anti-Spam Summary ......................................................................................................... 248
7.34.2 The Anti-Spam Status Screen ........................................................................................... 250
7.35 The SSL Inspection Screens ........................................................................................................ 252
7.35.1 Certificate Cache List ....................................................................................................... 253
7.36 Log Screens ................................................................................................................................. 254
7.36.1 View Log ............................................................................................................................ 254
7.36.2 View AP Log ....................................................................................................................... 256
7.36.3 Dynamic Users Log ............................................................................................................ 258
Chapter 8
Licensing...........................................................................................................................................260
8.1 Registration Overview .................................................................................................................. 260
8.1.1 What you Need to Know ....................................................................................................260
8.1.2 Registration Screen ............................................................................................................. 260
8.1.3 Service Screen ..................................................................................................................... 261
8.2 Signature Update ......................................................................................................................... 263
8.2.1 What you Need to Know ....................................................................................................263
8.2.2 The Anti-Virus Update Screen ............................................................................................ 263
8.2.3 The IDP/AppPatrol Update Screen ................................................................................... 264
Chapter 9
Wireless.............................................................................................................................................267
9.1 Overview ....................................................................................................................................... 267
9.1.1 What You Can Do in this Chapter ..................................................................................... 267
9.2 Controller Screen ......................................................................................................................... 267
9.3 AP Management Screens ........................................................................................................... 268
9.3.1 Mgnt. AP List ....................................................................................................................... 268
9.3.2 AP Policy .............................................................................................................................. 272
9.3.3 AP Group ............................................................................................................................. 273
9.3.4 Firmware ............................................................................................................................... 280
9.4 MON Mode ................................................................................................................................... 282
9.4.1 Add/Edit Rogue/Friendly List .............................................................................................. 284
9.5 Auto Healing ................................................................................................................................. 285
9.6 RTLS Overview ............................................................................................................................... 285
9.6.1 What You Can Do in this Chapter ..................................................................................... 286
9.6.2 Before You Begin ................................................................................................................. 286
9.6.3 Configuring RTLS .................................................................................................................. 287
9.7 Technical Reference .................................................................................................................... 288
9.7.1 Dynamic Channel Selection .............................................................................................. 288
9.7.2 Load Balancing ................................................................................................................... 289
Chapter 10
Interfaces..........................................................................................................................................290
Table of Contents
ZyWALL USG/VPN Series User’s Guide
12
10.1 Interface Overview .................................................................................................................... 290
10.1.1 What You Can Do in this Chapter ................................................................................... 290
10.1.2 What You Need to Know ................................................................................................. 291
10.1.3 What You Need to Do First ...............................................................................................295
10.2 Port Role ....................................................................................................................................... 295
10.3 Port Group ................................................................................................................................... 296
10.4 Ethernet Summary Screen ......................................................................................................... 297
10.4.1 Ethernet Edit ...................................................................................................................... 299
10.4.2 Proxy ARP ........................................................................................................................... 315
10.4.3 Virtual Interfaces .............................................................................................................. 316
10.4.4 Object References ............................................................................................................ 318
10.4.5 Add/Edit DHCPv6 Request/Release Options ................................................................. 318
10.4.6 Add/Edit DHCP Extended Options ................................................................................. 319
10.5 PPP Interfaces ............................................................................................................................. 321
10.5.1 PPP Interface Summary .................................................................................................... 321
10.5.2 PPP Interface Add or Edit ................................................................................................ 323
10.6 Cellular Configuration Screen ................................................................................................... 327
10.6.1 Cellular Choose Slot ......................................................................................................... 330
10.6.2 Add / Edit Cellular Configuration .................................................................................... 330
10.7 Tunnel Interfaces ........................................................................................................................ 336
10.7.1 Configuring a Tunnel ........................................................................................................ 338
10.7.2 Tunnel Add or Edit Screen ................................................................................................ 339
10.8 VLAN Interfaces ......................................................................................................................... 342
10.8.1 VLAN Summary Screen .....................................................................................................344
10.8.2 VLAN Add/Edit ................................................................................................................. 345
10.9 Bridge Interfaces ........................................................................................................................ 357
10.9.1 Bridge Summary ................................................................................................................ 358
10.9.2 Bridge Add/Edit ................................................................................................................ 360
10.10 LAG ............................................................................................................................................ 369
10.10.1 LAG Summary Screen .....................................................................................................370
10.10.2 LAG Add/Edit ................................................................................................................. 371
10.11 VTI ............................................................................................................................................... 377
10.11.1 Restrictions for IPSec Virtual Tunnel Interface .............................................................. 377
10.11.2 VTI Screen ........................................................................................................................ 377
10.11.3 VTI Add/Edit ..................................................................................................................... 378
10.12 Trunk Overview ......................................................................................................................... 382
10.12.1 What You Need to Know ............................................................................................... 382
10.13 The Trunk Summary Screen ...................................................................................................... 385
10.13.1 Configuring a User-Defined Trunk ................................................................................. 386
10.13.2 Configuring the System Default Trunk .......................................................................... 388
10.14 Interface Technical Reference ............................................................................................... 389
Chapter 11
Routing..............................................................................................................................................394
Table of Contents
ZyWALL USG/VPN Series User’s Guide
13
11.1 Policy and Static Routes Overview ........................................................................................... 394
11.1.1 What You Can Do in this Chapter ................................................................................... 394
11.1.2 What You Need to Know ................................................................................................ 395
11.2 Policy Route Screen ................................................................................................................... 396
11.2.1 Policy Route Edit Screen .................................................................................................. 399
11.3 IP Static Route Screen ................................................................................................................ 403
11.3.1 Static Route Add/Edit Screen .......................................................................................... 403
11.4 Policy Routing Technical Reference ........................................................................................405
11.5 Routing Protocols Overview ..................................................................................................... 405
11.5.1 What You Need to Know ................................................................................................. 406
11.6 The RIP Screen ............................................................................................................................. 406
11.7 The OSPF Screen ......................................................................................................................... 408
11.7.1 Configuring the OSPF Screen .......................................................................................... 411
11.7.2 OSPF Area Add/Edit Screen ........................................................................................... 412
11.7.3 Virtual Link Add/Edit Screen ...........................................................................................414
11.8 BGP (Border Gateway Protocol) .............................................................................................. 415
11.8.1 Allow BGP Packets to Enter the Zyxel Device ................................................................ 416
11.8.2 Configuring the BGP Screen ............................................................................................ 416
11.8.3 The BGP Neighbors Screen .............................................................................................. 418
11.8.4 Example Scenario ............................................................................................................. 419
Chapter 12
DDNS ................................................................................................................................................421
12.1 DDNS Overview ........................................................................................................................... 421
12.1.1 What You Can Do in this Chapter ................................................................................... 421
12.1.2 What You Need to Know ................................................................................................. 421
12.2 The DDNS Screen ........................................................................................................................ 422
12.2.1 The Dynamic DNS Add/Edit Screen ................................................................................ 423
Chapter 13
NAT....................................................................................................................................................427
13.1 NAT Overview ............................................................................................................................. 427
13.1.1 What You Can Do in this Chapter ................................................................................... 427
13.1.2 What You Need to Know ................................................................................................. 427
13.2 The NAT Screen ........................................................................................................................... 427
13.2.1 The NAT Add/Edit Screen .................................................................................................429
13.3 NAT Technical Reference .......................................................................................................... 432
Chapter 14
Redirect Service...............................................................................................................................434
14.1 Overview ..................................................................................................................................... 434
14.1.1 HTTP Redirect ..................................................................................................................... 434
14.1.2 SMTP Redirect .................................................................................................................... 434
Table of Contents
ZyWALL USG/VPN Series User’s Guide
14
14.1.3 What You Can Do in this Chapter ................................................................................... 435
14.1.4 What You Need to Know ................................................................................................. 435
14.2 The Redirect Service Screen ..................................................................................................... 437
14.2.1 The Redirect Service Edit Screen ..................................................................................... 438
Chapter 15
ALG....................................................................................................................................................440
15.1 ALG Overview ............................................................................................................................. 440
15.1.1 What You Need to Know ................................................................................................. 440
15.1.2 Before You Begin ............................................................................................................... 443
15.2 The ALG Screen .......................................................................................................................... 443
15.3 ALG Technical Reference ......................................................................................................... 446
Chapter 16
UPnP...................................................................................................................................................448
16.1 UPnP and NAT-PMP Overview ................................................................................................... 448
16.2 What You Need to Know ........................................................................................................... 448
16.2.1 NAT Traversal ..................................................................................................................... 448
16.2.2 Cautions with UPnP and NAT-PMP .................................................................................. 449
16.3 UPnP Screen ................................................................................................................................ 449
16.4 Technical Reference .................................................................................................................. 450
16.4.1 Turning on UPnP in Windows 7 Example ......................................................................... 450
16.4.2 Using UPnP in Windows XP Example ................................................................................ 452
16.4.3 Web Configurator Easy Access ....................................................................................... 454
Chapter 17
IP/MAC Binding................................................................................................................................457
17.1 IP/MAC Binding Overview ......................................................................................................... 457
17.1.1 What You Can Do in this Chapter ................................................................................... 457
17.1.2 What You Need to Know ................................................................................................. 457
17.2 IP/MAC Binding Summary ......................................................................................................... 458
17.2.1 IP/MAC Binding Edit .......................................................................................................... 458
17.2.2 Static DHCP Edit ................................................................................................................ 459
17.3 IP/MAC Binding Exempt List ....................................................................................................... 460
Chapter 18
Layer 2 Isolation...............................................................................................................................462
18.1 Overview ..................................................................................................................................... 462
18.1.1 What You Can Do in this Chapter ................................................................................... 462
18.2 Layer-2 Isolation General Screen ............................................................................................. 462
18.3 White List Screen ......................................................................................................................... 463
18.3.1 Add/Edit White List Rule ................................................................................................... 464
Table of Contents
ZyWALL USG/VPN Series User’s Guide
15
Chapter 19
DNS Inbound LB................................................................................................................................466
19.1 DNS Inbound Load Balancing Overview ................................................................................. 466
19.1.1 What You Can Do in this Chapter ................................................................................... 466
19.2 The DNS Inbound LB Screen ...................................................................................................... 467
19.2.1 The DNS Inbound LB Add/Edit Screen ............................................................................ 468
19.2.2 The DNS Inbound LB Add/Edit Member Screen ............................................................ 470
Chapter 20
Web Authentication ........................................................................................................................472
20.1 Web Auth Overview ................................................................................................................... 472
20.1.1 What You Can Do in this Chapter ................................................................................... 472
20.1.2 What You Need to Know ................................................................................................. 473
20.2 Web Authentication General Screen ...................................................................................... 473
20.2.1 User-aware Access Control Example ............................................................................. 478
20.2.2 Authentication Type Screen ............................................................................................ 483
20.2.3 Custom Web Portal / User Agreement File Screen ....................................................... 487
20.2.4 Facebook Wi-Fi Screen ..................................................................................................... 489
20.3 SSO Overview .............................................................................................................................. 492
20.4 SSO - Zyxel Device Configuration ............................................................................................. 494
20.4.1 Configuration Overview ................................................................................................... 494
20.4.2 Configure the Zyxel Device to Communicate with SSO .............................................. 494
20.4.3 Enable Web Authentication ............................................................................................ 495
20.4.4 Create a Security Policy ................................................................................................... 496
20.4.5 Configure User Information ..............................................................................................497
20.4.6 Configure an Authentication Method ........................................................................... 498
20.4.7 Configure Active Directory ..............................................................................................499
20.5 SSO Agent Configuration .......................................................................................................... 500
Chapter 21
Hotspot..............................................................................................................................................504
21.1 Overview ..................................................................................................................................... 504
21.2 Billing Overview ........................................................................................................................... 504
21.2.1 What You Need to Know ................................................................................................. 504
21.3 The Billing > General Screen ...................................................................................................... 505
21.4 The Billing > Billing Profile Screen ............................................................................................... 507
21.4.1 The Account Generator Screen ...................................................................................... 508
21.4.2 The Account Redeem Screen ......................................................................................... 511
21.4.3 The Billing Profile Add/Edit Screen ................................................................................... 513
21.5 The Billing > Discount Screen ..................................................................................................... 514
21.5.1 The Discount Add/Edit Screen ......................................................................................... 516
21.6 The Billing > Payment Service Screen ....................................................................................... 516
21.6.1 The Payment Service > Desktop / Mobile View Screen ............................................... 518
Table of Contents
ZyWALL USG/VPN Series User’s Guide
16
Chapter 22
Printer Manager ...............................................................................................................................522
22.1 Printer Manager Overview ........................................................................................................ 522
22.1.1 What You Can Do in this Chapter ................................................................................... 522
22.2 The Printer Manager > General Screen ................................................................................... 522
22.2.1 Add Printer Rule ................................................................................................................. 525
22.2.2 Edit Printer Rule .................................................................................................................. 525
22.2.3 Discover Printer ................................................................................................................. 526
22.2.4 Edit Printer Manager (Discover Printer) .......................................................................... 528
22.3 The Printout Configuration Screen ............................................................................................ 529
22.4 Printer Reports Overview ........................................................................................................... 530
22.4.1 Key Combinations ............................................................................................................. 530
22.4.2 Daily Account Summary .................................................................................................. 530
22.4.3 Monthly Account Summary ............................................................................................. 531
22.4.4 Account Report Notes ..................................................................................................... 531
22.4.5 System Status ..................................................................................................................... 532
Chapter 23
Free Time...........................................................................................................................................534
23.1 Free Time Overview .................................................................................................................... 534
23.1.1 What You Can Do in this Chapter ................................................................................... 534
23.2 The Free Time Screen ................................................................................................................. 534
Chapter 24
SMS....................................................................................................................................................539
24.1 SMS Overview ........................................................................................................................... 539
24.1.1 What You Can Do in this Chapter ................................................................................... 539
24.2 The SMS Screen ........................................................................................................................... 539
Chapter 25
IPnP....................................................................................................................................................541
25.1 IPnP Overview ............................................................................................................................ 541
25.1.1 What You Can Do in this Chapter ................................................................................... 542
25.2 IPnP Screen .................................................................................................................................. 542
Chapter 26
Walled Garden.................................................................................................................................544
26.1 Walled Garden Overview ........................................................................................................ 544
26.2 Walled Garden > General Screen ........................................................................................... 544
26.3 Walled Garden > URL Base Screen .......................................................................................... 545
26.3.1 Adding/Editing a Walled Garden URL ........................................................................... 546
26.4 Walled Garden > Domain/IP Base Screen .............................................................................. 547
26.4.1 Adding/Editing a Walled Garden Domain or IP ........................................................... 548
Table of Contents
ZyWALL USG/VPN Series User’s Guide
17
26.4.2 Walled Garden Login Example ....................................................................................... 549
Chapter 27
Advertisement Screen.....................................................................................................................550
27.1 Advertisement Overview ........................................................................................................... 550
27.1.1 Adding/Editing an Advertisement URL .......................................................................... 551
Chapter 28
Security Policy..................................................................................................................................553
28.1 Overview ..................................................................................................................................... 553
28.2 One Security ................................................................................................................................ 554
28.3 What You Can Do in this Chapter ............................................................................................ 557
28.3.1 What You Need to Know ................................................................................................. 558
28.4 The Security Policy Screen ......................................................................................................... 559
28.4.1 Configuring the Security Policy Control Screen ............................................................ 560
28.4.2 The Security Policy Control Add/Edit Screen ................................................................. 563
28.5 Anomaly Detection and Prevention Overview ...................................................................... 565
28.5.1 The Anomaly Detection and Prevention General Screen ........................................... 566
28.5.2 Creating New ADP Profiles ..............................................................................................567
28.5.3 Traffic Anomaly Profiles ................................................................................................... 568
28.5.4 Protocol Anomaly Profiles ................................................................................................ 571
28.6 The Session Control Screen ........................................................................................................ 574
28.6.1 The Session Control Add/Edit Screen .............................................................................. 575
28.7 Security Policy Example Applications ......................................................................................576
Chapter 29
Cloud CNM......................................................................................................................................579
29.1 Cloud CNM Overview ................................................................................................................ 579
29.1.1 What You Can Do in this Chapter ................................................................................... 579
29.2 Cloud CNM SecuManager ....................................................................................................... 579
Chapter 30
Amazon VPC ...................................................................................................................................583
30.1 Overview ..................................................................................................................................... 583
30.2 Amazon VPC Configuration Process ........................................................................................ 583
Chapter 31
IPSec VPN .........................................................................................................................................585
31.1 Virtual Private Networks (VPN) Overview ................................................................................. 585
31.1.1 What You Can Do in this Chapter ................................................................................... 587
31.1.2 What You Need to Know ................................................................................................. 587
31.1.3 Before You Begin ............................................................................................................... 590
31.2 The VPN Connection Screen ..................................................................................................... 590
Table of Contents
ZyWALL USG/VPN Series User’s Guide
18
31.2.1 The VPN Connection Add/Edit Screen .......................................................................... 592
31.3 The VPN Gateway Screen ......................................................................................................... 599
31.3.1 The VPN Gateway Add/Edit Screen ............................................................................... 600
31.4 VPN Concentrator ..................................................................................................................... 607
31.4.1 VPN Concentrator Requirements and Suggestions ...................................................... 607
31.4.2 VPN Concentrator Screen ............................................................................................... 608
31.4.3 The VPN Concentrator Add/Edit Screen ........................................................................ 608
31.5 Zyxel Device IPSec VPN Client Configuration Provisioning .................................................... 609
31.6 IPSec VPN Background Information ......................................................................................... 611
Chapter 32
SSL VPN..............................................................................................................................................621
32.1 Overview ..................................................................................................................................... 621
32.1.1 What You Can Do in this Chapter ................................................................................... 621
32.1.2 What You Need to Know ................................................................................................. 621
32.2 The SSL Access Privilege Screen ................................................................................................ 622
32.2.1 The SSL Access Privilege Policy Add/Edit Screen ......................................................... 623
32.3 The SSL Global Setting Screen ................................................................................................... 626
32.3.1 How to Upload a Custom Logo ...................................................................................... 627
32.4 Zyxel Device SecuExtender ....................................................................................................... 628
32.4.1 Example: Configure Zyxel Device for SecuExtender ..................................................... 629
Chapter 33
SSL User Screens...............................................................................................................................632
33.1 Overview ..................................................................................................................................... 632
33.1.1 What You Need to Know ................................................................................................. 632
33.2 Remote SSL User Login ............................................................................................................... 633
33.3 The SSL VPN User Screens ........................................................................................................... 636
33.4 Bookmarking the Zyxel Device .................................................................................................. 637
33.5 Logging Out of the SSL VPN User Screens ................................................................................ 638
33.6 SSL User Application Screen ...................................................................................................... 638
33.7 SSL User File Sharing .................................................................................................................... 639
33.7.1 The Main File Sharing Screen ........................................................................................... 639
33.7.2 Opening a File or Folder ................................................................................................... 640
33.7.3 Downloading a File ........................................................................................................... 641
33.7.4 Saving a File ....................................................................................................................... 641
33.7.5 Creating a New Folder ..................................................................................................... 642
33.7.6 Renaming a File or Folder ................................................................................................ 642
33.7.7 Deleting a File or Folder .................................................................................................... 643
33.7.8 Uploading a File ................................................................................................................ 643
Chapter 34
Zyxel Device SecuExtender (Windows).........................................................................................645
Table of Contents
ZyWALL USG/VPN Series User’s Guide
19
34.1 The Zyxel Device SecuExtender Icon ....................................................................................... 645
34.2 Status ............................................................................................................................................ 645
34.3 View Log ...................................................................................................................................... 646
34.4 Suspend and Resume the Connection ................................................................................... 647
34.5 Stop the Connection ................................................................................................................. 647
34.6 Uninstalling the Zyxel Device SecuExtender ............................................................................ 647
Chapter 35
L2TP VPN............................................................................................................................................649
35.1 Overview ..................................................................................................................................... 649
35.1.1 What You Can Do in this Chapter ................................................................................... 649
35.1.2 What You Need to Know ................................................................................................. 649
35.2 L2TP VPN Screen ......................................................................................................................... 650
35.2.1 Example: L2TP and Zyxel Device Behind a NAT Router ................................................ 652
Chapter 36
BWM (Bandwidth Management) .................................................................................................654
36.1 Overview ..................................................................................................................................... 654
36.1.1 What You Can Do in this Chapter ................................................................................... 654
36.1.2 What You Need to Know ................................................................................................ 654
36.2 The Bandwidth Management Configuration .......................................................................... 658
36.2.1 The Bandwidth Management Add/Edit Screen ............................................................ 661
Chapter 37
Application Patrol............................................................................................................................669
37.1 Overview ..................................................................................................................................... 669
37.1.1 What You Can Do in this Chapter ................................................................................... 669
37.1.2 What You Need to Know ................................................................................................ 669
37.2 Application Patrol Profile ........................................................................................................... 670
37.2.1 The Application Patrol Profile Add/Edit Screen ............................................................. 672
37.2.2 The Application Patrol Profile Rule Add Application Screen ....................................... 673
Chapter 38
Content Filtering...............................................................................................................................675
38.1 Overview ..................................................................................................................................... 675
38.1.1 What You Can Do in this Chapter ................................................................................... 675
38.1.2 What You Need to Know ................................................................................................. 675
38.1.3 Before You Begin ............................................................................................................... 677
38.2 Content Filter Profile Screen ...................................................................................................... 677
38.2.1 Content Filter Add Profile Category Service .................................................................. 679
38.2.2 Content Filter Add Filter Profile Custom Service ........................................................... 687
38.3 Content Filter Trusted Web Sites Screen ................................................................................. 690
38.4 Content Filter Forbidden Web Sites Screen ............................................................................ 691
Table of Contents
ZyWALL USG/VPN Series User’s Guide
20
38.5 Content Filter Technical Reference ......................................................................................... 692
Chapter 39
IDP .....................................................................................................................................................694
39.1 Overview ..................................................................................................................................... 694
39.1.1 What You Can Do in this Chapter ................................................................................... 694
39.1.2 What You Need To Know ................................................................................................. 694
39.1.3 Before You Begin ............................................................................................................... 694
39.2 The IDP Profile Screen ................................................................................................................. 694
39.2.1 Base Profiles ....................................................................................................................... 696
39.2.2 Adding / Editing Profiles .................................................................................................. 697
39.2.3 Profile > Group View Screen ............................................................................................ 698
39.2.4 Add Profile > Query View ................................................................................................ 701
39.2.5 Query Example .................................................................................................................. 705
39.3 IDP Custom Signatures .............................................................................................................. 706
39.3.1 Add / Edit Custom Signatures ......................................................................................... 709
39.3.2 Custom Signature Example ............................................................................................. 713
39.3.3 Applying Custom Signatures ............................................................................................ 715
39.3.4 Verifying Custom Signatures ............................................................................................ 715
39.4 IDP Technical Reference ........................................................................................................... 716
Chapter 40
Anti-Virus...........................................................................................................................................719
40.1 Overview ..................................................................................................................................... 719
40.1.1 What You Can Do in this Chapter ................................................................................... 719
40.1.2 What You Need to Know ................................................................................................. 720
40.2 Anti-Virus Profile Screen ............................................................................................................. 721
40.2.1 Anti-Virus Profile Add or Edit ............................................................................................. 723
40.3 Anti-Virus Black List ...................................................................................................................... 724
40.3.1 Anti-Virus Black List or White List Add/Edit ...................................................................... 725
40.3.2 Anti-Virus White List ............................................................................................................ 726
40.4 AV Signature Searching ............................................................................................................. 727
40.5 Anti-Virus Technical Reference ................................................................................................. 728
Chapter 41
Anti-Spam.........................................................................................................................................730
41.1 Overview ..................................................................................................................................... 730
41.1.1 What You Can Do in this Chapter ................................................................................... 730
41.1.2 What You Need to Know ................................................................................................. 730
41.2 Before You Begin ........................................................................................................................ 731
41.3 The Anti-Spam Profile Screen .................................................................................................... 732
41.3.1 The Anti-Spam Profile Add or Edit Screen ...................................................................... 733
41.4 The Mail Scan Screen ................................................................................................................. 735
/