ZyXEL VPN100 User guide

Default Login Details

User’s Guide

ZyWALL USG/VPN

Series

LAN Port IP Address https://192.168.1.1

User Name admin

Password 1234

Version 4.31 Edition 1, 3/2018

ZyWALL USG/VPN Series User’s Guide

2

IMPORTANT!

READ CAREFULLY BEFORE USE.

KEEP THIS GUIDE FOR FUTURE REFERENCE.

This is a User’s Guide for a series of products. Not all products support all firmware features.

Screenshots and graphics in this book may differ slightly from your product due to differences in

product features or web configurator brand style. Most screen shots in this guide come from the

USG110 and USG60W. Screen shots for other models may vary. Every effort has been made to

ensure that the information in this manual is accurate.

Note: The version number on the cover page refers to the latest firmware version supported

by the Zyxel Device. This guide applies to versions 4.10, 4.11, 4.13, 4.15, 4.16, 4.20, 4.25,

4.30 and 4.31 at the time of writing.

Related Documentation

•Quick Start Guide

The Quick Start Guide shows how to connect the Zyxel Device and access the Web Configurator

wizards. (See the wizard real time help for information on configuring each screen.) It also contains a

connection diagram and package contents list.

•CLI Reference Guide

The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the

Zyxel Device.

Note: It is recommended you use the Web Configurator to configure the Zyxel Device.

• Web Configurator Online Help

Click the help icon in any screen for help in configuring that screen and supplementary information.

•More Information

Go to support.zyxel.com to find other information on

Zyxel Device.

ZyWALL USG/VPN Series User’s Guide

3

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this guide.

Warnings tell you about things that could harm you or your device.

Note: Notes tell you other important information (for example, other things you may need to

configure or helpful tips) or recommendations.

Syntax Conventions

• All models in this series may be referred to as the “Zyxel Device” in this guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Configuration >

Network > Interface > Ethernet means you first click Configuration in the navigation panel, then

Network, then the Interface sub menu and finally the Ethernet tab to get to that screen.

Icons Used in Figures

Figures in this user guide may use the following generic icons. The Zyxel Device icon is not an exact

representation of your device.

Zyxel Device Generic Router Wireless Router / Access Point

Switch Firewall Server

Internet Network Cloud Smartphone

USB Dongle

Contents Overview

ZyWALL USG/VPN Series User’s Guide

4

Contents Overview

Introduction ........................................................................................................................................... 28

Initial Setup Wizard ............................................................................................................................... 54

Hardware, Interfaces and Zones ........................................................................................................ 69

Easy Mode ............................................................................................................................................. 85

Quick Setup Wizards ........................................................................................................................... 146

Dashboard .......................................................................................................................................... 179

Monitor ................................................................................................................................................. 195

Licensing .............................................................................................................................................. 260

Wireless ................................................................................................................................................. 267

Interfaces ............................................................................................................................................. 290

Routing ................................................................................................................................................. 394

DDNS ................................................................................................................................................... 421

NAT ....................................................................................................................................................... 427

Redirect Service .................................................................................................................................. 434

ALG ....................................................................................................................................................... 440

UPnP ..................................................................................................................................................... 448

IP/MAC Binding ................................................................................................................................... 457

Layer 2 Isolation .................................................................................................................................. 462

DNS Inbound LB .................................................................................................................................. 466

Web Authentication .......................................................................................................................... 472

Hotspot ................................................................................................................................................ 504

Printer Manager .................................................................................................................................. 522

Free Time ............................................................................................................................................. 534

SMS ....................................................................................................................................................... 539

IPnP ....................................................................................................................................................... 541

Walled Garden ................................................................................................................................... 544

Advertisement Screen ....................................................................................................................... 550

Security Policy ..................................................................................................................................... 553

Cloud CNM ........................................................................................................................................ 579

Amazon VPC ...................................................................................................................................... 583

IPSec VPN ............................................................................................................................................ 585

SSL VPN ................................................................................................................................................ 621

SSL User Screens .................................................................................................................................. 632

Zyxel Device SecuExtender (Windows) ............................................................................................645

L2TP VPN .............................................................................................................................................. 649

BWM (Bandwidth Management) ..................................................................................................654

Application Patrol ............................................................................................................................... 669

Content Filtering ................................................................................................................................. 675

IDP ........................................................................................................................................................ 694

Contents Overview

ZyWALL USG/VPN Series User’s Guide

5

Anti-Virus .............................................................................................................................................. 719

Anti-Spam ............................................................................................................................................ 730

SSL Inspection ...................................................................................................................................... 748

Device HA ........................................................................................................................................... 757

Object .................................................................................................................................................. 777

System .................................................................................................................................................. 880

Log and Report ................................................................................................................................... 936

File Manager ....................................................................................................................................... 954

Diagnostics ......................................................................................................................................... 968

Packet Flow Explore .......................................................................................................................... 986

Shutdown ............................................................................................................................................. 994

Troubleshooting .................................................................................................................................. 995

Table of Contents

ZyWALL USG/VPN Series User’s Guide

6

Table of Contents

Document Conventions ......................................................................................................................3

Contents Overview .............................................................................................................................4

Table of Contents.................................................................................................................................6

Part I: User’s Guide..........................................................................................27

Chapter 1

Introduction ........................................................................................................................................28

1.1 Overview ......................................................................................................................................... 28

1.2 Registration at myZyxel .................................................................................................................. 30

1.2.1 Grace Period ......................................................................................................................... 30

1.2.2 Applications ........................................................................................................................... 31

1.3 Management Overview ................................................................................................................ 33

1.4 Web Configurator ........................................................................................................................... 35

1.4.1 Web Configurator Access .................................................................................................... 35

1.4.2 Web Configurator Screens Overview ................................................................................. 38

1.4.3 Navigation Panel .................................................................................................................. 42

1.4.4 Tables and Lists ...................................................................................................................... 50

Chapter 2

Initial Setup Wizard.............................................................................................................................54

2.1 Initial Setup Wizard Screens .......................................................................................................... 54

2.1.1 Internet Access Setup - WAN Interface ............................................................................. 55

2.1.2 Internet Access: Ethernet .................................................................................................... 55

2.1.3 Internet Access: PPPoE ......................................................................................................... 57

2.1.4 Internet Access: PPTP ........................................................................................................... 58

2.1.5 Internet Access: L2TP ............................................................................................................ 59

2.1.6 Internet Access Setup - Second WAN Interface ............................................................... 61

2.1.7 Internet Access: Congratulations ....................................................................................... 62

2.1.8 Date and Time Settings ........................................................................................................ 62

2.1.9 Register Device ..................................................................................................................... 63

2.1.10 Activate Service .................................................................................................................. 64

2.1.11 Wireless Settings: AP Controller ......................................................................................... 65

2.1.12 Wireless Settings: SSID & Security ...................................................................................... 66

2.1.13 Remote Management ......................................................................................................67

Table of Contents

ZyWALL USG/VPN Series User’s Guide

7

Chapter 3

Hardware, Interfaces and Zones......................................................................................................69

3.1 Hardware Overview ....................................................................................................................... 69

3.1.1 Front Panels ............................................................................................................................ 69

3.1.2 Rear Panels ............................................................................................................................ 73

3.2 Mounting ......................................................................................................................................... 75

3.2.1 Rack-mounting ...................................................................................................................... 76

3.2.2 USG2200-VPN Rack Mounting ............................................................................................. 76

3.2.3 Wall-mounting ....................................................................................................................... 80

3.2.4 USG20(W)-VPN/USG40(W)/USG60(W)/VPN50 Wall-mounting ......................................... 80

3.3 Default Zones, Interfaces, and Ports ............................................................................................ 82

3.4 Stopping the Zyxel Device ............................................................................................................ 84

Chapter 4

Easy Mode..........................................................................................................................................85

4.1 Overview ........................................................................................................................................ 85

4.1.1 Wizards and Links .................................................................................................................. 85

4.1.2 Easy Mode Settings ............................................................................................................... 86

4.1.3 Easy Mode Dashboard ......................................................................................................... 87

4.2 Initial Setup Wizard - Language and Overview ........................................................................ 90

4.2.1 Initial Setup Wizard - Internet ........................................................................................... 91

4.2.2 Initial Setup Wizard - Internet Access Errors ..................................................................... 92

4.2.3 Initial Setup Wizard - Date and Time ................................................................................ 93

4.2.4 Initial Setup Wizard - Register Device .............................................................................. 94

4.2.5 Initial Setup Wizard - Activate Services ............................................................................ 95

4.2.6 Initial Setup Wizard - Wi-Fi .................................................................................................. 97

4.2.7 Initial Setup Wizard - Congratulations .............................................................................. 98

4.3 Initial Setup Wizard - Security Service ....................................................................................... 99

4.4 Initial Setup Wizard - Port Forwarding ....................................................................................... 101

4.5 Initial Setup Wizard - Guest LAN ............................................................................................... 102

4.5.1 Connecting AP Scenarios ..................................................................................................103

4.6 Initial Setup Wizard - Remote Management .......................................................................... 104

4.7 Initial Setup Wizard - VPN ........................................................................................................... 105

4.7.1 VPN Setup Wizard: Wizard Type ...................................................................................... 106

4.7.2 VPN Express Wizard - Scenario ......................................................................................... 106

4.7.3 VPN Express Wizard - Configuration ................................................................................ 108

4.7.4 VPN Express Wizard - Summary ........................................................................................ 109

4.7.5 VPN Express Wizard - Finish ............................................................................................... 109

4.7.6 VPN Advanced Wizard - Scenario .................................................................................. 110

4.7.7 VPN Advanced Wizard - Phase 1 Settings ..................................................................... 111

4.7.8 VPN Advanced Wizard - Phase 2 .................................................................................... 113

4.7.9 VPN Advanced Wizard - Summary ................................................................................. 114

4.7.10 VPN Advanced Wizard - Finish ...................................................................................... 115

Table of Contents

ZyWALL USG/VPN Series User’s Guide

8

4.8 VPN Settings for Configuration Provisioning Wizard: Wizard Type ......................................... 115

4.8.1 Configuration Provisioning Express Wizard - VPN Settings ............................................ 116

4.8.2 Configuration Provisioning VPN Express Wizard - Configuration ................................. 117

4.8.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ..................... 118

4.8.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 119

4.8.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................ 120

4.8.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 121

4.8.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 ................. 122

4.8.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ............... 123

4.8.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish ....................... 125

4.9 VPN Settings for L2TP VPN Settings Wizard ............................................................................... 126

4.9.1 L2TP VPN Settings 1 ............................................................................................................. 127

4.9.2 L2TP VPN Settings 2 ............................................................................................................ 128

4.9.3 VPN Settings for L2TP VPN Setting Wizard - Summary ................................................... 129

4.9.4 VPN Settings for L2TP VPN Setting Wizard Completed .................................................. 130

4.10 Port Forwarding ......................................................................................................................... 131

4.10.1 Port Forwarding > Add Client ........................................................................................ 132

4.10.2 Port Forwarding > Add Service ...................................................................................... 132

4.10.3 Port Forwarding > UPnP .................................................................................................. 132

4.11 Wi-Fi and Guest Network Wizard ........................................................................................... 134

4.11.1 Guest LAN (Wired Network) ........................................................................................... 135

4.11.2 Connecting AP Scenarios ................................................................................................ 136

4.12 Security Service Wizard .......................................................................................................... 137

4.12.1 Security Service Wizard 2 - Content Filter Categories ............................................... 138

4.12.2 Security Service Wizard 3 - Websites ........................................................................... 140

4.12.3 Security Service Wizard 4 - Exemptions ...................................................................... 141

4.12.4 Security Service Wizard 5 - IDP/AV .............................................................................. 142

4.13 MyZyxel Portal ......................................................................................................................... 143

4.14 One Security Portal ................................................................................................................. 144

Chapter 5

Quick Setup Wizards........................................................................................................................146

5.1 Quick Setup Overview ................................................................................................................. 146

5.2 WAN Interface Quick Setup ........................................................................................................ 147

5.2.1 Choose an Ethernet Interface ........................................................................................... 147

5.2.2 Select WAN Type ................................................................................................................. 148

5.2.3 Configure WAN IP Settings ................................................................................................. 148

5.2.4 ISP and WAN and ISP Connection Settings ...................................................................... 149

5.2.5 Quick Setup Interface Wizard: Summary ......................................................................... 152

5.3 VPN Setup Wizard ......................................................................................................................... 153

5.3.1 Welcome .............................................................................................................................. 153

5.3.2 VPN Setup Wizard: Wizard Type ........................................................................................ 154

5.3.3 VPN Express Wizard - Scenario .......................................................................................... 155

Table of Contents

ZyWALL USG/VPN Series User’s Guide

9

5.3.4 VPN Express Wizard - Configuration ................................................................................. 156

5.3.5 VPN Express Wizard - Summary ......................................................................................... 157

5.3.6 VPN Express Wizard - Finish ................................................................................................ 158

5.3.7 VPN Advanced Wizard - Scenario ................................................................................... 158

5.3.8 VPN Advanced Wizard - Phase 1 Settings ...................................................................... 160

5.3.9 VPN Advanced Wizard - Phase 2 ..................................................................................... 161

5.3.10 VPN Advanced Wizard - Summary ................................................................................ 162

5.3.11 VPN Advanced Wizard - Finish ....................................................................................... 162

5.4 VPN Settings for Configuration Provisioning Wizard: Wizard Type ........................................... 163

5.4.1 Configuration Provisioning Express Wizard - VPN Settings ............................................. 164

5.4.2 Configuration Provisioning VPN Express Wizard - Configuration .................................. 165

5.4.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ...................... 166

5.4.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 167

5.4.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................. 168

5.4.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 169

5.4.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 .................. 170

5.4.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ................ 171

5.4.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish ........................ 173

5.5 VPN Settings for L2TP VPN Settings Wizard ................................................................................. 174

5.5.1 L2TP VPN Settings ................................................................................................................ 175

5.5.2 L2TP VPN Settings ................................................................................................................ 176

5.5.3 VPN Settings for L2TP VPN Setting Wizard - Summary .................................................... 177

5.5.4 VPN Settings for L2TP VPN Setting Wizard Completed ................................................... 178

Chapter 6

Dashboard........................................................................................................................................179

6.1 Overview ....................................................................................................................................... 179

6.1.1 What You Can Do in this Chapter ..................................................................................... 179

6.2 Main Dashboard Screen .............................................................................................................. 179

6.2.1 Device Information Screen ................................................................................................182

6.2.2 System Status Screen .......................................................................................................... 183

6.2.3 DHCP Table Screen ............................................................................................................. 184

6.2.4 Number of Login Users Screen ........................................................................................... 185

6.2.5 System Resources Screen ................................................................................................... 186

6.2.6 Extension Slot Screen .......................................................................................................... 187

6.2.7 Interface Status Summary Screen ..................................................................................... 187

6.2.8 Secured Service Status Screen .......................................................................................... 189

6.2.9 Content Filter Statistics Screen ........................................................................................... 189

6.2.10 Top 5 Viruses Screen ......................................................................................................... 190

6.2.11 Top 5 Intrusions Screen ..................................................................................................... 191

6.2.12 Top 5 IPv4/IPv6 Security Policy Rules that Blocked Traffic Screen ............................... 191

6.2.13 The Latest Alert Logs Screen ............................................................................................192

6.3 VPN Screen .................................................................................................................................... 192

Table of Contents

ZyWALL USG/VPN Series User’s Guide

10

Part II: Technical Reference.........................................................................194

Chapter 7

Monitor..............................................................................................................................................195

7.1 Overview ....................................................................................................................................... 195

7.1.1 What You Can Do in this Chapter ..................................................................................... 195

7.2 The Port Statistics Screen ............................................................................................................ 197

7.2.1 The Port Statistics Graph Screen ....................................................................................... 198

7.3 Interface Status Screen ................................................................................................................ 199

7.4 The Traffic Statistics Screen .......................................................................................................... 203

7.5 The Session Monitor Screen ........................................................................................................ 206

7.6 IGMP Statistics ............................................................................................................................... 208

7.7 The DDNS Status Screen ............................................................................................................... 209

7.8 IP/MAC Binding ............................................................................................................................. 209

7.9 The Login Users Screen ................................................................................................................ 210

7.10 The Dynamic Guest Screen ...................................................................................................... 211

7.11 Cellular Status Screen ................................................................................................................ 213

7.11.1 More Information .............................................................................................................. 215

7.12 The UPnP Port Status Screen ..................................................................................................... 216

7.13 USB Storage Screen .................................................................................................................... 217

7.14 Ethernet Neighbor Screen ........................................................................................................ 218

7.15 FQDN Object Screen ................................................................................................................ 219

7.16 AP Information: AP List ............................................................................................................... 221

7.16.1 AP List: More Information ................................................................................................ 223

7.16.2 AP List: Config AP ............................................................................................................. 226

7.17 AP Information: Radio List .......................................................................................................... 227

7.17.1 Radio List: More Information ............................................................................................229

7.18 AP Information: Top N APs ........................................................................................................ 230

7.19 AP Information: Single AP .......................................................................................................... 232

7.20 ZyMesh ......................................................................................................................................... 233

7.21 SSID Info ....................................................................................................................................... 233

7.22 Station Info: Station List .............................................................................................................. 234

7.23 Station Info: Top N Stations ........................................................................................................ 235

7.24 Station Info: Single Station ......................................................................................................... 236

7.25 Detected Device ....................................................................................................................... 237

7.26 The Printer Status Screen ........................................................................................................... 238

7.27 The IPSec Screen ........................................................................................................................ 238

7.28 The SSL Screen ............................................................................................................................. 240

7.29 The L2TP over IPSec Screen ....................................................................................................... 241

7.30 The App Patrol Screen ............................................................................................................... 241

7.31 The Content Filter Screen .......................................................................................................... 242

7.32 The IDP Screen ............................................................................................................................ 244

7.33 The Anti-Virus Screen .................................................................................................................. 246

Table of Contents

ZyWALL USG/VPN Series User’s Guide

11

7.34 The Anti-Spam Screens .............................................................................................................. 248

7.34.1 Anti-Spam Summary ......................................................................................................... 248

7.34.2 The Anti-Spam Status Screen ........................................................................................... 250

7.35 The SSL Inspection Screens ........................................................................................................ 252

7.35.1 Certificate Cache List ....................................................................................................... 253

7.36 Log Screens ................................................................................................................................. 254

7.36.1 View Log ............................................................................................................................ 254

7.36.2 View AP Log ....................................................................................................................... 256

7.36.3 Dynamic Users Log ............................................................................................................ 258

Chapter 8

Licensing...........................................................................................................................................260

8.1 Registration Overview .................................................................................................................. 260

8.1.1 What you Need to Know ....................................................................................................260

8.1.2 Registration Screen ............................................................................................................. 260

8.1.3 Service Screen ..................................................................................................................... 261

8.2 Signature Update ......................................................................................................................... 263

8.2.1 What you Need to Know ....................................................................................................263

8.2.2 The Anti-Virus Update Screen ............................................................................................ 263

8.2.3 The IDP/AppPatrol Update Screen ................................................................................... 264

Chapter 9

Wireless.............................................................................................................................................267

9.1 Overview ....................................................................................................................................... 267

9.1.1 What You Can Do in this Chapter ..................................................................................... 267

9.2 Controller Screen ......................................................................................................................... 267

9.3 AP Management Screens ........................................................................................................... 268

9.3.1 Mgnt. AP List ....................................................................................................................... 268

9.3.2 AP Policy .............................................................................................................................. 272

9.3.3 AP Group ............................................................................................................................. 273

9.3.4 Firmware ............................................................................................................................... 280

9.4 MON Mode ................................................................................................................................... 282

9.4.1 Add/Edit Rogue/Friendly List .............................................................................................. 284

9.5 Auto Healing ................................................................................................................................. 285

9.6 RTLS Overview ............................................................................................................................... 285

9.6.1 What You Can Do in this Chapter ..................................................................................... 286

9.6.2 Before You Begin ................................................................................................................. 286

9.6.3 Configuring RTLS .................................................................................................................. 287

9.7 Technical Reference .................................................................................................................... 288

9.7.1 Dynamic Channel Selection .............................................................................................. 288

9.7.2 Load Balancing ................................................................................................................... 289

Chapter 10

Interfaces..........................................................................................................................................290

Table of Contents

ZyWALL USG/VPN Series User’s Guide

12

10.1 Interface Overview .................................................................................................................... 290

10.1.1 What You Can Do in this Chapter ................................................................................... 290

10.1.2 What You Need to Know ................................................................................................. 291

10.1.3 What You Need to Do First ...............................................................................................295

10.2 Port Role ....................................................................................................................................... 295

10.3 Port Group ................................................................................................................................... 296

10.4 Ethernet Summary Screen ......................................................................................................... 297

10.4.1 Ethernet Edit ...................................................................................................................... 299

10.4.2 Proxy ARP ........................................................................................................................... 315

10.4.3 Virtual Interfaces .............................................................................................................. 316

10.4.4 Object References ............................................................................................................ 318

10.4.5 Add/Edit DHCPv6 Request/Release Options ................................................................. 318

10.4.6 Add/Edit DHCP Extended Options ................................................................................. 319

10.5 PPP Interfaces ............................................................................................................................. 321

10.5.1 PPP Interface Summary .................................................................................................... 321

10.5.2 PPP Interface Add or Edit ................................................................................................ 323

10.6 Cellular Configuration Screen ................................................................................................... 327

10.6.1 Cellular Choose Slot ......................................................................................................... 330

10.6.2 Add / Edit Cellular Configuration .................................................................................... 330

10.7 Tunnel Interfaces ........................................................................................................................ 336

10.7.1 Configuring a Tunnel ........................................................................................................ 338

10.7.2 Tunnel Add or Edit Screen ................................................................................................ 339

10.8 VLAN Interfaces ......................................................................................................................... 342

10.8.1 VLAN Summary Screen .....................................................................................................344

10.8.2 VLAN Add/Edit ................................................................................................................. 345

10.9 Bridge Interfaces ........................................................................................................................ 357

10.9.1 Bridge Summary ................................................................................................................ 358

10.9.2 Bridge Add/Edit ................................................................................................................ 360

10.10 LAG ............................................................................................................................................ 369

10.10.1 LAG Summary Screen .....................................................................................................370

10.10.2 LAG Add/Edit ................................................................................................................. 371

10.11 VTI ............................................................................................................................................... 377

10.11.1 Restrictions for IPSec Virtual Tunnel Interface .............................................................. 377

10.11.2 VTI Screen ........................................................................................................................ 377

10.11.3 VTI Add/Edit ..................................................................................................................... 378

10.12 Trunk Overview ......................................................................................................................... 382

10.12.1 What You Need to Know ............................................................................................... 382

10.13 The Trunk Summary Screen ...................................................................................................... 385

10.13.1 Configuring a User-Defined Trunk ................................................................................. 386

10.13.2 Configuring the System Default Trunk .......................................................................... 388

10.14 Interface Technical Reference ............................................................................................... 389

Chapter 11

Routing..............................................................................................................................................394

Table of Contents

ZyWALL USG/VPN Series User’s Guide

13

11.1 Policy and Static Routes Overview ........................................................................................... 394

11.1.1 What You Can Do in this Chapter ................................................................................... 394

11.1.2 What You Need to Know ................................................................................................ 395

11.2 Policy Route Screen ................................................................................................................... 396

11.2.1 Policy Route Edit Screen .................................................................................................. 399

11.3 IP Static Route Screen ................................................................................................................ 403

11.3.1 Static Route Add/Edit Screen .......................................................................................... 403

11.4 Policy Routing Technical Reference ........................................................................................405

11.5 Routing Protocols Overview ..................................................................................................... 405

11.5.1 What You Need to Know ................................................................................................. 406

11.6 The RIP Screen ............................................................................................................................. 406

11.7 The OSPF Screen ......................................................................................................................... 408

11.7.1 Configuring the OSPF Screen .......................................................................................... 411

11.7.2 OSPF Area Add/Edit Screen ........................................................................................... 412

11.7.3 Virtual Link Add/Edit Screen ...........................................................................................414

11.8 BGP (Border Gateway Protocol) .............................................................................................. 415

11.8.1 Allow BGP Packets to Enter the Zyxel Device ................................................................ 416

11.8.2 Configuring the BGP Screen ............................................................................................ 416

11.8.3 The BGP Neighbors Screen .............................................................................................. 418

11.8.4 Example Scenario ............................................................................................................. 419

Chapter 12

DDNS ................................................................................................................................................421

12.1 DDNS Overview ........................................................................................................................... 421

12.1.1 What You Can Do in this Chapter ................................................................................... 421

12.1.2 What You Need to Know ................................................................................................. 421

12.2 The DDNS Screen ........................................................................................................................ 422

12.2.1 The Dynamic DNS Add/Edit Screen ................................................................................ 423

Chapter 13

NAT....................................................................................................................................................427

13.1 NAT Overview ............................................................................................................................. 427

13.1.1 What You Can Do in this Chapter ................................................................................... 427

13.1.2 What You Need to Know ................................................................................................. 427

13.2 The NAT Screen ........................................................................................................................... 427

13.2.1 The NAT Add/Edit Screen .................................................................................................429

13.3 NAT Technical Reference .......................................................................................................... 432

Chapter 14

Redirect Service...............................................................................................................................434

14.1 Overview ..................................................................................................................................... 434

14.1.1 HTTP Redirect ..................................................................................................................... 434

14.1.2 SMTP Redirect .................................................................................................................... 434

Table of Contents

ZyWALL USG/VPN Series User’s Guide

14

14.1.3 What You Can Do in this Chapter ................................................................................... 435

14.1.4 What You Need to Know ................................................................................................. 435

14.2 The Redirect Service Screen ..................................................................................................... 437

14.2.1 The Redirect Service Edit Screen ..................................................................................... 438

Chapter 15

ALG....................................................................................................................................................440

15.1 ALG Overview ............................................................................................................................. 440

15.1.1 What You Need to Know ................................................................................................. 440

15.1.2 Before You Begin ............................................................................................................... 443

15.2 The ALG Screen .......................................................................................................................... 443

15.3 ALG Technical Reference ......................................................................................................... 446

Chapter 16

UPnP...................................................................................................................................................448

16.1 UPnP and NAT-PMP Overview ................................................................................................... 448

16.2 What You Need to Know ........................................................................................................... 448

16.2.1 NAT Traversal ..................................................................................................................... 448

16.2.2 Cautions with UPnP and NAT-PMP .................................................................................. 449

16.3 UPnP Screen ................................................................................................................................ 449

16.4 Technical Reference .................................................................................................................. 450

16.4.1 Turning on UPnP in Windows 7 Example ......................................................................... 450

16.4.2 Using UPnP in Windows XP Example ................................................................................ 452

16.4.3 Web Configurator Easy Access ....................................................................................... 454

Chapter 17

IP/MAC Binding................................................................................................................................457

17.1 IP/MAC Binding Overview ......................................................................................................... 457

17.1.1 What You Can Do in this Chapter ................................................................................... 457

17.1.2 What You Need to Know ................................................................................................. 457

17.2 IP/MAC Binding Summary ......................................................................................................... 458

17.2.1 IP/MAC Binding Edit .......................................................................................................... 458

17.2.2 Static DHCP Edit ................................................................................................................ 459

17.3 IP/MAC Binding Exempt List ....................................................................................................... 460

Chapter 18

Layer 2 Isolation...............................................................................................................................462

18.1 Overview ..................................................................................................................................... 462

18.1.1 What You Can Do in this Chapter ................................................................................... 462

18.2 Layer-2 Isolation General Screen ............................................................................................. 462

18.3 White List Screen ......................................................................................................................... 463

18.3.1 Add/Edit White List Rule ................................................................................................... 464

Table of Contents

ZyWALL USG/VPN Series User’s Guide

15

Chapter 19

DNS Inbound LB................................................................................................................................466

19.1 DNS Inbound Load Balancing Overview ................................................................................. 466

19.1.1 What You Can Do in this Chapter ................................................................................... 466

19.2 The DNS Inbound LB Screen ...................................................................................................... 467

19.2.1 The DNS Inbound LB Add/Edit Screen ............................................................................ 468

19.2.2 The DNS Inbound LB Add/Edit Member Screen ............................................................ 470

Chapter 20

Web Authentication ........................................................................................................................472

20.1 Web Auth Overview ................................................................................................................... 472

20.1.1 What You Can Do in this Chapter ................................................................................... 472

20.1.2 What You Need to Know ................................................................................................. 473

20.2 Web Authentication General Screen ...................................................................................... 473

20.2.1 User-aware Access Control Example ............................................................................. 478

20.2.2 Authentication Type Screen ............................................................................................ 483

20.2.3 Custom Web Portal / User Agreement File Screen ....................................................... 487

20.2.4 Facebook Wi-Fi Screen ..................................................................................................... 489

20.3 SSO Overview .............................................................................................................................. 492

20.4 SSO - Zyxel Device Configuration ............................................................................................. 494

20.4.1 Configuration Overview ................................................................................................... 494

20.4.2 Configure the Zyxel Device to Communicate with SSO .............................................. 494

20.4.3 Enable Web Authentication ............................................................................................ 495

20.4.4 Create a Security Policy ................................................................................................... 496

20.4.5 Configure User Information ..............................................................................................497

20.4.6 Configure an Authentication Method ........................................................................... 498

20.4.7 Configure Active Directory ..............................................................................................499

20.5 SSO Agent Configuration .......................................................................................................... 500

Chapter 21

Hotspot..............................................................................................................................................504

21.1 Overview ..................................................................................................................................... 504

21.2 Billing Overview ........................................................................................................................... 504

21.2.1 What You Need to Know ................................................................................................. 504

21.3 The Billing > General Screen ...................................................................................................... 505

21.4 The Billing > Billing Profile Screen ............................................................................................... 507

21.4.1 The Account Generator Screen ...................................................................................... 508

21.4.2 The Account Redeem Screen ......................................................................................... 511

21.4.3 The Billing Profile Add/Edit Screen ................................................................................... 513

21.5 The Billing > Discount Screen ..................................................................................................... 514

21.5.1 The Discount Add/Edit Screen ......................................................................................... 516

21.6 The Billing > Payment Service Screen ....................................................................................... 516

21.6.1 The Payment Service > Desktop / Mobile View Screen ............................................... 518

Table of Contents

ZyWALL USG/VPN Series User’s Guide

16

Chapter 22

Printer Manager ...............................................................................................................................522

22.1 Printer Manager Overview ........................................................................................................ 522

22.1.1 What You Can Do in this Chapter ................................................................................... 522

22.2 The Printer Manager > General Screen ................................................................................... 522

22.2.1 Add Printer Rule ................................................................................................................. 525

22.2.2 Edit Printer Rule .................................................................................................................. 525

22.2.3 Discover Printer ................................................................................................................. 526

22.2.4 Edit Printer Manager (Discover Printer) .......................................................................... 528

22.3 The Printout Configuration Screen ............................................................................................ 529

22.4 Printer Reports Overview ........................................................................................................... 530

22.4.1 Key Combinations ............................................................................................................. 530

22.4.2 Daily Account Summary .................................................................................................. 530

22.4.3 Monthly Account Summary ............................................................................................. 531

22.4.4 Account Report Notes ..................................................................................................... 531

22.4.5 System Status ..................................................................................................................... 532

Chapter 23

Free Time...........................................................................................................................................534

23.1 Free Time Overview .................................................................................................................... 534

23.1.1 What You Can Do in this Chapter ................................................................................... 534

23.2 The Free Time Screen ................................................................................................................. 534

Chapter 24

SMS....................................................................................................................................................539

24.1 SMS Overview ........................................................................................................................... 539

24.1.1 What You Can Do in this Chapter ................................................................................... 539

24.2 The SMS Screen ........................................................................................................................... 539

Chapter 25

IPnP....................................................................................................................................................541

25.1 IPnP Overview ............................................................................................................................ 541

25.1.1 What You Can Do in this Chapter ................................................................................... 542

25.2 IPnP Screen .................................................................................................................................. 542

Chapter 26

Walled Garden.................................................................................................................................544

26.1 Walled Garden Overview ........................................................................................................ 544

26.2 Walled Garden > General Screen ........................................................................................... 544

26.3 Walled Garden > URL Base Screen .......................................................................................... 545

26.3.1 Adding/Editing a Walled Garden URL ........................................................................... 546

26.4 Walled Garden > Domain/IP Base Screen .............................................................................. 547

26.4.1 Adding/Editing a Walled Garden Domain or IP ........................................................... 548

Table of Contents

ZyWALL USG/VPN Series User’s Guide

17

26.4.2 Walled Garden Login Example ....................................................................................... 549

Chapter 27

Advertisement Screen.....................................................................................................................550

27.1 Advertisement Overview ........................................................................................................... 550

27.1.1 Adding/Editing an Advertisement URL .......................................................................... 551

Chapter 28

Security Policy..................................................................................................................................553

28.1 Overview ..................................................................................................................................... 553

28.2 One Security ................................................................................................................................ 554

28.3 What You Can Do in this Chapter ............................................................................................ 557

28.3.1 What You Need to Know ................................................................................................. 558

28.4 The Security Policy Screen ......................................................................................................... 559

28.4.1 Configuring the Security Policy Control Screen ............................................................ 560

28.4.2 The Security Policy Control Add/Edit Screen ................................................................. 563

28.5 Anomaly Detection and Prevention Overview ...................................................................... 565

28.5.1 The Anomaly Detection and Prevention General Screen ........................................... 566

28.5.2 Creating New ADP Profiles ..............................................................................................567

28.5.3 Traffic Anomaly Profiles ................................................................................................... 568

28.5.4 Protocol Anomaly Profiles ................................................................................................ 571

28.6 The Session Control Screen ........................................................................................................ 574

28.6.1 The Session Control Add/Edit Screen .............................................................................. 575

28.7 Security Policy Example Applications ......................................................................................576

Chapter 29

Cloud CNM......................................................................................................................................579

29.1 Cloud CNM Overview ................................................................................................................ 579

29.1.1 What You Can Do in this Chapter ................................................................................... 579

29.2 Cloud CNM SecuManager ....................................................................................................... 579

Chapter 30

Amazon VPC ...................................................................................................................................583

30.1 Overview ..................................................................................................................................... 583

30.2 Amazon VPC Configuration Process ........................................................................................ 583

Chapter 31

IPSec VPN .........................................................................................................................................585

31.1 Virtual Private Networks (VPN) Overview ................................................................................. 585

31.1.1 What You Can Do in this Chapter ................................................................................... 587

31.1.2 What You Need to Know ................................................................................................. 587

31.1.3 Before You Begin ............................................................................................................... 590

31.2 The VPN Connection Screen ..................................................................................................... 590

Table of Contents

ZyWALL USG/VPN Series User’s Guide

18

31.2.1 The VPN Connection Add/Edit Screen .......................................................................... 592

31.3 The VPN Gateway Screen ......................................................................................................... 599

31.3.1 The VPN Gateway Add/Edit Screen ............................................................................... 600

31.4 VPN Concentrator ..................................................................................................................... 607

31.4.1 VPN Concentrator Requirements and Suggestions ...................................................... 607

31.4.2 VPN Concentrator Screen ............................................................................................... 608

31.4.3 The VPN Concentrator Add/Edit Screen ........................................................................ 608

31.5 Zyxel Device IPSec VPN Client Configuration Provisioning .................................................... 609

31.6 IPSec VPN Background Information ......................................................................................... 611

Chapter 32

SSL VPN..............................................................................................................................................621

32.1 Overview ..................................................................................................................................... 621

32.1.1 What You Can Do in this Chapter ................................................................................... 621

32.1.2 What You Need to Know ................................................................................................. 621

32.2 The SSL Access Privilege Screen ................................................................................................ 622

32.2.1 The SSL Access Privilege Policy Add/Edit Screen ......................................................... 623

32.3 The SSL Global Setting Screen ................................................................................................... 626

32.3.1 How to Upload a Custom Logo ...................................................................................... 627

32.4 Zyxel Device SecuExtender ....................................................................................................... 628

32.4.1 Example: Configure Zyxel Device for SecuExtender ..................................................... 629

Chapter 33

SSL User Screens...............................................................................................................................632

33.1 Overview ..................................................................................................................................... 632

33.1.1 What You Need to Know ................................................................................................. 632

33.2 Remote SSL User Login ............................................................................................................... 633

33.3 The SSL VPN User Screens ........................................................................................................... 636

33.4 Bookmarking the Zyxel Device .................................................................................................. 637

33.5 Logging Out of the SSL VPN User Screens ................................................................................ 638

33.6 SSL User Application Screen ...................................................................................................... 638

33.7 SSL User File Sharing .................................................................................................................... 639

33.7.1 The Main File Sharing Screen ........................................................................................... 639

33.7.2 Opening a File or Folder ................................................................................................... 640

33.7.3 Downloading a File ........................................................................................................... 641

33.7.4 Saving a File ....................................................................................................................... 641

33.7.5 Creating a New Folder ..................................................................................................... 642

33.7.6 Renaming a File or Folder ................................................................................................ 642

33.7.7 Deleting a File or Folder .................................................................................................... 643

33.7.8 Uploading a File ................................................................................................................ 643

Chapter 34

Zyxel Device SecuExtender (Windows).........................................................................................645

Table of Contents

ZyWALL USG/VPN Series User’s Guide

19

34.1 The Zyxel Device SecuExtender Icon ....................................................................................... 645

34.2 Status ............................................................................................................................................ 645

34.3 View Log ...................................................................................................................................... 646

34.4 Suspend and Resume the Connection ................................................................................... 647

34.5 Stop the Connection ................................................................................................................. 647

34.6 Uninstalling the Zyxel Device SecuExtender ............................................................................ 647

Chapter 35

L2TP VPN............................................................................................................................................649

35.1 Overview ..................................................................................................................................... 649

35.1.1 What You Can Do in this Chapter ................................................................................... 649

35.1.2 What You Need to Know ................................................................................................. 649

35.2 L2TP VPN Screen ......................................................................................................................... 650

35.2.1 Example: L2TP and Zyxel Device Behind a NAT Router ................................................ 652

Chapter 36

BWM (Bandwidth Management) .................................................................................................654

36.1 Overview ..................................................................................................................................... 654

36.1.1 What You Can Do in this Chapter ................................................................................... 654

36.1.2 What You Need to Know ................................................................................................ 654

36.2 The Bandwidth Management Configuration .......................................................................... 658

36.2.1 The Bandwidth Management Add/Edit Screen ............................................................ 661

Chapter 37

Application Patrol............................................................................................................................669

37.1 Overview ..................................................................................................................................... 669

37.1.1 What You Can Do in this Chapter ................................................................................... 669

37.1.2 What You Need to Know ................................................................................................ 669

37.2 Application Patrol Profile ........................................................................................................... 670

37.2.1 The Application Patrol Profile Add/Edit Screen ............................................................. 672

37.2.2 The Application Patrol Profile Rule Add Application Screen ....................................... 673

Chapter 38

Content Filtering...............................................................................................................................675

38.1 Overview ..................................................................................................................................... 675

38.1.1 What You Can Do in this Chapter ................................................................................... 675

38.1.2 What You Need to Know ................................................................................................. 675

38.1.3 Before You Begin ............................................................................................................... 677

38.2 Content Filter Profile Screen ...................................................................................................... 677

38.2.1 Content Filter Add Profile Category Service .................................................................. 679

38.2.2 Content Filter Add Filter Profile Custom Service ........................................................... 687

38.3 Content Filter Trusted Web Sites Screen ................................................................................. 690

38.4 Content Filter Forbidden Web Sites Screen ............................................................................ 691

Table of Contents

ZyWALL USG/VPN Series User’s Guide

20

38.5 Content Filter Technical Reference ......................................................................................... 692

Chapter 39

IDP .....................................................................................................................................................694

39.1 Overview ..................................................................................................................................... 694

39.1.1 What You Can Do in this Chapter ................................................................................... 694

39.1.2 What You Need To Know ................................................................................................. 694

39.1.3 Before You Begin ............................................................................................................... 694

39.2 The IDP Profile Screen ................................................................................................................. 694

39.2.1 Base Profiles ....................................................................................................................... 696

39.2.2 Adding / Editing Profiles .................................................................................................. 697

39.2.3 Profile > Group View Screen ............................................................................................ 698

39.2.4 Add Profile > Query View ................................................................................................ 701

39.2.5 Query Example .................................................................................................................. 705

39.3 IDP Custom Signatures .............................................................................................................. 706

39.3.1 Add / Edit Custom Signatures ......................................................................................... 709

39.3.2 Custom Signature Example ............................................................................................. 713

39.3.3 Applying Custom Signatures ............................................................................................ 715

39.3.4 Verifying Custom Signatures ............................................................................................ 715

39.4 IDP Technical Reference ........................................................................................................... 716

Chapter 40

Anti-Virus...........................................................................................................................................719

40.1 Overview ..................................................................................................................................... 719

40.1.1 What You Can Do in this Chapter ................................................................................... 719

40.1.2 What You Need to Know ................................................................................................. 720

40.2 Anti-Virus Profile Screen ............................................................................................................. 721

40.2.1 Anti-Virus Profile Add or Edit ............................................................................................. 723

40.3 Anti-Virus Black List ...................................................................................................................... 724

40.3.1 Anti-Virus Black List or White List Add/Edit ...................................................................... 725

40.3.2 Anti-Virus White List ............................................................................................................ 726

40.4 AV Signature Searching ............................................................................................................. 727

40.5 Anti-Virus Technical Reference ................................................................................................. 728

Chapter 41

Anti-Spam.........................................................................................................................................730

41.1 Overview ..................................................................................................................................... 730

41.1.1 What You Can Do in this Chapter ................................................................................... 730

41.1.2 What You Need to Know ................................................................................................. 730

41.2 Before You Begin ........................................................................................................................ 731

41.3 The Anti-Spam Profile Screen .................................................................................................... 732

41.3.1 The Anti-Spam Profile Add or Edit Screen ...................................................................... 733

41.4 The Mail Scan Screen ................................................................................................................. 735

Page is loading ...

ZyXEL VPN100 User guide

This manual is also suitable for

ZyXEL VPN100 User guide

Related papers

Other documents