Zyxel USG60, USG40W, USG2200, USG40, USG210 CLI Reference Guide

Default Login Details

CLI Reference Guide

ZyWALL USG/USG FLEX/VPN/ATP Series

LAN Port IP Address https://192.168.1.1

User Name admin

Password 1234

Version 4.10–4.60 Ed 1, 10/2020

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference
Guide Copyright © 2020 Zyxel Communications Corpo-

IMPORTANT!
READ CAREFULLY BEFORE USE.
KEEP THIS GUIDE FOR FUTURE REFERENCE.

This is a Reference Guide for a series of products intended for people who want to configure the Zyxel
Device via Command Line Interface (CLI).

Note: The version number on the cover page refers to the latest firmware version supported

by the Zyxel Device. This guide applies to ZLD version 4.10–4.60 at the time of writing.

How To Use This Guide

1 Read Chapter 1 on page 24 for how to access and use the CLI (Command Line Interface).

2 Read Chapter 2 on page 40 to learn about the CLI user and privilege modes.

Some commands or command options in this guide may not be
available in your product. See your product's User’s Guide for a list of
supported features.
Do not use commands not documented in this guide. Use of
undocumented commands or misconfiguration can damage the unit
and possibly render it unusable.
Some commands are renamed between firmware versions. In cases
where a command has multiple names, the Reference Guide lists each
variation.

Related Documentation

•Quick Start Guide
The Quick Start Guide shows how to connect the Zyxel Device and access the Web Configurator.

• User’s Guide
The ATP Series User’s Guide explains how to use the Web Configurator to configure the Zyxel Device. It

also shows the product feature matrix for each device. General feature differences are written in the
Introduction chapter while a more detailed table is in the Product Feature appendix.

The USG Series User’s Guide explains how to use the Web Configurator to configure the Zyxel Device.
It also shows the product feature matrix for each device. General feature differences are written in
the Introduction chapter while a more detailed table is in the Product Feature appendix.

Note: It is recommended you use the Web Configurator to configure the Zyxel Device.

•More Information
Go to support.zyxel.com to find other information on Zyxel Device.

Contents Overview

Contents Overview

Introduction .......................................................................................................................................23

Command Line Interface ................................ ....... ....... ....... ....... ....... ....... .............. ....... ....... .............. 24

User and Privilege Modes .................................................................................................................... 40

Reference ..........................................................................................................................................44

Object Reference ................................................................................................................................ 45

Status ......................................................................... ............................................................................. 47

Registration ...................................................................... .......................................... ............................ 52

AP Management .................................................................................................................................. 55

Built-in AP ............................................................................................................................................... 63

AP Group ........... ................................................................................... ................................................. 65

Wireless LAN Profiles .............................................................................................................................. 72

Rogue AP ............................................................................................................................................... 90

Wireless Frame Capture ....................................................................................................................... 94

Dynamic Channel Selection ............................................................................................................... 96

Auto-Healing ......................................................................................................................................... 97

LEDs ........................................................................................................................................................ 99

Interfaces ................................................................................ ............................................................. 101

Trunks ................................................................................ .................................................................... 147

Route ................................................................................ .................................................................... 151

Routing Protocol ................................................................................................................................. 160

Zones ......................................................................... ........................................................................... 167

DDNS .................................................................................................................................................... 170

Virtual Servers ...................................................................................................................................... 173

HTTP Redirect ....................................................................................................................................... 186

Redirect Service .................................................................................................................................. 188

ALG ................................................................................... ....... ....... ....... ....... ....... ................................. 192

UPnP ..................................................................................................................................................... 195

IP/MAC Binding ...................................................................... ............................................................. 198

Layer 2 Isolation .................................................................................................................................. 200

Secure Policy ....................................................................................................................................... 203

Cloud CNM .................................................................................................................................... ..... 221

Web Authentication ........................................................................................................................... 229

Hotspot ................................................................................................................................................ 237

IPSec VPN ............................................................................................................................................ 252

SSL VPN ................................... ............................................................................................................. 267

L2TP VPN .............................................................................................................................................. 271

Bandwidth Management .................................................................................................................. 279

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

3

Contents Overview

Application Patrol ............................................................................................................................... 285

Anti-Virus .............................................................................................................................................. 289

RTLS ................................................................................... .................................................................... 297

Reputation Filter .................................................................................................................................. 299

Sandboxing ......................................................................................................................................... 316

IDP Commands ................................................................................................................................... 319

Content Filtering ................................................................................................................................. 332

Anti-Spam ............................................................................... ............................................................. 358

SSL Inspection ...................................................................................................................................... 369

IP Exception ......................................................................................................................................... 376

Device HA .......................................................................................................... ................................. 378

User/Group ...................................................................... .................................................................... 388

Application Object ...................... ...................................................................................................... 398

Addresses ............................................................................................................................................ 401

Services ................................................................................... ............................................................. 410

Schedules ............................................................................................................................................ 413

AAA Server .......................................................................................................................................... 415

Authentication Objects ..................................................................................................................... 422

Authentication Server ........................................................................................................................ 432

Certificates .......................................................................................................................................... 434

ISP Accounts ........................................................................................................................................ 440

SSL Application ................................................................................................................................... 442

DHCPv6 Objects ................................................................................................................................. 444

Dynamic Guest Accounts ................................................................................................................. 447

System ................................................................ .................................................................................. 450

System Remote Management .......................................................................................................... 466

File Manager ....................................................................................................................................... 478

Logs ...................................................................................................................................................... 501

Reports and Reboot ........................................................................................................................... 507

Session Timeout ................................................................................................................................... 513

Diagnostics and Remote Assistance ............................................................................................... 514

Packet Flow Explore ........................................................................................................................... 517

Maintenance Tools .. ....... ....... ....... ....... ....... ...... ....... ....... ....... .............. ....... ....... ....... ....... ................... 521

Miscellaneous ..................................................................................................................................... 530

Managed AP Commands ................................................................................................................. 535

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

4

Table of Contents

Table of Contents

Contents Overview .............................................................................................................................3

Table of Contents.................................................................................................................................5

Part I: Introduction ..........................................................................................23

Chapter 1

Command Line Interface..................................................................................................................24

1.1 Overview ......................................................................................................................................... 24

1.1.1 The Configuration File ........................................................................................................... 25

1.2 Accessing the CLI ........................................................................................................................... 25

1.2.1 Console Port .......................................................................................................................... 25

1.2.2 Web Configurator Console .................................................................................................. 26

1.2.3 Telnet ...................................................................................................................................... 28

1.2.4 SSH (Secure SHell) .................................................................................................................. 29

1.3 How to Find Commands in this Guide .........................................................................................29

1.4 How Commands Are Explained ................................................................................................... 29

1.4.1 Background Information (Optional) ................................................................................... 30

1.4.2 Command Input Values (Optional) .................................................................................... 30

1.4.3 Command Summary ............................................................................................................ 30

1.4.4 Command Examples (Optional) ......................................................................................... 30

1.4.5 Command Syntax ................................................................................................................. 30

1.4.6 Naming Conventions ............................................................................................................ 31

1.4.7 Changing the Password ....................................................................................................... 31

1.4.8 Idle Timeout ........................................................................................................................... 31

1.5 CLI Modes ........................................................................................................................................ 31

1.6 Shortcuts and Help ......................................................................................................................... 32

1.6.1 List of Available Commands ................................................................................................ 32

1.6.2 List of Sub-commands or Required User Input ................................................................... 33

1.6.3 Entering Partial Commands ................................................................................................. 33

1.6.4 Entering a ? in a Command ................................................................................................34

1.6.5 Command History ................................................................................................................. 34

1.6.6 Navigation ............................................................................................................................. 34

1.6.7 Erase Current Command ..................................................................................................... 34

1.6.8 The no Commands ............................................................................................................... 34

1.7 Input Values .................................................................................................................................... 34

1.8 Ethernet Interfaces ......................................................................................................................... 38

1.9 Saving Configuration Changes .................................................................................................... 38

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

5

Table of Contents

1.10 Logging Out .................................................................................................................................. 38

1.11 Resetting the Zyxel Device .......................................................................................................... 39

Chapter 2

User and Privilege Modes .................................................................................................................40

2.1 User And Privilege Modes .............................................................................................................. 40

2.1.1 Debug Commands ............................................................................................................... 42

Part II: Reference ............................................................................................44

Chapter 3

Object Reference ................................ ... ...........................................................................................45

3.1 Object Reference Commands ..................................................................................................... 45

3.1.1 Object Reference Command Example ............................................................................. 46

Chapter 4

Status...................................................................................................................................................47

4.1 ATP Dashboard Commands ......................................................................................................... 51

Chapter 5

Registration.........................................................................................................................................52

5.1 myZyxel Overview ........................................................................................................................... 52

5.1.1 Subscription Services Available on the Zyxel Device ........................................................ 52

5.2 Registration Commands ................................................................................................................ 53

5.2.1 Command Examples ............................................................................................................ 54

Chapter 6

AP Management................................................................................................................................55

6.1 AP Management Overview .......................................................................................................... 55

6.2 AP Management Commands ...................................................................................................... 55

6.2.1 AP Management Commands Example ............................................................................. 60

Chapter 7

Built-in AP............................................................................................................................................63

7.1 Built-in AP Commands .................................................................................................................... 63

Chapter 8

AP Group ............................................................................................................................................65

8.1 Wireless Load Balancing Overview .............................................................................................. 65

8.2 AP Group Commands ................................................................................................................... 65

8.2.1 AP Group Examples .............................................................................................................. 69

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

6

Table of Contents

Chapter 9

Wireless LAN Profiles ..........................................................................................................................72

9.1 Wireless LAN Profiles Overview ...................................................................................................... 72

9.2 AP Radio & Monitor Profile Commands ....................................................................................... 72

9.2.1 AP Radio & Monitor Profile Commands Example ............................................................. 78

9.3 SSID Profile Commands .................................................................................................................. 79

9.3.1 SSID Profile Example .............................................................................................................. 82

9.4 Security Profile Commands ........................................................................................................... 83

9.4.1 Security Profile Example ....................................................................................................... 86

9.5 MAC Filter Profile Commands ....................................................................................................... 86

9.5.1 MAC Filter Profile Example ................................................................................................... 87

9.6 ZyMesh Profile Commands ............................................................................................................ 87

Chapter 10

Rogue AP............................................................................................................................................90

10.1 Rogue AP Detection Overview ................................................................................................... 90

10.2 Rogue AP Detection Commands ...............................................................................................90

10.2.1 Rogue AP Detection Examples ......................................................................................... 91

10.3 Rogue AP Containment Overview .............................................................................................92

10.4 Rogue AP Containment Commands ......................................................................................... 93

10.4.1 Rogue AP Containment Example ..................................................................................... 93

Chapter 11

Wireless Frame Capture....................................................................................................................94

11.1 Wireless Frame Capture Overview ............................................................................................. 94

11.2 Wireless Frame Capture Commands ......................................................................................... 94

11.2.1 Wireless Frame Capture Examples .................................................................................... 95

Chapter 12

Dynamic Channel Selection.............................................................................................................96

12.1 DCS Overview ............................................................................................................................... 96

12.2 DCS Commands ........................................................................................................................... 96

Chapter 13

Auto-Healing......................................................................................................................................97

13.1 Auto-Healing Overview ............................................................................................................... 97

13.2 Auto-Healing Commands ........................................................................................................... 97

13.2.1 Auto-Healing Examples ...................................................................................................... 98

Chapter 14

LEDs .....................................................................................................................................................99

14.1 LED Suppression Mode ................................................................................................................. 99

14.2 LED Suppression Commands ....................................................................................................... 99

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

7

Table of Contents

14.2.1 LED Suppression Commands Example ............................................................................. 99

14.3 LED Locator ................................................................................................................................. 100

14.4 LED Locator Commands ............................................................................................................ 100

14.4.1 LED Locator Commands Example .................................................................................. 100

Chapter 15

Interfaces..........................................................................................................................................101

15.1 Interface Overview .................................................................................................................... 101

15.1.1 Types of Interfaces ............................................................................................................ 101

15.1.2 Relationships Between Interfaces ................................................................................... 104

15.2 Interface General Commands Summary ................................................................................ 105

15.2.1 Basic Interface Properties and IP Address Commands ................................................ 105

15.2.2 IGMP Proxy Commands ................................................................................................... 111

15.2.3 Proxy ARP Commands ......................................................................................................112

15.2.4 DHCP Setting Commands ................................................. ............................................... 113

15.2.5 Interface Parameter Command Examples ................................................................... 118

15.2.6 RIP Commands .................................................................................................................. 119

15.2.7 OSPF Commands .............................................................................................................. 119

15.2.8 Connectivity Check (Ping-check) Commands ................................... .......................... 121

15.3 Ethernet Interface Specific Commands .................................................................................. 122

15.3.1 MAC Address Setting Commands .................................................................................. 122

15.3.2 Port Grouping Commands .............................................................................................. 123

15.4 Virtual Interface Specific Commands ...................................................................................... 124

15.4.1 Virtual Interface Command Examples ........................................................................... 125

15.5 PPPoE/PPTP Specific Commands ............................................................................................. 125

15.5.1 PPPoE/PPTP Interface Command Examples .................................................................. 126

15.6 Cellular Interface Specific Commands ................................................................................... 127

15.6.1 Cellular Status .................................................................................................................... 1 30

15.6.2 Cellular Interface Command Examples ......................................................................... 131

15.7 Tunnel Interface Specific Commands ..................................................................................... 132

15.7.1 Tunnel Interface Command Examples ........................................................................... 134

15.8 USB Storage Specific Commands .............................................................................................134

15.8.1 Firmware Upgrade via USB Stick ...................................................................................... 135

15.8.2 USB Storage Commands Example .................................................................................. 137

15.9 VLAN Interface Specific Commands ....................................................................................... 137

15.9.1 VLAN Interface Command Examples ............................................................................ 138

15.10 Bridge Specific Commands .................................................................................................... 138

15.10.1 Bridge Interface Command Examples ......................................................................... 139

15.11 LAG Commands ....................................................................................................................... 139

15.11.1 LAG Interface Command Example .............................................................................. 142

15.12 VTI Commands ......................................................................................................................... 143

15.12.1 Restrictions for IPsec Virtual Tunnel Interface ............................................ .............. ..... 143

15.12.2 VTI Interface Command Example ................................................................................ 146

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

8

Table of Contents

Chapter 16

Trunks ................................................................................................................................................147

16.1 Trunks Overview .......................................................................................................................... 147

16.2 Trunk Scenario Examples ........................................................................................................... 147

16.3 Trunk Commands Input Values ................................................................................................. 148

16.4 Trunk Commands Summary ...................................................................................................... 148

16.5 Trunk Command Examples ....................................................................................................... 149

Chapter 17

Route.................................................................................................................................................151

17.1 Policy Route ................................................................................................................................ 151

17.2 Policy Route Commands ........................................................................................................... 151

17.2.1 Assured Forwarding (AF) PHB for DiffServ ....................................................................... 156

17.2.2 Policy Route Command Example ................................................................................... 156

17.3 IP Static Route ............................................................................................................................. 157

17.4 Static Route Commands ........................................................................................................... 158

17.4.1 Static Route Commands Examples ................................................................................ 159

Chapter 18

Routing Protocol...............................................................................................................................160

18.1 Routing Protocol Overview ....................................................................................................... 160

18.2 Routing Protocol Commands Summary .................................................................................. 160

18.2.1 RIP Commands .................................................................................................................. 161

18.2.2 General OSPF Commands ............................................................................................... 161

18.2.3 OSPF Area Commands .................................................................................................... 162

18.2.4 Virtual Link Commands ..................................................................................................... 162

18.2.5 Learned Routing Information Commands ..................................................................... 163

18.2.6 Show IP Route Command Example ................................................................................ 163

18.3 BGP (Border Gateway Protocol) ...................................................... ....... ....... .............. ....... ..... 163

18.3.1 BGP Commands ................................................................................................................ 165

Chapter 19

Zones.................................................................................................................................................167

19.1 Zones Overview .......................................................................................................................... 167

19.2 Zone Commands Summary ...................................................................................................... 168

19.2.1 Zone Command Examples .................................................................................. ............ 169

Chapter 20

DDNS .................................................................................................................................................170

20.1 DDNS Overview ........................................................................................................................... 170

20.2 DDNS Commands Summary .....................................................................................................171

20.3 DDNS Commands Example ...................................................................................................... 172

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

9

Table of Contents

Chapter 21

Virtual Servers...................................................................................................................................173

21.1 Virtual Server Overview .............................................................................................................. 173

21.1.1 1:1 NAT and Many 1:1 NAT ............................................................................................... 173

21.2 Virtual Server Commands Summary ......................................................................................... 173

21.2.1 Virtual Server Command Examples ................................................................................ 175

21.2.2 Tutorial - How to Allow Public Access to a Server ......................................................... 176

21.3 Virtual Server Load Balancing ................................................................................................... 177

21.3.1 Load Balancing Example 1 .............................................................................................. 177

21.3.2 Load Balancing Example 2 .............................................................................................. 178

21.3.3 Virtual Server Load Balancing Process ........................................................................... 179

21.3.4 Load Balancing Rules ....................................................................................................... 180

21.3.5 Virtual Server Load Balancing Algorithms ...................................................................... 181

21.3.6 Virtual Server Load Balancing Commands ............................................................... ..... 182

Chapter 22

HTTP Redirect....................................................................................................................................186

22.1 HTTP Redirect Overview ............................................................................................................. 186

22.1.1 Web Proxy Server .............................................................................................................. 186

22.2 HTTP Redirect Commands ......................................................................................................... 186

22.2.1 HTTP Redirect Command Examples ............................................................................... 187

Chapter 23

Redirect Service...............................................................................................................................188

23.1 HTTP Redirect ............................................................................................................................... 188

23.2 SMTP Redirect ............................................................................................................................. 188

23.3 Redirect Commands .................................................................................................................. 189

23.3.1 Redirect Command Example .......................................................................................... 191

Chapter 24

ALG....................................................................................................................................................192

24.1 ALG Introduction ........................................................................................................................ 192

24.2 ALG Commands ......................................................................................................................... 193

24.3 ALG Commands Example ....................... .................................................................................. 194

Chapter 25

UPnP...................................................................................................................................................195

25.1 UPnP and NAT-PMP Overview ................................................................................................... 195

25.2 UPnP and NAT-PMP Commands ............................................................................................... 195

25.3 UPnP & NAT-PMP Commands Example ................................................................................... 196

Chapter 26

IP/MAC Binding................................................................................................................................198

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

10

Table of Contents

26.1 IP/MAC Binding Overview ......................................................................................................... 198

26.2 IP/MAC Binding Commands ..................................................................................................... 198

26.3 IP/MAC Binding Commands Example ..................................................................................... 199

Chapter 27

Layer 2 Isolation...............................................................................................................................200

27.1 Layer 2 Isolation Overview ......................................................................................................... 200

27.2 Layer 2 Isolation Commands ..................................................................................................... 201

27.2.1 Layer 2 Isolation White List Sub-Commands .................................................................. 201

27.3 Layer 2 Isolation Commands Example ..................................................................................... 202

Chapter 28

Secure Policy....................................................................................................................................203

28.1 Secure Policy Overview ............................................................................................................. 203

28.2 Secure Policy Commands ......................................................................................................... 204

28.2.1 Secure Policy Sub-Commands ........................................................................................ 207

28.2.2 Security Services Multiple Profiles .................................................................................... 209

28.2.3 Secure Policy Command Examples ................................................................................ 210

28.3 Session Limit Commands ........................................................................................................... 213

28.4 ADP Commands Overview ................................................. ...................................................... 215

28.4.1 ADP Command Input Values .......................................................................................... 216

28.4.2 ADP Activation Commands ............................................................................................ 216

28.4.3 ADP Global Profile Commands ....................................................................................... 216

28.4.4 ADP Zone-to-Zone Rule Commands ............................................................................... 217

28.4.5 ADP Add/Edit Profile Sub Commands ............................................................................ 217

Chapter 29

Cloud CNM............. .... ............................................ .... ... .... ............................................ ...................221

29.1 Cloud CNM Overview ................................................... ............................................................. 221

29.2 Cloud CNM SecuManager ....................................................................................................... 221

29.2.1 Introduction to XMPP ........................................................................................................ 222

29.2.2 Cloud CNM SecuManager Commands ........................................................................ 223

29.2.3 Cloud CNM SecuManager Command Example .......................................................... 226

29.3 Cloud CNM SecuReporter ......................................................................................................... 226

29.3.1 Cloud CNM SecuReporter Commands .......................................................................... 226

29.3.2 Cloud CNM SecuReporter Commands Example .......................................................... 228

Chapter 30

Web Authentication.........................................................................................................................229

30.1 Web Authentication Overview .............................................................................. ................... 229

30.2 Web Authentication Commands ............................................................................................. 229

30.2.1 web-auth login setting Sub-commands ............................................................. ............ 231

30.2.2 web-auth policy Sub-commands ................................................................................... 233

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

11

Table of Contents

30.2.3 Facebook Wi-Fi Commands ............................................................................................ 234

30.3 SSO Overview .............................................................................................................................. 234

30.3.1 SSO Configuration Commands ....................................................................................... 235

30.3.2 SSO Show Commands ...................................................................................................... 235

30.3.3 Command Setup Sequence Example ........................................................................... 236

Chapter 31

Hotspot..............................................................................................................................................237

31.1 Hotspot Overview ....................................................................................................................... 237

31.2 Billing Overview ........................................................................................................................... 237

31.3 Billing Commands ....................................................................................................................... 237

31.3.1 Billing Profile Sub-commands ........................................................................................... 239

31.3.2 Billing Command Example ............................................................................................... 239

31.3.3 Payment Service ................................................................................................... ............ 241

31.4 Printer Manager Overview ........................................................................................................ 244

31.5 Printer-manager Commands .................................................................................................... 244

31.5.1 Printer-manager Printer Sub-commands ............................................................ ............ 245

31.5.2 Printer-manager Command Example ............................................................................ 245

31.6 Free Time Overview ....................................................... ....... ....... ....... ....... ....... ....... ................... 246

31.7 Free-Time Commands ................................................................................................................ 246

31.8 Free-Time Commands Example ................................................................................................247

31.9 IPnP Overview ............................................................................................................................. 247

31.10 IPnP Commands ....................................................................................................................... 247

31.11 IPnP Commands Example .......................................... ............................................................. 248

31.12 Walled Garden Overview ....................................................................................................... 248

31.13 Walled Garden Commands ...................................................................................................248

31.13.1 walled-garden rule Sub-commands ............................................................................. 249

31.13.2 walled-garden domain-ip rule Sub-commands .............................................. ............ 250

31.13.3 Walled Garden Command Example ........................................................................... 250

31.14 Advertisement Overview ......................................................................................................... 251

31.15 Advertisement Commands ..................................................................................................... 251

31.15.1 Advertisement Command Example ............................................................................. 251

Chapter 32

IPSec VPN .........................................................................................................................................252

32.1 IPSec VPN Overview ................................................................................................................... 252

32.2 IPSec VPN Commands Summary ............................................................................................. 253

32.2.1 IPv4 IKEv1 SA Commands ................................................................................................. 254

32.2.2 IPv4 IPSec SA Commands (except Manual Keys) ......................................................... 256

32.2.3 IPv4 IPSec SA Commands (for Manual Keys) ................................................................. 259

32.2.4 VPN Concentrator Commands ....................................................................................... 259

32.2.5 VPN Configuration Provisioning Commands ................................................................. 260

32.2.6 SA Monitor Commands .................................................................................................... 261

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

12

Table of Contents

32.2.7 IPv4 IKEv2 SA Commands ................................................................................................. 262

32.2.8 IPv6 IKEv2 SA Commands ................................................................................................. 263

32.2.9 IPv6 IPSec SA Commands ................................................................................................ 264

32.2.10 IPv6 VPN Concentrator Commands ............................................................................. 266

Chapter 33

SSL VPN..............................................................................................................................................267

33.1 SSL Access Policy ........................................................................................................................ 267

33.1.1 SSL Application Objects ................................................................................................... 267

33.1.2 SSL Access Policy Limitations ...........................................................................................267

33.2 SSL VPN Commands ................................................................................................................... 267

33.2.1 SSL VPN Commands ......................................................................................................... 268

33.2.2 Setting an SSL VPN Rule Tutorial ...................................................................................... 269

Chapter 34

L2TP VPN................................................................................. ... .... .... ................................................271

34.1 L2TP VPN Overview ..................................................................................................................... 271

34.2 IPSec Configuration .................................................................................................................... 271

34.2.1 Using the Default L2TP VPN Connection ........................................................................ 272

34.3 Policy Route ................................................................................................................................ 272

34.4 L2TP VPN Commands ................................................................................................................. 273

34.4.1 L2TP VPN Commands .......................................................................................................273

34.4.2 L2TP Account Commands ..................................................................... .......................... 275

34.5 L2TP VPN Examples ...................... ............................................................................................... 275

34.5.1 Configuring the Default L2TP VPN Gateway Example ................................................. 276

34.5.2 Configuring the Default L2TP VPN Connection Example ............................................. 276

34.5.3 Configuring the L2TP VPN Settings Example .................................................................. 277

34.5.4 Configuring the Policy Route for L2TP Example ............................................................. 277

Chapter 35

Bandwidth Management................................................................................................................279

35.1 Bandwidth Management Overview ........................................................................................ 279

35.1.1 BWM Type .......................................................................................................................... 279

35.2 Bandwidth Management Commands .................................................................................... 279

35.2.1 Bandwidth Sub-Commands ............................................................................................ 280

35.3 Bandwidth Management Commands Examples .............................................................. ..... 283

Chapter 36

Application Patrol............................................................................................................................285

36.1 Application Patrol Overview ..................................................................................................... 285

36.2 Application Patrol Commands Summary ................................................................................ 285

36.2.1 Application Patrol Commands ........................................................................................ 286

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

13

Table of Contents

Chapter 37

Anti-Virus...........................................................................................................................................289

37.1 Anti-Virus Overview .................................................................................................................... 289

37.2 Anti-Virus Commands ................................................................................................................ 289

37.2.1 General Anti-Virus Commands ........................................................................................ 290

37.2.2 Anti-Virus Profile ................................................................................................................. 291

37.2.3 White and Black Lists ......................................................................................................... 292

37.2.4 Signature Search Anti-Virus Command ........................... .......................................... ..... 294

37.3 Update Anti-Virus Signatures ..................................................................................................... 295

37.3.1 Update Signature Examples ............................................................................................ 295

37.4 Anti-Virus Statistics .......................................................... ....... ....... ....... ....... ....... .......................... 296

37.4.1 Anti-Virus Statistics Example ............................................................................................. 296

Chapter 38

RTLS....................................................................................................................................................297

38.1 RTLS Overview ............................................................................................................................. 297

38.1.1 RTLS Configuration Commands ....................................................................................... 298

38.1.2 RTLS Configuration Examples ........................................................................................... 298

Chapter 39

Reputation Filter ...............................................................................................................................299

39.1 Overview ..................................................................................................................................... 299

39.1.1 Signature Database Priority .............................................................................................300

39.2 IP Reputation Commands ..................................... .................................................................... 300

39.2.1 Update IP Reputation Signatures .................................................................................... 302

39.2.2 IP Reputation Statistics ...................................................................................................... 302

39.2.3 IP Reputation External Black List ...................................................................................... 302

39.3 Anti-Botnet Commands ............................................................................................................. 304

39.3.1 Anti-Botnet Profile Commands ........................................................................................ 306

39.3.2 Anti-Botnet External Black List .......................................................................................... 307

39.3.3 Update Anti-Botnet Signatures ........................................................................................ 309

39.3.4 Update Signature Examples ............................................................................................ 310

39.3.5 Anti-Botnet Statistics .......................................................................................................... 310

39.3.6 Anti-Botnet Statistics Example ......................................................................................... 311

39.4 DNS Filter Commands ................................................................................................................ 313

Chapter 40

Sandboxing ......................................................................................................................................316

40.1 Sandboxing Overview ................................................................................................................ 316

40.2 Sandbox Commands ................................................................................................................. 316

40.2.1 Sandbox Command Examples ....................................................................................... 318

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

14

Table of Contents

Chapter 41

IDP Commands ................................................................................................................................319

41.1 Overview ..................................................................................................................................... 319

41.2 General IDP Commands ........................................................................................................... 319

41.2.1 IDP Activation .................................................................................................................... 319

41.3 IDP Profile Commands ............................................................................................................... 321

41.3.1 Global Profile Commands ............................................................................................... 321

41.3.2 Editing/Creating IDP Signature Profiles ........................................................ ................... 322

41.3.3 Signature Search ............................................................................................................... 322

41.4 IDP Custom Signatures ............................................................................................................... 324

41.4.1 Custom Signature Examples ............................................................................................ 325

41.5 Update IDP Signatures ............................................................................................................... 328

41.5.1 Update Signature Examples ............................................................................................ 329

41.6 IDP Statistics ................................................................................................................................. 329

41.6.1 IDP Statistics Example ....................................................................................................... 330

41.7 IDP White List .......................................................................................................................... ..... 331

Chapter 42

Content Filtering...............................................................................................................................332

42.1 Content Filtering Overview ........................................................................................................ 332

42.2 External Web Filtering Service ................................................................................................... 332

42.3 Content Filter Command Input Values .................................................................................... 333

42.4 General Content Filter Commands .......................................................................................... 335

42.5 Content Filter Filtering Profile Commands ............................................................................... 337

42.6 Content Filtering Statistics ......................................................................... ................................. 341

42.6.1 Content Filtering Statistics Example ................................................................................ 342

42.7 Content Filtering Commands Example .................................................................................... 342

42.8 Content Filtering Category Definitions ..................................................................................... 344

Chapter 43

Anti-Spam.........................................................................................................................................358

43.1 Anti-Spam Overview .................................................................................................................. 358

43.2 Anti-Spam Commands .............................................................................................................. 358

43.2.1 Anti-Spam Profile Rules ..................................................................................................... 358

43.2.2 White and Black Lists ......................................................................................................... 363

43.2.3 DNSBL Anti-Spam Commands ......................................................................................... 365

43.3 Anti-Spam Statistics .................................. .................................................................................. 367

43.3.1 Anti-Spam Statistics Example ........................................................................................... 368

Chapter 44

SSL Inspection...................................................................................................................................369

44.1 SSL Inspection Overview ............................................................................................................ 369

44.2 SSL Inspection Commands Summary ....................................................................................... 369

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

15

Table of Contents

44.2.1 SSL Inspection General Settings ...................................................................................... 370

44.2.2 SSL Inspection Exclusion Commands .. ............................................................................ 370

44.2.3 SSL Inspection Profile Settings .......................................................................................... 371

44.2.4 SSL Inspection Certificate Cache ................................................................................... 373

44.2.5 SSL Inspection Certificate Update .................................................................................. 373

44.2.6 SSL Inspection Statistics ..................................................................................................... 374

44.2.7 SSL Inspection Command Examples .............................................................................. 374

Chapter 45

IP Exception......................................................................................................................................376

45.1 IP Exception Overview ............................................................................................................... 376

45.2 IP Exception Commands ........................................................................................................... 376

Chapter 46

Device HA.........................................................................................................................................378

46.1 Device HA Overview .................................................................................................................. 378

46.1.1 Before You Begin ............................................................................................................... 379

46.1.2 Device HA and Device HA Pro ........................................................................................ 379

46.2 General Device HA Commands .............................................................................................. 380

46.3 Active-Passive Mode Device HA .............................................................................................. 380

46.4 Active-Passive Mode Device HA Commands ........................................................................ 381

46.4.1 Active-Passive Mode Device HA Commands ............................................................... 381

46.4.2 Active-Passive Mode Device HA Command Example ................................................ 3 83

46.5 Device HA Pro ............................................................................................................................. 383

46.5.1 Deploying Device HA Pro ................................................................................................ 383

46.5.2 Device HA Pro Commands .............................................................................................. 384

46.5.3 Device HA2 Command Example .................................................................................... 386

Chapter 47

User/Group.......................................................................................................................................388

47.1 User Account Overview ............................................................................................................. 388

47.1.1 User Types ........................................................................................................................... 388

47.2 User/Group Commands Summary ........................................................................................... 389

47.2.1 User Commands ................................................................................................................ 389

47.2.2 User Group Commands ................................................................................................... 391

47.2.3 User Setting Commands ...................................................................................................391

47.2.4 MAC Auth Commands ..................................................................................................... 393

47.2.5 Additional User Commands ............................................................................................. 394

Chapter 48

Application Object..........................................................................................................................398

48.1 Application Object Commands Summary .............................................................................. 398

48.1.1 Application Object Commands ..................................................................................... 398

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

16

Table of Contents

48.1.2 Application Object Group Commands ......................................................................... 399

Chapter 49

Addresses.........................................................................................................................................401

49.1 Address Overview ....................................................................................................................... 401

49.2 Address Commands Summary ................................................................................................. 401

49.2.1 Address Object Commands ............................................................................................ 402

49.2.2 Address Group Commands ............................................................................................. 406

49.2.3 FQDN Object ..................................................................................................................... 407

49.2.4 Geo IP ................................................................................................................................. 408

49.2.5 FQDN / Geo IP Commands .................. ....... ....... ....... .............. ....... ....... ....... ....... ....... ..... 408

49.2.6 Geo IP Command Examples ........................................................................................... 409

Chapter 50

Services.............................................................................................................................................410

50.1 Services Overview ...................................................................................................................... 410

50.2 Services Commands Summary .................................................................................................410

50.2.1 Service Object Commands ............................................................................................. 410

50.2.2 Service Group Commands .............................................................................................. 412

Chapter 51

Schedules.........................................................................................................................................413

51.1 Schedule Overview .................................................................................................................... 413

51.2 Schedule Commands Summary ............................................................................................... 413

51.2.1 Schedule Command Examples ...................................................................................... 414

Chapter 52

AAA Server .................... ............................................. ... .... .... ...........................................................415

52.1 AAA Server Overview ................................................................................................................. 415

52.2 Authentication Server Command Summary ........................................................................... 415

52.2.1 ad-server Commands ......................................................................................................416

52.2.2 ldap-server Commands ................................................................................................... 416

52.2.3 radius-server Commands ................................................................................................. 417

52.2.4 radius-server Command Example .................................................................................. 417

52.2.5 aaa group server ad Commands ................................................................................... 418

52.2.6 aaa group server ldap Commands ................................................................................ 419

52.2.7 aaa group server radius Commands ............................................................................. 420

52.2.8 aaa group server Command Example .......................................................................... 421

Chapter 53

Authentication Objects...................................................................................................................422

53.1 Authentication Objects Overview ............................................................................................ 422

53.2 aaa authentication Commands .............................................................................................. 422

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

17

Table of Contents

53.2.1 aaa authentication Command Example ...................................................................... 423

53.3 test aaa Command ................................................................................................................... 423

53.3.1 Test a User Account Command Example ...................................................................... 424

53.4 Two-Factor Authentication ........................................................................................................ 424

53.4.1 Two-Factor Authentication Methods .............................................................................. 424

53.4.2 Two-Factor Authentication with SMS/Email ................................................................... 425

53.4.3 SMS/Email Configuration .................................................................................................. 426

53.4.4 Two-Factor Authentication with Google Authenticator .............................................. 426

53.5 Two-Factor Authentication Commands ................................................. ................................. 428

53.5.1 Two-Factor Authentication VPN Access ........................................................................ 428

53.5.2 VPN Access Two-Factor Command Example ............................................................... 429

53.5.3 Admin Access .................................................................................................................... 430

53.5.4 Admin Access Two-Factor Command Example ........................................................... 431

Chapter 54

Authentication Server......................................................................................................................432

54.1 Authentication Server Overview ............................................................................................... 432

54.2 Authentication Server Commands ........................................................................................... 432

54.2.1 Authentication Server Command Examples ................................................................. 433

Chapter 55

Certificates .......................................................................................................................................434

55.1 Certificates Overview ................................................................................................................ 434

55.2 Certificate Commands .............................................................................................................. 434

55.3 Certificates Commands Input Values ...................................................................................... 434

55.4 Certificates Commands Summary ........................................................................................... 436

55.5 Certificates Commands Examples ........................................................................................... 439

Chapter 56

ISP Accounts.....................................................................................................................................440

56.1 ISP Accounts Overview .............................................................................................................. 440

56.1.1 PPPoE and PPTP Account Commands ........................................................................... 440

56.1.2 Cellular Account Commands ......................................................................................... 441

Chapter 57

SSL Application.................................................................................................................................442

57.1 SSL Application Overview .......................................................................................................... 442

57.1.1 SSL Application Object Commands ............................................................................... 442

57.1.2 SSL Application Command Examples ............................................................................ 443

Chapter 58

DHCPv6 Objects...............................................................................................................................444

58.1 DHCPv6 Object Commands Summary .................................................................................... 444

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

18

Table of Contents

58.1.1 DHCPv6 Object Commands ........................................................................................... 444

58.1.2 DHCPv6 Object Command Examples ........................................................................... 445

Chapter 59

Dynamic Guest Accounts...............................................................................................................447

59.1 Dynamic Guest Accounts Overview ........................................................................................ 447

59.2 Dynamic-guest Commands ...................................................................................................... 447

59.2.1 dynamic-guest Sub-commands ...................................................................................... 448

59.2.2 Dynamic-guest Command Example .............................................................................. 449

Chapter 60

System...............................................................................................................................................450

60.1 System Overview ........................................................................................................................ 450

60.2 Customizing the WWW Login Page .......................................................................................... 450

60.3 Host Name Commands ............................................................................................................. 452

60.4 Time and Date ........................................................................................................................... 452

60.4.1 Date/Time Commands ..................................................................................................... 453

60.5 Console Port Speed .................................................................................................................. 454

60.6 DNS Overview ............................................................................................................................ 454

60.6.1 Domain Zone Forwarder ......... ........................................................................................ 454

60.6.2 DNS Commands ................................................................................................................ 4 55

60.6.3 DNS Command Examples ................................................................................................ 457

60.7 Authentication Server Overview ............................................................................................... 457

60.7.1 Authentication Server Commands ................................................................................. 458

60.7.2 Authentication Server Command Examples ................................................................. 459

60.8 Notification .................................................................................................................................. 459

60.8.1 Mail Server Commands ....................................................................................................459

60.8.2 SMS Service Commands .................................................................................................. 460

60.8.3 Response Message Commands ..................................................................................... 462

60.9 Language Commands .............................................................................................................. 463

60.10 IPv6 Commands ....................................................................................................................... 463

60.11 ZON Overview ........................................................................................................................... 463

60.11.1 LLDP .................................................................................................................................. 463

60.11.2 ZON Commands ............................................................................................................. 464

60.11.3 ZON Examples ................................................................................................................. 464

60.12 Fast Forwarding ......................................................................................................................... 464

60.12.1 Fast Forwarding Technical Overview ............................................................................ 465

60.12.2 Fast Forwarding Commands ......................................................................................... 465

Chapter 61

System Remote Management........................................................................................................466

61.1 Remote Management Overview ........................................................................................ ..... 466

61.1.1 Remote Management Limitations .................................................................................. 466

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

19

Table of Contents

61.1.2 System Timeout .................................................................................................................. 466

61.2 Common System Command Input Values ............................................................................. 467

61.3 HTTP/HTTPS Commands .............................................................................................................. 467

61.3.1 HTTP/HTTPS Command Examples .................................................................................... 469

61.4 SSH ................................................................................................................................................ 470

61.4.1 SSH Implementation on the Zyxel Device ...................................................................... 470

61.4.2 Requirements for Using SSH ..............................................................................................470

61.4.3 SSH Commands ................................................................................................................. 470

61.4.4 SSH Command Examples ................................................................................................. 471

61.5 Telnet ........................................................................................................................................... 471

61.6 Telnet Commands ...................................................................................................................... 471

61.6.1 Telnet Commands Examples ........................................................................................... 472

61.7 Configuring FTP .......................................................................................................................... 472

61.7.1 FTP Commands ................................................................................................................. 473

61.7.2 FTP Commands Examples ................................................................................................ 473

61.8 SNMP ........................................................................................................................................... 474

61.8.1 Supported MIBs ................................................................................................................. 474

61.8.2 SNMP Traps ......................................................................................................................... 474

61.8.3 SNMP Commands ............................................................................................................. 475

61.8.4 SNMP Commands Examples ............................................................................................ 476

61.9 ICMP Filter ................................................................................................................................... 477

Chapter 62

File Manager ....................................................................................................................................478

62.1 File Directories ............................................................................................................................. 478

62.2 Configuration Files and Shell Scripts Overview ...................................................................... 478

62.2.1 Comments in Configuration Files or Shell Scripts ........................................................... 479

62.2.2 Errors in Configuration Files or Shell Scripts ..................................................................... 480

62.2.3 Zyxel Device Configuration File Details .......................................................................... 480

62.2.4 Configuration File Flow at Restart ................................................................................... 481

62.3 File Manager Commands Input Values ................................................................................... 481

62.4 File Manager Commands Summary ........................................................................................ 482

62.5 File Manager Dual Firmware Commands ................................................................................ 483

62.6 File Manager Command Examples ......................................................................................... 484

62.7 FTP File Transfer ............................................................................................................................ 485

62.7.1 Command Line FTP File Upload ....................................................................................... 485

62.7.2 Command Line FTP Configuration File Upload Example ............................................. 485

62.7.3 Command Line FTP File Download ................................................................................. 486

62.7.4 Command Line FTP Configuration File Download Example ........................................ 486

62.8 Cloud Helper Commands ......................................................................................................... 487

62.8.1 Cloud Helper Command Examples ................................................................................ 489

62.9 Zyxel Device File Usage at Startup ........................................................................................... 490

62.10 Notification of a Damaged Recovery Image or Firmware ................................................. 491

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

20

Table of Contents

62.11 Restoring the Recovery Image ............................................................................................... 492

62.12 Restoring the Firmware ............................................................................................................ 494

62.13 Restoring the Default System Database ................................................................................ 496

62.13.1 Using the atkz -u Debug Command ............................................................................. 498

Chapter 63

Logs...................................................................................................................................................501

63.1 Log Commands Summary ......................................................................................................... 501

63.1.1 Log Entries Commands ....................................................................................................502

63.1.2 System Log Commands ................................................................................................... 502

63.1.3 Debug Log Commands ................................................................................................... 503

63.1.4 E-mail Profile Commands .................................................................................................505

63.1.5 Console Port Logging Commands ................................................................................. 506

Chapter 64

Reports and Reboot........................................... .... .... ... ...................................................................507

64.1 Report Commands Summary ...................................................................................................507

64.1.1 Report Commands ........................................................................................................... 507

64.1.2 Report Command Examples ........................................................................................... 508

64.1.3 Session Commands ........................................................................................................... 508

64.1.4 Packet Size Statistics Commands ....................... ....... ....... ....... ....... ....... ....... ....... ....... ..... 509

64.2 Email Daily Report Commands ................................................................................................. 509

64.2.1 Email Daily Report Example ............................................................................................. 510

64.3 Reboot ......................................................................................................................................... 512

Chapter 65

Session Timeout.......... ... ...................................................................................................................513

Chapter 66

Diagnostics and Remote Assistance.............................................................................................514

66.1 Diagnostics .................................................................................................................................. 514

66.2 Diagnosis Commands ................................................................................................................ 514

66.3 Diagnosis Commands Example ................................................................................................515

66.4 Remote Assistance ..................................................................................................................... 515

66.5 Remote Assistance Commands ............................................................................................... 516

Chapter 67

Packet Flow Explore ........................................................................................................................517

67.1 Packet Flow Explore ................................................................................................................... 517

67.2 Packet Flow Explore Commands ..............................................................................................517

67.3 Packet Flow Explore Commands Example ........................................................... ....... ....... ..... 518

Chapter 68

Maintenance Tools ...................... .... ................................................................................................521

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

21

Table of Contents

68.1 Maintenance Command Examples ........................................................................................ 524

68.1.1 Packet Capture Command Example ............................................................................ 525

68.2 Scheduled Reboot ..................................................................................................................... 526

68.2.1 High Availability Reboot Process ..................................................................................... 527

68.3 Configuration File Backup ......................................................................................................... 528

Chapter 69

Miscellaneous ..................................................................................................................................530

69.1 Watchdog Timer ......................................................................................................................... 530

69.1.1 Hardware Watchdog Timer ............................................................................................. 530

69.1.2 Software Watchdog Timer ............................................................................................... 530

69.1.3 Application Watchdog ..... ...............................................................................................531

69.2 Conserve Memory ...................................................................................................................... 533

69.2.1 Converse Memory Settings .............................................................................................. 533

69.2.2 Conserve Memory Commands ....................................................................................... 533

69.2.3 Conserve Memory Example ........................ .................................................................... 534

Chapter 70

Managed AP Commands...............................................................................................................535

70.1 Managed Series AP Commands Overview ................................................................. ............ 535

70.2 Accessing the AP CLI ................................................................................................................. 535

70.3 CAPWAP Client Commands ..................................................................................................... 535

70.3.1 CAPWAP Client Commands Example ............................................................................ 536

70.4 DNS Server Commands .............................................................................................................. 538

70.4.1 DNS Server Commands Example .................................................................................... 538

70.4.2 DNS Server Commands and DHCP ................................................................................. 538

List of Commands (Alphabetical) ..................................................................................................540

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

22

PART I

Introduction

23

Command Line Interface

This chapter describes how to access and use the CLI (Command Line Interface).

1.1 Overview

Zyxel Device refers to these models as outlined below

• ZyWALL

• ZyWALL 110

• ZyWALL 310

• ZyWALL 1100

CHAPTER 1

• ZyWALL USG (Unified Security Gateway)

• USG40 • USG110 • USG1900 • USG2200-VPN

• USG40W • USG210 • USG2200

•USG60 •USG310 •USG20-VPN

• USG60W • USG1100 • USG20W-VPN

• ZyWALL USG FLEX

• USG FLEX 100

• USG FLEX 200

• USG FLEX 500

• ZyWALL ATP (Advanced Threat Protection)

• ATP100

• ATP100W

• ATP200

• ATP500

• ATP700

• ATP800

• ZyWALL VPN

• VPN50

• VPN100

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

24

Chapter 1 Command Line Interface

• VPN300

• VPN1000

If you have problems with your Zyxel Device, customer support may request that you issue some of these
commands to assist them in troubleshooting.

Use of undocumented commands or misconfiguration can damage the
Zyxel Device and possibly render it unusable.

1.1.1 The Configuration File

When you configure the Zyxel Device using either the CLI (Command Line Interface) or the web
configurator, the settings are saved as a series of commands in a configuration file on the Zyxel Device.
You can store more than one configuration file on the Zyxel Device. However, only one configuration file
is used at a time.

You can perform the following with a configuration file:

• Back up Zyxel Device configuration once the Zyxel Device is set up to work in your network.

• Restore Zyxel Device configuration.

• Save and edit a configuration file and upload it to multiple Zyxel Devices (of the same model) in your
network to have the same settings.

Note: You may also edit a configuration file using a text editor.

1.2 Accessing the CLI

You can access the CLI using a terminal emulation program on a computer connected to the console
port, from the web configurator or access the Zyxel Device using Telnet or SSH (Secure SHell).

Note: The Zyxel Device might force you to log out of your session if re-authentication time,

lease time, or idle timeout is reached. See Chapter 47 on page 388 for more
information about these settings.

1.2.1 Console Port

The default settings for the console port are as follows.
Table 1 Managing the Zyxel Device: Console Port

SETTING VALUE

Speed 115200 bps
Data Bits 8
Parity None
Stop Bit 1
Flow Control Off

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

25

Chapter 1 Command Line Interface

When you turn on your Zyxel Device, it performs several internal tests as well as line initialization. You can
view the initialization information using the console port.

• Garbled text displays if your terminal emulation program’s speed is set lower than the Zyxel Device’s.

• No text displays if the speed is set higher than the Zyxel Device’s.

• If changing your terminal emulation program’s speed does not get anything to display, restart the
Zyxel Device.

• If restarting the Zyxel Device does not get anything to display, contact your local customer support.

Figure 1 Console Port Power-on Display

U-Boot 2011.03 (Development build, svnversion: u-boot:424M, exec:exported)
(Build time: Aug 28 2013 - 14:19:07)

BootModule Version: V1.01 | Aug 28 2013 14:19:07
DRAM: Size = 1024 Mbytes

Press any key to enter debug mode within 3 seconds.

After the initialization, the login screen displays.

Figure 2 Login Screen

Welcome to USG60W

Username:

Enter the user name and password at the prompts.

Note: The default login username is admin and password is 1234. The username and password

are case-sensitive.

1.2.2 Web Configurator Console

Note: Before you can access the CLI through the web configurator, make sure your computer

supports the Java Runtime Environment. You will be prompted to download and install
the Java plug-in if it is not already installed.

When you access the CLI using the web console, your computer establishes a SSH (Secure SHell)
connection to the Zyxel Device. Follow the steps below to access the web console.

1 Log into the web configurator.

2 Click the Console icon in the top-right corner of the web configurator screen.

3 If the Java plug-in is already installed, skip to step 4.

Otherwise, you will be prompted to install the Java plug-in. If the prompt does not display and the
screen remains gray, you have to download the setup program.

4 The web console starts. This might take a few seconds. One or more security screens may display. Click

Yes or Always.

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

26

Chapter 1 Command Line Interface

Figure 3 Web Console: Security Warnings

Finally, the User Name screen appears.
Figure 4 Web Console: User Name

5 Enter the user name you want to use to log in to the console. The console begins to connect to the Zyxel

Device.

Note: The default login username is admin. It is case-sensitive.

Figure 5 Web Console: Connecting

Then, the Password screen appears.

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

27

Chapter 1 Command Line Interface

Figure 6 Web Console: Password

6 Enter the password for the user name you specified earlier, and click OK. If you enter the password

incorrectly, you get an error message, and you may have to close the console window and open it
again. If you enter the password correctly, the console screen appears.

Figure 7 Web Console

7 To use most commands in this User’s Guide, enter configure terminal. The prompt should change

to

Router(config)#.

1.2.3 Telnet

Use the following steps to Telnet into your Zyxel Device.

1 Using the Web Configurator, enable and configure Telnet at System > TELNET.

2 Ensure that the Telnet protocol is allowed from your computer’s zone to the Zyxel Device.

By default, add TELNET to the default service group at Object > Service > Service Group >
Default_Allow_WAN_To_ZyWALL.

3 In Windows, click Start (usually in the bottom left corner) and Run. Then type

Device’s IP address. For example, enter

4 Click OK. A login screen displays. Enter the user name and password at the prompts.

Note: The default login username is admin and password is 1234. The username and password

telnet and the Zyxel

telnet 192.168.1.1 (the default management IP address).

are case-sensitive.

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

28

1.2.4 SSH (Secure SHell)

You can use an SSH client program to access the CLI. The following figure shows an example using a
text-based SSH client program. Refer to the documentation that comes with your SSH program for
information on using it.

Before connecting, do the following:

• Using the Web Configurator, enable SSH at System > SSH.

• Ensure that the SSH protocol is allowed from your computer’s zone to the Zyxel Device.
By default, add SSH to the service group Default_Allow_WAN_To_ZyWALL at Object > Service > Service
Group. This group defines which services are allowed in the default WAN_to_Device security policy.

Note: The default login username is admin and password is 1234. The username and password

are case-sensitive.

Figure 8 SSH Login Example

C:\>ssh2 admin@192.168.1.1
Host key not found from database.
Key fingerprint:
xolor-takel-fipef-zevit-visom-gydog-vetan-bisol-lysob-cuvun-muxex
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)? yes

Chapter 1 Command Line Interface

Host key saved to C:/Documents and Settings/user/Application Data/SSH/
hostkeys/
ey_22_192.168.1.1.pub
host key for 192.168.1.1, accepted by user Tue Aug 09 2005 07:38:28
admin's password:
Authentication successful.

1.3 How to Find Commands in this Guide

You can simply look for the feature chapter to find commands. In addition, you can use the List of

Commands (Alphabetical) at the end of the guide. This section lists the commands in alphabetical

order that they appear in this guide.

If you are looking at the CLI Reference Guide electronically, you might have additional options (for
example, bookmarks or Find...) as well.

1.4 How Commands Are Explained

Each chapter explains the commands for one keyword. The chapters are divided into the following
sections.

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

29

Chapter 1 Command Line Interface

1.4.1 Background Information (Optional)

Note: See the User’s Guide for background information about most features.

This section provides background information about features that you cannot configure in the web
configurator. In addition, this section identifies related commands in other chapters.

1.4.2 Command Input Values (Optional)

This section lists common input values for the commands for the feature in one or more tables

1.4.3 Command Summary

This section lists the commands for the feature in one or more tables.

1.4.4 Command Examples (Optional)

This section contains any examples for the commands in this feature.

1.4.5 Command Syntax

The following conventions are used in this User’s Guide.

• A command or keyword in courier new must be entered literally as shown. Do not abbreviate.

• Values that you need to provide are in italics.

• Required fields that have multiple choices are enclosed in curly brackets

• A range of numbers is enclosed in angle brackets <>.

• Optional fields are enclosed in square brackets

• The | symbol means OR.

For example, look at the following command to create a TCP/UDP service object.

service-object object-name {tcp | udp} {eq <1..65535> | range <1..65535> <1..65535>}

1 Enter

2 Enter the name of the object where you see object-name.

3 Enter

4 Finally, do one of the following.

service-object exactly as it appears.

tcp or udp, depending on the service object you want to create.

•Enter

•Enter range exactly as it appears, followed by two numbers between 1 and 65535.

eq exactly as it appears, followed by a number between 1 and 65535.

{}.

[].

ZyWALL USG/FLEX/VPN/ATP Series CLI Reference Guide

30