How it Works
ZYXEL
Loading...
USG FLEX 100
CLI Reference Guide
670 pgs4.91 Mb0
Compatibility List
2 pgs93.54 Kb0
Datasheet
14 pgs3.58 Mb0
Handbook
865 pgs32.64 Mb0
Quick Start Guide
1 pgs3.42 Mb0
User guide
948 pgs24.54 Mb0
User Manual
8 pgs2.41 Mb2
User's Guide
1217 pgs29.27 Mb0
Table of contents
Loading...

ZYXEL USGFLEX100 User guide

Default Login Details
User’s Guide
ZyWALL USG FLEX
Series
LAN Port IP Address https://192.168.1.1 User Name admin Password 1234
Version 4.55 Edition 1, 6/2020
Copyright © 2020 Zyxel Communications Corporation
IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE.
This is a User’s Guide for a series of products. Not all products support all firmware features. Screenshots and graphics in this book may differ slightly from your product due to differences in product features or web configurator brand style. Every effort has been made to ensure that the information in this manual is accurate.
Note: The version number on the cover page refers to the Zyxel Device’s latest firmware
version to which this User’s Guide applies.
Related Documentation
•Quick Start Guide The Quick Start Guide shows how to connect the Zyxel Device and access the Web Configurator
wizards. (See the wizard real time help for information on configuring each screen.) It also contains a connection diagram and package contents list.
•CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the
Zyxel Device.
Note: It is recommended you use the Web Configurator to configure the Zyxel Device.
• Web Configurator Online Help Click the help icon in any screen for help in configuring that screen and supplementary information.
•More Information Go to support.zyxel.com to find other information on Zyxel Device.
ZyWALL USG FLEX Series User’s Guide
2

Document Conventions

Warnings and Notes
These are how warnings and notes are shown in this guide.
Warnings tell you about things that could harm you or your device.
Note: Notes tell you other important information (for example, other things you may need to
configure or helpful tips) or recommendations.
Syntax Conventions
• All models in this series may be referred to as the “Zyxel Device” in this guide.
• Product labels, screen names, field labels and field choices are all in bold font.
• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Configuration >
Network > Interface > Ethernet means you first click Configuration in the navigation panel, then Network, then the Interface sub menu and finally the Ethernet tab to get to that screen.
Icons Used in Figures
Figures in this user guide may use the following generic icons. The Zyxel Device icon is not an exact representation of your device.
Zyxel Device Generic Router Wireless Router / Access Point
Switch Firewall Server
Internet Network Cloud Smartphone
USB Dongle
ZyWALL USG FLEX Series User’s Guide
3

Contents Overview

Contents Overview
Introduction ........................................................................................................................................... 26
Initial Setup Wizard ............................................................................................................................... 49
Hardware, Interfaces and Zones ........................................................................................................ 68
Quick Setup Wizards ............................................................................................................................. 76
Dashboard .......................................................................................................................................... 110
Monitor ................................................................................................................................................. 121
Licensing .............................................................................................................................................. 188
Wireless ................................................................................................................................................. 193
Interfaces ............................................................................................................................................. 216
Routing ................................................................................................................................................. 313
DDNS ................................................................................................................................................... 340
NAT ....................................................................................................................................................... 346
Redirect Service .................................................................................................................................. 354
ALG ....................................................................................................................................................... 360
UPnP ..................................................................................................................................................... 367
IP/MAC Binding ................................................................................................................................... 382
Layer 2 Isolation .................................................................................................................................. 387
DNS Inbound LB .................................................................................................................................. 391
IPSec VPN ............................................................................................................................................ 397
SSL VPN ................................................................................................................................................ 433
L2TP VPN .............................................................................................................................................. 439
BWM (Bandwidth Management) ..................................................................................................445
Web Authentication .......................................................................................................................... 461
Hotspot ................................................................................................................................................ 493
Printer Manager .................................................................................................................................. 511
Free Time ............................................................................................................................................. 523
IPnP ....................................................................................................................................................... 528
Walled Garden ................................................................................................................................... 531
Advertisement Screen ....................................................................................................................... 537
Security Policy ..................................................................................................................................... 540
Application Patrol ............................................................................................................................... 566
Content Filter ....................................................................................................................................... 575
Anti-Malware ....................................................................................................................................... 600
Reputation Filter .................................................................................................................................. 614
IDP ........................................................................................................................................................ 618
Email Security ...................................................................................................................................... 636
SSL Inspection ...................................................................................................................................... 647
IP Exception ......................................................................................................................................... 659
Object .................................................................................................................................................. 662
ZyWALL USG FLEX Series User’s Guide
4
Contents Overview
Device HA ........................................................................................................................................... 765
Cloud CNM ........................................................................................................................................ 772
System .................................................................................................................................................. 780
Log and Report ................................................................................................................................... 841
File Manager ....................................................................................................................................... 854
Diagnostics ......................................................................................................................................... 869
Packet Flow Explore ........................................................................................................................... 888
Shutdown ............................................................................................................................................. 895
Troubleshooting .................................................................................................................................. 897
ZyWALL USG FLEX Series User’s Guide
5

Table of Contents

Table of Contents
Document Conventions ............................................ ............................................ .... ... .... ...................3
Contents Overview .............................................................................................................................4
Table of Contents.................................................................................................................................6
Part I: User’s Guide.......................................................................................... 25
Chapter 1
Introduction ........................................................................................................................................26
1.1 Overview ......................................................................................................................................... 26
1.1.1 Model Feature Differences .................................................................................................. 26
1.2 Registration at myZyxel .................................................................................................................. 27
1.2.1 Grace Period ......................................................................................................................... 27
1.2.2 Applications ........................................................................................................................... 27
1.3 Management Overview ................................................................................................................ 30
1.4 Web Configurator ........................................................................................................................... 31
1.4.1 Web Configurator Access .................................................................................................... 32
1.4.2 Web Configurator Screens Overview ................................................................................. 34
1.4.3 Navigation Panel .................................................................................................................. 38
1.4.4 Tables and Lists ...................................................................................................................... 46
Chapter 2
Initial Setup Wizard.............................................................................................................................49
2.1 Initial Setup Wizard Screens .......................................................................................................... 49
2.1.1 Internet Access Setup - WAN Interface ............................................................................. 49
2.1.2 Internet Access: Ethernet .................................................................................................... 50
2.1.3 Internet Access: PPPoE ......................................................................................................... 51
2.1.4 Internet Access: PPTP ........................................................................................................... 53
2.1.5 Internet Access: L2TP ............................................................................................................ 55
2.1.6 Internet Access Setup - Second WAN Interface ............................................................... 57
2.1.7 Internet Access: Congratulations ....................................................................................... 58
2.1.8 Date and Time Settings ........................................................................................................ 59
2.1.9 Register Device ..................................................................................................................... 59
2.1.10 Activate Service .................................................................................................................. 61
2.1.11 Service Settings .................................................................................................................... 62
2.1.12 Service Settings: SecuReporter ..........................................................................................63
2.1.13 Wireless Settings: Management Mode ............................................................................. 64
ZyWALL USG FLEX Series User’s Guide
6
Table of Contents
2.1.14 Wireless Settings: AP Controller ......................................................................................... 65
2.1.15 Wireless Settings: SSID & Security ...................................................................................... 65
2.1.16 Remote Management ......................................................................................................66
Chapter 3
Hardware, Interfaces and Zones......................................................................................................68
3.1 Hardware Overview ....................................................................................................................... 68
3.1.1 Front Panels ............................................................................................................................ 68
3.1.2 Rear Panels ............................................................................................................................ 70
3.2 Installation Scenarios ..................................................................................................................... 71
3.2.1 Desktop Installation Procedure ...........................................................................................72
3.2.2 Rack-mounting ...................................................................................................................... 72
3.2.3 Wall-mounting ....................................................................................................................... 73
3.3 Default Zones, Interfaces, and Ports ............................................................................................ 75
3.4 Stopping the Zyxel Device ............................................................................................................ 75
Chapter 4
Quick Setup Wizards..........................................................................................................................76
4.1 Quick Setup Overview ................................................................................................................... 76
4.2 WAN Interface Quick Setup .......................................................................................................... 77
4.2.1 Choose an Ethernet Interface .............................................................................................77
4.2.2 Select WAN Type ................................................................................................................... 78
4.2.3 Configure WAN IP Settings ................................................................................................... 78
4.2.4 ISP and WAN and ISP Connection Settings ........................................................................ 79
4.2.5 Quick Setup Interface Wizard: Summary ........................................................................... 82
4.3 VPN Setup Wizard ........................................................................................................................... 83
4.3.1 Welcome ................................................................................................................................ 83
4.3.2 VPN Setup Wizard: Wizard Type .......................................................................................... 84
4.3.3 VPN Express Wizard - Scenario ............................................................................................ 85
4.3.4 VPN Express Wizard - Configuration ................................................................................... 86
4.3.5 VPN Express Wizard - Summary ........................................................................................... 86
4.3.6 VPN Express Wizard - Finish .................................................................................................. 87
4.3.7 VPN Advanced Wizard - Scenario ..................................................................................... 88
4.3.8 VPN Advanced Wizard - Phase 1 Settings ........................................................................ 89
4.3.9 VPN Advanced Wizard - Phase 2 ....................................................................................... 91
4.3.10 VPN Advanced Wizard - Summary .................................................................................. 92
4.3.11 VPN Advanced Wizard - Finish ......................................................................................... 94
4.4 VPN Settings for Configuration Provisioning Wizard: Wizard Type ............................................. 95
4.4.1 Configuration Provisioning Express Wizard - VPN Settings ............................................... 95
4.4.2 Configuration Provisioning VPN Express Wizard - Configuration .................................... 96
4.4.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ........................ 97
4.4.4 VPN Settings for Configuration Provisioning Express Wizard - Finish ................................ 98
4.4.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................... 99
ZyWALL USG FLEX Series User’s Guide
7
Table of Contents
4.4.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 100
4.4.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 .................. 101
4.4.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ................ 102
4.4.9 VPN Settings for Configuration Provisioning Advanced Wizard - Finish ....................... 105
4.5 VPN Settings for L2TP VPN Settings Wizard ................................................................................. 105
4.5.1 L2TP VPN Settings ................................................................................................................ 106
4.5.2 L2TP VPN Settings ................................................................................................................ 107
4.5.3 VPN Settings for L2TP VPN Setting Wizard - Summary .................................................... 107
4.5.4 VPN Settings for L2TP VPN Setting Wizard - Completed ................................................ 109
Chapter 5
Dashboard........................................................................................................................................110
5.1 Overview ....................................................................................................................................... 110
5.1.1 What You Can Do in this Chapter ..................................................................................... 110
5.2 The General Screen ..................................................................................................................... 110
5.2.1 Device Information Screen ................................................................................................112
5.2.2 System Status Screen .......................................................................................................... 113
5.2.3 Tx/Rx Statistics ...................................................................................................................... 113
5.2.4 The Latest Logs Screen ....................................................................................................... 114
5.2.5 System Resources Screen ................................................................................................... 114
5.2.6 DHCP Table Screen ............................................................................................................. 115
5.2.7 Number of Login Users Screen ........................................................................................... 116
5.2.8 Current Login User ............................................................................................................... 117
5.2.9 VPN Status ............................................................................................................................ 117
5.2.10 SSL VPN Status .................................................................................................................... 118
5.3 The Advanced Threat Protection Screen .................................................................................. 118
Part II: Technical Reference.........................................................................120
Chapter 6
Monitor..............................................................................................................................................121
6.1 Overview ....................................................................................................................................... 121
6.1.1 What You Can Do in this Chapter ..................................................................................... 121
6.2 The Port Statistics Screen ............................................................................................................ 123
6.2.1 The Port Statistics Graph Screen ....................................................................................... 124
6.3 Interface Status Screen ................................................................................................................ 125
6.4 The Traffic Statistics Screen .......................................................................................................... 129
6.5 The Session Monitor Screen ........................................................................................................ 131
6.6 The Login Users Screen ................................................................................................................ 133
6.7 Dynamic Guest ............................................................................................................................ 135
6.8 IGMP Statistics ............................................................................................................................... 136
ZyWALL USG FLEX Series User’s Guide
8
Table of Contents
6.9 The DDNS Status Screen ............................................................................................................... 137
6.10 IP/MAC Binding ........................................................................................................................... 138
6.11 Cellular Status Screen ................................................................................................................ 138
6.11.1 More Information .............................................................................................................. 141
6.12 The UPnP Port Status Screen ..................................................................................................... 142
6.13 USB Storage Screen .................................................................................................................... 143
6.14 Ethernet Neighbor Screen ........................................................................................................ 144
6.15 FQDN Object Screen ................................................................................................................ 145
6.16 AP Information: AP List ............................................................................................................... 147
6.16.1 AP List: More Information ................................................................................................ 150
6.16.2 AP List: Config AP ............................................................................................................. 153
6.17 AP Information: Radio List .......................................................................................................... 155
6.17.1 Radio List: More Information ............................................................................................157
6.18 AP Information: Top N APs ........................................................................................................ 159
6.19 AP Information: Single AP .......................................................................................................... 160
6.20 ZyMesh ......................................................................................................................................... 161
6.21 SSID Info ....................................................................................................................................... 162
6.22 Station Info: Station List .............................................................................................................. 163
6.23 Station Info: Top N Stations ........................................................................................................ 163
6.24 Station Info: Single Station ......................................................................................................... 164
6.25 Detected Device ....................................................................................................................... 165
6.26 The Printer Status Screen ........................................................................................................... 166
6.27 The IPSec Screen ........................................................................................................................ 167
6.28 The SSL Screen ............................................................................................................................. 168
6.29 The L2TP over IPSec Screen ....................................................................................................... 169
6.30 The App Patrol Screen ............................................................................................................... 170
6.31 The Content Filter Screen .......................................................................................................... 171
6.32 The Anti-Malware Screen .......................................................................................................... 172
6.33 The Reputation Filter Screen ...................................................................................................... 175
6.34 The IDP Screen ............................................................................................................................ 176
6.35 The Email Security Screens ......................................................................................................... 178
6.35.1 Email Security Summary ................................................................................................... 178
6.35.2 The Email Security Status Screen ..................................................................................... 180
6.36 The SSL Inspection Screens ........................................................................................................ 181
6.36.1 Certificate Cache List ....................................................................................................... 182
6.37 Log Screens ................................................................................................................................. 183
6.37.1 View Log ............................................................................................................................ 184
6.37.2 View AP Log ....................................................................................................................... 185
Chapter 7
Licensing...........................................................................................................................................188
7.1 Registration Overview .................................................................................................................. 188
7.1.1 What you Need to Know ....................................................................................................188
ZyWALL USG FLEX Series User’s Guide
9
Table of Contents
7.1.2 Registration Screen ............................................................................................................. 188
7.1.3 Service Screen ..................................................................................................................... 189
7.2 Signature Update ......................................................................................................................... 191
7.2.1 What you Need to Know ....................................................................................................191
7.2.2 The Signature Screen .......................................................................................................... 191
7.2.3 Auto Update ........................................................................................................................ 192
Chapter 8
Wireless.............................................................................................................................................193
8.1 Overview ....................................................................................................................................... 193
8.1.1 What You Can Do in this Chapter ..................................................................................... 193
8.2 Controller Screen ........................................................................................................................ 193
8.2.1 Connecting an AP to the Zyxel Device ............................................................................ 194
8.2.2 Connecting an AP to the Zyxel Device Manually ........................................................... 194
8.2.3 Connecting an AP to the Zyxel Device Using DHCP Option 138 .................................. 194
8.3 AP Management Screens ........................................................................................................... 195
8.3.1 Mgnt. AP List ....................................................................................................................... 195
8.3.2 AP Policy .............................................................................................................................. 200
8.3.3 AP Group ............................................................................................................................. 201
8.3.4 Firmware ............................................................................................................................... 207
8.4 Rogue AP ....................................................................................................................................... 208
8.4.1 Add/Edit Rogue/Friendly List .............................................................................................. 210
8.5 Auto Healing ................................................................................................................................. 211
8.6 RTLS Overview ............................................................................................................................... 212
8.6.1 What You Can Do in this Chapter ..................................................................................... 212
8.6.2 Before You Begin ................................................................................................................. 212
8.6.3 Configuring RTLS .................................................................................................................. 213
8.7 Technical Reference .................................................................................................................... 214
8.7.1 Dynamic Channel Selection .............................................................................................. 214
8.7.2 Load Balancing ................................................................................................................... 215
Chapter 9
Interfaces..........................................................................................................................................216
9.1 Interface Overview ...................................................................................................................... 216
9.1.1 What You Can Do in this Chapter ..................................................................................... 216
9.1.2 What You Need to Know ................................................................................................... 216
9.1.3 What You Need to Do First ................................................................................................. 221
9.2 Port Role ......................................................................................................................................... 221
9.3 Port Configuration ........................................................................................................................ 222
9.4 Ethernet Summary Screen ........................................................................................................... 223
9.4.1 Ethernet Edit ........................................................................................................................ 225
9.4.2 Proxy ARP ............................................................................................................................. 241
9.4.3 Virtual Interfaces ................................................................................................................ 242
ZyWALL USG FLEX Series User’s Guide
10
Table of Contents
9.4.4 References ........................................................................................................................... 243
9.4.5 Add/Edit DHCPv6 Request/Release Options ................................................................... 244
9.4.6 Add/Edit DHCP Extended Options ................................................................................... 245
9.5 PPP Interfaces ............................................................................................................................... 246
9.5.1 PPP Interface Summary ...................................................................................................... 247
9.5.2 PPP Interface Add or Edit .................................................................................................. 248
9.6 Cellular Configuration Screen ..................................................................................................... 253
9.6.1 Cellular Choose Slot ........................................................................................................... 256
9.6.2 Add / Edit Cellular Configuration ...................................................................................... 256
9.7 Tunnel Interfaces .......................................................................................................................... 262
9.7.1 Configuring a Tunnel .......................................................................................................... 264
9.7.2 Tunnel Add or Edit Screen .................................................................................................. 265
9.8 VLAN Interfaces ........................................................................................................................... 269
9.8.1 VLAN Summary Screen ....................................................................................................... 270
9.8.2 VLAN Add/Edit ................................................................................................................... 271
9.9 Bridge Interfaces .......................................................................................................................... 282
9.9.1 Bridge Summary .................................................................................................................. 284
9.9.2 Bridge Add/Edit .................................................................................................................. 285
9.10 VTI ................................................................................................................................................. 296
9.10.1 Restrictions for IPSec Virtual Tunnel Interface ................................................................ 296
9.10.2 VTI Screen .......................................................................................................................... 297
9.10.3 VTI Add/Edit ....................................................................................................................... 297
9.11 Trunk Overview ........................................................................................................................... 301
9.11.1 What You Need to Know ................................................................................................. 301
9.12 The Trunk Summary Screen ........................................................................................................ 304
9.12.1 Configuring a User-Defined Trunk ................................................................................... 305
9.12.2 Configuring the System Default Trunk ............................................................................ 307
9.13 Interface Technical Reference ................................................................................................. 308
Chapter 10
Routing..............................................................................................................................................313
10.1 Policy and Static Routes Overview ........................................................................................... 313
10.1.1 What You Can Do in this Chapter ................................................................................... 313
10.1.2 What You Need to Know ................................................................................................ 314
10.2 Policy Route Screen ................................................................................................................... 315
10.2.1 Policy Route Edit Screen .................................................................................................. 317
10.3 IP Static Route Screen ................................................................................................................ 322
10.3.1 Static Route Add/Edit Screen .......................................................................................... 322
10.4 Policy Routing Technical Reference ........................................................................................324
10.5 Routing Protocols Overview ..................................................................................................... 324
10.5.1 What You Need to Know ................................................................................................. 325
10.6 The RIP Screen ............................................................................................................................. 325
10.7 The OSPF Screen ......................................................................................................................... 327
ZyWALL USG FLEX Series User’s Guide
11
Table of Contents
10.7.1 Configuring the OSPF Screen .......................................................................................... 330
10.7.2 OSPF Area Add/Edit Screen ........................................................................................... 331
10.7.3 Virtual Link Add/Edit Screen ...........................................................................................333
10.8 BGP (Border Gateway Protocol) .............................................................................................. 334
10.8.1 Allow BGP Packets to Enter the Zyxel Device ................................................................ 335
10.8.2 Configuring the BGP Screen ............................................................................................ 335
10.8.3 The BGP Neighbors Screen .............................................................................................. 337
10.8.4 Example Scenario ............................................................................................................. 338
Chapter 11
DDNS ................................................................................................................................................340
11.1 DDNS Overview ........................................................................................................................... 340
11.1.1 What You Can Do in this Chapter ................................................................................... 340
11.1.2 What You Need to Know ................................................................................................. 340
11.2 The DDNS Screen ........................................................................................................................ 341
11.2.1 The Dynamic DNS Add/Edit Screen ................................................................................ 342
Chapter 12
NAT....................................................................................................................................................346
12.1 NAT Overview ............................................................................................................................. 346
12.1.1 What You Can Do in this Chapter ................................................................................... 346
12.1.2 What You Need to Know ................................................................................................. 346
12.2 The NAT Screen ........................................................................................................................... 347
12.2.1 The NAT Add/Edit Screen .................................................................................................349
12.3 NAT Technical Reference .......................................................................................................... 352
Chapter 13
Redirect Service...............................................................................................................................354
13.1 Overview ..................................................................................................................................... 354
13.1.1 HTTP Redirect ..................................................................................................................... 354
13.1.2 SMTP Redirect .................................................................................................................... 354
13.1.3 What You Can Do in this Chapter ................................................................................... 355
13.1.4 What You Need to Know ................................................................................................. 355
13.2 The Redirect Service Screen ..................................................................................................... 357
13.2.1 The Redirect Service Edit Screen ..................................................................................... 358
Chapter 14
ALG....................................................................................................................................................360
14.1 ALG Overview ............................................................................................................................. 360
14.1.1 What You Need to Know ................................................................................................. 360
14.1.2 Before You Begin ............................................................................................................... 363
14.2 The ALG Screen .......................................................................................................................... 363
14.3 ALG Technical Reference ......................................................................................................... 365
ZyWALL USG FLEX Series User’s Guide
12
Table of Contents
Chapter 15
UPnP...................................................................................................................................................367
15.1 UPnP and NAT-PMP Overview ................................................................................................... 367
15.2 What You Need to Know ........................................................................................................... 367
15.2.1 NAT Traversal ..................................................................................................................... 367
15.2.2 Cautions with UPnP and NAT-PMP .................................................................................. 368
15.3 UPnP Screen ................................................................................................................................ 368
15.4 Technical Reference .................................................................................................................. 369
15.4.1 Turning on UPnP in Windows 7 Example ......................................................................... 369
15.4.2 Turn on UPnP in Windows 10 Example ............................................................................ 373
15.4.3 Auto-discover Your UPnP-enabled Network Device .................................................... 375
15.4.4 Web Configurator Easy Access in Windows 7 ............................................................... 378
15.4.5 Web Configurator Easy Access in Windows 10 ............................................................. 380
Chapter 16
IP/MAC Binding................................................................................................................................382
16.1 IP/MAC Binding Overview ......................................................................................................... 382
16.1.1 What You Can Do in this Chapter ................................................................................... 382
16.1.2 What You Need to Know ................................................................................................. 382
16.2 IP/MAC Binding Summary ......................................................................................................... 383
16.2.1 IP/MAC Binding Edit .......................................................................................................... 384
16.2.2 Static DHCP Edit ................................................................................................................ 385
16.3 IP/MAC Binding Exempt List ....................................................................................................... 386
Chapter 17
Layer 2 Isolation...............................................................................................................................387
17.1 Overview ..................................................................................................................................... 387
17.1.1 What You Can Do in this Chapter ................................................................................... 387
17.2 Layer-2 Isolation General Screen ............................................................................................. 387
17.3 White List Screen ......................................................................................................................... 388
17.3.1 Add/Edit White List Rule ................................................................................................... 389
Chapter 18
DNS Inbound LB................................................................................................................................391
18.1 DNS Inbound Load Balancing Overview ................................................................................. 391
18.1.1 What You Can Do in this Chapter ................................................................................... 391
18.2 The DNS Inbound LB Screen ...................................................................................................... 392
18.2.1 The DNS Inbound LB Add/Edit Screen ............................................................................ 393
18.2.2 The DNS Inbound LB Add/Edit Member Screen ............................................................ 395
Chapter 19
IPSec VPN .........................................................................................................................................397
19.1 Virtual Private Networks (VPN) Overview ................................................................................. 397
ZyWALL USG FLEX Series User’s Guide
13
Table of Contents
19.1.1 What You Can Do in this Chapter ................................................................................... 399
19.1.2 What You Need to Know ................................................................................................. 399
19.1.3 Before You Begin ............................................................................................................... 402
19.2 The VPN Connection Screen ..................................................................................................... 402
19.2.1 The VPN Connection Add/Edit Screen .......................................................................... 404
19.3 The VPN Gateway Screen ......................................................................................................... 411
19.3.1 The VPN Gateway Add/Edit Screen ............................................................................... 412
19.4 VPN Concentrator ..................................................................................................................... 419
19.4.1 VPN Concentrator Requirements and Suggestions ...................................................... 419
19.4.2 VPN Concentrator Screen ............................................................................................... 420
19.4.3 The VPN Concentrator Add/Edit Screen ........................................................................ 420
19.5 Zyxel Device IPSec VPN Client Configuration Provisioning .................................................... 421
19.6 IPSec VPN Background Information ......................................................................................... 423
Chapter 20
SSL VPN..............................................................................................................................................433
20.1 Overview ..................................................................................................................................... 433
20.1.1 What You Can Do in this Chapter ................................................................................... 433
20.1.2 What You Need to Know ................................................................................................. 433
20.2 The SSL Access Privilege Screen ................................................................................................ 434
20.2.1 The SSL Access Privilege Policy Add/Edit Screen ......................................................... 435
20.3 The SSL Global Setting Screen ................................................................................................... 437
Chapter 21
L2TP VPN..................................... ... .... .... ............................................ ... .... .........................................439
21.1 Overview ..................................................................................................................................... 439
21.1.1 What You Can Do in this Chapter ................................................................................... 439
21.1.2 What You Need to Know ................................................................................................. 439
21.2 L2TP VPN Screen ......................................................................................................................... 440
21.2.1 Example: L2TP and Zyxel Device Behind a NAT Router ................................................ 442
Chapter 22
BWM (Bandwidth Management) .................................................................................................445
22.1 Overview ..................................................................................................................................... 445
22.1.1 What You Can Do in this Chapter ................................................................................... 445
22.1.2 What You Need to Know ................................................................................................ 445
22.2 The Bandwidth Management Configuration .......................................................................... 449
22.2.1 The Bandwidth Management Add/Edit Screen ............................................................ 452
Chapter 23
Web Authentication ........................................................................................................................461
23.1 Web Auth Overview ................................................................................................................... 461
23.1.1 What You Can Do in this Chapter ................................................................................... 461
ZyWALL USG FLEX Series User’s Guide
14
Table of Contents
23.1.2 What You Need to Know ................................................................................................. 462
23.2 Web Authentication General Screen ...................................................................................... 462
23.2.1 User-aware Access Control Example ............................................................................. 467
23.2.2 Authentication Type Screen ............................................................................................ 473
23.2.3 Custom Web Portal / User Agreement File Screen ....................................................... 477
23.2.4 Facebook Wi-Fi Screen ..................................................................................................... 478
23.3 SSO Overview .............................................................................................................................. 482
23.4 SSO - Zyxel Device Configuration ............................................................................................. 483
23.4.1 Configuration Overview ................................................................................................... 484
23.4.2 Configure the Zyxel Device to Communicate with SSO .............................................. 484
23.4.3 Enable Web Authentication ............................................................................................ 485
23.4.4 Create a Security Policy ................................................................................................... 486
23.4.5 Configure User Information ..............................................................................................487
23.4.6 Configure an Authentication Method ........................................................................... 488
23.4.7 Configure Active Directory ..............................................................................................489
23.5 SSO Agent Configuration .......................................................................................................... 490
Chapter 24
Hotspot..............................................................................................................................................493
24.1 Overview ..................................................................................................................................... 493
24.2 Billing Overview ........................................................................................................................... 493
24.2.1 What You Need to Know ................................................................................................. 493
24.3 The Billing > General Screen ...................................................................................................... 494
24.4 The Billing > Billing Profile Screen ............................................................................................... 496
24.4.1 The Account Generator Screen ...................................................................................... 497
24.4.2 The Account Redeem Screen ......................................................................................... 500
24.4.3 The Billing Profile Add/Edit Screen ................................................................................... 502
24.5 The Billing > Discount Screen ..................................................................................................... 503
24.5.1 The Discount Add/Edit Screen ......................................................................................... 505
24.6 The Billing > Payment Service Screen ....................................................................................... 505
24.6.1 The Payment Service > Desktop / Mobile View Screen ............................................... 507
Chapter 25
Printer Manager ...............................................................................................................................511
25.1 Printer Manager Overview ........................................................................................................ 511
25.1.1 What You Can Do in this Chapter ................................................................................... 511
25.2 The Printer Manager > General Screen ................................................................................... 511
25.2.1 Add Printer Rule ................................................................................................................. 514
25.2.2 Edit Printer Rule .................................................................................................................. 514
25.2.3 Discover Printer ................................................................................................................. 515
25.2.4 Edit Printer Manager (Discover Printer) .......................................................................... 517
25.3 The Printout Configuration Screen ............................................................................................ 518
25.4 Printer Reports Overview ........................................................................................................... 519
ZyWALL USG FLEX Series User’s Guide
15
Table of Contents
25.4.1 Key Combinations ............................................................................................................. 519
25.4.2 Daily Account Summary .................................................................................................. 519
25.4.3 Monthly Account Summary ............................................................................................. 520
25.4.4 Account Report Notes ..................................................................................................... 520
25.4.5 System Status ..................................................................................................................... 521
Chapter 26
Free Time...........................................................................................................................................523
26.1 Free Time Overview .................................................................................................................... 523
26.1.1 What You Can Do in this Chapter ................................................................................... 523
26.2 The Free Time Screen ................................................................................................................. 523
Chapter 27
IPnP....................................................................................................................................................528
27.1 IPnP Overview ............................................................................................................................ 528
27.1.1 What You Can Do in this Chapter ................................................................................... 529
27.1.2 IPnP Screen ........................................................................................................................ 529
Chapter 28
Walled Garden..................................... ............................................ ... .... .........................................531
28.1 Walled Garden Overview ........................................................................................................ 531
28.2 Walled Garden > General Screen ........................................................................................... 531
28.3 Walled Garden > URL Base Screen .......................................................................................... 532
28.3.1 Adding/Editing a Walled Garden URL ........................................................................... 533
28.4 Walled Garden > Domain/IP Base Screen .............................................................................. 534
28.4.1 Adding/Editing a Walled Garden Domain or IP ........................................................... 535
28.4.2 Walled Garden Login Example ....................................................................................... 535
Chapter 29
Advertisement Screen.............. ... .... ................................................................................................537
29.1 Advertisement Overview ........................................................................................................... 537
29.1.1 Adding/Editing an Advertisement URL .......................................................................... 538
Chapter 30
Security Policy..................................................................................................................................540
30.1 Overview ..................................................................................................................................... 540
30.2 One Security ................................................................................................................................ 541
30.3 What You Can Do in this Chapter ............................................................................................ 544
30.3.1 What You Need to Know ................................................................................................. 544
30.4 The Security Policy Screen ......................................................................................................... 546
30.4.1 Configuring the Security Policy Control Screen ............................................................ 547
30.4.2 The Security Policy Control Add/Edit Screen ................................................................. 551
30.5 Anomaly Detection and Prevention Overview ...................................................................... 552
ZyWALL USG FLEX Series User’s Guide
16
Table of Contents
30.5.1 The Anomaly Detection and Prevention General Screen ........................................... 553
30.5.2 Creating New ADP Profiles ..............................................................................................554
30.5.3 Traffic Anomaly Profiles ................................................................................................... 555
30.5.4 Protocol Anomaly Profiles ................................................................................................ 558
30.6 The Session Control Screen ........................................................................................................ 561
30.6.1 The Session Control Add/Edit Screen .............................................................................. 562
30.7 Security Policy Example Applications ......................................................................................563
Chapter 31
Application Patrol............................................................................................................................566
31.1 Overview ..................................................................................................................................... 566
31.1.1 What You Can Do in this Chapter ................................................................................... 566
31.1.2 What You Need to Know ................................................................................................ 566
31.2 Application Patrol Profile ........................................................................................................... 567
31.2.1 Profile Action: Apply to a Security Policy ....................................................................... 568
31.2.2 Application Patrol Profile > Add/Edit - My Application ............................................... 571
31.2.3 Application Patrol Profile > Add/Edit - Query Result ..................................................... 572
Chapter 32
Content Filter ....................................................................................................................................575
32.1 Overview ..................................................................................................................................... 575
32.1.1 What You Can Do in this Chapter ................................................................................... 575
32.1.2 What You Need to Know ................................................................................................. 575
32.1.3 Before You Begin ............................................................................................................... 577
32.2 Content Filter Profile Screen ...................................................................................................... 577
32.2.1 Apply to a Security Policy ................................................................................................ 578
32.2.2 Content Filter Add Profile Category Service .................................................................. 581
32.2.3 Content Filter Add Filter Profile Custom Service ........................................................... 594
32.3 Content Filter Trusted Web Sites Screen ................................................................................. 596
32.4 Content Filter Forbidden Web Sites Screen ............................................................................ 597
32.5 Content Filter Technical Reference ......................................................................................... 598
Chapter 33
Anti-Malware....................................................................................................................................600
33.1 Overview ..................................................................................................................................... 600
33.1.1 What You Can Do in this Chapter ................................................................................... 604
33.2 Anti-Malware Screen ................................................................................................................. 605
33.3 The White List Screen .................................................................................................................. 608
33.4 The Black List Screen .................................................................................................................. 610
33.5 Anti-Malware Signature Searching ........................................................................................... 611
33.6 Anti-Malware Technical Reference ......................................................................................... 612
Chapter 34
Reputation Filter ...............................................................................................................................614
ZyWALL USG FLEX Series User’s Guide
17
Table of Contents
34.1 Overview ..................................................................................................................................... 614
34.1.1 What You Need to Know ................................................................................................. 614
34.1.2 What You Can Do in this Chapter ................................................................................... 614
34.2 URL Threat Filter Screen .............................................................................................................. 614
34.2.1 URL Threat Filter White List Screen ................................................................................... 616
34.2.2 URL Threat Filter Black List Screen .................................................................................... 617
Chapter 35
IDP .....................................................................................................................................................618
35.1 Overview ..................................................................................................................................... 618
35.1.1 What You Can Do in this Chapter ................................................................................... 618
35.1.2 What You Need To Know ................................................................................................. 618
35.1.3 Before You Begin ............................................................................................................... 618
35.2 The IDP Screen ............................................................................................................................ 619
35.2.1 Query Example .................................................................................................................. 623
35.3 IDP Custom Signatures .............................................................................................................. 624
35.3.1 Add / Edit Custom Signatures ......................................................................................... 625
35.3.2 Custom Signature Example ............................................................................................. 629
35.3.3 Applying Custom Signatures ............................................................................................ 631
35.3.4 Verifying Custom Signatures ............................................................................................ 632
35.4 The White List Screen ................................................................................................................. 632
35.5 IDP Technical Reference ........................................................................................................... 633
Chapter 36
Email Security...................................................................................................................................636
36.1 Overview ..................................................................................................................................... 636
36.1.1 What You Can Do in this Chapter ................................................................................... 636
36.1.2 What You Need to Know ................................................................................................. 636
36.2 Before You Begin ........................................................................................................................ 637
36.3 The Email Security Screen .......................................................................................................... 638
36.4 The Black List / White List Screen ............................................................................................... 640
36.4.1 The Black or White List Add/Edit Screen ......................................................................... 641
36.4.2 Regular Expressions in Black or White List Entries ........................................................... 643
36.5 Email Security Technical Reference ......................................................................................... 643
Chapter 37
SSL Inspection...................................................................................................................................647
37.1 Overview ..................................................................................................................................... 647
37.1.1 What You Can Do in this Chapter ................................................................................... 647
37.1.2 What You Need To Know ................................................................................................. 647
37.1.3 Before You Begin ............................................................................................................... 648
37.2 The SSL Inspection Profile Screen .............................................................................................. 648
37.2.1 Apply to a Security Policy ................................................................................................ 649
ZyWALL USG FLEX Series User’s Guide
18
Table of Contents
37.2.2 Add / Edit SSL Inspection Profiles .................................................................................... 652
37.3 Exclude List Screen .................................................................................................................... 653
37.4 Certificate Update Screen ....................................................................................................... 655
37.5 Install a CA Certificate in a Browser ......................................................................................... 656
Chapter 38
IP Exception......................................................................................................................................659
38.1 Overview ..................................................................................................................................... 659
38.2 The IP Exception Screen ............................................................................................................. 659
38.2.1 The IP Exception Add/Edit Screen ................................................................................. 660
Chapter 39
Object...............................................................................................................................................662
39.1 Zones Overview .......................................................................................................................... 662
39.1.1 What You Need to Know ................................................................................................. 662
39.1.2 The Zone Screen ................................................................................................................ 663
39.2 User/Group Overview ................................................................................................................ 665
39.2.1 What You Need To Know ................................................................................................. 665
39.2.2 User/Group User Summary Screen .................................................................................. 667
39.2.3 User/Group Group Summary Screen .............................................................................. 672
39.2.4 User/Group Setting Screen ............................................................................................. 673
39.2.5 User/Group MAC Address Summary Screen ................................................................ 678
39.2.6 User /Group Technical Reference .................................................................................. 680
39.3 AP Profile Overview .................................................................................................................... 680
39.3.1 Radio Screen ..................................................................................................................... 681
39.3.2 SSID Screen ....................................................................................................................... 687
39.4 MON Profile ................................................................................................................................ 696
39.4.1 Overview ............................................................................................................................ 696
39.4.2 Configuring MON Profile ................................................................................................. 697
39.4.3 Add/Edit MON Profile ....................................................................................................... 698
39.4.4 Technical Reference ........................................................................................................ 699
39.5 ZyMesh Overview ....................................................................................................................... 700
39.5.1 ZyMesh Profile .................................................................................................................... 702
39.5.2 Add/Edit ZyMesh Profile ................................................................................................... 703
39.6 Address/Geo IP Overview ......................................................................................................... 703
39.6.1 What You Need To Know ................................................................................................. 704
39.6.2 Address Summary Screen ................................................................................................ 704
39.6.3 Address Group Summary Screen .................................................................................... 708
39.6.4 Geo IP Summary Screen .................................................................................................. 710
39.7 Service Overview ........................................................................................................................ 713
39.7.1 What You Need to Know ................................................................................................. 713
39.7.2 The Service Summary Screen .......................................................................................... 714
39.7.3 The Service Group Summary Screen ............................................................................. 716
ZyWALL USG FLEX Series User’s Guide
19
Table of Contents
39.8 Schedule Overview ................................................................................................................... 718
39.8.1 What You Need to Know ................................................................................................. 718
39.8.2 The Schedule Screen ........................................................................................................ 719
39.8.3 The Schedule Group Screen ............................................................................................ 722
39.9 AAA Server Overview ............................................................................................................... 723
39.9.1 Directory Service (AD/LDAP) ........................................................................................... 724
39.9.2 RADIUS Server .................................................................................................................... 724
39.9.3 ASAS .................................................................................................................................... 724
39.9.4 What You Need To Know ................................................................................................. 725
39.9.5 Active Directory or LDAP Server Summary ..................................................................... 726
39.9.6 RADIUS Server Summary ...................................................................................................730
39.10 Auth. Method Overview ........................................................................................................ 733
39.10.1 Before You Begin ............................................................................................................. 733
39.10.2 Example: Selecting a VPN Authentication Method ................................................... 733
39.10.3 Authentication Method Objects ................................................................................... 734
39.10.4 Two-Factor Authentication VPN Access ...................................................................... 736
39.10.5 Two-Factor Authentication Admin Access .................................................................. 739
39.11 Certificate Overview ............................................................................................................... 741
39.11.1 What You Need to Know ............................................................................................... 741
39.11.2 Verifying a Certificate .................................................................................................... 743
39.11.3 The My Certificates Screen ............................................................................................ 744
39.11.4 The Trusted Certificates Screen .................................................................................... 753
39.11.5 Certificates Technical Reference ................................................................................. 758
39.12 ISP Account Overview ............................................................................................................ 758
39.12.1 ISP Account Summary ....................................................................................................758
39.13 DHCPv6 Overview .................................................................................................................... 761
39.13.1 The DHCPv6 Request Screen ......................................................................................... 761
39.13.2 The DHCPv6 Lease Screen ............................................................................................. 763
Chapter 40
Device HA.........................................................................................................................................765
40.1 Device HA Overview .................................................................................................................. 765
40.1.1 What You Can Do in These Screens ................................................................................ 765
40.2 Device HA Status ........................................................................................................................ 765
40.3 Device HA Pro ............................................................................................................................. 767
40.3.1 Deploying Device HA Pro ................................................................................................ 768
40.3.2 Configuring Device HA Pro .............................................................................................. 768
40.4 View Log ...................................................................................................................................... 770
Chapter 41
Cloud CNM......................................................................................................................................772
41.1 Cloud CNM Overview ................................................................................................................ 772
41.1.1 What You Can Do in this Chapter ................................................................................... 772
ZyWALL USG FLEX Series User’s Guide
20
Table of Contents
41.2 Cloud CNM SecuManager ....................................................................................................... 772
41.3 Cloud CNM SecuReporter ......................................................................................................... 775
Chapter 42
System...............................................................................................................................................780
42.1 Overview ..................................................................................................................................... 780
42.1.1 What You Can Do in this Chapter ................................................................................... 780
42.2 Host Name ................................................................................................................................... 781
42.3 USB Storage ................................................................................................................................. 781
42.4 Date and Time ............................................................................................................................ 782
42.4.1 Pre-defined NTP Time Servers List ..................................................................................... 785
42.4.2 Time Server Synchronization ............................................................................................ 785
42.5 Console Port Speed ................................................................................................................... 786
42.6 DNS Overview ............................................................................................................................. 787
42.6.1 DNS Server Address Assignment ...................................................................................... 787
42.6.2 Configuring the DNS Screen ............................................................................................ 787
42.6.3 (IPv6) Address Record ...................................................................................................... 791
42.6.4 PTR Record ......................................................................................................................... 791
42.6.5 Adding an (IPv6) Address/PTR Record .......................................................................... 791
42.6.6 CNAME Record ................................................................................................................. 792
42.6.7 Adding a CNAME Record ................................................................................................ 792
42.6.8 Domain Zone Forwarder ................................................................................................. 793
42.6.9 Adding a Domain Zone Forwarder ................................................................................. 793
42.6.10 MX Record ...................................................................................................................... 794
42.6.11 Adding a MX Record ...................................................................................................... 794
42.6.12 Security Option Control .................................................................................................. 795
42.6.13 Editing a Security Option Control .................................................................................. 795
42.6.14 Adding a DNS Service Control Rule .............................................................................. 796
42.7 WWW Overview .......................................................................................................................... 797
42.7.1 Service Access Limitations ............................................................................................... 797
42.7.2 System Timeout .................................................................................................................. 797
42.7.3 HTTPS ................................................................................................................................... 797
42.7.4 Configuring WWW Service Control ................................................................................. 798
42.7.5 Service Control Rules ........................................................................................................ 801
42.7.6 Customizing the WWW Login Page ................................................................................ 802
42.7.7 HTTPS Example ................................................................................................................... 807
42.8 SSH ............................................................................................................................................. 814
42.8.1 How SSH Works .................................................................................................................. 815
42.8.2 SSH Implementation on the Zyxel Device ...................................................................... 816
42.8.3 Requirements for Using SSH ..............................................................................................816
42.8.4 Configuring SSH ................................................................................................................. 816
42.8.5 Service Control Rules ........................................................................................................ 817
42.8.6 Secure Telnet Using SSH Examples .................................................................................. 818
ZyWALL USG FLEX Series User’s Guide
21
Table of Contents
42.9 Telnet ........................................................................................................................................... 819
42.9.1 Configuring Telnet ............................................................................................................. 819
42.9.2 Service Control Rules ........................................................................................................ 821
42.10 FTP .............................................................................................................................................. 821
42.10.1 Configuring FTP ................................................................................................................ 821
42.10.2 Service Control Rules ...................................................................................................... 823
42.11 SNMP ......................................................................................................................................... 823
42.11.1 SNMPv3 and Security ...................................................................................................... 824
42.11.2 Supported MIBs ............................................................................................................... 825
42.11.3 SNMP Traps ....................................................................................................................... 825
42.11.4 Configuring SNMP ........................................................................................................... 825
42.11.5 Add SNMPv3 User ............................................................................................................ 828
42.11.6 Service Control Rules ...................................................................................................... 828
42.12 Authentication Server .............................................................................................................. 829
42.12.1 Add/Edit Trusted RADIUS Client .................................................................................... 831
42.13 Notification > Mail Server ......................................................................................................... 831
42.14 Notification > SMS ..................................................................................................................... 833
42.15 Language Screen ..................................................................................................................... 834
42.16 IPv6 Screen ................................................................................................................................ 835
42.17 Zyxel One Network (ZON) Utility ............................................................................................. 835
42.17.1 Requirements ................................................................................................................... 836
42.17.2 Run the ZON Utility ........................................................................................................... 836
42.17.3 Zyxel One Network (ZON) System Screen .................................................................... 840
Chapter 43
Log and Report....... .... ... ............................................. ... .... ............................................ ...................841
43.1 Overview ..................................................................................................................................... 841
43.1.1 What You Can Do In this Chapter .................................................................................. 841
43.2 Email Daily Report ....................................................................................................................... 841
43.3 Log Setting Screens ................................................................................................................... 843
43.3.1 Log Setting Summary ........................................................................................................ 843
43.3.2 Edit System Log Settings .................................................................................................. 844
43.3.3 Edit Log on USB Storage Setting ..................................................................................... 848
43.3.4 Edit Remote Server Log Settings ..................................................................................... 849
43.3.5 Log Category Settings Screen ......................................................................................... 851
Chapter 44
File Manager ....................................................................................................................................854
44.1 Overview ..................................................................................................................................... 854
44.1.1 What You Can Do in this Chapter ................................................................................... 854
44.1.2 What you Need to Know .................................................................................................. 854
44.2 The Configuration File Screen ................................................................................................... 856
44.3 Firmware Management ........................................................................................................... 860
ZyWALL USG FLEX Series User’s Guide
22
Table of Contents
44.3.1 Cloud Helper ..................................................................................................................... 860
44.3.2 The Firmware Management Screen ............................................................................... 863
44.3.3 Firmware Upgrade via USB Stick ...................................................................................... 866
44.4 The Shell Script Screen .............................................................................................................. 866
Chapter 45
Diagnostics ......................................................................................................................................869
45.1 Overview ..................................................................................................................................... 869
45.1.1 What You Can Do in this Chapter ................................................................................... 869
45.2 The Diagnostics Screens ............................................................................................................ 869
45.2.1 The Diagnostics Collect Screen ....................................................................................... 870
45.2.2 The Diagnostics Collect on AP Screen ........................................................................... 871
45.2.3 The Diagnostics Files Screen ............................................................................................872
45.3 The Packet Capture Screen ...................................................................................................... 873
45.3.1 The Packet Capture on AP Screen ................................................................................. 876
45.3.2 The Packet Capture Files Screen .................................................................................... 879
45.4 The CPU / Memory Status Screen ............................................................................................. 880
45.5 The System Log Screen .............................................................................................................. 882
45.6 The Network Tool Screen ........................................................................................................... 882
45.7 The Routing Traces Screen ........................................................................................................ 885
45.8 The Wireless Frame Capture Screen ........................................................................................886
45.8.1 The Wireless Frame Capture Files Screen ...................................................................... 887
Chapter 46
Packet Flow Explore ........................................................................................................................888
46.1 Overview ..................................................................................................................................... 888
46.1.1 What You Can Do in this Chapter ................................................................................... 888
46.2 Routing Status ............................................................................................................................ 888
46.3 The SNAT Status Screen .............................................................................................................. 892
Chapter 47
Shutdown..........................................................................................................................................895
47.1 Overview ..................................................................................................................................... 895
47.1.1 What You Need To Know ................................................................................................. 895
47.2 The Shutdown Screen ................................................................................................................ 895
Part III: Appendices and Troubleshooting..................................................896
Chapter 48
Troubleshooting................................................................................................................................897
48.1 Resetting the Zyxel Device ........................................................................................................ 910
ZyWALL USG FLEX Series User’s Guide
23
Table of Contents
48.2 Getting More Troubleshooting Help .........................................................................................911
Appendix A Customer Support ..................................................................................................... 912
Appendix B Product Features........................................................................................................ 918
Appendix C Legal Information ...................................................................................................... 921
Index.................................................................................................................................................929
ZyWALL USG FLEX Series User’s Guide
24
PART I

User’s Guide

25

1.1 Overview

Zyxel Device refers to these models as outlined below.
• USG FLEX 100
• USG FLEX 200
• USG FLEX 500
1.1.1 Model Feature Differences
Note the following differences between the USG FLEX models:
Table 1 USG FLEX Model Feature Comparison
FEATURE/MODEL USG FLEX 100 USG FLEX 200 USG FLEX 500
Microsoft Azure YES YES YES
Amazon VPC YES YES YES
Anomaly Detection & Prevention YES YES YES
Anti-Spam YES YES YES
IDP YES YES YES
Anti-Malware YES YES YES
App Patrol YES YES YES
Content Filtering YES YES YES
SecuReporter Premium YES YES YES
Reputation Filter YES YES YES
URL Threat Filter YES YES YES
IP Exception YES YES YES
AP Controller YES YES YES
Device HA Pro NO NO YES
Hotspot Management NO YES YES
Port Group YES YES YES
Port Role YES YES YES
SSL Application YES YES YES
SSL encrypted traffic inspection YES YES YES
Bundled UTM Feature License Validity 1 year 1 year 1 year
CHAPTER 1

Introduction

For information on interface names by model, default port / interface name mapping, and default interface / zone mapping please see
ZyWALL USG FLEX Series User’s Guide
Section 3.3 on page 75.
26
Chapter 1 Introduction
See the product’s datasheet for detailed information on a specific model.

1.2 Registration at myZyxel

myZyxel is Zyxel’s online services center where you can register your Zyxel Device and manage subscription services available for your Zyxel Device (see Configuration > Licensing > Registration > Service for services available for your Zyxel Device).
• For Zyxel Devices that already have firmware version 4.25 or later, you have to register your Zyxel Device and activate the corresponding service at myZyxel (through your Zyxel Device).
• For Zyxel Devices upgrading to firmware version 4.25 or later, you may skip registering your Zyxel Device and activating the corresponding service at myZyxel (through your Zyxel Device). However, it is highly recommended to at least register your Zyxel Device. At the time of writing, the Firmware Upgrade license providing Cloud Helper new firmware notifications, is free when you register your Zyxel Device.
Note: You need to create a myZyxel account at http://portal.myZyxel.com before you can
register your device and activate the services at myZyxel.
You may need your Zyxel Device’s serial number and LAN MAC address to register it at myZyxel. See the label at the back of the Zyxel Device’s for details.
Figure 1 myZyxel Login
1.2.1 Grace Period
SecuReporter and service licenses have a 15-day grace period after a license expires. Services will continue to work in this period during which you will receive notifications to renew your license(s). New license(s) are valid for 1 year from the date of purchase.
1.2.2 Applications
These are some Zyxel Device application scenarios.
ZyWALL USG FLEX Series User’s Guide
27
Chapter 1 Introduction
Security Router
Security includes a Stateful Packet Inspection (SPI) firewall.
Figure 2 Applications: Security Router Applications: Security Router
IPv6 Routing
The Zyxel Device supports IPv6 Ethernet, PPP, VLAN, and bridge routing. You may also create IPv6 policy routes and IPv6 objects. The Zyxel Device can also route IPv6 packets through IPv4 networks using different tunneling methods.
Figure 3 Applications: IPv6 Routing
VPN Connectivity
Set up VPN tunnels with other companies, branch offices, telecommuters, and business travelers to provide secure access to your network. AS is an Authentication Server in the below figure.
ZyWALL USG FLEX Series User’s Guide
28
Chapter 1 Introduction
Web Mail File Share
Web-based Application
https://
Application Server
Non-Web
LAN (192.168.1.X)
Figure 4 Applications: VPN Connectivity
SSL VPN Network Access
SSL VPN lets remote users use their web browsers for a very easy-to-use VPN solution. A user just browses to the Zyxel Device’s web address and enters his user name and password to securely connect to the Zyxel Device’s network. Here full tunnel mode creates a virtual connection for a remote user and gives him a private IP address in the same subnet as the local network so he can access network resources in the same way as if he were part of the internal network.
Figure 5 SSL VPN With Full Tunnel Mode
User-Aware Access Control
Set up security policies to restrict access to sensitive information and shared resources based on the user who is trying to access it. In the following figure user A can access both the Internet and an internal file server. User B has a lower level of access and can only access the Internet. User C is not even logged in, so and cannot access either the Internet or the file server.
Figure 6 Applications: User-Aware Access Control
ZyWALL USG FLEX Series User’s Guide
29
Chapter 1 Introduction
Load Balancing
Set up multiple connections to the Internet on the same port, or different ports, including cellular interfaces. In either case, you can balance the traffic loads between them.
Figure 7 Applications: Multiple WAN Interfaces

1.3 Management Overview

You can manage the Zyxel Device in the following ways.
Web Configurator
The Web Configurator allows easy Zyxel Device setup and management using an Internet browser. This User’s Guide provides information about the Web Configurator.
Figure 8 Managing the Zyxel Device: Web Configurator
ZyWALL USG FLEX Series User’s Guide
30
Loading...
+ 918 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use