How it Works
Zyxel
Loading...
USG FLEX 100
CLI Reference Guide
670 pgs4.91 Mb0
Compatibility List
2 pgs93.54 Kb0
Datasheet
14 pgs3.58 Mb0
Handbook
865 pgs32.64 Mb0
Quick Start Guide
1 pgs3.42 Mb0
User guide
948 pgs24.54 Mb0
User Manual
8 pgs2.41 Mb2
User's Guide
1217 pgs29.27 Mb0
Table of contents
Loading...

Zyxel USG FLEX 700, USG FLEX 100W, USG FLEX 200, USG FLEX 500, USG FLEX 100 User's Guide

Default Login Details
User’s Guide

ZyWALL USG FLEX Series

Login IP Address https://(IP assigned by NCC)
or
or
https://192.168.1.1 User Name admin Password 1234
Version 5.35 Edition 1, 1/2023
Copyright © 2023 Zyxel and/or its affiliates. All rights reserved.
IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE.
This is a User’s Guide for a series of products. Not all products support all firmware features. Screenshots and graphics in this book may differ slightly from your product due to differences in product features or web configurator brand style. Every effort has been made to ensure that the information in this manual is accurate.
Note: The version number on the cover page refers to the Zyxel Device’s latest firmware
version to which this User’s Guide applies.
Related Documentation
•Quick Start Guide The Quick Start Guide shows how to connect the Zyxel Device and access the Web Configurator
wizards. (See the wizard real time help for information on configuring each screen.) It also contains a connection diagram and package contents list.
•CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the
Zyxel Device.
Note: It is recommended you use the Web Configurator to configure the Zyxel Device.
• Web Configurator Online Help Click the help icon in any screen for help in configuring that screen and supplementary information.
•More Information Go to support.zyxel.com to find other information on Zyxel Device.
USG FLEX Series User’s Guide
2

Document Conventions

Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this guide.
Warnings tell you about things that could harm you or your device.
Note: Notes tell you other important information (for example, other things you may need to
configure or helpful tips) or recommendations.
Syntax Conventions
• All models in this series may be referred to as the “Zyxel Device” in this guide.
• Product labels, screen names, field labels and field choices are all in bold font.
• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Configuration >
Network > Interface > Ethernet means you first click Configuration in the navigation panel, then Network, then the Interface sub menu and finally the Ethernet tab to get to that screen.
Icons Used in Figures
Figures in this user guide may use the following generic icons. The Zyxel Device icon is not an exact representation of your device.
Zyxel Device Generic Router Wireless Router / Access Point
Switch Firewall Server
Internet Network Cloud Smartphone
USB Dongle
USG FLEX Series User’s Guide
3

Contents Overview

Contents Overview
Introduction ........................................................................................................................................... 29
Initial Setup Wizard ............................................................................................................................... 66
Hardware, Interfaces and Zones ........................................................................................................ 93
Quick Setup Wizards ........................................................................................................................... 102
Dashboard .......................................................................................................................................... 149
Monitor ................................................................................................................................................. 160
Licensing .............................................................................................................................................. 252
Interfaces ............................................................................................................................................. 260
Routing ................................................................................................................................................. 372
DDNS ................................................................................................................................................... 399
NAT ....................................................................................................................................................... 405
Redirect Service .................................................................................................................................. 423
Wireless ................................................................................................................................................. 429
ALG ....................................................................................................................................................... 479
UPnP ..................................................................................................................................................... 486
IP/MAC Binding ................................................................................................................................... 501
Layer 2 Isolation .................................................................................................................................. 506
DNS Inbound LB .................................................................................................................................. 510
IPSec VPN ............................................................................................................................................ 516
SSL VPN ................................................................................................................................................ 554
L2TP VPN .............................................................................................................................................. 560
Remote AP VPN .................................................................................................................................. 566
BWM (Bandwidth Management) ..................................................................................................572
Web Authentication .......................................................................................................................... 589
Hotspot ................................................................................................................................................ 612
Printer Manager .................................................................................................................................. 630
Free Time ............................................................................................................................................. 642
IPnP ....................................................................................................................................................... 647
Walled Garden ................................................................................................................................... 650
Advertisement Screen ....................................................................................................................... 656
Security Policy ..................................................................................................................................... 659
Application Patrol ............................................................................................................................... 690
Content Filter ....................................................................................................................................... 699
Anti-Malware ....................................................................................................................................... 741
Reputation Filter .................................................................................................................................. 762
IPS ......................................................................................................................................................... 794
Sandboxing ......................................................................................................................................... 821
Email Security ...................................................................................................................................... 825
Collaborative Detection & Response .............................................................................................. 844
USG FLEX Series User’s Guide
4
Contents Overview
SSL Inspection ...................................................................................................................................... 858
IP Exception ......................................................................................................................................... 883
Astra Cloud Security ........................................................................................................................... 886
Object .................................................................................................................................................. 889
Device HA ......................................................................................................................................... 1015
Mgmt. & Analytics ........................................................................................................................... 1022
System ................................................................................................................................................ 1034
Log and Report ................................................................................................................................. 1096
File Manager ..................................................................................................................................... 1110
Diagnostics ....................................................................................................................................... 1131
Packet Flow Explore ......................................................................................................................... 1152
Shutdown ........................................................................................................................................... 1159
Troubleshooting ................................................................................................................................ 1162
USG FLEX Series User’s Guide
5

Table of Contents

Table of Contents
Document Conventions ............................................ ............................................ .... ... .... ...................3
Contents Overview .............................................................................................................................4
Table of Contents.................................................................................................................................6
Part I: User’s Guide.......................................................................................... 28
Chapter 1
Introduction ........................................................................................................................................29
1.1 Overview ......................................................................................................................................... 29
1.1.1 Model Feature Differences .................................................................................................. 29
1.2 On Premises Mode ......................................................................................................................... 30
1.3 Nebula Mode .................................................................................................................................. 31
1.3.1 NCC Portal ............................................................................................................................. 32
1.3.2 Your Zyxel Device .................................................................................................................. 32
1.3.3 Your Email Account for ZTP .................................................................................................. 33
1.4 Change the Mode ......................................................................................................................... 33
1.4.1 From Nebula Mode to On Premises Mode ........................................................................ 33
1.4.2 From On Premises Mode to Nebula Mode ........................................................................ 34
1.5 Registration at myZyxel .................................................................................................................. 35
1.5.1 Grace Period ......................................................................................................................... 36
1.5.2 Applications ........................................................................................................................... 36
1.6 Management Overview ................................................................................................................ 39
1.7 Web Configurator ........................................................................................................................... 40
1.7.1 Web Configurator Access .................................................................................................... 40
1.7.2 Security Check for Web Interface Overview ..................................................................... 43
1.7.3 The Security Check for Web Interface Screen .................................................................. 46
1.7.4 Remote Access to the Zyxel Device Networks .................................................................. 48
1.7.5 Web Configurator Screens Overview ................................................................................. 48
1.7.6 Navigation Panel .................................................................................................................. 53
1.7.7 Tables and Lists ...................................................................................................................... 62
Chapter 2
Initial Setup Wizard.............................................................................................................................66
2.1 Initial Setup Wizard: Select Management Mode ........................................................................ 66
2.1.1 Welcome Screen .................................................................................................................. 67
2.1.2 Internet Access Setup - WAN Interface .............................................................................. 67
USG FLEX Series User’s Guide
6
Table of Contents
2.1.3 Internet Access: Ethernet .................................................................................................... 69
2.1.4 Internet Access: PPPoE ......................................................................................................... 70
2.1.5 Internet Access: PPTP ........................................................................................................... 71
2.1.6 Internet Access: L2TP ............................................................................................................ 73
2.1.7 Internet Access Setup - Second WAN Interface ............................................................... 75
2.1.8 Internet Access: Congratulations ....................................................................................... 76
2.1.9 Date and Time Settings ........................................................................................................ 77
2.1.10 Register Device ................................................................................................................... 77
2.1.11 Activate Service .................................................................................................................. 79
2.1.12 Service Settings .................................................................................................................... 80
2.1.13 Service Settings: SecuReporter ..........................................................................................81
2.1.14 Wireless Settings: Management Mode ............................................................................. 82
2.1.15 Wireless Settings: AP Controller ......................................................................................... 83
2.1.16 Wireless Settings: SSID & Security ...................................................................................... 83
2.1.17 Remote Management ......................................................................................................84
2.2 Nebula Mode Initial Setup Wizard ................................................................................................ 85
2.2.1 Connect to Internet (WAN) ................................................................................................. 86
2.2.2 Internet Access: Ethernet ..................................................................................................... 87
2.2.3 Internet Access: PPPoE ......................................................................................................... 88
2.2.4 Internet Access: Congratulations ....................................................................................... 90
2.2.5 QR Code ................................................................................................................................ 91
Chapter 3
Hardware, Interfaces and Zones......................................................................................................93
3.1 Hardware Overview ....................................................................................................................... 93
3.1.1 Front Panels ............................................................................................................................ 93
3.1.2 Rear Panels ............................................................................................................................ 95
3.2 Installation Scenarios ..................................................................................................................... 97
3.2.1 Desktop Installation Procedure ...........................................................................................97
3.2.2 Rack-mounting ...................................................................................................................... 98
3.2.3 Wall-mounting ....................................................................................................................... 99
3.3 Default Zones, Interfaces, and Ports .......................................................................................... 100
3.4 Stopping the Zyxel Device .......................................................................................................... 101
Chapter 4
Quick Setup Wizards........................................................................................................................102
4.1 Quick Setup Overview ................................................................................................................. 102
4.2 WAN Interface Quick Setup ........................................................................................................ 103
4.2.1 Choose an Ethernet Interface ........................................................................................... 103
4.2.2 Select WAN Type ................................................................................................................. 104
4.2.3 Configure WAN IP Settings ................................................................................................. 104
4.2.4 ISP and WAN and ISP Connection Settings ...................................................................... 105
4.2.5 Quick Setup Interface Wizard: Summary ......................................................................... 108
USG FLEX Series User’s Guide
7
Table of Contents
4.3 Remote Access VPN Setup-Scenario ......................................................................................... 109
4.3.1 IKEv2 IPSec Client- VPN Configuration ............................................................................. 110
4.3.2 IKEv2 IPSec Client- User Authentication ............................................................................ 112
4.3.3 IKEv2 IPSec Client- Summary ..............................................................................................112
4.3.4 IKEv2 IPSec Client-Config Provision ................................................................................... 113
4.3.5 L2TP over IPSec Client-VPN Configuration ....................................................................... 114
4.3.6 L2TP over IPSec Client- User Authentication .................................................................... 115
4.3.7 L2TP over IPSec Client- Summary ...................................................................................... 116
4.3.8 L2TP over IPSec Client-Config Provision ............................................................................ 117
4.4 VPN Setup Wizard ......................................................................................................................... 117
4.4.1 Welcome .............................................................................................................................. 117
4.4.2 VPN Setup Wizard: Wizard Type ........................................................................................ 118
4.4.3 VPN Express Wizard - Scenario .......................................................................................... 119
4.4.4 VPN Express Wizard - Configuration ................................................................................. 120
4.4.5 VPN Express Wizard - Summary ......................................................................................... 120
4.4.6 VPN Express Wizard - Finish ................................................................................................ 121
4.4.7 VPN Advanced Wizard - Scenario ................................................................................... 122
4.4.8 VPN Advanced Wizard - Phase 1 Settings ...................................................................... 123
4.4.9 VPN Advanced Wizard - Phase 2 ..................................................................................... 125
4.4.10 VPN Advanced Wizard - Summary ................................................................................ 126
4.4.11 VPN Advanced Wizard - Finish ....................................................................................... 128
4.5 VPN Settings for Configuration Provisioning Wizard: Wizard Type ........................................... 129
4.5.1 Configuration Provisioning Express Wizard - VPN Settings ............................................. 129
4.5.2 Configuration Provisioning VPN Express Wizard - Configuration .................................. 130
4.5.3 VPN Settings for Configuration Provisioning Express Wizard - Summary ...................... 131
4.5.4 VPN Settings for Configuration Provisioning Express Wizard - Finish .............................. 132
4.5.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario ................. 133
4.5.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings .... 134
4.5.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2 .................. 135
4.5.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary ................ 136
4.5.9 VPN Settings for Configuration Provisioning Advanced Wizard - Finish ....................... 139
4.6 VPN Settings for L2TP VPN Settings Wizard ................................................................................. 139
4.6.1 L2TP VPN Settings ................................................................................................................ 140
4.6.2 L2TP VPN Settings ................................................................................................................ 141
4.6.3 VPN Settings for L2TP VPN Setting Wizard - Summary .................................................... 141
4.6.4 VPN Settings for L2TP VPN Setting Wizard - Completed ................................................ 143
4.7 Wireless Setup Wizard ................................................................................................................... 143
4.7.1 Management Mode ........................................................................................................... 144
4.7.2 SSID ....................................................................................................................................... 144
4.7.3 Radio .................................................................................................................................... 146
4.7.4 Summary .............................................................................................................................. 147
4.7.5 Wizard Completed ............................................................................................................. 148
USG FLEX Series User’s Guide
8
Table of Contents
Chapter 5
Dashboard........................................................................................................................................149
5.1 Overview ....................................................................................................................................... 149
5.1.1 What You Can Do in this Chapter ..................................................................................... 149
5.2 The General Screen ..................................................................................................................... 149
5.2.1 Device Information Screen ................................................................................................151
5.2.2 System Status Screen .......................................................................................................... 152
5.2.3 Tx/Rx Statistics ...................................................................................................................... 152
5.2.4 The Latest Logs Screen ....................................................................................................... 153
5.2.5 System Resources Screen ................................................................................................... 153
5.2.6 DHCP Table Screen ............................................................................................................. 154
5.2.7 Number of Login Users Screen ........................................................................................... 155
5.2.8 Current Login User ............................................................................................................... 156
5.2.9 VPN Status ............................................................................................................................ 156
5.2.10 SSL VPN Status .................................................................................................................... 157
5.3 The Advanced Threat Protection Screen .................................................................................. 157
Part II: Technical Reference.........................................................................159
Chapter 6
Monitor..............................................................................................................................................160
6.1 Overview ....................................................................................................................................... 160
6.1.1 What You Can Do in this Chapter ..................................................................................... 160
6.2 The Port Statistics Screen ............................................................................................................ 162
6.2.1 The Port Statistics Graph Screen ....................................................................................... 163
6.3 Interface Status Screen ................................................................................................................ 164
6.4 The Traffic Statistics Screen .......................................................................................................... 168
6.5 The Session Monitor Screen ........................................................................................................ 171
6.6 The DHCP Table Screen ............................................................................................................... 173
6.7 The Device Insight Screen ........................................................................................................... 174
6.7.1 The Device Insight Edit Screen ...........................................................................................177
6.7.2 The Device Insight Feedback Screen ............................................................................... 178
6.8 The Login Users Screen ................................................................................................................. 179
6.9 Dynamic Guest ............................................................................................................................ 180
6.10 IGMP Statistics ............................................................................................................................. 181
6.11 The DDNS Status Screen ............................................................................................................. 182
6.12 IP/MAC Binding ........................................................................................................................... 183
6.13 Cellular Status Screen ................................................................................................................ 184
6.13.1 More Information .............................................................................................................. 186
6.14 The UPnP Port Status Screen ..................................................................................................... 187
6.15 USB Storage Screen .................................................................................................................... 188
USG FLEX Series User’s Guide
9
Table of Contents
6.16 Ethernet Neighbor Screen ........................................................................................................ 189
6.17 FQDN Object Screen ................................................................................................................ 190
6.18 Virtual Server Load Balancing .................................................................................................. 192
6.19 AP Information: AP List ............................................................................................................... 193
6.19.1 AP List: More Information ................................................................................................ 198
6.19.2 AP List: Edit AP ................................................................................................................... 200
6.20 AP Information: Radio List .......................................................................................................... 204
6.20.1 Radio List: More Information ............................................................................................206
6.21 AP Information: Built-in AP ........................................................................................................ 207
6.22 AP Information: Top N APs ........................................................................................................ 208
6.23 AP Information: Single AP .......................................................................................................... 209
6.24 ZyMesh ......................................................................................................................................... 210
6.25 SSID Info ....................................................................................................................................... 211
6.26 Station Info: Station List .............................................................................................................. 212
6.27 Station Info: Top N Stations ........................................................................................................ 214
6.28 Station Info: Single Station ......................................................................................................... 215
6.29 Detected Device ....................................................................................................................... 216
6.30 Wireless Health ............................................................................................................................ 218
6.31 The Printer Status Screen ........................................................................................................... 219
6.32 The IPSec Screen ........................................................................................................................ 219
6.32.1 Regular Expressions in Searching IPSec SAs ................................................................... 221
6.33 The SSL Screen ............................................................................................................................. 221
6.34 The L2TP over IPSec Screen ....................................................................................................... 222
6.35 The Remote AP VPN Screen ...................................................................................................... 223
6.36 The App Patrol Screen ............................................................................................................... 224
6.37 The Content Filter Screen .......................................................................................................... 225
6.37.1 Web Content Filter ............................................................................................................ 225
6.37.2 DNS Content Filter ............................................................................................................. 226
6.38 The Anti-Malware Screen .......................................................................................................... 228
6.39 The Reputation Filter Screen ...................................................................................................... 230
6.39.1 IP Reputation ..................................................................................................................... 230
6.39.2 DNS Threat Filter ................................................................................................................. 232
6.39.3 URL Threat Filter .................................................................................................................. 233
6.40 The IPS Screen ............................................................................................................................. 234
6.41 Sandboxing ................................................................................................................................ 237
6.42 The Email Security Screens ......................................................................................................... 238
6.42.1 Email Security Summary ................................................................................................... 238
6.42.2 The Email Security Status Screen ..................................................................................... 240
6.43 Collaborative Detection & Response (CDR) ........................................................................... 242
6.43.1 CDR History ........................................................................................................................ 243
6.44 The SSL Inspection Screens ........................................................................................................ 244
6.44.1 Certificate Cache List ....................................................................................................... 245
6.45 Log Screens ................................................................................................................................. 246
USG FLEX Series User’s Guide
10
Table of Contents
6.45.1 View Log ............................................................................................................................ 247
6.45.2 View AP Log ....................................................................................................................... 248
6.45.3 Dynamic Users Log ............................................................................................................ 250
Chapter 7
Licensing...........................................................................................................................................252
7.1 Registration Overview .................................................................................................................. 252
7.1.1 What you Need to Know ....................................................................................................252
7.1.2 UTM Bundled License and Gold Pack License ................................................................ 252
7.1.3 Registration Screen ............................................................................................................. 255
7.1.4 Service Screen ..................................................................................................................... 255
7.2 Signature Update ......................................................................................................................... 257
7.2.1 What you Need to Know ....................................................................................................257
7.2.2 The Signature Screen .......................................................................................................... 258
7.2.3 Auto Update ........................................................................................................................ 258
Chapter 8
Interfaces..........................................................................................................................................260
8.1 Interface Overview ...................................................................................................................... 260
8.1.1 What You Can Do in this Chapter ..................................................................................... 260
8.1.2 What You Need to Know ................................................................................................... 261
8.1.3 What You Need to Do First ................................................................................................. 265
8.2 Port Role ......................................................................................................................................... 265
8.3 Port Group ..................................................................................................................................... 266
8.4 Port Configuration ........................................................................................................................ 267
8.5 Ethernet Summary Screen ........................................................................................................... 269
8.5.1 Ethernet Edit ........................................................................................................................ 271
8.5.2 Proxy ARP ............................................................................................................................. 287
8.5.3 Virtual Interfaces ................................................................................................................ 288
8.5.4 References ........................................................................................................................... 290
8.5.5 Add/Edit DHCPv6 Request/Release Options ................................................................... 290
8.5.6 Add/Edit DHCP Extended Options ................................................................................... 291
8.6 PPP Interfaces ............................................................................................................................... 293
8.6.1 PPP Interface Summary ...................................................................................................... 293
8.6.2 PPP Interface Add or Edit .................................................................................................. 295
8.7 Cellular Configuration Screen ..................................................................................................... 300
8.7.1 Cellular Choose Slot ........................................................................................................... 303
8.7.2 Add / Edit Cellular Configuration ...................................................................................... 303
8.8 Tunnel Interfaces .......................................................................................................................... 309
8.8.1 Configuring a Tunnel .......................................................................................................... 311
8.8.2 Tunnel Add or Edit Screen .................................................................................................. 312
8.9 VLAN Interfaces ........................................................................................................................... 316
8.9.1 VLAN Summary Screen ....................................................................................................... 317
USG FLEX Series User’s Guide
11
Table of Contents
8.9.2 VLAN Add/Edit ................................................................................................................... 318
8.10 Bridge Interfaces ........................................................................................................................ 330
8.10.1 Bridge Summary ................................................................................................................ 331
8.10.2 Bridge Add/Edit ................................................................................................................ 333
8.11 LAG .............................................................................................................................................. 343
8.11.1 Available Interfaces for LAG ........................................................................................... 344
8.11.2 LAG Summary Screen ....................................................................................................... 344
8.11.3 LAG Add/Edit ................................................................................................................... 345
8.12 VTI ................................................................................................................................................. 355
8.12.1 Restrictions for IPSec Virtual Tunnel Interface ................................................................ 355
8.12.2 VTI Screen .......................................................................................................................... 356
8.12.3 VTI Add/Edit ....................................................................................................................... 356
8.13 Trunk Overview ........................................................................................................................... 360
8.13.1 What You Need to Know ................................................................................................. 360
8.14 The Trunk Summary Screen ........................................................................................................ 363
8.14.1 Configuring a User-Defined Trunk ................................................................................... 364
8.14.2 Configuring the System Default Trunk ............................................................................ 366
8.15 Interface Technical Reference ................................................................................................. 367
Chapter 9
Routing..............................................................................................................................................372
9.1 Policy and Static Routes Overview ............................................................................................. 372
9.1.1 What You Can Do in this Chapter ..................................................................................... 372
9.1.2 What You Need to Know .................................................................................................. 373
9.2 Policy Route Screen ..................................................................................................................... 374
9.2.1 Policy Route Edit Screen .................................................................................................... 376
9.3 IP Static Route Screen .................................................................................................................. 381
9.3.1 Static Route Add/Edit Screen ............................................................................................ 381
9.4 Policy Routing Technical Reference .......................................................................................... 383
9.5 Routing Protocols Overview ....................................................................................................... 383
9.5.1 What You Need to Know ................................................................................................... 384
9.6 The RIP Screen ............................................................................................................................... 384
9.7 The OSPF Screen ........................................................................................................................... 386
9.7.1 Configuring the OSPF Screen ............................................................................................ 389
9.7.2 OSPF Area Add/Edit Screen ............................................................................................. 390
9.7.3 Virtual Link Add/Edit Screen ............................................................................................. 392
9.8 BGP (Border Gateway Protocol) ................................................................................................ 393
9.8.1 Allow BGP Packets to Enter the Zyxel Device .................................................................. 394
9.8.2 Configuring the BGP Screen .............................................................................................. 394
9.8.3 The BGP Neighbors Screen ................................................................................................ 396
9.8.4 Example Scenario ............................................................................................................... 397
Chapter 10
DDNS ................................................................................................................................................399
USG FLEX Series User’s Guide
12
Table of Contents
10.1 DDNS Overview ........................................................................................................................... 399
10.1.1 What You Can Do in this Chapter ................................................................................... 399
10.1.2 What You Need to Know ................................................................................................. 399
10.2 The DDNS Screen ........................................................................................................................ 400
10.2.1 The Dynamic DNS Add/Edit Screen ................................................................................ 401
Chapter 11
NAT....................................................................................................................................................405
11.1 Overview ..................................................................................................................................... 405
11.2 NAT Overview ............................................................................................................................. 405
11.2.1 What You Can Do in this Chapter ................................................................................... 405
11.2.2 What You Need to Know ................................................................................................. 406
11.3 The NAT Screen ........................................................................................................................... 407
11.3.1 The NAT Add/Edit Screen .................................................................................................408
11.4 NAT Technical Reference .......................................................................................................... 411
11.5 Virtual Server Load Balancing ................................................................................................... 413
11.5.1 Load Balancing Example 1 .............................................................................................. 413
11.5.2 Load Balancing Example 2 .............................................................................................. 414
11.5.3 Virtual Server Load Balancing Process ........................................................................... 415
11.5.4 Load Balancing Rules ....................................................................................................... 416
11.5.5 Virtual Server Load Balancing Algorithms ...................................................................... 417
11.6 The Virtual Server Load Balancer Screen ................................................................................. 418
11.6.1 Adding/Editing a Virtual Server Load Balancing Rule .................................................. 418
Chapter 12
Redirect Service...............................................................................................................................423
12.1 Overview ..................................................................................................................................... 423
12.1.1 HTTP Redirect ..................................................................................................................... 423
12.1.2 SMTP Redirect .................................................................................................................... 423
12.1.3 What You Can Do in this Chapter ................................................................................... 424
12.1.4 What You Need to Know ................................................................................................. 424
12.2 The Redirect Service Screen ..................................................................................................... 426
12.2.1 The Redirect Service Edit Screen ..................................................................................... 427
Chapter 13
Wireless.............................................................................................................................................429
13.1 Overview ..................................................................................................................................... 429
13.1.1 What You Can Do in this Chapter ................................................................................... 429
13.1.2 What You Need to Know ................................................................................................. 429
13.2 Built-in AP .................................................................................................................................... 431
13.2.1 Wireless > Built-in AP > General >Add/Edit SSID ............................................................. 432
13.2.2 Wireless > Built-in AP > Radio ............................................................................................ 436
13.3 Controller Screen ....................................................................................................................... 442
USG FLEX Series User’s Guide
13
Table of Contents
13.3.1 Connecting an AP to the Zyxel Device .......................................................................... 443
13.3.2 Connecting an AP to the Zyxel Device Manually ......................................................... 443
13.3.3 Connecting an AP to the Zyxel Device Using DHCP Option 138 ................................ 443
13.4 AP Management Screens ......................................................................................................... 444
13.4.1 Mgnt. AP List ..................................................................................................................... 444
13.4.2 AP Policy ............................................................................................................................ 460
13.4.3 AP Group ........................................................................................................................... 461
13.4.4 Firmware ............................................................................................................................. 467
13.5 Rogue AP ..................................................................................................................................... 469
13.5.1 Add/Edit Rogue/Friendly List ............................................................................................471
13.6 Wireless Health ............................................................................................................................ 472
13.7 Auto Healing ............................................................................................................................... 473
13.8 RTLS Overview ............................................................................................................................. 474
13.8.1 What You Can Do in this Chapter ................................................................................... 475
13.8.2 Before You Begin ............................................................................................................... 475
13.8.3 Configuring RTLS ................................................................................................................ 476
13.9 Technical Reference .................................................................................................................. 476
13.9.1 Dynamic Channel Selection ............................................................................................ 476
13.9.2 Load Balancing ................................................................................................................. 478
Chapter 14
ALG....................................................................................................................................................479
14.1 ALG Overview ............................................................................................................................. 479
14.1.1 What You Need to Know ................................................................................................. 479
14.1.2 Before You Begin ............................................................................................................... 482
14.2 The ALG Screen .......................................................................................................................... 482
14.3 ALG Technical Reference ......................................................................................................... 484
Chapter 15
UPnP...................................................................................................................................................486
15.1 UPnP and NAT-PMP Overview ................................................................................................... 486
15.2 What You Need to Know ........................................................................................................... 486
15.2.1 NAT Traversal ..................................................................................................................... 486
15.2.2 Cautions with UPnP and NAT-PMP .................................................................................. 487
15.3 UPnP Screen ................................................................................................................................ 487
15.4 Technical Reference .................................................................................................................. 488
15.4.1 Turning on UPnP in Windows 7 Example ......................................................................... 488
15.4.2 Turn on UPnP in Windows 10 Example ............................................................................ 492
15.4.3 Auto-discover Your UPnP-enabled Network Device .................................................... 494
15.4.4 Web Configurator Easy Access in Windows 7 ............................................................... 497
15.4.5 Web Configurator Easy Access in Windows 10 ............................................................. 499
Chapter 16
IP/MAC Binding................................................................................................................................501
USG FLEX Series User’s Guide
14
Table of Contents
16.1 IP/MAC Binding Overview ......................................................................................................... 501
16.1.1 What You Can Do in this Chapter ................................................................................... 501
16.1.2 What You Need to Know ................................................................................................. 501
16.2 IP/MAC Binding Summary ......................................................................................................... 502
16.2.1 IP/MAC Binding Edit .......................................................................................................... 503
16.2.2 Static DHCP Edit ................................................................................................................ 504
16.3 IP/MAC Binding Exempt List ....................................................................................................... 505
Chapter 17
Layer 2 Isolation...............................................................................................................................506
17.1 Overview ..................................................................................................................................... 506
17.1.1 What You Can Do in this Chapter ................................................................................... 506
17.2 Layer-2 Isolation General Screen ............................................................................................. 506
17.3 Allow List Screen ......................................................................................................................... 507
17.3.1 Add/Edit Allow List Rule ................................................................................................... 508
Chapter 18
DNS Inbound LB................................................................................................................................510
18.1 DNS Inbound Load Balancing Overview ................................................................................. 510
18.1.1 What You Can Do in this Chapter ................................................................................... 510
18.2 The DNS Inbound LB Screen ...................................................................................................... 511
18.2.1 The DNS Inbound LB Add/Edit Screen ............................................................................ 512
18.2.2 The DNS Inbound LB Add/Edit Member Screen ............................................................ 514
Chapter 19
IPSec VPN .........................................................................................................................................516
19.1 Virtual Private Networks (VPN) Overview ................................................................................. 516
19.1.1 What You Can Do in this Chapter ................................................................................... 518
19.1.2 What You Need to Know ................................................................................................. 518
19.1.3 Before You Begin ............................................................................................................... 521
19.2 The VPN Connection Screen ..................................................................................................... 521
19.2.1 The VPN Connection Add/Edit Screen .......................................................................... 523
19.3 The VPN Gateway Screen ......................................................................................................... 530
19.3.1 The VPN Gateway Add/Edit Screen ............................................................................... 532
19.4 VPN Concentrator ..................................................................................................................... 539
19.4.1 VPN Concentrator Requirements and Suggestions ...................................................... 540
19.4.2 VPN Concentrator Screen ............................................................................................... 540
19.4.3 The VPN Concentrator Add/Edit Screen ........................................................................ 541
19.5 Zyxel Device IPSec VPN Client Configuration Provisioning .................................................... 542
19.6 IPSec VPN Background Information ......................................................................................... 544
Chapter 20
SSL VPN..............................................................................................................................................554
USG FLEX Series User’s Guide
15
Table of Contents
20.1 Overview ..................................................................................................................................... 554
20.1.1 What You Can Do in this Chapter ................................................................................... 554
20.1.2 What You Need to Know ................................................................................................. 554
20.2 The SSL Access Privilege Screen ................................................................................................ 555
20.2.1 The SSL Access Privilege Policy Add/Edit Screen ......................................................... 556
20.3 The SSL Global Setting Screen ................................................................................................... 558
Chapter 21
L2TP VPN..................................... ... .... .... ............................................ ... .... .........................................560
21.1 Overview ..................................................................................................................................... 560
21.1.1 What You Can Do in this Chapter ................................................................................... 560
21.1.2 What You Need to Know ................................................................................................. 560
21.2 L2TP VPN Screen ......................................................................................................................... 561
21.2.1 Example: L2TP and Zyxel Device Behind a NAT Router ................................................ 563
Chapter 22
Remote AP VPN................................................................................................................................566
22.1 Overview ..................................................................................................................................... 566
22.2 Configuring a Remote AP ......................................................................................................... 567
22.3 Remote AP VPN Screen ............................................................................................................. 571
Chapter 23
BWM (Bandwidth Management) .................................................................................................572
23.1 Overview ..................................................................................................................................... 572
23.1.1 What You Can Do in this Chapter ................................................................................... 572
23.1.2 What You Need to Know ................................................................................................ 572
23.2 The Bandwidth Management Configuration .......................................................................... 576
23.2.1 The Bandwidth Management Add/Edit Screen ............................................................ 579
Chapter 24
Web Authentication ........................................................................................................................589
24.1 Web Auth Overview ................................................................................................................... 589
24.1.1 What You Can Do in this Chapter ................................................................................... 589
24.1.2 What You Need to Know ................................................................................................. 590
24.2 Web Authentication General Screen ...................................................................................... 590
24.2.1 User-aware Access Control Example ............................................................................. 596
24.2.2 Authentication Type Screen ............................................................................................ 602
24.2.3 Custom Web Portal / User Agreement File Screen ....................................................... 606
24.2.4 Facebook Wi-Fi Screen ..................................................................................................... 607
Chapter 25
Hotspot..............................................................................................................................................612
25.1 Overview ..................................................................................................................................... 612
USG FLEX Series User’s Guide
16
Table of Contents
25.2 Billing Overview ........................................................................................................................... 612
25.2.1 What You Need to Know ................................................................................................. 612
25.3 The Billing > General Screen ...................................................................................................... 613
25.4 The Billing > Billing Profile Screen ............................................................................................... 615
25.4.1 The Account Generator Screen ...................................................................................... 616
25.4.2 The Account Redeem Screen ......................................................................................... 619
25.4.3 The Billing Profile Add/Edit Screen ................................................................................... 621
25.5 The Billing > Discount Screen ..................................................................................................... 622
25.5.1 The Discount Add/Edit Screen ......................................................................................... 624
25.6 The Billing > Payment Service Screen ....................................................................................... 624
25.6.1 The Payment Service > Desktop / Mobile View Screen ............................................... 626
Chapter 26
Printer Manager ...............................................................................................................................630
26.1 Printer Manager Overview ........................................................................................................ 630
26.1.1 What You Can Do in this Chapter ................................................................................... 630
26.2 The Printer Manager > General Screen ................................................................................... 630
26.2.1 Add Printer Rule ................................................................................................................. 633
26.2.2 Edit Printer Rule .................................................................................................................. 633
26.2.3 Discover Printer ................................................................................................................. 634
26.2.4 Edit Printer Manager (Discover Printer) .......................................................................... 636
26.3 The Printout Configuration Screen ............................................................................................ 637
26.4 Printer Reports Overview ........................................................................................................... 638
26.4.1 Key Combinations ............................................................................................................. 638
26.4.2 Daily Account Summary .................................................................................................. 638
26.4.3 Monthly Account Summary ............................................................................................. 639
26.4.4 Account Report Notes ..................................................................................................... 639
26.4.5 System Status ..................................................................................................................... 640
Chapter 27
Free Time...........................................................................................................................................642
27.1 Free Time Overview ................................................................................................................... 642
27.1.1 What You Can Do in this Chapter ................................................................................... 642
27.2 The Free Time Screen ................................................................................................................. 642
Chapter 28
IPnP....................................................................................................................................................647
28.1 IPnP Overview ............................................................................................................................ 647
28.1.1 What You Can Do in this Chapter ................................................................................... 647
28.1.2 IPnP Screen ........................................................................................................................ 648
Chapter 29
Walled Garden..................................... ............................................ ... .... .........................................650
USG FLEX Series User’s Guide
17
Table of Contents
29.1 Walled Garden Overview ........................................................................................................ 650
29.2 Walled Garden > General Screen ........................................................................................... 650
29.3 Walled Garden > URL Base Screen .......................................................................................... 651
29.3.1 Adding/Editing a Walled Garden URL ........................................................................... 652
29.4 Walled Garden > Domain/IP Base Screen .............................................................................. 653
29.4.1 Adding/Editing a Walled Garden Domain or IP ........................................................... 654
29.4.2 Walled Garden Login Example ....................................................................................... 654
Chapter 30
Advertisement Screen.............. ... .... ................................................................................................656
30.1 Advertisement Overview ........................................................................................................... 656
30.1.1 Adding/Editing an Advertisement URL .......................................................................... 657
Chapter 31
Security Policy..................................................................................................................................659
31.1 Overview ..................................................................................................................................... 659
31.2 One Security ................................................................................................................................ 660
31.3 What You Can Do in this Chapter ............................................................................................ 663
31.3.1 What You Need to Know ................................................................................................. 663
31.4 The Security Policy Screen ......................................................................................................... 665
31.4.1 Configuring the Security Policy Control Screen ............................................................ 666
31.4.2 The Security Check for Web Interface Screen .............................................................. 669
31.4.3 The Security Policy Control Add/Edit Screen ................................................................. 671
31.5 Anomaly Detection and Prevention Overview ...................................................................... 673
31.5.1 The Anomaly Detection and Prevention General Screen ........................................... 673
31.5.2 Creating New ADP Profiles ..............................................................................................675
31.5.3 Traffic Anomaly Profiles ................................................................................................... 677
31.5.4 Protocol Anomaly Profiles ................................................................................................ 679
31.5.5 The ADP Allow List Screen ................................................................................................ 683
31.5.6 Creating New ADP Allow List Rule ................................................................................... 684
31.6 The Session Control Screen ........................................................................................................ 684
31.6.1 The Session Control Add/Edit Screen .............................................................................. 686
31.7 Security Policy Example Applications ......................................................................................687
Chapter 32
Application Patrol............................................................................................................................690
32.1 Overview ..................................................................................................................................... 690
32.1.1 What You Can Do in this Chapter ................................................................................... 690
32.1.2 What You Need to Know ................................................................................................ 690
32.2 Application Patrol Profile ........................................................................................................... 691
32.2.1 Profile Action: Apply to a Security Policy ....................................................................... 692
32.2.2 Application Patrol Profile > Add/Edit - My Application ............................................... 695
32.2.3 Application Patrol Profile > Add/Edit - Query Result ..................................................... 696
USG FLEX Series User’s Guide
18
Table of Contents
Chapter 33
Content Filter ....................................................................................................................................699
33.1 Overview ..................................................................................................................................... 699
33.1.1 What You Can Do in this Chapter ................................................................................... 699
33.1.2 What You Need to Know ................................................................................................. 699
33.1.3 Before You Begin ............................................................................................................... 701
33.2 Web Content Filter General Screen .........................................................................................702
33.2.1 Apply to a Security Policy ................................................................................................ 703
33.2.2 Web Content Filter Add Category Service .................................................................... 706
33.2.3 Content Filter Add Filter Profile Custom Service ........................................................... 719
33.3 Web Content Filter Trusted Web Sites Screen ........................................................................ 722
33.4 Web Content Filter Forbidden Web Sites Screen ................................................................... 723
33.5 DNS Content Filter General Screen .......................................................................................... 724
33.5.1 DNS Content Filter Add Profile ......................................................................................... 726
33.6 DNS Content Filter Allow List Screen ......................................................................................... 738
33.7 DNS Content Filter Block List Screen ......................................................................................... 739
33.8 Content Filter Technical Reference ......................................................................................... 739
Chapter 34
Anti-Malware....................................................................................................................................741
34.1 Overview ..................................................................................................................................... 741
34.1.1 What You Can Do in this Chapter ................................................................................... 745
34.2 Anti-Malware Screen ................................................................................................................. 746
34.3 The Allow List Screen .................................................................................................................. 750
34.4 The Block List Screen .................................................................................................................. 751
34.5 Anti-Malware Signature Searching ........................................................................................... 752
34.6 Anti-Malware Profile ................................................................................................................... 753
34.6.1 Add or Edit an Anti-Malware Profile ............................................................................... 754
34.6.2 Link a Profile ....................................................................................................................... 756
34.6.3 Anti-Malware Advance Screen ...................................................................................... 757
34.6.4 Remove Profiles ................................................................................................................. 759
34.7 Anti-Malware Technical Reference ......................................................................................... 760
Chapter 35
Reputation Filter ...............................................................................................................................762
35.1 Overview ..................................................................................................................................... 762
35.1.1 What You Need to Know ................................................................................................. 762
35.1.2 What You Can Do in this Chapter ................................................................................... 762
35.2 IP Reputation Screen .................................................................................................................. 763
35.2.1 IP Reputation Allow List Screen ........................................................................................ 766
35.2.2 IP Reputation Block List Screen ........................................................................................ 767
35.2.3 IP Reputation External Block List Screen ......................................................................... 768
35.2.4 IP Reputation External Block List Screen Add/Edit ........................................................ 769
USG FLEX Series User’s Guide
19
Table of Contents
35.3 DNS Threat Filter Screen ............................................................................................................. 770
35.3.1 DNS Threat Filter Allow List Screen ................................................................................... 773
35.3.2 DNS Threat Filter Block List Screen ................................................................................... 774
35.4 DNS Threat Filter Profile ............................................................................................................... 776
35.4.1 Add or Edit a DNS Threat Filter Profile ............................................................................. 777
35.4.2 Link a Profile ....................................................................................................................... 778
35.4.3 DNS Threat Filter Advance Screen .................................................................................. 779
35.4.4 Remove Profiles ................................................................................................................. 781
35.5 URL Threat Filter Screen .............................................................................................................. 782
35.5.1 URL Threat Filter Allow List Screen .................................................................................... 784
35.5.2 URL Threat Filter Block List Screen .................................................................................... 785
35.5.3 URL Threat Filter External Block List Screen ..................................................................... 786
35.6 URL Threat Filter Profile ................................................................................................................ 788
35.6.1 Add or Edit a URL Threat Filter Profile .............................................................................. 789
35.6.2 Link a Profile ....................................................................................................................... 791
35.6.3 URL Threat Filter Advance Screen ................................................................................... 791
35.6.4 Remove Profiles ................................................................................................................. 793
Chapter 36
IPS......................................................................................................................................................794
36.1 Overview ..................................................................................................................................... 794
36.1.1 What You Can Do in this Chapter ................................................................................... 794
36.1.2 What You Need To Know ................................................................................................. 794
36.1.3 Before You Begin ............................................................................................................... 795
36.2 The IPS Screen ............................................................................................................................. 795
36.2.1 Query Example .................................................................................................................. 802
36.3 IPS Custom Signatures ............................................................................................................... 803
36.3.1 Add / Edit Custom Signatures ......................................................................................... 804
36.3.2 Custom Signature Example ............................................................................................. 808
36.3.3 Applying Custom Signatures ............................................................................................ 810
36.3.4 Verifying Custom Signatures ............................................................................................ 811
36.4 The Allow List Screen ................................................................................................................. 811
36.5 IPS Profile ...................................................................................................................................... 812
36.5.1 Add or Edit an IPS Profile .................................................................................................. 813
36.5.2 Link a Profile ....................................................................................................................... 815
36.5.3 The IPS Advance Screen ..................................................................................................816
36.5.4 Remove Profiles ................................................................................................................. 817
36.6 IPS Technical Reference ............................................................................................................ 818
Chapter 37
Sandboxing ......................................................................................................................................821
37.1 Overview ..................................................................................................................................... 821
37.1.1 What You Need to Know ................................................................................................. 822
USG FLEX Series User’s Guide
20
Table of Contents
37.2 Sandboxing Screen .................................................................................................................... 822
Chapter 38
Email Security...................................................................................................................................825
38.1 Overview ..................................................................................................................................... 825
38.1.1 What You Can Do in this Chapter ................................................................................... 825
38.1.2 What You Need to Know ................................................................................................. 825
38.2 Before You Begin ........................................................................................................................ 826
38.3 The Email Security Screen ......................................................................................................... 827
38.4 The Allow List Screen .................................................................................................................. 829
38.5 The Block List Screen .................................................................................................................. 830
38.5.1 The Block or Allow List Add/Edit Screen ......................................................................... 831
38.5.2 Regular Expressions in Block or Allow List Entries ............................................................ 833
38.6 Email Security Profile ................................................................................................................... 833
38.6.1 Add or Edit Email Security Profile ..................................................................................... 834
38.6.2 Link a Profile ....................................................................................................................... 836
38.6.3 The Email Security Advance Screen .............................................................................. 837
38.6.4 Remove Profiles ................................................................................................................. 840
38.7 Email Security Technical Reference ......................................................................................... 840
Chapter 39
Collaborative Detection & Response.............................................................................................844
39.1 Overview ..................................................................................................................................... 844
39.1.1 What You Can Do in this Chapter ................................................................................... 845
39.2 Before You Begin ........................................................................................................................ 845
39.3 The Collaborative Detection & Response Screen ................................................................. 847
39.3.1 Add VLAN ......................................................................................................................... 849
39.4 The Exempt List Screen ............................................................................................................... 856
Chapter 40
SSL Inspection...................................................................................................................................858
40.1 Overview ..................................................................................................................................... 858
40.1.1 What You Can Do in this Chapter ................................................................................... 858
40.1.2 What You Need To Know ................................................................................................. 859
40.1.3 What You Can Do in this Chapter ................................................................................... 859
40.1.4 Before You Begin ............................................................................................................... 859
40.2 The SSL Inspection Profile Screen .............................................................................................. 859
40.2.1 Apply to a Security Policy ................................................................................................ 862
40.2.2 Add / Edit SSL Inspection Profiles .................................................................................... 865
40.3 Exclude List Screen .................................................................................................................... 866
40.4 Certificate Update Screen ....................................................................................................... 879
40.5 Install a CA Certificate in a Browser ......................................................................................... 880
USG FLEX Series User’s Guide
21
Table of Contents
Chapter 41
IP Exception......................................................................................................................................883
41.1 Overview ..................................................................................................................................... 883
41.2 The IP Exception Screen ............................................................................................................. 883
41.2.1 The IP Exception Add/Edit Screen ................................................................................. 884
Chapter 42
Astra Cloud Security....................................... ... .... ..........................................................................886
42.1 Overview ..................................................................................................................................... 886
42.2 Astra Cloud Security Screen ...................................................................................................... 887
Chapter 43
Object...............................................................................................................................................889
43.1 The Device Insight Screen ......................................................................................................... 889
43.1.1 Device Insight Add/Edit Screen ...................................................................................... 890
43.1.2 Example: Block a Profile ................................................................................................... 891
43.2 Zones Overview .......................................................................................................................... 895
43.2.1 What You Need to Know ................................................................................................. 896
43.2.2 The Zone Screen ................................................................................................................ 897
43.3 User/Group Overview ................................................................................................................ 898
43.3.1 What You Need To Know ................................................................................................. 899
43.3.2 User/Group User Summary Screen .................................................................................. 901
43.3.3 User Add/Edit General Screen ........................................................................................ 902
43.3.4 User Add/Edit Two-factor Authentication Screen ........................................................ 906
43.3.5 User/Group Group Summary Screen .............................................................................. 909
43.3.6 User/Group Setting Screen ............................................................................................. 910
43.3.7 User/Group MAC Address Summary Screen ................................................................ 915
43.3.8 User /Group Technical Reference .................................................................................. 917
43.4 AP Profile Overview .................................................................................................................... 918
43.4.1 Radio Screen ..................................................................................................................... 920
43.4.2 SSID Screen ....................................................................................................................... 926
43.5 MON Profile ................................................................................................................................. 945
43.5.1 Configuring MON Profile .................................................................................................. 946
43.5.2 Add/Edit MON Profile ....................................................................................................... 947
43.5.3 Technical Reference ........................................................................................................ 948
43.6 ZyMesh Overview ....................................................................................................................... 949
43.6.1 ZyMesh Profile .................................................................................................................... 951
43.6.2 Add/Edit ZyMesh Profile ................................................................................................... 952
43.7 Address/Geo IP Overview ......................................................................................................... 952
43.7.1 What You Need To Know ................................................................................................. 953
43.7.2 Address Summary Screen ................................................................................................ 953
43.7.3 Address Group Summary Screen .................................................................................... 957
43.7.4 Geo IP Summary Screen .................................................................................................. 959
USG FLEX Series User’s Guide
22
Table of Contents
43.8 Service Overview ........................................................................................................................ 962
43.8.1 What You Need to Know ................................................................................................. 962
43.8.2 The Service Summary Screen .......................................................................................... 963
43.8.3 The Service Group Summary Screen ............................................................................. 965
43.9 Schedule Overview ................................................................................................................... 967
43.9.1 What You Need to Know ................................................................................................. 967
43.9.2 The Schedule Screen ........................................................................................................ 968
43.9.3 The Schedule Group Screen ............................................................................................ 971
43.10 AAA Server Overview ............................................................................................................. 972
43.10.1 Directory Service (AD/LDAP) ......................................................................................... 973
43.10.2 RADIUS Server .................................................................................................................. 973
43.10.3 ASAS .................................................................................................................................. 973
43.10.4 What You Need To Know ............................................................................................... 974
43.10.5 Active Directory or LDAP Server Summary ................................................................... 975
43.10.6 RADIUS Server Summary ................................................................................................. 979
43.11 Auth. Method Overview ......................................................................................................... 982
43.11.1 Before You Begin ............................................................................................................. 982
43.11.2 Example: Selecting a VPN Authentication Method ................................................... 982
43.11.3 Authentication Method Objects ................................................................................... 983
43.11.4 Two-Factor Authentication ............................................................................................ 985
43.11.5 Two-Factor Authentication VPN Access ...................................................................... 988
43.11.6 Two-Factor Authentication Admin Access .................................................................. 990
43.12 Certificate Overview ................................................................................................................ 991
43.12.1 What You Need to Know ............................................................................................... 992
43.12.2 Verifying a Certificate .................................................................................................... 993
43.12.3 The My Certificates Screen ............................................................................................ 994
43.12.4 The Trusted Certificates Screen .................................................................................. 1003
43.12.5 Certificates Technical Reference ............................................................................... 1008
43.13 ISP Account Overview .......................................................................................................... 1008
43.13.1 ISP Account Summary .................................................................................................. 1008
43.14 DHCPv6 Overview .................................................................................................................. 1011
43.14.1 The DHCPv6 Request Screen ....................................................................................... 1011
43.14.2 DHCPv6 Lease Screen .................................................................................................. 1013
Chapter 44
Device HA.......................................................................................................................................1015
44.1 Device HA Overview ................................................................................................................ 1015
44.1.1 What You Can Do in These Screens .............................................................................. 1015
44.2 Device HA Status ...................................................................................................................... 1015
44.3 Device HA Pro ........................................................................................................................... 1017
44.3.1 Deploying Device HA Pro .............................................................................................. 1018
44.3.2 Configuring Device HA Pro ............................................................................................ 1018
44.4 View Log .................................................................................................................................... 1020
USG FLEX Series User’s Guide
23
Table of Contents
Chapter 45
Mgmt. & Analytics.........................................................................................................................1022
45.1 Mgmt. & Analytics Overview ................................................................................................... 1022
45.1.1 What You Can Do in this Chapter ................................................................................. 1022
45.2 Cloud CNM SecuManager .....................................................................................................1022
45.3 Cloud CNM SecuReporter ....................................................................................................... 1025
45.4 Nebula ....................................................................................................................................... 1030
45.4.1 Scenario A-Native Mode ............................................................................................... 1030
45.4.2 Scenario B-Zero Touch Provisioning (ZTP) ..................................................................... 1032
Chapter 46
System.............................................................................................................................................1034
46.1 Overview ................................................................................................................................... 1034
46.1.1 What You Can Do in this Chapter ................................................................................. 1034
46.2 Host Name ................................................................................................................................. 1035
46.3 USB Storage ............................................................................................................................... 1035
46.4 Date and Time .......................................................................................................................... 1037
46.4.1 Pre-defined NTP Time Servers List ................................................................................... 1040
46.4.2 Time Server Synchronization .......................................................................................... 1040
46.5 Console Port Speed ................................................................................................................. 1041
46.6 DNS Overview ........................................................................................................................... 1042
46.6.1 DNS Server Address Assignment .................................................................................... 1042
46.6.2 Configuring the DNS Screen .......................................................................................... 1042
46.6.3 (IPv6) Address Record .................................................................................................... 1046
46.6.4 PTR Record ....................................................................................................................... 1046
46.6.5 Adding an (IPv6) Address/PTR Record ........................................................................ 1046
46.6.6 CNAME Record ............................................................................................................... 1047
46.6.7 Adding a CNAME Record .............................................................................................. 1047
46.6.8 Domain Zone Forwarder ............................................................................................... 1048
46.6.9 Adding a Domain Zone Forwarder ............................................................................... 1048
46.6.10 MX Record .................................................................................................................... 1049
46.6.11 Adding a MX Record .................................................................................................... 1049
46.6.12 Security Option Control ................................................................................................1050
46.6.13 Editing a Security Option Control ................................................................................ 1050
46.6.14 Adding a DNS Service Control Rule ............................................................................ 1051
46.7 WWW Overview ........................................................................................................................ 1052
46.7.1 Service Access Limitations ............................................................................................. 1052
46.7.2 System Timeout ................................................................................................................ 1052
46.7.3 HTTPS ................................................................................................................................. 1052
46.7.4 Configuring WWW Service Control ............................................................................... 1053
46.7.5 Service Control Rules ...................................................................................................... 1056
46.7.6 Customizing the WWW Login Page .............................................................................. 1057
46.7.7 HTTPS Example ................................................................................................................. 1062
USG FLEX Series User’s Guide
24
Table of Contents
46.8 SSH ........................................................................................................................................... 1069
46.8.1 SSH Implementation on the Zyxel Device .................................................................... 1070
46.8.2 Requirements for Using SSH ............................................................................................ 1070
46.8.3 Configuring SSH ............................................................................................................... 1070
46.8.4 Service Control Rules ...................................................................................................... 1071
46.8.5 SSH Example .................................................................................................................... 1072
46.9 Telnet ......................................................................................................................................... 1073
46.9.1 Configuring Telnet ........................................................................................................... 1073
46.9.2 Service Control Rules ...................................................................................................... 1075
46.10 FTP ............................................................................................................................................ 1075
46.10.1 Configuring FTP .............................................................................................................. 1075
46.10.2 Service Control Rules .................................................................................................... 1077
46.11 SNMP ....................................................................................................................................... 1077
46.11.1 SNMPv3 and Security ....................................................................................................1078
46.11.2 Supported MIBs ............................................................................................................. 1079
46.11.3 SNMP Traps ..................................................................................................................... 1079
46.11.4 Configuring SNMP ......................................................................................................... 1079
46.11.5 Add SNMPv3 User .......................................................................................................... 1081
46.11.6 Service Control Rules .................................................................................................... 1082
46.12 Authentication Server ............................................................................................................ 1083
46.12.1 Add/Edit Trusted RADIUS Client .................................................................................. 1084
46.13 Notification > Mail Server ....................................................................................................... 1085
46.14 Notification > SMS ................................................................................................................... 1087
46.15 Notification > Response Message ....................................................................................... 1088
46.16 Language Screen ................................................................................................................... 1089
46.17 IPv6 Screen .............................................................................................................................. 1090
46.18 Zyxel One Network (ZON) Utility ........................................................................................... 1090
46.18.1 Requirements ................................................................................................................. 1091
46.18.2 Run the ZON Utility ......................................................................................................... 1091
46.18.3 Zyxel One Network (ZON) System Screen .................................................................. 1095
Chapter 47
Log and Report....... .... ... ............................................. ... .... ............................................ .................1096
47.1 Overview ................................................................................................................................... 1096
47.1.1 What You Can Do In this Chapter ................................................................................ 1096
47.2 Email Daily Report ..................................................................................................................... 1096
47.3 Log Setting Screens ................................................................................................................. 1098
47.3.1 Log Setting Summary ...................................................................................................... 1098
47.3.2 Edit System Log Settings ................................................................................................ 1100
47.3.3 Edit Log on USB Storage Setting ................................................................................... 1104
47.3.4 Edit Remote Server Log Settings ................................................................................... 1105
47.3.5 Log Category Settings Screen ....................................................................................... 1107
USG FLEX Series User’s Guide
25
Table of Contents
Chapter 48
File Manager ..................................................................................................................................1110
48.1 Overview ................................................................................................................................... 1110
48.1.1 What You Can Do in this Chapter ................................................................................. 1110
48.1.2 What you Need to Know ................................................................................................ 1110
48.2 The Configuration Screen ........................................................................................................ 1114
48.2.1 The Configuration Schedule Backup Screen .............................................................. 1119
48.3 Firmware Management ......................................................................................................... 1120
48.3.1 Cloud Helper ................................................................................................................... 1120
48.3.2 The Firmware Management Screen ............................................................................. 1123
48.3.3 Firmware Upgrade via USB Stick .................................................................................... 1127
48.3.4 Firmware Integrity Check ............................................................................................... 1127
48.4 The Shell Script Screen ............................................................................................................ 1128
Chapter 49
Diagnostics ....................................................................................................................................1131
49.1 Overview ................................................................................................................................... 1131
49.1.1 What You Can Do in this Chapter ................................................................................. 1131
49.2 The Diagnostics Screens .......................................................................................................... 1131
49.2.1 Scripts ............................................................................................................................... 1131
49.2.2 The Diagnostics Controller Screen ................................................................................ 1132
49.2.3 The Diagnostics AP Screen ............................................................................................. 1134
49.2.4 The Diagnostics Files Screen .......................................................................................... 1136
49.3 The Packet Capture Screen .................................................................................................... 1137
49.3.1 The Packet Capture on AP Screen ............................................................................... 1139
49.3.2 The Packet Capture Files Screen .................................................................................. 1142
49.3.3 The Packet Capture Remote Capture Screen ............................................................ 1143
49.4 The CPU / Memory Status Screen ........................................................................................... 1144
49.5 The System Log Screen ............................................................................................................ 1146
49.6 The Network Tool Screen ......................................................................................................... 1146
49.7 The Routing Traces Screen ...................................................................................................... 1149
49.8 The Wireless Frame Capture Screen ...................................................................................... 1150
49.8.1 The Wireless Frame Capture Files Screen .................................................................... 1151
Chapter 50
Packet Flow Explore ......................................................................................................................1152
50.1 Overview ................................................................................................................................... 1152
50.1.1 What You Can Do in this Chapter ................................................................................. 1152
50.2 Routing Status .......................................................................................................................... 1152
50.3 The SNAT Status Screen ............................................................................................................ 1156
Chapter 51
Shutdown........................................................................................................................................1159
USG FLEX Series User’s Guide
26
Table of Contents
51.1 Overview ................................................................................................................................... 1159
51.1.1 What You Need To Know ............................................................................................... 1159
51.2 The Shutdown / Reboot Screen ..............................................................................................1159
Part III: Appendices and Troubleshooting................................................1161
Chapter 52
Troubleshooting..............................................................................................................................1162
52.1 Resetting the Zyxel Device ...................................................................................................... 1180
52.2 Getting More Troubleshooting Help ....................................................................................... 1181
Appendix A Product Features ..................................................................................................... 1182
Appendix B Legal Information..................................................................................................... 1186
USG FLEX Series User’s Guide
27
PART I

User’s Guide

28

1.1 Overview

Zyxel Device refers to these models as outlined below.
• USG FLEX 100
• USG FLEX 100W
• USG FLEX 200
• USG FLEX 500
• USG FLEX 700
1.1.1 Model Feature Differences
Note the following differences between the USG FLEX models:
CHAPTER 1

Introduction

Table 1 USG FLEX Model Feature Comparison
FEATURE/MODEL
Microsoft Azure YES YES YES YES YES
Amazon VPC CLI only CLI only CLI only CLI only CLI only
Anomaly Detection & Prevention YES YES YES YES YES
Email Security (Anti-Spam) YES YES YES YES YES
IPS (IDP) YES YES YES YES YES
Anti-Malware YES YES YES YES YES
App Patrol YES YES YES YES YES
Web Filtering (Content Filtering) YES YES YES YES YES
SecuReporter YES YES YES YES YES
Reputation Filter (IP and DNS) NO NO NO NO NO
URL Threat Filter YES YES YES YES YES
Sandboxing NO NO NO NO NO
IP Exception YES YES YES YES YES
AP Controller YES YES YES YES YES
Device HA Pro NO NO NO YES YES
Hotspot Management NO NO YES YES YES
Concurrent Device Upgrade NO NO NO YES YES
LAG NO NO NO YES YES
Port Group NO NO NO NO YES
Port Role YES YES YES YES NO
USG FLEX 100
USG FLEX 100W
USG FLEX 200
USG FLEX 500
USG FLEX 700
USG FLEX Series User’s Guide
29
Chapter 1 Introduction
Table 1 USG FLEX Model Feature Comparison (continued)
FEATURE/MODEL
SD-WAN Mode NO NO NO NO NO
SSL Application YES YES YES YES YES
SSL encrypted traffic inspection YES YES YES YES YES
Bundled UTM Feature License Validity
Virtual Server Load Balancing YES YES YES YES YES
Built-in AP NO YES NO NO NO
USG FLEX 100
1 year 1 year 1 year 1 year 1 year
USG FLEX 100W
USG FLEX 200
USG FLEX 500
USG FLEX 700
Management by Nebula Control Center (NCC)
YES YES YES YES YES
Note: Your Zyxel Device does not support sandboxing, DNS threat filter and IP reputation by
default. To activate these features, please purchase a gold pack license; see Section
7.1.2 on page 252 for more information.
• Not all models support all features. See Table 1 on page 29 for the specific features that your model supports.
Table 2 Security Feature List
• Application Security (Application Patrol) • Intrusion Prevention System (IPS)
• Anomaly Detection & Prevention (ADP) • Web Filtering (Content Filtering)
• Malware Blocker (Anti-Virus) • Email Security (Anti-Spam)
• Secure Socket Layer (SSL) encrypted traffic Inspection
The following security features work without a security license:
• Configuration > Content Filter > Trusted Web Sites
• Configuration > IPS > Custom Signatures
• Configuration > Anti-Virus > Black/White List
• Configuration > Anti-Spam/Email Security > Block/Allow List
For information on interface names by model, default port or interface name mapping, and default interface or zone mapping please see
See the product’s datasheet for detailed information on a specific model.

1.2 On Premises Mode

When you log into the Web Configurator for the first time or when you reset the Zyxel Device to its default configuration, the Initial Setup Wizard screen displays. Choose On Premises Mode to manage your Zyxel Device directly using either the browser-based Web Configurator or the Command Line Interface (CLI).
Section 3.3 on page 100.
USG FLEX Series User’s Guide
30
Loading...
+ 1187 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use