ZyWALL VPN2S
VPN Firewall
The ZyWALL VPN2S is designed for small businesses, branch offices and
home/remote workers. It provides you Internet connections with high
reliability, high performance and high security to maintain operating
efficiency and productivity. The VPN2S has five Gigabit Ethernet ports (2
are configurable for LAN/WAN and 3 for LAN) plus one USB port for 3G/4G
dongles. With two WAN ports and a 3G/4G dongle, the VPN2S can be set up
as a triple-WAN gateway for load balancing or failover backups. The VPN2S is
a reliable, secure VPN router as well as it supports IPSec, PPTP and L2TP to fit
various user scenarios.
Benefits
Secure, reliable connections for your networks
Zyxel’s ZyWALL VPN2S offers comprehensive virtual private network (VPN)
capabilities including IKEv2, SHA2 and GRE, etc. that allows multiple offices
and tens of employees to access the information they need anywhere as
secure as if they were in the headquarters. It also offers secure connections
for a number of remote workers depending on your needs.
The ZyWALL VPN2S supports L2TP/IPSec VPN on a wide variety of mobile
Internet devices running iOS or Android. In addition, the ZyWALL VPN2S can
also act as an L2TP VPN client for home workers to connect office networks
without complex configuration.
Supports the IKEv2/SHA2
encryption/authentication
algorithms
High-performance SPI firewall
(Web Security, DoS/DDoS
Protection)
Remote management (HTTP,
HTTPS, SSH, Telnet and
TR-069, SNMP)
One-year free Content
Filtering service
Multi-WAN load balancing
and failover (GbE WANs and
3G/4G USB WAN)
Datasheet ZyWALL VPN2S
One-year free Content Filtering service
The ZyWALL VPN2S with Content Filtering prevents users
from accessing malicious or malware sites as well as
inappropriate contents such as violent or porn; it also helps
small and medium businesses to increase productivity
by staying away from social networking sites that could
potentially lower working efficiency. With the user-friendly
web GUI, you can effortlessly configure all parameters to
keep your business right on track.
Powerful, robust network security
Network security is always the most important issue in
terms of avoiding Internet threats. The ZyWALL VPN2S offers
SPI Firewall functions that work against attacks including
Denial of Service (DoS), IP-based attacks, unauthorized
remote system access, anomaly traffics and illegal packets
for highly secure managed network environments.
Easy-to-use GUI and swift management
Zyxel’s Wizard and GUI will have you connected quickly,
and they both provide a multi-lingual Web GUI. For efficient
management, the ZyWALL VPN2S offers completely
remote management tools that empower administrators to
configure and monitor ZyWALL easily.
ZyWALL VPN Firewall Quick Finder
Model VPN2S VPN50
Firewall throughput 1.5 Gbps 800 Mbps
Max. concurrent sessions 50,000 400,000
VPN throughput (Mbps) 35 150
Max. concurrent IPSec VPN tunnels 20 50
Content filtering Ye s Ye s
Geo Enforcer - Ye s
SSL VPN - Yes
IPSec VPN Ye s Ye s
L2TP/L2TP over IPSec Client/Server Client/Server
2Datasheet ZyWALL VPN2S
Application Diagram
VPN and security applications
• Organizations, branch offices, partners and home users
can deploy Zyxel ZyWALL VPN2S for Site-to-Site IPSec
VPN and L2TP Over IPSec VPN clients.
• VPN is a solution to establish secured network
connections and to reduce long-distance telephone
charges.
Travel
Worker
VPN
VPN
3G/4G
USB
Dongle
VPN2S
ZyWALL VPN
VPN
Firewall
• Remote users can securely access company resources
with their computers or smartphones via Zyxel’s ZyWALL
VPN2S.
• The ZyWALL VPN2S can establish L2TP VPN connections
to service providers for secured Internet access.
• VPN2S with Content filter prevents users from accessing
malicious, malware sites and inappropriate contents.
IT Center
VPN
Failover
Internet
VPN2S
ZyWALL VPN
Firewall
Content
Filter
OfficeOffice
Multi-WAN applications
• The VPN2S can adapt to a variety of network
environments and enable offices or service providers
to perform flexible installations for Ethernet or mobile
WAN access.
ISP 1
ISP 2
Internet
4G
Cloud Service
• Multi-WAN load balancing ensures seamless Internet
connectivity even with heavy traffics.
• The offices can optionally deploy non-stop Internet access
with Multi-WAN failover.
VPN2S
ZyWALL VPN Firewall
3G/4G
USB Dongle
ISP 3
3G
WAN Connection LAN
4G
3G
3Datasheet ZyWALL VPN2S
Specifications
Model VPN2S
Product photo
Hardware Specifications
10/100/1000 Mbps RJ-45 ports 3 x LAN, 1 x OPT, 1 x WAN
USB ports 2 x USB 2.0
Fanless Ye s
System Capacity & Performance
SPI firewall throughput (Gbps)
VPN throughput (Mbps)
*3
Max. TCP concurrent sessions
Max. concurrent IPsec VPN tunnels
Customizable zones Ye s
IPv6 support Yes
VLANs 16
Key Software Features
Multi-WAN load balance/failover Ye s
Virtual Private Network (VPN) Yes (IPSec, L2TP over IPSec, PPTP, L2TP, GRE)
VPN client IPSec/L2TP/PPTP
Content filtering 1 year free
Firewall Ye s
VLAN/interface group Ye s
Bandwidth management Ye s
Logging and monitoring Ye s
Cloud helper Yes
Remote management Ye s
Power Requirements
Power input 110 to 240V AC, 50/60 Hz, 1.5A max.
Max. power consumption (watt) 13.1
Heat dissipation (BTU/hr) 44.7
Physical Specifications
Item
Dimensions (WxDxH)(mm/in.) 210 x 115 x 33/8.27 x 6.06 x 1.57
Weight (Kg/lb.) 0.495/1.09
Packing
Dimensions (WxDxH)(mm/in.) 288 x 189 x 83/11.34 x 7.44 x 3.27
Weight (Kg/lb.) 1.13/2.49
Accessories Power adapter
Environmental Specifications
Operating
environment
Storage
environment
Temperature 0°C to 40°C/32°F to 104°F
Humidity 20% to 95% (non-condensing)
Temperature -30°C to 60°C/-22°F to 140°F
Humidity 20% to 95% (non-condensing)
MTBF (hr)
Certifications
EMC FCC Part 15B (Class B), FCC Part 68
Safety CE LVD
*: This matrix with firmware OPAL BE 1.12 or later.
*1: Actual performance may vary depending on network conditions and activated applications.
*2: Maximum throughput measured based on RFC 2544 (1,518-byte UDP packets).
*3: VPN throughput based on RFC 2544 (1,424-byte UDP packets).
*4: Maximum sessions measured using the industry standard IXIA IxLoad testing tool.
*5: Including Gateway-to-Gateway and Client-to-Gateway.
*1
*2
1.5
35
*4
*5
50,000
20
44,000
CE EMC (Class B)
4Datasheet ZyWALL VPN2S
Feature Sets
Ethernet WAN
• IPoE/PPPoE
• DHCP Client/Static IP
• Routing mode/Bridge mode
• IGMP proxy
• DHCP option 43, 60, 61, 120, 121, 125
• Outgoing VLAN tagging (802.1Q)
• Configurable MTU
• Port setting (LAN port can be
confiured as WAN port)
• MAC clone
Mobile WAN
• WAN connection via 3G/4G USB
Dongle*
• Authentication type (PPP/CHAP)
• Budget control (Time budget/Data
budget)
Multi-WAN
• Load balance/failover
• Load balance algorithm (Weight
round robin/Least load first/Spillover)
• Connectivity check (Auto fallback
when primary WAN recovers)
• Dynamic DNS and default server for
multiple interfaces
Firewall/Security
• Stateful Packet Inspection (SPI)
• DoS/DDoS protection (Protocol
anomaly, traffic anomaly, flooding
dection)
• Firewall flow chart
• Up to 500 firewall rules
• MAC filter
• Firewall rule schedules
• Device service access control
• Zone control
Content Filtering
• Real-time malicious website filtering
• 64 URL categories, including 8
unsafe categories
• URL filtering
• HTTPS domain filter
• Content filter monitor
• Profile management
• Scheduling control
• Black/white Website list
VPN
• IPSec, L2TP over IPSec (Server/Client),
L2TP (Server/Client), PPTP, GRE
• Key management: manual key, IKEv1
and IKEv2 with EAP
• Encryption: AES (128/192/256 bits),
3DES
• Support generating SHA-1 & SHA-2
certificate
• Perfect forward secrecy (DH groups
2/5/14)
• Up to 20 concurrent VPN tunnels
• Hardware VPN engine
• IPSec NAT traversal
• VPN dead peer detection, relay
detection, and auto-reconnection
• PKI (X.509) certificate support
• VPN wizard for easy setup
• VPN failover
VLAN/Interface Group
• VLAN tagging (802.1Q)
• 802.1P
• Multiple subnets
• DHCP option 60, 61, 125
• WAN/LAN bridge for triple play
• Port-Based VLAN
Routing and NAT
• Port forwarding
• Port triggering
• Address mapping (One-to-One,
Many-to-One, Many-to-Many)
• Policy route
• Static route
• Dynamic route (RIPv1/v2)
• Up to max. 50,000 concurrent NAT
sessions
Ethernet LAN
• DHCP server/relay
• Static DHCP
• Additional subnet (IP alias)
• Wake on LAN
• DHCP option 66, 67, 150
• DNS entry
• IGMP snooping
• DNS proxy and query forwarding by
domain name
Bandwidth Management
• Bandwidth limitation (upstream/
downstream)
• Class-based bandwidth
management
• QoS policer for guaranteed
bandwidth
• QoS shaper for rate limit by outgoing
interface
• 8-Level queue priority
System Management
• Multi-lingual Web GUI
• Firmware upgrade via Web GUI, FTP,
TR-069, and Cloud Helper
• USB file sharing
• AAA server
• Certificate management
• HTTP/HTTPS
• SSH
• Telnet
• TR-069
• SNMP v1, v2c
IPv6
• IPv4/IPv6 dual stack
• DS-Lite
• 6RD
• SLAAC
• DHCPv6 client/server
• Static IP
• DNS
• MLD proxy
*: For specific models supporting the 3G and 4G
dongles on the list, please refer to the Zyxel
product page at 3G dongle document.
5Datasheet ZyWALL VPN2S
For more product information, visit us on the web at www.zyxel.com
Copyright © 2018 Zyxel Communications Corp. All rights reserved. Zyxel, Zyxel logo are registered
trademarks of Zyxel Communications Corp. All other brands, product names, or trademarks mentioned
are the property of their respective owners. All specifications are subject to change without notice. 5-100-00818013 05/18
Datasheet ZyWALL VPN2S
Loading...