Zyxel ZyWALL 110, ZyWALL 310, ZyWALL 1100 User Manual

ZyWALL 110/310/1100 and USG20(W)-VPN

VPN Firewall

Networking brings convenience and efficiency to business environments;
however it introduces significant security and safety concerns at the
same time. Today, businesses or branch offices really need a complete yet
affordable solution that not only bridges communications between two
or more remote sites, but also connects multiple VPNs and ensures data
security to prevent the network from threats.

Benefits

Safer, more reliable VPN connections

Faster processors today have vastly boosted the capabilities of attackers
to decrypt VPN tunnels. Legacy VPN cryptographic algorithms like Message
Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA-1) are no longer sufficient
to guarantee secure outbound communications. With supports to the more
advanced Secure Hash Algorithm 2 (SHA-2), the VPN Firewall provides the
safest VPN connections in its class to ensure maximum security for business
communications.

The complete range of Zyxel VPN Firewalls deliver reliable, non-stop VPN
services with dual-WAN failover and fallback support. With two WAN
connections—one primary and one for redundancy—the Zyxel VPN Firewall
automatically switches to the backup connection should the primary link fail,
and automatically switches back to the primary connection once it is back
online.

Robust hybrid VPN (IPSec/
SSL/L2TP over IPSec)

Facebook WiFi, Intelligence
social media authentication

Auto-provisioned client-to-site
IPsec setup with Easy VPN

More secure VPN connections
with SHA-2 cryptographic

Device HA Pro dedicated
heartbeat port ensures smart
handover

Hotspot management for
authentication, access control
and billing

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

COMMUNITY

BIZ FORUM

To support dynamic, mobile business operations in today’s
BYOD (bring your own device) business environments, the
VPN Firewalls offer unlimited business mobility with Layer-2
Tunneling Protocol (L2TP) VPN for mobile devices. The
VPN Firewall supports L2TP/IPSec VPN on a wide variety
of mobile Internet devices running the iOS, Android and
Windows mobile platforms.

Zero-configuration remote access

Virtual private networks provide businesses a secure
and convenient way of sharing company resources with
partners, customers, or employees on business trips. Yet
typical VPN solutions are hard for non-technical users
to configure, which greatly reduces their usability and
convenience. The Zyxel VPN Firewalls feature Easy VPN to
provide auto-provisioned client-to-site IPSec VPN setup. A
wizard is available with the Zyxel IPSec VPN client-software
that automatically retrieves the VPN configuration file
from the remote Zyxel VPN Firewall and completes the
IPSec VPN setup in 3 simple steps. Zyxel’s Easy VPN lowers
administration effort and allows partner, customers, or
traveling employees to access company servers, email, or
data centers easily and securely.

Best TCO for access expansion

People expect network access regardless of time or
location. As a result, hotspots are in demand in an ever­expanding assortment of locations. The Zyxel VPN firewalls
integrated with Zyxel AP Controller technology enables
users from a centralized user interface. In addition,
Zyxel Hotspot Management delivers a unified solution
for business networks with user-friendly tools like Billing
System, Walled Garden, Multiple Authentication, 3rd Party
Social Login and User Agreement. With ZyWALL series
businesses can now deploy or expand a managed WiFi
network with minimal effort.

Swift and secure firmware upgrades

Locating firmware updates — not to mention identifying
correct versions for your device and managing their
installation — can be a complex and confusing ordeal. The
Zyxel VPN Firewall solves this with its new Cloud Helper
service. Cloud Helper provides a simple step to look for up­to-date firmware information. New firmware is immediately
made available upon release from our official database to
ensure its authenticity and reliability.

Simplified management procedure

Managing complex configuration settings can be confusing
and time-consuming. Zyxel USG 20-VPN and USG20W­VPN provides an “easy mode” setting in the GUI for
entry-level and SOHO users. Easy mode provides an icon­based feature set and attractive dashboard to simplify
management and monitoring of the device. Application
and function settings also have integrated wizards for user­friendly setup. Zyxel USG 20-VPN and USG20W-VPN easy
mode helps entry-level users and SOHO users effortlessly
take advantage of high-speed and secure networking.

Zyxel One Network experience

Aiming for relieving our customers from repetitive
operations of deploying and managing a network, Zyxel
One Network is designed to simplify the configuration,
management, and troubleshooting, allowing our customers
to focus on the business priorities. Zyxel One Network
presents an easy-to-use tool, Zyxel One Network Utility
(ZON Utility), to realize speed network setup. Zyxel Smart
Connect allows Zyxel networking equipment to be aware
and recognize each other and further facilitating the
network maintenance via one-click remote functions
such as factory reset or power cycling. Zyxel One Network
redefines the network integration across multiple
networking products from switch to WiFi AP and to
Gateway.

Stay secure and Up-to-Date with OneSecurity

Zyxel provides frequent and timely updates in response
to the latest security threats and advisories through
OneSecurity — our free online service portal. OneSecurity
offers informative network security resources and the
know-how to assist businesses and IT administrators in
keeping their network operations safe in the digital age.
Information and resources can be found with one click via
the GUI of Zyxel UTM Firewall series and ZyWALL series
products. IT staff can quickly and easily catch up on the
latest threats, and then proceed to walkthroughs and
troubleshooting protocols with the help of easy-to-follow
FAQs — all provided to help users secure their networks
and simplify management of our UTM products.

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

2

VPN Firewall Quick Finder

Model USG20(W)-VPN ZyWALL 110 ZyWALL 310 ZyWALL 1100 USG2200-VPN

Description SB SB SMB SMB MB

Firewall Throughput (Mbps) 350 1,600 5,000 6,000 25,000

Max. Concurrent Sessions 20,000 150,000 500,000 1,000,000 1,500,000

VPN throughput (Mbps) 90 400 650 800 2,500

Max. Concurrent IPSec
VPN Tunnels

Content filtering (CF 2.0)

Amazon VPC

*2

Device HA Pro - Ye s

Hotspot Management

*1

Facebook WiFi Yes Ye s Ye s Ye s Ye s

*1: With Zyxel service license to enable or extend the feature capacity
*2: ZyWALL/USG still be able to support by CLIs

10 100 300 1,000 3,000

*1

Ye s Ye s Ye s Ye s Ye s

Ye s Ye s Ye s Ye s Ye s

*1

Ye s

*1

Activate once
registered

- Ye s Ye s Ye s Ye s

Activate once
registered

Subscription Services

The Zyxel VPN Firewall Series provides a complete feature set to perfectly fit different business requirements as well as
to enable the maximum performance and security with an all-in-one appliance. Comprehensive network modularity also
empowers IT professionals to customize the system to meet their individual needs.

Notes:

1. USG20(W)-VPN provides Anti-Spam & Content Filtering only

2. Hotspot Management supports for ZyWALL 110, USG110, or above in firmware ZLD4.25 or later.

Anti-Virus Anti-Spam Intrusion Detection

& Prevention

Application Patrol Content Filtering 2.0

Hotspot

Management

Device HA Pro

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 3

Key Applications

VPN application

• High-speed, high-security communications between local
servers, remote devices and cloud-hosted applications
with deployments of the ZyWALL Firewalls.

• Secure, reliable VPN connectivity with IPSec VPN load
balancing and failover features delivers high-availability
services for exceptional uptime.

• Easy-to-use, secure remote access via SSL, IPSec and
L2TP over IPSec VPN.

• The headquarter ZyWALL Series can also establish an
IPSec VPN connection with Amazon VPC for secured
access to leverage the benefits of cloud-base and to
expend on premise networks that extend into the cloud
center.

Amazon VPC

Branch

Office

Headquarters

ZyWALL 110

VPN Firewall

IPSec VPN Client

for Windows OS

Travelling
Employee

SSL VPN Client for

Windows/Mac OS

Travelling
Employee

IPSec VPN HA

IPSec VPN

IPSec VPN

SSL VPN

Travelling
Employee

ZyWALL 1100

VPN Firewall

IPSec VPN

L2TP over
IPSec VPN

USG20W-VPN

VPN Firewall

Hotspot management

• High speed internet access

• Tier of service

• Log record for regulatory compliance

• Premium security control

• Various Network access control (free or paid access,
social login)

*: Hotspot Management supports for ZyWALL 110, USG110, or above in

firmware ZLD4.25 or later.

Remote

Desktop

System

IPSec VPN

In-House
Staff

Network

Extend

BI

Web

Apps

Inventory

Server

OA, ERP,

CRM System

DMZ Resources

ZyWALL 310

VPN Firewall

SP350E

Service

Gateway

Printer

Access

Point

Login Login

Guest Network Staff Network

Hotspot Management

File

Sharing

Email

Server

Partner Office

Switch

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

4

Specifications

Model ZyWALL 110 ZyWALL 310 ZyWALL 1100 USG20-VPN USG20W-VPN

Product photo

Hardware Specifications

Interfaces 4 x LAN/DMZ,

2 x WAN, 1 x OPT

USB ports 2 2 2 1 1

Console port Yes (DB9) Yes (DB9) Yes (DB9) Yes (RJ-45) Yes (RJ-45)

Rack-mountable Ye s Yes Yes - -

System Capacity & Performance

SPI firewall throughput
(Mbps)

VPN throughput (Mbps)

*2

*3

Max. TCP concurrent sessions

Max. concurrent IPSec VPN
tunnels

*5

Concurrent SSL VPN users
(default/max.)

*6

*1

1,600 5,000 6,000 350 350

400 650 800 90 90

*4

150,000 500,000 1,000,000 20,000 20,000

100 300 1,000 10 10

25/150 50/150 250/500 5/15 5/15

VLAN interface 16 64 128 8 8

Concurrent devices logins
(default/max.)

*6*7

200/300 500/800 800/1,500 64 64

WLAN Management

Managed AP number
(default/max.)

*6

2/34 2/34 2/130 - -

Security Service

Anti-virus (AV)

Intrusion Detection and

*6

Ye s Ye s Yes - -

Ye s Ye s Yes - -

Prevention (IDP) & Application

*6

Patrol

Anti-spam

*6

Content filtering (CF 2.0)

*6*8

Ye s Ye s Yes Ye s Yes

Ye s Ye s Yes Ye s Yes

Key Features

VPN IKEv2, IPSec,

SSL, L2TP/IPSec

SSL (HTTPS) Inspection Yes Yes Ye s - -

EZ Mode - - - Ye s Yes

Hotspot Management

Ticket printer support

*6

*9

Ye s Ye s Yes - -

/

Yes (SP350E)/10 Yes (SP350E)/10 Yes (SP350E)/10 - -

Support Q'ty (max.)

Amazon VPC Ye s Ye s Yes Ye s Yes

Facebook WiFi Ye s Ye s Yes Ye s Yes

Device HA Pro Ye s

*6

Link Aggregation (LAG) - Ye s Yes - -

8 (Configurable) 8 (Configurable) 4 x LAN/DMZ,

1 x WAN, 1 x SFP

IKEv2, IPSec,
SSL, L2TP/IPSec

*6

Ye s

IKEv2, IPSec,
SSL, L2TP/IPSec

Ye s

IKEv2, IPSec,
SSL, L2TP/IPSec

- ­Activate once
registered

4 x LAN/DMZ,
1 x WAN, 1 x SFP

IKEv2, IPSec,
SSL, L2TP/IPSec

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 5

Model ZyWALL 110 ZyWALL 310 ZyWALL 1100 USG20-VPN USG20W-VPN

Power Requirements

Power input 12V DC,

3.33A max.

Max. power consumption

37 58.5 58.5 12 18

110 - 240V AC,
50/60 Hz,

1.3A max.

110 - 240V AC,
50/60 Hz,

1.3A max.

12V DC,

2.0A max.

12V DC,

2.0A max.

(watt)

Heat dissipation (BTU/hr) 126.25 199.61 199.61 40.92 61.38

Physical Specifications

Item Dimensions

(WxDxH)
(mm/in.)

Weight
(kg/lb.)

Packing Dimensions

(WxDxH)
(mm/in.)

Weight

300 x 188 x 44/

11.81 x 7.4
x 1.73

430 x 250 x 44/

16.93 x 9.84
x 1.73

430 x 250 x 44/

16.93 x 9.84
x 1.73

216 x 143 x 33/

8.50 x 5.63
x 1.30

2/4.41 3.3/7.28 3.3/7.28 0.88/1.94 0.94/2.06

351 x 152 x 245/

13.82 x 5.98
x 9.65

519 x 392 x 163/

20.43 x 15.43
x 6.42

519 x 392 x 163/

20.43 x 15.43
x 6.42

276 x 185 x 98/

10.87 x 7.28
x 3.86

2.83/6.24 4.74/10.45 4.74/10.45 1.41/3.11 1.50/3.31

216 x 143 x 33/

8.50 x 5.63
x 1.30

(Antenna included)

276 x 185 x 98/

10.87 x 7.28
x 3.86

(kg/lb.)

Included accessories • Power adaptor

• Power cord

• Rack mounting
kit

• Power cord

• Rack mounting
kit

• Power cord

• Rack mounting
kit

• Power adapter

• RJ-45 ­RS-232 cable
for console
connection

• Power adapter

• RJ-45 ­RS-232 cable
for console
connection

• Antenna

Environmental Specifications

Operating
environment

Storage
environment

Temperature 0°C to 40°C/

32°F to 104°F

Humidify 10% to 90%

(non-condensing)

Temperature -30°C to 70°C/

-22°F to 158°F

Humidify 10% to 90%

(non-condensing)

0°C to 40°C/
32°F to 104°F

10% to 90%
(non-condensing)

-30°C to 70°C/

-22°F to 158°F

10% to 90%
(non-condensing)

0°C to 40°C/
32°F to 104°F

10% to 90%
(non-condensing)

-30°C to 70°C/

-22°F to 158°F

10% to 90%
(non-condensing)

0°C to 40°C/
32°F to 104°F

10% to 90%
(non-condensing)

-30°C to 70°C/

-22°F to 158°F

10% to 90%
(non-condensing)

0°C to 40°C/
32°F to 104°F

10% to 90%
(non-condensing)

-30°C to 70°C/

-22°F to 158°F

10% to 90%
(non-condensing)

MTBF (hr) 787109.3 560811.5 560811.5 44000 44000

Certifications

EMC FCC Part 15

(Class A), CE EMC
(Class A), C-Tick
(Class A), BSMI

Safety LVD (EN60950-1),

BSMI

Note:
*: This matrix with firmware ZLD4.31 or later.
*1: Actual performance may vary depending on network conditions and activated applications.
*2: Maximum throughput based on RFC 2544 (1,518-byte UDP packets).
*3: VPN throughput measured based on RFC 2544 (1,424-byte UDP packets).
*4: Maximum sessions measured using the industry standard IXIA IxLoad testing tool
*5: Including Gateway-to-Gateway and Client-to-Gateway.
*6: With Zyxel service license to enable or extend the feature capacity.
*7: This is the recommend maximum number of concurrent logged-in devices.
*8: SafeSearch function in CF2.0 need to enable SSL inspection firstly and not for small business models.
*9: With Hotspot Management license support.

FCC Part 15
(Class A), CE EMC
(Class A), C-Tick
(Class A), BSMI

LVD (EN60950-1),
BSMI

FCC Part 15
(Class A), CE EMC
(Class A), C-Tick
(Class A), BSMI

LVD (EN60950-1),
BSMI

FCC Part 15
(Class B), IC, CE
EMC (Class B),
RCM, BSMI

BSMI, UL BSMI, UL

FCC Part 15
(Class B), IC, CE
EMC (Class B),
RCM, BSMI

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 6

Wireless Specifications

Model USG20W-VPN

Standard compliance 802.11 a/b/g/n/ac

Wireless frequency 2.4 GHz/5 GHz

Radio 1

SSID number 8

Maximum transmit power

(Max. total channel)

No. of antenna 3 detachable antennas

Antenna gain • 2 dBi @2.4 GHz

Data rate • 802.11n: Up to 450 Mbps

Frequency band 2.4 GHz (IEEE 802.11 b/g/n):

Receive sensitivity 2.4 GHz:

US (FCC) 2.4 GHz: 25 dBm, 3 antennas

US (FCC) 5 GHz: 25 dBm, 3 antennas

EU (ETSI) 2.4 GHz: 20 dBm (EIRP), 3 antennas

EU (ETSI) 5 GHz: 20 dBm (EIRP), 3 antennas

• 3 dBi @5 GHz

• 820.11ac: Up to 1300 Mbps

• USA (FCC): 2.412 to 2.462 GHz

• Europe (ETSI): 2.412 to 2.472 GHz

• TWN (NCC): 2.412 to 2.462 GHz

• 11 Mbps ≤ -87 dBm

• 54 Mbps ≤ -77 dBm

• HT20 ≤ -71 dBm

• HT40 ≤ -68 dBm

5 GHz (IEEE 802.11 a/n/ac):

• USA (FCC): 5.150 to 5.250 GHz; 5.250 to 5.350 GHz;

5.470 to 5.725 GHz; 5.725 to 5.850 GHz

• Europe (ETSI): 5.15 to 5.35 GHz; 5.470 to 5.725 GHz

• TWN (NCC): 5.15 to 5.25 GHz; 5.25 to 5.35 GHz;

5.470 to 5.725 GHz; 5.725 to 5.850 GHz

5 GHz:

• 54 Mbps ≤ -74 dBm

• HT40, MCS23 ≤ -68 dBm

• VHT40, MCS9 ≤ -62 dBm

• HT20, MCS23 ≤ -71 dBm

• VHT20, MCS8 ≤ -66 dBm

• VHT80, MCS9 ≤ -59 dBm

Features Set

Software Features

Firewall

• ICSA-certified corporate firewall
(ongoing)

• Routing and transparent (bridge)
modes

• Stateful packet inspection

• User-aware policy enforcement

• SIP/H.323 NAT traversal

• ALG support for customized ports

• Protocol anomaly detection and
protection

• Traffic anomaly detection and
protection

• Flooding detection and protection

• DoS/DDoS protection

IPv6 Support

• Dual stack

• IPv4 tunneling (6rd and 6to4
transition tunnel)

• IPv6 addressing

• DNS

• DHCPv6

• Bridge

• VLAN

• PPPoE

• Static routing

• Policy routing

• Session control

• Firewall and ADP

• IPSec VPN

• IDP

• Application Patrol

• Content Filtering 2.0

• Anti-Virus, Anti-Malware

• Anti-Spam

IPSec VPN

• Encryption: AES (256-bit), 3DES and
DES

• Authentication: SHA-2 (512-bit), SHA-1
and MD5

• Support route-based VPN Tunnel
Interface (VTI)

• Key management: manual key, IKEv1
and IKEv2 with EAP

• Perfect forward secrecy (DH groups)
support 1, 2, 5, 14

• IPSec NAT traversal

• Dead peer detection and relay
detection

• PKI (X.509) certificate support

• VPN concentrator

• Simple wizard support

• VPN auto-reconnection

• VPN High Availability (HA): load­balancing and failover

• L2TP over IPSec

• GRE and GRE over IPSec

• NAT over IPSec

• Zyxel VPN client provisioning

• Support iOS L2TP/IKE/IKEv2 VPN
Client provision

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

7

SSL VPN

• Supports Windows and Mac OS X

• Supports full tunnel mode

• Supports 2-step authentication

• HTTP, FTP, SMTP, POP3 and IMAP4
protocol support

• Automatic signature updates

• No file size limitation

• Customizable user portal

Networking

• Routing mode, bridge mode and
hybrid mode

• Ethernet and PPPoE

• NAT and PAT

• VLAN tagging (802.1Q)

• Virtual interface (alias interface)

• Policy-based routing (user-aware)

• Policy-based NAT (SNAT)

• Dynamic routing (RIPv1/v2 and OSPF)

• DHCP client/server/relay

• Dynamic DNS support

• WAN trunk for more than 2 ports

• Per host session limit

• Guaranteed bandwidth

• Maximum bandwidth

• Priority-bandwidth utilization

• Bandwidth limit per user

• Bandwidth limit per IP

• GRE

• BGP

WLAN Management
(ZyWALL Series support only)

• Support AP controller version 3.00

• Wireless L2 isolation

• Supports auto AP FW update

• Scheduled WiFi service

• Dynamic Channel Selection (DCS)

• Client steering for 5GHz priority and
sticky client prevention

• Auto healing provides a stable and
reliable coverage

• IEEE 802.1x authentication

• Captive portal Web authentication

• Customizable captive portal page

• RADIUS authentication

• WiFi Multimedia (WMM) wireless QoS

• CAPWAP discovery protocol

• Multiple SSID with VLAN

• Supports ZyMesh

• Support AP forward compatibility

Authentication

• Local user database

• Built-in user database

• Microsoft Windows Active Directory
integration

• External LDAP/RADIUS user
database

• XAUTH, IKEv2 with EAP VPN
authentication

• Web-based authentication

• Forced user authentication
(transparent authentication)

• IP-MAC address binding

• SSO (Single Sign-On) support

Logging/Monitoring

• Comprehensive local logging

• Syslog (send to up to 4 servers)

• E-mail alert (send to up to 2 servers)

• Real-Time traffic monitoring

• System status monitoring

• Built-in daily report

• Advanced reporting (Vantage
Report)

System Management

• Role-based administration

• Multiple administrator logins

• Supports Cloud Helper

• Multi-lingual Web GUI (HTTPS and
HTTP)

• Command line interface (console,
Web console, SSH and telnet)

• SNMP v1, v2c, v3

• System configuration rollback

• Firmware upgrade via FTP, FTP-TLS
and Web GUI

• Dual firmware images

• Cloud CNM SecuManager

Zyxel One Network

• ZON Utility

■

IP configuration

■

Web GUI access

■

Firmware upgrade

■

Password configuration

• Smart Connect

■

Location and System Name

update

■

Discover neighboring devices

■

One-click remote management

access to the neihboring Zyxel

devices

Hotspot Management

• ZyWALL 110, ZyWALL 310, and
ZyWALL 1100 support only

• Integrated account generator, Web­based authentication portal and
billing system

• Supports external RADIUS servers

• Per account bandwidth
management

• User agreement login

• SP350E Service Gateway Printer
enables oneclick account and billing
generation

• Built-in billing system

■

Time-to-finish accounting mode

■

Accumulation accounting mode

• Supports PayPal online payment

• Marketing tool

■

Advertisement link

■

Walled garden

■

Portal page

• Billing Replenish

Device High Availability Pro (HA Pro)

• ZyWALL Series support only

• Device failure detection and
notification

• Supports ICMP and TCP ping check

• Link monitoring

• Configuration auto-sync

• Dedicated Heartbeat Link

• Smart handover

• NAT/Firewall/VPN Sessions
synchronization

Subscription Services

• Anti-Virus

• Application Patrol & IDP

• Content Filtering 2.0

• Anti-Spam

• Hotspot Management

• Managed AP

• Device HA Pro

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 8

Services

VPN Service

Product SSL VPN Tunnels SSL VPN Client

ZyWALL 110
ZyWALL 310

Add 5/10/50
tunnels

For 1/5/10 client(s) For 1/5/10/50

*1

IPSec VPN Client

client(s)

ZyWALL 1100

USG20-VPN
USG20W-VPN

*1: Support OS: MAC OS 10.7 or later

Add 5/10 tunnels For 1/5/10 client(s) For 1/5/10/50

client(s)

Security

Product Anti-Virus Application Patrol

& IDP

ZyWALL 110

1 year/2 years 1 year/2 years 1 year/2 years 1 year/2 years

ZyWALL 310
ZyWALL 1100

USG20-VPN

- - 1 year/2 years 1 year/2 years

USG20W-VPN

Notes:

1. Licenses can be easily activated, renewed and managed at myZyxel.

2. License bundles may vary according to region. Please contact your local sales representative for more information.

3. ZyWALL Series provides all security services with 30-day trial.

4. USG20(W)-VPN provide Content Filtering 2.0 and Anti-Spam services with 30-day trial.

Content Filtering

2.0

Anti-Spam

Connectivity Solution

Product Concurrent Device

Upgrade

*1

ZyWALL 110 100 nodes 1 year/

Hotspot
Management

*2

Managed APs Device HA Pro

Add 2/4/8 APs One-Time For 1/5/25/100

One-Time

ZyWALL 310 100/300 nodes 1 year/

Add 2/4/8 APs One-Time For 1/5/25/100

One-Time

ZyWALL 1100 100/300 nodes 1 year/

One-Time

Add 2/4/8/64 APs Activate once

registered

USG20-VPN - - - - For 1/5/25/100

USG20W-VPN - - - - For 1/5/25/100

*1: With firmware ZLD4.20 or later
*2: Hotspot Management supports for ZyWALL 310 and ZyWALL 1100 in firmware ZLD4.20 or later; and for ZyWALL 110 in firmware ZLD4.25 or later.

*1

Vantage Report

device(s)

device(s)

For 1/5/25/100
device(s)

device(s)

device(s)

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

9

Access Point Compatibility List

Product Unified AP Unified Pro AP

Models • NWA5121-NI

• NWA5121-N

• NWA5123-NI

• NWA5301-NJ

Functions

Central management Ye s Ye s

Auto provisioning Ye s Ye s

Data forwarding Local bridge Local bridge/Data tunnel

ZyMesh Yes Yes

*: From APC3.0, commercial gateways supporting APC technology are able to recognize APs with FW release higher than APC3.0 as Forward Compatible APs.

Resellers can introduce newly-available Zyxel APs with basic features supported without upgrading any new controller firmware.

• NWA5123-AC

• WAC5302D-S

• Forward Compatible APs*

• WAC6502D-E

• WAC6502D-S

• WAC6503D-S

• WAC6553D-E

• WAC6103D-I

• Forward Compatible APs*

Accessories

SecuExtender Software

Item Description Supported OS

IPSec VPN Client* IPSec VPN client software for the ZyWALL

and USG Series with Easy VPN for zero­configuration remote access

SSL VPN Client* Secured VPN connection between PC/MAC

and ZyWALL Firewall

*: A 30-day trial version of IPSec VPN client and SSL VPN client for MAC OS can be downloaded from official Zyxel website. To continue using the application,

please contact your regional sales representatives and purchase a commercial license for the application.

• Windows XP (32-bit)

• Windows Server 2003 (32-bit)

• Windows Server 2008 (32/64-bit)

• Windows Vista (32/64-bit)

• Windows 7 (32/64-bit)

• Windows 8 (32/64-bit)

• Windows 10 (32/64-bit)

• Windows XP

• Windows 7 (32/64-bit)

• Windows 8/8.1 (32/64-bit)

• Windows 10 (32/64-bit)

• MAC OS 10.7 or later

Service Gateway Printer

Model Feature Supported model

SP350E • Buttons: 3

• Paper roll width: 58 (+0/-1) mm

• Interface: 10/100 Mbps RJ-45 port

• Power input: 12V DC, 5A max.

• Item dimensions (WxDxH):
176 x 111 x 114 mm (6.93" x 4.37" x 4.49")

• Item weight: 0.8 kg (1.76 lb.)

Note: Hotspot management licenses required

• VPN100

• VPN300

• ZyWALL 110

• ZyWALL 310

• ZyWALL 1100

• USG110

• USG210

• USG310

• USG1100

• USG1900

• USG2200-VPN

• UAG2100

• UAG4100

Transceivers (Optional)

Applied Products Model Speed Connector Wavelength Max. Distance DDMI

VPN50/100/300
USG20-VPN/20W-VPN/2200-VPN

*: Only USG2200-VPN supports 10-Gigabit SFP+

SFP10G-SR* 10-Gigabit SFP+ Duplex LC 850 nm 300m (328 yd) Ye s

SFP10G-LR* 10-Gigabit SFP+ Duplex LC 1310 nm 10 km (10936 yd) Ye s

SFP-1000T Gigabit RJ-45 - 100m (109 yd) -

SFP-LX-10-D Gigabit LC 1310 nm 10 km (10936 yd) -

SFP-SX-D Gigabit LC 850 nm 550m (601 yd) -

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 10

Note

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

11

For more product information, visit us on the web at www.zyxel.com

Copyright © 2018 Zyxel Communications Corp. All rights reserved. Zyxel, Zyxel logo are registered
trademarks of Zyxel Communications Corp. All other brands, product names, or trademarks mentioned
are the property of their respective owners. All specifications are subject to change without notice.

Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN

5-100-00818008 04/18