User Guide
Page 2
... and package contents list. • CLI Reference Guide The CLI Reference Guide explains how to use the Web Configurator to configure the ZyWALL. READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Related Documentation • Quick Start Guide The Quick Start Guid shows ...how to connect the ZyWALL and access the Web Configurator wizards. (See the wizard real time help in Windows 7 Video Example 85 Bandwidth Management Video Example 100 AppPatrol Video Example 117 2 ZyWALL USG100-PLUS User's Guide Videos IMPORTANT!
... and package contents list. • CLI Reference Guide The CLI Reference Guide explains how to use the Web Configurator to configure the ZyWALL. READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Related Documentation • Quick Start Guide The Quick Start Guid shows ...how to connect the ZyWALL and access the Web Configurator wizards. (See the wizard real time help in Windows 7 Video Example 85 Bandwidth Management Video Example 100 AppPatrol Video Example 117 2 ZyWALL USG100-PLUS User's Guide Videos IMPORTANT!
User Guide
Page 3
...Contents Introduction ...5 1.1 Overview ...5 1.2 Default Zones, Interfaces, and Ports 7 1.3 Management Overview ...7 1.4 Web Configurator ...8 1.5 Stopping the ZyWALL ...19 1.6 Rack-mounting ...19 1.7 Front Panel ...20 How to Set Up Your Network ...21 2.1 Wizard Overview ...21 2.2 How ...Secure Connections Across the Internet 63 4.1 IPSec VPN ...63 4.2 VPN Concentrator Example ...65 4.3 Hub-and-spoke IPSec VPN Without VPN Concentrator 67 4.4 ZyWALL IPSec VPN Client Configuration Provisioning 69 4.5 SSL VPN ...73 4.6 L2TP VPN with Android, iOS, and Windows 75 4.7 One-Time Password Version 2...
...Contents Introduction ...5 1.1 Overview ...5 1.2 Default Zones, Interfaces, and Ports 7 1.3 Management Overview ...7 1.4 Web Configurator ...8 1.5 Stopping the ZyWALL ...19 1.6 Rack-mounting ...19 1.7 Front Panel ...20 How to Set Up Your Network ...21 2.1 Wizard Overview ...21 2.2 How ...Secure Connections Across the Internet 63 4.1 IPSec VPN ...63 4.2 VPN Concentrator Example ...65 4.3 Hub-and-spoke IPSec VPN Without VPN Concentrator 67 4.4 ZyWALL IPSec VPN Client Configuration Provisioning 69 4.5 SSL VPN ...73 4.6 L2TP VPN with Android, iOS, and Windows 75 4.7 One-Time Password Version 2...
User Guide
Page 4
... Configure Bandwidth Management 93 5.2 How to Configure a Trunk for WAN Load Balancing 100 5.3 How to Use Multiple Static Public WAN IP Addresses for LAN-to-WAN ... on Groups 122 6.3 How to Use SSH for Secure Telnet Access 123 6.4 How to Manage ZyWALL Configuration Files 124 6.5 How to Manage ZyWALL Firmware 125 6.6 How to Download and Upload a Shell Script 126 6.7 How to Save System ...Logs to a USB Storage Device 127 6.8 How to Get the ZyWALL's Diagnostic File 130 6.9 How to Capture Packets on the ZyWALL 131 6.10 How to Get the ZyWALL's Core Dump File 134 6.11 How to Use Packet Flow ...
... Configure Bandwidth Management 93 5.2 How to Configure a Trunk for WAN Load Balancing 100 5.3 How to Use Multiple Static Public WAN IP Addresses for LAN-to-WAN ... on Groups 122 6.3 How to Use SSH for Secure Telnet Access 123 6.4 How to Manage ZyWALL Configuration Files 124 6.5 How to Manage ZyWALL Firmware 125 6.6 How to Download and Upload a Shell Script 126 6.7 How to Save System ...Logs to a USB Storage Device 127 6.8 How to Get the ZyWALL's Diagnostic File 130 6.9 How to Capture Packets on the ZyWALL 131 6.10 How to Get the ZyWALL's Core Dump File 134 6.11 How to Use Packet Flow ...
User Guide
Page 5
Figure 1 Applications: Security Router IPv6 Routing The ZyWALL supports IPv6 Ethernet, PPP, VLAN, and bridge routing. The ZyWALL can also purchase the ZyWALL OTPv2 One-Time ZyWALL USG100-PLUS User's Guide 5 Figure 2 Applications: IPv6 Routing VPN Connectivity Set up ...different tunneling methods. You may also create IPv6 policy routes and IPv6 objects. CHAPTER 1 Introduction 1.1 Overview Here are some ZyWALL application scenarios. The following chapters have configuration tutorials. Security Router Security features include a stateful inspection firewall, intrusion, detection ...
Figure 1 Applications: Security Router IPv6 Routing The ZyWALL supports IPv6 Ethernet, PPP, VLAN, and bridge routing. The ZyWALL can also purchase the ZyWALL OTPv2 One-Time ZyWALL USG100-PLUS User's Guide 5 Figure 2 Applications: IPv6 Routing VPN Connectivity Set up ...different tunneling methods. You may also create IPv6 policy routes and IPv6 objects. CHAPTER 1 Introduction 1.1 Overview Here are some ZyWALL application scenarios. The following chapters have configuration tutorials. Security Router Security features include a stateful inspection firewall, intrusion, detection ...
User Guide
Page 6
... and gives him a private IP address in the same subnet as the local network so he can access network resources in and cannot access either. 6 ZyWALL USG100-PLUS User's Guide User B has a lower level of the internal network. Figure 4 SSL VPN With Full Tunnel Mode LAN (192.168.1.X) https:// Web... Web-based Application SSL VPN Network Access SSL VPN lets remote users use their web browsers for Web Configurator, Web access, SSL VPN, and ZyXEL IPSec VPN client user logins. User C is trying to sensitive information and shared resources based on the user who is not even logged in...
... and gives him a private IP address in the same subnet as the local network so he can access network resources in and cannot access either. 6 ZyWALL USG100-PLUS User's Guide User B has a lower level of the internal network. Figure 4 SSL VPN With Full Tunnel Mode LAN (192.168.1.X) https:// Web... Web-based Application SSL VPN Network Access SSL VPN lets remote users use their web browsers for Web Configurator, Web access, SSL VPN, and ZyXEL IPSec VPN client user logins. User C is trying to sensitive information and shared resources based on the user who is not even logged in...
User Guide
Page 7
...P3 P4 P5 P6 1.3 Management Overview You can balance the traffic loads between them. In either case, you can manage the ZyWALL in your model. Figure 6 Applications: Multiple WAN Interfaces 1.2 Default Zones, Interfaces, and Ports The default configurations for zones, interfaces, ...and ports are as follows. ZyWALL USG100-PLUS User's Guide 7 For example, this guide may be generic rather than "wan1" or "wan2". References to the Internet on the same ...
...P3 P4 P5 P6 1.3 Management Overview You can balance the traffic loads between them. In either case, you can manage the ZyWALL in your model. Figure 6 Applications: Multiple WAN Interfaces 1.2 Default Zones, Interfaces, and Ports The default configurations for zones, interfaces, ...and ports are as follows. ZyWALL USG100-PLUS User's Guide 7 For example, this guide may be generic rather than "wan1" or "wan2". References to the Internet on the same ...
User Guide
Page 8
... to be managed by default in Windows XP Service Pack 2) • Enable JavaScripts, Java permissions, and cookies The recommended screen resolution is 1024 x 768 pixels. 8 ZyWALL USG100-PLUS User's Guide This User's Guide provides information about the Web Configurator. Use the System > Vantage CNM screen to allow your...
... to be managed by default in Windows XP Service Pack 2) • Enable JavaScripts, Java permissions, and cookies The recommended screen resolution is 1024 x 768 pixels. 8 ZyWALL USG100-PLUS User's Guide This User's Guide provides information about the Web Configurator. Use the System > Vantage CNM screen to allow your...
User Guide
Page 9
... browser go to display the screen and click OK. 6 Follow the directions in the Update Admin Info screen. ZyWALL USG100-PLUS User's Guide 9 By default, the ZyWALL automatically routes this setting. You must use the token to keep this request to its default configuration; If you click... Ignore, the Installation Setup Wizard opens if the ZyWALL is only good for one login. otherwise the dashboard appears. Otherwise...
... browser go to display the screen and click OK. 6 Follow the directions in the Update Admin Info screen. ZyWALL USG100-PLUS User's Guide 9 By default, the ZyWALL automatically routes this setting. You must use the token to keep this request to its default configuration; If you click... Ignore, the Installation Setup Wizard opens if the ZyWALL is only good for one login. otherwise the dashboard appears. Otherwise...
User Guide
Page 10
After clicking play, you may need to confirm that you want to play again. 10 ZyWALL USG100-PLUS User's Guide Chapter 1 Introduction B C A 1.4.2 Web Configurator Introduction Video Use Adobe Reader 9 or later or a recent version of Foxit Reader to play the content and click play this video.
After clicking play, you may need to confirm that you want to play again. 10 ZyWALL USG100-PLUS User's Guide Chapter 1 Introduction B C A 1.4.2 Web Configurator Introduction Video Use Adobe Reader 9 or later or a recent version of Foxit Reader to play the content and click play this video.
User Guide
Page 11
... Click this to see an overview of the Web Configurator. Figure 10 Navigation Panel ZyWALL USG100-PLUS User's Guide 11 Help Click this to open a popup window that displays the CLI commands sent by the Web Configurator to the ZyWALL. 1.4.4 Navigation Panel Use the navigation panel menu items to open status and configuration...
... Click this to see an overview of the Web Configurator. Figure 10 Navigation Panel ZyWALL USG100-PLUS User's Guide 11 Help Click this to open a popup window that displays the CLI commands sent by the Web Configurator to the ZyWALL. 1.4.4 Navigation Panel Use the navigation panel menu items to open status and configuration...
User Guide
Page 12
...-Spam Report Collect and display spam statistics. Log Lists log entries. 12 ZyWALL USG100-PLUS User's Guide You can re-arrange to the ZyWALL. Status Displays how many mail sessions the ZyWALL is currently checking and DNSBL (Domain Name Service-based spam Black List)... details about USB device connected to suit your needs. Content Filter Report Collect and display content filter statistics Cache Manage the ZyWALL's URL cache. Chapter 1 Introduction Dashboard The dashboard displays general device information, system status, system resource usage, licensed service ...
...-Spam Report Collect and display spam statistics. Log Lists log entries. 12 ZyWALL USG100-PLUS User's Guide You can re-arrange to the ZyWALL. Status Displays how many mail sessions the ZyWALL is currently checking and DNSBL (Domain Name Service-based spam Black List)... details about USB device connected to suit your needs. Content Filter Report Collect and display content filter statistics Cache Manage the ZyWALL's URL cache. Chapter 1 Introduction Dashboard The dashboard displays general device information, system status, system resource usage, licensed service ...
User Guide
Page 13
... a schedule. Bridge Create and manage bridges and virtual bridge interfaces. Routing Policy Route Create and manage routing policies. Policy Define rules to configure the ZyWALL's features. VPN ZyWALL USG100-PLUS User's Guide 13 Signature Update Anti-Virus IDP/AppPatrol Update anti-virus signatures immediately or by a schedule. Cellular Configure a cellular Internet connection for...
... a schedule. Bridge Create and manage bridges and virtual bridge interfaces. Routing Policy Route Create and manage routing policies. Policy Define rules to configure the ZyWALL's features. VPN ZyWALL USG100-PLUS User's Guide 13 Signature Update Anti-Virus IDP/AppPatrol Update anti-virus signatures immediately or by a schedule. Cellular Configure a cellular Internet connection for...
User Guide
Page 14
... Concentrator Combine IPSec VPN connections into a single secure network Configuration Provisioning Set who can retrieve VPN rule settings from the ZyWALL using the ZyWALL IPSec VPN Client. Forbidden Web Sites Create a list of virus file patterns. Black/White List Set up anti-virus ...Manage streaming traffic. Profile Create and manage IDP profiles. Content Filter General Create and manage content filter policies. Object 14 ZyWALL USG100-PLUS User's Guide Filter Profile Create and manage the detailed filtering rules for users and groups. Peer to Peer Manage peer-to...
... Concentrator Combine IPSec VPN connections into a single secure network Configuration Provisioning Set who can retrieve VPN rule settings from the ZyWALL using the ZyWALL IPSec VPN Client. Forbidden Web Sites Create a list of virus file patterns. Black/White List Set up anti-virus ...Manage streaming traffic. Profile Create and manage IDP profiles. Content Filter General Create and manage content filter policies. Object 14 ZyWALL USG100-PLUS User's Guide Filter Profile Create and manage the detailed filtering rules for users and groups. Peer to Peer Manage peer-to...
User Guide
Page 15
...DNS server and address records for the ZyWALL. TELNET Configure telnet server settings for the ZyWALL. Language Select the Web Configurator language....the current date, time, and time zone in the ZyWALL. Log & Report Email Daily Report Configure where and how... Storage Settings Configure the settings for the ZyWALL. IPv6 Enable IPv6 globally on the ZyWALL here. Auth. RADIUS Configure the RADIUS ... groups of services. Certificate My Certificates Create and manage the ZyWALL's certificates. ISP Account ISP Account Create and manage ISP account...
...DNS server and address records for the ZyWALL. TELNET Configure telnet server settings for the ZyWALL. Language Select the Web Configurator language....the current date, time, and time zone in the ZyWALL. Log & Report Email Daily Report Configure where and how... Storage Settings Configure the settings for the ZyWALL. IPv6 Enable IPv6 globally on the ZyWALL here. Auth. RADIUS Configure the RADIUS ... groups of services. Certificate My Certificates Create and manage the ZyWALL's certificates. ISP Account ISP Account Create and manage ISP account...
User Guide
Page 16
... kernel to it here. Shutdown Turn off the ZyWALL. 1.4.5 Tables and Lists Web Configurator tables and lists are some examples of fields in groups • Filter by mathematical operators (, or =) or searching for text 16 ZyWALL USG100-PLUS User's Guide Figure 11 Sorting Table Entries by ...field • Show entries in the column. System Log Connect a USB device to the ZyWALL and archive the ZyWALL system logs to it here. Here are flexible with several...
... kernel to it here. Shutdown Turn off the ZyWALL. 1.4.5 Tables and Lists Web Configurator tables and lists are some examples of fields in groups • Filter by mathematical operators (, or =) or searching for text 16 ZyWALL USG100-PLUS User's Guide Figure 11 Sorting Table Entries by ...field • Show entries in the column. System Log Connect a USB device to the ZyWALL and archive the ZyWALL system logs to it here. Here are flexible with several...
User Guide
Page 17
... the column order. Figure 14 Moving Columns Use the icons and fields at the bottom of the table to navigate to re-size the column. ZyWALL USG100-PLUS User's Guide 17 Figure 12 Common Table Column Options Chapter 1 Introduction Select a column heading cell's right border and drag to different pages of entries...
... the column order. Figure 14 Moving Columns Use the icons and fields at the bottom of the table to navigate to re-size the column. ZyWALL USG100-PLUS User's Guide 17 Figure 12 Common Table Column Options Chapter 1 Introduction Select a column heading cell's right border and drag to different pages of entries...
User Guide
Page 18
... it and click Move to display a field to type a number for table entries with Lists 18 ZyWALL USG100-PLUS User's Guide Remove To remove an entry, select it and click Connect. The ZyWALL confirms you want to put that you have not yet applied. Activate To turn off an entry, ... 1 Introduction Figure 16 Common Table Icons Here are moving becomes number 6 and the previous entry 6 (if there is important (features where the ZyWALL applies the table's entries in order like the firewall for the most common table icons. For features where the entry's position in the numbered list...
... it and click Move to display a field to type a number for table entries with Lists 18 ZyWALL USG100-PLUS User's Guide Remove To remove an entry, select it and click Connect. The ZyWALL confirms you want to put that you have not yet applied. Activate To turn off an entry, ... 1 Introduction Figure 16 Common Table Icons Here are moving becomes number 6 and the previous entry 6 (if there is important (features where the ZyWALL applies the table's entries in order like the firewall for the most common table icons. For features where the entry's position in the numbered list...
User Guide
Page 19
...: Failure to install the screws. Use a #2 Phillips screwdriver to use Maintenance > Shutdown > Shutdown or the shutdown command before installing the unit. ZyWALL USG100-PLUS User's Guide 19 Chapter 1 Introduction 1.5 Stopping the ZyWALL Always use the proper screws may damage the unit. 1 Align one bracket with the holes on an EIA standard size, 19...
...: Failure to install the screws. Use a #2 Phillips screwdriver to use Maintenance > Shutdown > Shutdown or the shutdown command before installing the unit. ZyWALL USG100-PLUS User's Guide 19 Chapter 1 Introduction 1.5 Stopping the ZyWALL Always use the proper screws may damage the unit. 1 Align one bracket with the holes on an EIA standard size, 19...
User Guide
Page 20
...USB port. A 3G USB card or USB storage device is sending or receiving packets on this port. The ZyWALL is a hardware component failure. This port has a successful link. 20 ZyWALL USG100-PLUS User's Guide Table 7 Front Panel LEDs LED COLOR STATUS PWR Off Green On Red On SYS 1, 2... ... There is sending or receiving packets on . Connected to the ZyWALL's USB port or the connected device is turned off....
...USB port. A 3G USB card or USB storage device is sending or receiving packets on this port. The ZyWALL is a hardware component failure. This port has a successful link. 20 ZyWALL USG100-PLUS User's Guide Table 7 Front Panel LEDs LED COLOR STATUS PWR Off Green On Red On SYS 1, 2... ... There is sending or receiving packets on . Connected to the ZyWALL's USB port or the connected device is turned off....
User Guide
Page 21
...quickly configure an IPSec VPN or IPSec VPN configuration provisioning. After you complete a wizard, you can find the following example configuration. ZyWALL USG100-PLUS User's Guide 21 CHAPTER 2 How to Set Up Your Network Here are examples of individual screens, see Section 1.4 on page 8 ... to Configure Interfaces, Port Roles, and Zones This tutorial shows how to configure WAN connections and register your network in the ZyWALL. WIZARD Installation Setup Wizard Quick Setup WAN Interface VPN Setup DESCRIPTION Use this wizard the first time log into the Web Configurator...
...quickly configure an IPSec VPN or IPSec VPN configuration provisioning. After you complete a wizard, you can find the following example configuration. ZyWALL USG100-PLUS User's Guide 21 CHAPTER 2 How to Set Up Your Network Here are examples of individual screens, see Section 1.4 on page 8 ... to Configure Interfaces, Port Roles, and Zones This tutorial shows how to configure WAN connections and register your network in the ZyWALL. WIZARD Installation Setup Wizard Quick Setup WAN Interface VPN Setup DESCRIPTION Use this wizard the first time log into the Web Configurator...