User Guide
Page 2
...to use the Web Configurator to connect the ZyWALL and access the Web Configurator wizards. (See the wizard real time help in Windows 7 Video Example 85 Bandwidth Management Video Example 100 AppPatrol Video Example 117 2 ZyWALL USG100-PLUS User's Guide Related Documentation • Quick ...Start Guide The Quick Start Guid shows how to configure the ZyWALL. • Web Configurator Online Help Click the help icon...
...to use the Web Configurator to connect the ZyWALL and access the Web Configurator wizards. (See the wizard real time help in Windows 7 Video Example 85 Bandwidth Management Video Example 100 AppPatrol Video Example 117 2 ZyWALL USG100-PLUS User's Guide Related Documentation • Quick ...Start Guide The Quick Start Guid shows how to configure the ZyWALL. • Web Configurator Online Help Click the help icon...
User Guide
Page 3
...Contents Introduction ...5 1.1 Overview ...5 1.2 Default Zones, Interfaces, and Ports 7 1.3 Management Overview ...7 1.4 Web Configurator ...8 1.5 Stopping the ZyWALL ...19 1.6 Rack-mounting ...19 1.7 Front Panel ...20 How to Set Up Your Network ...21 2.1 Wizard Overview ...21 2.2 How ...Secure Connections Across the Internet 63 4.1 IPSec VPN ...63 4.2 VPN Concentrator Example ...65 4.3 Hub-and-spoke IPSec VPN Without VPN Concentrator 67 4.4 ZyWALL IPSec VPN Client Configuration Provisioning 69 4.5 SSL VPN ...73 4.6 L2TP VPN with Android, iOS, and Windows 75 4.7 One-Time Password Version 2...
...Contents Introduction ...5 1.1 Overview ...5 1.2 Default Zones, Interfaces, and Ports 7 1.3 Management Overview ...7 1.4 Web Configurator ...8 1.5 Stopping the ZyWALL ...19 1.6 Rack-mounting ...19 1.7 Front Panel ...20 How to Set Up Your Network ...21 2.1 Wizard Overview ...21 2.2 How ...Secure Connections Across the Internet 63 4.1 IPSec VPN ...63 4.2 VPN Concentrator Example ...65 4.3 Hub-and-spoke IPSec VPN Without VPN Concentrator 67 4.4 ZyWALL IPSec VPN Client Configuration Provisioning 69 4.5 SSL VPN ...73 4.6 L2TP VPN with Android, iOS, and Windows 75 4.7 One-Time Password Version 2...
User Guide
Page 4
... Configure Bandwidth Management 93 5.2 How to Configure a Trunk for WAN Load Balancing 100 5.3 How to Use Multiple Static Public WAN IP Addresses for LAN-to-WAN ... on Groups 122 6.3 How to Use SSH for Secure Telnet Access 123 6.4 How to Manage ZyWALL Configuration Files 124 6.5 How to Manage ZyWALL Firmware 125 6.6 How to Download and Upload a Shell Script 126 6.7 How to Save System ...Logs to a USB Storage Device 127 6.8 How to Get the ZyWALL's Diagnostic File 130 6.9 How to Capture Packets on the ZyWALL 131 6.10 How to Get the ZyWALL's Core Dump File 134 6.11 How to Use Packet Flow ...
... Configure Bandwidth Management 93 5.2 How to Configure a Trunk for WAN Load Balancing 100 5.3 How to Use Multiple Static Public WAN IP Addresses for LAN-to-WAN ... on Groups 122 6.3 How to Use SSH for Secure Telnet Access 123 6.4 How to Manage ZyWALL Configuration Files 124 6.5 How to Manage ZyWALL Firmware 125 6.6 How to Download and Upload a Shell Script 126 6.7 How to Save System ...Logs to a USB Storage Device 127 6.8 How to Get the ZyWALL's Diagnostic File 130 6.9 How to Capture Packets on the ZyWALL 131 6.10 How to Get the ZyWALL's Core Dump File 134 6.11 How to Use Packet Flow ...
User Guide
Page 5
...have configuration tutorials. The ZyWALL can also purchase the ZyWALL OTPv2 One-Time ZyWALL USG100-PLUS User's Guide 5 You can also route IPv6 packets through IPv4 networks using different tunneling methods. Figure 1 Applications: Security Router IPv6 Routing The ZyWALL supports IPv6 Ethernet, PPP..., telecommuters, and business travelers to provide secure access to your network. CHAPTER 1 Introduction 1.1 Overview Here are some ZyWALL application scenarios. You may also create IPv6 policy routes and IPv6 objects. Security Router Security features include a stateful inspection...
...have configuration tutorials. The ZyWALL can also purchase the ZyWALL OTPv2 One-Time ZyWALL USG100-PLUS User's Guide 5 You can also route IPv6 packets through IPv4 networks using different tunneling methods. Figure 1 Applications: Security Router IPv6 Routing The ZyWALL supports IPv6 Ethernet, PPP..., telecommuters, and business travelers to provide secure access to your network. CHAPTER 1 Introduction 1.1 Overview Here are some ZyWALL application scenarios. You may also create IPv6 policy routes and IPv6 objects. Security Router Security features include a stateful inspection...
User Guide
Page 6
...User C is trying to sensitive information and shared resources based on the user who is not even logged in and cannot access either. 6 ZyWALL USG100-PLUS User's Guide Figure 4 SSL VPN With Full Tunnel Mode LAN (192.168.1.X) https:// Web Mail File Share Non-Web Web-based Application ...access the Internet. Here full tunnel mode creates a virtual connection for Web Configurator, Web access, SSL VPN, and ZyXEL IPSec VPN client user logins. A user just browses to the ZyWALL's web address and enters his user name and password to securely connect to -use their web browsers for a ...
...User C is trying to sensitive information and shared resources based on the user who is not even logged in and cannot access either. 6 ZyWALL USG100-PLUS User's Guide Figure 4 SSL VPN With Full Tunnel Mode LAN (192.168.1.X) https:// Web Mail File Share Non-Web Web-based Application ...access the Internet. Here full tunnel mode creates a virtual connection for Web Configurator, Web access, SSL VPN, and ZyXEL IPSec VPN client user logins. A user just browses to the ZyWALL's web address and enters his user name and password to securely connect to -use their web browsers for a ...
User Guide
Page 7
... 1.2 Default Zones, Interfaces, and Ports The default configurations for zones, interfaces, and ports are as follows. In either case, you can manage the ZyWALL in your model. ZyWALL USG100-PLUS User's Guide 7 Figure 7 Zones, Interfaces, and Physical Ethernet Ports Zones Interfaces WAN wan1 wan2 LAN1 LAN2 lan1 lan2 DMZ dmz Physical Ports P1...
... 1.2 Default Zones, Interfaces, and Ports The default configurations for zones, interfaces, and ports are as follows. In either case, you can manage the ZyWALL in your model. ZyWALL USG100-PLUS User's Guide 7 Figure 7 Zones, Interfaces, and Physical Ethernet Ports Zones Interfaces WAN wan1 wan2 LAN1 LAN2 lan1 lan2 DMZ dmz Physical Ports P1...
User Guide
Page 8
...management (for example, SSH or Telnet) or via the physical or Web Configurator console port. Figure 8 Managing the ZyWALL: Web Configurator Command-Line Interface (CLI) The CLI allows you must: • Use one of the following ... See the Vantage CNM User's Guide for CLI details. Use the System > Vantage CNM screen to allow your ZyWALL to use the Web Configurator, you to use text-based commands to manage multiple devices. See the Command Reference ...JavaScripts, Java permissions, and cookies The recommended screen resolution is 1024 x 768 pixels. 8 ZyWALL USG100-PLUS User's Guide
...management (for example, SSH or Telnet) or via the physical or Web Configurator console port. Figure 8 Managing the ZyWALL: Web Configurator Command-Line Interface (CLI) The CLI allows you must: • Use one of the following ... See the Vantage CNM User's Guide for CLI details. Use the System > Vantage CNM screen to allow your ZyWALL to use the Web Configurator, you to use text-based commands to manage multiple devices. See the Command Reference ...JavaScripts, Java permissions, and cookies The recommended screen resolution is 1024 x 768 pixels. 8 ZyWALL USG100-PLUS User's Guide
User Guide
Page 9
... click Apply. Chapter 1 Introduction 1.4.1 Web Configurator Access 1 Make sure your browser go to http://192.168.1.1. otherwise the dashboard appears. By default, the ZyWALL automatically routes this setting. ZyWALL USG100-PLUS User's Guide 9 If you logged in the One-Time Password field. If you have a OTP (One-Time Password) token generate a number and...
... click Apply. Chapter 1 Introduction 1.4.1 Web Configurator Access 1 Make sure your browser go to http://192.168.1.1. otherwise the dashboard appears. By default, the ZyWALL automatically routes this setting. ZyWALL USG100-PLUS User's Guide 9 If you logged in the One-Time Password field. If you have a OTP (One-Time Password) token generate a number and...
User Guide
Page 10
Chapter 1 Introduction B C A 1.4.2 Web Configurator Introduction Video Use Adobe Reader 9 or later or a recent version of Foxit Reader to play the content and click play this video. After clicking play, you may need to confirm that you want to play again. 10 ZyWALL USG100-PLUS User's Guide
Chapter 1 Introduction B C A 1.4.2 Web Configurator Introduction Video Use Adobe Reader 9 or later or a recent version of Foxit Reader to play the content and click play this video. After clicking play, you may need to confirm that you want to play again. 10 ZyWALL USG100-PLUS User's Guide
User Guide
Page 11
... in the middle of the right edge of the Web Configurator. You will be prompted to open status and configuration screens. Figure 10 Navigation Panel ZyWALL USG100-PLUS User's Guide 11 Chapter 1 Introduction 1.4.3 Web Configurator Screens Overview The Web Configurator screen is divided into these parts (as illustrated on page 9): • A - See...
... in the middle of the right edge of the Web Configurator. You will be prompted to open status and configuration screens. Figure 10 Navigation Panel ZyWALL USG100-PLUS User's Guide 11 Chapter 1 Introduction 1.4.3 Web Configurator Screens Overview The Web Configurator screen is divided into these parts (as illustrated on page 9): • A - See...
User Guide
Page 12
... Binding Lists the devices that the ZyWALL has detected. Cellular Status Displays details about USB device connected to suit your needs. SSL Lists users currently logged into the ZyWALL. Log Lists log entries. 12 ZyWALL USG100-PLUS User's Guide Content Filter Report Collect... and display content filter statistics Cache Manage the ZyWALL's URL cache. IDP Collect and display statistics on the ...
... Binding Lists the devices that the ZyWALL has detected. Cellular Status Displays details about USB device connected to suit your needs. SSL Lists users currently logged into the ZyWALL. Log Lists log entries. 12 ZyWALL USG100-PLUS User's Guide Content Filter Report Collect... and display content filter statistics Cache Manage the ZyWALL's URL cache. IDP Collect and display statistics on the ...
User Guide
Page 13
... signatures immediately or by a schedule. Cellular Configure a cellular Internet connection for load balancing. DDNS Profile Define and manage the ZyWALL's DDNS domain names. ALG Configure SIP, H.323, and FTP pass-through settings. Policy Define rules to define various policies... Interface Ethernet Manage Ethernet interfaces and virtual Ethernet interfaces. HTTP Redirect Set up and manage port forwarding rules. VPN ZyWALL USG100-PLUS User's Guide 13 Firewall Firewall Create and manage level-3 traffic rules. VLAN Create and manage VLAN interfaces and virtual...
... signatures immediately or by a schedule. Cellular Configure a cellular Internet connection for load balancing. DDNS Profile Define and manage the ZyWALL's DDNS domain names. ALG Configure SIP, H.323, and FTP pass-through settings. Policy Define rules to define various policies... Interface Ethernet Manage Ethernet interfaces and virtual Ethernet interfaces. HTTP Redirect Set up and manage port forwarding rules. VPN ZyWALL USG100-PLUS User's Guide 13 Firewall Firewall Create and manage level-3 traffic rules. VLAN Create and manage VLAN interfaces and virtual...
User Guide
Page 14
.... Custom Signatures Create, import, or export custom signatures. Anti-Spam General Turn anti-spam on or off and manage anti-spam policies. Object 14 ZyWALL USG100-PLUS User's Guide IM Manage instant messenger traffic. Mail Scan Configure e-mail scanning details. SSL VPN Access Privilege Configure SSL VPN access rights for users and...
.... Custom Signatures Create, import, or export custom signatures. Anti-Spam General Turn anti-spam on or off and manage anti-spam policies. Object 14 ZyWALL USG100-PLUS User's Guide IM Manage instant messenger traffic. Mail Scan Configure e-mail scanning details. SSL VPN Access Privilege Configure SSL VPN access rights for users and...
User Guide
Page 15
... and manage ways of users. Certificate My Certificates Create and manage the ZyWALL's certificates. Date/Time Configure the current date, time, and time zone in the ZyWALL. Language Select the Web Configurator language. IPv6 Enable IPv6 globally on the ZyWALL here. ZyWALL USG100-PLUS User's Guide 15 LDAP Configure the LDAP settings. Auth. Lease Configure...
... and manage ways of users. Certificate My Certificates Create and manage the ZyWALL's certificates. Date/Time Configure the current date, time, and time zone in the ZyWALL. Language Select the Web Configurator language. IPv6 Enable IPv6 globally on the ZyWALL here. ZyWALL USG100-PLUS User's Guide 15 LDAP Configure the LDAP settings. Auth. Lease Configure...
User Guide
Page 16
... Script Manage and run diagnostics, and reboot or shut down arrow next to a column heading for text 16 ZyWALL USG100-PLUS User's Guide Core Dump Connect a USB device to the ZyWALL and save the ZyWALL operating system kernel to it here. Table 5 Maintenance Menu Screens Summary FOLDER OR LINK TAB FUNCTION File Manager Configuration...
... Script Manage and run diagnostics, and reboot or shut down arrow next to a column heading for text 16 ZyWALL USG100-PLUS User's Guide Core Dump Connect a USB device to the ZyWALL and save the ZyWALL operating system kernel to it here. Table 5 Maintenance Menu Screens Summary FOLDER OR LINK TAB FUNCTION File Manager Configuration...
User Guide
Page 17
... heading and drag and drop it to re-size the column. Figure 15 Navigating Pages of entries and control how many entries display at a time. ZyWALL USG100-PLUS User's Guide 17 Figure 12 Common Table Column Options Chapter 1 Introduction Select a column heading cell's right border and drag to change the column order...
... heading and drag and drop it to re-size the column. Figure 15 Navigating Pages of entries and control how many entries display at a time. ZyWALL USG100-PLUS User's Guide 17 Figure 12 Common Table Column Options Chapter 1 Introduction Select a column heading cell's right border and drag to change the column order...
User Guide
Page 18
...button to move it directly in the table. For example, if you type 6, the entry you are descriptions for table entries with Lists 18 ZyWALL USG100-PLUS User's Guide In some lists you can also use the [Shift] or [Ctrl] key to select multiple entries, and then use the entry... 1 Introduction Figure 16 Common Table Icons Here are moving becomes number 6 and the previous entry 6 (if there is important (features where the ZyWALL applies the table's entries in order like the firewall for where you want to a list of tables small red triangles display for the most common...
...button to move it directly in the table. For example, if you type 6, the entry you are descriptions for table entries with Lists 18 ZyWALL USG100-PLUS User's Guide In some lists you can also use the [Shift] or [Ctrl] key to select multiple entries, and then use the entry... 1 Introduction Figure 16 Common Table Icons Here are moving becomes number 6 and the previous entry 6 (if there is important (features where the ZyWALL applies the table's entries in order like the firewall for where you want to a list of tables small red triangles display for the most common...
User Guide
Page 19
... of all necessary precautions to anchor the rack securely before you turn off the ZyWALL or remove the power. Use a #2 Phillips screwdriver to the rack with the rack-mounting screws. ZyWALL USG100-PLUS User's Guide 19 Chapter 1 Introduction 1.5 Stopping the ZyWALL Always use the proper screws may damage the unit. 1 Align one bracket with...
... of all necessary precautions to anchor the rack securely before you turn off the ZyWALL or remove the power. Use a #2 Phillips screwdriver to the rack with the rack-mounting screws. ZyWALL USG100-PLUS User's Guide 19 Chapter 1 Introduction 1.5 Stopping the ZyWALL Always use the proper screws may damage the unit. 1 Align one bracket with...
User Guide
Page 20
... on this port. There is connected to the USB port. There is not supported by the ZyWALL. No device is no connection on this port. This port has a successful link. 20 ZyWALL USG100-PLUS User's Guide Figure 18 ZyWALL Front Panel 1.7.1 Front Panel LEDs The following tables describe the LEDs. If the LED turns...
... on this port. There is connected to the USB port. There is not supported by the ZyWALL. No device is no connection on this port. This port has a successful link. 20 ZyWALL USG100-PLUS User's Guide Figure 18 ZyWALL Front Panel 1.7.1 Front Panel LEDs The following tables describe the LEDs. If the LED turns...
User Guide
Page 21
...How to Configure Interfaces, Port Roles, and Zones This tutorial shows how to configure Ethernet interfaces, port roles, and zones for details. ZyWALL USG100-PLUS User's Guide 21 For field descriptions of individual screens, see Section 1.4 on page 38 2.1 Wizard Overview Use the wizards to quickly .... Note: The tutorials featured here require a basic understanding of connecting to and using the Web Configurator to set up your ZyWALL. WIZARD Installation Setup Wizard Quick Setup WAN Interface VPN Setup DESCRIPTION Use this wizard the first time log into the Web Configurator...
...How to Configure Interfaces, Port Roles, and Zones This tutorial shows how to configure Ethernet interfaces, port roles, and zones for details. ZyWALL USG100-PLUS User's Guide 21 For field descriptions of individual screens, see Section 1.4 on page 38 2.1 Wizard Overview Use the wizards to quickly .... Note: The tutorials featured here require a basic understanding of connecting to and using the Web Configurator to set up your ZyWALL. WIZARD Installation Setup Wizard Quick Setup WAN Interface VPN Setup DESCRIPTION Use this wizard the first time log into the Web Configurator...