User Guide
Page 3
E-mail techwriters@zyxel.com.tw if you cannot find specific information in this guide, use the Contents Overview, the Table of features available on the ZyWALL. • ... using the Web Configurator. About This User's Guide About This User's Guide Intended Audience This manual is designed to show you how to make the ZyWALL hardware connections and access the Web Configurator... • It is recommended you require. ZyWALL USG 300 User's Guide 3 Note: It is highly recommended you read Chapter 7 on page 33 chapter for ZyWALL application examples. • Subsequent chapters are ...
E-mail techwriters@zyxel.com.tw if you cannot find specific information in this guide, use the Contents Overview, the Table of features available on the ZyWALL. • ... using the Web Configurator. About This User's Guide About This User's Guide Intended Audience This manual is designed to show you how to make the ZyWALL hardware connections and access the Web Configurator... • It is recommended you require. ZyWALL USG 300 User's Guide 3 Note: It is highly recommended you read Chapter 7 on page 33 chapter for ZyWALL application examples. • Subsequent chapters are ...
User Guide
Page 5
ZyWALL USG 300 User's Guide 5 About This User's Guide See http://www.zyxel.com/web/contact_us.php for your device. • Brief description of the problem and the steps you installed updated firmware/software for contact information. Please ... and serial number. • Warranty Information. • Date that the information in this book may differ slightly from the product due to differences in this manual is accurate. Every effort has been made to solve it. Disclaimer Graphics in operating systems, operating system versions, or if you took to ensure that...
ZyWALL USG 300 User's Guide 5 About This User's Guide See http://www.zyxel.com/web/contact_us.php for your device. • Brief description of the problem and the steps you installed updated firmware/software for contact information. Please ... and serial number. • Warranty Information. • Date that the information in this book may differ slightly from the product due to differences in this manual is accurate. Every effort has been made to solve it. Disclaimer Graphics in operating systems, operating system versions, or if you took to ensure that...
User Guide
Page 20
... You Begin 478 25.2 The VPN Connection Screen 478 25.2.1 The VPN Connection Add/Edit (IKE) Screen 480 25.2.2 The VPN Connection Add/Edit Manual Key Screen 487 25.3 The VPN Gateway Screen 490 25.3.1 The VPN Gateway Add/Edit Screen 491 25.4 VPN Concentrator ...499 25.4.1 IPSec VPN ...26.3 The SSL Global Setting Screen 524 26.3.1 How to Upload a Custom Logo 526 26.4 Establishing an SSL VPN Connection 527 Chapter 27 SSL User Screens ...531 27.1 Overview ...531 27.1.1 What You Need to Know 531 27.2 Remote User Login ...532 27.3 The SSL VPN User Screens 537 20 ZyWALL USG 300 User's Guide
... You Begin 478 25.2 The VPN Connection Screen 478 25.2.1 The VPN Connection Add/Edit (IKE) Screen 480 25.2.2 The VPN Connection Add/Edit Manual Key Screen 487 25.3 The VPN Gateway Screen 490 25.3.1 The VPN Gateway Add/Edit Screen 491 25.4 VPN Concentrator ...499 25.4.1 IPSec VPN ...26.3 The SSL Global Setting Screen 524 26.3.1 How to Upload a Custom Logo 526 26.4 Establishing an SSL VPN Connection 527 Chapter 27 SSL User Screens ...531 27.1 Overview ...531 27.1.1 What You Need to Know 531 27.2 Remote User Login ...532 27.3 The SSL VPN User Screens 537 20 ZyWALL USG 300 User's Guide
User Guide
Page 37
... start (without powering down and then manually turn off the power. Wait for the device to shut down and powering up , checks the hardware, and starts the system processes. The ZyWALL simply turns off the power to the ZyWALL. ZyWALL USG 300 User's Guide 37 The ZyWALL powers up again) occurs when you use the Reboot button in...
... start (without powering down and then manually turn off the power. Wait for the device to shut down and powering up , checks the hardware, and starts the system processes. The ZyWALL simply turns off the power to the ZyWALL. ZyWALL USG 300 User's Guide 37 The ZyWALL powers up again) occurs when you use the Reboot button in...
User Guide
Page 247
... screen. Chapter 10 Monitor 10.4 The Traffic Statistics Screen Click Monitor > System Status > Traffic Statistics to stop it manually in some cases because the ZyWALL counts HTTP GET packets. Please see Table 32 on page 248 for more information. • Most-used protocols or ...• Most-visited Web sites and the number of times each one was visited. Figure 235 Monitor > System Status > Traffic Statistics ZyWALL USG 300 User's Guide 247 You cannot schedule data collection; you have to start and when to display the Traffic Statistics screen. This screen provides basic...
... screen. Chapter 10 Monitor 10.4 The Traffic Statistics Screen Click Monitor > System Status > Traffic Statistics to stop it manually in some cases because the ZyWALL counts HTTP GET packets. Please see Table 32 on page 248 for more information. • Most-used protocols or ...• Most-visited Web sites and the number of times each one was visited. Figure 235 Monitor > System Status > Traffic Statistics ZyWALL USG 300 User's Guide 247 You cannot schedule data collection; you have to start and when to display the Traffic Statistics screen. This screen provides basic...
User Guide
Page 259
...unmounting the USB storage device. OutofSpace - the connected USB storage device was manually unmounted by using the USB storage device so you can remove it . you can have the ZyWALL mount a connected USB storage device. Mounting - the available disk space is... disabled (turned off) on page 827 for selected protocols. none - the ZyWALL is connected. the use the USB storage device. Figure 243 Monitor > AppPatrol Statistics: General Setup ZyWALL USG 300 User's Guide 259 Chapter 10 Monitor Table 40 Monitor > System Status > USB Storage (continued...
...unmounting the USB storage device. OutofSpace - the connected USB storage device was manually unmounted by using the USB storage device so you can remove it . you can have the ZyWALL mount a connected USB storage device. Mounting - the available disk space is... disabled (turned off) on page 827 for selected protocols. none - the ZyWALL is connected. the use the USB storage device. Figure 243 Monitor > AppPatrol Statistics: General Setup ZyWALL USG 300 User's Guide 259 Chapter 10 Monitor Table 40 Monitor > System Status > USB Storage (continued...
User Guide
Page 265
... IPSec SA from the remote IPSec router to specify abc, acc and so on. A * in the SA. ZyWALL USG 300 User's Guide 265 A VPN connection named "testabc" would match. This field displays N/A if the IPSec SA uses manual keys. The IP addresses, not the address objects, are in "123" matches, no matter how many seconds...
... IPSec SA from the remote IPSec router to specify abc, acc and so on. A * in the SA. ZyWALL USG 300 User's Guide 265 A VPN connection named "testabc" would match. This field displays N/A if the IPSec SA uses manual keys. The IP addresses, not the address objects, are in "123" matches, no matter how many seconds...
User Guide
Page 274
...site. Flush Click this button to reload the list of a categorized web site address record. 274 ZyWALL USG 300 User's Guide Chapter 10 Monitor You can remove individual entries from the cache manually. Figure 257 Anti-X > Content Filter > Cache The following table describes the labels in this ,... the ZyWALL queries the external content filtering database the next time someone tries to remove them from the cache...
...site. Flush Click this button to reload the list of a categorized web site address record. 274 ZyWALL USG 300 User's Guide Chapter 10 Monitor You can remove individual entries from the cache manually. Figure 257 Anti-X > Content Filter > Cache The following table describes the labels in this ,... the ZyWALL queries the external content filtering database the next time someone tries to remove them from the cache...
User Guide
Page 304
...your LAN interface, you will connect this to a local network. If you change the corresponding LAN subnet address object. When you must manually configure a policy route to correspond. Interface Name Port Zone MAC Address Description IP Address Assignment Get Automatically For General, the rest of the...below. Interface Properties Interface Type Select to 11 characters long. These IP address fields configure an IP address on page 709. 304 ZyWALL USG 300 User's Guide It can use this IP address on the interface, you may also need to change the IP address of network you ...
...your LAN interface, you will connect this to a local network. If you change the corresponding LAN subnet address object. When you must manually configure a policy route to correspond. Interface Name Port Zone MAC Address Description IP Address Assignment Get Automatically For General, the rest of the...below. Interface Properties Interface Type Select to 11 characters long. These IP address fields configure an IP address on page 709. 304 ZyWALL USG 300 User's Guide It can use this IP address on the interface, you may also need to change the IP address of network you ...
User Guide
Page 305
...Interface Parameters Egress Bandwidth Enter the maximum amount of this value is still available. The ZyWALL resumes routing to specify the IP address, subnet mask, and gateway manually. Select the method that was configured first. Subnet Mask Enter the subnet mask of ... specify to the gateway. Type the maximum size of the gateway. Allowed values are required before the ZyWALL stops routing to make sure it is still available. ZyWALL USG 300 User's Guide 305 Chapter 13 Interfaces Table 62 Configuration > Network > Interface > Ethernet > Edit (continued)...
...Interface Parameters Egress Bandwidth Enter the maximum amount of this value is still available. The ZyWALL resumes routing to specify the IP address, subnet mask, and gateway manually. Select the method that was configured first. Subnet Mask Enter the subnet mask of ... specify to the gateway. Type the maximum size of the gateway. Allowed values are required before the ZyWALL stops routing to make sure it is still available. ZyWALL USG 300 User's Guide 305 Chapter 13 Interfaces Table 62 Configuration > Network > Interface > Ethernet > Edit (continued)...
User Guide
Page 307
... again. Custom Defined - Lease time Specify how long each computer can use . This stops anyone else from manually using a bound IP address on your network and the IP addresses that they are valid. ZyWALL USG 300 User's Guide 307 In this to enter how long IP addresses are currently using the interface's IP Pool Start...
... again. Custom Defined - Lease time Specify how long each computer can use . This stops anyone else from manually using a bound IP address on your network and the IP addresses that they are valid. ZyWALL USG 300 User's Guide 307 In this to enter how long IP addresses are currently using the interface's IP Pool Start...
User Guide
Page 309
...This section appears when Interface Properties is MD5. Configure VLAN Click VLAN if you want to 16 characters long. OK Cancel You must manually configure a policy route to exit this interface's Internet connection uses PPPoE or PPTP. Click Cancel to add routing and SNAT settings .... Either enter the MAC address in the fields or click Clone by host and enter the IP address of another device or computer. ZyWALL USG 300 User's Guide 309 Type the ID for MD5 authentication. It will be between 1 and 255. This screen displays which configuration settings reference the...
...This section appears when Interface Properties is MD5. Configure VLAN Click VLAN if you want to 16 characters long. OK Cancel You must manually configure a policy route to exit this interface's Internet connection uses PPPoE or PPTP. Click Cancel to add routing and SNAT settings .... Either enter the MAC address in the fields or click Clone by host and enter the IP address of another device or computer. ZyWALL USG 300 User's Guide 309 Type the ID for MD5 authentication. It will be between 1 and 255. This screen displays which configuration settings reference the...
User Guide
Page 312
...this in testing the interface. Add Click this to manually establish the connection for an example. # This field is a sequential value, and it is described in testing the interface or to create a new user-configured PPP interface. Edit Double-click an entry or...which settings use this in the table below. Table 64 Configuration > Network > Interface > PPP LABEL DESCRIPTION User Configuration / System Default The ZyWALL comes with any interface. 312 ZyWALL USG 300 User's Guide You might use the entry. Connect To connect an interface, select it and click Remove. See ...
...this in testing the interface. Add Click this to manually establish the connection for an example. # This field is a sequential value, and it is described in testing the interface or to create a new user-configured PPP interface. Edit Double-click an entry or...which settings use this in the table below. Table 64 Configuration > Network > Interface > PPP LABEL DESCRIPTION User Configuration / System Default The ZyWALL comes with any interface. 312 ZyWALL USG 300 User's Guide You might use the entry. Connect To connect an interface, select it and click Remove. See ...
User Guide
Page 315
...Select the interface upon which gateway to keep the connection available. Note: Multiple PPP interfaces can be up to specify the IP address manually. Description Enter a description of the gateway (the ISP) on this PPP interface is blank if the ISP account uses PPTP. Use ... Address Assignment Get Automatically Select this if this option if a lot of traffic needs to have the ZyWALL establish the PPPoE/PPTP connection only when there is traffic. ZyWALL USG 300 User's Guide 315 In this priority. It can be up all the time. Connectivity Nailed-Up Select this...
...Select the interface upon which gateway to keep the connection available. Note: Multiple PPP interfaces can be up to specify the IP address manually. Description Enter a description of the gateway (the ISP) on this PPP interface is blank if the ISP account uses PPTP. Use ... Address Assignment Get Automatically Select this if this option if a lot of traffic needs to have the ZyWALL establish the PPPoE/PPTP connection only when there is traffic. ZyWALL USG 300 User's Guide 315 In this priority. It can be up all the time. Connectivity Nailed-Up Select this...
User Guide
Page 316
...the gateway. Check Timeout Enter the number of seconds to make sure it is still available. Check Default Select this interface. 316 ZyWALL USG 300 User's Guide Check Port This field only displays when you specify to wait for a response before the attempt is 1492. Related Setting... WAN trunk for a TCP connectivity check. If a larger packet arrives, the ZyWALL divides it . MTU Maximum Transmission Unit. Check Period Enter the number of traffic, in kilobits per second, the ZyWALL can manually configure a policy route to the gateway the first time the gateway passes the ...
...the gateway. Check Timeout Enter the number of seconds to make sure it is still available. Check Default Select this interface. 316 ZyWALL USG 300 User's Guide Check Port This field only displays when you specify to wait for a response before the attempt is 1492. Related Setting... WAN trunk for a TCP connectivity check. If a larger packet arrives, the ZyWALL divides it . MTU Maximum Transmission Unit. Check Period Enter the number of traffic, in kilobits per second, the ZyWALL can manually configure a policy route to the gateway the first time the gateway passes the ...
User Guide
Page 319
...Edit Screen To change your changes back to remove it and click Edit to create a new cellular interface. The ZyWALL confirms you want to the ZyWALL. Connect To connect an interface, select it and click Disconnect. This field displays the name of the interface. ...the entry. Table 67 Configuration > Network > Interface > Cellular LABEL DESCRIPTION Add Click this cellular interface is set to manually establish the connection. ZyWALL USG 300 User's Guide 319 Edit Double-click an entry or select it before doing so. Name Extension Slot Connected Device ISP Settings ...
...Edit Screen To change your changes back to remove it and click Edit to create a new cellular interface. The ZyWALL confirms you want to the ZyWALL. Connect To connect an interface, select it and click Disconnect. This field displays the name of the interface. ...the entry. Table 67 Configuration > Network > Interface > Cellular LABEL DESCRIPTION Add Click this cellular interface is set to manually establish the connection. ZyWALL USG 300 User's Guide 319 Edit Double-click an entry or select it before doing so. Name Extension Slot Connected Device ISP Settings ...
User Guide
Page 321
Connectivity Nailed-Up Select this interface. Clear this to have the ZyWALL to turn on this if the connection should always be able to manually input the APN (Access Point Name) provided by your service provider. ISP Settings Profile Selection Select...This field applies with different APNs may provide different services (such as Internet access or MMS (Multi-Media Messaging Service)) and charge method. ZyWALL USG 300 User's Guide 321 Table 68 Configuration > Network > Interface > Cellular > Add LABEL DESCRIPTION Show Advance Settings / Hide Advance Settings Click this ...
Connectivity Nailed-Up Select this interface. Clear this to have the ZyWALL to turn on this if the connection should always be able to manually input the APN (Access Point Name) provided by your service provider. ISP Settings Profile Selection Select...This field applies with different APNs may provide different services (such as Internet access or MMS (Multi-Media Messaging Service)) and charge method. ZyWALL USG 300 User's Guide 321 Table 68 Configuration > Network > Interface > Cellular > Add LABEL DESCRIPTION Show Advance Settings / Hide Advance Settings Click this ...
User Guide
Page 324
... check with this and specify the amount of time (in your ISP did not assign you a fixed IP address. You may want to manually specify the type of network to use if you are charged differently for your 3G service provider to find the 3G service available to you... only to have the card connect to use with your 3G connection. The ZyWALL takes the actions you configure and enable budget control, the ZyWALL resets the statistics. 324 ZyWALL USG 300 User's Guide If two or more gateways have the ZyWALL automatically detect the type of network available to you. You may want to ...
... check with this and specify the amount of time (in your ISP did not assign you a fixed IP address. You may want to manually specify the type of network to use if you are charged differently for your 3G service provider to find the 3G service available to you... only to have the card connect to use with your 3G connection. The ZyWALL takes the actions you configure and enable budget control, the ZyWALL resets the statistics. 324 ZyWALL USG 300 User's Guide If two or more gateways have the ZyWALL automatically detect the type of network available to you. You may want to ...
User Guide
Page 338
...external authentication server in dotted decimal notation. 338 ZyWALL USG 300 User's Guide You can have already configured. The authentication method can configure the "default" authentication method object, but it's default configuration uses the ZyWALL's local database for only the server-side ... the Authentication Type field to manually specify a RADIUS server's settings in the My Certificates screen. Table 74 Configuration > Network > Interface > WLAN > Add (WPA/WPA2 Security) LABEL DESCRIPTION Authentication Type Select what the ZyWALL uses to the wireless clients....
...external authentication server in dotted decimal notation. 338 ZyWALL USG 300 User's Guide You can have already configured. The authentication method can configure the "default" authentication method object, but it's default configuration uses the ZyWALL's local database for only the server-side ... the Authentication Type field to manually specify a RADIUS server's settings in the My Certificates screen. Table 74 Configuration > Network > Interface > WLAN > Add (WPA/WPA2 Security) LABEL DESCRIPTION Authentication Type Select what the ZyWALL uses to the wireless clients....
User Guide
Page 346
... what part of this interface in dot decimal notation. Zone Select the zone to specify the IP address, subnet mask, and gateway manually. Advance Settings General Settings Enable Interface Select this to disable this interface on which the VLAN interface belongs. This 12-bit number uniquely... subnet mask of the VLAN interface. This field is explained in the network. The ZyWALL sends packets to the gateway when it can be on the same network as the interface. 346 ZyWALL USG 300 User's Guide Chapter 13 Interfaces Each field is enabled if you select Use Fixed IP Address...
... what part of this interface in dot decimal notation. Zone Select the zone to specify the IP address, subnet mask, and gateway manually. Advance Settings General Settings Enable Interface Select this to disable this interface on which the VLAN interface belongs. This 12-bit number uniquely... subnet mask of the VLAN interface. This field is explained in the network. The ZyWALL sends packets to the gateway when it can be on the same network as the interface. 346 ZyWALL USG 300 User's Guide Chapter 13 Interfaces Each field is enabled if you select Use Fixed IP Address...