User Guide
Page 3
E-mail techwriters@zyxel.com.tw if you cannot find specific information in the Web Configurator. Note: It is highly recommended you read Chapter 6 on page 93 for detailed information on essential terms used in the ZyWALL, what the real time online help provides. • It is ... • To find the information you require. ZyWALL USG 300 User's Guide 3 How To Use This Guide • Read Chapter 1 on page 33 chapter for an overview of Contents, the Index, or search the PDF file. About This User's Guide About This User's Guide Intended Audience This manual is designed to show you...
E-mail techwriters@zyxel.com.tw if you cannot find specific information in the Web Configurator. Note: It is highly recommended you read Chapter 6 on page 93 for detailed information on essential terms used in the ZyWALL, what the real time online help provides. • It is ... • To find the information you require. ZyWALL USG 300 User's Guide 3 How To Use This Guide • Read Chapter 1 on page 33 chapter for an overview of Contents, the Index, or search the PDF file. About This User's Guide About This User's Guide Intended Audience This manual is designed to show you...
User Guide
Page 4
...icon in any screen for help is a collection of answers to : techwriters@zyxel.com.tw Thank you! Need More Help? More help in which you bought the device. 4 ZyWALL USG 300 User's Guide Customer Support Should problems arise that screen and supplementary information. If you should ...contact your experiences as well. This is available at www.zyxel.com. • Download Library Search for the region in...
...icon in any screen for help is a collection of answers to : techwriters@zyxel.com.tw Thank you! Need More Help? More help in which you bought the device. 4 ZyWALL USG 300 User's Guide Customer Support Should problems arise that screen and supplementary information. If you should ...contact your experiences as well. This is available at www.zyxel.com. • Download Library Search for the region in...
User Guide
Page 5
... ensure that you received your device. • Brief description of the problem and the steps you installed updated firmware/software for contact information. About This User's Guide See http://www.zyxel.com/web/contact_us.php for your device. ZyWALL USG 300 User's Guide 5
... ensure that you received your device. • Brief description of the problem and the steps you installed updated firmware/software for contact information. About This User's Guide See http://www.zyxel.com/web/contact_us.php for your device. ZyWALL USG 300 User's Guide 5
User Guide
Page 6
...you may need to configure or helpful tips) or recommendations. Syntax Conventions • The ZyWALL may be referred to as the "ZyWALL", the "device", the "system" or the "product" in this User's Guide. • Product labels, screen names, field labels and field choices are shown in ... panel, then the Log sub menu and finally the Log Setting tab to get to that is a shorthand for "for example, other words". 6 ZyWALL USG 300 User's Guide Note: Notes tell you other important information (for instance", and "i.e.," means "that screen. • Units of the predefined choices. • A ...
...you may need to configure or helpful tips) or recommendations. Syntax Conventions • The ZyWALL may be referred to as the "ZyWALL", the "device", the "system" or the "product" in this User's Guide. • Product labels, screen names, field labels and field choices are shown in ... panel, then the Log sub menu and finally the Log Setting tab to get to that is a shorthand for "for example, other words". 6 ZyWALL USG 300 User's Guide Note: Notes tell you other important information (for instance", and "i.e.," means "that screen. • Units of the predefined choices. • A ...
User Guide
Page 7
ZyWALL Computer Notebook computer Server Firewall Telephone Switch Router ZyWALL USG 300 User's Guide 7 Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons. The ZyWALL icon is not an exact representation of your device.
ZyWALL Computer Notebook computer Server Firewall Telephone Switch Router ZyWALL USG 300 User's Guide 7 Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons. The ZyWALL icon is not an exact representation of your device.
User Guide
Page 8
... should be mixed with this symbol, which is a remote risk of electrical and electronic equipment. Used electrical and electronic equipment should not be treated separately. 8 ZyWALL USG 300 User's Guide Your product is marked with general waste. Contact your local vendor to dangerous high voltage points or other risks. It means that no one . •...
... should be mixed with this symbol, which is a remote risk of electrical and electronic equipment. Used electrical and electronic equipment should not be treated separately. 8 ZyWALL USG 300 User's Guide Your product is marked with general waste. Contact your local vendor to dangerous high voltage points or other risks. It means that no one . •...
User Guide
Page 9
Contents Overview Contents Overview User's Guide ...31 Introducing the ZyWALL ...33 Features and Applications ...39 Web Configurator ...47 Installation Setup Wizard ...65 Quick Setup ...75 Configuration Basics ...93 Tutorials ...117 L2TP...419 HTTP Redirect ...429 ALG ...435 IP/MAC Binding ...443 Authentication Policy ...449 Firewall ...457 IPSec VPN ...475 SSL VPN ...517 SSL User Screens ...531 SSL User Application Screens 541 SSL User File Sharing ...543 ZyWALL SecuExtender ...551 L2TP VPN ...555 Application Patrol ...559 Anti-Virus ...585 IDP ...601 ADP ...637 ZyWALL USG 300 User's Guide 9
Contents Overview Contents Overview User's Guide ...31 Introducing the ZyWALL ...33 Features and Applications ...39 Web Configurator ...47 Installation Setup Wizard ...65 Quick Setup ...75 Configuration Basics ...93 Tutorials ...117 L2TP...419 HTTP Redirect ...429 ALG ...435 IP/MAC Binding ...443 Authentication Policy ...449 Firewall ...457 IPSec VPN ...475 SSL VPN ...517 SSL User Screens ...531 SSL User Application Screens 541 SSL User File Sharing ...543 ZyWALL SecuExtender ...551 L2TP VPN ...555 Application Patrol ...559 Anti-Virus ...585 IDP ...601 ADP ...637 ZyWALL USG 300 User's Guide 9
User Guide
Page 10
Contents Overview Content Filtering ...659 Content Filter Reports ...683 Anti-Spam ...691 Device HA ...709 User/Group ...731 Addresses ...747 Services ...753 Schedules ...759 AAA Server ...765 Authentication Method ...775 Certificates ...781 ISP Accounts ...803 SSL Application ...807 Endpoint Security ...815 System ...825 Log and Report ...877 File Manager ...893 Diagnostics ...905 Reboot ...915 Shutdown ...917 Troubleshooting ...919 Product Specifications ...939 10 ZyWALL USG 300 User's Guide
Contents Overview Content Filtering ...659 Content Filter Reports ...683 Anti-Spam ...691 Device HA ...709 User/Group ...731 Addresses ...747 Services ...753 Schedules ...759 AAA Server ...765 Authentication Method ...775 Certificates ...781 ISP Accounts ...803 SSL Application ...807 Endpoint Security ...815 System ...825 Log and Report ...877 File Manager ...893 Diagnostics ...905 Reboot ...915 Shutdown ...917 Troubleshooting ...919 Product Specifications ...939 10 ZyWALL USG 300 User's Guide
User Guide
Page 11
... the ZyWALL 37 Chapter 2 Features and Applications ...39 2.1 Features ...39 2.2 Applications ...41 2.2.1 VPN Connectivity ...42 2.2.2 SSL VPN Network Access 42 2.2.3 User-Aware Access Control 44 2.2.4 Multiple WAN Interfaces 44 2.2.5 Device HA ...45 Chapter 3 Web Configurator...47 3.1 Web Configurator Requirements 47 3.2 Web Configurator Access ...47 3.3 Web Configurator Screens Overview 49 3.3.1 Title Bar ...50 ZyWALL USG 300 User's Guide...
... the ZyWALL 37 Chapter 2 Features and Applications ...39 2.1 Features ...39 2.2 Applications ...41 2.2.1 VPN Connectivity ...42 2.2.2 SSL VPN Network Access 42 2.2.3 User-Aware Access Control 44 2.2.4 Multiple WAN Interfaces 44 2.2.5 Device HA ...45 Chapter 3 Web Configurator...47 3.1 Web Configurator Requirements 47 3.2 Web Configurator Access ...47 3.3 Web Configurator Screens Overview 49 3.3.1 Title Bar ...50 ZyWALL USG 300 User's Guide...
User Guide
Page 12
... 92 Chapter 6 Configuration Basics...93 6.1 Object-based Configuration 93 6.2 Zones, Interfaces, and Physical Ports 94 6.2.1 Interface Types ...95 6.2.2 Default Interface and Zone Configuration 96 12 ZyWALL USG 300 User's Guide Table of Contents 3.3.2 Navigation Panel ...51 3.3.3 Main Window ...57 3.3.4 Tables and Lists ...59 Chapter 4 Installation Setup Wizard ...65 4.1 Installation Setup Wizard Screens 65 4.1.1 Internet Access...
... 92 Chapter 6 Configuration Basics...93 6.1 Object-based Configuration 93 6.2 Zones, Interfaces, and Physical Ports 94 6.2.1 Interface Types ...95 6.2.2 Default Interface and Zone Configuration 96 12 ZyWALL USG 300 User's Guide Table of Contents 3.3.2 Navigation Panel ...51 3.3.3 Main Window ...57 3.3.4 Tables and Lists ...59 Chapter 4 Installation Setup Wizard ...65 4.1 Installation Setup Wizard Screens 65 4.1.1 Internet Access...
User Guide
Page 13
... Shutdown ...114 Chapter 7 Tutorials ...117 7.1 How to Configure Interfaces, Port Grouping, and Zones 117 7.1.1 Configure a WAN Ethernet Interface 118 ZyWALL USG 300 User's Guide 13 Policy ...107 6.5.14 Firewall ...107 6.5.15 IPSec VPN ...108 6.5.16 SSL VPN ...108 6.5.17 L2TP VPN ...109 6.5.18 Application Patrol...Filter ...110 6.5.23 Anti-Spam ...111 6.5.24 Device HA ...111 6.6 Objects ...112 6.6.1 User/Group ...112 6.7 System ...113 6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-in the ZyWALL 97 6.4 Packet Flow ...98 6.4.1 ZLD 2.20 Packet Flow Enhancements 98 6.4.2 Routing Table Checking...
... Shutdown ...114 Chapter 7 Tutorials ...117 7.1 How to Configure Interfaces, Port Grouping, and Zones 117 7.1.1 Configure a WAN Ethernet Interface 118 ZyWALL USG 300 User's Guide 13 Policy ...107 6.5.14 Firewall ...107 6.5.15 IPSec VPN ...108 6.5.16 SSL VPN ...108 6.5.17 L2TP VPN ...109 6.5.18 Application Patrol...Filter ...110 6.5.23 Anti-Spam ...111 6.5.24 Device HA ...111 6.6 Objects ...112 6.6.1 User/Group ...112 6.7 System ...113 6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-in the ZyWALL 97 6.4 Packet Flow ...98 6.4.1 ZLD 2.20 Packet Flow Enhancements 98 6.4.2 Routing Table Checking...
User Guide
Page 14
...on Ethernet Interfaces 123 7.3.2 Configure the WAN Trunk 124 7.4 How to Set Up a Wireless LAN 125 7.4.1 Set Up User Accounts 125 7.4.2 Create the WLAN Interface 126 7.4.3 Set Up the Wireless Clients to Use the WLAN Interface 129 7.5 How...150 7.7.5 Set Up MSN Policies 153 7.7.6 Set Up Firewall Rules 154 7.8 How to Use a RADIUS Server to Authenticate User Accounts based on Groups 155 7.9 How to Use Endpoint Security and Authentication Policies 157 7.9.1 Configure the Endpoint Security Objects 157... Static Public WAN IP Addresses for LAN to WAN Traffic 176 14 ZyWALL USG 300 User's Guide
...on Ethernet Interfaces 123 7.3.2 Configure the WAN Trunk 124 7.4 How to Set Up a Wireless LAN 125 7.4.1 Set Up User Accounts 125 7.4.2 Create the WLAN Interface 126 7.4.3 Set Up the Wireless Clients to Use the WLAN Interface 129 7.5 How...150 7.7.5 Set Up MSN Policies 153 7.7.6 Set Up Firewall Rules 154 7.8 How to Use a RADIUS Server to Authenticate User Accounts based on Groups 155 7.9 How to Use Endpoint Security and Authentication Policies 157 7.9.1 Configure the Endpoint Security Objects 157... Static Public WAN IP Addresses for LAN to WAN Traffic 176 14 ZyWALL USG 300 User's Guide
User Guide
Page 15
...Use Active-Passive Device HA 177 7.15.1 Before You Start ...178 7.15.2 Configure Device HA on the Master ZyWALL 179 7.15.3 Configure the Backup ZyWALL 181 7.15.4 Deploy the Backup ZyWALL 183 7.15.5 Check Your Device HA Setup 183 Chapter 8 L2TP VPN Example ...185 8.1 L2TP VPN Example ...185...DHCP Table Screen 235 9.2.6 The Number of Login Users Screen 236 Chapter 10 Monitor...239 10.1 Overview ...239 10.1.1 What You Can Do in this Chapter 239 10.2 The Port Statistics Screen 240 10.2.1 The Port Statistics Graph Screen 242 10.3 Interface Status Screen 243 ZyWALL USG 300 User's Guide 15
...Use Active-Passive Device HA 177 7.15.1 Before You Start ...178 7.15.2 Configure Device HA on the Master ZyWALL 179 7.15.3 Configure the Backup ZyWALL 181 7.15.4 Deploy the Backup ZyWALL 183 7.15.5 Check Your Device HA Setup 183 Chapter 8 L2TP VPN Example ...185 8.1 L2TP VPN Example ...185...DHCP Table Screen 235 9.2.6 The Number of Login Users Screen 236 Chapter 10 Monitor...239 10.1 Overview ...239 10.1.1 What You Can Do in this Chapter 239 10.2 The Port Statistics Screen 240 10.2.1 The Port Statistics Graph Screen 242 10.3 Interface Status Screen 243 ZyWALL USG 300 User's Guide 15
User Guide
Page 16
... Traffic Statistics Screen 247 10.5 The Session Monitor Screen 250 10.6 The DDNS Status Screen 252 10.7 IP/MAC Binding Monitor 253 10.8 The Login Users Screen 254 10.9 WLAN Interface Station Monitor Screen 255 10.10 Cellular Status Screen 256 10.11 USB Storage Screen ...258 10.12 Application Patrol... 12.2 The Antivirus Update Screen 290 12.3 The IDP/AppPatrol Update Screen 291 12.4 The System Protect Update Screen 293 Chapter 13 Interfaces ...295 16 ZyWALL USG 300 User's Guide
... Traffic Statistics Screen 247 10.5 The Session Monitor Screen 250 10.6 The DDNS Status Screen 252 10.7 IP/MAC Binding Monitor 253 10.8 The Login Users Screen 254 10.9 WLAN Interface Station Monitor Screen 255 10.10 Cellular Status Screen 256 10.11 USB Storage Screen ...258 10.12 Application Patrol... 12.2 The Antivirus Update Screen 290 12.3 The IDP/AppPatrol Update Screen 291 12.4 The System Protect Update Screen 293 Chapter 13 Interfaces ...295 16 ZyWALL USG 300 User's Guide
User Guide
Page 17
... 13.1.2 What You Need to Know 296 13.2 Port Grouping ...299 13.2.1 Port Grouping Overview 299 13.2.2 Port Grouping Screen 299 13.3 Ethernet Summary Screen 300 13.3.1 Ethernet Edit ...302 13.3.2 Object References 309 13.4 PPP Interfaces ...310 13.4.1 PPP Interface Summary 311 13.4.2 PPP Interface Add or Edit 313 13... to Know 370 14.2 The Trunk Summary Screen 374 14.3 Configuring a Trunk ...375 14.4 Trunk Technical Reference 377 Chapter 15 Policy and Static Routes ...379 ZyWALL USG 300 User's Guide 17
... 13.1.2 What You Need to Know 296 13.2 Port Grouping ...299 13.2.1 Port Grouping Overview 299 13.2.2 Port Grouping Screen 299 13.3 Ethernet Summary Screen 300 13.3.1 Ethernet Edit ...302 13.3.2 Object References 309 13.4 PPP Interfaces ...310 13.4.1 PPP Interface Summary 311 13.4.2 PPP Interface Add or Edit 313 13... to Know 370 14.2 The Trunk Summary Screen 374 14.3 Configuring a Trunk ...375 14.4 Trunk Technical Reference 377 Chapter 15 Policy and Static Routes ...379 ZyWALL USG 300 User's Guide 17
User Guide
Page 18
....1 NAT Overview ...419 19.1.1 What You Can Do in this Chapter 419 19.1.2 What You Need to Know 420 19.2 The NAT Screen ...420 18 ZyWALL USG 300 User's Guide
....1 NAT Overview ...419 19.1.1 What You Can Do in this Chapter 419 19.1.2 What You Need to Know 420 19.2 The NAT Screen ...420 18 ZyWALL USG 300 User's Guide
User Guide
Page 19
... Services 452 23.2.2 Creating/Editing an Authentication Policy 453 Chapter 24 Firewall...457 24.1 Overview ...457 24.1.1 What You Can Do in this Chapter 457 ZyWALL USG 300 User's Guide 19
... Services 452 23.2.2 Creating/Editing an Authentication Policy 453 Chapter 24 Firewall...457 24.1 Overview ...457 24.1.1 What You Can Do in this Chapter 457 ZyWALL USG 300 User's Guide 19
User Guide
Page 20
... 522 26.3 The SSL Global Setting Screen 524 26.3.1 How to Upload a Custom Logo 526 26.4 Establishing an SSL VPN Connection 527 Chapter 27 SSL User Screens ...531 27.1 Overview ...531 27.1.1 What You Need to Know 531 27.2 Remote User Login ...532 27.3 The SSL VPN User Screens 537 20 ZyWALL USG 300 User's Guide
... 522 26.3 The SSL Global Setting Screen 524 26.3.1 How to Upload a Custom Logo 526 26.4 Establishing an SSL VPN Connection 527 Chapter 27 SSL User Screens ...531 27.1 Overview ...531 27.1.1 What You Need to Know 531 27.2 Remote User Login ...532 27.3 The SSL VPN User Screens 537 20 ZyWALL USG 300 User's Guide
User Guide
Page 21
....4 Bookmarking the ZyWALL 538 27.5 Logging Out of the SSL VPN User Screens 538 Chapter 28 SSL User Application Screens 541 28.1 SSL User Application Screens Overview 541 28.2 The Application Screen 541 Chapter 29 SSL User File Sharing ...543...File or Folder 548 29.6 Deleting a File or Folder 548 29.7 Uploading a File ...549 Chapter 30 ZyWALL SecuExtender...551 30.1 The ZyWALL SecuExtender Icon 551 30.2 Statistics ...552 30.3 View Log ...553 30.4 Suspend and Resume the Connection 553...to Know 560 32.1.3 Application Patrol Bandwidth Management Examples 565 ZyWALL USG 300 User's Guide 21
....4 Bookmarking the ZyWALL 538 27.5 Logging Out of the SSL VPN User Screens 538 Chapter 28 SSL User Application Screens 541 28.1 SSL User Application Screens Overview 541 28.2 The Application Screen 541 Chapter 29 SSL User File Sharing ...543...File or Folder 548 29.6 Deleting a File or Folder 548 29.7 Uploading a File ...549 Chapter 30 ZyWALL SecuExtender...551 30.1 The ZyWALL SecuExtender Icon 551 30.2 Statistics ...552 30.3 View Log ...553 30.4 Suspend and Resume the Connection 553...to Know 560 32.1.3 Application Patrol Bandwidth Management Examples 565 ZyWALL USG 300 User's Guide 21
User Guide
Page 22
... ...617 34.7 Introducing IDP Custom Signatures 619 34.7.1 IP Packet Header 619 34.8 Configuring Custom Signatures 620 34.8.1 Creating or Editing a Custom Signature 622 22 ZyWALL USG 300 User's Guide
... ...617 34.7 Introducing IDP Custom Signatures 619 34.7.1 IP Packet Header 619 34.8 Configuring Custom Signatures 620 34.8.1 Creating or Editing a Custom Signature 622 22 ZyWALL USG 300 User's Guide