User Guide
Page 3
...arranged by menu item as defined in the Web Configurator. E-mail techwriters@zyxel.com.tw if you cannot find specific information in this guide, use that feature. • It is highly recommended you require. ZyWALL USG 300 User's Guide 3 About This User's Guide About This User's Guide ...Intended Audience This manual is intended for people who want to want to configure the ZyWALL using the quick setup wizards and you want more detailed ...
...arranged by menu item as defined in the Web Configurator. E-mail techwriters@zyxel.com.tw if you cannot find specific information in this guide, use that feature. • It is highly recommended you require. ZyWALL USG 300 User's Guide 3 About This User's Guide About This User's Guide ...Intended Audience This manual is intended for people who want to want to configure the ZyWALL using the quick setup wizards and you want more detailed ...
User Guide
Page 4
... contact your product, the answer may be solved by the methods listed above, you bought the device. 4 ZyWALL USG 300 User's Guide This is available at www.zyxel.com. • Download Library Search for the region in configuring that cannot be here. Need More Help? ...previously asked questions about your vendor. Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you cannot contact your vendor, then contact a ZyXEL office for the latest product updates and documentation from others who use your product. • Knowledge...
... contact your product, the answer may be solved by the methods listed above, you bought the device. 4 ZyWALL USG 300 User's Guide This is available at www.zyxel.com. • Download Library Search for the region in configuring that cannot be here. Need More Help? ...previously asked questions about your vendor. Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you cannot contact your vendor, then contact a ZyXEL office for the latest product updates and documentation from others who use your product. • Knowledge...
User Guide
Page 5
... description of the problem and the steps you installed updated firmware/software for contact information. About This User's Guide See http://www.zyxel.com/web/contact_us.php for your device. ZyWALL USG 300 User's Guide 5 Please have the following information ready when you contact an office. • Product model and serial number. • Warranty...
... description of the problem and the steps you installed updated firmware/software for contact information. About This User's Guide See http://www.zyxel.com/web/contact_us.php for your device. ZyWALL USG 300 User's Guide 5 Please have the following information ready when you contact an office. • Product model and serial number. • Warranty...
User Guide
Page 6
...Note: Notes tell you other important information (for example, other words". 6 ZyWALL USG 300 User's Guide For example, Maintenance > Log > Log Setting means you may..."M" for instance", and "i.e.," means "that could harm you to type one of measurement may need to as the "ZyWALL", the "device", the "system" or the "product" in the navigation panel, then the Log sub menu and finally... to get to use one or more characters and then press the [ENTER] key. Syntax Conventions • The ZyWALL may denote "1000000" or "1048576" and so on your keyboard. • "Enter" means for you to ...
...Note: Notes tell you other important information (for example, other words". 6 ZyWALL USG 300 User's Guide For example, Maintenance > Log > Log Setting means you may..."M" for instance", and "i.e.," means "that could harm you to type one of measurement may need to as the "ZyWALL", the "device", the "system" or the "product" in the navigation panel, then the Log sub menu and finally... to get to use one or more characters and then press the [ENTER] key. Syntax Conventions • The ZyWALL may denote "1000000" or "1048576" and so on your keyboard. • "Enter" means for you to ...
User Guide
Page 7
The ZyWALL icon is not an exact representation of your device. ZyWALL Computer Notebook computer Server Firewall Telephone Switch Router ZyWALL USG 300 User's Guide 7 Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons.
The ZyWALL icon is not an exact representation of your device. ZyWALL Computer Notebook computer Server Firewall Telephone Switch Router ZyWALL USG 300 User's Guide 7 Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons.
User Guide
Page 8
... the store where you to the correct ports. • Place connecting cables carefully so that used electrical and electronic products should not be treated separately. 8 ZyWALL USG 300 User's Guide Connect it from lightning. • Connect ONLY suitable accessories to repair the power adaptor or cord. ONLY qualified service personnel should be mixed...
... the store where you to the correct ports. • Place connecting cables carefully so that used electrical and electronic products should not be treated separately. 8 ZyWALL USG 300 User's Guide Connect it from lightning. • Connect ONLY suitable accessories to repair the power adaptor or cord. ONLY qualified service personnel should be mixed...
User Guide
Page 9
Contents Overview Contents Overview User's Guide ...31 Introducing the ZyWALL ...33 Features and Applications ...39 Web Configurator ...47 Installation Setup Wizard ...65 Quick Setup ...75 Configuration Basics ...93 Tutorials ...117 L2TP VPN Example ...185 Technical ... Authentication Policy ...449 Firewall ...457 IPSec VPN ...475 SSL VPN ...517 SSL User Screens ...531 SSL User Application Screens 541 SSL User File Sharing ...543 ZyWALL SecuExtender ...551 L2TP VPN ...555 Application Patrol ...559 Anti-Virus ...585 IDP ...601 ADP ...637 ZyWALL USG 300 User's Guide 9
Contents Overview Contents Overview User's Guide ...31 Introducing the ZyWALL ...33 Features and Applications ...39 Web Configurator ...47 Installation Setup Wizard ...65 Quick Setup ...75 Configuration Basics ...93 Tutorials ...117 L2TP VPN Example ...185 Technical ... Authentication Policy ...449 Firewall ...457 IPSec VPN ...475 SSL VPN ...517 SSL User Screens ...531 SSL User Application Screens 541 SSL User File Sharing ...543 ZyWALL SecuExtender ...551 L2TP VPN ...555 Application Patrol ...559 Anti-Virus ...585 IDP ...601 ADP ...637 ZyWALL USG 300 User's Guide 9
User Guide
Page 10
Contents Overview Content Filtering ...659 Content Filter Reports ...683 Anti-Spam ...691 Device HA ...709 User/Group ...731 Addresses ...747 Services ...753 Schedules ...759 AAA Server ...765 Authentication Method ...775 Certificates ...781 ISP Accounts ...803 SSL Application ...807 Endpoint Security ...815 System ...825 Log and Report ...877 File Manager ...893 Diagnostics ...905 Reboot ...915 Shutdown ...917 Troubleshooting ...919 Product Specifications ...939 10 ZyWALL USG 300 User's Guide
Contents Overview Content Filtering ...659 Content Filter Reports ...683 Anti-Spam ...691 Device HA ...709 User/Group ...731 Addresses ...747 Services ...753 Schedules ...759 AAA Server ...765 Authentication Method ...775 Certificates ...781 ISP Accounts ...803 SSL Application ...807 Endpoint Security ...815 System ...825 Log and Report ...877 File Manager ...893 Diagnostics ...905 Reboot ...915 Shutdown ...917 Troubleshooting ...919 Product Specifications ...939 10 ZyWALL USG 300 User's Guide
User Guide
Page 11
... Table of Contents About This User's Guide ...3 Document Conventions...6 Safety Warnings...8 Contents Overview ...9 Table of Contents...11 Part I: User's Guide 31 Chapter 1 Introducing the ZyWALL ...33 1.1 Overview and Key Default Settings 33 1.2 Rack-mounted Installation 33 1.2.1 Rack-Mounted Installation Procedure 34 1.3 Front Panel ...35 1.3.1 Front Panel LEDs ...35 1.4... Device HA ...45 Chapter 3 Web Configurator...47 3.1 Web Configurator Requirements 47 3.2 Web Configurator Access ...47 3.3 Web Configurator Screens Overview 49 3.3.1 Title Bar ...50 ZyWALL USG 300 User's Guide 11
... Table of Contents About This User's Guide ...3 Document Conventions...6 Safety Warnings...8 Contents Overview ...9 Table of Contents...11 Part I: User's Guide 31 Chapter 1 Introducing the ZyWALL ...33 1.1 Overview and Key Default Settings 33 1.2 Rack-mounted Installation 33 1.2.1 Rack-Mounted Installation Procedure 34 1.3 Front Panel ...35 1.3.1 Front Panel LEDs ...35 1.4... Device HA ...45 Chapter 3 Web Configurator...47 3.1 Web Configurator Requirements 47 3.2 Web Configurator Access ...47 3.3 Web Configurator Screens Overview 49 3.3.1 Title Bar ...50 ZyWALL USG 300 User's Guide 11
User Guide
Page 12
... 92 Chapter 6 Configuration Basics...93 6.1 Object-based Configuration 93 6.2 Zones, Interfaces, and Physical Ports 94 6.2.1 Interface Types ...95 6.2.2 Default Interface and Zone Configuration 96 12 ZyWALL USG 300 User's Guide Scenario 83 5.5.1 VPN Express Wizard - Scenario 87 5.5.5 VPN Advanced Wizard - Configuration 84 5.5.2 VPN Express Wizard -
... 92 Chapter 6 Configuration Basics...93 6.1 Object-based Configuration 93 6.2 Zones, Interfaces, and Physical Ports 94 6.2.1 Interface Types ...95 6.2.2 Default Interface and Zone Configuration 96 12 ZyWALL USG 300 User's Guide Scenario 83 5.5.1 VPN Express Wizard - Scenario 87 5.5.5 VPN Advanced Wizard - Configuration 84 5.5.2 VPN Express Wizard -
User Guide
Page 13
...23 Anti-Spam ...111 6.5.24 Device HA ...111 6.6 Objects ...112 6.6.1 User/Group ...112 6.7 System ...113 6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-in the ZyWALL 97 6.4 Packet Flow ...98 6.4.1 ZLD 2.20 Packet Flow Enhancements 98 6.4.2 Routing Table Checking Flow Enhancements 99 6.4.3 NAT Table Checking Flow 100 6.5 Feature Configuration Overview 101... File Manager ...114 6.7.4 Diagnostics ...114 6.7.5 Shutdown ...114 Chapter 7 Tutorials ...117 7.1 How to Configure Interfaces, Port Grouping, and Zones 117 7.1.1 Configure a WAN Ethernet Interface 118 ZyWALL USG 300 User's Guide 13
...23 Anti-Spam ...111 6.5.24 Device HA ...111 6.6 Objects ...112 6.6.1 User/Group ...112 6.7 System ...113 6.7.1 DNS, WWW, SSH, TELNET, FTP, SNMP, Dial-in the ZyWALL 97 6.4 Packet Flow ...98 6.4.1 ZLD 2.20 Packet Flow Enhancements 98 6.4.2 Routing Table Checking Flow Enhancements 99 6.4.3 NAT Table Checking Flow 100 6.5 Feature Configuration Overview 101... File Manager ...114 6.7.4 Diagnostics ...114 6.7.5 Shutdown ...114 Chapter 7 Tutorials ...117 7.1 How to Configure Interfaces, Port Grouping, and Zones 117 7.1.1 Configure a WAN Ethernet Interface 118 ZyWALL USG 300 User's Guide 13
User Guide
Page 14
... a DMZ to LAN Firewall Rule for SIP 175 7.14 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic 176 14 ZyWALL USG 300 User's Guide
... a DMZ to LAN Firewall Rule for SIP 175 7.14 How to Use Multiple Static Public WAN IP Addresses for LAN to WAN Traffic 176 14 ZyWALL USG 300 User's Guide
User Guide
Page 15
... How to Use Active-Passive Device HA 177 7.15.1 Before You Start ...178 7.15.2 Configure Device HA on the Master ZyWALL 179 7.15.3 Configure the Backup ZyWALL 181 7.15.4 Deploy the Backup ZyWALL 183 7.15.5 Check Your Device HA Setup 183 Chapter 8 L2TP VPN Example ...185 8.1 L2TP VPN Example ...185 8.2 Configuring the Default... You Can Do in this Chapter 239 10.2 The Port Statistics Screen 240 10.2.1 The Port Statistics Graph Screen 242 10.3 Interface Status Screen 243 ZyWALL USG 300 User's Guide 15
... How to Use Active-Passive Device HA 177 7.15.1 Before You Start ...178 7.15.2 Configure Device HA on the Master ZyWALL 179 7.15.3 Configure the Backup ZyWALL 181 7.15.4 Deploy the Backup ZyWALL 183 7.15.5 Check Your Device HA Setup 183 Chapter 8 L2TP VPN Example ...185 8.1 L2TP VPN Example ...185 8.2 Configuring the Default... You Can Do in this Chapter 239 10.2 The Port Statistics Screen 240 10.2.1 The Port Statistics Graph Screen 242 10.3 Interface Status Screen 243 ZyWALL USG 300 User's Guide 15
User Guide
Page 16
... 12.2 The Antivirus Update Screen 290 12.3 The IDP/AppPatrol Update Screen 291 12.4 The System Protect Update Screen 293 Chapter 13 Interfaces ...295 16 ZyWALL USG 300 User's Guide
... 12.2 The Antivirus Update Screen 290 12.3 The IDP/AppPatrol Update Screen 291 12.4 The System Protect Update Screen 293 Chapter 13 Interfaces ...295 16 ZyWALL USG 300 User's Guide
User Guide
Page 17
... 13.1.2 What You Need to Know 296 13.2 Port Grouping ...299 13.2.1 Port Grouping Overview 299 13.2.2 Port Grouping Screen 299 13.3 Ethernet Summary Screen 300 13.3.1 Ethernet Edit ...302 13.3.2 Object References 309 13.4 PPP Interfaces ...310 13.4.1 PPP Interface Summary 311 13.4.2 PPP Interface Add or Edit 313 13... to Know 370 14.2 The Trunk Summary Screen 374 14.3 Configuring a Trunk ...375 14.4 Trunk Technical Reference 377 Chapter 15 Policy and Static Routes ...379 ZyWALL USG 300 User's Guide 17
... 13.1.2 What You Need to Know 296 13.2 Port Grouping ...299 13.2.1 Port Grouping Overview 299 13.2.2 Port Grouping Screen 299 13.3 Ethernet Summary Screen 300 13.3.1 Ethernet Edit ...302 13.3.2 Object References 309 13.4 PPP Interfaces ...310 13.4.1 PPP Interface Summary 311 13.4.2 PPP Interface Add or Edit 313 13... to Know 370 14.2 The Trunk Summary Screen 374 14.3 Configuring a Trunk ...375 14.4 Trunk Technical Reference 377 Chapter 15 Policy and Static Routes ...379 ZyWALL USG 300 User's Guide 17
User Guide
Page 18
....1 NAT Overview ...419 19.1.1 What You Can Do in this Chapter 419 19.1.2 What You Need to Know 420 19.2 The NAT Screen ...420 18 ZyWALL USG 300 User's Guide
....1 NAT Overview ...419 19.1.1 What You Can Do in this Chapter 419 19.1.2 What You Need to Know 420 19.2 The NAT Screen ...420 18 ZyWALL USG 300 User's Guide
User Guide
Page 19
... Services 452 23.2.2 Creating/Editing an Authentication Policy 453 Chapter 24 Firewall...457 24.1 Overview ...457 24.1.1 What You Can Do in this Chapter 457 ZyWALL USG 300 User's Guide 19
... Services 452 23.2.2 Creating/Editing an Authentication Policy 453 Chapter 24 Firewall...457 24.1 Overview ...457 24.1.1 What You Can Do in this Chapter 457 ZyWALL USG 300 User's Guide 19
User Guide
Page 20
... Screens ...531 27.1 Overview ...531 27.1.1 What You Need to Know 531 27.2 Remote User Login ...532 27.3 The SSL VPN User Screens 537 20 ZyWALL USG 300 User's Guide
... Screens ...531 27.1 Overview ...531 27.1.1 What You Need to Know 531 27.2 Remote User Login ...532 27.3 The SSL VPN User Screens 537 20 ZyWALL USG 300 User's Guide
User Guide
Page 21
... a File or Folder 548 29.6 Deleting a File or Folder 548 29.7 Uploading a File ...549 Chapter 30 ZyWALL SecuExtender...551 30.1 The ZyWALL SecuExtender Icon 551 30.2 Statistics ...552 30.3 View Log ...553 30.4 Suspend and Resume the Connection 553 30.5... Stop the Connection ...554 30.6 Uninstalling the ZyWALL SecuExtender 554 Chapter 31 L2TP VPN...555 31.1 Overview ...555 31.1.1 What You Can Do in this Chapter 555... You Need to Know 560 32.1.3 Application Patrol Bandwidth Management Examples 565 ZyWALL USG 300 User's Guide 21
... a File or Folder 548 29.6 Deleting a File or Folder 548 29.7 Uploading a File ...549 Chapter 30 ZyWALL SecuExtender...551 30.1 The ZyWALL SecuExtender Icon 551 30.2 Statistics ...552 30.3 View Log ...553 30.4 Suspend and Resume the Connection 553 30.5... Stop the Connection ...554 30.6 Uninstalling the ZyWALL SecuExtender 554 Chapter 31 L2TP VPN...555 31.1 Overview ...555 31.1.1 What You Can Do in this Chapter 555... You Need to Know 560 32.1.3 Application Patrol Bandwidth Management Examples 565 ZyWALL USG 300 User's Guide 21
User Guide
Page 22
... ...617 34.7 Introducing IDP Custom Signatures 619 34.7.1 IP Packet Header 619 34.8 Configuring Custom Signatures 620 34.8.1 Creating or Editing a Custom Signature 622 22 ZyWALL USG 300 User's Guide
... ...617 34.7 Introducing IDP Custom Signatures 619 34.7.1 IP Packet Header 619 34.8 Configuring Custom Signatures 620 34.8.1 Creating or Editing a Custom Signature 622 22 ZyWALL USG 300 User's Guide