ZyXEL Communications USG Series Vpn Configuration Manual
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Firewall
  5. USG Series
  6. Vpn configuration manual

ZyXEL Communications USG Series Vpn Configuration Manual

Equinux vpn tracker 365
Hide thumbs Also See for USG Series:
Table of Contents

Advertisement

Quick Links

Download this manual
 
 
 
 
 
VPN Configuration Guide 
Zyxel  
 
USG Series, USG Flex Series,​ ​ Z yWALL VPN Firewalls, ZyWALL ATP Firewalls
 
 
 

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications USG Series

Summary of Contents for ZyXEL Communications USG Series

  • Page 1           VPN Configuration Guide  Zyxel     USG Series, USG Flex Series,​ ​ Z yWALL VPN Firewalls, ZyWALL ATP Firewalls      ...
  • Page 2   © 2020 equinux AG and equinux USA, Inc. All rights reserved.  Under copyright law, this configuration guide may not be copied, in whole or in part, without the written consent of equinux AG or equinux USA, Inc. Your  rights to the software are governed by the accompanying software license agreement.  The equinux logo is a trademark of equinux AG and equinux USA, Inc., registered in the U.S.

  • Page 3: Table Of Contents

      Contents    Introduction  My VPN Gateway Configuration Checklist  Task 1 – VPN Gateway Configuration  Task 2 – VPN Tracker Configuration  Step 1 – Add a Connection  Step 2 – Configure the VPN Connection  Task Three - Testing the VPN connection  Connect to your VPN ...

  • Page 4: Introduction

      Introduction  My VPN Gateway Configuration Checklist  Throughout this guide, there are certain pieces of information that are needed later on for configuring VPN Tracker. This information is  marked with red numbers to make it easier to reference it later. You can print this checklist to help keep track of the various settings of  your ZyWALL USG VPN gateway device.  ...

  • Page 5: Task 1 - Vpn Gateway Configuration

      Task 1 – VPN Gateway Configuration  We will first set up VPN on the VPN gateway. If you already have VPN in place, it’s helpful to follow this tutorial to see how settings on the  device fit together with VPN Tracker.  Step 1 –...
  • Page 6   Step 2 – Create a VPN User  Go to ​ O bject​ > ​ U ser/Group ​ a nd switch to the ​ U ser ​ t ab. Then, click the ​ A dd​ button:  ➔   ( 3)  User Name​...
  • Page 7   Step 3 – Create an Authentication Method  Go to ​ O bject ​ > ​ Auth. Method ​ a nd click the​ Add ​ b utton:  ➔   Name​ : Enter a name for the new authentication method (here: ​ v pn_auth​ )   ➔...
  • Page 8   Step 4 – Set up Phase 1  Go to ​ V PN ​ > ​ IPsec VPN​ and switch to the ​ V PN Gateway ​ t ab. Click the ​ A dd​ button:  ➔   Click the ​ S how Advanced Settings​ button to be able to access all settings  ➔...
  • Page 9   Gateway Settings    My Address​ : Select ​ I nterface​ and select your primary ​ W AN​ network interface (here: ​ w an1​ ) from the pop-up menu  ➔ Peer Gateway Address​ : Select ​ D ynamic Address  ➔ Authentication ...
  • Page 10   Phase 1 Settings    SA Life Time​ : Leave the default of 86400 seconds  ➔ Negotiation Mode​ : Leave the default of ​ M ain Mode  ➔ Proposal​ : ​ ​ F or security reasons, we recommend changing the default proposal settings to use at least ​ 3 DES​ and ​ S HA-1​ (with the option of using ​ A ES-128​ and ​ S HA-1​ ) as  ➔...
  • Page 11   Extended Authentication      Select the​ Enable Extended Authentication ​ c heckbox  ➔ Server Mode​ : Choose ​ v pn_auth​ from the pop-up. If you do not see the vpn_auth entry here, you may have skipped​ Step 3 – Create an Authentication Method  ➔...
  • Page 12   Step 5 – Set up Phase 2  Switch to the ​ V PN Connection ​ t ab (under ​ V PN​ > ​ I PSec VPN​ ) and click the ​ A dd​ button:  ➔   Click the ​ S how Advanced Settings​ button to be able to access all settings  ➔...
  • Page 13   VPN Gateway    Application Scenario​ : Select ​ R emote Access (Server Role)  ➔ VPN Gateway​ : Choose the phase 1 (VPN gateway) setup you created in ​ S tep 4​ (here:​ vpn_tracker​ ) from the pop-up  ➔ Policy   ...
  • Page 14   Phase 2 Settings    SA Life Time​ : Leave the default of 86400 seconds  ➔ Active Protocol​ : Leave the default of ​ E SP  ➔ Encapsulation​ : Leave the default of ​ T unnel  ➔ Proposal​ : ​ ​ F or security reasons, we recommend changing the default proposal settings to use at least ​ 3 DES​ and ​ S HA-1​ (with the option of using ​ A ES-128​ and ​ S HA-1​ ) as  ➔...
  • Page 15   Related Settings    Make sure ​ A dd this VPN connection to IPSec_VPN zone​ is selected. This means that any security rules or settings configured for the IPSec_VPN zone will apply to this  ➔ VPN connection. ​ S ome devices may not have this option, ​ i n that case, please add the connection manually to ​ N etwork > Zone  It is not necessary to make any changes to the ​...

  • Page 16: Task 2 - Vpn Tracker Configuration

      Task 2 – VPN Tracker Configuration  After finishing task 1, you should now have a completed a configuration checklist containing your ZyWALL USG VPN gateway’s settings.  We will now create a matching configuration in VPN Tracker.   Step One: Add a connection   ...

  • Page 17: Task Three - Testing The Vpn Connection

      Task Three - Testing the VPN connection  In order to test your connection, you will need to connect from a different location.   For example, if you are setting up a VPN connection to your office, try it out at home, or from an Internet cafe, or go visit a friend.   ...

  • Page 18: Troubleshooting

      Troubleshooting  In case there’s a problem connecting, a yellow warning triangle will show up. Click the  yellow warning triangle to be taken to the log.     The log will explain exactly what the problem is. Follow the steps listed in the log.  TIP​...

This manual is also suitable for:

Usg flex series

Table of Contents