ZyXEL Communications ZYWALL 5

Other manuals for ZyXEL Communications ZYWALL 5

Support Notes305 pages

Quick Start Guide19 pages

Specifications2 pages

Questions and Answers

T
Thomas AndersonSep 12, 2025
Why can't my ZyXEL Communications Gateway get a WAN IP address from my ISP?
- S
  Sally AlvarezSep 12, 2025
  If you cannot get a WAN IP address from your ISP with the ZyXEL Communications Gateway, the ISP provides the WAN IP address after authentication which may require a username and password, MAC address, or host name. If using PPPoE or PPTP, ensure you have the correct Service Type, User Name, and Password, noting that these are case-sensitive. If your ISP requires MAC address authentication, clone your computer's MAC address as the ZyWALL's WAN MAC address. If host name authentication is needed, configure your computer's name as the ZyWALL's system name.
E
Emily WallerAug 25, 2025
What to do if I cannot establish a VPN connection with my ZyXEL Communications ZYWALL 5?
- L
  Lucas GrahamAug 25, 2025
  If you cannot establish a VPN connection with your ZyXEL Communications Firewall, ensure that both the ZyWALL and the remote IPSec router are using the same VPN settings. You can configure advanced settings by clicking VPN in the navigation panel. Also, verify that you have a working Internet connection by accessing a website.
K
Kimberly SuarezAug 27, 2025
Why won't any of the LEDs turn on on my ZyXEL Communications ZYWALL 5?
- D
  dcherryAug 27, 2025
  If none of the LEDs on your ZyXEL Communications Firewall turn on, ensure that the power adapter is properly connected to the ZyWALL and plugged into a working power source. Verify all cable connections. If the LEDs still do not turn on after checking the power and connections, it may indicate a hardware problem.
D
Dr. James HoltAug 27, 2025
Why can't my ZyXEL Communications Firewall get a WAN IP address from my ISP?
- J
  Julian KnightAug 28, 2025
  If your ZyXEL Communications Firewall cannot obtain a WAN IP address from your ISP, it may be due to the ISP verifying the MAC address, host name, or user ID. Determine the verification method used by your ISP and configure the corresponding fields accordingly. If the ISP checks the WAN MAC address, clone the MAC address from a LAN computer by going to WAN, then the WAN tab, selecting 'Spoof WAN MAC Address,' and entering the IP address of the computer on the LAN you are cloning. If the ISP checks the host name, enter your computer’s name in the System Name field in the MAINTENANCE General screen. If the ISP checks the user ID, go to WAN, then the WAN tab, and verify your service type, user name, and password.
J
Justin GonzalezAug 29, 2025
What to do if I cannot access the Internet using my ZyXEL Communications Firewall?
- W
  warnoldAug 29, 2025
  If you cannot access the Internet through your ZyXEL Communications Firewall, check the connection between the ZyWALL and your cable/DSL device. Also, verify your settings by clicking WAN.
C
Cindy CastanedaAug 30, 2025
How to fix ZyXEL Communications ZYWALL 5 when it cannot ping any computer on the LAN?
- P
  Pamela HendersonAug 31, 2025
  If you cannot ping any computer on the LAN and the 10/100M LAN/DMZ LEDs are off, check the cable connections between the ZyXEL Communications Firewall and your LAN computers. Verify that the IP address and subnet mask of the ZyWALL and the LAN computers are in the same IP address range.
J
Jennifer RussellNov 22, 2025
How to troubleshoot LAN access issues with my ZyXEL Communications Firewall?
- S
  Scott SchultzNov 22, 2025
  If you cannot access the ZyWALL Firewall from the LAN, check the cable connection between the ZyWALL and your computer or hub. You can also ping the ZyWALL from a LAN computer to test the connection. To do this, open the Command Prompt and type "ping" followed by the ZyWALL’s LAN IP address (default is 192.168.1.1). If you've forgotten the ZyWALL’s password, use the RESET button. Press it for about 10 seconds (until the SYS LED blinks), then release. It returns the ZyWALL to the factory defaults (password is 1234, LAN IP address 192.168.1.1 etc.). If you’ve forgotten the ZyWALL’s LAN or WAN IP address, you can check the IP address in the SMT via the console port. Connect your computer to the CONSOLE port using a console cable. Your computer should have a terminal emulation communications p...
M
Michael JosephSep 14, 2025
What is the default password for ZyXEL Communications Gateway and how to reset it?
- B
  bhernandezSep 14, 2025
  If you cannot access the ZyXEL Communications Gateway, remember that the default password is “1234”, and the password field is case sensitive. If you still cannot access the device, use the Reset button to restore the factory default configuration file, which will restore all factory defaults, including the password.
A
austinwashingtonSep 9, 2025
How to access the ZyXEL Communications Gateway via the console port?
- M
  Marcus PalmerSep 9, 2025
  First, check that the ZyXEL Communications Gateway is properly connected to your computer’s console port. Next, ensure your communications program is correctly configured with VT100 terminal emulation, no parity, 8 data bits, 1 stop bit, and data flow set to none. The default speed is 9600 bps, but try other speeds in case it has been changed.
G
gsmithSep 6, 2025
What to do if none of the LEDs turn on when I turn on my ZyXEL Communications Gateway?
- J
  Joshua OrtizSep 6, 2025
  First, ensure the included power adapter or cord is correctly connected to both the ZyXEL Communications Gateway and a working power source. If the issue persists, replace the fuse if it's burnt out. If the problem continues after these steps, it may indicate a hardware problem, and you should contact your vendor.

Summary

Safety Warnings

Chapter 1 Getting to Know Your ZyWALL

1.1 ZyWALL 5 Internet Security Appliance Overview

Overview of the ZyWALL 5's features and applications, including VPN, firewall, and content filtering.

CHAPTER 2 Introducing the Web Configurator

2.2 Accessing the ZyWALL Web Configurator

Step-by-step guide on how to connect to the ZyWALL's web interface.

2.3 Resetting the ZyWALL

Procedure for restoring factory default configuration or using the reset button.

2.4 Navigating the ZyWALL Web Configurator

CHAPTER 3 Wizard Setup

3.2 Internet Access

Configuration of Internet access based on encapsulation type (Ethernet, PPTP, PPPoE).

3.3 VPN Wizard

Screens for configuring VPN rules using pre-shared keys and IKE settings.

Chapter 4 LAN Screens

4.2 DHCP Setup

Configuration of the ZyWALL as a DHCP server or disabling the service.

4.3 LAN TCP;IP

Configuration of LAN parameters including IP address, subnet mask, and RIP.

4.6 Configuring Static DHCP

4.7 Configuring IP Alias

4.8 Configuring Port Roles

Chapter 5 Bridge Screens

5.3 Configuring Bridge

Setting the ZyWALL to function as a bridge.

5.4 Configuring Port Roles

Chapter 6 Wireless LAN

6.2 Wireless Security

Importance of wireless security for protecting communication between stations and access points.

6.4 WEP Encryption

6.5 802.1 x Overview

Enhanced security methods for authentication and encryption key management.

6.7 Introduction to WPA

Overview of Wi-Fi Protected Access (WPA) for improved security and data encryption.

6.9 WPA with RADIUS Application Example

6.11 Configuring Wireless LAN

Steps to configure wireless LAN settings like ESSID and WEP.

6.12 Configuring MAC Filter

Configuring the ZyWALL to grant or deny access based on MAC addresses.

CHAPTER 7 WAN Screens

7.1 WAN Overview

7.4 Configuring WAN Setup

Configuring WAN ISP, IP, and MAC settings.

7.5 Traffic Redirect

7.7 Configuring Dial Backup

Configuring Dial Backup settings for an alternate WAN connection.

CHAPTER 8 DMZ Screens

8.1 DMZ Overview

8.2 Configuring DMZ

Configuring DMZ port and associated computers with private or public IP addresses.

8.3 Configuring IP Alias

8.6 Configuring Port Roles

CHAPTER 9 Firewalls

9.2 Types of Firewalls

Description of Packet Filtering, Application-level, and Stateful Inspection firewalls.

9.3 Introduction to ZyXEL’s Firewall

Introduction to the ZyWALL's stateful inspection firewall capabilities.

9.4 Denial of Service

Information on Denials of Service (DoS) attacks and ZyWALL's detection methods.

9.5 Stateful Inspection

How stateful inspection works and how the ZyWALL implements it.

9.6 Guidelines For Enhancing Security With Your Firewall

Chapter 10 Firewall Screens

10.2 Firewall Policies Overview

10.3 Rule Logic Overview

Study points for configuring firewall rules effectively.

10.6 Configuring Firewall

Steps to enable and configure the firewall.

10.9 Anti-Probing

10.10 DoS Thresholds

Setting thresholds to detect and mitigate Denial of Service (DoS) attacks.

Chapter 11 Content Filtering Screens

11.1 Content Filtering Overview

11.2 General Content Filter Configuration

Enabling content filtering, configuring schedules, and creating denial messages.

11.4 Categories and Registering

11.5 Customization

11.6 Customizing Keyword Blocking URL Checking

Chapter 12 Content Filtering Registration and Reports

12.2 myZyXEL.com Account Registration

12.3 Registering Your ZyXEL Device

Procedure to log in and register your ZyXEL device.

12.4 Content Filtering Registration

Registering for content filtering service via web configurator.

12.5 Checking Content Filtering Activation

CHAPTER 13 Introduction to IPSec

13.1 VPN Overview

Secure communication between sites using tunneling, encryption, and authentication.

13.3 Encapsulation

13.4 IPSec and NAT

Chapter 14 VPN Screens

14.1 VPN;IPSec Overview

14.2 IPSec Algorithms

Explanation of ESP and AH protocols and their role in IPSec VPNs.

14.4 Remote Gateway Address

Specifying the WAN IP address or domain name of the remote IPSec router.

14.5 Nailed Up

14.6 NAT Traversal

Setting up a VPN connection when NAT routers are between IPSec routers.

14.7 ID Type and Content

14.8 IKE Phases

Explanation of the two phases of IKE negotiation: Authentication and Key Exchange.

14.9 X-Auth (Extended Authentication)

14.12 IKE VPN Rule Summary Screen

Displaying and managing IPSec rules (tunnels) and gateway policies.

14.13 Manual VPN Rule Summary Screen

14.16 Telecommuter VPN;IPSec Examples

CHAPTER 15 Certificates

15.1 Certificates Overview

15.4 My Certificates

Viewing summary list of certificates and certification requests.

15.6 Importing a Certificate

Instructions for saving an existing certificate to the ZyWALL.

15.7 Creating a Certificate

Generating a self-signed certificate, enrolling with CA, or creating a request.

15.8 My Certificate Details

15.9 Trusted CAs

15.10 Importing a Trusted CA’s Certificate

Saving a trusted certification authority’s certificate to the ZyWALL.

15.13 Verifying a Trusted Remote Host’s Certificate

15.14 Importing a Trusted Remote Host’s Certificate

Saving a trusted host's certificate to the ZyWALL.

CHAPTER 16 Authentication Server

16.1 Authentication Server Overview

Using local user database or external RADIUS server for VPN authentication.

16.2 Local User Database

16.4 Configuring Local User Database

Changing ZyWALL's local user list.

16.5 Configuring RADIUS

Setting up ZyWALL's RADIUS server settings.

CHAPTER 17 Network Address Translation (NAT)

17.1 NAT Overview

Understanding NAT, its definitions, and how it works.

17.2 Using NAT

Applying NAT and understanding SUA versus Full Feature NAT.

17.3 Configuring NAT Overview

17.4 Configuring Address Mapping

Creating and ordering address mapping rules for NAT.

17.5 Port Forwarding

Setting up port forwarding for servers behind NAT.

17.6 Configuring Port Forwarding

17.7 Configuring Trigger Port

Configuring trigger port rules for WAN port traffic.

CHAPTER 18 Static Route

18.2 Configuring IP Static Route

Configuring IP static routes in the IP Static Route screen.

CHAPTER 19 Bandwidth Management

19.1 Bandwidth Management Overview

Allocating outgoing capacity to specific traffic types for minimum delay.

19.2 Bandwidth Classes and Filters

Using classes and sub-classes to allocate bandwidth capacity and budgets.

19.5 Subnet-based Bandwidth Management

19.6 Application and Subnet-based Bandwidth Management

19.8 Maximize Bandwidth Usage

Dividing available bandwidth among classes that require more bandwidth.

19.9 Bandwidth Borrowing

19.11 Configuring Class Setup

Setting up bandwidth classes by individual interface.

CHAPTER 20 DNS

20.1 DNS Overview

20.2 DNS Server Address Assignment

Methods for obtaining DNS server addresses from ISP or manual entry.

20.3 DNS Servers

20.6 The System Screen

Configuring ZyWALL's DNS address and name server records.

20.8 Configure DNS Cache

20.9 Configuring DNS LAN

20.10 Dynamic DNS

Updating dynamic IP address with dynamic DNS services for domain name access.

20.11 Configuring Dynamic DNS

Changing ZyWALL's DDNS settings via the DDNS tab.

CHAPTER 21 Remote Management

21.1 Remote Management Overview

Determining which services/protocols can access ZyWALL interfaces from remote computers.

21.2 Introduction to HTTPS

21.4 HTTPS Example

Procedure for accessing ZyWALL via HTTPS, including browser warnings.

21.5 SSH Overview

21.8 Configuring SSH

Changing ZyWALL's Secure Shell settings.

21.9 Secure Telnet Using SSH Examples

21.11 Telnet

21.13 Configuring FTP

Uploading and downloading firmware and configuration files using FTP.

21.14 Configuring SNMP

21.15 Configuring DNS

Configuring DNS settings for mapping domain names to IP addresses.

CHAPTER 22 UPnP

22.1 Universal Plug and Play Overview

22.3 Configuring UPnP

Steps to display and configure UPnP settings.

22.4 Displaying UPnP Port Mapping

22.5 Installing UPnP in Windows Example

22.6 Using UPnP in Windows XP Example

How to use the UPnP feature in Windows XP.

CHAPTER 23 Logs Screens

23.1 Configuring View Log

Viewing all ZyWALL logs in one location.

23.3 Configuring Log Settings

Configuring log settings for sending logs and alerts via e-mail or syslog.

23.4 Configuring Reports

CHAPTER 24 Maintenance

24.2 General Setup

24.3 Configuring Password

Changing the ZyWALL's password for enhanced security.

24.5 Configuring Time and Date

Configuring ZyWALL's time and date based on local time zone.

24.8 Configuring Device Mode

24.9 F;W Upload Screen

Procedure for uploading firmware and configuration files via FTP/TFTP.

24.10 Configuration Screen

Information related to factory defaults, backup, and restoring configuration.

CHAPTER 25 Introducing the SMT

25.2 Accessing the SMT via the Console Port

Steps to access SMT menus via console port with communication software.

25.3 Navigating the SMT Interface

25.4 Changing the System Password

Procedure for changing the system password.

25.5 Resetting the ZyWALL

CHAPTER 26 SMT Menu 1 - General Setup

26.2 Configuring General Setup

Filling in required fields for System Name, Domain Name, and Device Mode.

CHAPTER 27 WAN and Dial Backup Setup

27.1 Introduction to WAN and Dial Backup Setup

27.2 WAN Setup

27.3 Dial Backup

Using the Dial Backup port as a reserve connection when WAN fails.

27.4 Configuring Dial Backup in Menu 2

27.6 Remote Node Profile (Backup ISP)

27.8 Editing TCP;IP Options

27.9 Editing Login Script

CHAPTER 28 LAN Setup

28.1 Introduction to LAN Setup

28.3 LAN Port Filter Setup

28.4 TCP;IP and DHCP Ethernet Setup Menu

Configuring TCP/IP and DHCP Ethernet setup.

28.4.1 IP Alias Setup

28.5 Wireless LAN Setup

Setting up ZyWALL as a wireless access point.

28.5.1 MAC Address Filter Setup

CHAPTER 29 Internet Access

29.1 Introduction to Internet Access Setup

Setting up ZyWALL to access the Internet using ISP information.

29.3 Configuring the PPTP Client

Configuring PPTP client with My Login, Password, and PPTP parameters.

29.4 Configuring the PPPoE Client

CHAPTER 30 DMZ Setup

30.1 Configuring DMZ Setup

30.2 DMZ Port Filter Setup

30.3 TCP;IP Setup

Configuring TCP/IP settings for DMZ, including IP address and RIP.

30.6 Configuring Port Roles

CHAPTER 34 Introducing the ZyWALL Firewall

34.1 Using ZyWALL SMT Menus

CHAPTER 35 Filter Configuration

35.1 Introduction to Filters

35.2 Configuring a Filter Set

Grouping related rules into a single set with a descriptive name.

35.4 Filter Types and NAT

35.6 Applying a Filter

Applying designed filters to ports for traffic control.

CHAPTER 36 SNMP Configuration

36.1 SNMP Configuration

Configuring SNMP settings for network management.

36.2 SNMP Traps

CHAPTER 37 System Information & Diagnosis

37.2 System Status

37.3 System Information and Console Port Speed

37.4 Log and Trace

Information on error logs and trace records stored locally.

37.5 Diagnostic

Diagnostic tests to evaluate system performance.

CHAPTER 38 Firmware and Configuration File Maintenance

38.1 Introduction

38.3 Backup Configuration

Backing up the current ZyWALL configuration to a computer.

38.4 Restore Configuration

Uploading a new or previously saved configuration file.

38.5 Uploading Firmware and Configuration Files

Procedures for uploading firmware and configuration files via FTP/TFTP.

CHAPTER 39 System Maintenance Menus 8 to 10

39.1 Command Interpreter Mode

39.3 Time and Date Setting

Updating ZyWALL's time and date settings based on local time zone.

CHAPTER 40 Remote Management

40.1 Remote Management

Determining services/protocols and interfaces for remote access.

40.1.2 Remote Management and NAT

40.2 Introduction to HTTPS

40.4 HTTPS Example

40.5 SSH Overview

40.8 Configuring SSH

Changing ZyWALL's Secure Shell settings.

40.9 Secure Telnet Using SSH Examples

40.11 Telnet

40.13 Configuring FTP

40.14 Configuring SNMP

40.15 Configuring DNS

Configuring DNS settings for mapping domain names to IP addresses.

CHAPTER 41 Call Scheduling

41.2 Remote Node Setup

41.3 Remote Node Profile Setup

41.5 Remote Node Filter

41.6 Traffic Redirect

CHAPTER 42 Troubleshooting

42.1 Problems Starting Up the ZyWALL

Troubleshooting steps for issues when starting up the ZyWALL.

42.2 Problems with the LAN Interface

Troubleshooting steps for issues with LAN connectivity.

42.3 Problems with the DMZ Interface

42.4 Problems with the WAN Interface

42.5 Problems with Internet Access

Steps to resolve issues with accessing the Internet.

42.6 Problems with Remote Management

42.7 Problems Accessing the ZyWALL

Resolving issues with accessing the ZyWALL via web browser.

APPENDIX C IP Subnetting

IP Addressing

Subnet Masks

Subnetting

Ignoring class arrangement of IP address for subnetting.

APPENDIX D PPPoE

PPPoE in Action

Benefits of PPPoE

How PPPoE Works

ZyWALL as a PPPoE Client

How ZyWALL as PPPoE client alleviates administrator management of PPPoE clients.

APPENDIX E PPTP

What is PPTP?

PPTP Protocol Overview

APPENDIX H SIP Passthrough

SIP

SIP Call Progression

SIP User Agent Server

SIP ALG

SIP Application Layer Gateway (ALG) for VoIP calls passing through NAT.

SIP ALG and NAT

SIP ALG and Firewall

Enabling;Disabling the SIP ALG

APPENDIX I VPN Setup

General Notes

Dynamic IPSec Rule

Full Feature NAT Mode

Mapping VPN rule's local policy addresses to a public IP address.

VPN Configuration

Example of VPN rule configuration using the web configurator.

VPN Troubleshooting

Troubleshooting common IPSec tunnel build problems.

APPENDIX L Firewall Commands

Firewall Set-Up

Commands to turn the firewall on or off, retrieve, or save settings.

Display

E-mail

Attack

Sets

APPENDIX M NetBIOS Filter Commands

NetBIOS Filter Configuration

Configuring NetBIOS filters for various traffic directions and connections.

APPENDIX N Certificates Commands

my_cert

Commands for creating self-signed, request, or SCEP enrolled certificates.

ca_trusted

remote_trusted

Commands to import, export, view, verify, delete, list, and rename trusted remote host certificates.

dir_server

APPENDIX O Brute-Force Password Guessing Protection

Brute-force password guessing protection commands

Commands for enabling, disabling, and configuring password protection.

APPENDIX Q Log Descriptions

System Maintenance Logs

System Error Logs

Descriptions of system error log messages.

Access Control Logs

TCP Reset Logs

UPnP Logs

Content Filtering Logs

Descriptions of log messages related to content filtering.

Attack Logs

Descriptions of log messages related to detected attacks.

Remote Management Logs

IPSec Logs

Descriptions of log messages related to IPSec tunnel status.

IKE Logs

Log Commands

Commands for loading, viewing, and clearing logs.