Need VPN? We got your back covered!
The demand for remote access VPN is growing more and more, and Home-Office setups are becoming more relevant to all IT-based employees - this trend becomes obvious especially in times where travel and public life is restricted (e.g. in the 2019/2020 CoViD-19-pandemic).
To cover this demand and to give you insight on what scenario to setup and how to do so, we from Zyxel want to be one step ahead of the curve and offer you an comprehensive guideline to help you find the right VPN setup as well as hint you toward useful knowledgebase-articles to get your VPN setup up and running as quickly and as efficient as possible.
Table of Contents
- Choosing the right VPN for your Roadwarrior / Home-Office setup
- SSL VPN
- L2TP over IPSec VPN
- IPSec VPN
- Resources & Downloads
Choosing the right VPN for your Roadwarrior / Home-Office setup
When it comes to remote VPN, there are three major VPN clients which Zyxel support to choose from:
- IPSec VPN (ZyWall IPSEC VPN Client / SecuExtender v3.8.X.X)
- L2TP over IPSec VPN (built-in Windows, Android and MacOS Client)
- SSL VPN (SecuExtender v4.0.2.0 & v4.0.3.0 )
All of these clients have different security levels and advantages:
- L2TP over IPSec VPN mostly is not as secure as the IPSec Client (but still secure for bigger companies to fully rely on, so do not worry), but is supported by nearly all client platforms without additional client software and/or license needed
- SSL VPN is more flexible than the others due to using the standard SSL/HTTPS Port (avoiding potentially blocked ports by local internet service provider)
- IPSec VPN via the ZyWall IPSec VPN Client offers the most sophisticated setup in terms of security settings (but requires an paid license for Windows machines and cannot be set properly with an Active Directory)
You may have already received guidelines/instructions from your employer or client, which VPN type is to be used or established. The guidelines below shall help you in finding the setting up the right product for your needs and help you with upcoming challenges!
Let's use this opportunity to make your home-office-setup a true success story!
SSL VPN (via SecuExtender software client)
SSL VPN is a VPN setup which uses the SecuExtender software. It's major benefit is that it runs via SSL / HTTPS, so its first of all very secure. Another benefit is, that the standard HTTPS port rarely is blocked in any kind of setup, because this is the port used for normal VPN, meaning that it is very flexible in avoiding blocked ports. It's capability to be combined with an Active Directory user-database makes it a staple in the VPN setups.
- If you have problems getting your client licenses to run on your USG, check these articles:
- Activating and linking licenses to your Zyxel Device (e.g. linking SSL VPN license client license to USG)
- How to setup DNS on a USG (In case "Service License Refresh" on Zyxel Firewall is not properly working)
- I cannot link my SSL client license on my ZyWall USG on myZyxel!
- SecuExtender for macOS Big Sur 11.0
- If you have problems with setting up SSL VPN, please have a look at these articles:
- If you have setup SSL VPN, but encountering issues, take a look at these articles:
L2TP over IPSec VPN
L2TP VPN at its core is quite an old standard, but still remains a legit option for big VPN setups these days. Using a technology which combines L2TP over the newer IPSec VPN standard, it is ultra-flexible platform wise, since all common platforms offer integrated L2TP-client software/drivers. Also, L2TP over IPSec VPN can be easily linked to an Active Directory, which makes it especially useful for big company setups.
- Setups & Basic Tutorials:
- VPN - Configure L2TP over IPSec for Windows, MacOS X & iPhone iOS
- VPN - Configure L2TP Client Configuration using Android, iOS, Windows & Linux Ubuntu
- Creating a L2TP over IPSec VPN-Tunnel on your Nebula-Security Gateway (NSG)
- VPN - Configure IPSec Site-to-Site VPN behind a NAT router
- Virtual Lab - End-to-Site VPN (L2TP)
- More sophisticated/special scenarios:
- Debugging/Analyzing setup issues:
IPSec VPN
IPSec VPN is the old standard when it comes to flexibility in encryption of the VPN Tunnel - at least when using proper client software. IPSec VPN using the ZyWall IPSec VPN Client is very flexible in setting up encryption algorithms and can provide the perfect compromise between payload and security that you need for your network. Unlike L2TP over IPSec VPN, IPSec VPN by default does not push all client traffic through the VPN tunnel, which is great if you seek to access business-related resources, but do not want to load your VPN Tunnel with the client related traffic toward the internet.
- Setups & Basic Tutorials:
- More sophisticated/special scenarios:
- Debugging/Analyzing setup issues:
Resources & Downloads
- SecuExtender SSL VPN software and ZyWall IPSec VPN Client download
For further information, please check our VPN solutions page: https://www.zyxel.com/products_services/VPN-Client-Software-SecuExtender-Software/
+++ You can buy licenses for your Zyxel VPN clients (SSL VPN, IPsec) with immediate delivery by 1-click: Zyxel Webstore +++
Comments
0 commentsPlease sign in to leave a comment.