The demand for remote access VPN is growing more and more, and Home-Office setups are becoming more relevant to all IT-based employees - this trend becomes obvious especially in times where travel and public life is restricted (e.g. COVID-19).
To cover this demand and to give you insight on what scenario to set up and how to do so, we at Zyxel want to offer comprehensive guideline to help you find the right VPN setup as well as hint you toward useful articles to get your VPN setup up and running as quickly and as efficient as possible.
Table of Contents
- Choosing the right VPN for your Roadwarrior/Home-to-Office setup
- SSL VPN
- L2TP over IPSec VPN
- IPSec VPN
- Resources & Downloads
Choosing the right VPN for your Roadwarrior/Home-to-Office setup
When it comes to remote VPN access, there are three major VPN types supported by Zyxel to choose from:
- IPSec VPN (IKEv1/IKEv2)
- L2TP over IPSec VPN (IKEv1)
- SSL VPN
All of these vpn types have different security levels and advantages:
- L2TP over IPSec VPN mostly is not as secure as the IPSec Client (but still secure for bigger companies to fully rely on, so do not worry), but is supported by nearly all client platforms without additional client software and/or license needed
- SSL VPN is more flexible than the others due to using the standard HTTPS port (avoiding potentially blocked ports by local internet service provider)
- IPSec VPN offers a more sophisticated setup in terms of security settings (but may require a software client installation depending on IKE type and ciphers used)
You may have already received guidelines/instructions from your employer or client, which VPN type is to be used or established. The guidelines below shall help you in finding the setting up the right product for your needs and help you with upcoming challenges!
Let's use this opportunity to make your home-office-setup a true success story!
SSL VPN (via SecuExtender software client)
SSL VPN is a VPN setup which uses Zyxel's SecuExtender software. It's major benefit is that it runs via SSL/TLS protocol, so its first of all very secure. Another benefit is, that the standard HTTPS port rarely is blocked in any kind of setup, because this is the port used for normal VPN, meaning that it is very flexible in avoiding blocked ports. It's capability to be combined with an Active Directory user-database makes it a staple in the VPN setups.
Note: SSL VPN is limited to Windows and macOS running SecuExtender client software.
For help configuring an SSL VPN rule on your Zyxel device please use the instructions provided on the setup article below.
L2TP over IPSec VPN
L2TP VPN at its core is quite an old standard, but still remains a legit option for big VPN setups these days. Using a technology which combines L2TP over the IPSec VPN standard, it is ultra-flexible platform wise, since all common platforms offer integrated L2TP-client software/drivers. Also, L2TP over IPSec VPN can be easily linked to an Active Directory, which makes it especially useful for big company setups.
- Setups & Basic Tutorials:
- L2TP Client Setup:
IPSec VPN is the old standard when it comes to flexibility in encryption of the VPN Tunnel - at least when using proper client software. IPSec VPN using the ZyWall IPSec VPN Client is very flexible in setting up encryption algorithms and can provide the perfect compromise between payload and security that you need for your network. Unlike L2TP over IPSec VPN, IPSec VPN by default does not push all client traffic through the VPN tunnel, which is great if you seek to access business-related resources, but do not want to load your VPN Tunnel with the client related traffic toward the internet.
Setups & Basic Tutorials:
- [ZyWALL/USG] How to set up a Client-to-Site VPN (Mode Config/DHCP) connection using IKEv1
- [ZyWALL/USG] How to configure a User Based PSK VPN tunnel (Client-to-Site)
- [ZyWALL/USG] How to set up a Client-to-Site VPN (Configuration Payload/DHCP) connection using IKEv2
Resources & Downloads
- SecuExtender SSL VPN software download
- SecuExtender v184.108.40.206 (for Windows OS) – [Software] How to download and install the latest software version of SecuExtender for Windows OS
- SecuExtender v1.2 (for macOS) – [Software] How to download and install the latest software version of SecuExtender for macOS
- IPSec VPN Client software download
- Latest client version 220.127.116.11.32 – [Software] How to download and install the latest software version of Zyxel IPSec VPN Client for Windows