Firewall Rule Example Applications; Figure 238 Blocking All Lan To Wan Irc Traffic Example; Table 110 Blocking All Lan1 To Wan Irc Traffic Example - ZyXEL Communications 200 Series User Manual

Unified security gateway

Hide thumbs Also See for 200 Series:

Table of Contents

Chapter 19 Firewall

Firewall and VPN Traffic

After you create a VPN tunnel and add it to a zone, you can set the firewall rules applied to

VPN traffic. If you add a VPN tunnel to an existing zone (the LAN1 zone for example), you

can configure a new LAN to LAN firewall rule or use intra-zone traffic blocking to allow or

block VPN traffic transmitting between the VPN tunnel and other interfaces in the LAN zone.

If you add the VPN tunnel to a new zone (the VPN zone for example), you can configure rules

for VPN traffic between the VPN zone and other zones or From VPN To-ZyWALL rules for

VPN traffic destined for the ZyWALL.

Finding Out More

Section 5.4.12 on page 117

Section 6.5.6 on page 153

configuring user-aware access control

Section 6.8.3 on page 161

traffic from the WAN to LAN1.

19.1.3 Firewall Rule Example Applications

Suppose that your company decides to block all of the LAN users from using IRC (Internet

Relay Chat) through the Internet. To do this, you would configure a LAN1 to WAN firewall

rule that blocks IRC traffic from any source IP address from going to any destination address.

You do not need to specify a schedule since you need the firewall rule to always be in effect.

The following figure shows the results of this rule.

Your firewall would have the following configuration.

• The first row blocks LAN1 access to the IRC service on the WAN.

for an example of creating firewall rules as part of

for an example of creating a firewall rule to allow H.323

for related information on the Firewall screens.

(Section 6.5 on page

DESTINATION SCHEDULE

ZyWALL USG 100/200 Series User's Guide

Zywall usg 100 series