To Vpn Packet Direction - ZyXEL Communications ZYWALL P1 User Manual

Chapter 9 Firewall
By default, the ZyWALL drops packets traveling in the following directions.
• WAN to LAN
• WAN to WAN
See Chapter 4 on page 81

9.3.1 To VPN Packet Direction

The ZyWALL can apply firewall rules to traffic before encrypting it to send through the VPN
tunnel. To VPN means traffic that comes in through the selected "from" interface and goes out
through the ZyWALL's VPN tunnel. For example, From LAN To VPN specifies the traffic
that is coming from the LAN and going out through the ZyWALL's VPN tunnel.
For example, you could configure the From LAN To VPN firewall rule to drop traffic from
the LAN computers instead of sending it through the ZyWALL's VPN tunnel.
144
These rules specify which computers connected to the WAN can
access which computers or services on the LAN. For example, you
may create rules to:
• Allow certain types of traffic, such as Lotus Notes database
synchronization, from specific hosts on the Internet to specific
hosts on the LAN.
• Allow public access to a Web server on your protected network.
You could also block certain IP addresses from accessing it.
Note: You also need to configure NAT port forwarding (or full
featured NAT address mapping rules) to allow computers
on the WAN to access devices on the LAN. See
16.5.3 on page 281
By default the ZyWALL stops computers connected to the WAN from
managing the ZyWALL or using the ZyWALL as a gateway to
communicate with other computers on the WAN. You could configure
one of these rules to allow a WAN computer to manage the ZyWALL.
Note: You must also configure the remote management settings
to allow a WAN computer to manage the ZyWALL.
for information about packets traveling to or from the VPN tunnels.
for an example.
ZyWALL P1 User's Guide
Section