Table of Contents
Advertisement
Chapter 18 Firewall
Figure 231 Firewall
The following table describes the labels in this screen.
Table 111 Firewall
LABEL
Global Setting
Enable Firewall
Allow
Asymmetrical
Route
From Zone
To Zone
The following read-only fields summarize the rules you have created that apply to traffic traveling in the
selected packet direction.
Total
Connection
298
DESCRIPTION
Select this check box to activate the firewall. The ZyWALL performs access control
when the firewall is activated.
If an alternate gateway on the LAN1 (or LAN2) has an IP address in the same
subnet as the ZyWALL's LAN IP address, return traffic may not go through the
ZyWALL. This is called an asymmetrical or "triangle" route. This causes the
ZyWALL to reset the connection, as the connection has not been acknowledged.
Select this check box to have the ZyWALL permit the use of asymmetrical route
topology on the network (not reset the connection).
Note: Allowing asymmetrical routes may let traffic from the WAN go
directly to the LAN without passing through the ZyWALL. A
better solution is to use virtual interfaces to put the ZyWALL
and the backup gateway on separate subnets.
This is the direction of travel of packets. Select from which zone the packets come
and to which zone they go.
Firewall rules are grouped based on the direction of travel of packets to which they
apply. For example, from LAN1 to LAN1 means packets traveling from a computer
or subnet on LAN1 to either another computer or subnet on LAN1.
From any displays all the firewall rules for traffic going to the selected To Zone.
To any displays all the firewall rules for traffic coming from the selected From Zone.
From any to any displays all of the firewall rules.
To ZyWALL rules are for traffic that is destined for the ZyWALL and control which
computers can manage the ZyWALL.
This field displays the total number of firewall rules.
ZyWALL USG 50-H User's Guide
Advertisement
Table of Contents
Troubleshooting
