Firewall; Chapter 25 Firewall; Overview; What You Can Do In This Chapter - ZyXEL Communications UAG5100 User Manual
Unified access gateway
Hide thumbs
Also See for UAG5100:
- User manual (617 pages) ,
- Firmware release notes (29 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
25.1 Overview
Use the firewall to block or allow services that use static port numbers. The firewall can also limit
the number of user sessions.
This example shows the UAG's default firewall behavior for WAN to LAN traffic and how stateful
inspection works. A LAN user can initiate a Telnet session from within the LAN zone and the firewall
allows the response. However, the firewall blocks Telnet traffic initiated from the WAN zone and
destined for the LAN zone. The firewall allows VPN traffic between any of the networks.
Figure 169 Default Firewall Action
25.1.1 What You Can Do in this Chapter
• Use the Firewall screens
asymmetrical routes, and manage and configure firewall rules.
• Use the Session Control screens (see
concurrent NAT/firewall sessions a client can use.
25.1.2 What You Need to Know
Stateful Inspection
The UAG has a stateful inspection firewall. The UAG restricts access by screening data packets
against defined access rules. It also inspects sessions. For example, traffic from one zone is not
allowed unless it is initiated by a computer in another zone first.
Zones
A zone is a group of interfaces or VPN tunnels. Group the UAG's interfaces into different zones
based on your needs. You can configure firewall rules for data passing between zones or even
between interfaces and/or VPN tunnels in a zone.
C
HAPTER
(Section 25.2 on page
247) to enable or disable the firewall and
Section 25.3 on page
UAG5100 User's Guide
245
2 5
Firewall
252) to limit the number of
Advertisement
Table of Contents
Troubleshooting
