Check Your Device Ha Setup; How To Allow Public Access To A Server; Create The Address Objects - ZyXEL Communications ZyWall USG 2000 User Manual

hour). If ZyWALL A fails or loses its ge1 or ge2 connection, ZyWALL B functions
as the master.

6.8.5 Check Your Device HA Setup

To make sure ZyWALL B copied ZyWALL A's settings, you can log into ZyWALL B's
1
management IP address (192.168.1.5) and check the configuration. You can use
the Maintenance > File Manager > Configuration File screen to save copies
of the ZyWALLs' configuration files that you can compare.
To test your device HA configuration, disconnect ZyWALL A's ge1 or ge2
2
interface. Computers on LAN should still be able to access the Internet. If they
cannot, check your connections and device HA configuration.
Congratulations! Now that you have configured device HA for LAN, you can use
the same process for any of the ZyWALL's other local networks. For example,
enable device HA monitoring on the DMZ interfaces and use an Ethernet switch to
connect both ZyWALLs' DMZ interfaces to your publicly available servers.

6.9 How to Allow Public Access to a Server

This is an example of making an HTTP (web) server in the DMZ zone accessible
from the Internet (the WAN zone). You will use a public IP address of 1.1.1.2 on
the ge3 interface and map it to the HTTP server's private IP address of
192.168.3.7.
Figure 97 Public Server Example Network Topology
192.168.3.7

6.9.1 Create the Address Objects

Use Object > Address > Add to create the address objects.
ZyWALL USG 2000 User's Guide
DMZ
1.1.1.2
Chapter 6 Tutorials
133