Policy Routes; Static Routes - ZyXEL Communications ZyWALL USG 300 User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 300:
- User manual (1156 pages) ,
- Quick start manual (128 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
Chapter 5 Configuration Basics
5.4.10 Policy Routes
Use policy routes to control the routing of packets through the ZyWALL's interfaces, trunks,
and send traffic through VPN connections. You also use policy routes for bandwidth
management (out of the ZyWALL), port triggering, and general NAT on the source address.
You have to set up the criteria, next-hops, and NAT settings in other screens first.
MENU ITEM(S)
PREREQUISITES
Example: You have an FTP server connected to ge4 (in the DMZ zone). You want to limit the
amount of FTP traffic that goes out from the FTP server through your WAN connection.
1 Create an address object for the FTP server (Object > Address).
2 Click Network > Routing > Policy Route to go to the policy route configuration screen.
Add a policy route.
3 Name the policy route.
4 Select the interface that the traffic comes in through (ge4 in this example).
5 Select the FTP server's address as the source address.
6 You don't need to specify the destination address or the schedule.
7 For the service, select FTP.
8 For the Next Hop fields, select Interface as the Type if you have a single WAN
connection or Trunk if you have multiple WAN connections.
9 Select the interface that you are using for your WAN connection (ge2 and ge3 are the
default WAN interfaces). If you have multiple WAN connections, select the trunk.
10 Specify the amount of bandwidth FTP traffic can use. You may also want to set a low
priority for FTP traffic.
The ZyWALL checks the policy routes in the order that they are listed. So
make sure that your custom policy route comes before any other routes that
would also match the FTP traffic.
5.4.11 Static Routes
Use static routes to tell the ZyWALL about networks not directly connected to the ZyWALL.
MENU ITEM(S)
PREREQUISITES
114
Network > Routing > Policy Route
Criteria: users, user groups, interfaces (incoming), IPSec VPN (incoming),
addresses (source, destination), address groups (source, destination),
schedules, services, service groups
Next-hop: addresses (HOST gateway), IPSec VPN, SSL VPN, trunks, interfaces
NAT: addresses (translated address), services and service groups (port
triggering)
Network > Routing > Static Route
Interfaces
ZyWALL USG 300 User's Guide
Advertisement
Table of Contents
Troubleshooting
