ZyXEL Communications UAG4100 User Manual page 242

Figure 165 Configuration > Firewall
The following table describes the labels in this screen.
Table 108 Configuration > Firewall
LABEL DESCRIPTION
General Settings
Enable Firewall Select this check box to activate the firewall. The UAG performs access control when the
firewall is activated.
IPv4 Rule
Summary
Allow If an alternate gateway on the LAN has an IP address in the same subnet as the UAG's LAN
Asymmetrical IP address, return traffic may not go through the UAG. This is called an asymmetrical or
Route "triangle" route. This causes the UAG to reset the connection, as the connection has not
been acknowledged.
Select this check box to have the UAG permit the use of asymmetrical route topology on
the network (not reset the connection).
Note: Allowing asymmetrical routes may let traffic from the WAN go directly to the LAN
without passing through the UAG. A better solution is to use virtual interfaces to put the
UAG and the backup gateway on separate subnets.
From Zone / To This is the direction of travel of packets. Select from which zone the packets come and to
Zone which zone they go.
Firewall rules are grouped based on the direction of travel of packets to which they apply.
For example, from LAN to LAN means packets traveling from a computer or subnet on the
LAN to either another computer or subnet on the LAN.
From any displays all the firewall rules for traffic going to the selected To Zone.
To any displays all the firewall rules for traffic coming from the selected From Zone.
From any to any displays all of the firewall rules.
To Device rules are for traffic that is destined for the UAG and control which computers can
manage the UAG.
Chapter 25 Firewall
UAG4100 User's Guide
242