Ipsec Vpn; Ssl Vpn - ZyXEL Communications ZyWall USG 2000 User Manual

Chapter 6 Configuration Basics
Example: Suppose you have a SIP proxy server connected to the DMZ zone for
VoIP calls. You could configure a firewall rule to allow VoIP sessions from the SIP
proxy server on DMZ to the LAN so VoIP users on the LAN can receive calls.
Create a VoIP service object for UDP port 5060 traffic (Configuration > Object >
1
Service).
Create an address object for the VoIP server (Configuration > Object >
2
Address).
Click Configuration > Firewall to go to the firewall configuration.
3
Select from the DMZ zone to the LAN1 zone, and add a firewall rule using the
4
items you have configured.
• You don't need to specify the schedule or the user.
• In the Source field, select the address object of the VoIP server.
• You don't need to specify the destination address.
• Leave the Access field set to Allow and the Log field set to No.
Note: The ZyWALL checks the firewall rules in order. Make sure each rule is in the
correct place in the sequence.

6.5.15 IPSec VPN

Use IPSec VPN to provide secure communication between two sites over the
Internet or any insecure network that uses TCP/IP for communication. The
ZyWALL also offers hub-and-spoke VPN.
MENU ITEM(S)
PREREQUISITES
WHERE USED
Example: See

6.5.16 SSL VPN

Use SSL VPN to give remote users secure network access.
MENU ITEM(S)
PREREQUISITES
112
Configuration > VPN > IPSec VPN; you can also use the Quick
Setup VPN Setup wizard.
Interfaces, certificates (authentication), authentication methods
(extended authentication), addresses (local network, remote network,
NAT), to-ZyWALL firewall, firewall
Policy routes, zones, L2TP VPN
Chapter 7 on page 121.
Configuration > VPN > SSL VPN
Interfaces, SSL application, users, user groups, addresses (network
list, IP pool for assigning to clients, DNS and WINS server addresses),
to-ZyWALL firewall, firewall
ZyWALL USG 2000 User's Guide