ZyXEL Communications NXC2500 User Manual page 188

Table 92 Configuration > Firewall (continued)
LABEL DESCRIPTION
Allow If an alternate gateway on the LAN has an IP address in the same subnet as the NXC's
Asymmetrical LAN IP address, return traffic may not go through the NXC. This is called an asymmetrical
Route or "triangle" route. This causes the NXC to reset the connection, as the connection has not
been acknowledged.
Select this check box to have the NXC permit the use of asymmetrical route topology on
the network (not reset the connection).
Note: Allowing asymmetrical routes may let traffic from the WAN go directly to the LAN
From Zone / To This is the direction of travel of packets. Select from which zone the packets come and to
Zone which zone they go.
Firewall rules are grouped based on the direction of travel of packets to which they apply.
For example, from LAN to LAN means packets traveling from a computer or subnet on
the LAN to either another computer or subnet on the LAN.
From any displays all the firewall rules for traffic going to the selected To Zone.
To any displays all the firewall rules for traffic coming from the selected From Zone.
From any to any displays all of the firewall rules.
To EnterpriseWLAN rules are for traffic that is destined for the NXC and control which
computers can manage the NXC.
Add Click this to create a new entry. Select an entry and click Add to create a new entry after
the selected entry.
Edit Double-click an entry or select it and click Edit to open a screen where you can modify the
entry's settings.
Remove To remove an entry, select it and click Remove. The NXC confirms you want to remove it
before doing so.
Activate To turn on an entry, select it and click Activate.
Inactivate To turn off an entry, select it and click Inactivate.
Move To change a rule's position in the numbered list, select the rule and click Move to display
a field to type a number for where you want to put that rule and press [ENTER] to move
the rule to the number that you typed.
The ordering of your rules is important as they are applied in order of their numbering.
The following read-only fields summarize the rules you have created that apply to traffic traveling in the
selected packet direction.
Status This icon is lit when the entry is active and dimmed when the entry is inactive.
Priority This is the position of your firewall rule in the global rule list (including all through-NXC
and to-NXC rules). The ordering of your rules is important as rules are applied in
sequence.
Default displays for the default firewall behavior that the NXC performs on traffic that
does not match any other firewall rule.
From This is the direction of travel of packets to which the firewall rule applies.
To
Schedule This field tells you the schedule object that the rule uses. none means the rule is active at
all times if enabled.
User This is the user name or user group name to which this firewall rule applies.
IPv4 Source This displays the source address object to which this firewall rule applies.
IPv4 Destination This displays the destination address object to which this firewall rule applies.
Service This displays the service object to which this firewall rule applies.
Chapter 16 Firewall
without passing through the NXC.
NXC Series User's Guide
188