Configuring The Security Policy Control Screen - ZyXEL Communications ZyWall USG20-VPN User Manual

Figure 214 Using Virtual Interfaces to Avoid Asymmetrical Routes

20.4.1 Configuring the Security Policy Control Screen

Click Configuration > Security Policy > Policy Control to open the Security Policy screen.
Use this screen to enable or disable the Security Policy and asymmetrical routes, set a maximum
number of sessions per host, and display the configured Security Policies. Specify from which zone
packets come and to which zone packets travel to display only the policies specific to the selected
direction. Note the following.
• Besides configuring the Security Policy, you also need to configure NAT rules to allow computers
on the WAN to access LAN devices.
• The USG applies NAT (Destination NAT) settings before applying the Security Policies. So for
example, if you configure a NAT entry that sends WAN traffic to a LAN IP address, when you
configure a corresponding Security Policy to allow the traffic, you need to set the LAN IP address
as the destination.
• The ordering of your policies is very important as policies are applied in sequence.
The following screen shows the Security Policy summary screen.
Chapter 20 Security Policy
USG20(W)-VPN Series User's Guide
322