Table of Contents
Advertisement
19.1 Examples
Please note that whenever you open a hole in the firewall to forward a service from the Internet to the local
network, and NAT is also enabled, you may have to also configure a server behind NAT using SMT menu
15.2. Please see the chapter on NAT for more detailed information on NAT and also see Figure 14-5 for a
view of how Filtering, the Firewall and NAT interact.
19.1.1 Example 1 - Firewall Rule To Allow Web Service From The Internet
Let's say we have one server on the local network, with an IP of 10.100.1.2, supporting FTP, HTTP, Telnet
and mail services. The only traffic allowed from the Internet is web service. We want to be able to forward
all traffic initiated from our local network (local network). We want to know who accesses our server and
send e-mail alerts when this happens. Our mail account is user@zyxel.com. Another network administrator
has an e-mail address of user2@zyxel.com. This is what we do.
Step 1.
Activate the firewall. You may activate the firewall by Prestige Web Configurator shown next
(click Configuration, the Config tab, then check the Firewall Enabled box) or in SMT Menu
21.2. You can only configure the firewall using the Prestige Web Configurator or CI commands
(see the Appendix). When the firewall is active, the default rules allow all traffic from the local
network to the WAN (Internet) and block all traffic from the Internet to the local network.
Example Firewall Rules
P312 Broadband Security Gateway
Example Firewall Rules
Chapter 19
19-1
Advertisement
Table of Contents
Troubleshooting
