C
H A P T E R
This chapter shows you how to enable and configure the ZyXEL Device firewall.
11.1 Access Methods
The web configurator is, by far, the most comprehensive firewall configuration tool your
ZyXEL Device has to offer. For this reason, it is recommended that you configure your
firewall using the web configurator. CLI (Command Line Interpreter) commands provide
limited configuration options and are only recommended for advanced users.
11.2 Firewall Policies Overview
Firewall rules are grouped based on the direction of travel of packets to which they apply:
The LAN includes both the LAN port and the WLAN.
By default, the ZyXEL Device's stateful packet inspection blocks packets traveling in the
following directions:
• WAN to LAN
• WAN to WAN/ Router
This prevents computers on the WAN from using the ZyXEL Device as a gateway to
communicate with other computers on the WAN and/or managing the ZyXEL Device.
• DMZ to LAN
• DMZ to DMZ/ Router
This prevents computers on the DMZ from communicating between networks or subnets
connected to the DMZ interface and/or managing the ZyXEL Device.
You may define additional rules and sets or modify existing ones but please exercise
extreme caution in doing so.
P-662H/HW-D Series User's Guide
Firewall Configuration
•
LAN to LAN/ Router
•
LAN to WAN
•
LAN to DMZ
•
WAN to LAN
•
WAN to WAN/ Router
•
WAN to DMZ
11
•
DMZ to LAN
•
DMZ to WAN
•
DMZ to DMZ/ Router
169