C
H A P T E R
24.1 Overview
Use the firewall to block or allow services that use static port numbers. Use
application patrol (see
dynamic port numbers. The firewall can also limit the number of user sessions.
This figure shows the ZyWALL's default firewall rules in action and demonstrates
how stateful inspection works. User 1 can initiate a Telnet session from within the
LAN zone and responses to this request are allowed. However, other Telnet traffic
initiated from the WAN or DMZ zone and destined for the LAN zone is blocked.
Communications between the WAN and the DMZ zones are allowed. The firewall
allows VPN traffic between any of the networks.
Figure 339 Default Firewall Action
24.1.1 What You Can Do in this Chapter
• Use the Firewall screens
firewall and asymmetrical routes, and manage and configure firewall rules.
• Use the Session Limit screens (see
number of concurrent NAT/firewall sessions a client can use.
ZyWALL USG 300 User's Guide
Chapter 32 on page
553) to control services using flexible/
(Section 24.2 on page
Section 24.3 on page
24
Firewall
463) to enable or disable the
468) to limit the
455