Static Routes; Firewall - ZyXEL Communications ZyWALL USG 100 Series User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 100 Series:
- Quick start manual (128 pages) ,
- Release note (19 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
Chapter 5 Configuration Basics
8 For the Next Hop fields, select Interface as the Type if you have a single WAN
connection or Trunk if you have multiple WAN connections.
9 Select the interface that you are using for your WAN connection (wan1 and wan2 are the
default WAN interfaces). If you have multiple WAN connections, select the trunk.
10 Specify the amount of bandwidth FTP traffic can use. You may also want to set a low
priority for FTP traffic.
The ZyWALL checks the policy routes in the order that they are listed. So
make sure that your custom policy route comes before any other routes that
would also match the FTP traffic.
5.4.11 Static Routes
Use static routes to tell the ZyWALL about networks not directly connected to the ZyWALL.
MENU ITEM(S)
PREREQUISITES
5.4.12 Firewall
The firewall controls the travel of traffic between or within zones. You can also configure the
firewall to control traffic for virtual server (port forwarding) and policy routes (NAT). You can
configure firewall rules based on schedules, specific users (or user groups), source or
destination addresses (or address groups) and services (or service groups). Each of these
objects must be configured in a different screen.
To-ZyWALL firewall rules control access to the ZyWALL. Configure to-ZyWALL firewall
rules for remote management. By default, the firewall allows HTTP management access from
the LAN zone and HTTPS management access from any zone. The ZyWALL drops packets
from the WAN or DMZ zone to the ZyWALL itself, except for Device HA and VPN traffic.
MENU ITEM(S)
PREREQUISITES
Example: Suppose you have a SIP proxy server connected to the DMZ zone for VoIP calls.
You could configure a firewall rule to allow VoIP sessions from the SIP proxy server on DMZ
to LAN1 so VoIP users on LAN1 can receive calls.
1 Create a VoIP service object for UDP port 5060 traffic (Object > Service).
2 Create an address object for the VoIP server (Object > Address).
3 Click Firewall to go to the firewall configuration.
4 Select from the DMZ zone to the LAN1 zone, and add a firewall rule using the items
you have configured.
• You don't need to specify the schedule or the user.
• In the Source field, select the address object of the VoIP server.
• You don't need to specify the destination address.
120
Network > Routing > Static Route
Interfaces
Firewall
Zones, schedules, users, user groups, addresses (source, destination), address
groups (source, destination), services, service groups
ZyWALL USG 100/200 Series User's Guide
- Quick Links:
- Getting Started
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
