ZyXEL Communications 1000 Manuel D’Utilisation
Chapter 24 Firewall
ZyWALL USG 1000 User’s Guide
432
4
The ZyWALL then sends it to the computer on the LAN in Subnet 1.
Figure 321 Using Virtual Interfaces to Avoid Asymmetrical Routes
24.2.1 Configuring the Firewall Screen
Click Configuration > Firewall to open the Firewall screen. Use this screen to
enable or disable the firewall and asymmetrical routes, set a maximum number of
sessions per host, and display the configured firewall rules. Specify from which
zone packets come and to which zone packets travel to display only the rules
specific to the selected direction. Note the following.
enable or disable the firewall and asymmetrical routes, set a maximum number of
sessions per host, and display the configured firewall rules. Specify from which
zone packets come and to which zone packets travel to display only the rules
specific to the selected direction. Note the following.
• If you enable intra-zone traffic blocking (see the chapter about zones), the
firewall automatically creates (implicit) rules to deny packet passage between
the interfaces in the specified zone.
• Besides configuring the firewall, you also need to configure NAT rules to allow
computers on the WAN to access LAN devices. See
more information.
• The ZyWALL applies NAT (Destination NAT) settings before applying the firewall
rules. So for example, if you configure a NAT entry that sends WAN traffic to a
LAN IP address, when you configure a corresponding firewall rule to allow the
traffic, you need to set the LAN IP address as the destination. See
LAN