ZyXEL Communications 3.1 User Manual
Chapter 10 Zones
ZyWALL (ZLD) CLI Reference Guide
112
10.2 Zone Commands Summary
The following table describes the values required for many zone commands. Other values are
discussed with the corresponding commands.s
discussed with the corresponding commands.s
This table lists the zone commands.
Table 54
Input Values for Zone Commands
LABEL
DESCRIPTION
profile_name
The name of a zone, or the name of a VPN tunnel.
For the ZyWALL USG 300 and above, use up to 31 characters (a-zA-Z0-9_-). The name
cannot start with a number. This value is case-sensitive.
cannot start with a number. This value is case-sensitive.
About the pre-defined zones in the ZyWALL USG 200 and below models:
•
The lan1 interface always belongs to the LAN1 zone.
•
The lan2 interface always belongs to the LAN2 zone.
•
The dmz interface always belongs to the DMZ zone.
•
The wan1, wan2, wan1_ppp, or wan2_ppp interfaces always belong to the WAN zone.
•
An opt_ppp interface can be added to the WAN or OPT zone.
Table 55
zone Commands
COMMAND
DESCRIPTION
show zone [profile_name]
Displays information about the specified zone or about all zones.
show zone binding-iface
Displays each interface and zone mappings.
show zone default-binding
Displays the pre-configured interface and zone mappings that come with the
ZyWALL.
ZyWALL.
show zone none-binding
Displays the interfaces, tunnels and SSL VPNs that are not associated with a
zone yet.
zone yet.
show zone system-default
Displays the pre-configured default zones that you cannot delete from the
ZyWALL.
ZyWALL.
show zone user-define
Displays all customized zones.
[no] zone profile_name
Creates the zone if necessary and enters sub-command mode. The
no
command deletes the zone.
zone profile_name
Enter the sub-command mode.
[no] block
Blocks intra-zone traffic. The
no
command allows intra-zone traffic.
[no] interface
interface_name
Adds the specified interface to the specified zone. The
no
command removes
the specified interface from the specified zone. See
for
information about interface names.
[no] crypto
profile_name
Adds the specified IPSec VPN tunnel to the specified zone. The
no
command
removes the specified IPSec VPN tunnel from the specified zone.
[no] sslvpn
profile_name
Adds the specified SSL VPN tunnel to the specified zone. The
no
command
removes the specified SSL VPN tunnel from the specified zone.