ZyXEL Communications 2 Plus User Manual
Chapter 11 Firewall
ZyWALL 2 Plus User’s Guide
196
In order to do this, you would configure the SECURITY > FIREWALL > Default Rule
screen as follows.
screen as follows.
Figure 127 Block DMZ to VPN Traffic by Default Example
11.3.2 From VPN Packet Direction
You can also apply firewall rules to traffic that comes in through the ZyWALL’s VPN tunnels.
The ZyWALL decrypts the VPN traffic and then applies the firewall rules. From VPN means
traffic that came into the ZyWALL through a VPN tunnel and is going to the selected “to”
interface.
For example, by default the firewall allows traffic from any VPN tunnel to go to any of the
ZyWALL’s interfaces, the ZyWALL itself and other VPN tunnels. You could edit the From
VPN To LAN default firewall rule to silently block traffic from the VPN tunnels from going
to the LAN computers.
The ZyWALL decrypts the VPN traffic and then applies the firewall rules. From VPN means
traffic that came into the ZyWALL through a VPN tunnel and is going to the selected “to”
interface.
For example, by default the firewall allows traffic from any VPN tunnel to go to any of the
ZyWALL’s interfaces, the ZyWALL itself and other VPN tunnels. You could edit the From
VPN To LAN default firewall rule to silently block traffic from the VPN tunnels from going
to the LAN computers.