ZyXEL Communications NBG410W3G Series User Manual

Chapter 9 Firewall

NBG410W3G Series User’s Guide

By default, the ZyXEL Device drops packets traveling in the following directions.

"

Incorrectly configuring the firewall may block valid access or introduce security 
risks to the ZyXEL Device and your protected network. Use caution when 
creating or deleting firewall rules and test your rules after you configure them.

Consider these security ramifications before creating a rule:

• WAN 1 to LAN These rules specify which computers connected to WAN 1 can access 

which computers or services on the LAN. For example, you may 
create rules to:

• Allow certain types of traffic, such as Lotus Notes database 

synchronization, from specific hosts on the Internet to specific 
hosts on the LAN.

• Allow public access to a Web server on your protected network. 

You could also block certain IP addresses from accessing it. 

"

You also need to configure NAT port forwarding 
(or full featured NAT address mapping rules) to 
allow computers on the WAN to access devices 
on the LAN. See 

an example.

• WAN to WAN

By default the ZyXEL Device stops computers connected to WAN1 or 
WAN2 from managing the ZyXEL Device or using the ZyXEL Device 
as a gateway to communicate with other computers on the WAN. You 
could configure one of these rules to allow a WAN computer to 
manage the ZyXEL Device.

"

You also need to configure the remote 
management settings to allow a WAN computer 
to manage the ZyXEL Device.