ZyXEL Communications HW-D Series User Manual
P-662H/HW-D Series User’s Guide
Chapter 11 Firewall Configuration
181
C
H A P T E R
11
Firewall Configuration
This chapter shows you how to enable and configure the ZyXEL Device firewall.
11.1 Access Methods
The web configurator is, by far, the most comprehensive firewall configuration tool your
ZyXEL Device has to offer. For this reason, it is recommended that you configure your
firewall using the web configurator. CLI
ZyXEL Device has to offer. For this reason, it is recommended that you configure your
firewall using the web configurator. CLI
(Command Line Interpreter)
commands provide
limited configuration options and are only recommended for advanced users.
11.2 Firewall Policies Overview
Firewall rules are grouped based on the direction of travel of packets to which they apply:
Note: The LAN includes both the LAN port and the WLAN.
• DMZ to WAN
By default, the ZyXEL Device’s stateful packet inspection blocks packets traveling in the
following directions:
following directions:
• WAN to LAN
• WAN to WAN/ Router
• WAN to WAN/ Router
This prevents computers on the WAN from using the ZyXEL Device as a gateway to
communicate with other computers on the WAN and/or managing the ZyXEL Device.
communicate with other computers on the WAN and/or managing the ZyXEL Device.
• DMZ to LAN
• DMZ to DMZ/ Router
• DMZ to DMZ/ Router
This prevents computers on the DMZ from communicating between networks or subnets
connected to the DMZ interface and/or managing the ZyXEL Device.
connected to the DMZ interface and/or managing the ZyXEL Device.
You may define additional rules and sets or modify existing ones but please exercise
extreme caution in doing so.
extreme caution in doing so.
•
LAN to LAN/ Router
•
WAN to LAN
•
DMZ to LAN
•
LAN to WAN
•
WAN to WAN/ Router
•
DMZ to WAN
•
LAN to DMZ
•
WAN to DMZ
•
DMZ to DMZ/ Router