ZyXEL Communications ZyWALL 300 User Manual
Chapter 5 Configuration Basics
ZyWALL USG 300 User’s Guide
113
A physical port is the place to which you connect the cable. As shown above, you do not
usually configure physical ports to use various features. You configure interfaces and zones.
The ZyWALL supports one-to-one, one-to-many, many-to-one, and many-to-none
relationships between physical ports and interfaces.
usually configure physical ports to use various features. You configure interfaces and zones.
The ZyWALL supports one-to-one, one-to-many, many-to-one, and many-to-none
relationships between physical ports and interfaces.
There are many types of interfaces in the ZyWALL. In addition to being used in various
features, interfaces also describe the network that is directly connected to the ZyWALL.
features, interfaces also describe the network that is directly connected to the ZyWALL.
• Port groups create a hardware connection between physical ports at the layer-2 (MAC
address) level.
• Ethernet interfaces are the foundation for defining other interfaces and network policies.
You also configure RIP and OSPF in these interfaces.
• VLAN interfaces recognize tagged frames. The ZyWALL automatically adds or removes
the tags as needed. Each VLAN can only be associated with one Ethernet interface.
• Bridge interfaces create a software connection between Ethernet or VLAN interfaces at
the layer-2 (data link, MAC address) level. Then, you can configure the IP address and
subnet mask of the bridge. It is also possible to configure zone-level security between the
member interfaces in the bridge.
subnet mask of the bridge. It is also possible to configure zone-level security between the
member interfaces in the bridge.
• PPPoE/PPTP interfaces support Point-to-Point Protocols (PPP). ISP accounts are
required for PPPoE/PPTP interfaces.
• Virtual interfaces increase the amount of routing information in the ZyWALL. There are
three types: virtual Ethernet interfaces (also known as IP alias), virtual VLAN
interfaces, and virtual bridge interfaces.
interfaces, and virtual bridge interfaces.
• The auxiliary interface, along with an external modem, provides an interface the
ZyWALL can use to dial out. This interface can be used as a backup WAN interface, for
example. The auxiliary interface controls the AUX port.
example. The auxiliary interface controls the AUX port.
Zones are used for security policies. A zone is simply a group of interfaces and/or VPN
tunnels; by default, the ZyWALL has LAN, WAN and DMZ zones. Each interface and VPN
tunnel can be assigned to one and only one zone. You can add, change, or remove the
interfaces and VPN tunnels in each zone without affecting the settings that are based on zones.
tunnels; by default, the ZyWALL has LAN, WAN and DMZ zones. Each interface and VPN
tunnel can be assigned to one and only one zone. You can add, change, or remove the
interfaces and VPN tunnels in each zone without affecting the settings that are based on zones.
5.3.1 Network Topology Example
The following example is used to further explain the differences between interfaces and zones.