ZyXEL Communications 1000 User Manual
ZyWALL USG 1000 User’s Guide
423
C
H A P T E R
2 4
Firewall
24.1 Overview
Use the firewall to block or allow services that use static port numbers. Use
application patrol (see
application patrol (see
) to control services using flexible/
dynamic port numbers. The firewall can also limit the number of user sessions.
This figure shows the ZyWALL’s default firewall rules in action and demonstrates
how stateful inspection works. User 1 can initiate a Telnet session from within the
LAN zone and responses to this request are allowed. However, other Telnet traffic
initiated from the WAN or DMZ zone and destined for the LAN zone is blocked.
Communications between the WAN and the DMZ zones are allowed. The firewall
allows VPN traffic between any of the networks.
how stateful inspection works. User 1 can initiate a Telnet session from within the
LAN zone and responses to this request are allowed. However, other Telnet traffic
initiated from the WAN or DMZ zone and destined for the LAN zone is blocked.
Communications between the WAN and the DMZ zones are allowed. The firewall
allows VPN traffic between any of the networks.
Figure 313 Default Firewall Action
24.1.1 What You Can Do in this Chapter
• Use the Firewall screens (
) to enable or disable the
firewall and asymmetrical routes, and manage and configure firewall rules.
• Use the Session Limit screens (see
) to limit the
number of concurrent NAT/firewall sessions a client can use.