ZyXEL Communications 200 Series User Manual
ZyWALL USG 100/200 Series User’s Guide
335
C
H A P T E R
1 9
Firewall
19.1 Overview
Use the firewall to block or allow services that use static port numbers. Use application patrol
(see
(see
) to control services using flexible/dynamic port numbers.
This figure shows the ZyWALL’s default firewall rules in action and demonstrates how
stateful inspection works. User 1 can initiate a Telnet session from within the LAN1 zone and
responses to this request are allowed. However, other Telnet traffic initiated from the WAN or
DMZ zone and destined for the LAN1 zone is blocked. Communications between the WAN
and the DMZ zones are allowed. The firewall allows VPN traffic between any of the networks.
stateful inspection works. User 1 can initiate a Telnet session from within the LAN1 zone and
responses to this request are allowed. However, other Telnet traffic initiated from the WAN or
DMZ zone and destined for the LAN1 zone is blocked. Communications between the WAN
and the DMZ zones are allowed. The firewall allows VPN traffic between any of the networks.
Figure 237 Default Firewall Action
19.1.1 What You Can Do in the Firewall Screens
• Use the Firewall screen (
) to enable or disable the firewall and
asymmetrical routes, set a maximum number of sessions per host, and display the
configured firewall rules.
configured firewall rules.
• Use the Firewall Edit screen (see
) to edit or add a firewall
rule.