ZyXEL Communications P-312 Manual De Usuario
P312 Broadband Security Gateway
Example Firewall Rules
19-1
Chapter 19
Example Firewall Rules
19.1 Examples
Please note that whenever you open a hole in the firewall to forward a service from the Internet to the local
network, and NAT is also enabled, you may have to also configure a server behind NAT using SMT menu
15.2. Please see the chapter on NAT for more detailed information on NAT and also see Figure 14-5 for a
view of how Filtering, the Firewall and NAT interact.
network, and NAT is also enabled, you may have to also configure a server behind NAT using SMT menu
15.2. Please see the chapter on NAT for more detailed information on NAT and also see Figure 14-5 for a
view of how Filtering, the Firewall and NAT interact.
19.1.1 Example 1 - Firewall Rule To Allow Web Service From The Internet
Let’s say we have one server on the local network, with an IP of 10.100.1.2, supporting FTP, HTTP, Telnet
and mail services. The only traffic allowed from the Internet is web service. We want to be able to forward
all traffic initiated from our local network (local network). We want to know who accesses our server and
send e-mail alerts when this happens. Our mail account is
and mail services. The only traffic allowed from the Internet is web service. We want to be able to forward
all traffic initiated from our local network (local network). We want to know who accesses our server and
send e-mail alerts when this happens. Our mail account is
user@zyxel.com
. Another network administrator
has an e-mail address of
user2@zyxel.com
. This is what we do.
Step 1.
Activate the firewall. You may activate the firewall by Prestige Web Configurator shown next
(click Configuration, the Config tab, then check the Firewall Enabled box) or in SMT Menu
21.2. You can only configure the firewall using the Prestige Web Configurator or CI commands
(see the Appendix). When the firewall is active, the default rules allow all traffic from the local
network to the WAN (Internet) and block all traffic from the Internet to the local network.
(click Configuration, the Config tab, then check the Firewall Enabled box) or in SMT Menu
21.2. You can only configure the firewall using the Prestige Web Configurator or CI commands
(see the Appendix). When the firewall is active, the default rules allow all traffic from the local
network to the WAN (Internet) and block all traffic from the Internet to the local network.