ZyXEL NBG-416N Guia Do Utilizador
Chapter 12 Firewall
NBG-416N User’s Guide
110
• Use the Services screen to enable or disable ICMP and VPN passthrough
features (
).
12.3 What You Need To Know
The NBG-416N’s firewall feature physically separates the LAN and the WAN and
acts as a secure gateway for all data passing between the networks.
acts as a secure gateway for all data passing between the networks.
12.3.1 About the NBG-416N Firewall
The NBG-416N firewall is a stateful inspection firewall and is designed to protect
against Denial of Service attacks when activated (click the General tab under
Firewall and then click the Enable Firewall check box). The NBG-416N's
purpose is to allow a private Local Area Network (LAN) to be securely connected to
the Internet. The NBG-416N can be used to prevent theft, destruction and
modification of data, as well as log events, which may be important to the security
of your network.
against Denial of Service attacks when activated (click the General tab under
Firewall and then click the Enable Firewall check box). The NBG-416N's
purpose is to allow a private Local Area Network (LAN) to be securely connected to
the Internet. The NBG-416N can be used to prevent theft, destruction and
modification of data, as well as log events, which may be important to the security
of your network.
The NBG-416N is installed between the LAN and a broadband modem connecting
to the Internet. This allows it to act as a secure gateway for all data passing
between the Internet and the LAN.
to the Internet. This allows it to act as a secure gateway for all data passing
between the Internet and the LAN.
The NBG-416N has one Ethernet WAN port and four Ethernet LAN ports, which are
used to physically separate the network into two areas.The WAN (Wide Area
Network) port attaches to the broadband (cable or DSL) modem to the Internet.
used to physically separate the network into two areas.The WAN (Wide Area
Network) port attaches to the broadband (cable or DSL) modem to the Internet.
The LAN (Local Area Network) port attaches to a network of computers, which
needs security from the outside world. These computers will have access to
Internet services such as e-mail, FTP and the World Wide Web. However, "inbound
access" is not allowed (by default) unless the remote host is authorized to use a
specific service.
needs security from the outside world. These computers will have access to
Internet services such as e-mail, FTP and the World Wide Web. However, "inbound
access" is not allowed (by default) unless the remote host is authorized to use a
specific service.
12.3.2 VPN Pass Through Features
A Virtual Private Network (VPN) is a way to securely connect two networks over
the Internet. For example a home network and one in a business office. This
requires special equipment on both ends of the connection.
the Internet. For example a home network and one in a business office. This
requires special equipment on both ends of the connection.
The NBG-416N is not one of the endpoints but it does allow traffic from those
endpoints to pass through. The NBG-416N allows the following types of VPN traffic
to pass through:
endpoints to pass through. The NBG-416N allows the following types of VPN traffic
to pass through:
• IP security (IPSec)
• Point-to-Point Tunneling Protocol (PPTP)
• Point-to-Point Tunneling Protocol (PPTP)