ZyWALL User's Guide

ManualsBrandsZyXEL Communications ManualsNetwork Router100 Series

111

112

113

114

115

116

117

118

119

120

Chapter 5 Configuration Basics

ZyWALL USG 100/200 Series User’s Guide

112

Table 24 ZyWALL USG 100 Default Port, Interface, and Zone Configuration

• The WAN zone contains the wan1 and wan2 interfaces (physical ports P1 and P2). They

use public IP addresses to connect to the Internet.

• OPT is specific to the ZyWALL USG 200 .The OPT zone contains the opt interface

(physical port P3). The opt interface is the only default interface that you can change to

be part of a different zone. The opt interface belongs to the OPT zone by default. The OPT

zone is a separate zone and you can configure a different set of security policies for it.

• The LAN1 zone contains the lan1 interface (a port group made up of physical ports P4

and P5 on the ZyWALL USG 200 or P3, P4, and P5 on the ZyWALL USG 100). The

LAN1 zone is a protected zone. The lan1 interface uses 192.168.1.1 and the connected

devices use IP addresses in the 192.168.1.2 to 192.168.1.254 range.

• The WLAN zone contains the ext-wlan interface (physical port P6). This is a second

protected zone for connecting wireless access points. The ext-wlan interface uses private

IP address 10.59.0.1 and the connected devices use IP addresses in the 10.59.0.2 to

10.59.0.254 range.

• The DMZ zone contains the dmz interface (physical port P7). The DMZ zone has servers

that are available to the public. The dmz interface uses private IP address 192.168.3.1 and

the connected devices use private IP addresses in the 192.168.3.2 to 192.168.3.254 range.

5.3 Terminology in the ZyWALL

This section highlights some differences in terminology or organization between the

ZyWALL and other routers, particularly ZyNOS routers.

PORT INTERFACE ZONE

IP ADDRESS AND DHCP

SETTINGS

SUGGESTED USE WITH

DEFAULT SETTINGS

P1, P2 wan1, wan2 WAN DHCP clients Connections to the Internet

P3, P4, P5 lan1 LAN1 192.168.1.1, DHCP server

enabled

Protected LAN

P6 ext-wlan WLAN 10.59.0.1, DHCP server

enabled

Wireless access points

P7 dmz DMZ 192.168.3.1, DHCP server

disabled

Public servers (such as web, e-mail

and FTP)

Table 25 ZyWALL Terminology That is Different Than ZyNOS

ZYNOS FEATURE / TERM ZYWALL FEATURE / TERM

Port forwarding Virtual server

IP alias Virtual interface

Gateway policy VPN gateway

Network policy (IPSec SA) VPN connection

Hub-and-spoke VPN (VPN) concentrator

Table 26 ZyWALL Terminology That Might Be Different Than Other Products

FEATURE / TERM ZYWALL FEATURE / TERM

Destination NAT (DNAT) Virtual server

Source NAT (SNAT) Policy route