Manualshelf

ZyWALL User's Guide

ManualsBrandsZyXEL Communications ManualsNetwork Router100 Series
331332333334335336337338339340
ZyWALL USG 100/200 Series User’s Guide
335
CHAPTER 19
Firewall
19.1 Overview
Use the firewall to block or allow services that use static port numbers. Use application patrol
(see Chapter 27 on page 443) to control services using flexible/dynamic port numbers.
This figure shows the ZyWALL’s default firewall rules in action and demonstrates how
stateful inspection works. User 1 can initiate a Telnet session from within the LAN1 zone and
responses to this request are allowed. However, other Telnet traffic initiated from the WAN or
DMZ zone and destined for the LAN1 zone is blocked. Communications between the WAN
and the DMZ zones are allowed. The firewall allows VPN traffic between any of the networks.
Figure 237 Default Firewall Action
19.1.1 What You Can Do in the Firewall Screens
Use the Firewall screen (Section 19.2 on page 343) to enable or disable the firewall and
asymmetrical routes, set a maximum number of sessions per host, and display the
configured firewall rules.
Use the Firewall Edit screen (see Section 19.2.2 on page 346) to edit or add a firewall
rule.