User's Manual
Chapter 6 Configuration Basics
ZyWALL USG 20/20W User’s Guide
100
5 Specify the IP address of the HTTP proxy server.
6 Specify the port number to use for the HTTP traffic that you forward to the proxy
server.
6.5.11 ALG
The ZyWALL’s Application Layer Gateway (ALG) allows VoIP and FTP applications
to go through NAT on the ZyWALL. You can also specify additional signaling port
numbers.
6.5.12 Auth. Policy
Use authentication policies to control who can access the network. You can
authenticate users (require them to log in) and even perform Endpoint Security
(EPS) checking to make sure users’ computers comply with defined corporate
policies before they can access the network.
6.5.13 Firewall
The firewall controls the travel of traffic between or within zones. You can also
configure the firewall to control traffic for NAT (DNAT) and policy routes (SNAT).
You can configure firewall rules based on schedules, specific users (or user
groups), source or destination addresses (or address groups) and services (or
service groups). Each of these objects must be configured in a different screen.
To-ZyWALL firewall rules control access to the ZyWALL. Configure to-ZyWALL
firewall rules for remote management. By default, the firewall only allows
management connections from the LAN or WAN zone.
Example: Suppose you have a SIP proxy server connected to the DMZ zone for
VoIP calls. You could configure a firewall rule to allow VoIP sessions from the SIP
proxy server on DMZ to the LAN so VoIP users on the LAN can receive calls.
MENU ITEM(S)
Configuration > Network > ALG
MENU ITEM(S)
Configuration > Auth. Policy
PREREQUISITES
Addresses, services, endpoint security objects, users, authentication
methods
MENU ITEM(S)
Configuration > Firewall
PREREQUISITES
Zones, schedules, users, user groups, addresses (source,
destination), address groups (source, destination), services, service
groups