Chapter 5 Configuration Basics

Bridge interfaces create a software connection between Ethernet or VLAN interfaces at the layer-2 (data link, MAC address) level. Then, you can configure the IP address and subnet mask of the bridge. It is also possible to configure zone-level security between the member interfaces in the bridge.

Virtual interfaces increase the amount of routing information in the ZyWALL. There are three types: virtual Ethernet interfaces (also known as IP alias), virtual VLAN interfaces, and virtual bridge interfaces.

The auxiliary interface, along with an external modem, provides an interface the ZyWALL can use to dial out. This interface can be used as a backup WAN interface, for example. The auxiliary interface controls the AUX port.

5.2.2Default Interface and Zone Configuration

This section explains the ZyWALL’s factory default zone and interface configuration. The following figure uses letters to denote public IP addresses or part of a private IP address.

Figure 45 Default Network Topology

Table 23 ZyWALL USG 200 Default Port, Interface, and Zone Configuration

PORT

INTERFACE

ZONE

IP ADDRESS AND DHCP

SUGGESTED USE WITH

SETTINGS

DEFAULT SETTINGS

P1, P2

wan1, wan2

WAN

DHCP clients

Connections to the Internet

 

 

 

 

 

P3

opt

OPT

None, DHCP server disabled

Third WAN, additional LAN1,

 

 

 

 

WLAN, or DMZ port or a separate

 

 

 

 

network.

 

 

 

 

 

P4, P5

lan1

LAN1

192.168.1.1, DHCP server

Protected LAN

 

 

 

enabled

 

 

 

 

 

 

P6

ext-wlan

WLAN

10.59.0.1, DHCP server

Wireless access points

 

 

 

enabled

 

 

 

 

 

 

P7

dmz

DMZ

192.168.3.1, DHCP server

Public servers (such as web, e-mail

 

 

 

disabled

and FTP)

 

 

 

 

 

 

111

ZyWALL USG 100/200 Series User’s Guide