ZyXEL Communications 100 Series, 200 Series Firewall, 19.1 Overview, 19.1.1What You Can Do in the Firewall Screens

Firewall

19.1 Overview

Use the firewall to block or allow services that use static port numbers. Use application patrol (see Chapter 27 on page 443) to control services using flexible/dynamic port numbers.

This figure shows the ZyWALL’s default firewall rules in action and demonstrates how stateful inspection works. User 1 can initiate a Telnet session from within the LAN1 zone and responses to this request are allowed. However, other Telnet traffic initiated from the WAN or DMZ zone and destined for the LAN1 zone is blocked. Communications between the WAN and the DMZ zones are allowed. The firewall allows VPN traffic between any of the networks.

Figure 237 Default Firewall Action

19.1.1What You Can Do in the Firewall Screens

•Use the Firewall screen (Section 19.2 on page 343) to enable or disable the firewall and asymmetrical routes, set a maximum number of sessions per host, and display the configured firewall rules.

•Use the Firewall Edit screen (see Section 19.2.2 on page 346) to edit or add a firewall rule.

	335
ZyWALL USG 100/200 Series User’s Guide	335