Chapter 11 Firewall
• WAN to WAN By default the ZyWALL stops computers connected to the WAN from managing the ZyWALL or using the ZyWALL as a gateway to communicate with other computers on the WAN. You could configure one of these rules to allow a WAN computer to manage the ZyWALL.
"You also need to configure the remote management settings to allow a WAN computer to manage the ZyWALL.
See Chapter 4 on page 89 for information about packets traveling to or from the VPN tunnels.
11.3.1 To VPN Packet DirectionThe ZyWALL can apply firewall rules to traffic before encrypting it to send through a VPN tunnel. To VPN means traffic that comes in through the selected “from” interface and goes out through any of the ZyWALL’s VPN tunnels. For example, From LAN To VPN specifies the traffic that is coming from the LAN and going out through any of the ZyWALL’s VPN tunnels.
For example, by default the From LAN To VPN default firewall rule allows traffic from the LAN computers to go out through any of the ZyWALL’s VPN tunnels. You could configure the From DMZ To VPN default rule to set the ZyWALL to silently block traffic from the DMZ computers from going out through any of the ZyWALL’s VPN tunnels.
Figure 126 From LAN to VPN Example
| 195 |
ZyWALL 2 Plus User’s Guide | |
|
|