Chapter 11 Firewall

Table 71 SECURITY > FIREWALL > Rule Summary > Edit

LABEL

DESCRIPTION

Action for

Use the drop-down list box to select what the firewall is to do with packets that

Matched Packets

match this rule.

 

Select Drop to silently discard the packets without sending a TCP reset packet or

 

an ICMP destination-unreachable message to the sender.

 

Select Reject to deny the packets and send a TCP reset packet (for a TCP packet)

 

or an ICMP destination-unreachable message (for a UDP packet) to the sender.

 

Select Permit to allow the passage of the packets.

 

Note: You also need to configure NAT port forwarding (or full

 

featured NAT address mapping rules) if you want to allow

 

computers on the WAN to access devices on the LAN.

 

Note: You may also need to configure the remote management

 

settings if you want to allow a WAN computer to manage the

 

ZyWALL or restrict management from the LAN.

 

 

Apply

Click Apply to save your customized settings and exit this screen.

 

 

Cancel

Click Cancel to exit this screen without saving.

 

 

11.10 Anti-Probing

Click SECURITY > FIREWALL > Anti-Probingto open the following screen. Configure this screen to help keep the ZyWALL hidden from probing attempts. You can specify which of the ZyWALL’s interfaces will respond to Ping requests and whether or not the ZyWALL is to respond to probing for unused ports.

Figure 160 SECURITY > FIREWALL > Anti-Probing

260

 

ZyWALL 2WG User’s Guide