ZyWALL 2WG Support Notes
All contents copyright (c) 2006 ZyXEL Communications Corporation. 123
Access control and security VPN connection (Security policy enforcement IPSec)
Setup ZyWALL VPN with access control - Firewall
Setup ZyWALL VPN with web filtering rule – Content Filter
Normally, the traffic transmitted between VPN tunnel is treated as security connection due on multi
authentication and encryption methods. Thus, the security gateway won’t inspect the VPN traffic because
the traffic sending with cipher text format not in plaintext. The enhanced algorithm we adopted is
ZyWALL can inspect the VPN packet before encrypt or after decrypt the packet sending to or receiving
from VPN tunnel.
Check
SPD Encrypt
Packet Decrypt
Packet Rout ing
Routi ng IPSec Tunnel
packet
IPSe c L o ca l Gatew a y IPSe c R e mote Gatew a y
FW
IDP
AV
AS
FW
IDP
AV
AS
How to configure access control rule over VPN
1. Log into the web configurator on the ZyWALL. In a web browser, enter the IP address (the
default is 192.168.1.1) of your ZyWALL in the Address field. A screen displays, enter the
administrative login password (1234 is the default).
2. Access control in VPN tunnel application can be enforced via Firewall feature. Switch to
Security>Firewall menu to configure the traffic from VPN or to VPN access control rule.