Chapter 6 Configuration Basics
Example: Suppose you have a SIP proxy server connected to the DMZ zone for VoIP calls. You could configure a firewall rule to allow VoIP sessions from the SIP proxy server on DMZ to the LAN so VoIP users on the LAN can receive calls.
1Create a VoIP service object for UDP port 5060 traffic (Configuration > Object > Service).
2Create an address object for the VoIP server (Configuration > Object > Address).
3Click Configuration > Firewall to go to the firewall configuration.
4Select from the DMZ zone to the LAN1 zone, and add a firewall rule using the items you have configured.
•You don’t need to specify the schedule or the user.
•In the Source field, select the address object of the VoIP server.
•You don’t need to specify the destination address.
•Leave the Access field set to Allow and the Log field set to No.
Note: The ZyWALL checks the firewall rules in order. Make sure each rule is in the correct place in the sequence.
6.5.15 IPSec VPN
Use IPSec VPN to provide secure communication between two sites over the Internet or any insecure network that uses TCP/IP for communication. The ZyWALL also offers
MENU ITEM(S) | Configuration > VPN > IPSec VPN; you can also use the Quick | |
Setup VPN Setup wizard. | ||
|
Interfaces, certificates (authentication), authentication methods
PREREQUISITES (extended authentication), addresses (local network, remote network, NAT),
WHERE USED Policy routes, zones, L2TP VPN
Example: See Chapter 7 on page 119.
6.5.16 SSL VPN
Use SSL VPN to give remote users secure network access.
MENU ITEM(S) Configuration > VPN > SSL VPN
Interfaces, SSL application, users, user groups, addresses (network
PREREQUISITES list, IP pool for assigning to clients, DNS and WINS server addresses),
110 |
| |
ZyWALL USG 2000 User’s Guide |
| |
|
|
|