Chapter 6 Configuration Basics

The WAN zone contains the ge2 and ge3 interfaces (physical ports 2 and 3). They use public IP addresses to connect to the Internet.

The DMZ zone contains the ge4 and ge5 interfaces (physical ports 4 and 5). The DMZ zone has servers that are available to the public. These interface uses private IP addresses 192.168.2.1 and 192.168.3.1.

The WLAN zone contains the ge6 interface (physical port P6). This is a second protected zone for connecting wireless access points. The ge6 interface uses private IP address 10.59.0.1 and the connected devices use IP addresses in the 10.59.0.2 to 10.59.0.254 range.

Interface ge7 (physical port 7) is not part of a zone by default. Add it to a zone to apply security policies.

6.3Terminology in the ZyWALL

This section highlights some differences in terminology or organization between the ZLD-based ZyWALL and other routers, particularly ZyNOS routers.

Table 14 ZLD ZyWALL Terminology That is Different Than ZyNOS

ZYNOS FEATURE / TERM

ZLD ZYWALL FEATURE / TERM

IP alias

Virtual interface

 

 

Gateway policy

VPN gateway

 

 

Network policy (IPSec SA)

VPN connection

 

 

Hub-and-spoke VPN

(VPN) concentrator

 

 

Table 15 ZLD ZyWALL Terminology That Might Be Different Than Other Products

FEATURE / TERM

ZLD ZYWALL FEATURE / TERM

Source NAT (SNAT)

Policy route

 

 

Table 16 NAT: Differences Between ZLD ZyWALL and ZyNOS

ZYNOS FEATURE / SCREEN

ZLD ZYWALL FEATURE / SCREEN

Trigger port, port triggering

Policy route

 

 

Address mapping

Policy route

 

 

Address mapping (VPN)

IPSec VPN

 

 

Table 17 Bandwidth Management: Differences Between the ZLD ZyWALL and ZyNOS

ZYNOS FEATURE / SCREEN

ZLD ZYWALL FEATURE / SCREEN

Interface bandwidth management

Interface

(outbound)

 

 

 

OSI level-7 bandwidth management

Application patrol

 

 

General bandwidth management

Policy route

 

 

 

95

ZyWALL USG 300 User’s Guide