ZyXEL UAG715 User Guide - Page 239
Firewall
View all ZyXEL UAG715 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 239 highlights
CHAPTER 21 Firewall 21.1 Overview Use the firewall to block or allow services that use static port numbers. The firewall can also limit the number of user sessions. This example shows the UAG's default firewall behavior for WAN to LAN traffic and how stateful inspection works. A LAN user can initiate a Telnet session from within the LAN zone and the firewall allows the response. However, the firewall blocks Telnet traffic initiated from the WAN zone and destined for the LAN zone. The firewall allows VPN traffic between any of the networks. Figure 160 Default Firewall Action 21.1.1 What You Can Do in this Chapter • Use the Firewall screens (Section 21.2 on page 242) to enable or disable the firewall and asymmetrical routes, and manage and configure firewall rules. • Use the Session Limit screens (see Section 21.3 on page 246) to limit the number of concurrent NAT/firewall sessions a client can use. 21.1.2 What You Need to Know Stateful Inspection The UAG has a stateful inspection firewall. The UAG restricts access by screening data packets against defined access rules. It also inspects sessions. For example, traffic from one zone is not allowed unless it is initiated by a computer in another zone first. Zones A zone is a group of interfaces or VPN tunnels. Group the UAG's interfaces into different zones based on your needs. You can configure firewall rules for data passing between zones or even between interfaces and/or VPN tunnels in a zone. UAG715 User's Guide 239