ZyXEL UAG715 User Guide - Page 252
Table 98, Source, Destination, Schedule, Service, Action, Table 99
View all ZyXEL UAG715 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 252 highlights
Chapter 21 Firewall Figure 172 Limited LAN to WAN IRC Traffic Example Your firewall would have the following configuration. Table 98 Limited LAN1 to WAN IRC Traffic Example 1 # USER SOURCE DESTINATION SCHEDULE 1 Any 192.168.1.7 Any Any 2 Any Any Any Any 3 Any Any Any Any SERVICE IRC IRC Any ACTION Allow Deny Allow • The first row allows the LAN1 computer at IP address 192.168.1.7 to access the IRC service on the WAN. • The second row blocks LAN1 access to the IRC service on the WAN. • The third row is the firewall's default policy of allowing all traffic from the LAN1 to go to the WAN. Alternatively, you configure a LAN1 to WAN rule with the CEO's user name (say CEO) to allow IRC traffic from any source IP address to go to any destination address. Your firewall would have the following configuration. Table 99 Limited LAN1 to WAN IRC Traffic Example 2 # USER SOURCE DESTINATION SCHEDULE 1 CEO Any Any Any 2 Any Any Any Any 3 Any Any Any Any SERVICE IRC IRC Any ACTION Allow Deny Allow • The first row allows any LAN1 computer to access the IRC service on the WAN by logging into the UAG with the CEO's user name. • The second row blocks LAN1 access to the IRC service on the WAN. • The third row is the firewall's default policy of allowing all traffic from the LAN1 to go to the WAN. The rule for the CEO must come before the rule that blocks all LAN1 to WAN IRC traffic. If the rule that blocks all LAN1 to WAN IRC traffic came first, the CEO's IRC traffic would match that rule and the UAG would drop it and not check any other firewall rules. 252 UAG715 User's Guide