P-2302R-P1 Series User’s Guide
Chapter 13 Firewall
151
You can block certain
LAN-to-WAN
traffic in the
Services
screen (click the
Services
tab).
All services displayed in the
Blocked Services
list box are
LAN-to-WAN
firewall rules that
block those services originating from the LAN.
Blocked
LAN-to-WAN
packets are considered alerts. Alerts are “higher priority logs” that
include system errors, attacks and attempted access to blocked web sites. Alerts appear in red
in the
View Log
screen. You may choose to have alerts e-mailed immediately in the
Log
Settings
screen.
LAN-to-LAN/ZyXEL Device means the LAN to the ZyXEL Device LAN interface. This is
always allowed, as this is how you manage the ZyXEL Device from your local computer.
13.1.4.2 WAN-to-LAN rules
WAN-to-LAN
rules are Internet to your local network firewall rules. The default is to block
all traffic from the Internet to your local network.
How can you forward certain WAN to LAN traffic? You may allow traffic originating from
the WAN to be forwarded to the LAN by:
• Configuring NAT port forwarding rules.
• Configuring
One-to-One
and
Many-One-to-One
NAT mapping rules in the web
configurator
Address Mapping
screen or SMT NAT menus.
• Configuring
WAN
or
LAN & WAN
access for services in the
Remote Management
screens or SMT menus. When you allow remote management from the WAN, you are
actually configuring WAN-to-WAN/ZyXEL Device firewall rules. WAN-to-WAN/
ZyXEL Device firewall rules are Internet to the ZyXEL Device WAN interface firewall
rules. The default is to block all such traffic. When you decide what WAN-to-LAN
packets to log, you are in fact deciding what
WAN-to-LAN
and WAN-to-WAN/ZyXEL
Device packets to log.
Forwarded
WAN-to-LAN
packets are not considered alerts.
13.2 Triangle Route
When the firewall is on, your ZyXEL Device acts as a secure gateway between your LAN and
the Internet. In an ideal network topology, all incoming and outgoing network traffic passes
through the ZyXEL Device to protect your LAN against attacks.
Figure 70
Ideal Firewall Setup
Summary of Contents for P-2302R-P1 Series
Page 1: ...P 2302R P1 Series VoIP ATA Station Gateway User s Guide Version 3 60 Edition 1 5 2006...
Page 2: ......
Page 5: ...P 2302R P1 Series User s Guide Certifications 5...
Page 10: ...P 2302R P1 Series User s Guide 10 Customer Support...
Page 38: ...P 2302R P1 Series User s Guide 38 Chapter 1 Introducing the ZyXEL Device...
Page 46: ...P 2302R P1 Series User s Guide 46 Chapter 2 Introducing the Web Configurator...
Page 106: ...P 2302R P1 Series User s Guide 106 Chapter 7 LAN...
Page 125: ...P 2302R P1 Series User s Guide Chapter 9 SIP 125 Figure 60 VoIP SIP SIP Settings Advanced...
Page 130: ...P 2302R P1 Series User s Guide 130 Chapter 9 SIP...
Page 140: ...P 2302R P1 Series User s Guide 140 Chapter 10 Phone...
Page 146: ...P 2302R P1 Series User s Guide 146 Chapter 11 Phone Book...
Page 160: ...P 2302R P1 Series User s Guide 160 Chapter 14 Content Filter...
Page 174: ...P 2302R P1 Series User s Guide 174 Chapter 15 Bandwidth MGMT...
Page 184: ...P 2302R P1 Series User s Guide 184 Chapter 17 Static Route...
Page 208: ...P 2302R P1 Series User s Guide 208 Chapter 19 System...
Page 224: ...P 2302R P1 Series User s Guide 224 Chapter 20 Logs...
Page 234: ...P 2302R P1 Series User s Guide 234 Appendix A Product Specifications...
Page 256: ...P 2302R P1 Series User s Guide 256 Appendix C IP Subnetting...
Page 258: ...P 2302R P1 Series User s Guide 258 Appendix D SIP Passthrough...
Page 288: ...P 2302R P1 Series User s Guide 288 Appendix G Services...