Chapter 11 Firewall Configuration
P-660W-Tx v2 User’s Guide
128
11.7.3 Connection Direction
This section describes examples for firewall rules for connections going from LAN to WAN
and from WAN to LAN.
LAN to LAN/ Router, WAN to WAN/ Router rules apply to packets coming in on the
associated interface (LAN, WAN respectively). LAN to LAN/ Router means policies for
LAN-to-ZyXEL Device (the policies for managing the ZyXEL Device through the LAN
interface) and policies for LAN-to-LAN (the policies that control routing between two subnets
on the LAN). Similarly, WAN to WAN/ Router polices apply in the same way to the WAN
ports.
LAN to WAN Rules
The default rule for LAN to WAN traffic is that all users on the LAN are allowed non-
restricted access to the WAN. When you configure a LAN to WAN rule, you in essence want
to limit some or all users from accessing certain services on the WAN. WAN to LAN Rules
The default rule for WAN to LAN traffic blocks all incoming connections (WAN to LAN). If
you wish to allow certain WAN users to have access to your LAN, you will need to create
custom rules to allow it.
Alerts
Alerts are reports on events, such as attacks, that you may want to know about right away. You
can choose to generate an alert when an attack is detected in the
Edit Rule
screen
(
select the
Send Alert Message to Administrator When Matched
check box) or when a rule is matched
in the
Edit Rule
screen.
When an event generates an alert, a message can be immediately sent
to an e-mail account that you specify in the
Log Settings
screen (see the chapter on logs).
11.7.4 DoS Thresholds
For DoS attacks, the ZyXEL Device uses thresholds to determine when to drop sessions that
do not become fully established. These thresholds apply globally to all sessions.
You can use the default threshold values, or you can change them to values more suitable to
your security requirements.
Refer to
to configure thresholds.
11.7.4.1 Threshold Values
Tune these parameters when something is not working and after you have checked the firewall
counters. These default values should work fine for most small offices. Factors influencing
choices for threshold values are:
• The maximum number of opened sessions.
• The minimum capacity of server backlog in your LAN network.
• The CPU power of servers in your LAN network.
• Network bandwidth.
• Type of traffic for certain servers.
If your network is slower than average for any of these factors (especially if you have servers
that are slow or handle many tasks and are often busy), then the default values should be
reduced.
Summary of Contents for P-660W-T1 v2
Page 2: ......
Page 8: ...Safety Warnings P 660W Tx v2 User s Guide 8 ...
Page 10: ...Contents Overview P 660W Tx v2 User s Guide 10 ...
Page 18: ...Table of Contents P 660W Tx v2 User s Guide 18 ...
Page 22: ...List of Figures P 660W Tx v2 User s Guide 22 ...
Page 25: ...25 PART I Introduction Introducing the ZyXEL Device 27 Introducing the Web Configurator 31 ...
Page 26: ...26 ...
Page 30: ...Chapter 1 Introducing the ZyXEL Device P 660W Tx v2 User s Guide 30 ...
Page 36: ...Chapter 2 Introducing the Web Configurator P 660W Tx v2 User s Guide 36 ...
Page 37: ...37 PART II Setup Wizard Connection Setup Wizard 39 Media Bandwidth Management Wizard 47 ...
Page 38: ...38 ...
Page 46: ...Chapter 3 Connection Setup Wizard P 660W Tx v2 User s Guide 46 ...
Page 50: ...Chapter 4 Media Bandwidth Management Wizard P 660W Tx v2 User s Guide 50 ...
Page 52: ...52 ...
Page 83: ...Chapter 7 WAN Setup P 660W Tx v2 User s Guide 83 Figure 32 WAN Setup PPPoE ...
Page 104: ...Chapter 8 Network Address Translation NAT Screens P 660W Tx v2 User s Guide 104 ...
Page 130: ...Chapter 11 Firewall Configuration P 660W Tx v2 User s Guide 130 ...
Page 156: ...Chapter 15 Logs Screens P 660W Tx v2 User s Guide 156 ...
Page 169: ...169 PART IV Maintenance Maintenance 171 ...
Page 170: ...170 ...
Page 184: ...Chapter 17 Maintenance P 660W Tx v2 User s Guide 184 ...
Page 185: ...185 PART V Troubleshooting and Specifications Troubleshooting 187 Product Specifications 193 ...
Page 186: ...186 ...
Page 192: ...Chapter 18 Troubleshooting P 660W Tx v2 User s Guide 192 ...
Page 200: ...200 ...
Page 208: ...Appendix A Pop up Windows JavaScripts and Java Permissions P 660W Tx v2 User s Guide 208 ...
Page 226: ...Appendix C Common Services P 660W Tx v2 User s Guide 226 ...
Page 232: ...Appendix D Legal Information P 660W Tx v2 User s Guide 232 ...