Filter
Top Products
Chapter 11 Zones
ZyWALL 110/310/1100 Series User’s Guide
212
Intra-zone Traffic
• Intra-zone traffic is traffic between interfaces or VPN tunnels in the same zone. For example, in
Figure 121 on page 211, traffic between VLAN 2 and the Ethernet is intra-zone traffic.
• In each zone, you can either allow or prohibit all intra-zone traffic. For example, in Figure 121 on
page 211, you might allow intra-zone traffic in the LAN zone but prohibit it in the WAN zone.
• You can set up firewall rules to control intra-zone traffic (for example, DMZ-to-DMZ), but many
other types of zone-based security and policy settings do not affect intra-zone traffic.
Inter-zone Traffic
Inter-zone traffic is traffic between interfaces or VPN tunnels in different zones. For example, in
Figure 121 on page 211, traffic between VLAN 1 and the Internet is inter-zone traffic. This is the
normal case when zone-based security and policy settings apply.
Extra-zone Traffic
• Extra-zone traffic is traffic to or from any interface or VPN tunnel that is not assigned to a zone.
For example, in Figure 121 on page 211, traffic to or from computer C is extra-zone traffic.
• Some zone-based security and policy settings may apply to extra-zone traffic, especially if you
can set the zone attribute in them to Any or All. See the specific feature for more information.
11.2 The Zone Screen
The Zone screen provides a summary of all zones. In addition, this screen allows you to add, edit,
and remove zones. To access this screen, click Configuration > Network > Zone.
Figure 122 Configuration > Network > Zone