Filter
Top Products
Chapter 6 Configuration Basics
ZyWALL USG 300 User’s Guide
106
Example: Suppose you have a SIP proxy server connected to the DMZ zone for
VoIP calls. You could configure a firewall rule to allow VoIP sessions from the SIP
proxy server on DMZ to the LAN so VoIP users on the LAN can receive calls.
1 Create a VoIP service object for UDP port 5060 traffic (Configuration > Object >
Service).
2 Create an address object for the VoIP server (Configuration > Object >
Address).
3 Click Configuration > Firewall to go to the firewall configuration.
4 Select from the DMZ zone to the LAN1 zone, and add a firewall rule using the
items you have configured.
• You don’t need to specify the schedule or the user.
•In the Source field, select the address object of the VoIP server.
• You don’t need to specify the destination address.
• Leave the Access field set to Allow and the Log field set to No.
Note: The ZyWALL checks the firewall rules in order. Make sure each rule is in the
correct place in the sequence.
6.5.15 IPSec VPN
Use IPSec VPN to provide secure communication between two sites over the
Internet or any insecure network that uses TCP/IP for communication. The
ZyWALL also offers hub-and-spoke VPN.
Example: See Chapter 7 on page 115.
6.5.16 SSL VPN
Use SSL VPN to give remote users secure network access.
MENU ITEM(S)
Configuration > VPN > IPSec VPN; you can also use the Quick
Setup VPN Setup wizard.
PREREQUISITES
Interfaces, certificates (authentication), authentication methods
(extended authentication), addresses (local network, remote network,
NAT), to-ZyWALL firewall, firewall
WHERE USED
Policy routes, zones, L2TP VPN
MENU ITEM(S)
Configuration > VPN > SSL VPN
PREREQUISITES
Interfaces, SSL application, users, user groups, addresses (network
list, IP pool for assigning to clients, DNS and WINS server addresses),
to-ZyWALL firewall, firewall