Support User Manuals

ZyXEL Communications ZyWALL 1000 Network Router User Manual

Open as PDF

of 780

Chapter 5 Configuration Basics

ZyWALL USG 1000 User’s Guide

113

A physical port is the place to which you connect the cable. As shown above, you do not

usually configure physical ports to use various features. You configure interfaces and zones.

The ZyWALL supports one-to-one, one-to-many, many-to-one, and many-to-none

relationships between physical ports and interfaces.

There are many types of interfaces in the ZyWALL. In addition to being used in various

features, interfaces also describe the network that is directly connected to the ZyWALL.

• Port groups create a hardware connection between physical ports at the layer-2 (MAC

address) level.

• Ethernet interfaces are the foundation for defining other interfaces and network policies.

You also configure RIP and OSPF in these interfaces.

• VLAN interfaces recognize tagged frames. The ZyWALL automatically adds or removes

the tags as needed. Each VLAN can only be associated with one Ethernet interface.

• Bridge interfaces create a software connection between Ethernet or VLAN interfaces at

the layer-2 (data link, MAC address) level. Then, you can configure the IP address and

subnet mask of the bridge. It is also possible to configure zone-level security between the

member interfaces in the bridge.

• PPPoE/PPTP interfaces support Point-to-Point Protocols (PPP). ISP accounts are

required for PPPoE/PPTP interfaces.

• Virtual interfaces increase the amount of routing information in the ZyWALL. There are

three types: virtual Ethernet interfaces (also known as IP alias), virtual VLAN

interfaces, and virtual bridge interfaces.

•The auxiliary interface, along with an external modem, provides an interface the

ZyWALL can use to dial out. This interface can be used as a backup WAN interface, for

example. The auxiliary interface controls the AUX port.

Zones are used for security policies. A zone is simply a group of interfaces and/or VPN

tunnels; by default, the ZyWALL has LAN, WAN and DMZ zones. Each interface and VPN

tunnel can be assigned to one and only one zone. You can add, change, or remove the

interfaces and VPN tunnels in each zone without affecting the settings that are based on zones.

5.3.1 Network Topology Example

The following example is used to further explain the differences between interfaces and zones.

previous next