Filter
Top Products
Chapter 2 Features and Applications
ZyWALL USG 300 User’s Guide
59
2.2.1 Interface to Interface (Through ZyWALL)
Ethernet -> VLAN -> Encap -> ALG -> AC -> DNAT-> Routing -> FW -> AC -> IDP -> AV-
> AP -> CF -> SNAT -> BWM -> Encap -> VLAN -> Ethernet
2.2.2 Interface to Interface (To/From ZyWALL)
To: Ethernet -> VLAN -> Encap -> ALG -> AC -> DNAT -> Routing -> zFW -> ADP -> SC
From: SC -> Routing -> BWM -> Encap -> VLAN -> Ethernet
2.2.3 Interface to Interface (From VPN Tunnel)
This example shows the flow from a VPN tunnel though the ZyWALL, not to the ZyWALL or
to another VPN tunnel (VPN concentrator).
Ethernet -> VLAN -> Encap -> ALG -> AC -> DNAT-> Routing -> zFW -> IPSec D -> ALG
-> AC -> DNAT-> Routing -> FW -> AC -> IDP -> AV -> AP -> CF -> -> SNAT -> BWM -
> Encap -> VLAN -> Ethernet
2.2.4 Interface to Interface (To VPN Tunnel)
This example shows the flow to a VPN tunnel from a source other than the ZyWALL or
another VPN tunnel (VPN concentrator).
AC Application Classifier is the Application Protocol (AP) layer-7 classifier.
DNAT Destination NAT
Routing Routing includes policy routes, interface routing, static routes and load balancing
for example.
FW Firewall (Through ZyWALL)
zFW Firewall (To ZyWALL)
IDP Intrusion Detection & Protection
ADP Anomaly Detection and Protection
AP Application Patrol
CF Content Filtering
SNAT Source NAT
IPSec D/E VPN Decryption/Encryption
BWM Bandwidth Management
SC Service Control (Remote Management)
AV Anti-Virus
Table 4 Packet Flow Key