Table 38 advanced: firewall – ZyXEL Communications NBG-415N User Manual

ZyXEL NBG-415N User’s Guide

95

Chapter 7 Advanced

The following table describes the labels in this screen.

Table 38 Advanced: Firewall

LABEL

DESCRIPTION

Enable SPI

Select this option to activate stateful packet inspection. Clear this check box to

disable this feature.

NAT Endpoint

Filtering

The NAT Endpoint Filtering options control how the router's NAT manages

incoming connection requests to ports that are already being used.

UDP Endpoint

Filtering

Select the end-point filtering option for UDP traffic.

TCP Endpoint

Filtering

Select the end-point filtering option for TCP traffic.

DMZ Host

Enable DMZ

Select this option to activate the DMZ feature to protect the specified device on the

LAN.

DMZ IP

Address

Enter the IP address (in dotted decimal notation) of a computer which you want to

protect on the LAN. Or select a computer IP address from the drop-down list box.

Non-UDP/TCP/

ICMP LAN

Sessions

You can set your ZyXEL Device to recognize sessions initiated by a VPN

connection from the LAN to the Internet (WAN) even though the VPN connection

uses an unknown protocol type (any protocols other than UDP, TCP, and ICMP).

This feature allows a single VPN connection to a remote host without the need for

an ALG. This feature does not apply to DMZ hosts (if enabled). DMZ hosts can

handles these sessions.
Select Enable to allow a single VPN connection to a remote host. For multiple VPN

connections, the appropriate VPN ALG must be enabled.
Clear the checkbox to disable this feature. However, you must also disable the

appropriate VPN ALG to deactivate the VPN connection.

Application Level Gateway (ALG) Application

PPTP

Select this option to allow multiple computers on the LAN to connect to a remote

network using the PPTP protocol.