4 security considerations – ZyXEL Communications NBG410W3G User Manual
Page 170
Chapter 9 Firewall
NBG410W3G Series User’s Guide
170
By default, the ZyXEL Device drops packets traveling in the following directions.
9.4 Security Considerations
"
Incorrectly configuring the firewall may block valid access or introduce security
risks to the ZyXEL Device and your protected network. Use caution when
creating or deleting firewall rules and test your rules after you configure them.
Consider these security ramifications before creating a rule:
• WAN 1 to LAN These rules specify which computers connected to WAN 1 can access
which computers or services on the LAN. For example, you may
create rules to:
• Allow certain types of traffic, such as Lotus Notes database
synchronization, from specific hosts on the Internet to specific
hosts on the LAN.
• Allow public access to a Web server on your protected network.
You could also block certain IP addresses from accessing it.
"
You also need to configure NAT port forwarding
(or full featured NAT address mapping rules) to
allow computers on the WAN to access devices
on the LAN. See
an example.
• WAN to WAN
By default the ZyXEL Device stops computers connected to WAN1 or
WAN2 from managing the ZyXEL Device or using the ZyXEL Device
as a gateway to communicate with other computers on the WAN. You
could configure one of these rules to allow a WAN computer to
manage the ZyXEL Device.
"
You also need to configure the remote
management settings to allow a WAN computer
to manage the ZyXEL Device.