ZyXEL Communications ZyXEL ZyWALL 2WE User Manual

ZyWALL 2 and ZyWALL 2WE

13-8

Firewalls

all communications to the Internet that originate from the LAN, and blocks all traffic to the LAN that
originates from the Internet. In summary, stateful inspection:

Allows all sessions originating from the LAN (local network) to the WAN (Internet).

Denies all sessions originating from the WAN to the LAN.

Figure 13-5 Stateful Inspection

The previous figure shows the ZyWALL’s default firewall rules in action as well as demonstrates how
stateful inspection works. User A can initiate a Telnet session from within the LAN and responses to this
request are allowed. However other Telnet traffic initiated from the WAN is blocked.

13.5.1 Stateful Inspection Process

In this example, the following sequence of events occurs when a TCP packet leaves the LAN network
through the firewall's WAN interface. The TCP packet is the first in a session, and the packet's application
layer protocol is configured for a firewall rule inspection: