beautypg.com

9 ddns, 10 policy routes – ZyXEL Communications 200 Series User Manual

Page 116

background image

Chapter 5 Configuration Basics

ZyWALL USG 100/200 Series User’s Guide

116

Example: See

Chapter 6 on page 125

.

5.4.9 DDNS

Dynamic DNS maps a domain name to a dynamic IP address. The ZyWALL helps maintain
this mapping.

5.4.10 Policy Routes

Use policy routes to control the routing of packets through the ZyWALL’s interfaces, trunks,
and send traffic through VPN connections. You also use policy routes for bandwidth
management (out of the ZyWALL), port triggering, and general NAT on the source address.
You have to set up the criteria, next-hops, and NAT settings in other screens first.

Example: You have an FTP server connected to dmz (in the DMZ zone). You want to limit
the amount of FTP traffic that goes out from the FTP server through your WAN connection.

1 Create an address object for the FTP server (Object > Address).
2 Click Network > Routing > Policy Route to go to the policy route configuration screen.

Add a policy route.

3 Name the policy route.
4 Select the interface that the traffic comes in through (dmz in this example).
5 Select the FTP server’s address as the source address.
6 You don’t need to specify the destination address or the schedule.
7 For the service, select FTP.
8 For the Next Hop fields, select Interface as the Type if you have a single WAN

connection or Trunk if you have multiple WAN connections.

9 Select the interface that you are using for your WAN connection (wan1 and wan2 are

the default WAN interfaces). If you have multiple WAN connections, select the trunk.

10 Specify the amount of bandwidth FTP traffic can use. You may also want to set a low

priority for FTP traffic.

PREREQUISITES

Interfaces (with a static IP address), to-ZyWALL firewall

MENU ITEM(S)

Network > DDNS

PREREQUISITES

Interface

MENU ITEM(S)

Network > Routing > Policy Route

PREREQUISITES

Criteria: users, user groups, interfaces (incoming), IPSec VPN (incoming),
addresses (source, destination), address groups (source, destination),
schedules, services, service groups
Next-hop: addresses (HOST gateway), IPSec VPN, SSL VPN, trunks, interfaces
NAT: addresses (translated address), services and service groups (port
triggering)

This manual is related to the following products:
See also other documents in the category ZyXEL Communications Hardware: