beautypg.com

2 what you need to know about zones, 2 the zone screen – ZyXEL Communications 200 Series User Manual

Page 300

background image

Chapter 14 Zones

ZyWALL USG 100/200 Series User’s Guide

300

14.1.2 What You Need to Know About Zones

Effects of Zones on Different Types of Traffic

Zones effectively divide traffic into three types--intra-zone traffic, inter-zone traffic, and
extra-zone traffic--which are affected differently by zone-based security and policy settings.

Intra-zone Traffic

• Intra-zone traffic is traffic between interfaces or VPN tunnels in the same zone. For

example, in

Figure 205 on page 299

, traffic between VLAN 2 and the Ethernet is intra-

zone traffic.

• In each zone, you can either allow or prohibit all intra-zone traffic. For example, in

Figure

205 on page 299

, you might allow intra-zone traffic in the WLAN zone but prohibit it in

the WAN zone.

• You can also set up firewall rules to control intra-zone traffic (for example, WLAN-to-

WLAN), but many other types of zone-based security and policy settings do not affect
intra-zone traffic.

Inter-zone Traffic

Inter-zone traffic is traffic between interfaces or VPN tunnels in different zones. For example,
in

Figure 205 on page 299

, traffic between VLAN 1 and the Internet is inter-zone traffic. This

is the normal case when zone-based security and policy settings apply.

Extra-zone Traffic

• Extra-zone traffic is traffic to or from any interface or VPN tunnel that is not assigned to a

zone. For example, in

Figure 205 on page 299

, traffic to or from computer C is extra-zone

traffic.

• Some zone-based security and policy settings may apply to extra-zone traffic, especially if

you can set the zone attribute in them to Any or All. See the specific feature for more
information.

WLAN Zone Traffic

By default, the WLAN zone settings only apply to WLAN zone users (wireless clients), that
have been authenticated. WLAN zone users that have not been authenticated are “guest” users
and can only access the WAN.

Finding Out More

See

Section 5.4.7 on page 115

for related information on these screens.

14.2 The Zone Screen

The Zone screen provides a summary of all zones. In addition, this screen allows you to edit
zones. To access this screen, click Network > Zone.

This manual is related to the following products:
See also other documents in the category ZyXEL Communications Hardware: