Figure 66 default rule (bridge mode), Table 49 default rule (bridge mode) – ZyXEL Communications ZyXEL ZyWALL 5 User Manual

ZyWALL 5 User’s Guide

Chapter 10 Firewall Screens

171

Figure 66 Default Rule (Bridge Mode)

The following table describes the labels in this screen.

Table 49 Default Rule (Bridge Mode)

LABEL

DESCRIPTION

Enable Firewall

Select this check box to activate the firewall. The ZyWALL performs access control

and protects against Denial of Service (DoS) attacks when the firewall is activated.

Allow

Asymmetrical

Route

Select this check box to have the ZyWALL firewall permit the use of triangle route

topology on the network.

Note: Allowing asymmetrical routes may let traffic from the WAN go

directly to a LAN computer without passing through the
ZyWALL. See the appendices for more on triangle route
topology and how to deal with this problem.

Packet Direction This is the direction of travel of packets (LAN to LAN/ZyWALL, LAN to WAN, LAN

to DMZ, WAN to LAN, WAN to WAN/ZyWALL, WAN to DMZ, DMZ to LAN, DMZ

to WAN or DMZ to DMZ/ZyWALL).
Firewall rules are grouped based on the direction of travel of packets to which they

apply. For example, LAN to LAN/ZyWALL means packets traveling from a

computer/subnet on the LAN to either another computer/subnet on the LAN interface

of the ZyWALL or the ZyWALL itself.

Action

Use the drop-down list boxes to select whether to Block (silently discard) or

Forward (allow the passage of) packets that are traveling in the selected direction.

Log

Select the check box to create a log (when the above action is taken) for packets

that are traveling in the selected direction and do not match any of the rules below.

Log Broadcast

Frame

Select the check box to create a log for any Layer 2 broadcast frames that are

traveling in the selected direction.