1 to vpn packet direction – ZyXEL Communications ZyXEL ZyWALL 2WG User Manual
Page 204
Chapter 11 Firewall
ZyWALL 2WG User’s Guide
204
By default, the ZyWALL drops packets traveling in the following directions.
See
for information about packets traveling to or from the VPN tunnels.
11.3.1 To VPN Packet Direction
The ZyWALL can apply firewall rules to traffic before encrypting it to send through a VPN
tunnel. To VPN means traffic that comes in through the selected “from” interface and goes out
through any of the ZyWALL’s VPN tunnels. For example, From LAN To VPN specifies the
traffic that is coming from the LAN and going out through any of the ZyWALL’s VPN
tunnels.
• WAN 1 to LAN These rules specify which computers connected to WAN 1 can access
which computers or services on the LAN. For example, you may
create rules to:
• Allow certain types of traffic, such as Lotus Notes database
synchronization, from specific hosts on the Internet to specific
hosts on the LAN.
• Allow public access to a Web server on your protected network.
You could also block certain IP addresses from accessing it.
"
You also need to configure NAT port forwarding
(or full featured NAT address mapping rules) to
allow computers on the WAN to access devices
on the LAN. See
an example.
• WAN to WAN
By default the ZyWALL stops computers connected to WAN1 or
WAN2 from managing the ZyWALL or using the ZyWALL as a
gateway to communicate with other computers on the WAN. You
could configure one of these rules to allow a WAN computer to
manage the ZyWALL.
"
You also need to configure the remote
management settings to allow a WAN computer
to manage the ZyWALL.