5 the firewall, nat and remote management, 1 lan-to-wan rules, 2 wan-to-lan rules – ZyXEL Communications P-334WHD User Manual

P-334WHD User’s Guide

Chapter 12 Firewall

145

12.1.5 The Firewall, NAT and Remote Management

Figure 81 Firewall Rule Directions

12.1.5.1 LAN-to-WAN rules

LAN-to-WAN rules are local network to Internet firewall rules. The default is to forward all
traffic from your local network to the Internet.

You can block certain LAN-to-WAN traffic in the Services screen (click the Services tab).
All services displayed in the Blocked Services list box are LAN-to-WAN firewall rules that
block those services originating from the LAN.

Blocked LAN-to-WAN packets are considered alerts. Alerts are “higher priority logs” that
include system errors, attacks and attempted access to blocked web sites. Alerts appear in red
in the View Log screen. You may choose to have alerts e-mailed immediately in the Log
Settings screen.

LAN-to-LAN/ZyXEL Device means the LAN to the ZyXEL Device LAN interface. This is
always allowed, as this is how you manage the ZyXEL Device from your local computer.

12.1.5.2 WAN-to-LAN rules

WAN-to-LAN rules are Internet to your local network firewall rules. The default is to block
all traffic from the Internet to your local network.

How can you forward certain WAN to LAN traffic? You may allow traffic originating from
the WAN to be forwarded to the LAN by:

• Configuring NAT port forwarding rules.
• Configuring WAN or LAN & WAN access for services in the Remote Management

screens. When you allow remote management from the WAN, you are actually
configuring WAN-to-WAN/ZyXEL Device firewall rules. WAN-to-WAN/ZyXEL
Device firewall rules are Internet to the ZyXEL Device WAN interface firewall rules.
The default is to block all such traffic. When you decide what WAN-to-LAN packets to
log, you are in fact deciding what WAN-to-LAN and WAN-to-WAN/ZyXEL Device
packets to log.