1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. NBG-418N
    5. /
  5. 23
Page 111 / 224 Scroll up to view Page 106 - 110
NBG-418N User’s Guide
111
C
HAPTER
12
Firewall
12.1
Overview
Use these screens to enable and configure the firewall that protects your NBG-418N and your LAN
from unwanted or malicious traffic.
Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and
control access between the LAN and WAN. By default the firewall:
allows traffic that originates from your LAN computers to go to all of the networks.
blocks traffic that originates on the other networks from going to the LAN.
The following figure illustrates the default firewall action. User
A
can initiate an IM (Instant
Messaging) session from the LAN to the WAN (
1
). Return traffic for this session is also allowed (
2
).
However other traffic initiated from the WAN is blocked (
3
and
4
).
Figure 78
Default Firewall Action
12.2
What You Can Do
Use the
General
screen
to enable or disable the NBG-418N’s firewall (
Section 12.4 on page
112
).
Use the
Services
screen to enable or disable ICMP and VPN passthrough features (
Section 12.5
on page 113
).
Page 112 / 224
Chapter 12 Firewall
NBG-418N User’s Guide
112
12.3
What You Need To Know
The NBG-418N’s firewall feature physically separates the LAN and the WAN and acts as a secure
gateway for all data passing between the networks.
12.3.1
About the NBG-418N Firewall
The NBG-418N firewall is a stateful inspection firewall and is designed to protect against Denial of
Service attacks when activated (click
the
General
tab under
Firewall
and then click the
Enable
Firewall
check box). The NBG-418N's purpose is to allow a private Local Area Network (LAN) to be
securely connected to the Internet. The NBG-418N can be used to prevent theft, destruction and
modification of data, as well as log events, which may be important to the security of your network.
The NBG-418N is installed between the LAN and a broadband modem connecting to the Internet.
This allows it to act as a secure gateway for all data passing between the Internet and the LAN.
The NBG-418N has one Ethernet WAN port and four Ethernet LAN ports, which are used to
physically separate the network into two areas.The WAN (Wide Area Network) port attaches to the
broadband (cable or DSL) modem to the Internet.
The LAN (Local Area Network) port attaches to a network of computers, which needs security from
the outside world. These computers will have access to Internet services such as e-mail, FTP and
the World Wide Web. However, "inbound access" is not allowed (by default) unless the remote host
is authorized to use a specific service.
12.3.2
VPN Pass Through Features
A Virtual Private Network (VPN) is a way to securely connect two networks over the Internet. For
example a home network and one in a business office. This requires special equipment on both
ends of the connection.
The NBG-418N is not one of the endpoints but it does allow traffic from those endpoints to pass
through. The NBG-418N allows the following types of VPN traffic to pass through:
IP security (IPSec)
Point-to-Point Tunneling Protocol (PPTP)
12.4
General Firewall Screen
Use this screen to enable or disable the NBG-418N’s firewall, and set up firewall logs. Click
Security
>
Firewall
to open the
General
screen.
Page 113 / 224
Chapter 12 Firewall
NBG-418N User’s Guide
113
Figure 79
Security > Firewall > General
The following table describes the labels in this screen.
12.5
Services Screen
Use the
Services
screen to enable or disable ICMP and VPN passthrough features.
Click
Security
>
Firewall
>
Services
. The screen appears as shown next.
Figure 80
Security > Firewall > Services
The following table describes the labels in this screen.
Table 49
Security > Firewall > General
LABEL
DESCRIPTION
Enable Firewall
Select this check box to activate the firewall. The NBG-418N performs access control and
protects against Denial of Service (DoS) attacks when the firewall is activated.
Apply
Click
Apply
to save the settings.
Reset
Click
Reset
to start configuring this screen again.
Table 50
Security > Firewall > Services
LABEL
DESCRIPTION
ICMP
Internet Control Message Protocol is a message control and error-reporting protocol
between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP)
datagrams, but the messages are processed by the TCP/IP software and directly apparent
to the application user.
Respond to Ping
on WAN
The NBG-418N will not respond to any incoming Ping requests when
Disable
is selected.
Select
Enable
to reply to incoming WAN Ping requests.
Page 114 / 224
Chapter 12 Firewall
NBG-418N User’s Guide
114
VPN Passthrough
Select the checkbox to enable the advanced pass through features:
PPTP Passthrough:
Select this option to allow the NBG-418N to pass through VPN
traffic using PPTP.
L2TP Passthrough:
Select this option to enable computers on your LAN to make
L2TP VPN connections to servers on the Internet.
IPSEC Passthrough:
Select this option to allow the NBG-418N to pass through VPN
traffic using the IPsec protocol.
Apply
Click
Apply
to save the settings.
Reset
Click
Reset
to start configuring this screen again.
Table 50
Security > Firewall > Services (continued)
LABEL
DESCRIPTION
Page 115 / 224
NBG-418N User’s Guide
115
C
HAPTER
13
Remote Management
13.1
Overview
This chapter provides information on the
Remote Management
screens.
Remote management allows you to determine which services/protocols can access which NBG-
418N interface (if any) from which computers.
You may manage your NBG-418N from a remote location via:
Note: When you configure remote management to allow management from the LAN and
WAN in the options above, you still need to configure a firewall rule to allow access.
See the firewall chapters for details on configuring firewall rules.
LAN only
LAN and WAN

Rate

4 / 5 based on 1 vote.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top