1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P324
    5. /
  5. 31
Page 151 / 285 Scroll up to view Page 146 - 150
Firewall
12-5
Figure 12-3 Firewall Settings
Table 12-1 Firewall Settings
FIELD
Enable Firewall
Select this check box to activate the firewall. The Prestige performs access control
and protects against Denial of Service (DoS) attacks when the firewall is activated.
LAN to WAN
To log packets related to firewall rules, make sure that
Access Control
under
Log
is
selected in the
Logs
,
Log Settings
screen.
Page 152 / 285
12-6
Firewall
Table 12-1 Firewall Settings
FIELD
DESCRIPTION
Packets to Log
Choose what
LAN to WAN
packets to log. Choose from:
¾
No Log
¾
Log Blocked
(blocked LAN to WAN services appear in the
Blocked
Services
textbox in the
Services
screen (with
Enable Services Blocking
selected))
¾
Log All
(log all
LAN to WAN
packets)
WAN to LAN
To log packets related to firewall rules, make sure that
Access Control
under
Log
is
selected in the
Logs
,
Log Settings
screen.
Packets to Log
Choose what
WAN to LAN
and WAN to WAN/Prestige packets to log. Choose from:
¾
No Log
¾
Log Forwarded
(see how to forward WAN to LAN traffic in the next
section)
¾
Log All
(log all
WAN to LAN
packets).
Allow one specific computer full access to all blocked resources.
Trusted
Computer
You can allow a specific computer to access all Internet resources without restriction.
Enter the IP address of the trusted computer in this field.
To save your changes to the Prestige, click
Apply
.
To reconfigure all the fields in this screen, click
Reset
.
12.4 The Firewall, NAT and Remote Management
Page 153 / 285
Firewall
12-7
Figure 12-4 Firewall Rule Directions
12.4.1
LAN-to-WAN rules
LAN-to-WAN
rules are local network to Internet firewall rules. The default is to forward all traffic from
your local network to the Internet.
How can you block certain LAN to WAN traffic?
You may choose to block certain
LAN-to-WAN
traffic in the
Services
screen (click the
Services
tab). All
services displayed in the
Blocked Services
list box are
LAN-to-WAN
firewall rules that block those
services originating from the LAN.
Blocked
LAN-to-WAN
packets are considered alerts. Alerts are “higher priority logs” that include system
errors, attacks and attempted access to blocked web sites. Alerts appear in red in the
Log View
screen. You
may choose to have alerts e-mailed immediately in the
Log Settings
screen.
LAN-to-LAN/Prestige means the LAN to the Prestige LAN interface. This is always allowed, as this is
how you manage the Prestige from your local computer.
12.4.2 WAN-to-LAN rules
WAN-to-LAN
rules are Internet to your local network firewall rules. The default is to block all traffic from
the Internet to your local network.
How can you forward certain WAN to LAN traffic? You may allow traffic originating from the WAN to be
forwarded to the LAN by:
¾
Configuring NAT port forwarding rules in the web configurator
SUA Server
screen or SMT
NAT menus.
¾
Configuring
One-to-One
and
Many-One-to-One
NAT mapping rules in the web configurator
Address Mapping
screen or SMT NAT menus.
¾
Configuring
WAN
or
LAN & WAN
access for services in the
Remote Management
screens
or SMT menus. When you allow remote management from the WAN, you are actually configuring
WAN-to-WAN/Prestige firewall rules. WAN-to-WAN/Prestige firewall rules are Internet to the
Prestige WAN interface firewall rules. The default is to block all such traffic. When you decide
Page 154 / 285
12-8
Firewall
what WAN-to-LAN packets to log, you are in fact deciding what
WAN-to-LAN
and WAN-to-
WAN/Prestige packets to log.
¾
Allow NetBIOS traffic from the WAN to the LAN using the
WAN IP
web screen or SMT
menu 24.8 commands.
Forwarded
WAN-to-LAN
packets are not considered alerts.
12.5 Filter
Click on the
Filter
tab. The screen appears as shown next. Use this screen to restrict web features (Active
X, Java, Cookies, Web Proxy), enable URL keyword blocking, enter/delete/modify keywords you want to
block and the date/time you want to block them.
Figure 12-5 Firewall Filter
Page 155 / 285
Firewall
12-9
Table 12-2 Firewall Filter
FIELD
DESCRIPTION
Restricted Web Features
ActiveX
ActiveX is a tool for building dynamic and active Web pages and distributed object
applications. When you visit an ActiveX Web site, ActiveX controls are downloaded
to your browser, where they remain in case you visit the site again.
Java
Java is a programming language and development environment for building
downloadable Web components or Internet and intranet business applications of all
kinds.
Cookies
Web servers that track usage and provide service based on ID use cookies.
Web Proxy
This is a server that acts as an intermediary between a user and the Internet to
provide security, administrative control, and caching service. When a proxy server is
located on the WAN it is possible for LAN users to circumvent content filtering by
pointing to this proxy server.
Enable URL Keyword
Blocking
Select this option to block the URL containing the keywords in the keyword list.
Keyword
Type a keyword in this field. You may use any character (up to 64 characters).
Wildcards are not allowed.
Keyword List
This is a list of keywords that will be inaccessible to computers on your LAN once
you enable URL keyword blocking.
Add
Type a keyword in the
Keyword
field and click then
Add
to add a keyword to the
Keyword List.
Delete
Select a keyword from the
Keyword List
and then click
Delete
to remove this
keyword from the list.
Clear All
Click
Clear All
to empty the
Keyword List
.
Date to Block
Select everyday or the day(s) of the week to activate blocking.
Time of Day to
Block
Select
All Day
or enter the start and end times in the hour-minute format to activate
blocking.
To save your changes to the Prestige, click
Apply
.
To reconfigure all the fields in this screen, click
Reset
.

Rate

4 / 5 based on 1 vote.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top