Chapter 6 Configuration Basics
ZyWALL USG 100/200 Series User’s Guide
105
and general NAT on the source address. You have to set up the criteria, next-hops,
and NAT settings first.
Example: You have an FTP server connected to ge4 (in the DMZ zone). You want
to limit the amount of FTP traffic that goes out from the FTP server through your
WAN connection.
1 Create an address object for the FTP server (Object > Address).
2 Click Configuration > Network > Routing > Policy Route to go to the policy
route configuration screen. Add a policy route.
3 Name the policy route.
4 Select the interface that the traffic comes in through (ge4 in this example).
5 Select the FTP server’s address as the source address.
6 You don’t need to specify the destination address or the schedule.
7 For the service, select FTP.
8 For the Next Hop fields, select Interface as the Type if you have a single WAN
connection or Trunk if you have multiple WAN connections.
9 Select the interface that you are using for your WAN connection ( wan1 and
wan2 are the default WAN interfaces). If you have multiple WAN connections,
select the trunk.
10 Specify the amount of bandwidth FTP traffic can use. You may also want to set a
low priority for FTP traffic.
Note: The ZyWALL checks the policy routes in the order that they are listed. So make
sure that your custom policy route comes before any other routes that would
also match the FTP traffic.
MENU ITEM(S)
Configuration > Network > Routing > Policy Route
PREREQUISITES
Criteria: users, user groups, interfaces (incoming), IPSec VPN
(incoming), addresses (source, destination), address groups (source,
destination), schedules, services, service groups
Next-hop: addresses (HOST gateway), IPSec VPN, SSL VPN, trunks,
interfaces
NAT: addresses (translated address), services and service groups
(port triggering)
To Next Page
Loading...
