Chapter 13 Security Policy
USG FLEX H Series User’s Guide
193
3 The reply from the WAN goes to the Zyxel Device.
4 The Zyxel Device then sends it to the computer on the LAN1 in Subnet 1.
Figure 134 Using Virtual Interfaces to Avoid Asymmetrical Routes
13.3.1 Configuring the Security Policy Control Screen
Click Security Policy > Policy Control to open the Policy Control screen. Use this screen to enable or
disable the security policies and asymmetrical routes, set a maximum number of sessions per host, and
display the configured Security Policies. Specify from which zone packets come and to which zone
packets travel to display only the policies specific to the selected direction. Note the following.
• Besides configuring the security policies, you also need to configure NAT rules to allow computers on
the WAN to access LAN devices.
• The Zyxel Device applies NAT (Destination NAT) settings before applying the security policies. So for
example, if you configure a NAT entry that sends WAN traffic to a LAN IP address, when you configure
a corresponding security policy to allow the traffic, you need to set the LAN IP address as the
destination.
• The ordering of your policies is very important as policies are applied in sequence.
The following screen shows the Policy Control summary screen.
To Next Page
Loading...
