Chapter 13 Security Policy
USG FLEX H Series User’s Guide
194
Figure 135 Security Policy > Policy Control
The following table describes the labels in this screen.
Table 95 Configuration > Security Policy > Policy Control
LABEL DESCRIPTION
General Settings Enable or disable the policy control feature on the Zyxel Device.
Allow
Asymmetrical
Route
If an alternate gateway on the LAN has an IP address in the same subnet as the Zyxel Device’s
LAN IP address, return traffic may not go through the Zyxel Device. This is called an
asymmetrical or “triangle” route. This causes the Zyxel Device to reset the connection, as the
connection has not been acknowledged.
Select this check box to have the Zyxel Device permit the use of asymmetrical route topology
on the network (not reset the connection).
Note: Allowing asymmetrical routes may let traffic from the WAN go directly to the
LAN without passing through the Zyxel Device. A better solution is to use virtual
interfaces to put the Zyxel Device and the backup gateway on separate
subnets.
Add Click this to create a new entry. Select an entry and click Add to create a new entry after the
selected entry.
Edit Double-click an entry or select it and click Edit to open a screen where you can modify the
entry’s settings.
Remove To remove an entry, select it and click Remove. The Zyxel Device confirms you want to remove
it before doing so.
Active To turn on an entry, select it and click Activate.
Inactive To turn off an entry, select it and click Inactivate.
Move To change a policy’s position in the numbered list, select the policy and click Move to display a
field to type a number for where you want to put that policy and press [ENTER] to move the
policy to the number that you typed.
The ordering of your policies is important as they are applied in order of their numbering.
The following read-only fields summarize the policies you have created that apply to traffic traveling in the
selected packet direction.
To Next Page
Loading...
