Device Configuration : Configure : Network : Zones : Adding a Zone
Adding a Zone
Use the Add page to create a new Zone.
The Add Zone page allows you to enter zone details.
1. Go to Device Configuration > Configure > Network > Zones and click Add.
2. Enter the zone details.
Name
Provide a name to identify the zone.
Type
Select the type of Zone from the available options.
* LAN - Depending on the device in use and network design, one can group one to six physical ports in this zone. Group multiple interfaces with different network subnets to manage them as a single entity. Group all the LAN networks under this zone.
By default the traffic to and from this zone is blocked and hence the highest secured zone. However, traffic between ports belonging to the same zone will be allowed.
DMZ (DeMilitarized Zone) - This zone is normally used for publicly accessible servers. Depending on the device in use and network design, one can group one to five physical ports in this zone.
* By default, entire traffic will be blocked except LAN to Local zone service likes Administration, Authentication, and Network.
Members
Displays all the member ports.
Click the checkbox to select the ports. All the selected ports are moved to 'Selected port' list.
Description
Provide the description for the zone.
Device Access
Device access defines the type of administrative access permitted on zone.
Admin Services - Enable Administrative Services that should be allowed through Zone:
HTTP - Allow HTTP connection to the Admin Console through this zone
HTTPS - Allow secure HTTPS connection to the Admin Console through this zone
Telnet – Allow Telnet connection to CLI through this zone
SSH – Allow SSH connection to CLI through this zone
Authentication Services – Enable Authentication Services that should be allowed through Zone:
Windows/Linux Client
Captive Portal
NTLM
Radius SSO
Network Services - Enable Network Services that should be allowed through Zone:
DNS – Allow this zone to respond to DNS requests
Ping/Ping6 – Allow this zone to respond to pings
Other Services - Enable other Services that should be allowed through Zone:
Web Proxy
SSL VPN
3. Click Save to add Zone with the options you have configured.
If DMZ uses Private IP Address, use NATing to make them publicly accessible.
One cannot add zone if the device is deployed as Bridge.
Local and VPN zone cannot be updated or deleted.