Zones

A zone is a grouping of interfaces. Zones also specify the services that can be used to administer devices and authenticate users. When used with firewall rules, zones provide a convenient method of managing security and traffic for a group of interfaces.

Table 1. Default zones

Name

Description

LAN Groups interfaces with different network subnets so that you can manage them as a single entity. By default, traffic to and from this zone is blocked. To allow traffic between two LAN zone interfaces a LAN to LAN firewall rule is required.
DMZ

(De-militarized zone) Typically used for publicly accessible server networks such as web servers.

WAN

Used for all interfaces with a default gateway. Most likely used for internet access

VPN

Automatically created interfaces used by IPSec or SSL VPN connections. When a VPN connection is created, the interface used by the connection is automatically added to this zone.

WiFi

Use for wireless internet services when a seperate zone is configured. Bridge to AP (V)LAN will not use a dedicated interface.