This walkthrough will guide you through the configuration setup of VLANs on the ZLD Appliance. Please keep in mind that the appliance is VLAN aware only, you still need a managed switch to create the VLANs.
Overview
A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Stations on a logical network belong to one or more groups. With VLAN, a station cannot directly talk to or hear from stations that are not in the same group(s) unless such traffic first goes through a router.
Supported Devices
ZyWALL 110 – Firmware version 4.10 and newer
ZyWALL 310 – Firmware version 4.10 and newer
ZyWALL 1100 – Firmware version 4.10 and newer
USG 40 – Firmware version 4.10 and newer
USG 40HE – Firmware version 4.10 and newer
USG 40W – Firmware version 4.10 and newer
USG 60 – Firmware version 4.10 and newer
USG 60W – Firmware version 4.10 and newer
USG 110 – Firmware version 4.10 and newer
USG 310 – Firmware version 4.10 and newer
USG 1100 – Firmware version 4.10 and newer
USG 1900 – Firmware version 4.10 and newer
USG20-VPN – Firmware version 4.16 and newer
USG20W-VPN – Firmware version 4.16 and newer
USG2200-VPN – Firmware version 4.20 and newer
UAG2100 – Firmware version 4.10 and newer
UAG4100 – Firmware version 4.10 and newer
UAG5100 – Firmware version 4.10 and newer
NXC2500 – Firmware version 4.10 and newer
NXC5500 – Firmware version 4.10 and newer
Step A – Zone Setup
Before we can begin to configure the VLANs on the ZyXEL appliance we will need to create a zone for each of the VLANs, go to Configuration → Object → Zone to add a zone for each VLAN. Creating a zone for each of the VLANs will allow us to continue keeping them separate from each other (segregated).
Step B – VLAN Setup
Once you have added the zones for the VLANs go to Configuration → Network → Interface → VLAN to add the VLAN interfaces. Because the VLAN is on the LAN side the “Interface Type” will be INTERNAL, the “Zone” will be one of the zone objects you created in Step A, the “Base Port” is the interface the switch with the VLAN’s is connected to (LAN1, LAN2 DMZ, etc.), specify the VLAN ID and the IP address the device will use on this particular VLAN. You can also configure DHCP server settings if you want the ZyXEL appliance to distribute IP addresses to the devices connecting to the VLAN.
Once the VLAN is created you need to add policy control rule(s) to allow the VLAN to WAN traffic. Go to Configuration → Security Policy → Policy Control and click the Add button to insert the rule(s). Make sure the rule enable box is checked. For “From” select the VLAN zone this particular rule will be for. For “To” select WAN. Leave all other settings default. This rule will allow the access to the internet through the ZyXEL appliance (if device is a gateway).
Comments
0 comments
Please sign in to leave a comment.