How to get certainty over my settings

safe_net Posts: 4
edited April 2021 in Security
As I'm not a firewall prof I would like to have a guide on how to set-up my firewall (USG20-VPN) correctly for a safe network (a private home network with a NAS inside). Is there any step by step tutorial with the explanation of every settings to be done in order to get a good introduction into my firewall?

  • mMontana
    mMontana Posts: 1,300  Guru Member
    edited October 2019
    If you don't know or understand what you want kind of traffic you need to block or you want to allow, there's no step-by-step recipe that can teach you.
    Also, if you are not aware of what kind of services you are looking for, nothing will be make you able to know or understand if a feature is needed or useless for your goal.

    Zyxel devices are built into the "opposite way" than the one should be considered the safest: everything is allowed from LAN1 and LAN2 to any of interfaces, so almost at the first click of an RJ45 cable you should be able to connect to internet, or at least with few settings (or following the wizard). If you want to restrict the access from "inside" (LAN1 or LAN2) to Outside, you have to change things.

    Long story short: IMVHO... No. there's no any step by step tutorial that suits your needs.
    I think you have two options:
    1: read the user manual, setup the USG20-VPN for at least do the little things, therefore save a configuration and do your tests, along a bit of fundamentals of networking and TCP/IP
    2: use professional help at least for the "raw" setup for a bit more "trickie" services. It will help you to create a bit more refined configuration and you can still "back to the configuration" the pro you hired will deliver to you.

    P.S: Zyxel USG's are "quite easy" to manage, but the job they can do is not "easy" or "simple". Most companies are telling the customers "buy devices and services, buy security" but security is a thing that you achieve with knoledge and awareness.
    The more you know, the more you will know that public networks are insecure... ;)

  • safe_net
    Hello mMontana
    Thanks a lot for your feedback. I thought there may exist also other Zyxel Documents than the user manual. This document has some limitations: as soon as I try to search something in this document, it crashes; . However, I will try further..
    Thanks a lot anyway!
  • mMontana
    mMontana Posts: 1,300  Guru Member
    Never had problems searching into user manual.
    Consider as an option to use another PDF Reader than the one you are using.

