Zyxel Router as a firewal

Posted on 2001-07-03
Last Modified: 2011-10-03
I have a small network of 25 Workstations connected to a Zyxel Prestige 100 Router. There is no proxy server or hardware firewall, except for the filters that can be accessed from the router menu.

My question is - Is there an easy way to set up these filters to act as a decent firewall without being an expert in protocols? I know little about protocols, etc. Is there a step by step tutorial somewhere?

Looking at the manual is of no use and other sites I've looked at on the web were very technical.

Please can someone help me with this???
Question by:ASPboy

Expert Comment

ID: 6250283
here is a site that deals with edge router hardening.

Author Comment

ID: 6251738
Thanks for the quick response.

Although the info is fairly basic, it still does not take me through step by step on how to set up a firewalls solution.

Knowing very little about filter rules, I want to be absolutley sure that what I'm setting up is accurate.

Can you suggest anything along these lines?

Expert Comment

ID: 6252626
sorry you are using a router I have never even heard of so I cant give you step by step instructions.  I will try and find some info but I am not expecting to find much
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.


Expert Comment

ID: 6326765
Step by step instructions would be difficult with something I have not used.  But I can tell you that you can get a decent amount of protection from a router if you know how to program it.  By using NAT you are hal way there. By not have anybody serving from inside your network you have cut you chance of being hacked a great deal more.

The port filtering is usually easy to do on a Cisco product, or even a cheaper Linksys router.  I use a lot of Cisco Pix devices, and they are pretty easy to deal with. If you want a detail step by step instruction you will have an easier time if they use standard CISCO type commands, or  a GUI interface like the Linsys device.

I offer this last comment. If NAT is turned off on a CISCO product, you turn it on by isuing a NAT command. In other words, it is turned on by using it.
 NAT (inside) 1 netmask 0 0
This command would have the IP address of the PC you want to allow out to the Internet using NAT. CISCO of course.

You can also issue one comand to allow everybody out using NAT.

I wish I could be of more help.

               Joe Massimino
LVL 79

Expert Comment

ID: 7803366
This question appears to be abandoned. I will allow one week before I close this question
with the following recommendation:

- delete

if there is any objection to this recommendation then please post it here within 7 days.


EE Cleanup Volunteer

Expert Comment

ID: 7803469
I object because he was given as much inforamtion as could be supplied with the limited information that he supplied.  He would have had to respond to this thread to get more help, or to let us know that he solved his problem. He didn't bother to follow it up, but he was supplied with as much information as possible.

Accepted Solution

SpideyMod earned 0 total points
ID: 7865816
PAQ/Points not refunded (I agree that information was provided, but step by step was not possible and that's what the questioner wanted).  Great information by the experts here.

Community Support Moderator @Experts Exchange

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question