Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Zyxel Router as a firewal

Posted on 2001-07-03
Medium Priority
Last Modified: 2011-10-03
I have a small network of 25 Workstations connected to a Zyxel Prestige 100 Router. There is no proxy server or hardware firewall, except for the filters that can be accessed from the router menu.

My question is - Is there an easy way to set up these filters to act as a decent firewall without being an expert in protocols? I know little about protocols, etc. Is there a step by step tutorial somewhere?

Looking at the manual is of no use and other sites I've looked at on the web were very technical.

Please can someone help me with this???
Question by:ASPboy
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 6250283
here is a site that deals with edge router hardening.

Author Comment

ID: 6251738
Thanks for the quick response.

Although the info is fairly basic, it still does not take me through step by step on how to set up a firewalls solution.

Knowing very little about filter rules, I want to be absolutley sure that what I'm setting up is accurate.

Can you suggest anything along these lines?

Expert Comment

ID: 6252626
sorry you are using a router I have never even heard of so I cant give you step by step instructions.  I will try and find some info but I am not expecting to find much
Supports up to 4K resolution!

The VS192 2-Port 4K DisplayPort Splitter is perfect for anyone who needs to send one source of DisplayPort high definition video to two or four DisplayPort displays. The VS192 can split and also expand DisplayPort audio/video signal on two or four DisplayPort monitors.


Expert Comment

ID: 6326765
Step by step instructions would be difficult with something I have not used.  But I can tell you that you can get a decent amount of protection from a router if you know how to program it.  By using NAT you are hal way there. By not have anybody serving from inside your network you have cut you chance of being hacked a great deal more.

The port filtering is usually easy to do on a Cisco product, or even a cheaper Linksys router.  I use a lot of Cisco Pix devices, and they are pretty easy to deal with. If you want a detail step by step instruction you will have an easier time if they use standard CISCO type commands, or  a GUI interface like the Linsys device.

I offer this last comment. If NAT is turned off on a CISCO product, you turn it on by isuing a NAT command. In other words, it is turned on by using it.
 NAT (inside) 1 netmask 0 0
This command would have the IP address of the PC you want to allow out to the Internet using NAT. CISCO of course.

You can also issue one comand to allow everybody out using NAT.

I wish I could be of more help.

               Joe Massimino
LVL 79

Expert Comment

ID: 7803366
This question appears to be abandoned. I will allow one week before I close this question
with the following recommendation:

- delete

if there is any objection to this recommendation then please post it here within 7 days.


EE Cleanup Volunteer

Expert Comment

ID: 7803469
I object because he was given as much inforamtion as could be supplied with the limited information that he supplied.  He would have had to respond to this thread to get more help, or to let us know that he solved his problem. He didn't bother to follow it up, but he was supplied with as much information as possible.

Accepted Solution

SpideyMod earned 0 total points
ID: 7865816
PAQ/Points not refunded (I agree that information was provided, but step by step was not possible and that's what the questioner wanted).  Great information by the experts here.

Community Support Moderator @Experts Exchange

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question