FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
1,310 views 2 comments
by anonymous
Hello, am i the only one really confused by how zones work on latest firmware? I read the manual and i really do not understand.

Is there a document a bit more clear on how they work beside the manual.

In my mind i should create zones like, lan, vpn, wan ecc ecc and than tell firewall what to do between them but as i said manual is really not very clear.

1 Answer

0 votes
by anonymous

Hello,

Could you clarify what is specifically unclear regarding Firewall Zones?

As mentioned in manual, Zones are used to managed traffic forwarding between different router's zones.

In example allowing traffic from VPN zone reaching router's LAN, while not allowing to reach other router's zones like Hotspot.

At the start of router's configuration, there might be just default traffic zones like WAN and LAN:

But as such features like VPN, Hotpot and etc. are being configured, new zones will appear, which traffic policies could be configured in zone section:

by
Once a new zone is creted it is not very clear the part of the inter-zones forwarding.
by anonymous

Lets take example where OpenVPN is configured on the router.

Once OpenVPN configuration is saved, a new zone will appear in router's firewall:

As it could be seen, by default router will allow forward traffic between openvpn and lan zones.

If we select openvpn zone and press Edit, we could add or remove zones, or reject traffic forwarding for selected zone.

In this example inter-zone forwarding only have lan zone selected, which mean router's will allow traffic forward between openvpn and lan interface and vice versa.

But if we remove lan zone from allowed destination zone:

Router will reject traffic forward from openvpn zone as no allowed interface is selected and default zone forwarding rule is reject: