Professional Documents
Culture Documents
Cyberoam
Scenario
Configure Zone settings in Cyberoam.
Configuration
You must be logged on to the Web Admin Console as an administrator with Read-Write permission
for relevant feature(s).
Configure default Zone Settings
Go to Network > Interface > Zone to see the list of Zones along with other details like Member ports,
Type and Device Access. Click on any of the zones to change the settings.
Here, we have selected the LAN Zone for demonstration purpose. In the Edit Zone section, only the
Appliance Access settings can be changed. Interface binding can be done through the Interface
Settings shown in the section Assign Zone Membership to an Unbound Interface or Change Zone
membership of an Interface .
To change the default Appliance Access settings, enable or disable the desired options as shown in
table below.
Appliance Access
Admin Services
HTTP: Enabled
HTTPS: Disabled
TELNET:Disabled
SSH: Disabled
Authentication Services
Check/Uncheck to
Windows/Linux Client: Disabled Enable/Disable Authentication
Captive Portal: Enabled
Services that should be allowed
through Zone.
Network Services
DNS: Enable
Ping: Enable
Check/Uncheck to
Enable/Disable Network
Services that should be allowed
through Zone.
Check/Uncheck to
Enable/Disable Other Services
that should be allowed through
Zone as per requirement.
Other Services
Check/Uncheck to
Enable/Disable Admin Services
that should be allowed through
this zone.
Parameter
Value
Description
Name
Custom_Zone
Type
LAN
HTTP: Enabled
HTTPS: Disabled
TELNET:Disabled
SSH: Disabled
Check/Uncheck to
Enable/Disable Admin Services
that should be allowed through
this zone.
Appliance Access
Admin Services
Authentication Services
Check/Uncheck to
Windows/Linux Client: Disabled
Enable/Disable Authentication
Captive Portal: Enabled
Services that should be allowed
NTLM: Disabled
through Zone.
Network Services
DNS: Enabled
Ping: Enabled
Check/Uncheck to
Enable/Disable Network
Services that should be allowed
through Zone.
Other Services
Check/Uncheck to
Enable/Disable Other Services
that should be allowed through
Zone as per requirement.
Click OK to add the Custom Zone. Now, this Zone membership can be assigned to either the
interfaces which are in use or any other unbound Interface.
Assign Zone to an unbound interface
Go to Network > Interface and click on the unbound or disabled interface to which the Zone
membership is to be assigned.
Value
Description
Network Zone
Custom_Zone
IP Assignment
Static
IP Address
192.168.2.1
Netmask
/24(255.255.255.0)
Primary DNS
4.2.2.2
Secondary DNS(Optional)
8.8.8.8
Click OK to assign the Zone membership to the Interface. In the above example, we have bound the
interface Port D to the Custom_Zone created earlier.
Change Zone membership of an Interface
Zone membership of an interface belonging to a particular zone can be changed.
Under General Settings, click on the drop-down box corresponding to Network-Zone and select
Custom_Zone created earlier.
Click OK to complete.