Object and Zones

Hello together
Can me somebody please  explain what are the different between the Seetings  for a Example like DMZ
1. what is the differents when i use in the Topology Seetings  Overwrite => IP Adressess behind this Interface, (Mean it more than one Subnet as well all Subnet behind this Interface include Routing Tabel.
And Interface leads to to DMZ 

And creating a own Zoe who is called DMZ ?

Best regards

1 Reply

With anti spoofing enabled, Firewall will only accept packets from the networks defined under „Leads to“

Usually this is Most Common on DMZ interfaces, where i.e. Routing to / from mpls Takes Place or so. 

Zones do Not have to be Used but if you want to define a Zone Based Policy.. Smiley Happy

with this you categorize / Group These networks. Checkpoint builds then an object you can use in your policy.

Then you are able to allow connections from “any internal network” to ... wherever 


Hope that helped


