Policy Routing Technical Reference - ZyXEL Communications ZyWALL USG 100 Series User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 100 Series:
- Quick start manual (128 pages) ,
- Release note (19 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
Table 92 Network > Routing > Static Route > Edit (continued)
LABEL
Gateway IP
Interface
Metric
OK
Cancel
12.4 Policy Routing Technical Reference
Here is more detailed information about some of the features you can configure in policy
routing.
NAT and SNAT
NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address in a
packet in one network to a different IP address in another network. Use SNAT (Source NAT)
to change the source IP address in one network to a different IP address in another network.
Port Triggering
Some services use a dedicated range of ports on the client side and a dedicated range of ports
on the server side. With regular port forwarding, you set the port(s) and IP address to forward
a service (coming in from the remote server) to a client computer. The problem is that port
forwarding only forwards a service to a single IP address. In order to use the same service on a
different computer, you have to manually replace the client computer's IP address with another
client computer's IP address.
Port triggering allows the client computer to take turns using a service dynamically. Whenever
a client computer's packets match the routing policy, it can use the pre-defined port triggering
setting to connect to the remote server without manually configuring a port forwarding rule for
each client computer.
Port triggering is used especially when the remote server responses using a different port from
the port the client computer used to request a service. The ZyWALL records the IP address of
a client computer that sends traffic to a remote server to request a service (incoming service).
When the ZyWALL receives a new connection (trigger service) from the remote server, the
ZyWALL forwards the traffic to the IP address of the client computer that sent the request.
In the following example, you configure two services for port triggering:
ZyWALL USG 100/200 Series User's Guide
DESCRIPTION
Select the radio button and enter the IP address of the next-hop gateway. The
gateway is a router or switch on the same segment as your ZyWALL's interface(s).
The gateway helps forward packets to their destinations.
Select the radio button and a predefined interface through which the traffic is sent.
Metric represents the "cost" of transmission for routing purposes. IP routing uses
hop count as the measurement of cost, with a minimum of 1 for directly connected
networks. Enter a number that approximates the cost for this link. The number need
not be precise, but it must be from 0~127. In practice, 2 or 3 is usually a good
number.
Click OK to save your changes back to the ZyWALL.
Click Cancel to exit this screen without saving.
Chapter 12 Policy and Static Routes
289
- Quick Links:
- Getting Started
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
