ZyXEL Communications ZyWall USG 2000 User Manual page 285
Unified security gateway
Hide thumbs
Also See for ZyWall USG 2000:
- User manual (1114 pages) ,
- Manual (964 pages) ,
- Support notes (227 pages)
Table of Contents
Advertisement
NAT Loopback Policy Route
Without a NAT loopback policy route, the LAN user SMTP traffic goes to the LAN
SMTP server with the LAN computer's IP address as the source. The source
address is in the same subnet, so the LAN SMTP server replies directly. The return
traffic uses the SMTP server's LAN IP address as the source address
a triangle route since the source does not match the original destination address
(1.1.1.1). The user's computer shuts down the session.
Figure 178 Triangle Route
LAN
Configure a policy route to use the IP address of the ZyWALL's ge1 interface
(192.168.1.1) as the source address of the traffic going to the LAN SMTP server
from the LAN users. This way the LAN SMTP server replies to the ZyWALL and the
ZyWALL applies NAT.
Figure 179 NAT Loopback Policy Route
Source 192.168.1.1
3.
Even if the packets go through the ZyWALL, they only undergo layer 2 switching, not NAT.
ZyWALL USG 2000 User's Guide
Source 192.168.1.21
SMTP
192.168.1.21
SMTP
LAN
192.168.1.21
192.168.1.89
NAT
Source 192.168.1.89
SMTP
192.168.1.89
Chapter 16 Virtual Servers
3
. This creates
285
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications ZyWall USG 2000
Related Products for ZyXEL Communications ZyWall USG 2000
- ZyXEL Communications ZYWALL USG 20W
- ZyXEL Communications USG210
- ZyXEL Communications ZyWall USG20W-VPN
- ZyXEL Communications ZyWall USG20-VPN
- ZyXEL Communications ZYWALL USG 300
- ZyXEL Communications USG-50 - V2.21 ED 1
- ZyXEL Communications USG-100@USG-200 - V2.20 ED 2
- ZyXEL Communications USG-300 - V2.20 ED 2