Figure 226 Triangle Route; Figure 227 Nat Loopback Policy Route - ZyXEL Communications ZyWALL USG 100 Series User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 100 Series:
- Quick start manual (128 pages) ,
- Release note (19 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
NAT Loopback Policy Route
Without a NAT loopback policy route, the LAN1 user SMTP traffic goes to the LAN1 SMTP
server with the LAN1 computer's IP address as the source. The source address is in the same
subnet, so the LAN1 SMTP server replies directly. The return traffic uses the SMTP server's
LAN1 IP address as the source address
match the original destination address (1.1.1.1). The user's computer shuts down the session.
Figure 226 Triangle Route
LAN
192.168.1.21
Configure a policy route to use the IP address of the ZyWALL's LAN1 interface, 192.168.1.1
as the source address of the traffic going to the LAN1 SMTP server from the LAN1 users. This
way the LAN1 SMTP server replies to the ZyWALL and the ZyWALL applies NAT.
Figure 227 NAT Loopback Policy Route
Source 192.168.1.1
Click Network > Routing > Policy Route > Add and create the policy route as shown next.
Be careful of where you create the route as routes are ordered in descending priority. This
policy route applies source NAT to traffic sent from LAN1 to the SMTP server.
3.
Even if the packets go through the ZyWALL, they only undergo layer 2 switching, not NAT.
ZyWALL USG 100/200 Series User's Guide
3
. This creates a triangle route since the source does not
Source 192.168.1.21
SMTP
NAT
SMTP
LAN
192.168.1.21
Chapter 16 Virtual Servers
192.168.1.89
Source 192.168.1.89
SMTP
192.168.1.89
321
- Quick Links:
- Getting Started
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
