What You Can Do In The Routing Screens; What You Need To Know About Policy And Static Routes - ZyXEL Communications ZyWALL USG 300 User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 300:
- User manual (1156 pages) ,
- Quick start manual (128 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
Chapter 12 Policy and Static Routes
12.1.1 What You Can Do in the Routing Screens
• Use the Policy Route screens (see
configure policy routes.
• Use the Static Route screens (see
configure static routes.
12.1.2 What You Need to Know About Policy and Static
Routes
Policy Routing
Traditionally, routing is based on the destination address only and the ZyWALL
takes the shortest path to forward a packet. IP Policy Routing (IPPR) provides a
mechanism to override the default routing behavior and alter the packet
forwarding based on the policy defined by the network administrator. Policy-based
routing is applied to incoming packets on a per interface basis, prior to the normal
routing.
How You Can Use Policy Routing
• Source-Based Routing – Network administrators can use policy-based routing to
direct traffic from different users through different connections.
• Bandwidth Shaping – You can allocate bandwidth to traffic that matches routing
policies and prioritize traffic (however the application patrol's bandwidth
management is more flexible and recommended for TCP and UDP traffic). Use
policy routes to manage other types of traffic (like ICMP traffic) and send traffic
through VPN tunnels.
Note: Bandwidth management in policy routes has priority over application patrol
bandwidth management.
• Cost Savings – IPPR allows organizations to distribute interactive traffic on high-
bandwidth, high-cost paths while using low-cost paths for batch traffic.
• Load Sharing – Network administrators can use IPPR to distribute traffic among
multiple paths.
• NAT - The ZyWALL performs NAT by default for traffic going to or from the WAN
interfaces. A routing policy's SNAT allows network administrators to have traffic
received on a specified interface use a specified IP address as the source IP
address.
• A NAT loopback policy route lets local users use a domain name to access a
virtual server.
When creating a virtual server that local users will use a domain name to
access, you can select an option to configure a NAT loopback policy route.
260
Section 12.2 on page
Section 12.3 on page
ZyWALL USG 300 User's Guide
261) to list and
267) to list and
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
