Packet capture oddness
USG60W V4.65
This may only happen on USG40/W and USG60/W has not seen it on the Zywall 110
So I was trying (and got working) to setup a wireless printer over different subnets use NAT and routeing SNAT and as I was doing a packet capture for LAN1 on the USG I saw some thing impossible as I was adding the printer from 192.168.255.250 to 192.168.255.240 (a virtual interface) which would NAT to 192.168.254.132 and SNAT from 192.168.254.129.
https://us.v-cdn.net/6029482/uploads/editor/pz/zuwayf2fy3vr.png
If you look at the TCP port 80 you can see the SYN from 192.168.254.129 to printer 192.168.254.132 OK but the SYN, ACK from printer to 192.168.255.250! well thats impossible the printer does not know about 192.168.255.250 and the fact that the SYN, ACK should send back to 192.168.254.129.
So the only conclusion is the USG when receiving packets is doing the routing SNAT and NAT first then a packet capture.
All Replies
-
Hi @PeterUK
Could you share your configuration file?
You can private message configuration file to us.Engage in the Community, become an MVP, and win exclusive prizes!
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight