Packet capture oddness

PeterUK Posts: 1,591
50 Answers 1000 Comments Friend Collector Fifth Anniversary
 Guru Member
edited August 2021 in Security

USG60W V4.65

This may only happen on USG40/W and USG60/W has not seen it on the Zywall 110

So I was trying (and got working) to setup a wireless printer over different subnets use NAT and routeing SNAT and as I was doing a packet capture for LAN1 on the USG I saw some thing impossible as I was adding the printer from to (a virtual interface) which would NAT to and SNAT from

If you look at the TCP port 80 you can see the SYN from to printer OK but the SYN, ACK from printer to! well thats impossible the printer does not know about and the fact that the SYN, ACK should send back to

So the only conclusion is the USG when receiving packets is doing the routing SNAT and NAT first then a packet capture.

All Replies

  • Zyxel_Jerry
    Zyxel_Jerry Posts: 737
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 500 Comments
     Guru Member
    edited August 2021
    Hi @PeterUK

    Could you share your configuration file?
    You can private message configuration file to us.

Security Highlight