Nat Zyxel USG 210

dmmichael
dmmichael Posts: 16
First Comment First Anniversary
 Freshman Member
Good morning

i have a problem on the nat.
Let me explain, I have 2 PCs where a cloud is installed with https access on port 443. I set the virtual hosts to apache on both servers, cloud 1 has internal ip 192.168.1.163 while the second 192.168.1.7

when I configure the nat on the firewall he gives priority to the highest rule but this creates problems for me, because if in the rule (example 7) I configure the nat that points to ip. 163 and rule 8 I configure the nat on ip .7 when from a browser outside the network I click on the domain name configured on the server .7 it gives me an error because the ssl set on the server .163 responds (which would be rule 7, therefore above 8) . Is there a way to "tell" the firewall not to take priority into account but just nat? I don't know if I get the idea. Thanks so much

All Replies

  • PeterUK
    PeterUK Posts: 1,493
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member

    If you only have one WAN IP you can only NAT to one port 443 LAN IP at a time.

    You can use the source IP option in NAT set to highest rule so that from a given source will go to x server then the NAT rule below goes the z server.


  • dmmichael
    dmmichael Posts: 16
    First Comment First Anniversary
     Freshman Member
    Thanks PeterUk for the reply.

    Could you give me an example of this configuration you say? I do not understand.

    Thank you
  • PeterUK
    PeterUK Posts: 1,493
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member
    edited December 2021
    You put this rule first so that anything remote IP with 5. IP goes to 192.168.1.7

    you then make a rule below that rule for 192.168.1.163 so any other source IP goes to it.

Security Highlight