Routing additional IP scope to servers behind USG110

adi_dragnic Posts: 15  Freshman Member
First Anniversary Friend Collector First Comment
Hi Guys,

I have USG 110 and i am trying now for a few days to get this working with no luck :(, my WAN1 has an address  - 80.64.xx.xx, isp provided us with new address scope 93.26.xx.xx/29. and told me that the Gateway is the gateway from WAN1. 

Here is what I have configured so far with no result 

I have created virtual WAN1:1

I have created these policy routes

Created NAT Rules:

and I have also created these policies  

I am unable to access these servers with public IP addresses. I am stuck at this point and need some advice on how can I configure this to work. I think I need some routes for the public IP scope.

Looking to hearing from you soon.


All Replies

  • PeterUK
    PeterUK Posts: 2,865  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited February 2022

    You config the LAN side subnet with 93.26.xx.xx/29 then your devices get WAN IP from your LAN you then do a routing rule incoming LAN1 next hop WAN1 with SNAT none.

    remove virtual WAN1:1 and no need for NAT rules

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,462  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @adi_dragnic,
    It looks like Public Lan scenario. You may follow PeterUK's suggestion to bind 93.26.xx.xx/29 in internal interface, and set up corresponding policy route for routing from 93.26.xx.xx/29  to Internet.

Security Highlight