Routing additional IP scope to servers behind USG110

adi_dragnic
adi_dragnic Posts: 15
First Comment Friend Collector Third Anniversary
 Freshman Member
Hi Guys,

I have USG 110 and i am trying now for a few days to get this working with no luck :(, my WAN1 has an address  - 80.64.xx.xx, isp provided us with new address scope 93.26.xx.xx/29. and told me that the Gateway is the gateway from WAN1. 

Here is what I have configured so far with no result 

I have created virtual WAN1:1


I have created these policy routes

Created NAT Rules:

and I have also created these policies  

I am unable to access these servers with public IP addresses. I am stuck at this point and need some advice on how can I configure this to work. I think I need some routes for the public IP scope.

Looking to hearing from you soon.

Best 
Adi



All Replies

  • PeterUK
    PeterUK Posts: 1,444
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member
    edited February 19

    You config the LAN side subnet with 93.26.xx.xx/29 then your devices get WAN IP from your LAN you then do a routing rule incoming LAN1 next hop WAN1 with SNAT none.

    remove virtual WAN1:1 and no need for NAT rules


  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 995
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 500 Comments
     Guru Member
    Hi @adi_dragnic,
    It looks like Public Lan scenario. You may follow PeterUK's suggestion to bind 93.26.xx.xx/29 in internal interface, and set up corresponding policy route for routing from 93.26.xx.xx/29  to Internet.

Security Highlight