How to Connect USG700 to USG310 With Lan cable

Options

Accepted Solution

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 797  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options

    Hi @NAZ4E,

    Thanks for your sharing, You have to add rules to allow traffic.

    For FW-1, src:Z_TPC-to-SPK dst: lan allow

    For FW-2, src:Z_SPK-to-TPC dst: lan allow

    Please kindly check and look forward to your feedback.

    Thank you

All Replies

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 797  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @NAZ4E
    Please kindly ensure you have routing on both firewalls . 
    (USG310:172.16.1.0/24 next-hop 172.16.99.1)
    (Flex700: 192.168.5.0/24 next-hop 172.16.99.2)
    Then you can connect to FLEX and USG at both sites. 
    Thank you
    Kevin
  • NAZ4E
    NAZ4E Posts: 9
    First Anniversary First Comment
    Options

    yes,i did it.but i can't ping 172.16.99.1 to 172.16.99.2 or 172.16.99.2 to 172.16.99.1

    GE0/12 and GE0/8 Config interface type internal or external?

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 797  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @NAZ4E,
    Please choose interface type "internal" for 172.16.99.0/30. 
    kindly share your configuration files by private messages. 
    I will do the check as well.
    Thank you
    Kevin
  • NAZ4E
    NAZ4E Posts: 9
    First Anniversary First Comment
    Options

     Ok. I did it. but Can't Ping 
  • PeterUK
    PeterUK Posts: 2,856  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited December 2022
    Options

    To ping each interfaces you need a rule from Z_TPC-to-SPK to Zywall and from Z_SPK-to-TPC to Zywall for ICMP.

    Remove the static route rule

    Then you need a routing rule.

    Incoming LAN

    Source address 192.168.5.0/24

    destination address 172.16.1.0/24

    next hop gateway 172.16.99.1

    SNAT none


    on the other side

    Incoming LAN

    Source address 172.16.1.0/24

    destination address 192.168.5.0/24

    next hop gateway 172.16.99.2

    SNAT none


    Then firewall rule

    from LAN to Z_TPC-to-SPK and from LAN to Z_SPK-to-TPC.


  • NAZ4E
    NAZ4E Posts: 9
    First Anniversary First Comment
    Options
      ok. i configuration follow with you but can't conneted.

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 797  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited December 2022
    Options
    Hi @NAZ4E

    I feel a little confuse, because the screenshots are not matched with your topology.

    Please share the configuration files by private message

    And kindly describe what is your purpose? (what IP address should be accessed from X.X.X.X) It will be clear.

    Thank you

  • NAZ4E
    NAZ4E Posts: 9
    First Anniversary First Comment
    Options
    I want the two buildings to be connected.

    TPC building can access time attendance and SPK building can access File Server.



  • Zyxel_Kevin
    Zyxel_Kevin Posts: 797  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options

    Hi @NAZ4E,

    Thanks for your sharing, You have to add rules to allow traffic.

    For FW-1, src:Z_TPC-to-SPK dst: lan allow

    For FW-2, src:Z_SPK-to-TPC dst: lan allow

    Please kindly check and look forward to your feedback.

    Thank you

Security Highlight