Zyxel Zywall USG 300. 3 static IP addresses on one interface

Options
link000
link000 Posts: 39  Freshman Member
First Anniversary 10 Comments Friend Collector

Good afternoon. Help is needed. There is a Zyxel Zywall USG 300 gateway. A cable (twisted pair) from the provider comes to the ge7 port. There are 3 static IP addresses on the cable. On ge7 2 VLANs are raised. So we have ge7=..110.75, VLAN1=..93.188, VLAN2=..110.27. There is a client with the address ..93.125 from the same provider. We access the Internet through IP ..110.75. But, tracing (or ping) to the client address ..93.125 from any computer or server from the internal network "turns" to VLAN1=..93.188. Neither static routing nor routing policies help. How can I make pings and tracing go from the internal local network through ge7=..110.75 to the external network (Internet) and reach the client address ..93.125 without "wrapping up" to VLAN1=..93.188 ? ??

All Replies

  • PeterUK
    PeterUK Posts: 2,856  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    VLAN1 with

    .93.188

    should only have to ARP to .93.125 if they are in the same subnet?

  • link000
    link000 Posts: 39  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    Yes, it would be nice.

  • jasailafan
    jasailafan Posts: 193  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    How about adding a policy route?
    Incoming: zywall
    Destination: ..93.125
    Next hop: ge7=..110.75

  • link000
    link000 Posts: 39  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    Thank you. Tried. Does not help.

  • PeterUK
    PeterUK Posts: 2,856  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Can you draw a layout of what you want done of the network?

  • link000
    link000 Posts: 39  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    Thank you. Tried. Does not help.

  • PeterUK
    PeterUK Posts: 2,856  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited April 2023
    Options

    So you *.*93.188 is based on port ge7 as VLAN1? So if you disable VLAN1 it should work?

    But whats the problem with PC SNAT out *.*93.188 to go to *.*.93.125 ?

    But if you need to go from *.*.110.75 in routing Advance check “Use IPv4 Policy Route to Overwrite Direct Route” with a routing rule to Destination *.*.93.125 SNAT out *.*110.75

  • link000
    link000 Posts: 39  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    jasailafan, PeterUK, thanks for the answers! There is a blocking from the provider! I'm trying to resolve the issue.

Security Highlight