Zyxel USG100 Network

Jay003

Hey guys

I have a basic question to USG 100 networking.

I have the following network:

I want to make the server (192.168.3.10) accessable for the computer (192.168.1.10).

I have my firewalls on default reset.

I am trying to ping through the network to see if my network is working. I already made the WAN-interfaces pingable (add ping to the service).

On USG 2 I added the static route to 192.168.1.0/24 over WAN1. So I can ping now the gateway of 10.1.1.10, but I cannot ping the computer (192.168.1.10).

What I have to add that I can ping the computer? I set up the computer that he is visible in the network (Windows 10).

Do I have to set up policy routing between WAN1 and LAN1 on USG1? Or what is happening if the ping is reaching 10.1.1.10 and the destination is 192.168.1.10. The USG1 nows where the destination have to be, but maybe I have to setup first a rule for that (maybe also for the back-way).

Best regards

PeterUK

I don't think you need static route just routing rules

on USG 1 routeing rule you want

incoming interface of 192.168.1.1

source address 192.168.1.0./24

destination address 192.168.3.0/24

next hop gateway 10.1.1.20

SNAT none

on USG 2 routeing rule you want

incoming interface of 192.168.3.1

source address 192.168.3.0./24

destination address 192.168.1.0/24

next hop gateway 10.1.1.10

SNAT none

Then firewall rule

USG1

from any to any source address 192.168.1.0./24 destination address 192.168.3.0/24

USG2

from any to any source address 192.168.3.0./24 destination address 192.168.1.0/24