Internal to WAN interface dropping

iSpeed
iSpeed Posts: 110  Ally Member
First Comment Fifth Anniversary
edited April 2021 in Security

I have a virtual server setup to provide external services. Everything works when outside the network, but from inside on my private network it goes out to WAN and then gets dropped. What am I missing to allow internal traffic to hit wan? USG60 same set doesn't seem to have a problem. Only ATP200

All Replies

  • iSpeed
    iSpeed Posts: 110  Ally Member
    First Comment Fifth Anniversary

    I figured out a workaround. Created internal DNS A record to go direct to server private IP. Works great. No need to respond.

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    edited August 2019

    Hi @iSpeed ,

    In this scenario, you need to enable NAT Loopback, it permits the access of a service via the public IP address from inside the local network.

     

    “Configuration > Network > NAT > Virtual Server profile”


  • iSpeed
    iSpeed Posts: 110  Ally Member
    First Comment Fifth Anniversary

    Thanks for the response Cooldia. I thought maybe that would do it, but getting an error when selecting. Certain restrictions when using loopback?

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @iSpeed

    Yes, it have restriction on that. If the virtual server rule external IP is ANY, it’s unable to enable NAT loopback. Because It might cause the device unreachable. 

Security Highlight