Nat 1:1
Hi Sir,
I'm using USG40 with 2 VDSL PPOE, wan1 e wan2.
I have create 2 rule NAT 1:1
wan1_ppp -> IP_VDSL1 -> local IP 192.168.1.10 (local server) -> External port 5060 -> Internal port 5060
wan2_ppp -> IP_VDSL2 -> local IP 192.168.1.10 (local server) -> External port 5060 -> Internal port 5060
When I receive cuncurrently packet on wan1 and wan2, local server see external Source port is change.
Can I fix source port for 2 wan to one internal server?
Regards
Alex
All Replies
-
The USG40 only has one WAN port and a OPT port are you sure you don't have the USG60?
What firmware are you on?
1 -
Yes,
I have config OPT as wan2
Firmware version is: V4.33(AALA.0)
Regards
0 -
So you have traffic like this:
> IP12.12.12.12 Source port 5060 – WAN1 IP123.123.123.123 local port 5060
1:1NAT
> IP12.12.12.12 Source port 5060 -IP192.168.1.10:5060
--------------------------------------------------------------------------------------------------------------------------
> IP12.12.12.12 Source port 5060 – OPT IP45.45.45.45 local port 5060
1:1NAT
> IP12.12.12.12 Source port changed -IP192.168.1.10:5060
Because its to the same server and from the same source port NAT changes the source port I don't think theirs any way round this are you having VoIP issues because of this?
1 -
Hi PeterUK,
it is strange,
I can't have 2 different external IPs with the same port on 2 wan inbound with nat 1: 1 on the same server without the external port source changing?
Trunk VoiP need trust IP and PORT external, Zywall change external source port dynamically.
Alex
0 -
Can I change external port statically method?
Alex
0 -
Hi @DiGiSoft ,
Welcome to Zyxel Community. ?
You can enable SIP ALG and try it again.
BTW, may I know what is your current VoIP phone issue? SIP Phone client cannot register to go on-line?
Phone can go on-line, but cannot make phone call? or can make phone call, but no voice?
Enable SIP ALG at “CONFIGURATION > Network > ALG”
0 -
no work with sip ALG,
ALG replace public ip in sip message, server no accept this.
My sip server needs to know port and ip source to accept sip messages, I configured trunk in my server (Ip and Port) and only this trunk is enable to accept message.
Trunk use Ip authentication no User authentication
Alex
0 -
No solution found,
I think my Server plattform no compliant with Zywall.
I must return my old firewall
Alex
0 -
Hi @DiGiSoft ,
Can you do the test again and capture packets on USG-40 Wan and Lan interface?
I would like to see the packet trace.
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight