USG 40 Pb with asymetric routing

2»

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,520  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    @ZeroFX , i test it in local lab, no need to enable "Allow Asymmetrical Route" in this scenario.

  • ZeroFX
    ZeroFX Posts: 7  Freshman Member
    First Comment Friend Collector Second Anniversary

    Zyxel_Cooldia

    i test now, my pc have ip adress 10.59.120.16/24

    my PC ping 10.59.120.2 and 10.59.120.1 and 8.8.8.8 but not machines behin my L3 switch for exemple 10.X.X.X

  • PeterUK
    PeterUK Posts: 3,799  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Did you add the virtual interface on the interface that has 10.59.120.1/24 on the USG with 10.0.0.0/255.0.0.0?

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,520  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @ZeroFX

    Can you see the packets on USG40 Lan interface if you ping from a host which behind layer 3 switch ?

     

    Packet capture CLI:

    Router> packet-trace interface lanX extension-filter icmp

  • ZeroFX
    ZeroFX Posts: 7  Freshman Member
    First Comment Friend Collector Second Anniversary

    Hi @ZeroFX

    09:44:16.397169 IP 10.59.102.44 > 10.59.120.1: icmp: echo request

    *************************************************************************************

    jonatan PeterUK

    I add lan2:1 10.59.120.3 255.0.0.0 now all it's ok

    THX

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)