Degard66 Posts: 2  Freshman Member
First Comment
edited April 2021 in Security
Hi, I recently encoutered problem with new customers setup.

There is VDSL line to router bridged to Zywall 110.
Zywall is taking pppoe on wan port and transalte to lan network.

Only I am unable to route incomming data frou outside network.

Goal is to route a service (port 5000) to internal address on lan 10.0.0.x to port 443
NAT is set upped as it should be WAN  - specified IP and port to port.

After dificulties i disabled policy routers (firewall) without any improvement.

Do i have to setup any other routing?

VDSL modem is comtrend provided by ISP and is bridged without any other setup to Zywall.

Do you have any ideas what can be wrong?


  • Degard66
    Degard66 Posts: 2  Freshman Member
    First Comment
    i am able to connect to zywall remotely - that is only service that is working as it should and confirm it should be all working.
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hello Degard66,
    As your description, I just want to confirm something about this case.
    Is your topology as below pircture? is any SBG on this scenario?

    Do you mean the WanIP with Port 5000 to internal 10.0.0.x:443 not work?

  • redPlant3d

    I have exactly the same problem. Has it been solved?

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,316  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @redPlant3d,

    Could you describe what the issue happened on your device? Is NAT not working when the wan interface is wan_pppoe?

  • StefanZ
    StefanZ Posts: 192  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited June 2023

    For my GraylogServer I use this on my FLEX50:

    Settings > Network > NAT

    • Class: Virtual Server
    • Incoming: WAN (in your case you will have to use use WAN_PPP)
    • Source: Any (narrow this down for only certain clients)
    • External IP: Address-Object with my WAN-Interface-IP
    • Port-Mapping-Type: Service-Group Object (I need several ports)
    • External Service: The same Service-Group Object
    • NAT-Loopback: ON

Security Highlight