Zywall 5

RudyKono
RudyKono Posts: 3  Freshman Member
First Comment
edited April 2021 in Security
Good evening
I have the following problem and it's been a few days since I've tried to remove it. I'll explain the scenario: I have two azinedes that are connected in vpn managed by my adsl manager. in each of them I also have a second adsl line used only for navigation. the default gateway in each database is that of my manager who, in case of request to the internal network, rewinds the data to the vpn network, in the case of an internet request, instead he dials the request to a firewall inside the LAN that is connected to the secondary ADSL line.
My problem is to be able to open the doors, on a single location, for external services so you can hijack the requests both you have this office but also you have the second office pc through the existing vpn. the ports are open and the configured nat is also a policy route to the second location but from the tests the hijacking of requests does not take place.
Do you have any suggestions?

Comments

  • Blabababa
    Blabababa Posts: 151  Master Member
    First Anniversary Friend Collector First Answer First Comment
    I don't understand your meaning clearly. BTW, isn't Zywall 5 out of service for a while??
  • RudyKono
    RudyKono Posts: 3  Freshman Member
    First Comment
    It is an old firewall. In practice I would like opening doors from the outside I could forward the request to a different ip from the configured LAN firewall. I've already created a static route but it's not enough to make it work
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hello Rudyjono,
    For this case,
    to understand easier, could you share more details of this case and also topology?
    Just let you know that Zywall 5 does not be maintained firmware.
    Charlie 
  • RudyKono
    RudyKono Posts: 3  Freshman Member
    First Comment
    Hello
    we assume that my LAN configured on the firewall is 192.168.17.x. the device has LAN 192.168.17.1 as its LAN. The device that creates the VPN is 192.168.17.2. The remote LAN has 192.168.18.x addressing.
    My request is: having created a static route that turns the traffic coming from the 192.168.18.x network to 192.168.17.2 so that from a ping from the second network my firewall responds, how can I correctly route a door from the outside to the internal to the second LAN network?
    With the current configuration I have configured both the NAT and the Firewall but when the request is forwarded to the network 192.168.17.x it works while the network 192.168.18.x does not go.
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hello RudyKono,
    As your description,
    I want to confirm that the local policy and remote policy are 192.168.17.X and 192.168.18.X,respectively on your local device? and the ping service can work from 192.168.18.X to 192.168.17.X, however, it cannot work from 192.168.17.X to 192.168.18.X?
    Secondly, in the VPN scenario, the VPN client can ping with each other directly, so why you need to create the NAT rule on your local device? Does your device connect with internet directly?
    Charlie

Security Highlight