Wan with Public IP in transport network

Alex_91 Posts: 7
First Comment Third Anniversary
edited April 2021 in Security
Good Morning,
I find myself in a particular situation.
I need to connect a firewall in a network where I am given a public IP in a LAN.
Perhaps easier to understand could be the attachment.

I managed to mask MY LAN1 network to use the public IP address (in routing -> add -> From Lan1, Source Sub_Lan1 | NEXT-HOP Interface Wan1
however, the traffic coming from the firewall (ZyWALL) itself is not masked correctly and does not come out with the correct public IP. How can I get the traffic out of the ZYWALL Firewall as well?

Thanks for the support

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 529
    50 Answers 500 Comments Friend Collector Second Anniversary
     Guru Member

    Hi @Alex_91

    In your scenario, if you would like to do SNAT you can enable it on your Policy Route.

    STEP1. Add an IP address object for public IP.

    STEP2.Enable SNAT on your Policy Route.

  • Hi Jeff,
    thank you for the help.

    I have already created this rule, as regards the traffic coming from LAN1 everything works correctly.

    The system engineer, however, tells me that the traffic coming from the firewall (I imagine to send notifications for SecureReport, to perform updates, ...) are not forwarded correctly. ( Only traffic from the firewall, and in Policy Route this option from ZyWALL to SNAT is disabled ).

  • dpipro
    dpipro Posts: 59
    First Comment Friend Collector Fourth Anniversary ZCNE Switch Level 1 Certification - 2020
     ZCNE Certified
    Hi @Alex_91

    you can do it by SSH 

    Best regards
  • It seems the rule is present with that command.

    Thank you so much!!

Security Highlight