USG40 cofinguration
Freshman Member
Hi,
I'd like to configure my USG40 in this scenario:
IP Router 192.168.1.1
Ethernet configuration inside USG40:
WAN1 192.168.1.240 - SUBNET 255.255.255.0 - GATEWAY 192.168.1.1
LAN1 192.168.1.241 SUBNET 255.255.255.0
DHCP NONE
LAN2 - DMZ - OPT....NONE
inside USG40 configuration I put above values and inside SECURITY POLICY->POLICY CONTROL leave default values (there are 15 default rules).
connection:
Rotuer cable to WAN P1 USG40
LAN P2 TO SWITCH
configuration PC
192.168.1.10 - 255.255.255.0 - Gateway 192.168.1.241
ok connection between pc and USG (ok ping 192.168.1.241) but pc dont goes to internet.
Any help?
thank you.
Damiano
All Replies
-
Can you make the WAN1 get the WAN IP and not by another NAT router?
Maybe you need to bridge WAN1 and LAN1 in your scenario
Having 192.168.1.xxx on WAN1 and LAN1 with the same subnet is whats causing your problem.
Another way is to use static routes on your ISP router? with its IP/subnet to 192.168.1.1/255.255.255.0 with a static route of destination IP 192.168.2.0 subnet 255.255.255.0 gateway IP 192.168.255.254
Then on the USG40 WAN1 gateway 192.168.1.1 IP 192.168.255.254 subnet 255.255.255.0 - LAN1 IP 192.168.2.1 subnet 255.255.255.0
PC in 192.168.2.2-254 gateway 192.168.2.1 subnet 255.255.255.0
now add a policy route with:
incoming Interface
member LAN1
next hop
type Gateway
gateway make address for 192.168.1.1
Address Translation
source network address translation none
And I think that should work.
0 -
Hi @PeterUK thank you fo help.
The problem is that ISP router is locked. The internet company installed a router that do not give to me access. When I nedd to open ports or any other I have to call them.
Bye
0 -
hi,
Can someone help me step by step to configure usg40?
thank you.
0 -
Your options are limited you can't forward ports on your ISP router then with the USG40 can't either. So your option is to bridge WAN1 and DMZ to control traffic and you can set br0 to 192.168.1.254 make a zone br0 and set in for br0 and make a policy control to allow from br0 to ZyWALL so you can login to the UGS40.
0 -
0
-
Here is a setup
0 -
hi @PeterUK
thank you, this is configuration:
Port P1 (WAN) to router 192.168.1.1
Port P4 to switch (and then to PC 192.168.1.5)
my pc:
but pc does not go to internet with gateway .237 or .238
what am I doing wrong?
thank you.
0 -
The PC need gateway 192.168.1.1
0 -
0
-
WAN and DMZ are bridged so the IP's in WAN and DMZ are not needed unless by setting WAN to 192.168.1.1 is so change it to 127.255.255.2.
0
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
