Caching of NAT routing?

Aljoscha
Aljoscha Posts: 1  Freshman Member
edited April 2021 in Security
Hello together,
as this is my first post in this forum, please tell me, if I my question is not intended to be asked here.

I work with ZyWalls for quite some time now, but had never an comparable scenario.
We use a ZyWall 110 with firmware version 4.30(AAAA.0).

The basic problem is, that I would like to use the zywall to change quite frequently, what server inside the DMZ should be accessed from outside via HTTP and HTPPS. Therefor I created a NAT rule of type virtual server and entered the initially mapped IP and Port. In addition to that, I created a firewall rule to allow the port forwarding.

Up this this point, everything works fine.
The strange behaviour follows, after switching the mapped IP to another server. Every browser starting just then, gets the expected result from the new server. Every browser, that was already open and working with the Website on the old server, sticks to that server. I can only "reset" this, by closing the whole browser and starting it again completely.

For me it looks like some kind of session caching, but I couldn't find anything regarding such a topic inside the manual or the web interface. Even the session monitor in the web interface shows no signs of remaining sessions.

What I have tested so far:
-Creating one nat rule and changing the mapped ip
-Creating of two nat rules, one for each target, and activating, deactivating them as needed
-Altering the firewall rule to only allow access the the currently selected server, makes the problem worse, by blocking the traffic, that would flow to the old server and that way creates timeouts.

I would be more than happy, if somebody could give me a hint on how to solve this.

Greets

Aljoscha

Comments

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @Aljoscha
     After switching the mapped IP to another server, the browser, that was already open and working with the Website on the old server. 
    May I know could you manage or control old server when the issue occur?
    It seems it's browser's behavior. I suggest you to use "Incognito window" and check it again.
    Charlie

Security Highlight