NAT Loopback troubleshooting
Hello,
I can't configure the NAT Loopback on our ZYXUSG-60W.
I have configured the following NAT rule.
And the following security policy.
If I access the web server from outside our LAN everything works correctly and the traffic is logged.
If I access the web server from outside our LAN everything works correctly and the traffic is logged.
Accessing instead from the Lan the web server is unreachable and the ZyWall does not log anything.
If I tried nslookup (windows) on a computer of the lan the web server is resolved with the wan address wan the zywall (correctly I think).
If I tried nslookup (windows) on a computer of the lan the web server is resolved with the wan address wan the zywall (correctly I think).
What did I forget?
Thanks for your tips.
0
Comments
-
In my case I got many wans, I made two rules in this order in policy routes
1. Access from the lan
Source : server ip
Destination Address: Lans (I made a group for all my subnets)
Next Hop: Type Auto
DSP Marking : Preserve
Address Translation : Outgoing Interface
2.1. Access from the wan
Source : server ip
Destination Address: any
Next Hop: Type Interface ge1
DSP Marking : Preserve
Address Translation : Outgoing Interface
0 -
Hi ewing,
thank you for your reply.
Unfortunately, in my case, your solution seems not working.
0 -
@kaine
I tested it with v4.30-Wk10 on my lab without any issue. My test example as below.
Therefore, I would like to check your configuration, so please private message it to me.
Charlie
0 -
Hi Charlie,Thank you for your answer.
I will write to you in private.
g'day
Kaine0 -
Hi@kaine,
it's weird, applying your configuration file on local lab, i can access the web server behind USG from Lan side host.
Do you have packets trace on USG Lan interface while connecting web server from Lan side host?
0 -
hi,
I have the same problem.
How can I to solve it?0 -
serverpal,
What are the nat settings on your device? Is your device placed behind other nat device?0 -
hi @jasailafan,
server XAMPP is in 192.168.8.7 port 20200
this is NAT rule:
policy rule:
outside lan http://myPublicIp:20200/mysite/index.html works!
inside lan from smartphone or pc I have type 192.168.8.7:20200/mysite/index.html but I can not to type http://myPublicIp:20200/mysite/index.html0 -
NAT loopback only works if the interface WAN1 has the WAN IP other then that you may need a firewall rule for from LAN1 to LAN1.
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight