Local static routes not working

PeterUK · February 2021

Firmware V4.62

So have a Zywall 110 doing the static routes and USG60 with a LAN2 SNAT none to gateway 192.168.255.202 firewall rules have been allowed no blocked logs when doing ping testing.

Here is a cut down layout of the network.

https://us.v-cdn.net/6029482/uploads/editor/ns/vwhin1wi0ytg.png

192.168.2.2 has not problem getting to the internet

So first problem is 192.168.255.193 can't ping 192.168.2.2 so leave that running with ping -t go to 192.168.2.2 and try to ping 192.168.255.193 first ping fails then success but with some timeouts. I then go back to 192.168.255.193 and its pinging 192.168.2.2 but with some timeouts I stop 192.168.2.2 from pinging 192.168.255.193 go back to 192.168.255.193 and it stops pinging 192.168.2.2 with and times out.

PeterUK · February 2021

Some more testing:

So I have routing rule for 192.168.2.0/24 and 192.168.255.193 to go from LAN1 to OPT SNAT outgoing-interface if Inactivate them 192.168.255.193 can now ping 192.168.2.2 but 192.168.2.2 to ping 192.168.255.193 still with some timeouts until I checked “Use IPv4 Policy Route to Overwrite Direct Route” on USG60 this forwards the packet 192.168.255.193 to the the gateway 192.168.255.202 Direct.

I now have to solve getting internet to 192.168.255.193 but allow it to ping 192.168.2.2

Edit: so I have made a rule above LAN1 to next hop OPT SNAT outgoing-interface by

incoming = Interface

member = lan1

destination address 192.168.2.0/24

next hop = auto

Source network address translation = none

I now have a problem with “Use IPv4 Policy Route to Overwrite Direct Route” on the USG60 where my other routing rules stopped working. :'(

so this is now solved.

Local static routes not working

Comments

Categories

Security Help Center