Zywall 310 why on other firewall as a source address is see my LAN address

Leszek
Leszek Posts: 13
First Anniversary First Comment
edited April 2021 in Security
Hi
on zywall 310 I've got 2 WAN ISP: main WAN1 with address i.e. 1.1.1.1 / 29, backup WAN2 2.2.2.2 / 29. LAN address 192.168.1.1 / 24

I configured second zywall (old Zywall5) in WAN2 network with address 2.2.2.3 and make firewall rule to mgmt access from Zywall 310. When I try connect from Zywall 310 to Zywall5 I can't. In Zywall5 logs as a source address I see... my LAN address i.e. 192.168.1.33 not 2.2.2.2, when I switch off WAN2 on Zywall 310 it's works good: I connect to Zywall5 via WAN1 and see as a source 1.1.1.1
I try second configuration: Zywall5 is set in WAN1 network with address 1.1.1.3. It's works good as a source address I see WAN1 Zywall 310 1.1.1.1

Is some wrong set in config Zywall 310?

All Replies

  • Zyxel_Can
    Zyxel_Can Posts: 342  Zyxel Employee
    Friend Collector First Answer First Comment

    Hi @Leszek,

     

    Can you share some information with us;

     

    1-    Can you share ZyWALL310’s configuration file with me by private message?

    2-    What are the LAN subnets on ZyWALL5?

     

    Best regards.
  • Zyxel_Can
    Zyxel_Can Posts: 342  Zyxel Employee
    Friend Collector First Answer First Comment

    Hi @Leszek,

     

    As we talked in the private message, that is a misconfiguration will cause that kind of problem.

     

    Also, you said that you want to set Policy rule for 2 WANs.

    -        If WAN1 working use only WAN1

    -        If WAN1 is not working use WAN2 but only until WAN1 works again.

     

    Can you try adding a Trunk with Spillover algorithm?


     

    You can test Trunk interface's behaviour as following;

    1- Open 2 command line from Windows and ssh to gateway, type following command for 2 external interfaces;
    Router# packet-trace interface wan1 ip-proto icmp

     

     

    2- In LAN Client ping to 8.8.8.8. And remove the active interface on ZyWALL110. Check which external interface is pinging.

    3- Plug in the removed interface, check which external interface is pinging.


    Do you think that it will work for your environment?

  • Leszek
    Leszek Posts: 13
    First Anniversary First Comment
    Hi
    I check it next week

Security Highlight