Packet capture oddness
Guru Member
USG60W V4.65
This may only happen on USG40/W and USG60/W has not seen it on the Zywall 110
So I was trying (and got working) to setup a wireless printer over different subnets use NAT and routeing SNAT and as I was doing a packet capture for LAN1 on the USG I saw some thing impossible as I was adding the printer from 192.168.255.250 to 192.168.255.240 (a virtual interface) which would NAT to 192.168.254.132 and SNAT from 192.168.254.129.
https://us.v-cdn.net/6029482/uploads/editor/pz/zuwayf2fy3vr.png
If you look at the TCP port 80 you can see the SYN from 192.168.254.129 to printer 192.168.254.132 OK but the SYN, ACK from printer to 192.168.255.250! well thats impossible the printer does not know about 192.168.255.250 and the fact that the SYN, ACK should send back to 192.168.254.129.
So the only conclusion is the USG when receiving packets is doing the routing SNAT and NAT first then a packet capture.
All Replies
-
Hi @PeterUK
Could you share your configuration file?
You can private message configuration file to us.0
Zyxel Employee
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 52 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight
