Nat Zyxel USG 210

dmmichael
dmmichael Posts: 16  Freshman Member
First Anniversary First Comment
Good morning

i have a problem on the nat.
Let me explain, I have 2 PCs where a cloud is installed with https access on port 443. I set the virtual hosts to apache on both servers, cloud 1 has internal ip 192.168.1.163 while the second 192.168.1.7

when I configure the nat on the firewall he gives priority to the highest rule but this creates problems for me, because if in the rule (example 7) I configure the nat that points to ip. 163 and rule 8 I configure the nat on ip .7 when from a browser outside the network I click on the domain name configured on the server .7 it gives me an error because the ssl set on the server .163 responds (which would be rule 7, therefore above 8) . Is there a way to "tell" the firewall not to take priority into account but just nat? I don't know if I get the idea. Thanks so much

All Replies

  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    If you only have one WAN IP you can only NAT to one port 443 LAN IP at a time.

    You can use the source IP option in NAT set to highest rule so that from a given source will go to x server then the NAT rule below goes the z server.


  • dmmichael
    dmmichael Posts: 16  Freshman Member
    First Anniversary First Comment
    Thanks PeterUk for the reply.

    Could you give me an example of this configuration you say? I do not understand.

    Thank you
  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited December 2021
    You put this rule first so that anything remote IP with 5. IP goes to 192.168.1.7

    you then make a rule below that rule for 
    192.168.1.163 so any other source IP goes to it.

Security Highlight