no default SNAT usg310 himself

Chakib · March 2023

Hello

I have USG310 V4.73

my wan2 has a virtual ip wan2:1 (IP:AA.BB.CC.DD)

with ssh I have to add snat to ping internet( ping 8.8.8.8 source AA.BB.CC.DD )but

how can I add the virual IP in the default snat for the router himself.??

Now I can not update time, update firmware from cloud ect ect

thx in adv

Zyxel_Kevin · March 2023

HI @Chakib ,

By default, outgoing traffic only translate soruce address to "interface IP".

If you would use virtual IP wan2:1 for SNAT. Please kindly use Policy Route and set "Souce Network Address Translation" to wan2:1 address.

Please feel free to contact us if any concerns. Thank you

Kevin

Chakib · March 2023

Hi Kevin

Thx for your prompt reply.
I use Already policy route for the LAN the SNAT with the viruals IP.( no problem)

My question is regarding the UTM himsel (USG310) can not go to the internet to update time for exp.

brgds

PeterUK · March 2023

Do you have a WAN subnet? You should not need virtual ip to SNAT on another WAN IP.

…think I get your problem now…hmmm…so you have on WAN2 a IP that has no internet that you get your WAN routed too you that you SNAT…but how to get Zywall to have internet….

I don't have the same problem as your exactly but in a round about way it is the same how I solved it was another USG with a VLAN that each other SNAT to get internet.