Zyxel Zywall USG 300. 3 static IP addresses on one interface

link000 · April 2023

Good afternoon. Help is needed. There is a Zyxel Zywall USG 300 gateway. A cable (twisted pair) from the provider comes to the ge7 port. There are 3 static IP addresses on the cable. On ge7 2 VLANs are raised. So we have ge7=..110.75, VLAN1=..93.188, VLAN2=..110.27. There is a client with the address ..93.125 from the same provider. We access the Internet through IP ..110.75. But, tracing (or ping) to the client address ..93.125 from any computer or server from the internal network "turns" to VLAN1=..93.188. Neither static routing nor routing policies help. How can I make pings and tracing go from the internal local network through ge7=..110.75 to the external network (Internet) and reach the client address ..93.125 without "wrapping up" to VLAN1=..93.188 ? ??

PeterUK · April 2023

VLAN1 with

.93.188

should only have to ARP to .93.125 if they are in the same subnet?

link000 · April 2023

Yes, it would be nice.

jasailafan · April 2023

How about adding a policy route?
Incoming: zywall
Destination: ..93.125
Next hop: ge7=..110.75

link000 · April 2023

Thank you. Tried. Does not help.

PeterUK · April 2023

Can you draw a layout of what you want done of the network?

link000 · April 2023

Thank you. Tried. Does not help.

PeterUK · April 2023

So you *.*93.188 is based on port ge7 as VLAN1? So if you disable VLAN1 it should work?

But whats the problem with PC SNAT out *.*93.188 to go to *.*.93.125 ?

But if you need to go from *.*.110.75 in routing Advance check “Use IPv4 Policy Route to Overwrite Direct Route” with a routing rule to Destination *.*.93.125 SNAT out *.*110.75

link000 · April 2023

jasailafan, PeterUK, thanks for the answers! There is a blocking from the provider! I'm trying to resolve the issue.

Zyxel Zywall USG 300. 3 static IP addresses on one interface

All Replies

Categories

Security Highlight

Security Help Center