from LAN to LAN over bridge

Options
NoE
NoE Posts: 30  Freshman Member
First Anniversary 10 Comments Friend Collector
edited April 2023 in Security

Hello,

I have USG Flex700 and I am manging two different ISP networks withthe ZyWALL - one is main ISP and the other is of legally-established entity.
I was able to set it up with the great help of this community - via bridge as described within

The bridge is defined as follows:

Policy route:


Of course some demands happened later on to access some resources over that bridge.

One of them was to access internal web page which belongs to that legally based network.
So I have set the Policy Route:

and Policy Control:

and it behaves really nice - people form one subnet 192.168.0.x can access web interface 192.168.94.200 as HTTP/HTTPS without any problem.

Then another demand came - access data on Synology share which resides within network 192.168.0.x FROM network 192.168.94.x.
So I have followed similar steps:
I have defined the corresponding subnet as interface subnet over the mentioned bridge:

then Policy Route:

and then Policy Control:

But to access Synology in this direction, it does not work at all.

Please share your proposals, experiences, ideas.

Thanks a lot

All Replies

  • PeterUK
    PeterUK Posts: 3,003 ✭✭✭✭✭
    Community MVP First Anniversary 10 Comments Friend Collector
    Options

    A dawning layout of the network might help.

    But from what I see you want subnet 192.168.94.0/24 to connect to this 192.168.0.102? so are devices on 192.168.94.0/24 have gateway to the bridge IP?

  • jasailafan
    jasailafan Posts: 193  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    @NoE
    Is the scenario similar to this example? You may follow the steps in the guide "bridge_scenaro.pdf".
    https://community.zyxel.com/en/discussion/comment/5137#Comment_5137

  • NoE
    NoE Posts: 30  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    well, the GW of 192.168.94.0/20 is defined within the bridge itself:

  • PeterUK
    PeterUK Posts: 3,003 ✭✭✭✭✭
    Community MVP First Anniversary 10 Comments Friend Collector
    Options

    dawn out a network layout 

Security Highlight