Is my ISP wrong? Nat inside
Hi there, just a noob networking guy, tryin' to learn something.
Here's my scenario.
I need to reach from the external of my building, through public ip X, an internal LAN2 address —→ 10.0.0.241:9000
Modem router address is 10.0.0.1 - Firewall WAN port is 10.0.0.241 as isp requested
Modem router i think got NAT rule Public IP X to 10.0.0.241 on port 9000
i've tried everything on zyxel configuration, but i'm unable to reach that address from outside.
Usually, on other scenario, i setup wan port with ip on same subnet on the public address, setup NAT on firewall, policy control, not problem.
probably i'm missing something.
All Replies
-
i found this situation (think so)
0 -
Well your modem is hardly a modem if the USG WAN gets a 10. IP
So if your WAN gets 10. and your LAN on the USG is the same 10. subnet thats going to cause problems
0 -
As PeterUK said, try to change Firewall's LAN IP to prevent the conflict
0 -
I concur with PeterUK and WJS.
You cannot have the same network on both sides (WAN and LAN) of a routing device (firewall, router, security appliance) as it won't know where to send the data. They must be different.
If you can find out the ISP network mask, you can still use a 10.x.x.x network, just put it beyond the one they use. For instance, if they use 10.0.0.0/24, which would be 10.0.0.1 - 10.0.0.254 host addresses, you could use 10.0.1.0/24, which would be 10.0.1.1 - 10.0.1.254 for host addresses, on your LAN.
0
Guru Member
Master Member
Freshman Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 238 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
