Nat 1:1
Hi Sir,
I'm using USG40 with 2 VDSL PPOE, wan1 e wan2.
I have create 2 rule NAT 1:1
wan1_ppp -> IP_VDSL1 -> local IP 192.168.1.10 (local server) -> External port 5060 -> Internal port 5060
wan2_ppp -> IP_VDSL2 -> local IP 192.168.1.10 (local server) -> External port 5060 -> Internal port 5060
When I receive cuncurrently packet on wan1 and wan2, local server see external Source port is change.
Can I fix source port for 2 wan to one internal server?
Regards
Alex
All Replies
-
The USG40 only has one WAN port and a OPT port are you sure you don't have the USG60?
What firmware are you on?
1 -
Yes,
I have config OPT as wan2
Firmware version is: V4.33(AALA.0)
Regards
0 -
So you have traffic like this:
> IP12.12.12.12 Source port 5060 – WAN1 IP123.123.123.123 local port 5060
1:1NAT
> IP12.12.12.12 Source port 5060 -IP192.168.1.10:5060
--------------------------------------------------------------------------------------------------------------------------
> IP12.12.12.12 Source port 5060 – OPT IP45.45.45.45 local port 5060
1:1NAT
> IP12.12.12.12 Source port changed -IP192.168.1.10:5060
Because its to the same server and from the same source port NAT changes the source port I don't think theirs any way round this are you having VoIP issues because of this?
1 -
Hi PeterUK,
it is strange,
I can't have 2 different external IPs with the same port on 2 wan inbound with nat 1: 1 on the same server without the external port source changing?
Trunk VoiP need trust IP and PORT external, Zywall change external source port dynamically.
Alex
0 -
Can I change external port statically method?
Alex
0 -
Hi @DiGiSoft ,
Welcome to Zyxel Community. ?
You can enable SIP ALG and try it again.
BTW, may I know what is your current VoIP phone issue? SIP Phone client cannot register to go on-line?
Phone can go on-line, but cannot make phone call? or can make phone call, but no voice?
Enable SIP ALG at “CONFIGURATION > Network > ALG”
0 -
no work with sip ALG,
ALG replace public ip in sip message, server no accept this.
My sip server needs to know port and ip source to accept sip messages, I configured trunk in my server (Ip and Port) and only this trunk is enable to accept message.
Trunk use Ip authentication no User authentication
Alex
0 -
No solution found,
I think my Server plattform no compliant with Zywall.
I must return my old firewall
Alex
0 -
Hi @DiGiSoft ,
Can you do the test again and capture packets on USG-40 Wan and Lan interface?
I would like to see the packet trace.
0
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight