Filter
Top Products
Chapter 6 Configuration Basics
ZyWALL USG 50 User’s Guide
93
of the sections, the ZyWALL stops checking the packets against the routing table
and moves on to the other checks, for example the firewall check.
Figure 53 Routing Table Checking Flow
1 Direct-connected Subnets: The ZyWALL first checks to see if the packets are
destined for an address in the same subnet as one of the ZyWALL’s interfaces. You
can override this and have the ZyWALL check the policy routes first by enabling
the policy route feature’s Use Policy Route to Override Direct Route option
(see Section 13.1 on page 281).
2 Policy Routes: These are the user-configured policy routes. Configure policy
routes to send packets through the appropriate interface or VPN tunnel. See
Chapter 13 on page 281 for more on policy routes.
3 1 to 1 and Many 1 to 1 NAT: These are the 1 to 1 NAT and many 1 to 1 NAT
rules. If a private network server will initiate sessions to the outside clients, create
a 1 to 1 NAT entry to have the ZyWALL translate the source IP address of the
server’s outgoing traffic to the same public IP address that the outside clients use
to access the server. A many 1 to 1 NAT entry works like multiple 1 to 1 NAT rules.
It maps a range of private network servers that will initiate sessions to the outside
clients to a range of public IP addresses. See Section 17.2.1 on page 324 for
more.