|
Posted by Hans on October 27, 2005, 11:56 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hello group,
For some application, we installed a Zywall 35 firewall to protect our
servers from the other users on the customer's network.
The WAN is 10.150.150.0/24, the LAN is 192.168.129/24.
192.168.129.1 is in fact a router which serves on another interface the
10.150.155.0/24 network.
Now there is one server in the WAN-network, which is 10.150.150.10, which is
a server for clients in 10.150.155.0. The clients are able to connect to
this 10.150.150.10 server, but because the Zyxel is masquerading the
source-ip address, all packets seem to originate from 10.150.150.19, the
WAN-ip address of the Zyxel. The server application on 10.150.150.10 is
identifiying the client by the source-IP address, so here we have a problem.
Rewriting the client-server protocol to use another kind of identifying is
not an option.
Is it possible to disable masquerading on the Zywall 35?
The simplified schema:
10.150.150.10 <--WAN--> 10.150.150.19 (Zywall 35) 192.168.129.250 <--
LAN --> 192.168.129.1 (2nd router) 10.150.150.50 <---> 10.150.155.0/24
Note: it is already possible for 10.150.150.10 to address individual hosts
on 10.150.155.0
Any hints appreciated
Thanks in advance, Hans
| 
XML site map