I agree with TeknoKingNYC for the example(s) that you used. Also with both the AT+T(?) router and the USG20 acting as DHCP servers how do you avoid bad IP assignments? It would have been nice if your drawn examples agreed with the configurations done on the ZyWALL.
There are actually 2 parts to NAT/Port forwarding on the ZyWall. The first is the NAT, so the appliance knows where to send the packet(s) when they are received, and the second is the Firewall portion which allows the packet to be sent (confused yet?) Anyway, the original IP should be your Zywall's assigned IP from your modem/router. So lets say my public ip (modem) is 8.8.2.1, the modem assigns the ZyWall 10.1.10.10, and the ZyWall assigns 192.168.1.10 to the computer acting as the terminal server. You would set 1:1 NAT, Interface would be WAN, Original IP would be 10.1.10.10, and your mapped IP would be 192.168.1.10. Your port mapping would be the predefined RDP object. Once that is done, you'd have to allow the packets in the Firewall section! Follow Andrew's 2nd video for setting that up. :)
Hi. Thanks for this video and the Zyxel USG 20 review one too. I know this is a few years old, but I have the opportunity of obtaining a used USG20. Can you tell me if the explanation in this video is enough to separate some IOT devices from my main home network? To clarify I have all our devices connected to my wireless router which then goes to a modem. Can I use the information in your video to separate out the IOT devices (all devices including non-IOT devices are on a 192.168.0.xx range) from the the 192.168.0.xx range to, say, 192.168.1.xx range? That seems to be the idea I get from your video, if I've understood it correctly. My goal is to separate the IOT devices from the rest of my internal home network. Also, can I say that you comments in your introductory video about giving honest reviews is appreciated. Thanks.
Sorry to Spam your channel, I keep running out of room! By the way, I'm using the ZyWall 310 which has 2 WAN ports for load balancing ISPs.. Either way the concepts below still work the same. You just need to specific which WAN port needs to be translated to your LAN.
I think I might have to hard reset my zyxel USG 20W. After attempting a NAT 1:1 the browser went on infinite load and now I can no longer connect to it with any device... from any IP range lol.
Hi, I built a vpn between a Cisco RV042 (192.168.2.0/24) and a USG20w (192.168.1.0/24). The VPN starts perfectly. I can access everything in my RV network from the USG LAN1 through the VPN connection. From the RV LAN I can PING all ip address on the USG LAN. But when I open my web browser on the my desktop (192.168.2.3) and try to access my NAS at 192.168.2.7, I can't (only ping). At the USG LOG, i get access forward from 2.3 to 2.7 but it won't open. Can you help me? Thx a lot !
Hi Andrew, I have an issue, let say i want to connect from outside public dns, Let say computer (A) remotely from this server (B) how should i setup the nat on zyxel firewall.?
The 'Original IP' should be the IP address of the ZyWalls WAN port where the service is coming from. I'm using the ZyWall 310 which has 2 WAN ports for dual ISPs, but the concept is still the same regardless.
11 лет назад
This terminology fragmentation and inconsistency is driving me nuts. I've spent hours trying to forward RDP from lan to wan. of course... Monday is another day. So... Original IP is mapped on the WAN and Mapped IP is actually the IP inside LAN. Damn... iptables si so much straight-forward.
Brilliantly explained; just the right speed and complexity, thanks Jeff
no problem. glad you liked it
Great video. thanks for putting this together.
I agree with TeknoKingNYC for the example(s) that you used. Also with both the AT+T(?) router and the USG20 acting as DHCP servers how do you avoid bad IP assignments?
It would have been nice if your drawn examples agreed with the configurations done on the ZyWALL.
Nice tutorial! Thanks
There are actually 2 parts to NAT/Port forwarding on the ZyWall. The first is the NAT, so the appliance knows where to send the packet(s) when they are received, and the second is the Firewall portion which allows the packet to be sent (confused yet?) Anyway, the original IP should be your Zywall's assigned IP from your modem/router. So lets say my public ip (modem) is 8.8.2.1, the modem assigns the ZyWall 10.1.10.10, and the ZyWall assigns 192.168.1.10 to the computer acting as the terminal server. You would set 1:1 NAT, Interface would be WAN, Original IP would be 10.1.10.10, and your mapped IP would be 192.168.1.10. Your port mapping would be the predefined RDP object. Once that is done, you'd have to allow the packets in the Firewall section! Follow Andrew's 2nd video for setting that up. :)
Very good tutorial. Thanks alot andrewesquivel
Glad to help! =)
Hi. Thanks for this video and the Zyxel USG 20 review one too. I know this is a few years old, but I have the opportunity of obtaining a used USG20. Can you tell me if the explanation in this video is enough to separate some IOT devices from my main home network? To clarify I have all our devices connected to my wireless router which then goes to a modem. Can I use the information in your video to separate out the IOT devices (all devices including non-IOT devices are on a 192.168.0.xx range) from the the 192.168.0.xx range to, say, 192.168.1.xx range? That seems to be the idea I get from your video, if I've understood it correctly. My goal is to separate the IOT devices from the rest of my internal home network.
Also, can I say that you comments in your introductory video about giving honest reviews is appreciated. Thanks.
Thanks for the insight
Sorry to Spam your channel, I keep running out of room! By the way, I'm using the ZyWall 310 which has 2 WAN ports for load balancing ISPs.. Either way the concepts below still work the same. You just need to specific which WAN port needs to be translated to your LAN.
Is that the way to make the NAT-Typ from 2/3 to 1?
I think I might have to hard reset my zyxel USG 20W. After attempting a NAT 1:1 the browser went on infinite load and now I can no longer connect to it with any device... from any IP range lol.
Hi, I built a vpn between a Cisco RV042 (192.168.2.0/24) and a USG20w (192.168.1.0/24). The VPN starts perfectly. I can access everything in my RV network from the USG LAN1 through the VPN connection. From the RV LAN I can PING all ip address on the USG LAN. But when I open my web browser on the my desktop (192.168.2.3) and try to access my NAS at 192.168.2.7, I can't (only ping). At the USG LOG, i get access forward from 2.3 to 2.7 but it won't open. Can you help me? Thx a lot !
Hi Andrew, I have an issue, let say i want to connect from outside public dns, Let say computer (A) remotely from this server (B) how should i setup the nat on zyxel firewall.?
malformed question
pie flavoured pie
what kind of pie? 0_0
The 'Original IP' should be the IP address of the ZyWalls WAN port where the service is coming from. I'm using the ZyWall 310 which has 2 WAN ports for dual ISPs, but the concept is still the same regardless.
This terminology fragmentation and inconsistency is driving me nuts.
I've spent hours trying to forward RDP from lan to wan. of course... Monday is another day.
So... Original IP is mapped on the WAN and Mapped IP is actually the IP inside LAN.
Damn...
iptables si so much straight-forward.
and then there was pie
Throw modem into bridge mode, use USG as router... instead of traversing nonsense.