ZyXEL Communications ZYWALL 5 - V4.04 Instrukcja Użytkownika Pobierz pdf (Strona 52)

2. In USG200, Create a subnet object with 32-bit mask (255.255.255.255), then use this

object in Outbound Source NAT.

3. The VPN can be connected, but the traffic can't work correctly until you change the

object to host type

113. [BUG FIX] ITS: 56439 SPR: 101129375

Symptom:

“RST ACK” can’t pass through VPN tunnel.

Condition:

Topology:

TELNET server-------(LAN)USG200(WAN)======VPN======(WAN)USG300(LAN)-

------PC

1. Setup a site-to-site VPN tunnel between USG200 and USG300

2. TELNET server is a ZyWALL 5 with a firewall rule to ‘Reject’ telnet traffic to itself.

3. When the PC tries to telnet access the TELNET server, you will see there is no ”RST

ACK” packet captured on the PC site which means the ”RST ACK” can’t pass through

the VPN tunnel

114. [BUG FIX] ITS: 56717 SPR: 110119000

Symptom:

USG as an ipsec server with site-to-site-with-dynamic-peer role, the gui show that it can't

save the policy route with auto-destination.

Condition:

1. Build an ipsec setting, USG50 as the site-to-site-with-dynamic-peer role and USG300 as

the site-to-site role.

2. Add a policy route in USG50, change the type to vpn-tunnel with the ipsec-setting in the

next-hop form. It will show the radio box of "auto-destination"

1 2 ... 47 48 49 50 51 52 53 54 55 56 57 ... 75 76

Brak uwag

ZyXEL Communications ZYWALL 5 - V4.04 Instrukcja Użytkownika Strona 52