ZyXEL Communications ZyWALL 300 User Manual

ZyWALL USG 300 User’s Guide

This chapter shows you how to configure policies for IP routing and static routes on your 
ZyWALL. See 

 for related information on the policy route screens.

Traditionally, routing is based on the destination address only and the ZyWALL takes the 
shortest path to forward a packet. IP Policy Routing (IPPR) provides a mechanism to override 
the default routing behavior and alter the packet forwarding based on the policy defined by the 
network administrator. Policy-based routing is applied to incoming packets on a per interface 
basis, prior to the normal routing.

• Source-Based Routing – Network administrators can use policy-based routing to direct 

traffic from different users through different connections.

• Bandwidth Shaping – Organizations can allocate bandwidth to traffic that matches the 

routing policy and prioritize traffic.

• Cost Savings – IPPR allows organizations to distribute interactive traffic on high-

bandwidth, high-cost paths while using low-cost paths for batch traffic.

• Load Sharing – Network administrators can use IPPR to distribute traffic among multiple 

paths.

• NAT - The ZyWALL performs NAT by default for traffic going to or from the ge1 

interface. Routing policy’s SNAT allows network administrators to have traffic received 
on a specified interface use a specified IP address as the source IP address.

Individual routing policies are used as part of the overall IPPR process. A policy defines the 
matching criteria and the action to take when a packet meets the criteria. The action is taken 
only when all the criteria are met. The criteria can include the user name, source address and 
incoming interface, destination address, schedule, IP protocol (ICMP, UDP, TCP, etc.) and 
port.

The actions that can be taken include:

• Routing the packet to a different gateway, outgoing interface, VPN tunnel, or trunk.

• Limiting the amount of bandwidth available and setting a priority for traffic.