ZyXEL Communications Corporation OX253P Manual De Usuario
Chapter 11 The Firewall Screens
OX253P User’s Guide
126
As a result, the OX253P resets the connection, as the connection has not been
acknowledged.
acknowledged.
Figure 52 “Triangle Route” Problem
11.4.3.1 Solving the “Triangle Route” Problem
If you have the OX253P allow triangle route sessions, traffic from the WAN can go
directly to a LAN computer without passing through the OX253P and its firewall
protection.
directly to a LAN computer without passing through the OX253P and its firewall
protection.
Another solution is to use IP alias. IP alias allows you to partition your network
into logical sections over the same Ethernet interface. Your OX253P supports up to
three logical LAN interfaces with the OX253P being the gateway for each logical
network.
into logical sections over the same Ethernet interface. Your OX253P supports up to
three logical LAN interfaces with the OX253P being the gateway for each logical
network.
It’s like having multiple LAN networks that actually use the same physical cables
and ports. By putting your LAN and Gateway A in different subnets, all returning
network traffic must pass through the OX253P to your LAN. The following steps
describe such a scenario.
and ports. By putting your LAN and Gateway A in different subnets, all returning
network traffic must pass through the OX253P to your LAN. The following steps
describe such a scenario.
1
A computer on the LAN initiates a connection by sending a SYN packet to a
receiving server on the WAN.
receiving server on the WAN.
2
The OX253P reroutes the packet to Gateway A, which is in Subnet 2.
3
The reply from the WAN goes to the OX253P.