| USG 300 Bridge Mode howto Hi
At the moment I have a dying Zywall 75 operating in bridge mode in the following way (I've obfuscated the true IP addresses)
WAN1 - 80.69.233.93 / 255.255.255.224 - leased line plugged into this
DMZ - 80.69.233.92 - 80.69.233.66 - hub + servers plugged into this
I then use firewall rules to allow traffic between these two interfaces.
I want to replace this Zywall, with a shiny new USG300, but the interface is totally different and I don't know where to start.
Can anyone give me a pointer how to set this up on the 300?
Cheers |
|
 DrTCPYours trulyPremium,ExMod 1999-04
join:1999-11-09
Round Rock, TX | said by Jaowon:Can anyone give me a pointer how to set this up on the 300? USG 300 supports Bridge mode in configuration. For transparent firewall function, I think you will need to setup a bridge between WAN and LAN ports.
Download the user manual and support notes from ZyXEL and read them completely before starting.
|
|
| Hi
I'd already downloaded those, and found nothing that matched how I want to configure the firewall. The closest example was configuring between 2 different subnets, one on the WAN and one on the LAN. |
|
|
|
 AnavSarcastic Llama? Naw, Just AcerbicPremium
join:2001-07-16
Dartmouth, NS
kudos:3 | reply to Jaowon
Very roughly suggest creating an interface using the Bridge Tab wwith the two members WANX and DMZY (x and y if you have more than one of each).
My question would be what zone to place the bridge in (WAN or DMZ). I would suspect DMZ but not sure. ANother difficult question is where to assign DHCP. Is there a particular IP address required for each or any of your devices on the DMZ (within the alloted public grouping)........ and how to do this either
a. automatically or
b. manually
Best guess:
DMZ interface would probably be set to 0.0.0.0 for DHCP
Bridge interface would probably be set to get DHCP automatically
Not even sure you would need Firewall rules unless this is how you will assign your public IPs to the Devices???
Since there is no NAT being done probably dont need policy route.
Caveat...... _ i am dangerously ignorant of how the internet works especially when it comes to actual networking knowledge.
I wonder if in the USG50 or USG100 manuals they describe how to do this??
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"
LlamaWorks Equipment |
|
| Thanks but your answer has only added to my confusion 
My current Zywall 75 "IS" the firewall, that's it's only function. On one side my leased line plugs in, on the other side the servers plug in via a hub, configuring this was entirely intuitive. I ticked "Bridge Mode" and there was no other option needed, infact selecting "Bridge Mode" made most of the other menu options disappear. I then restricted traffic using firewall rules (because the defaults were to allow all). DHCPdoesn't matter as the servers all have static IP addresses. |
|
AnavSarcastic Llama? Naw, Just AcerbicPremium
join:2001-07-16
Dartmouth, NS
kudos:3 | Okay fair enough, so no assignement of IPs need be done as long as their within what is available due to contract. Can you clarify what you mean by firewall rules....... Posting them changing the numbers etc might be helpful. |
|
| Hi
I think this might be my answer. Will give this a go when I get to work. Cheers guys.
»us.zyxel.com/Support/FAQ-Answer-···?fid=355 |
|
AnavSarcastic Llama? Naw, Just AcerbicPremium
join:2001-07-16
Dartmouth, NS
kudos:3 | reply to Jaowon
Kewlies, I wasnt to far off LOL. Different screens on the 100 compared to the 300. Gluck! |
|
