Chapter 6 Configuration Basics
ZyWALL USG 300 User’s Guide
97
• You do not need to set up policy routes for 1:1 NAT entries.
• You can create Many 1:1 NAT entries to translate a range of private network
addresses to a range of public IP addresses
• Static and dynamic routes have their own category.
Even with these changes, you can still use an existing configuration file from the
previous version.
6.4.2 Routing Table Checking Flow Enhancements
When the ZyWALL receives packets it defragments them and applies destination
NAT. Then it examines the packets and determines how to route them. The
following figure shows how the ZLD 2.20 firmware’s routing table compares with
the earlier 2.1x firmware’s routing table.The checking flow is from top to bottom.
As soon as the packets match an entry in one of the sections, the ZyWALL stops
checking the packets against the routing table and moves on to the other checks,
for example the firewall check.
Figure 57 Routing Table Checking Flow Enhancements
1 Direct-connected Subnets: The ZyWALL first checks to see if the packets are
destined for an address in the same subnet as one of the ZyWALL’s interfaces. You
can override this and have the ZyWALL check the policy routes first by enabling
the policy route feature’s Use Policy Route to Override Direct Route option
(see Section 15.1 on page 373).