ZyXEL Communications 91-009-073003B manual 766

Chapter 51 Troubleshooting

•The ZyWALL may not determine the proper IP address if there is an HTTP proxy server between the ZyWALL and the DDNS server.

I cannot create a second HTTP redirect rule for an incoming interface.

You can configure up to one HTTP redirect rule for each (incoming) interface.

I cannot get the application patrol to manage SIP traffic.

Make sure you have the SIP ALG enabled.

I cannot get the application patrol to manage H.323 traffic.

Make sure you have the H.323 ALG enabled.

I cannot get the application patrol to manage FTP traffic.

Make sure you have the FTP ALG enabled.

The ZyWALL keeps resetting the connection.

If an alternate gateway on the LAN has an IP address in the same subnet as the ZyWALL’s LAN IP address, return traffic may not go through the ZyWALL. This is called an asymmetrical or “triangle” route. This causes the ZyWALL to reset the connection, as the connection has not been acknowledged.

You can set the ZyWALL’s firewall to permit the use of asymmetrical route topology on the network (so it does not reset the connection) although this is not recommended since allowing asymmetrical routes may let traffic from the WAN go directly to the LAN without passing through the ZyWALL. A better solution is to use virtual interfaces to put the ZyWALL and the backup gateway on separate subnets. See Asymmetrical Routes on page 365 and the chapter about interfaces for more information.