ZyWALL 10~100 Series Internet Security Gateway
Triangle Route
2-1
Chapter 2
Triangle Route
The Ideal Setup
When the firewall is on, your ZyWALL acts as a secure gateway between your LAN and the Internet. In an
ideal network topology, all incoming and outgoing network traffic passes through the ZyWALL to protect
your LAN against attacks.
Diagram 2-1 Ideal Setup
The “Triangle Route” Problem
A traffic route is a path for sending or receiving data packets between two Ethernet devices. Some companies
have more than one alternate route to one or more ISPs. If the LAN and ISP(s) are in the same subnet, the
“triangle route” problem may occur. The steps below describe the “triangle route” problem.
Step 1.
A computer on the LAN initiates a connection by sending out a SYN packet to a receiving server
on the WAN.
Step 2.
The ZyWALL reroutes the SYN packet through Gateway
B
on the LAN to the WAN.
Step 3.
The reply from the WAN goes directly to the computer on the LAN without going through the
ZyWALL.
As a result, the ZyWALL resets the connection, as the connection has not been acknowledged.
Summary of Contents for 10 Series
Page 8: ...ZyWALL 10 100 Series Internet Security Gateway viii Table of Contents Index A ...
Page 14: ......
Page 16: ......
Page 28: ......
Page 32: ......
Page 34: ...ZyWALL 10 100 Series Internet Security Gateway The Big Picture 3 2 ...
Page 46: ......
Page 56: ......
Page 58: ......
Page 92: ......
Page 93: ...Index III Part III Index This part provides an Index of key terms ...
Page 94: ......