Re: Pretty simple really

Forums Network Management ZeroShell Zeroshell as Firewall cum router Re: Pretty simple really


As long as your L3 switch is doing the basic routing for the other VLANs, you need to tell that switch to use the ZS ETH01 IP as its own default gateway.

Then you need to add three static routes on ZS back to your L3 switch’s VLAN 1 IP. This is the step that a lot of people forget, because it makes intuitive sense to add routes out, but it doesn’t make intuitive sense to add routes back in.

The resulting routing table in ZS should look something like this:

Destination     Gateway        Genmask        Iface ETH00 * ETH00 * ETH01 ETH01 ETH01 ETH01

…in addition you’ll see VPN99 or other interfaces that won’t affect you unless you’re actually using them.

(Edit: I’m used to using ETH00 as my inside interface and ETH01 as my outside, but either way works I think.)