For some application, we installed a Zywall 35 firewall to protect our servers from the other users on the customer's network. The WAN is 10.150.150.0/24, the LAN is 192.168.129/220.127.116.11.1 is in fact a router which serves on another interface the 10.150.155.0/24 network.
Now there is one server in the WAN-network, which is 10.150.150.10, which is a server for clients in 10.150.155.0. The clients are able to connect to this 10.150.150.10 server, but because the Zyxel is masquerading the source-ip address, all packets seem to originate from 10.150.150.19, the WAN-ip address of the Zyxel. The server application on 10.150.150.10 is identifiying the client by the source-IP address, so here we have a problem.
Rewriting the client-server protocol to use another kind of identifying is not an option.
Is it possible to disable masquerading on the Zywall 35?
The simplified schema:10.150.150.10 10.150.150.19 (Zywall 35) 192.168.129.250 192.168.129.1 (2nd router) 10.150.150.50 10.150.155.0/24
Note: it is already possible for 10.150.150.10 to address individual hosts on 10.150.155.0
Any hints appreciated Thanks in advance, Hans