User's Manual

ManualsBrandsZyXEL ManualsNetworkingISG50

291

292

293

294

295

296

297

298

299

300

Chapter 14 Policy and Static Routes

ISG50 User’s Guide

296

Interface This field displays when you select Interface in the Type field. Select an

interface to have the ISG50 send traffic that matches the policy route through

the specified interface.

Auto-Disable This field displays when you select Interface or Trunk in the Type field. Select

this to have the ISG50 automatically disable this policy route when the next hop’s

connection is down.

DSCP Marking

DSCP Marking Set how the ISG50 handles the DSCP value of the outgoing packets that match

this route.

Select one of the pre-defined DSCP values to apply or select User Defined to

specify another DSCP value. The “af” choices stand for Assured Forwarding. The

number following the “af” identifies one of four classes and one of three drop

preferences. See Assured Forwarding (AF) PHB for DiffServ on page 299 for more

details.

Select preserve to have the ISG50 keep the packets’ original DSCP value.

Select default to have the ISG50 set the DSCP value of the packets to 0.

User-Defined

DSCP Code

Use this field to specify a custom DSCP value.

Address

Translation

Use this section to configure NAT for the policy route. This section does not apply

to policy routes that use a VPN tunnel as the next hop.

Source Network

Address

Translation

Select none to not use NAT for the route.

Select outgoing-interface to use the IP address of the outgoing interface as the

source IP address of the packets that matches this route. If you select outgoing-

interface, you can also configure port trigger settings for this interface.

To use SNAT for a virtual interface that is in the same WAN trunk as the physical

interface to which the virtual interface is bound, the virtual interface and physical

interface must be in different subnets.

Otherwise, select a pre-defined address (group) to use as the source IP

address(es) of the packets that match this route.

Use Create new Object if you need to configure a new address (group) to use

as the source IP address(es) of the packets that match this route.

Port Triggering Configure trigger port forwarding to allow computers on the LAN to dynamically

take turns using a service that uses a dedicated range of ports on the client side

and a dedicated range of ports on the server side.

Note: You need to create a firewall rule to allow an incoming service before using a

port triggering rule.

Add Click this to create a new entry. Select an entry and click Add to create a new

entry after the selected entry.

Edit Select an entry and click this to be able to modify it. You can also just double-

click an entry to be able to modify it.

Remove Select an entry and click this to delete it.

Move The ordering of your rules is important as they are applied in order of their

numbering.

To move an entry to a different number in the list, click the Move icon. In the

field that appears, specify the number to which you want to move the entry.

# This is the rule index number.

Table 87 Configuration > Network > Routing > Policy Route > Edit (continued)

LABEL DESCRIPTION