Chapter 18 Firewall
NXC5200 User’s Guide
256
7
Select Dest_1 is selected for the Destination and Doom is selected as the
Service. Enter a description and configure the rest of the screen as follows. Click
OK when you are done.
8
The firewall rule appears in the firewall rule summary.
18.1.5 Asymmetrical Routes
If an alternate gateway on the LAN has an IP address in the same subnet as the
NXC’s LAN IP address, return traffic may not go through the NXC. This is called an
asymmetrical or “triangle” route. This causes the NXC to reset the connection, as
the connection has not been acknowledged.
You can have the NXC permit the use of asymmetrical route topology on the
network (not reset the connection). However, allowing asymmetrical routes may
let traffic from the WAN go directly to the LAN without passing through the NXC. A
better solution is to use virtual interfaces to put the NXC and the backup gateway