Overview
Usually Zyxel Routers are used in Standard Mode,
which means that the Router handles everything for you such as PPPoE, NAT and Routing.
But besides this Standard Configuration, many Zyxel Routers can be setup in Bridge Mode
and Transparent Mode. In this article, I will explain all three modes, the Transparent
Mode is explained in detail, because there is no simple mouse click within the
Router Configuration to switch to
this very useful mode.
In the example below the following parameters and
terms are used:
-
PPPoE - Point-to-Point Protocol over
Ethernet, is a network protocol for encapsulating Point-to-Point Protocol (PPP)
frames inside Ethernet frames. You have to enter a User/Password, which you receive
from the Internet Service Provider.
-
NAT - network address translation is a
technique to receive network
traffic through a router that involves re-writing the source and/or destination IP
addresses and usually also the TCP/UDP port numbers of IP packets as they pass
through. Checksums (both IP and TCP/UDP) must also be rewritten to take account of
the changes. Most systems using NAT do so in order to enable multiple hosts on a
private network to access the Internet using a single public IP address.
-
HSZ - This is the Private Network (LAN),
usually in the IP Range 192.168.XXX.XXX
(in the Example 192.168.1.0 /
255.255.255.0 is used).
-
DMZ - This is the Public Network, which
can be seen from the Internet
(in the Example 83.251.44.192 / 255.255.255.240 is used).
Standard Mode
In the Standard Mode, no extra Router / Firewall is
used. The HSZ is directly connected the Zyxel Router which gets its Public Address
83.251.44.193 from the Provider. The HSZ IP-Address for the Zyxel Router is 192.168.1.1, all hosts in the HSZ are using this IP-Address as
the Default Gateway. The Zyxel Router handles
all relevant functions PPPoE, Routing and NAT Translation. The Zyxel
configuration is very simple and need no special setup, I do not explain this mode in
more detail.
Bridge Mode
In Bridge mode, you must either have another device
(a Router/Firewall or your PC) to use that can be configured for PPPoE authentication.
The Public IP-Address (93.251.44.193) is forwarded to the Router/Firewall. In Bridge Mode, the Zyxel
Router, delegates the main functions PPPoE, Routing and NAT to the connected
Router/Firewall. This configuration is useful if you have a DMZ and a Router/Firewall
which can handle the PPPoE authentication. The Zyxel configuration is again very simple,
just click the Bridge Switch, but now you have to configure the
Router/Firewall.
Transparent Mode
In Transparent mode (which usually is NOT documented
in the Zyxel doc) you have the same advantages as in the bridge mode, but you do not need
a Router/Firewall that is able to do the PPPoE authentication, the Zyxel Router can do it
as in the Standard Mode. The Public IP-Address (93.251.44.193) is now on the
internal site of the Zyxel Router. We
use a Cisco 2600 Router/Firewall, which is very complicated to setup for the PPPoE
authentication - with the Zyxel Router in Transparent mode we can further use the Cisco
2600 Router.
-
Setup the PPPoE authentication (User, Password,
IP automatic from ISP)
-
Menu NAT -> Switch off NAT -> Apply
-
Menu LAN -> DHCP to «None» ->
Apply
-
Router IP Address to 83.251.44.193 (same IP as
received on WAN)
Subnet to 255.255.255.240 -> Apply
-
Setup IP-Address on Public Interface to
83.251.44.194 /
255.255.255.240
-
Setup Default Gateway to
83.251.44.193
Conclusion
Standard and Bridge Modes are well documented - in
fact often the Bridge Mode is called Transparent Mode. In this example we present the
real Transparent Mode which has the same advantages as the Bridge Mode, but with the
difference, that nothing must be changed on an existing Router/Firewall.
|