Zyxel 650R-31 nat loopback

I run a CVS server on a little linux box at home. This box is behind a Zyxel 650R-31 hardware firewall/router thingy that passes ssh connections from the outside to the linux box. I have a static IP, so a CVS spec looks something like: :ext:me@my.box – this works from the big bad internet. However, on my home LAN, the linux box has an internal non-routable IP, so CVS sandboxes on my laptop can’t be updated, as they have the my.box CVS root stored, and the Zyxel router only does port forwarding on its WAN interface.

The solution is to activate “nat loopback”, so that access to my.box will be passed through the LAN interface of the router to the WAN interface and then back again! To do this, telnet to the Zyxel’s admin interface, go to menu 24.8 (the command mode), and type “ip nat loopback on”.

Yay!

6 thoughts on “Zyxel 650R-31 nat loopback”

  1. Wouldn’t it be a lot easier to change your hosts file ?
    You could even do that with a check to see whether you are home or on the road.

  2. No, it would not be easier. :)

    Think about it: I would have to do that for every client I use to access the CVS repository. Also, whenever I upgrade a machine or change its config, I would have to redo the hosts file trick.

    The config change on the router stays and is valid for all clients. Also, the software on the router has NEVER been upgraded, so my changes stick. I never have to configure a client for this.

    In short: pragmatically speaking, configuring the router is by far the easiest. :)

  3. hello, is there a way to save this option? whenever i reboot my router, i need to re-run this command

    1. I also always redid this after router reboot, as I never found out how to write the setting to firmware. If you find it, please post your answer in these comments!

Leave a Reply

Your email address will not be published. Required fields are marked *