Is the USG20 L2TP behind NAT compatible ?
I try to configure my USG20 L2TP behind a Nat but it's not working.
I follow this guides but without success... : How to configure L2TP behind NAT – Zyxel Support Campus EMEA and USG 110 L2TP VPN behind companion nat firewall — Zyxel
Did someone know if that's a compatibility problem like they said on VPN server behind NAT router - configuration problems — Zyxel ?
Thanks in advance for your help.
Best regards
Accepted Solution
All Replies
-
Hi @virtuOS,
Can you please share some information;1- What's the device model's full name and full name of firmware version?
2- Where did you fail in the configuration?
3- Had you configured the related port forwarding settings on the gateway in front of USG20?
4- If you mean that you couldn't manage to configure L2TP due to there's no VPN Settings for L2TP VPN Settings option in the VPN Setup Wizard, can you please try to configure your L2TP manually as in the following article?
Best regards.0 -
Hi Zyxel_Can,
Thanks for your interest.
Here are the reponses you ask for:1- What's the device model's full name and full name of firmware version?
Model name : ZyWALL USG 20
Firmware version : 3.30(BDQ.9) / 1.17 / 2016-11-22 09:50:312- Where did you fail in the configuration?
The l2tp vpn can not connected on client computers. I receive an error in the logs :
[SA] : No proposal chosen[SA] : Tunnel [Felix_FLV] Phase 1 proposal mismatch3- Had you configured the related port forwarding settings on the gateway in front of USG20?
Yes. All is forwarded to the USG20
4- If you mean that you couldn't manage to configure L2TP due to there's no VPN Settings for L2TP VPN Settings option in the VPN Setup Wizard, can you please try to configure your L2TP manually as in the following article?
That's what i did but without success....
Thank in advance for your help :-)
0 -
Hi @virtuOS,
It's possible to configure an USG20 L2TP behind a Nat. I did it this week.I recommend that you go through the zyxel setup wizard and then desactivate the ADP security (or customize it according to your needs but L2TP traffic tends to be blocked). For the NAT rule, configure it as a Virtual Server.
0 -
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight