USG20-VPN WITH NAT AND VIRTUAL IP
Options
Hello!
I have a USG20-VPN factory restored, and ready to be configured!
I need to install it in a already built network (192.168.1.0/24) because I have some devices that I want to reach with SSL VPN.
I try to explain what I think to do:
I attach an image to explain the situation:
I have a USG20-VPN factory restored, and ready to be configured!
I need to install it in a already built network (192.168.1.0/24) because I have some devices that I want to reach with SSL VPN.
I try to explain what I think to do:
- assign virtual IP to the USG
- NAT that IP to the real IP (internal network of the USG, for example LAN1)
- create rule to let user connect from the primary network to that IP
- configure VPN SSL to reach internal IP of the USG (with NAT rule from the primary modem)
I attach an image to explain the situation:
0
Accepted Solution
All Replies
-
If your modem router at 192.168.1.1 can do static route there is another way without double NAT.
0 -
Thank you @Zyxel_Can!
Everythings are clear!
@PeterUK: yes there is a modem router and I have access to it. What do you mean with another waY?
Thanks
0 -
Instead of SNAT 192.168.0.31 from 192.168.1.30 or with virtual IP's you static route on the modem router at 192.168.1.1 for 192.168.0.0/24 to 192.168.1.30 you then make a routing rule with Use IPv4 Policy Route to Overwrite Direct Route checked to go from incoming LAN1 to next hop gateway 192.168.1.1
0
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 52 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight