Site-to-site VPN and L2TP VPN access

virtuOS
virtuOS Posts: 5
edited April 14 in Security
Hello,

We actually have a site-to-site VPN between us and a customer site. 
This customer would like to access the datas (on our infrastructure) and on the printer (on the customer site). 

Then, we actually have a site-to-site VPN between us (ZyWall310) and the customer site (USG20).
We created a l2tp vpn that goes directly to the customer site. But, can i give access to datas through the l2tp connexion and ghrough the site-to-site vpn ? You can have a graphical explanation in attachement.

Thanks a lot for your help. 

Best regards

All Replies

  • mMontana
    mMontana Posts: 107  Ally Member
    edited April 8
    Laptop should now where DATAS is and how to reach it (route).
    Then there should be firewall rules from USG20 for allowing traffic.
    FInally Zywall 310 should know that L2TP exists and how to reach it (route) also with rules for allowing only traffic you need.

    Otherwise, DATAS should know how to reach printer on USG20 site and L2TP should be realized between Zywall and Laptop.
  • virtuOS
    virtuOS Posts: 5
    Hi,
    Ok. Then i just need to create a route that redirect the traffic from customer site to the site-to-site ? 
    How can i do that ?

    Thank in advance for your help 
  • PeterUK
    PeterUK Posts: 869  Guru Member

    Can you try with the laptop no connected to the VPN USG20?

    Likely just some routeing rules and firewall rules thats needed check your logs.


  • virtuOS
    virtuOS Posts: 5
    The laptop need to be connected... Otherwise, it can't working.... Sorry, i think i didn't understand....
  • Zyxel_Can
    Zyxel_Can Posts: 142  Zyxel Employee

    Hi @virtuOS,

     

    If you set up your IPSec and L2TP VPNs already, you will just need Policy routes as following;

     

    1-    For Customer Site;

    Suppose that DATA Server is under 192.168.30.0/24 subnet.

    We create a Policy Route For L2TP VPN.


    2-    On your site;
    When L2TP tunnel users initiate a session, it needs to respond with following Policy route;


    Best regards.
Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!

Community News