Site-to-site VPN and L2TP VPN access

virtuOS

Hello,

We actually have a site-to-site VPN between us and a customer site. 

This customer would like to access the datas (on our infrastructure) and on the printer (on the customer site). 

Then, we actually have a site-to-site VPN between us (ZyWall310) and the customer site (USG20).

We created a l2tp vpn that goes directly to the customer site. But, can i give access to datas through the l2tp connexion and ghrough the site-to-site vpn ? You can have a graphical explanation in attachement.

Thanks a lot for your help. 

Best regards

mMontana

Laptop should now where DATAS is and how to reach it (route).
Then there should be firewall rules from USG20 for allowing traffic.
FInally Zywall 310 should know that L2TP exists and how to reach it (route) also with rules for allowing only traffic you need.

Otherwise, DATAS should know how to reach printer on USG20 site and L2TP should be realized between Zywall and Laptop.

virtuOS

Hi,
Ok. Then i just need to create a route that redirect the traffic from customer site to the site-to-site ? 
How can i do that ?

Thank in advance for your help 

PeterUK

Can you try with the laptop no connected to the VPN USG20?

Likely just some routeing rules and firewall rules thats needed check your logs.

virtuOS

The laptop need to be connected... Otherwise, it can't working.... Sorry, i think i didn't understand....

Zyxel_Can

Hi @virtuOS,

 

If you set up your IPSec and L2TP VPNs already, you will just need Policy routes as following;

 

1-    For Customer Site;

Suppose that DATA Server is under 192.168.30.0/24 subnet.

We create a Policy Route For L2TP VPN.


2-    On your site;
When L2TP tunnel users initiate a session, it needs to respond with following Policy route;


Best regards.