Restrict LAN access but allow internet USG20w-VPN

bryeds78 Posts: 1  Freshman Member
edited April 2021 in Security
I have setup a basic L2TP using PSK and basic username/password and with the help of videos and documents from ZyXEL I have it all working. The VPN is handing out while the local network at the USg20w-vpn is handing out IP addresses. I want to allow internet access through the VPN but want to block access to the LAN at the server. To clarify if it isn't clear, if I connect to the VPN remotely, I do not want to access the local network at the server, I just want the internet to go through the VPN, but no access to the remote resources. I can configure these, but I am barely intermediate at best, I have no idea what to look for to do this. Does anyone have any tips on what I should do? 

Also, when I setup the VPN I did it through the configuration wizard - it is pretty must the standard defaults for that setup type. 


  • Ian31
    Ian31 Posts: 167  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    After setup VPN through the wizard.
    You can add one firewall rule before the "IPSec_2_Any" rule to block the access.
    On GUI, go to Security Policy > Policy Control, click add to add a firewall rule.

Security Highlight