How to access device Web GUI remotely via SSL VPN tunnel?
Options
![Zyxel_Emily](https://us.v-cdn.net/6029482/uploads/defaultavatar/nN4PAQRO7TCNP.jpg)
Zyxel_Emily
Posts: 1,338
Zyxel Employee
![](https://us.v-cdn.net/6029482/uploads/userpics/FN0BI9T10CTX/n6O940IZ5DEW6.png)
![First Anniversary](https://us.v-cdn.net/6029482/uploads/badges/SJKCAIG91R5S.png)
![10 Comments](https://us.v-cdn.net/6029482/uploads/badges/818CA6MI9BTU.png)
![Friend Collector](https://us.v-cdn.net/6029482/uploads/badges/HNJASEUSC535.png)
![First Answer](https://us.v-cdn.net/6029482/uploads/badges/OV6XOPPO8V59.png)
(1) Add a new access policy for SSL VPN in CONFIGURATION > VPN > SSL VPN > Access Privilege.
(2) Move the SSL VPN user to "Selected User/Group Objects". Set a proper IP pool for SSL VPN users. Select the address from Network List to allow SSL VPN user access to local network. In this example, SSL VPN users can access LAN1_SUBNET.
![](https://us.v-cdn.net/6029482/uploads/editor/k0/ocj1wsj3cslh.jpg)
![](https://us.v-cdn.net/6029482/uploads/editor/dc/01tdnenj9eh2.jpg)
(3) Set the port for SSL VPN in CONFIGURATION > VPN > SSL VPN > Global Setting. In this example: port 17443 is for SSL VPN.
![](https://us.v-cdn.net/6029482/uploads/editor/a6/cxdtfpopfnbj.jpg)
(4) Go to CONFIGURATION > Security Policy > Policy Control, add two policies for SSL VPN connections.
![](https://us.v-cdn.net/6029482/uploads/editor/k0/ocj1wsj3cslh.jpg)
![](https://us.v-cdn.net/6029482/uploads/editor/dc/01tdnenj9eh2.jpg)
(3) Set the port for SSL VPN in CONFIGURATION > VPN > SSL VPN > Global Setting. In this example: port 17443 is for SSL VPN.
![](https://us.v-cdn.net/6029482/uploads/editor/a6/cxdtfpopfnbj.jpg)
(4) Go to CONFIGURATION > Security Policy > Policy Control, add two policies for SSL VPN connections.
Policy 1: Allow SSL VPN connection
From WAN To ZyWALL, source: trusted_Geo_IP, service: SSLVPN (port 17443)
Policy 2: Allow SSL VPN users to access the web GUI of USG FLEX
From SSl_VPN To ZyWALL, source: trusted_Geo_IP, service: HTTPS (port 443)
![](https://us.v-cdn.net/6029482/uploads/editor/bh/nhypz5fnn0fo.jpg)
(5) Enter the correct port 17443 in SecuExtender SSL VPN to build up SSL VPN connection.
![](https://us.v-cdn.net/6029482/uploads/editor/xf/ykwg57ix5ktv.jpg)
(6) After SSL VPN is connected, enter gateway IP of LAN1_SUBNET on your browser to access the web GUI of USG FLEX. In this example: 192.168.1.1 is the gateway IP of LAN1_SUBNET.
![Image: https://us.v-cdn.net/6029482/uploads/editor/it/qmfjwq5np7o5.jpg](https://us.v-cdn.net/6029482/uploads/editor/it/qmfjwq5np7o5.jpg)
![](https://us.v-cdn.net/6029482/uploads/editor/bh/nhypz5fnn0fo.jpg)
(5) Enter the correct port 17443 in SecuExtender SSL VPN to build up SSL VPN connection.
![](https://us.v-cdn.net/6029482/uploads/editor/xf/ykwg57ix5ktv.jpg)
(6) After SSL VPN is connected, enter gateway IP of LAN1_SUBNET on your browser to access the web GUI of USG FLEX. In this example: 192.168.1.1 is the gateway IP of LAN1_SUBNET.
![Image: https://us.v-cdn.net/6029482/uploads/editor/it/qmfjwq5np7o5.jpg](https://us.v-cdn.net/6029482/uploads/editor/it/qmfjwq5np7o5.jpg)
Want a FREE Access Point? Participate in our campaign and share your network setup for a chance to win!
Tagged:
0
Categories
- All Categories
- 413 Beta Program
- 2.3K Nebula
- 192 Nebula Ideas
- 87 Nebula Status and Incidents
- 5.3K Security
- 142 USG FLEX H Series
- 253 Security Ideas
- 1.3K Switch
- 75 Switch Ideas
- 993 Wireless
- 51 Wireless Ideas
- 6.1K Consumer Product
- 231 Service & License
- 362 News and Release
- 74 Security Advisories
- 23 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 101 About Community
- 67 Security Highlight