How to access device Web GUI remotely via SSL VPN tunnel?

Zyxel_Emily
Zyxel_Emily Posts: 1,396  Zyxel Employee
Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
edited June 2022 in VPN
(1) Add a new access policy for SSL VPN in CONFIGURATION > VPN > SSL VPN > Access Privilege.
(2) Move the SSL VPN user to "Selected User/Group Objects". Set a proper IP pool for SSL VPN users. Select the address from Network List to allow SSL VPN user access to local network. In this example, SSL VPN users can access LAN1_SUBNET.



(3) Set the port for SSL VPN in CONFIGURATION > VPN > SSL VPN > Global Setting. In this example: port 17443 is for SSL VPN.


(4) Go to CONFIGURATION > Security Policy > Policy Control, add two policies for SSL VPN connections.
Policy 1: Allow SSL VPN connection
From WAN To ZyWALL, source: trusted_Geo_IP, service: SSLVPN (port 17443)

Policy 2: Allow SSL VPN users to access the web GUI of USG FLEX
From SSl_VPN To ZyWALL, source: trusted_Geo_IP, service: HTTPS (port 443)


(5) Enter the correct port 17443 in SecuExtender SSL VPN to build up SSL VPN connection.


(6) After SSL VPN is connected, enter gateway IP of LAN1_SUBNET on your browser to access the web GUI of USG FLEX. In this example: 192.168.1.1 is the gateway IP of LAN1_SUBNET.