USG 60 L2TP IPsec VPN not working from local LAN2
Freshman Member
Hey guys,
Recently users asked my if they can connect to our VPN from our company WIFI.
The company LAN (LAN1) and the company WIFI (LAN2) are both connected to our usg60 which handles all traffic to and from the internet. VPN L2TP IPsec is already set up and working via the WAN port of the usg60 and lands inside of LAN1 in a new subnet. A few details:
WAN: <WAN IP> (Landing IP for VPN connections)
LAN1: 10.0.0.X + 10.0.1.X (for VPN clients)
LAN2: 192.168.2.X
I tried working out how to enable users to connect to the VPN from our LAN2 as well, but am stuck. When clients try to connect via normal VPN settings, they run into an error 789 on both Win7 and Win10. Now I found this thread: https://businessforum.zyxel.com/discussion/878/usg-110-l2tp-vpn-behind-companion-nat-firewall but it's not really the same as there isn't any NAT between LAN2 and WAN, but there is between LAN2 and LAN1 of course. I also checked the policies and didn't find anything that looked like it would prevent traffic from LAN2 to WAN.
What am I missing here? How can users connect to VPN from another internal LAN?
0
Comments
-
Hi @Stephan,
Can you post your network topology with IP subnet and VPN client where you connected from?
0 -
Hey @Zyxel_CooldiaHere our topology.
We can connect to VPN if the connection originates from the internet. We also want to connect to VPN when connected to one of the Wifis. The VLANs are handled on our Netgear switches if that makes any difference. Wifi clients get a successfull resolution from vpn.company.com to the WAN public IP. Though on connecting from Wifi to VPN, Windows 7/10 does time out with the above mentioned error 789.
Let me know if you need more details.
0 -
Hi @stephan,
It does not support VPN connection from internal interface at V4.31. we will support multi-interface for l2tp over IPSec VPN at V4.32.
0 -
Thanks for that! Tough to find out with just the user manual.@Zyxel_Cooldia would the USG 100 or the USG 310 support L2TP IPSec over internal intefaces? Will V4.32 be released for the USG 60? Do you have a rough estimate on when V4.32 will be released?0
-
0
-
@Zyxel_Cooldia Thank you again for you swift reply! We will wait for the next FW upgrade and then try to solve this issue this way
Can I mark this as solved anywhere?1
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 238 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
