[ATP/FLEX] How to Set up IKEv2 VPN tunnel and Authenticate with your RADIUS server on Nebula Gateway

Zyxel_Stanley
Zyxel_Stanley Posts: 1,217
100 Answers 1000 Comments Friend Collector Fifth Anniversary
 Guru Member
edited November 2022 in VPN

Nebula Control Center provides a VPN solution that allows remote VPN users to connect VPN tunnels from Internet. This guide will assist in the configuration IKEv2 VPN tunnel and authenticate with existing RAIDUS domain server.


Set up external authentication server setting

Go to Firewall > Configuration > Firewall Settings and configure RADIUS Server information in “My RADIUS Server” and set up:

a. Authentication server object name.

b. RADIUS Server IP address

c. RADIUS service port

d. Secret Key


Set up VPN setting on gateway

Go to Firewall > Configuration > Remote access VPN page and enable IPSec VPN Server function and set up:
a. Client VPN Subnet.
b. IKE version
c. DNS server IP
d. Authentication Server Type.
e. Client’s email account for VPN configuration provision

Configure VPN configuration on SecuExtender IPSec VPN Client

Go to Firewall > Remote Access VPN > Remote access VPN and click on Send Email button to export VPN configuration to your mail box.

You can double click on the file to import VPN setting to SecuExtender ZyWALL IPSec VPN Client.


Test the Result

Double click on VPN connection setting and it will trigger software to build up VPN tunnel. Enter username and password in pop-up window for VPN authentication. 

After you enter RADIUS username and password, the VPN tunnel is connected.


It will display VPN client’s IP address offered by VPN server.

You can also check the VPN client status on Nebula server.

Go to Firewall > Monitor > VPN Connections > Client to site VPN login account. It will display authenticated name, assigned IP, and incoming IP address.