How to see LAN infront USG20-VPN

ivn

Hello,

This can be a weird question and configuration, but we have a USG20-VPN connected to a LAN in its wan port. There is some machines that cannot be moved behind the firewall. Is there any way to reach the lan (just needed to one machine, even to one port for MS SQL Server could be enough) infront of the USG from VPN?

Many thanks in advance.

Greetings.

PeterUK

So you need to use the advanced option in routing “Use IPv4 Policy Route to Overwrite Direct Route” and make a routing rule:

incoming interface

member LAN1

next hop

type gateway

IP of gateway router in front

SNAT none

You should if able to setup static route for the router in front with:

your LAN by Zywall 192.168.10.0 255.255.255.0

gateway to Zywall IP

If your not able to setup static route use SNAT outgoing-interface but you will then need NAT rules to forward ports.

Policy controls rule from WAN to LAN will be needed

Another option is to bridge WAN and LAN  

ivn

PeterUK said:

So you need to use the advanced option in routing “Use IPv4 Policy Route to Overwrite Direct Route” and make a routing rule:

incoming interface

member LAN1

next hop

type gateway

IP of gateway router in front

SNAT none

You should if able to setup static route for the router in front with:

your LAN by Zywall 192.168.10.0 255.255.255.0

gateway to Zywall IP

If your not able to setup static route use SNAT outgoing-interface but you will then need NAT rules to forward ports.

Policy controls rule from WAN to LAN will be needed

Another option is to bridge WAN and LAN  

Thank you for your answer. I will try it tomorrow and check if I am able to make it work. Many thanks again.