IKEv2 Disable Split Tunneling not working
Freshman Member
I want to set up IKEv2 VPN Connection where I want my cliënt to be able to use the remote internet connection, so we can use the fix WAN IP on the server side. I set SecuExtender to Disable Split Tunneling and I added a policy route on the flex with IKEv2_VPN as member, Source address the IKEv2 pool and as Next-Hop: Trunk, WAN_Trunk.
However on the Cliënt if I then do a tracert to 8.8.8.8, it gives request timed out. The tunnel works fine, I'm able to access the local server.
All Replies
-
I do not remember the setup, but I think you need to add an extra routing rule as well.
0 -
If you are using policy-based VPN, please remember to allow 0.0.0.0 in Phase 2.
0 -
Hmm, in what section do I have to configure that?
0 -
Phase-2 is "VPN Connection" settings.
Phase-1 is "VPN Gateway" settings.
You might have to display advanced options.
0 -
Greeting Forum, Please kindly share your config file by private message.
Thank you
0 -
Yes I know :) This is my Phase2 config:
0 -
Hi @nielsscheldeman ,
Please allow 0.0.0.0/0 in Phase2 policy also ensure VPN client Remote LAN address is "0.0.0.0'
In this way, All traffic will route into Firewall. Thank you
0 -
Apologies, but I don't see where I can allow that? client is already configured like that.
0 -
Hi @nielsscheldeman ,
Please set the Local Policy to 0.0.0.0/0 . If the issue still persist we can have remote session to assist you.
Thank you
0
Ally Member
Zyxel Employee
Categories
- All Categories
- 187 Beta Program
- 1.7K Nebula
- 90 Nebula Ideas
- 63 Nebula Status and Incidents
- 4.7K Security
- 236 Security Ideas
- 1.1K Switch
- 51 Switch Ideas
- 917 WirelessLAN
- 27 WLAN Ideas
- 5.4K Consumer Product
- 173 Service & License
- 296 News and Release
- 65 Security Advisories
- 14 Education Center
- 1K FAQ
- 450 Nebula FAQ
- 256 Security FAQ
- 100 Switch FAQ
- 115 WirelessLAN FAQ
- 22 Consumer Product FAQ
- 67 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 68 About Community
- 52 Security Highlight
