IKEv2 Disable Split Tunneling not working
Freshman Member
I want to set up IKEv2 VPN Connection where I want my cliënt to be able to use the remote internet connection, so we can use the fix WAN IP on the server side. I set SecuExtender to Disable Split Tunneling and I added a policy route on the flex with IKEv2_VPN as member, Source address the IKEv2 pool and as Next-Hop: Trunk, WAN_Trunk.
However on the Cliënt if I then do a tracert to 8.8.8.8, it gives request timed out. The tunnel works fine, I'm able to access the local server.
All Replies
-
I do not remember the setup, but I think you need to add an extra routing rule as well.
0 -
If you are using policy-based VPN, please remember to allow 0.0.0.0 in Phase 2.
0 -
Hmm, in what section do I have to configure that?
0 -
Phase-2 is "VPN Connection" settings.
Phase-1 is "VPN Gateway" settings.
You might have to display advanced options.
0 -
Greeting Forum, Please kindly share your config file by private message.
Thank you
0 -
Yes I know :) This is my Phase2 config:
0 -
Hi @nielsscheldeman ,
Please allow 0.0.0.0/0 in Phase2 policy also ensure VPN client Remote LAN address is "0.0.0.0'
In this way, All traffic will route into Firewall. Thank you
0 -
Apologies, but I don't see where I can allow that? client is already configured like that.
0 -
Hi @nielsscheldeman ,
Please set the Local Policy to 0.0.0.0/0 . If the issue still persist we can have remote session to assist you.
Thank you
0
Master Member
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
