USG 110 - Problem in VPN / NAT scenario
Hello zyxel community,
we have a site-to-site IPSec VPN Tunnel from our USG110 to a Fortigate Firewall of an
application provider. No overlapping subnets . The tunnel connection is being
built up successfully.
At the same time we use a Windows RAS Server behind our firewall, for client VPN connections of mobile users via L2TP/IPSec. Therfore we have a NAT and firewall rule, to forward incoming requests to the RAS Server. Everything working there.
Unfortunately it seems, that no traffic is going through the site-to-site tunnel. After some analysis of the network traffic with zyxel tools and wireshark it looks like,
that requests from our LAN site are correctly going into the site-to-site VPN,
the responses are coming back through the tunnel, but are directed to the RAS
server specified in the NAT rule, rather than to the internal IP of the original request.
Any ideas what's going on here and how to fix it would be greatly appreciated!
Kind regards, Gert
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 272 USG FLEX H Series
- 274 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 389 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 74 Security Highlight
