Configuration VPN - other subnetwork
Options
Hi, It is my 1st post on this forum, so please be patient :-)
I want to buy Zyxel USG 60 with VPN L2TP/IPSec
I have a plan of topology:
https://zapodaj.net/d4030ae4f73c2.png.html
On the topology we can see zyxel firewall, switch L3 cisco, 3x cisco l2 switches and serwer FTP with DHCP, Win Serwer 2016, Active Directory. Serwer belong to VLAN 10.
To Switches L2 I connect some vlans.
Switch L3 is default gateway for all vlans (on int vlan 10, int vlan 20 etc.)
Between Switch L3 and firewall I have subnetwork 192.168.100.0/30 .1 is zyxel address .2 is Switch L3 physicall address.
Vpn is configuring to connect android mobile devices. I want to share for them other network than 192.168.100.0/30 e.g. 172.16.0.0/24 and Zyxel should be a DHCP for mobile vpn clients.
Can I do it with zyxel usg 60?
Or maybe I should to download other OS ?
I want to buy Zyxel USG 60 with VPN L2TP/IPSec
I have a plan of topology:
https://zapodaj.net/d4030ae4f73c2.png.html
On the topology we can see zyxel firewall, switch L3 cisco, 3x cisco l2 switches and serwer FTP with DHCP, Win Serwer 2016, Active Directory. Serwer belong to VLAN 10.
To Switches L2 I connect some vlans.
Switch L3 is default gateway for all vlans (on int vlan 10, int vlan 20 etc.)
Between Switch L3 and firewall I have subnetwork 192.168.100.0/30 .1 is zyxel address .2 is Switch L3 physicall address.
Vpn is configuring to connect android mobile devices. I want to share for them other network than 192.168.100.0/30 e.g. 172.16.0.0/24 and Zyxel should be a DHCP for mobile vpn clients.
Can I do it with zyxel usg 60?
Or maybe I should to download other OS ?
0
All Replies
-
Hi @terry1996
After established L2TP tunnel, USG will provide an address to client. (the IP address pool configured in L2TP VPN setting)
Then you can add policy route for L2TP client:
Source: L2TP_Pool, Destination: 172.16.0.0/24, NextHop: Switch IP(192.168.100.2), SNAT: none.
Of cause you have to add the routing on your switch that for packets back to L2TP client.
e.g, Destination: L2TP_Pool, NextHop: USG interface(192.168.100.1)
0 -
thank U very much
I am reading a lot and its and Ur comment helps me :-)0
Zyxel Employee
Categories
- All Categories
- 393 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 906 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight
