Route VPN Subnet to remote Network

Veronesi
Veronesi Posts: 24  Freshman Member
First Answer First Comment Friend Collector
edited April 2021 in Security
Hi everybody

I have a VPN100 device with an IKEv2 VPN connection according to this document:
http://onesecurity.zyxel.com/img/uploads/Next-Gen_IKEv2_VPN_Server_Role_CR.pdf

The VPN connection is working, I'm able to connect.
Because I don't want to route my internet traffic from the client through the VPN tunnel, I've disabled the option "Use default gateway on remote network" on the client IPV4 VPN setting.

Client is now able to surf in the internet, but he's unable to ping other devices in the remote network.

Remote Network (where the server and the VPN100 is located): 192.168.0.0/24
VPN Client Subnet on VPN100 is defined to 10.10.10.0/24.


When I connect VPN the client gets a valid address e.g. 10.10.10.3 (Mask 255.255.255.255).

But how to achieve now, that he's able to ping devices in 192.168.0.0 range?
When I add a local static route to the device, then it's working. But I don't want to do this manually. How can I tell the VPN connection (DHCP class based route?) that it should add this route?

Thank you for your help!
Veronesi

Accepted Solution

All Replies

  • Veronesi
    Veronesi Posts: 24  Freshman Member
    First Answer First Comment Friend Collector
    @Zyxel_Emily
    Thank you.

    I now added a route with powershell:
    E.g. Add-VpnConnectionRoute -ConnectionName "NameOfVPNConnection" -DestinationPrefix 192.168.0.0/24 -PassThru

    Veronesi

Security Highlight