[ATP/FLEX] How to configure the firewall for IPSec VPN server behind NAT router?
Options
Zyxel_Emily
Posts: 1,442 
Zyxel Employee
Zyxel Employee
Topology
nebula firewall (wan1: 192.168.1.34)----(lan1: 192.168.1.1)Router(wan: 61.222.x.y)-----Internet-----IPSec VPN client (IKEv2 client)
On Router, you need to create a NAT rule and open ports(IKE, NATT).
NAT Rule:Extermal IP: 61.222.x.y
Intermal IP: 192.168.1.34
Port mapping: IKE, NATT
Firewall Rule:
Destination: 192.168.1.34
Service: IKE, NATT
Action: Allow
On nebula, click Send Email in SecuExtender IKEv2 VPN configuration provision. Download the configuration provision file and double click it.
On IPSec VPN client (IKEv2 client), edit the Remote Gateway IP address: 61.222.x.y.
Tagged:
0
Categories
- All Categories
- 438 Beta Program
- 2.7K Nebula
- 189 Nebula Ideas
- 121 Nebula Status and Incidents
- 6.2K Security
- 458 USG FLEX H Series
- 304 Security Ideas
- 1.6K Switch
- 81 Switch Ideas
- 1.3K Wireless
- 44 Wireless Ideas
- 6.8K Consumer Product
- 279 Service & License
- 438 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 91 Security Highlight