[ATP/FLEX] How to configure the firewall for IPSec VPN server behind NAT router?
Zyxel_Emily
Posts: 1,417 
Zyxel Employee
Zyxel Employee
Topology
nebula firewall (wan1: 192.168.1.34)----(lan1: 192.168.1.1)Router(wan: 61.222.x.y)-----Internet-----IPSec VPN client (IKEv2 client)
On Router, you need to create a NAT rule and open ports(IKE, NATT).
NAT Rule:Extermal IP: 61.222.x.y
Intermal IP: 192.168.1.34
Port mapping: IKE, NATT
Firewall Rule:
Destination: 192.168.1.34
Service: IKE, NATT
Action: Allow
On nebula, click Send Email in SecuExtender IKEv2 VPN configuration provision. Download the configuration provision file and double click it.
On IPSec VPN client (IKEv2 client), edit the Remote Gateway IP address: 61.222.x.y.
Tagged:
0
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 169 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 379 USG FLEX H Series
- 294 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.7K Consumer Product
- 266 Service & License
- 410 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight