[ATP/FLEX] How to configure the firewall for IPSec VPN server behind NAT router?
Options
Zyxel_Emily
Posts: 1,461 
Zyxel Employee
Zyxel Employee
Topology
nebula firewall (wan1: 192.168.1.34)----(lan1: 192.168.1.1)Router(wan: 61.222.x.y)-----Internet-----IPSec VPN client (IKEv2 client)
On Router, you need to create a NAT rule and open ports(IKE, NATT).
NAT Rule:Extermal IP: 61.222.x.y
Intermal IP: 192.168.1.34
Port mapping: IKE, NATT
Firewall Rule:
Destination: 192.168.1.34
Service: IKE, NATT
Action: Allow
On nebula, click Send Email in SecuExtender IKEv2 VPN configuration provision. Download the configuration provision file and double click it.
On IPSec VPN client (IKEv2 client), edit the Remote Gateway IP address: 61.222.x.y.
Tagged:
0
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 217 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.5K Security
- 581 USG FLEX H Series
- 344 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 52 Wireless Ideas
- 7K Consumer Product
- 297 Service & License
- 476 News and Release
- 91 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 87 About Community
- 102 Security Highlight