[ATP/FLEX] How to configure the firewall for IPSec VPN server behind NAT router?
Options
Zyxel_Emily
Posts: 1,431 
Zyxel Employee
Zyxel Employee
Topology
nebula firewall (wan1: 192.168.1.34)----(lan1: 192.168.1.1)Router(wan: 61.222.x.y)-----Internet-----IPSec VPN client (IKEv2 client)
On Router, you need to create a NAT rule and open ports(IKE, NATT).
NAT Rule:Extermal IP: 61.222.x.y
Intermal IP: 192.168.1.34
Port mapping: IKE, NATT
Firewall Rule:
Destination: 192.168.1.34
Service: IKE, NATT
Action: Allow
On nebula, click Send Email in SecuExtender IKEv2 VPN configuration provision. Download the configuration provision file and double click it.
On IPSec VPN client (IKEv2 client), edit the Remote Gateway IP address: 61.222.x.y.
Tagged:
0
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 176 Nebula Ideas
- 117 Nebula Status and Incidents
- 6.1K Security
- 426 USG FLEX H Series
- 298 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 274 Service & License
- 419 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 89 Security Highlight