How do I allow SecuExtender clients to access servers in the remote site/company through VPN tunnel?
Zyxel Employee
Topology
(lan: 192.168.1.0/24)USG60------IPSec VPN------USG210(lan: 192.168.11.0/24)----PC(192.168.11.33)
SSL VPN client is connected to USG60. SSL VPN pool is 192.168.99.0/24.
Site to site VPN tunnel is established between USG60 and USG210.
On USG60
Create a policy route.
Source: SSL VPN pool. In this example, SSL VPN pool is 192.168.99.0/24.
Destination: Remote Subnet. In this example, Remote Subnet is 192.168.11.0/24.
Next-Hop: site to site VPN tunnel.
Add 192.168.11.0/24 into Network List.
On USG210
Create a policy route.
Source: LAN subnet. In this example, SSL VPN pool is 192.168.11.0/24.
Destination: USG60's SSL VPN pool. In this example, USG60's SSL VPN pool is 192.168.99.0/24.
Next-Hop: site to site VPN tunnel.
Test result
SSL VPN client is connected to USG60 and gets IP 192.168.99.1.
Ping USG60's LAN successfully.
Ping 8.8.8.8 successfully.
Ping USG210's LAN PC 192.168.11.33 successfully.
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 168 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 366 USG FLEX H Series
- 293 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.7K Consumer Product
- 265 Service & License
- 408 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight