How to Configure Remote Access VPN with Zyxel VPN Client

Zyxel_Stanley

This example shows how to setup Remote Access VPN on USGFLEX H and Zyxel VPN Client. The example instructs how to implement Remote Access VPN by SSLVPN and IPSec VPN

Before Begin

User & Authentication > User/Group > User

Create local user for remote access authentication

Download and install the new TGB Client

Type 1: Set up SSL VPN

VPN > SSL VPN

Select the incoming interface, the default port is 10443. And up to your requirement to select Full Tunnel or Split Tunnel.

For example: We pick up Split Tunnel and allows to access 192.168.100.0/24

The default Address Pool is 192.168.51.0/24 and select the User who can access SSL VPN

Type 2: Set up iKEv2 VPN

VPN > IPSec VPN > Remote Access VPN

Select the incoming interface. And up to your requirement to select Full Tunnel or Split Tunnel.

For example: We pick up Split Tunnel and allows to access 192.168.100.0/24

The default Address Pool is 192.168.50.0/24 and select the User who can access ikev2 VPN.

Set up RemoteAccess on TGB Client

The new TGB Client merge SSLVPN and ikev2 VPN. You don’t need additional software for each other.

Input the Gateway Address, Username and password to fetch configuration file.

You will obtain ikev2 as well as SSLVPN settings.

Test SSLVPN Tunnel

Right click the profile and “Open Tunnel” and log in.

You will see the profile being green and can access internal resource now.

Test ikev2 Tunnel

Right click the profile and “Open Tunnel” and log in.

You will see the profile being green and can access internal resource now.

Setup Policy Control Rule

Secure Policy > Policy Control

Since the default IKEv2 and SSL VPN tunnels automatically allow access to the intranet after establishment, it is advisable to add policy control rules to restrict traffic to other networks.