Struggling with SSL-VPN Setup / Policies

Options

Hello Experts,

I'm pretty new to the USG Flex 100H and I'm struggling with setting up SSL-VPN on my USG Flex 100.

Setup:
- USG FLEX 100H, Firmware 1.10(ABXF.1)
- WAN GE1 → VLAN on top of it for PPPoE provider connection (ID7; static IP)
- LAN GE3, 192.168.10.0/24, VLAN110 (192.168.110.0/28, internal server), VLAN120 (192.168.120.0/28, Printer)
- VPN-Client-software: OpenVPN / SecuExtender
- VPN-User created, VPN-Usergroup created, no split tunnel, addressrange set to 192.168.200.x in SSL-setup

SSL-VPN Setup was done so far and - long story short:
Turning the default rule (bottom of policy list, any-any) from "deny" to allow (just for tests) it works.

In my opinion I need to create some policy rules by hand to get it work. I thought this is created automatically as soon as all fields are filled within SSL-Setup. Can anybody help with that?

Since the GUI has changed most of all tutorials are nearly useless…

Thanks in advance
Sebastian

Accepted Solution

  • PeterUK
    PeterUK Posts: 2,863  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited December 2023 Answer ✓
    Options

    SecuExtender don't work with H models that 4.0.5.0

    Depending what interface this is likely WAN you add a rule from WAN to Zywall port 10443

All Replies

  • PeterUK
    PeterUK Posts: 2,863  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited December 2023 Answer ✓
    Options

    SecuExtender don't work with H models that 4.0.5.0

    Depending what interface this is likely WAN you add a rule from WAN to Zywall port 10443

  • DJWindows
    DJWindows Posts: 4
    First Comment
    edited December 2023
    Options

    Awesome! Thanks Peter, you saved me from spending hours in trial and error.

Security Highlight