Struggling with SSL-VPN Setup / Policies
Hello Experts,
I'm pretty new to the USG Flex 100H and I'm struggling with setting up SSL-VPN on my USG Flex 100.
Setup:
- USG FLEX 100H, Firmware 1.10(ABXF.1)
- WAN GE1 → VLAN on top of it for PPPoE provider connection (ID7; static IP)
- LAN GE3, 192.168.10.0/24, VLAN110 (192.168.110.0/28, internal server), VLAN120 (192.168.120.0/28, Printer)
- VPN-Client-software: OpenVPN / SecuExtender
- VPN-User created, VPN-Usergroup created, no split tunnel, addressrange set to 192.168.200.x in SSL-setup
SSL-VPN Setup was done so far and - long story short:
Turning the default rule (bottom of policy list, any-any) from "deny" to allow (just for tests) it works.
In my opinion I need to create some policy rules by hand to get it work. I thought this is created automatically as soon as all fields are filled within SSL-Setup. Can anybody help with that?
Since the GUI has changed most of all tutorials are nearly useless…
Thanks in advance
Sebastian
Accepted Solution
-
SecuExtender don't work with H models that 4.0.5.0
Depending what interface this is likely WAN you add a rule from WAN to Zywall port 10443
2
Guru Member
All Replies
-
SecuExtender don't work with H models that 4.0.5.0
Depending what interface this is likely WAN you add a rule from WAN to Zywall port 10443
2 -
Awesome! Thanks Peter, you saved me from spending hours in trial and error.
0
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 79 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 909 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 209 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 898 Nebula FAQ
- 415 Security FAQ
- 234 Switch FAQ
- 205 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight
