IPSEC vpn up, but no traffic only certain internet connection
Hello, everyone,
I have a connection problem with the IPSEC VPN.
i manage some networks with zyxel usg flex 200, on which i have configured the ipsec vpn. from my office i can connect to all of them without problems using ZyWALL IPSec VPN Client, while from home on some connections it's all ok and on others the vpn is up, but there is no traffic. i suppose it's a problem related to my isp and the remote ips is it possible?
i think the vpn is configured correctly as from my office or using my smartphone as a hotspt everything works fine.
i've searched online for many guides and solutions, but none have worked.
thanks to all.
Accepted Solution
-
Hi everyone, i found the problem, the ISP router in sites C and D (that is connected to the wan port of the firewalls) was using the same ip subnet for the LAN that i use at home, i changed it and now it works.
thanks everyone for the support.
0
All Replies
-
Hi @DeNino
Welcome to the Zyxel community. While you are unable to access the internet through the VPN tunnel from your home, is there any blocked message that can be observed? Can you ping the firewall's intranet LAN clients normally? Are other people experiencing the same problem as you? Thanks.
0 -
hi @Zyxel_Jeff, thanks for your reply.
i don't see any blocking messages, and on the ZyWALL IPSec VPN Client software the connection is stalibited and green, but i can't ping any clients on the other side.
the strange thing is that if I connect from the office to the other sites A, B, C, or D the VPN is active and I reach the devices in all the sites. while from home even if the VPN is active on A, B, C, and D I only reach the devices in sites A and B, but not those in C and D.
so I think the VPN configurations are right on all remote firewalls, and maybe it's a problem related to my ISP.
I'm missing something, but I can't figure out what.0 -
Hi @DeNino
OK, thanks for your update. Please check the IPsec VPN related security policies and route settings on the USG Flex 200 to see if you have allowed the IPsec VPN client IP ranges to access sites C and D. Thanks.
0 -
Hi everyone, i found the problem, the ISP router in sites C and D (that is connected to the wan port of the firewalls) was using the same ip subnet for the LAN that i use at home, i changed it and now it works.
thanks everyone for the support.
0
Zyxel Employee
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 86 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 917 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 419 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
