What's the next step after opening a VPN tunnel?

Szatimu Posts: 6
First Comment
edited April 2021 in Security
Hello Anyone,

Maybe it's a silly question, but I never used a VPN connection.
I'd like to connect "travelling employees" to the local network (domain) of my small business office.
I establised the client-to-site Tunnel (IPSec, IKEv1) to the USG20-VPN device, everything is fine, all lights are green, VPN is "open" (with ZyWALL IPSecVPN Client software).
Now what? Somehow every tutorial stops here. How can I access shared forlders, local machines...etc. on the site network?
On site, normally I have to sign in the Domain with username and password. Where can I make this identification process using the VPN at home, to browse the office LAN? Do I need other software for it (built-in Windows for examle)? And how?
(using ZyXEL USG20-VPN firewall, Windows Server 2016 DC, Win10 clients)

Thank you in advance.

Accepted Solution

All Replies

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    If the local server is not in the IP address of local policy, you need to create the policy route to redirect client to access in.
    Example, if your server IP address is, you need to create IP address on device, and configure the routing as following

  • Dear Charlie,

    Thank you for your kind answere.
    I made the policy with the suggested parameters and I got the following error message:
    Unfortunately, I don't understand exactly this "Next-Hop" thing.
    We have a Gateway (supplied by our ISP, a router configured as gateway set to DMZ mode) in front of the ZyXEL USG20 device.
    Maybe it'll help you to specify the solution.

    Thank you again.

  • Yes! Ian31's solution woks perfectly! Even without making any policy stuff.
    Many thanks to both of you!

Security Highlight