How do I set up NAT port forwarding for remote AP usage on the firewall?
Zyxel Employee
Scenario :
Users may wish to use the remote AP service behind a NAT scenario. For example, in the topology below, the remote AP will establish a VPN service to the destination firewall USG Flex 100.
Remote AP === internet === USG Flex 200 === (NAT ports forwarding) === USG Flex 100
Users may wonder how to set up NAT port forwarding on the USG Flex 200. This article will guide you on how to execute it.
Answer :
The remote AP service is based on VPN-related protocols, so users should configure a VPN-related service group that includes AH, ESP, IKE, and NATT services. The USG Flex 200 should execute NAT port forwarding on these ports toward the internal host USG Flex 100.
STEP 1:
Navigate to Object>Service > Service Group > to add a service group that includes AH, ESP, IKE, and NATT services.
STEP 2:
Navigate to Network > NAT > to add a NAT port rule for the internal host USG Flex 100(192.168.11.34).
STEP 3:
Navigate to Security Policy > Policy Control > to add a security policy to allow the Remote AP service to be forwarded to the internal host USG Flex 100 normally.
Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 246 Service & License
- 383 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight