Restrict access to specific vlan - windows inbuilt client
Hi!
I've successfully managed to setup an ipsec/ikev2 vpn using windows 10 native client following this guide:
https://support.zyxel.eu/hc/it/articles/4439075779090-VPN-Configurare-IKEv2-IPSec-con-certificato-su-Android-iPhone-iOS-Windows-MacOS
Now I'd like to restrict the landing subnets for vpn clients. I've tried to change the "local policy" to the vlan subnet (in vpn - ipsec vpn- vpn connection - edit - local policy) to the specific vlan i'd like to give access to the clients. It works, once connected, a client can ping and reach the whole selected vlan and cannot reach anything else, but It can't also reach internet anymore. What should I change to make the clients reach a specific vlan and also internet?
All Replies
-
Set local policy to 0.0.0.0
Use control policy to Restrict VPN zone to VLAN and WAN
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight