How could I access to domain shares through IPsec VPN?

Szatimu Posts: 6
First Comment
edited April 2021 in Security

I'd like to connect "travelling employees" to the local office domain network.

- USG20-VPN device, ZyWALL IPSec VPN client program
- we have a Gateway (supplied by our ISP, it’s a router configured as gateway set to DMZ mode) in front of the ZyXEL USG20 device
- Windows Server 2016 Essential DC, Win10 clients

First I have tried with IKEv1 IPSec connection. Every connecting lights are green but it stops in "Sending Phase2 hash".

Than I've tried IKEv2, everything is fine, all lights are green, VPN is "open", but than nothing happens. I can't connect to shared objects, I couldn't find the local dc or other pc even (IP address or computer name - doesn't matter).

Funny thing, that I succeeded to establish the VPN connection earlier on my home laptop, but I upgraded from win10 home to pro with OS reinstall, after that I couldn't repeat it.
Although, I guess it's rather a server side problem, some setting on the DC...but I'm not an expert at all.

I've tried over many tutorials to set up the VPN again in several variations (made policy route or not, add DNS suffix and dc IP address as DNS or not vice versa), same results.

I would appreciate any help.
Thank you in advance.

All Replies

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment

    The 2016 AD server is not fully supported by Zywall yet. Zywall can support 2012 AD Server currently. 


Security Highlight