USG Flex 200 v5.39 SSL VPN with SecuExtender 4.0.5.0

Boiler1976 · October 23

Greetings, i need help with creating a SSL VPN access on my new USG Flex 200.
I come from a Zywall 110, where SSL VPN is working properly. I tried to configure the 200 the same way, but some settings are different or not available at all. For example, the 110 has a checkbox to enable network extension, the 200 does not have this.

for comparison, here is the working 110 config

would anyone be able to offer some advice? thank you very much!

PeterUK · October 23

Likely you need to change the IP pool?

The enable network extension is likely enabled by default on FLEX 200 I think

Boiler1976 · October 23

thank you for replying! change ip pool how? sorry for not understanding…

PeterUK · October 23

If you look at the SSLVPN option you have for Assign IP Pool to 192.168.1.101-192.168.1.199 which may conflict I suggest a IP subnet like 192.168.250.0/255.255.255.0 for the IP pool

Boiler1976 · October 23

interesting…that is a different strategy compared to the working 110 config, which is in the same range as the subnet (in that case both are 192.168.117.0). i will try with your suggestion on the 200

Boiler1976 · October 23

unfortunately, this did not work. there is just no reaction when i try to connect with SecuExtender

Boiler1976 · October 23

i narrowed it down…if i deactivate policy control, the connection is established. but i don't which policies to change or add in order to make it work with an activated firewall….

does anyone maybe have an idea? i checked on my 110 and everything seems to be the same as far as i can tell….