/* * These styles apply ONLY to the header and footer assets. */ * { padding: 0; margin: 0; box-sizing: border-box; } .footer { background: #545454; color: #cdcdcd; font-size: 14px; line-height: 1.5; padding: 18px 0; } .footer-wrap { padding-left: 18px; padding-right: 18px; max-width: 1236px; margin: 0 auto; } .footer a { color: #cdcdcd; text-decoration: none; } .footer a:hover { color: #cdcdcd; text-decoration: none; } .footer-row { display: flex; flex-wrap: wrap; justify-content: space-between; align-items: center; margin: -3px; } .footer-col { padding: 0 3px; } .footer-col-copyRight { justify-content: flex-start; } .footer-col-logo { justify-content: flex-end; } .footer-col-logo a { margin-right: 10px; } .footer-col-copyRight, .footer-col-logo { flex: 1; display: flex; } .logo { width: 120px; height: 28px; opacity: 0.6; } @media screen and (max-width: 768px) { .footer-row { display: block; } .footer-col { width: 100%; text-align: center; margin: 6px 0; } .footer-col:first-child { margin-top: 0; } .footer-col:last-child { margin-bottom: 0; } .footer-col-copyRight, .footer-col-logo { justify-content: center; } .logo { margin: 0 auto; } } /*# sourceMappingURL=styles.css.map */ <iframe src="https://www.googletagmanager.com/ns.html?id=GTM-KSB6LQH" height="0" width="0" style="display:none;visibility:hidden"></iframe>

Contacting a spesific network when on VPN

TES

TES Posts: 1

May 2019 edited April 2021 in Security

I'm currently having my users connecting to our USG-310 with SSL VPN so they are able to get access to local resources, but they are unable to contact another subnet which a spesific service are running on (site-to-site VPN)

I've tried adding the VPN-Destination subnet to the network list under the SSL VPN policy and even secuextender list the correct network but still are unable to contact that network, do i need to do some routing here to make this work?

Member is the VPN group network the secuextender is joingin
Destination address is the subnet i want them to be able to access

Image: https://us.v-cdn.net/6029482/uploads/editor/dj/pjs45d97gfm4.png

Hopefully this makes sense, not to known with the VPN part of networking etc yet

0

All Replies

Ian31 Posts: 165

Master Member

May 2019

@TES,
You need to select the Site-to-Site VPN tunnel as Next-hop.
Also, on the peer VPN gateway to configure the return route rule as well.

0
Zyxel_Stanley Posts: 1,296

Zyxel Employee

May 2019

Hi @TES

Your topology should be like this:

SSL VPN Client------USG#1====[VPN]====USG#2

At currently SSL VPN client is able access to network resource behind USG#1, but unable reach to USG#2.

You have to add policy route on both of USGs.

On USG#1

Add policy route to route SSL VPN client traffic to USG#2.

Source: SSL VPN IP Pool, Destination: USG#2 IP Subnet, Next Hop: VPN tunnel, SNAT: none.

On USG#2

Add policy route to route traffic back to SSL VPN client.

Source: any, Destination: SSL VPN IP Pool, Next Hop: VPN tunnel, SNAT: none.

After added these rules on both of USG, then SSL VPN client should able access to network resource behind USG#2.

0

Security Highlight

Security Help Center

Monthly Express

Threat Intelligence

Video Tutorials

EnglishTiếng ViệtРусскийไทย中文（台灣）

/* * These styles apply ONLY to the header and footer assets. */ * { padding: 0; margin: 0; box-sizing: border-box; } .footer { background: #545454; color: #cdcdcd; font-size: 14px; line-height: 1.5; padding: 18px 0; } .footer-wrap { padding-left: 18px; padding-right: 18px; max-width: 1236px; margin: 0 auto; } .footer a { color: #cdcdcd; text-decoration: none; } .footer a:hover { color: #cdcdcd; text-decoration: none; } .footer-row { display: flex; flex-wrap: wrap; justify-content: space-between; align-items: center; margin: -3px; } .footer-col { padding: 0 3px; } .footer-col-copyRight { justify-content: flex-start; } .footer-col-logo { justify-content: flex-end; } .footer-col-logo a { margin-right: 10px; } .footer-col-copyRight, .footer-col-logo { flex: 1; display: flex; } .logo { width: 120px; height: 28px; opacity: 0.6; } @media screen and (max-width: 768px) { .footer-row { display: block; } .footer-col { width: 100%; text-align: center; margin: 6px 0; } .footer-col:first-child { margin-top: 0; } .footer-col:last-child { margin-bottom: 0; } .footer-col-copyRight, .footer-col-logo { justify-content: center; } .logo { margin: 0 auto; } } /*# sourceMappingURL=styles.css.map */