Is it possible to add several subnet in a remote policy?
Hello.
I have a tunnel, between a zyxel usg 20 and a sonicwall firewalls. The tunnel is up. What I need to do next is to allow zyxel side to access several subnets on the sonicwall side. As I see, when defining the VPN connection, in the remote policy section, I can choose only one subnet. It is not possible to choose, for example, a group objects which contains several subnets.
Does anyone know how to bypass this issue and configure several subnets on a VPN tunnel on a zyxel usg?
Thank you in advance!
Accepted Solution
-
Hi @alexia_net
You can base on same VPN phase 1 profile to create multiple phase 2 profile for each subnet.
Both VPN phase 2 profile based on same phase 1 VPN Gateway, one is for remote subnet 192.168.20.1/24, another is for subnet 192.168.10.0/24
5
Zyxel Employee
All Replies
-
Hi @alexia_net
Welcome to the forum :)
You can see a procedure how to do it on the following document:
https://www.conetec.su/upload/iblock/ed1/ZyWALL_USG_ZLD.pdf
Page 44
I hope it helps
Regards
1 -
Hi @alexia_net
You can base on same VPN phase 1 profile to create multiple phase 2 profile for each subnet.
Both VPN phase 2 profile based on same phase 1 VPN Gateway, one is for remote subnet 192.168.20.1/24, another is for subnet 192.168.10.0/24
5 -
Hello Cooldia,
This is what I have done as well. :)
Thank you all for your answers.
Best regards!
0
Master Member
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 74 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 334 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 228 Switch FAQ
- 198 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight
