how to create vpn ssl with client openvpn

Publidok2022

PeterUK

Only the FLEX H models supports client openvpn

Dpj

i'm also testing with open vpn. What i found the easiest way: (im only using windows)

I have an USG Flex 50h

VPN - SSL VPN

object - services - Service groups

Default_Allow_WAN_To_ZyWALL

Add SSLVPN to this group

I created an group SSL-VPN-USERS

And added an new User to it.

Click User Authentication

I think this were al the steps in de usg flex 50

Then download this client:

Community Downloads - Open Source VPN | OpenVPN

just this one, because this one supports running scripts.

So i created an batchfile

@echo off
start "" "msedge.exe" https://192.168.1.1:300 ←information from the delivery settings here above.

And saved it as c:\openvpn\test.bat

download the ovpn config file inside the USG Flex50, and add these lines:

script-security 2
up "C:\\OpenVPN\\test.bat"

offcourse, point to your location and script.

after it, you could setup an connection to your usg flex, and after it connects, it directly opens the portal where you have to insert the OPT key.

Dpj

have not fully tested it, but i think this should work.

@Zyxel_Melen end of this year i heard vpn will also be available in nebula for the FlexH series. Will open vpn also supported then? I realy hope so!

yours Dennis

Zyxel_Judy

Hi @Publidok2022 ,

ZLD firewall models (USG FLEX/ ATP…) don't support client openVPN, while uOS firewalls (H series) does.

This article will guide you on how to configure an SSL VPN connection with the OpenVPN Connect client on USG FLEX H.

https://community.zyxel.com/en/discussion/20526/how-to-configure-ssl-vpn-connection-with-openvpn-connect-client

Zyxel_Judy

Hi @Dpj ,

Currently, USG FLEX H users can only configure site-to-site VPN through Nebula.

We plan to support remote IKEv2 VPN and OpenSSL VPN on Nebula in October 2025. To know exactly when these features are released, please follow the Security News & Releases section.