how to create vpn ssl with client openvpn

Options
Publidok2022
Publidok2022 Posts: 2  Freshman Member
Second Anniversary
in Security

Accepted Solution

All Replies

  • PeterUK
    PeterUK Posts: 3,887  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Only the FLEX H models supports client openvpn

  • Dpj
    Dpj Posts: 146  Ally Member
    First Comment Friend Collector Second Anniversary
    edited June 9

    i'm also testing with open vpn. What i found the easiest way: (im only using windows)

    I have an USG Flex 50h

    VPN - SSL VPN

    image.png image.png

    object - services - Service groups

    Default_Allow_WAN_To_ZyWALL

    Add SSLVPN to this group

    I created an group SSL-VPN-USERS

    And added an new User to it.

    image.png

    Click User Authentication

    image.png

    I think this were al the steps in de usg flex 50

    Then download this client:

    Community Downloads - Open Source VPN | OpenVPN

    just this one, because this one supports running scripts.

    So i created an batchfile

    @echo off
    start "" "msedge.exe"     https://192.168.1.1:300 ←information from the delivery settings here above.

    And saved it as c:\openvpn\test.bat

    download the ovpn config file inside the USG Flex50, and add these lines:

    script-security 2
    up "C:\\OpenVPN\\test.bat"

    offcourse, point to your location and script.

    after it, you could setup an connection to your usg flex, and after it connects, it directly opens the portal where you have to insert the OPT key.

  • Dpj
    Dpj Posts: 146  Ally Member
    First Comment Friend Collector Second Anniversary
    edited June 9

    have not fully tested it, but i think this should work.

    @Zyxel_Melen end of this year i heard vpn will also be available in nebula for the FlexH series. Will open vpn also supported then? I realy hope so!

    yours Dennis

  • Zyxel_Judy
    Zyxel_Judy Posts: 2,317  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula
    edited June 10 Answer ✓

    Hi @Publidok2022 ,

    ZLD firewall models (USG FLEX/ ATP…) don't support client openVPN, while uOS firewalls (H series) does.

    This article will guide you on how to configure an SSL VPN connection with the OpenVPN Connect client on USG FLEX H.

    https://community.zyxel.com/en/discussion/20526/how-to-configure-ssl-vpn-connection-with-openvpn-connect-client

    Zyxel_Judy

  • Zyxel_Judy
    Zyxel_Judy Posts: 2,317  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @Dpj ,

    Currently, USG FLEX H users can only configure site-to-site VPN through Nebula.

    We plan to support remote IKEv2 VPN and OpenSSL VPN on Nebula in October 2025. To know exactly when these features are released, please follow the Security News & Releases section.

    Zyxel_Judy

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)