Support Request: Disable SSL VPN Gateway on USG FLEX 100H

Options
markracing
markracing Posts: 4  Freshman Member
First Comment
in USG FLEX H Series

Hello,

I have a Zyxel USG FLEX 100H and I'm currently using SSL VPN. I would like to ask if it's possible to configure the VPN so that connected clients use their own public IP address for internet access, rather than routing traffic through the firewall's public IP (gateway).

Essentially, I'm looking for a way to disable the VPN gateway or bypass NAT, so that remote users connected via SSL VPN do not appear to be behind the firewall when accessing external services.

Is this configuration possible? If so, could someone please guide me on how to achieve it?

Thank you in advance for your support.

All Replies

  • zyman2008
    zyman2008 Posts: 230  Master Member
    25 Answers First Comment Friend Collector Seventh Anniversary

    Hi @markracing,

    Using split tunnel instead of full tunnel.

    image.png
  • markracing
    markracing Posts: 4  Freshman Member
    First Comment

    Hi,
    by doing this, I'm not able to browse the internet using my public IP when connected remotely. I can see that two private subnets have been allowed in the split tunnel configuration.
    How can I also enable my internet traffic to go through my home connection?

    For example: I'm at home, I connect to the VPN, but I want my internet traffic to continue using my home public IP.

    Thanks!

  • PeterUK
    PeterUK Posts: 3,879  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Did you re-download the VPN script for the client?

  • zyman2008
    zyman2008 Posts: 230  Master Member
    25 Answers First Comment Friend Collector Seventh Anniversary

    Hi markracing,

    "I'm at home, I connect to the VPN, but I want my internet traffic to continue using my home public IP. "

    This is what's split tunnel doing.

    With split tunnel, the VPN server(USG FLEX 100H) will not provide you default route. So that the default gateway is router at your home. And go to Internet with public IP of your home router.

    The VPN server(USG FLEX 100H) only provide the route to VPN server's local networks you add.

    Only the traffic go to local networks will go into the VPN tunnel.

  • Zyxel_Tina
    Zyxel_Tina Posts: 59  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 5 Answers First Comment

    Hi @markracing,

    To better understand the issue you're experiencing, we have replicated the SSL VPN setup on our end. Everything functioned as expected, as shown in the screenshot below.

    image.png

    Please remember to download your SSL VPN configuration file after completing the setup, and then apply it to the VPN client on your computer.

    image.png

    Zyxel Tina

  • markracing
    markracing Posts: 4  Freshman Member
    First Comment

    Resolved. THX

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)