routing traffic

Denis Posts: 13  Freshman Member
First Anniversary First Comment
edited April 2021 in Security


My name is Denis. We configured wifi hotspots and hotspot on Zywall 310. Briefly:

The wifi network is open, the gateway is Zywall 310, it runs hotspot with web authentication, access points connected to a separate port have any to wan settings and some settings related to radius authentication.

Now we need to configure wifi in an office located in another part of the city, our offices are connected via Ipsec, connection scheme:

wifi office2> office2 USG 20 VPN> ipsec> zywall Office1> ZywallLanOffice1> Spare Zywall Office1> Wifi Office1

We plan to replace zywall Office1 with Spare Zywall Office1.

What do we want:

We need wifi office2 to authenticate to Wifi Office1 and traffic to go through it, so that Wifi Office1 is the “gateway” for wifi office2.

Unfortunately, I have not implemented such a connection scheme before.


  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,450  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @Denis

    It’s ok to route the WiFi traffic from office2 to zywall Office1 in site to site VPN scenario.

    But you cannot set the web authentication portal on office 1 for office 2 lan wifi, because the web authentication cannot set incoming interface from VPN tunnel for web Auth. 

    In this scenario, you need to set up web authentication at site office2.

Security Highlight