Usg110 to usg60 ipsec Tunnel

jannisb
jannisb Posts: 11
edited April 14 in Security

Hello i m try in to setup an ipsec Tunnel. From A Usg110 with A static Adress to A usg60 which is behind a nat Router with A dynamic Adress.

Is this even possible? Can i use dyndns on the side of the dynamic Adress for the NAT Router or the usg60?

If this would Work i could build A site to. Site Tunnel.

If not can i build A site with dynamic peer Tunnel?

Comments

  • Ian31
    Ian31 Posts: 147  Ally Member

    If USG60W is behind NAT,

    Here the recommend solution,

    1. On the NAT router need to configure port forwarding UDP500,UDP4500 mapping to WAN IP of USG. On USG110, you can use site-to-site with static IP or DDNS for USG60W.
    2. If you cannot configure the NAT router. Then, on USG110 using site-to-site with dynamic peer for USG60W.

    Note: Please configure the IPSec Phase 1 local id on USG60W to type DNS and give a

    unique string as id. So that USG110 can easy identify the peer.

    image.png


Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!

Sign In Register

Categories

Zyxel Help Center

  • FAQ
  • Education Center
  • Video Tutorials
    • EnglishРусский中文(台灣)