Zywal 310 VPN routing over different subnets?

KMP
KMP Posts: 17  Freshman Member
edited April 2021 in Security

We have the following setup on our Zywall 310:

LAN: 192.168.x.x/24

IPSec VPN site2site tunnel:

IPSec VPN tunnel local policy: 192.168.x.x/24

IPSec VPN tunnel remote policy: 10.0.x.x/24


VPN Client setup:

VPN client setup: 10.100.x.x/28


Our office has a few remote employees connecting with a client-vpn to local network (192.168.x.x/24). We would like to route these client connections for certain traffic through our existing VPN site2site tunnel for a remote service @ 10.0.x.x/24

What options do we have?

For instance we cannot add a second "local policy" (10.100.0.x/28) to the existing s2s tunnel. Should we then create a new vpn s2s tunnel with a local policy of 10.100.0.x/28?

We tryed to setup SNAT for vpn-client source addresses but it would not work.

Hoping someone could help us.

Thanks!

All Replies

Security Highlight