Problem with port forwarding

suppBNJ
suppBNJ Posts: 1
edited April 2021 in Security

Hello Zyxel Community,

I have an USG20-VPN. I made a rule that ALLOW acces to my ZYWALL device from ANY.

When I do a test from our VPN, I can't access . However, the logs indicate that the access is FORWARD with my vpn ip address.

I have another USG20-VPN with similary rules, same version and I didn't have any problem.

Have you any idea for my problem ?

Z

All Replies

  • Zyxel_Emily
    Zyxel_Emily Posts: 911  Zyxel Employee

    Hi @suppBNJ,

    What is the type of the VPN? Is it site to site VPN, L2TP VPN or SSL VPN?

    We don't suggest you use the rule from any to ZyWALL for all services because of security concerns.

    Make sure the action of default security policy rules IPSec_VPN_to_Device and SSL_VPN_to_Device are allow for any source/destination/service/user.

    For site to site VPN and L2TP VPN, the zone of the VPN connection must be "IPSec_VPN".

    The assign IP pool for L2TP VPN users cannot conflict with any WAN/LAN/DMZ subnet. 

    For SSL VPN, make sure the LAN subnet is moved to the selected address objects.

    The assign IP pool for SSL VPN users cannot conflict with any WAN/LAN/DMZ subnet. 

    If all settings are configured correctly but it is still unable to work, share the network topology including the IP/subnet of the VPN and the startup-config.conf with me in private message.

Security Highlight