VPN conection
Hi,
The scenario is:
local: pc win10, zywall ipsec vpn client
remote: router wan ip dynamic lan ip 192.168.1.1 with port 500, 4500, 50,51 fwd to usg40 wan ip 192.168.1.3 and lan ip 10.1.1.0/24
I tried both ipsec configuration manual and wizard and from local client I'm able to open VPN tunnel with usg but I'm not able to ping internal ip at all
My goal is to see the internal resource like server and printer when the VPN is up and running.
thanks a lot in advance
Simone
All Replies
-
Hi @simone
Can you disable firewall rule temporarily for testing and try it again?
This can help us to clarify if your packets are dropped by one of the rules.
Engage in the Community, become an MVP, and win exclusive prizes!
0 -
Hi Jerry,
I tried but I got the same result.
I found this troubleshooting note :
Make sure there are no IP conflicts. If the ZyWALL network is configured to use the 192.168.1.0/24 network and the remote user is also using the same IP scheme, traffic will not route through the VPN tunnel properly.
Hence I assigned a VPN client address on different subnet and it started to work.
I attached the client screenshot configuration and "ipconfig /all" result.
I'm not able to assign the ip address to the vpn client, do you have some suggestion?
Moreover are there vpn clients free? Zwall IPSec VPN client is not free.
thx
Simone
0 -
Hi @simone
To assign IP address to VPN client.
Go to Configuration > VPN > IPSec VPN > VPN Coneection > select the rule > Edit
Enable Mode Config to assign IP address Pool
Then go to IKEv1 Gateway > Advanced to enable Mode Config
Then can get assign IP from the device after tunnel established
The IPSec VPN Client is the suggested utility to be used to build the IPSec VPN tunnel with the device. If the another 3rd party follows IPSec VPN standard, it should be able to connect theoretically
If you are not able to use ZyWALL IPSec VPN client
I suggest to use Win10 built-in L2TP VPN to connect to the device,
Here is the reference guide of how to build up L2TP VPN tunnel.
https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=015533&lang=EN
Engage in the Community, become an MVP, and win exclusive prizes!
0 -
Hi Jerry,
I tried to config L2TP, but I'm not able to connect (surely it's my configuration fault) due to this error log
Match default rule, DROP
thx
Simone
0 -
Hi @simone
After trying to build up L2TP VPN.
Can you screenshot the View Log page for us?
Go to Monitor > Log > View Log and select Category : IKE
Engage in the Community, become an MVP, and win exclusive prizes!
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight