SSL VPN and gateway

damianodec
damianodec Posts: 42  Freshman Member
First Anniversary Friend Collector First Comment
edited April 2021 in Security

hi,

I had configure on my company a VPN SSL connection and it works (I have a USG40)

I connect from house to my company.

In my company there is a windows 2019 server (192.168.6.10) and USG40 (192.168.6.254), on WS2019 there is a domain controller and all pc inside company get IP address from DHCP server.

this is VPN SSL configuration:

on DNS server 1 I put WS2019 IP address


when I connect notebook from my wifi house by Zyxel secuExtende I get this IP address:

but I'd like that gateway get 192.168.6.254 (USG40).

How can I do it?

thankk you fo help.

All Replies

  • PeterUK
    PeterUK Posts: 2,697  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    The gateway IP shouldn't matter but if you go to VPN > SSL VPN > Global settings tab in Network Extension Local IP put in 192.168.6.254

  • damianodec
    damianodec Posts: 42  Freshman Member
    First Anniversary Friend Collector First Comment

    thank you @PeterUK

    I need to connect my notebook from home to AD domain in my company. We have a application that need to internet connection to works.

    from notebook in my home if I do not put 192.168.6.254 tha app does not work with that gateway it works.

    I'd like that when I connect by SSL VPN my notebook link to AD domain inside company.

    I'm try this: https://businessforum.zyxel.com/discussion/1011/how-to-configure-usg-series-to-authenticate-ssl-vpn-client-with-microsoft-active-directory

    configuration validation test for my username inside ad domain is ok

    I try by securExtender with this values

    server: IP pubblic

    username e password: the same to connect to ad domain

    but it does not connect:


  • PeterUK
    PeterUK Posts: 2,697  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    Really you should not overlap the VPN subnet in a subnet thats LAN1 but in a test I did.

    LAN1 192.168.255.202/255.255.255.192

    SSL range 192.168.255.194-192.168.255.195

    Network Extension Local IP 192.168.255.202


  • damianodec
    damianodec Posts: 42  Freshman Member
    First Anniversary Friend Collector First Comment

    thank you @PeterUK

  • damianodec
    damianodec Posts: 42  Freshman Member
    First Anniversary Friend Collector First Comment

    hi @PeterUK for AD server how can I to solve?

  • PeterUK
    PeterUK Posts: 2,697  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    Not sure about the AD server

Security Highlight