SSL client access problem

Options
Ondrej
Ondrej Posts: 5
First Anniversary First Comment
edited April 2021 in Security
HI.
Scenario: I created two VPN tunel:

Branch office1 to HQ   site-to-site          /usg60W-usg310/
Branch office2 to HQ   site-to-site with  dynamic peer /ISP dont have static IP/
VPN tunnels established and works.
Policy route created on all routers:

When SSL clients connect to HQ,  can  access Branch1, but cannot browse Branch2.
They must log in HQ computers and then to Branch2
Full tunnel enabled, all Network site is in Selected Address Objects
 

Thx.
Ondrej



Comments

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,376  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @Ondrej  

    For routes SSL VPN client traffic into Branch2, then site to site VPN tunnel is required.

    If WAN connection is dynamic IP address, then you can use “DDNS” first. (i.g. No-IP, DDNS.....etc)


    And enter the FQDN into VPN setting. Then the rule can change as site to site rule.


    After setup it, then SSL VPN client traffic should able route to Branch2 without problem.

    Share yours now! https://bit.ly/4aO0BMF

    Stanley

  • Ondrej
    Ondrej Posts: 5
    First Anniversary First Comment
    Options
    THX.
    Ondrej

Security Highlight