SSL client access problem

Ondrej
Ondrej Posts: 5  Freshman Member
First Comment Fourth Anniversary
edited April 2021 in Security
HI.
Scenario: I created two VPN tunel:

Branch office1 to HQ   site-to-site          /usg60W-usg310/
Branch office2 to HQ   site-to-site with  dynamic peer /ISP dont have static IP/
VPN tunnels established and works.
Policy route created on all routers:

When SSL clients connect to HQ,  can  access Branch1, but cannot browse Branch2.
They must log in HQ computers and then to Branch2
Full tunnel enabled, all Network site is in Selected Address Objects
 

Thx.
Ondrej



Comments

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,379  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary

    Hi @Ondrej  

    For routes SSL VPN client traffic into Branch2, then site to site VPN tunnel is required.

    If WAN connection is dynamic IP address, then you can use “DDNS” first. (i.g. No-IP, DDNS.....etc)


    And enter the FQDN into VPN setting. Then the rule can change as site to site rule.


    After setup it, then SSL VPN client traffic should able route to Branch2 without problem.

  • Ondrej
    Ondrej Posts: 5  Freshman Member
    First Comment Fourth Anniversary
    THX.
    Ondrej

Security Highlight