Zywall 110 VPN access using port 4.

Alex_Family
Alex_Family Posts: 8
First Comment
edited April 2021 in Security
I have a Zywall110. I am connected on the WAN1 to my dedicated IP address and have sucesfully connected to the Zywall. I am plugged into P4 that is connected to my Netgear switch that is connected to my LAN. How can I get my VPN connection that I have with the Zywall gain access to my LAN?
«1

All Replies

  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    If you done a VPN for Remote Access (Server Role) on the WAN with a device connected by VPN you need to make a firewall rule (policy control) for from IPSec_VPN to LAN1.


  • Thank you Peter! Could you tell me where I create this policy? Is this an object? Im trying my hardest to do this in the KB but Im coming up short. 
  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    for your  VPN for Remote Access (Server Role) in VPN > IPSec VPN your VPN IPSec_VPN set for related settings

    Then make a firewall rule

  • thank you I think I have the settings right. One last thing and I cant thank you enough. Where do I make this firewall rule? 
  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    settings > security policy > Policy control
  • Peter,Thank you I have learned a whole lot. thank you thank you!
  • After much trying... I still cannot see my network. Maybe I can give you some more info. Im not sure what is not working. 
  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    What is LAN1 subnet on the Zywall110?
    What is the subnet of the remoter PC before connecting to the VPN?
    what is the L2TP VPN IP address pool set to?
  • My router on the Lan has an IP range of xxx.xxx.87.20 - xxx.xxx.87.250 I have reserved the set xxx.xxx.87.10-15 for VPN clients to use when on the network. 

    Lan Router is 192.168.87.1 Nest WIFI connected to a 24 port switch. The Zyzel is plugged into this switch also through LAN1 P4

    1) The LAN1 subnet is set to 192.168.1.1/255.255.255.0 - I am finding that information at Config/interface/lan1

    2) The L2TP VPN IP address pool 
    RANGE, 192.168.87.10-192.168.87.15 

    3) The Subnet of my laptop at home before connecting to my Zyxel at my work is 192.168.1.x

    My goal is to log-into the Zyxel with an IP address within the range I set and have that Ip address access the LAN as if I had just plugged in my computer directly to the switch. When I connect to the VPN I am assigned either 87.10 or 87.11 and so on. I have successfully connected to the Zyxel with two users but they have yet to been able to see any of the LAN when I scan it. But when I have a coworker on the VPN I can scan my "lan" and I see his computer is on there with me but nothing else. Im assuming the "lan" I am scanning is just on the Zyxel.




  • Also Im connecting using the OSX VPN connection. IPv4 Config is set to PPP. 

Security Highlight