How can I use a policy route to control site-to-site IPsecVPN traffic?

Zyxel_Charlie Posts: 1,034
50 Answers 500 Comments Friend Collector Fourth Anniversary
 Guru Member
edited June 2022 in VPN
A user has already established a VPN tunnel and wants to use a policy route to allow traffic from LAN 2 to be transmitted to the VPN tunnel.



The traffic can be transmitted between and Add a rule to forward USG2’s LAN2 ( traffic to the VPN tunnel.

In the device’s web GUI, click Configuration > Routing > Policy Route and use the following parameters to add a new policy route:

For USG1: 

source address: address:, next-hop: VPN tunnel

For USG2: source address:, destination address:, next-hop: VPN tunnel



After configuring the policy route, ping from to see if the traffic can transmit through the VPN tunnel.