Remote Site VPN connection to another VPN

Smartpeg · November 2020

Hi, we have a functioning Remote Access VPN. When we connect all devices in our site are visible. We have created a Site to Site VPN with one client. If we connect from our site the connection works, if we try connecting from home, after having successfully connected with the remote Access VPN, we cannot see the server.
As an example, our LAN is 192.168.50.0/24 , the client VPN subnet is 192.168.150.0/24. The NON nebula VPN is on 192.168.52.0/24. How can I force IP 192.168.150.122 to go through the non nebula VPN and reach IP 192.168.52.10?

Zyxel_Jason · November 2020

Hi @Smartpeg ,

Welcome to Zyxel Community!

If you want the VPN client subnet 192.168.150.0/24 can reach Non-Nebula VPN peer subnet 192.168.52.0/24, you may configure "Remote Client VPN" as "Use VPN" at Site-to-Site VPN page.

Image: https://us.v-cdn.net/6029482/uploads/editor/4r/dy8xgrrym7ta.jpg

NSG side will have a policy route automatically making traffic from 192.168.150.0/24 to 192.168.52.0/24 go through site-to-site VPN tunnel.

Please also remember there needs to have a policy route on the Non-Nebula side to make the next-hop of the traffic from 192.168.52.0/24 to 192.168.150.0/24 be Site-to-Site VPN tunnel.

Hope it helps.

Zyxel_Jason · November 2020

Hi @Smartpeg ,

Welcome to Zyxel Community!

If you want the VPN client subnet 192.168.150.0/24 can reach Non-Nebula VPN peer subnet 192.168.52.0/24, you may configure "Remote Client VPN" as "Use VPN" at Site-to-Site VPN page.

NSG side will have a policy route automatically making traffic from 192.168.150.0/24 to 192.168.52.0/24 go through site-to-site VPN tunnel.

Please also remember there needs to have a policy route on the Non-Nebula side to make the next-hop of the traffic from 192.168.52.0/24 to 192.168.150.0/24 be Site-to-Site VPN tunnel.

Hope it helps.

Remote Site VPN connection to another VPN

Accepted Solution

All Replies

Categories

Nebula Tips & Tricks

Nebula Help Center