Vpn to ipvanish

Fra
Fra Posts: 4  Freshman Member
edited April 2021 in Security
hi,
i have Zyxel USG 60, it’s possibile to make a vpn connection to IPVanish vpn server? I need to encrypt all my traffic. IPVanish accept L2TP over Ipsec IKEv2. 
Thanks

Comments

  • CHS
    CHS Posts: 155  Master Member
    IPVanish looks like a VPN proxy server.
    (Maybe some of country will limit specific internet access, so needs this kind of software)

    But as I know USG VPN could be a VPN server but not a client role.
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    Hello Fra,
    G'day
    Just want to confirm the scenario of this case which you request is
    USG60(Ipsec client)--------IPVanish Server=>internet?
    Charlie
  • Fra
    Fra Posts: 4  Freshman Member
    Hi Charlie,
    yes this is my scenario, can you help me to configure the USG?
    Thanks
    Fra
  • Fra
    Fra Posts: 4  Freshman Member
    Hi CHS,
    i have read the manual of USG and i have found:

    ".... Select the scenario that best describes your intended VPN connection. The figure on the left of the screen changes to match the scenario you select.

    • Site-to-site - The remote IPSec device has a static IP address or a domain name. This ZyWALL/ USG can initiate the VPN tunnel.

    • Site-to-sitewithDynamicPeer-TheremoteIPSecdevicehasadynamicIPaddress.Onlythe remote IPSec device can initiate the VPN tunnel.

    • Remote Access (Server Role) - Allow incoming connections from IPSec VPN clients. The clients have dynamic IP addresses and are also known as dial-in users. Only the clients can initiate the VPN tunnel.

    • Remote Access (Client Role) - Connect to an IPSec server. This ZyWALL/USG is the client (dial-in user) and can initiate the VPN tunnel. "

    It seems that remore access VPN Client role is supported. Can you help me to configure the VPN?
    Thanks
    Fra 



  • CHS
    CHS Posts: 155  Master Member
    @Fra
    I think "Remote Access (Client Role)" still can't establish VPN tunnel to IPVanish server.
    Because there is no "local policy" or "remote policy" required for IPVanish client.
    But Client Role on USG have to set "local policy" and "remote policy".

    The IPVanish just like others software: Tor or UltraSurf.
    Server supports any clients establishing connection those installed software.
    But gateway without IPVanish package, so I guess USG not support it.
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    edited October 2017
    Thanks @CHS
    Hello Fra,
    The IPVanish server can be connected by client who installed the application.
    Moreover, the IPVanish server accept L2TP over Ipsec IKEv2, but the USG only support Remote access(Client role) in IPSec VPN. 
    Charlie
  • Fra
    Fra Posts: 4  Freshman Member
    Thank for your reply. I need to encrypt all my internet traffic, can you suggest me if there is some function that i can use with USG 60?
    Thanks
    Fra
  • Jeremylin
    Jeremylin Posts: 166  Master Member
    edited October 2017
    I think USG can fulfill your request and the topology should be
    Clinet-------USG=====[Site to Site VPN]=====AWS-----Internet.
    The configuration of Site to Site VPN is normal on USG, however, the VPN configuration on AWS, I think you need to ask AWS support.
    I just find the Site to Site configuration from FAQ(Note:the remote site will be AWS)
    Link: https://businessforum.zyxel.com/discussion/551/an-example-of-site-to-site-vpn#latest
    I think the price is not cheap, AWS charge by every traffic.....
    Jeremy 

Security Highlight