USG 110 SSL client multi VPN
Best Answers
-
The IP address space of your SSL VPN clients is 192.168.100.100-120
So if your are using policy-based IPSec site-to-site tunnel.
The VPN connection setting of local poly in HQ and remote policy need to include the IP address space of SSL VPN clients.
5 -
Hi @Ondrej
Welcome to Zyxel community.
You topology:
SSL Client(192.168.100.100)--------HQ(HQ subnet)========[VPN]======Branch(Branch Subnet)
As your scenario, SSL VPN client is able access to HQ subnet but unable access to branch subnet.
You can go to make sure if you have added routing for SSL VPN client on both of devices.
(1) On HQ device. The “branch subnet” have to add into network list of SSL VPN.
(2) Add policy route on HQ device.
Destination: Branch subnet, NextHop: VPN tunnel.
(3) Add policy route on Branch device.
a. Incoming: ZyWALL, Destination IP: SSL VPN Pool. NextHop: VPN (It is for access to Branch ZyWALL)
b. Incoming: any, Destination IP: SSL VPN Pool, NextHop: VPN (It is for access to branch subnet)
5
All Replies
-
The IP address space of your SSL VPN clients is 192.168.100.100-120
So if your are using policy-based IPSec site-to-site tunnel.
The VPN connection setting of local poly in HQ and remote policy need to include the IP address space of SSL VPN clients.
5 -
Hi @Ondrej
Welcome to Zyxel community.
You topology:
SSL Client(192.168.100.100)--------HQ(HQ subnet)========[VPN]======Branch(Branch Subnet)
As your scenario, SSL VPN client is able access to HQ subnet but unable access to branch subnet.
You can go to make sure if you have added routing for SSL VPN client on both of devices.
(1) On HQ device. The “branch subnet” have to add into network list of SSL VPN.
(2) Add policy route on HQ device.
Destination: Branch subnet, NextHop: VPN tunnel.
(3) Add policy route on Branch device.
a. Incoming: ZyWALL, Destination IP: SSL VPN Pool. NextHop: VPN (It is for access to Branch ZyWALL)
b. Incoming: any, Destination IP: SSL VPN Pool, NextHop: VPN (It is for access to branch subnet)
5 -
0
Categories
- All Categories
- 347 Beta Program
- 2.1K Nebula
- 115 Nebula Ideas
- 77 Nebula Status and Incidents
- 5K Security
- 44 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 64 Switch Ideas
- 900 WirelessLAN
- 33 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 326 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 832 Nebula FAQ
- 401 Security FAQ
- 219 Switch FAQ
- 190 WirelessLAN FAQ
- 45 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight