Problem connection to my LAN network while a VPN tunnel is up

Redwizard87 Posts: 2  Freshman Member
edited April 14 in Security
Hi to everyone,
I decided to by a USG 20 unit to let myself connect to my home lan network. At moment the configuration of my internet access is the cascade of a modem from ISP provider + zyxel + a router netgear.
In particular the address config is the follow:

Sercomm is just used to remain active the voip line cos my provider do not permit different modem .
Public IP is made static by a ddns service.
For the VPN Service I've selected a VPN-SLL cos i found it easier.
As Client I use Zyxel Securextender.

Following steps has been performed:
1- Forwarding the 443 port on Sercomm
2- Creation of a new VPN user in the section Object of the zyxel

3 - In the VPN -->VPN SSL section I have set connection enabling the user created and allowing him to acces at zyxel lan (

The result is that I can access to my zyxel from remote place in fact the client establish a connection with thw follow parameters

I find that, correctly , the assigned address is of the kind 192.168.1.X and browsing to i can open the zyxel homepage....... but when I try to reach one of the elements of the netgear subnet, i.e. I try to reach my NAS at the address, I can't access. Any ping I tried to the element of my home network is failed. Someone can help me?


  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,018  Zyxel Employee

    Hello PasqualeT,
    There are not link for picture 2,3,4, and please create the permission for all pictures.
    As your description,
    I want to confirm your topology first, is like ISP-----USG-----netgear----NAS?
    If yes, you should add NAT rule and allow Wan->Lan on netgear router and try it again

  • Redwizard87
    Redwizard87 Posts: 2  Freshman Member
    edited November 2017
    Hello Charlie, Thanks for your reply. I tried to enable nat filter on netgear but the system still doesn't work.
    - Nat rule shall be given in zyxel or netgear?
    - Routing wan to lan is like a forwarding or something else?
    Sorry but i'm home user not expertier so maybe my questions could result elementary :)
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,018  Zyxel Employee
    Hello PasqualeT,
    As the topology you shared,
    if possible, please change the Netgear's Lan subnet to others to avoid overlapping.
    Moreover, the NAT rule should add on Netgear router.
    It is just an example of setting NAT as your reference. Note: The NAT settings need to add on Netgear router

    Configure Wan->Lan: Allow

    For analysis purpose, please let PC connect with USG's Lan port directly during NAT testing.

Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!