Set USG210 VPN to NAS

dmmichael
dmmichael Posts: 16  Freshman Member
First Anniversary First Comment
edited April 2021 in Security
Hello everyone.

I have a zyxel usg210 firewall and I would like to configure an IPSec VPN to a qnap NAS of one of our branches (the branch does not have a firewall at the moment) I followed some questions but I cannot connect to the NAS it gives me DIAL connection error. The guides I have read refer to a firewall to firewall configuration but can you do firewall to NAS? (Notwithstanding that on the NAS I have configured ipsec)

Thanks
«1

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,361  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @dmmichael  

    I checked QNAP NAS, it has supported for PPTP server.

    You can go to Configuration > Object > ISP Account to create a connection object.


    And then apply it into PPP interface.

    Configuration > Network > Interface > PPP


    And create policy route for NAS connection.  Then should able access to NAS resource successfully.


  • dmmichael
    dmmichael Posts: 16  Freshman Member
    First Anniversary First Comment
    Hi Stanley
    I don't understand the part of creating policy routes, in your example in the destination entry what does the "NAS_IP_Sub" entry correspond to?

    thanks a lot
  • dmmichael
    dmmichael Posts: 16  Freshman Member
    First Anniversary First Comment
    please help me :-)
  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    The NAS_IP_Sub is the IP of your NAS when you make a address object.

    You might not be able to do IPSec only PPTP have you setup the PPTP ISP account?

    The PPP would need to be setup to your base interface WAN1 or WAN2 with your PPTP.

    The routing rule allows you to connect to the NAS over PPTP


  • dmmichael
    dmmichael Posts: 16  Freshman Member
    First Anniversary First Comment
    the problem is that I can connect to the NAS but if I search for network resources I don't see it
  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    So the PPTP connection to your NAS is up?
  • dmmichael
    dmmichael Posts: 16  Freshman Member
    First Anniversary First Comment
    yes
  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    Have you done the routing rule?

    You also need to allow in the firewall so check in logs for blocks to the NAS.


  • dmmichael
    dmmichael Posts: 16  Freshman Member
    First Anniversary First Comment
    i did it this way, i hope it is correct


  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    If as you say you can connect to the NAS then the USG is setup correctly. Maybe theirs a setting on the NAS thats limiting you? 

Security Highlight