USG20-VPN WITH NAT AND VIRTUAL IP
Hello!
I have a USG20-VPN factory restored, and ready to be configured!
I need to install it in a already built network (192.168.1.0/24) because I have some devices that I want to reach with SSL VPN.
I try to explain what I think to do:
I attach an image to explain the situation:
I have a USG20-VPN factory restored, and ready to be configured!
I need to install it in a already built network (192.168.1.0/24) because I have some devices that I want to reach with SSL VPN.
I try to explain what I think to do:
- assign virtual IP to the USG
- NAT that IP to the real IP (internal network of the USG, for example LAN1)
- create rule to let user connect from the primary network to that IP
- configure VPN SSL to reach internal IP of the USG (with NAT rule from the primary modem)
I attach an image to explain the situation:
0
Accepted Solution
Zyxel Employee
All Replies
-
If your modem router at 192.168.1.1 can do static route there is another way without double NAT.
0 -
Thank you @Zyxel_Can!
Everythings are clear!
@PeterUK: yes there is a modem router and I have access to it. What do you mean with another waY?
Thanks
0 -
Instead of SNAT 192.168.0.31 from 192.168.1.30 or with virtual IP's you static route on the modem router at 192.168.1.1 for 192.168.0.0/24 to 192.168.1.30 you then make a routing rule with Use IPv4 Policy Route to Overwrite Direct Route checked to go from incoming LAN1 to next hop gateway 192.168.1.1
0
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 75 Security Highlight
