VPN between Zywall 110 and Fritzbox 6820 LTE

Sascha_Walther
Sascha_Walther Posts: 17  Freshman Member
First Anniversary First Comment
Hello,

i have setup an VPN between this boxes. I‘m able to ping and to access the Zyxel internal IP and Webinterface. Whats not possible is to access anything in the network behind the zywall.

Any ideas where to start to search the problem? The log says „access forward“ to the ip behind the Zyxel Zywall 110 but not webinterface from that/any target.

thx
Sascha

All Replies

  • MJStar
    MJStar Posts: 34  Freshman Member
    First Anniversary 10 Comments Friend Collector First Answer
    Hi, do you use site-to-stie VPN scenario? Does the VPN tunnel work? Maybe you can refer to this.

    Fritzbox 6820 LTE VPN setting reference:

    Quoting your previous message "What's not possible is to access anything in the network behind the zywall."
    Do you have any specific usage purpose for accessing something behind Zywall110 =) ? e.q. NAS, SMB, web service.
  • Sascha_Walther
    Sascha_Walther Posts: 17  Freshman Member
    First Anniversary First Comment
    edited July 2021
    Good morning, and thank you for replaying to my Problem. I think i did like you mentioned with the tutorial. i was very hard to find the right settings but now I yust need to power on the fritzbox and get an connection.

    I can see the connection in the webinterface.

    Then it is also possible to access the zywall with the internal ip adress.

    Behind the Zywall is a network with different devices also with an NAS. I would like to access with samba. That is the usecase.

    If you have any idea how to find the solution i will be very happy.

    thx
    Sascha

  • MJStar
    MJStar Posts: 34  Freshman Member
    First Anniversary 10 Comments Friend Collector First Answer
    OK, got it. Maybe you can check the SMB service if has been enabled on your Windows PC.

    And checking the file sharing related setting, too.

  • CHS
    CHS Posts: 177  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Your VPN network is:
    10.18.1.0/24(zywall)<===VPN===>(Fritzbox)10.18.0.0/24

    You can send ICMP packets to NAS which behind zywall continually.
    And enter Frizbox client IP address in trace condition. After clicking "Capture", zywall will display incoming/outgoing routing path if packet really arrived to zywall intranet in 10 secs.

    You could share screenshot of your test result.

  • Sascha_Walther
    Sascha_Walther Posts: 17  Freshman Member
    First Anniversary First Comment
    Hello,

    thx for answering, here are the screens...





    I'm not sure what is the output information about that?

    regards
    Sascha
  • Sascha_Walther
    Sascha_Walther Posts: 17  Freshman Member
    First Anniversary First Comment

    MJStar said:
    OK, got it. Maybe you can check the SMB service if has been enabled on your Windows PC.

    And checking the file sharing related setting, too.


    Hi, I do note use Windows. I think it is not a problem of the smb service it self because I uses traceroute and ping to try to reach the NAS. Also because I can't reach the webinterface and so on.


  • CHS
    CHS Posts: 177  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited July 2021
    You can download XXXX.cap file to check the detail.(by wireshark.exe)
    Or you can attach file and share to us.
    (In routing trace, the reason should be NAS server did not reply ICMP.... you could check firewall setting on NAS server first)
  • Sascha_Walther
    Sascha_Walther Posts: 17  Freshman Member
    First Anniversary First Comment

    Zywall should replay, I'll have a look.
  • Sascha_Walther
    Sascha_Walther Posts: 17  Freshman Member
    First Anniversary First Comment
    edited July 2021
    Problem solved, thx to the perfekt service from the Zyxel Support. There was an missing policy routing entry to route the backtraffic into to tunnel instead of to the internet from a later rule.

    thx a lot for your support, all.

Security Highlight