VPN between Zywall 110 and Fritzbox 6820 LTE
Sascha_Walther
Posts: 17 
Freshman Member
Freshman Member
in Security
Hello,
i have setup an VPN between this boxes. I‘m able to ping and to access the Zyxel internal IP and Webinterface. Whats not possible is to access anything in the network behind the zywall.
Any ideas where to start to search the problem? The log says „access forward“ to the ip behind the Zyxel Zywall 110 but not webinterface from that/any target.
thx
Sascha
i have setup an VPN between this boxes. I‘m able to ping and to access the Zyxel internal IP and Webinterface. Whats not possible is to access anything in the network behind the zywall.
Any ideas where to start to search the problem? The log says „access forward“ to the ip behind the Zyxel Zywall 110 but not webinterface from that/any target.
thx
Sascha
0
All Replies
-
Hi, do you use site-to-stie VPN scenario? Does the VPN tunnel work? Maybe you can refer to this.Fritzbox 6820 LTE VPN setting reference:Quoting your previous message "What's not possible is to access anything in the network behind the zywall."Do you have any specific usage purpose for accessing something behind Zywall110
? e.q. NAS, SMB, web service.1 -
Good morning, and thank you for replaying to my Problem. I think i did like you mentioned with the tutorial. i was very hard to find the right settings but now I yust need to power on the fritzbox and get an connection.
I can see the connection in the webinterface.
Then it is also possible to access the zywall with the internal ip adress.
Behind the Zywall is a network with different devices also with an NAS. I would like to access with samba. That is the usecase.
If you have any idea how to find the solution i will be very happy.
thx
Sascha
0 -
OK, got it. Maybe you can check the SMB service if has been enabled on your Windows PC.
And checking the file sharing related setting, too.
0 -
Your VPN network is:
10.18.1.0/24(zywall)<===VPN===>(Fritzbox)10.18.0.0/24
You can send ICMP packets to NAS which behind zywall continually.
And enter Frizbox client IP address in trace condition. After clicking "Capture", zywall will display incoming/outgoing routing path if packet really arrived to zywall intranet in 10 secs.
You could share screenshot of your test result.
0 -
Hello,
thx for answering, here are the screens...
I'm not sure what is the output information about that?
regards
Sascha0 -
MJStar said:OK, got it. Maybe you can check the SMB service if has been enabled on your Windows PC.
And checking the file sharing related setting, too.
Hi, I do note use Windows. I think it is not a problem of the smb service it self because I uses traceroute and ping to try to reach the NAS. Also because I can't reach the webinterface and so on.
0 -
You can download XXXX.cap file to check the detail.(by wireshark.exe)
Or you can attach file and share to us.
(In routing trace, the reason should be NAS server did not reply ICMP.... you could check firewall setting on NAS server first)0 -
Zywall should replay, I'll have a look.0 -
Problem solved, thx to the perfekt service from the Zyxel Support. There was an missing policy routing entry to route the backtraffic into to tunnel instead of to the internet from a later rule.
thx a lot for your support, all.1
Master Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
