Site to site IPSec VPN: VLAN5 <-> LAN2 interface
I’m trying to set up a tunnel between a VLAN on 1 site and a regular LAN interface on the other site. The tunnel seems to work fine, but I cannot make any connection to the devices.
I have tried site to site and vti, both seem to connect, but cannot ping. Tunnel interface between 2 LAN interfaces is no problem, but I need VLAN <-> LAN2.
VPN_TEL_LOCAL Left: Subnet: 192.168.5.0
VPN_TEL_REMOTE Left: Subnet: 192.168.10.0
VPN_TEL_LOCAL Right: Subnet: 192.168.10.0
VPN_TEL_REMOTE Right: Subnet 192.168.5.0
Still no response on both sides. Any help?
All Replies
-
You want site to site with at least one end nailed-up the status will show the tunnel is up
0 -
If you have setup the Local and remote policy right with a zone for the site to site then you might need a routing rule.
Incoming Interface
member LAN/ge
destination the remote subnet
next hop
type VPN Tunnel
tunnel your zone for the site to site
Then a firewall for LAN to zone site to site
0 -
What's about your Security Policy ? Have you allowed the traffic ?
Also,Please check there is no "Source Network Address Translation" applied.0
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight