Internet per port via IPSec VPN on usgflex100

Hi @Stanislav,
You need to know what's VPN mode the VPN server support.

You can refer this thread first,
https://community.zyxel.com/en/discussion/13182/connect-zyxel-as-a-client-to-strongswan-vpn-server#latest

Zyxel firewall does not support behavior as an IPSec VPN client to connect to Express VPN/Nord VPN..., etc. 
It only support site to site IPSec or IPSec VPN server.

Hi @Stanislav,
What's the local/remote network policy of the tunnel established.
Could you take a GUI screenshot of this tunnel in  MONITOR > VPN Monitor > IPSec


What's the the personal IPSec VPN ?
A cloud service ? (what's the name or web site ?)
or build and managed by yourself ? (what's the OS platform and IPSec software package ?)

@Stanislav,
OK. That's script can build up Libreswan and setup L2TP/IPSec, IKEv1+XAuth, IKEv2 VPN server.

But you need to add site to site rule and configure iptables rules on your server for Zyxel firewall.
Here what you need to do. 
1. Edit /etc/ipsec.conf to modify the leftsubnet=0.0.0.0/0 in the conn rule for Zyxel firewall
conn
      ...
      leftsubnet=0.0.0.0/0
      
2. Add iptable rule (assume eth0 is the outgoing interface on server)
(1) A forward rule for 192.168.21.0/24 to any
iptables -I FORWARD 8 -s 192.168.21.0/24 -o eth0 -j ACCEPT
(2) A SNAT rule for 192.168.21.0/24 outgoing wan interface of your server to access Internet.
iptables -t nat -I POSTROUTING -s 192.168.21.0/24 -o eth0 -j MASQUERADE