IPSec VPN Client to access LAN/VLANS behind USG210
Options
tenniseric79
Posts: 1 Freshman Member
I would like to know how I can configure an USG210 (or USG60W for that matter) to allow a computer with IPSEC VPN Client to access different LANs and VLANS behind the firewall.
My setup is this:
Computer with VPN client connected to a LAN with ipadress 192.168.x.x
VPN-tunnel to USG210
Thjis works fine. Connected and verytning. This VLAN is 10.10.13.0/29. I can ping the USG2010 that has 10.10.13.2 as the IP on this VLAN (1013)
So, behind this I have serveral LANS and VLANS (my servers and other stuff lies on those).
How do I configure my USG to allow traffic to the other subnets....for example
VLAN1011 (192.168.11.0)
VLAN1080 (192.168.80.0)
VLAN110 (192.168.110.0)
I guess I should use policy routes and maybe zones, I just don't understand how...
I have doing some test and labb but I don't want to mess things up....
Any suggestion or examples....?
My setup is this:
Computer with VPN client connected to a LAN with ipadress 192.168.x.x
VPN-tunnel to USG210
Thjis works fine. Connected and verytning. This VLAN is 10.10.13.0/29. I can ping the USG2010 that has 10.10.13.2 as the IP on this VLAN (1013)
So, behind this I have serveral LANS and VLANS (my servers and other stuff lies on those).
How do I configure my USG to allow traffic to the other subnets....for example
VLAN1011 (192.168.11.0)
VLAN1080 (192.168.80.0)
VLAN110 (192.168.110.0)
I guess I should use policy routes and maybe zones, I just don't understand how...
I have doing some test and labb but I don't want to mess things up....
Any suggestion or examples....?
0
All Replies
-
What I do is make zones for the VLANs that way your individually making firewall rules for what VLAN can connect to a given VLAN but if you want it simple set all VLANs to LAN1 then make a firewall rule from LAN1 to LAN1 and they all connect.
0 -
You can enter to the Web-GUI path Configuration>VPN>IPsec>VPN Connection and edit IP range of the local policy such as following IP range 192.168.0.0./16.
Go to Configuration>Network>Routing>Policy Route and add a policy route.
Thanks.
0 -
Hi Jeff,
Can you reiterate that to a situation when one is using L2TP VPN? I reckon the policy route would be identical, but how does that translate to the local policy?0 -
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight