Configuration VPN - other subnetwork
Hi, It is my 1st post on this forum, so please be patient :-)
I want to buy Zyxel USG 60 with VPN L2TP/IPSec
I have a plan of topology:
https://zapodaj.net/d4030ae4f73c2.png.html
On the topology we can see zyxel firewall, switch L3 cisco, 3x cisco l2 switches and serwer FTP with DHCP, Win Serwer 2016, Active Directory. Serwer belong to VLAN 10.
To Switches L2 I connect some vlans.
Switch L3 is default gateway for all vlans (on int vlan 10, int vlan 20 etc.)
Between Switch L3 and firewall I have subnetwork 192.168.100.0/30 .1 is zyxel address .2 is Switch L3 physicall address.
Vpn is configuring to connect android mobile devices. I want to share for them other network than 192.168.100.0/30 e.g. 172.16.0.0/24 and Zyxel should be a DHCP for mobile vpn clients.
Can I do it with zyxel usg 60?
Or maybe I should to download other OS ?
I want to buy Zyxel USG 60 with VPN L2TP/IPSec
I have a plan of topology:
https://zapodaj.net/d4030ae4f73c2.png.html
On the topology we can see zyxel firewall, switch L3 cisco, 3x cisco l2 switches and serwer FTP with DHCP, Win Serwer 2016, Active Directory. Serwer belong to VLAN 10.
To Switches L2 I connect some vlans.
Switch L3 is default gateway for all vlans (on int vlan 10, int vlan 20 etc.)
Between Switch L3 and firewall I have subnetwork 192.168.100.0/30 .1 is zyxel address .2 is Switch L3 physicall address.
Vpn is configuring to connect android mobile devices. I want to share for them other network than 192.168.100.0/30 e.g. 172.16.0.0/24 and Zyxel should be a DHCP for mobile vpn clients.
Can I do it with zyxel usg 60?
Or maybe I should to download other OS ?
0
All Replies
-
Hi @terry1996
After established L2TP tunnel, USG will provide an address to client. (the IP address pool configured in L2TP VPN setting)
Then you can add policy route for L2TP client:
Source: L2TP_Pool, Destination: 172.16.0.0/24, NextHop: Switch IP(192.168.100.2), SNAT: none.
Of cause you have to add the routing on your switch that for packets back to L2TP client.
e.g, Destination: L2TP_Pool, NextHop: USG interface(192.168.100.1)
0 -
thank U very much
I am reading a lot and its and Ur comment helps me :-)0
Zyxel Employee
Categories
- All Categories
- 164 Beta Program
- 1.7K Nebula
- 86 Nebula Ideas
- 62 Nebula Status and Incidents
- 4.7K Security
- 236 Security Ideas
- 1.1K Switch
- 50 Switch Ideas
- 908 WirelessLAN
- 27 WLAN Ideas
- 5.3K Consumer Product
- 172 Service & License
- 294 News and Release
- 65 Security Advisories
- 14 Education Center
- 911 FAQ
- 399 Nebula FAQ
- 249 Security FAQ
- 90 Switch FAQ
- 100 WirelessLAN FAQ
- 18 Consumer Product FAQ
- 55 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 68 About Community
- 51 Security Highlight
