USG Flex 100 L2TP VPN not letting me access shared folders of the LAN

Hi everyone I'm new here,

I'm learning how to configure a VPN with USG Flex 100 with guides I found around.

So, I have a server in my LAN (10.0.0.0/24) and I want the VPN users (192.168.50.0/24) to be able to access the shared folders of it, as of now it seems like they can't even see it.

Tried pinging some PC in the LAN but no response.

This is a NAT rule for the FTP to work from outside with our public IP.

Does anyone have any idea? Don't know if I should have posted something more usefull, in case just ask and I'll provide it ASAP.

Accepted Solution

  • Rgnvdjfgdfg
    Rgnvdjfgdfg Posts: 12
    Friend Collector First Comment
    Answer ✓

    I looked for it in Windows Defender Firewall and found this:

    Sorry but I'm a newbie and thanks a lot for helping me

All Replies

  • mMontana
    mMontana Posts: 1,298  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    Does your server allow the communication to 192.168.50.0/24?

  • Sorry but I don't know what you mean, the folder is shared to "Everyone" if it answer it

  • smb_corp_user
    smb_corp_user Posts: 145  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer

    "Everyone" is only local access via File & Folder Security Access (Share access or file/folder Rights). Does the server have its own OS Firewall and is that Firewall configured to allow traffic from 192.168.50.0/24 (foreign subnet)? Note also that some systems consider legacy services unsafe and can block them by default.

  • Rgnvdjfgdfg
    Rgnvdjfgdfg Posts: 12
    Friend Collector First Comment
    Answer ✓

    I looked for it in Windows Defender Firewall and found this:

    Sorry but I'm a newbie and thanks a lot for helping me

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,039  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hello @Rgnvdjfgdfg

    Welcome to the Zyxel community. Why L2TP clients(192.168.50.0/24) cannot access your internal server(10.0.0.0/24), here are some troubleshooting tips that you can refer to:

    1. Please check routing-related settings such as security policies, allowed local VPN policy, etc. To make sure L2TP clients(192.168.50.0/24) can access the internal server(10.0.0.0/24).
    2. When you cannot access the internal server, you can check Monitor > Log > View Log to see if there are any dropped messages by which whom.
    3. Please make sure your internal server can be accessed, it could be a safe access protection on the internal server and you could disable it.
    4. Capturing packets on the internal server(10.0.0.0/24) to make sure it can receive requests from L2TP clients(192.168.50.0/24).

    If you have other questions in the future, we welcome your questions.

    Thanks.

  • As you suggested i created a policy route

    but I still can't either ping or access to the LAN.

    In the log it says nothing about this, it was the first thing i checked.

    The server can be accessed, first time i setup the VPN i could ping AND access the server without any problem.. After that i tried disconnecting and reconnecting and it all stopped working.

    Tried capturing packets but first time doing it and seems like nothing is arriving at the LAN..

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,039  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hello @Rgnvdjfgdfg

    Thanks for your update. Can you provide the remote Web-GUI link session to us for further checks by private message? We will send a private message later, please check your e-mail inbox. We would like to chek your routing-related settings. Thanks.

Security Highlight