Routing L2TP for access other tunnels
Freshman Member
Hello,
I have a USG 110. I have configured a L2TP tunnel over IPSEC. The connection works perfectly for me. I am trying to configure a routing to be able to access the subnets of other tunnels that I have from site to site. But I am not able to reach them. Could someone help me configure the routing to be able to access the rest of the tunnels that I have configured from L2TP?
All Replies
-
Concentrator…
0 -
Do you have any overlapping subnets that are enabled per given site and the other sites with the same subnet?
0 -
I do not understand what you mean. I have three subnets within the same lan. I need the L2TP tunnel over IPsec to be able to reach these three subnets.
0 -
Is your setup like this
https://support.zyxel.eu/hc/en-us/articles/360010904260-VPN-Routing-traffic-from-VPN-tunnel-to-a-another-VPN-site-VPN-Routing-
https://support.zyxel.eu/hc/en-us/articles/360000709460-VPN-Configure-Failover-with-Dual-WAN-Trunk-Failover-VPN-Concentrator-#h_01GM2Z78N7WGXGP5W6XB5AFGHP
0 -
Found a faq looks can map to your case
0 -
Thank you very much for your comments. I think I have not explained myself well with my problem.
I have created an access to my office through L2TP tunnel
I can access my office subnet without problem.
In my office there are another 3 site-to-site tunnels configured with three different subnets. In those 3 subnets I have routing rules to be able to access from my office.
What I need is to create a routing rule to be able to access from my L2TP access to the other three subnets.
Routing rule 1. is the one that I have configured to be able to access the other three subnets, but it doesn't work for me. Could you tell me why?
0 -
I have tried what you mentioned but it still doesn't work for me. I think the problem is in local policy
What would be the correct one?
0 -
So you want those connected to remote access server role to connect to the site to site tunnels?
What are the subnets? From what I see in routeing rule you use the same source LAN1_subnet
0 -
Exactly, I want those who connect to the remote access function to be able to access the site-to-site tunnels.
The subnets are from the other tunnels I have site-to-site from my office's lan1_subnet. Two of them make a next-hop for having SNAT configuration.
0 -
So shouldn't those who connect to the remote access have routing rules from source 192.168.50.1-192.168.50.250 with Destination to next hop site to site tunnels?
0
Guru Member
Master Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
