What's the next step after opening a VPN tunnel?
Freshman Member
Hello Anyone,
Maybe it's a silly question, but I never used a VPN connection.
I'd like to connect "travelling employees" to the local network (domain) of my small business office.
I
establised the client-to-site Tunnel (IPSec, IKEv1) to the USG20-VPN
device, everything is fine, all lights are green, VPN is "open" (with
ZyWALL IPSecVPN Client software).
Now what? Somehow every tutorial stops here. How can I access shared forlders, local machines...etc. on the site network?
On
site, normally I have to sign in the Domain with username and password.
Where can I make this identification process using the VPN at home, to
browse the office LAN? Do I need other software for it (built-in Windows
for examle)? And how?
(using ZyXEL USG20-VPN firewall, Windows Server 2016 DC, Win10 clients)
0
Accepted Solution
-
Szatimu,
The key is the DNS server settings of VPN client.
Windows Domain related services is based on DNS resolve.
So you need add your domain to DNS Suffix & add DNS server IP(usually the IP of DC) into the
VPN client.
Then using \\xxx.dns domain\sharefolder\ to access the shared folder in site.
6
Master Member
All Replies
-
@Szatimu
If the local server is not in the IP address of local policy, you need to create the policy route to redirect client to access in.
Example, if your server IP address is 192.168.100.22, you need to create IP address on device, and configure the routing as following
Charlie0 -
Dear Charlie,Thank you for your kind answere.I made the policy with the suggested parameters and I got the following error message:
Unfortunately, I don't understand exactly this "Next-Hop" thing.We have a Gateway (supplied by our ISP, a router configured as gateway set to DMZ mode) in front of the ZyXEL USG20 device.Maybe it'll help you to specify the solution.Thank you again.
0 -
Szatimu,
The key is the DNS server settings of VPN client.
Windows Domain related services is based on DNS resolve.
So you need add your domain to DNS Suffix & add DNS server IP(usually the IP of DC) into the
VPN client.
Then using \\xxx.dns domain\sharefolder\ to access the shared folder in site.
6 -
Yes! Ian31's solution woks perfectly! Even without making any policy stuff.Many thanks to both of you!0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 246 Service & License
- 383 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
