FLEX 100 H - policy route and next hop
Freshman Member
On my old USGs I could select the vpn tunnel as the next hop. On the flex 100 h I have no option under the policy routes. I created to site to site vpn tunnel, but no option. Is there something new that I don't know or understand?
Thanks for the help!!
Accepted Solution
-
Hi @weite,
Thanks for your feedback.
It is confirmed in our roadmap, we will support it in near future.
0
Zyxel Employee
All Replies
-
It has not been added yet
0 -
That's a problem, but I will survive it. I hope that it will added soon.
Thanks for the fast answer!
0 -
Hi @weite,
Thanks for your feedback.
It is confirmed in our roadmap, we will support it in near future.
0 -
We like to upgrade our other old firewalls and now need policy routing. Is there a publication date of the new fimrware version?
0 -
Any information about the future availability of the feature ? Because it is still not available.
0 -
Hi all,
The latest firmware supports the Next hop to the VTI interface for route-based VPN. The next hop to a VPN tunnel, which is a policy-based VPN, is in our roadmap. If we have any ETA, I will update this post.
Zyxel Melen0 -
1 year and still no change. It was already promised for May and October, but unfortunately nothing. Is there any new information here? What tells the roadmap?
0 -
Hi @weite,
I apologize for the delayed reply.
May I know why you still need the "next hop to a VPN tunnel" even though the latest firmware supports "the Next hop to the VTI interface for route-based VPN"?
Could you share your topology and scenario so we can help check if it can be built using a route-based VPN and the Next hop to the VTI interface?
Zyxel Melen0 -
Ok, tell me how can I add a VTI?
I see the VTI under interface → network → advanced settings but there is no add button. Is there a other way to add them? I'm confused.0 -
The setup for VTI vs how H models do to non H are different but here is a short setup
VPN client IKEv2 192.168.144.0/24 > Zywall 110 > VTI 192.168.138.13/28 > FLEX200H VTI 192.168.138.12/28 > LAN 192.168.138.1/28 to 192.168.138.2 DNS server
On FLEX200H you go to VPN > IPSec VPN > add
IKEv1 with custom select Route-Based
VTI Setting
Local IP 192.168.138.12
Subnet Mask 255.255.255.240Route Setting add 192.168.144.0/24 this will add a static route for any IP for that subnet to go down the subnet.
0
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight
