USG60W - connect from IPSEC connected site to Web GUI

Options
ondrej_gorcik
ondrej_gorcik Posts: 2 image  Freshman Member
First Comment
in Security

Hello,

I am trying to solve problem with connection to router administration. I have 2 sites succesfully connected thru IPSec. I am connected to site A with SSL VPN. Site A is connected to site B thru IPSEC. I can access devices in Site B network. But I cannot access router administration website.

Log from site A:

image.png

Log from site B:

image.png

From outside on public IP it works normally. Rules seems to be ok. No restrictions for web access:

image.png

Please any ideas what could be wrong?

Thank to all of you

Ondrej

Accepted Solution

  • PeterUK
    PeterUK Posts: 4,418 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary
    edited January 2025 Answer ✓

    On site B what is the remote policy of the VPN tunnel?

    If not 172.16.220.0/24? site B will not know to send reply down tunnel from what I can tell

    see if a routing rule on B with

    incoming ZyWALL

    Destination address 172.16.220.0/24?

    next hop VPN Tunnel

All Replies

  • PeterUK
    PeterUK Posts: 4,418 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary
    edited January 2025 Answer ✓

    On site B what is the remote policy of the VPN tunnel?

    If not 172.16.220.0/24? site B will not know to send reply down tunnel from what I can tell

    see if a routing rule on B with

    incoming ZyWALL

    Destination address 172.16.220.0/24?

    next hop VPN Tunnel

  • ondrej_gorcik
    ondrej_gorcik Posts: 2 image  Freshman Member
    First Comment

    Thats exactly what was missing there. I had only Policy route for the network not the second route for ZyWALL.

    Thanks for your help.

    O.

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)