Testing next hop IPSec VPN tunnel in V1.36
Guru Member
Its a change to get your head around from ZLD and just a note there is still missing the VPN tunnel on incoming when making a routeing rule.
So I did a test setup for a temp of my fallover ping system on FLEX200H to test the option out and it works fine in my test I was able to set From Zone but its the To Zone that really gets you. On my VPN300 I do a routing rule with ping (noted that FLEX H shows Source option) and rule for sending the ping down tunnel to allow this you make a Policy control rule from zone where that ping comes in on then to zone VPN tunnel...but not with the FLEX200H instead its from zone where that ping comes in on then to zone...WAN where the tunnels goes out on....I somewhat wonder if the way ZLD and uOS both work is a change in that ZLD would see you made the rule from Zone to VPN tunnel then auto make a rule from zone to WAN which would save making two rules where as uOS the from Zone to VPN tunnel is auto allowed then you needed to make a rule from Zone to WAN again saving the need to make a from Zone to VPN tunnel.
All Replies
-
Hi @PeterUK
You are correct. Currently the next hop to IPSec VPN tunnel has a limitation.
Additionally, we have a plan to enhance this (no need to create additional security policy) in the future firmware release.
Zyxel Melen0
Zyxel Employee
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 202 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.3K Security
- 515 USG FLEX H Series
- 328 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 49 Wireless Ideas
- 6.9K Consumer Product
- 288 Service & License
- 458 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 85 About Community
- 97 Security Highlight
