Flex 100H VPN SecuExtender clients connects fine; NO ACCESS to remote network devices
Joe265
Posts: 3 
Freshman Member
Freshman Member
0
All Replies
-
This was all working fine until latest firmware update v1.36
0 -
Took me some time to work this out and the fix is there needs to be a routeing rule next hope to remote VPN.
The problem is this if you have a routing like
incoming LAN
next hop WAN
SNAT outgoing-interfaceWhen VPN traffic goes to LAN it gets to the device then a reply happen but the traffic to the VPN IP follows the routeing rule above and so never get back to the client.
There is no routing rule you can make to fix this but there is a workaround
make two address objects with the following range if your VPN IP pool is 192.168.50.0/24
0.0.0.0 - 192.168.49.255
192.168.51.0 – 255.255.255.55
in a group
Then add that to the above routeing rule for Destination Address0
Guru Member
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 199 Nebula Ideas
- 125 Nebula Status and Incidents
- 6.3K Security
- 492 USG FLEX H Series
- 322 Security Ideas
- 1.6K Switch
- 83 Switch Ideas
- 1.3K Wireless
- 47 Wireless Ideas
- 6.8K Consumer Product
- 285 Service & License
- 455 News and Release
- 89 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 95 Security Highlight
