Flex 100H VPN SecuExtender clients connects fine; NO ACCESS to remote network devices
Freshman Member
All Replies
-
This was all working fine until latest firmware update v1.36
0 -
Took me some time to work this out and the fix is there needs to be a routeing rule next hope to remote VPN.
The problem is this if you have a routing like
incoming LAN
next hop WAN
SNAT outgoing-interfaceWhen VPN traffic goes to LAN it gets to the device then a reply happen but the traffic to the VPN IP follows the routeing rule above and so never get back to the client.
There is no routing rule you can make to fix this but there is a workaround
make two address objects with the following range if your VPN IP pool is 192.168.50.0/24
0.0.0.0 - 192.168.49.255
192.168.51.0 – 255.255.255.55
in a group
Then add that to the above routeing rule for Destination Address0 -
-
Can you expand on how to add the Routing rule fro the Destination Address?
Thanks
0 -
If you don't have any Routing rules then the return path for the VPN traffic should work its only when you have added Routing rule for a LAN interface to go out a WAN that the VPN traffic return path follows that routing rule.
0
Guru Member
Zyxel Employee
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 222 Nebula Ideas
- 129 Nebula Status and Incidents
- 6.5K Security
- 618 USG FLEX H Series
- 347 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 53 Wireless Ideas
- 7K Consumer Product
- 298 Service & License
- 485 News and Release
- 92 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 88 About Community
- 105 Security Highlight
