ZyxelNewb

Disregard, I forgot to update the address in the WIZ_VPN_PROVISIONING_LOCAL group to the 192.168.10.0/24 subnet I changed it to. I'm still not sure of what the difference is between your working config that you posted, and my config. Even if I start from a factory reset, run through the VPN wizard per your documentation, I…

in VPN on USG20-VPN - connected, but not passing traffic Comment by ZyxelNewb November 2018

I should also note, that I've uploaded your config file (the only thing I've changed was the LAN 1 address/subnet, because the 192.168.1.0/24 was already being used on the WAN side), and am able to connect to the USG20 now via IPSec VPN with my test client (I still don't see what's different in your config, vs what I had…

in VPN on USG20-VPN - connected, but not passing traffic Comment by ZyxelNewb November 2018

I've configured the VPN per the documentation you've attached, but I can't get my user to log in. It keeps showing "Authentication Failed: Wrong login/password". I'm 100% sure the username and password are correct though. In the system logs, I see a log entry for my vpn user logged into the device from my client IP…

in VPN on USG20-VPN - connected, but not passing traffic Comment by ZyxelNewb November 2018

Disregard

in VPN on USG20-VPN - connected, but not passing traffic Comment by ZyxelNewb November 2018

I'm in the same position, I haven't been able to get this issue figured out yet either. The subnet I entered is the LAN subnet being used by the USG device, but I'm not getting any routing to my internal LAN subnet from the VPN client.

in VPN on USG20-VPN - connected, but not passing traffic Comment by ZyxelNewb October 2018

I stand corrected. Everything seems to be working "ok" for the most part. I was pinging the GW on the other VLAN's as a test, but I ping anything past the GW, it blocks the traffic. Can you tell me why that is? Shouldn't even the GW be blocked based on the security policies I put in place above? And why isn't the traffic…

in Security Policy Help - Policies are not applying to traffic Comment by ZyxelNewb September 2018

Thank you for the reply - yes, I've confirmed that the traffic is indeed being routed by the Zyxel, but the security policies are still not applying. What should my next step(s) be? Thank you!

in Security Policy Help - Policies are not applying to traffic Comment by ZyxelNewb September 2018

In addition, looking at the traffic logs filtering on my VLAN 10 client as the source, it doesn't look like any of the traffic is being passed through the firewall. Is this because VLAN 10 & VLAN 20 are both in the LAN1 zone? Do the VLAN's need to be in different zones before the firewall will inspect the traffic?

in Security Policy Help - Policies are not applying to traffic Comment by ZyxelNewb September 2018

ZyxelNewb Freshman Member

Comments