stepgilb

OK, got it to work, limited the Source IP to the LAN 2 subnet. L2TP/IPSec and Zywalll Device routing works.

Sure, but without that rule I can't get L2TP/IPSEC to work. I guess this rule needs to be limited...

OK, found it, it's the above NAT necessary for the USG WAN being in a NAT'ed network, how do I fix this?

Policy control: looks to me like a Zywall (Device?) to WAN route is missing here:

A ping to the FB Gateway and DNS Server does not work (on LAN 2 it does):

This is ping to one of the Telekom DNS Servers which works fine on LAN 2 but not here:

Thanks! L2TP/IPSEC is working perfectly, LAN 2 PCs 100% OK network wise, also concerning DNS

Just a moment ago, it is not resolving host names and I am not able to ping anything on the wan interface like the 7590 Fritzbox DNS server 192.168.178.1. The lan1 and 2 IP's are pingable (192.168.2.1 and 1.1). Looks to me like traffic is being blocked. I also tried pings using the CLI, same result. To get L2TP-IPSEC to…

Seems to be a similar problem as this one: https://community.zyxel.com/en/discussion/2519/no-default-dns-for-wan1-on-usg40

Thanks. Set up the DNS as in https://support.zyxel.eu/hc/en-us/articles/360001390854-How-to-setup-DNS-on-a-USG, no changes. Does anuone have the FQDN for the update servers and the content filter category server?