Can a USG 110 run without local WAN access?

JBPCJohn
JBPCJohn Posts: 1
edited April 2021 in Security

We have 2 sites with USG110 and cable modems. We added a third site USG110 and put a fiber backbone between all 3 sites using the DMZ ports. We are using policy routes at the new site to send all traffic to one of the existing sites over IPSec VPN. We are using 2 policy routes, 1 for all and 1 for ZyXel to send all traffic next hop to the VPN tunnel. LAN internet access at the new site works fine. The new site 110 cant get time info from internet or get version upgrade information. Is there any way to get the internal functions of the USG110 to use something other than the WAN ports to get its internet access.

All Replies

  • Blabababa
    Blabababa Posts: 151  Master Member
    First Anniversary Friend Collector First Answer First Comment

    "The new site 110 cant get time info from internet or get version upgrade information" ==> Can this USG110 access to the internet?? If not, since you added a policy route to force all traffic from this USG110 going through VPN tunnel, you may need to add a policy route on the peer device to going out to the internet.

Security Highlight