Problem connection to my LAN network while a VPN tunnel is up

Redwizard87
Redwizard87 Posts: 3  Freshman Member
First Comment
edited April 2021 in Security
Hi to everyone,
I decided to by a USG 20 unit to let myself connect to my home lan network. At moment the configuration of my internet access is the cascade of a modem from ISP provider + zyxel + a router netgear.
In particular the address config is the follow:



Sercomm is just used to remain active the voip line cos my provider do not permit different modem .
Public IP is made static by a ddns service.
For the VPN Service I've selected a VPN-SLL cos i found it easier.
As Client I use Zyxel Securextender.

Following steps has been performed:
1- Forwarding the 443 port on Sercomm
2- Creation of a new VPN user in the section Object of the zyxel

3 - In the VPN -->VPN SSL section I have set connection enabling the user created and allowing him to acces at zyxel lan (192.168.1.1)



The result is that I can access to my zyxel from remote place in fact the client establish a connection with thw follow parameters


I find that, correctly , the assigned address is of the kind 192.168.1.X and browsing to 192.168.1.1 i can open the zyxel homepage....... but when I try to reach one of the elements of the netgear subnet, i.e. I try to reach my NAS at the address 192.168.0.4, I can't access. Any ping I tried to the element of my home network is failed. Someone can help me?

Comments

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment

    Hello PasqualeT,
    There are not link for picture 2,3,4, and please create the permission for all pictures.
    As your description,
    I want to confirm your topology first, is like ISP-----USG-----netgear----NAS?
    If yes, you should add NAT rule and allow Wan->Lan on netgear router and try it again
    Charlie

  • Redwizard87
    Redwizard87 Posts: 3  Freshman Member
    First Comment
    edited November 2017
    Hello Charlie, Thanks for your reply. I tried to enable nat filter on netgear but the system still doesn't work.
    - Nat rule shall be given in zyxel or netgear?
    - Routing wan to lan is like a forwarding or something else?
    Sorry but i'm home user not expertier so maybe my questions could result elementary :)
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hello PasqualeT,
    As the topology you shared,
    if possible, please change the Netgear's Lan subnet to others to avoid overlapping.
    Moreover, the NAT rule should add on Netgear router.
    It is just an example of setting NAT as your reference. Note: The NAT settings need to add on Netgear router

    Configure Wan->Lan: Allow


    For analysis purpose, please let PC connect with USG's Lan port directly during NAT testing.
    Charlie

Security Highlight