USG 110 SSL client multi VPN
Best Answers
-
The IP address space of your SSL VPN clients is 192.168.100.100-120
So if your are using policy-based IPSec site-to-site tunnel.
The VPN connection setting of local poly in HQ and remote policy need to include the IP address space of SSL VPN clients.
5 -
Hi @Ondrej
Welcome to Zyxel community.
You topology:
SSL Client(192.168.100.100)--------HQ(HQ subnet)========[VPN]======Branch(Branch Subnet)
As your scenario, SSL VPN client is able access to HQ subnet but unable access to branch subnet.
You can go to make sure if you have added routing for SSL VPN client on both of devices.
(1) On HQ device. The “branch subnet” have to add into network list of SSL VPN.
(2) Add policy route on HQ device.
Destination: Branch subnet, NextHop: VPN tunnel.
(3) Add policy route on Branch device.
a. Incoming: ZyWALL, Destination IP: SSL VPN Pool. NextHop: VPN (It is for access to Branch ZyWALL)
b. Incoming: any, Destination IP: SSL VPN Pool, NextHop: VPN (It is for access to branch subnet)
5
All Replies
-
The IP address space of your SSL VPN clients is 192.168.100.100-120
So if your are using policy-based IPSec site-to-site tunnel.
The VPN connection setting of local poly in HQ and remote policy need to include the IP address space of SSL VPN clients.
5 -
Hi @Ondrej
Welcome to Zyxel community.
You topology:
SSL Client(192.168.100.100)--------HQ(HQ subnet)========[VPN]======Branch(Branch Subnet)
As your scenario, SSL VPN client is able access to HQ subnet but unable access to branch subnet.
You can go to make sure if you have added routing for SSL VPN client on both of devices.
(1) On HQ device. The “branch subnet” have to add into network list of SSL VPN.
(2) Add policy route on HQ device.
Destination: Branch subnet, NextHop: VPN tunnel.
(3) Add policy route on Branch device.
a. Incoming: ZyWALL, Destination IP: SSL VPN Pool. NextHop: VPN (It is for access to Branch ZyWALL)
b. Incoming: any, Destination IP: SSL VPN Pool, NextHop: VPN (It is for access to branch subnet)
5 -
0
Categories
- All Categories
- 390 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 220 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight