2

I have a central site with a Zyxel Zywall 310 and a remote site with a Zyxel USG 20w. I also have a working IPsec VPN between the two sites.

PCs on LAN1 of the remote site can access Server1 on LAN1 of the central site, but not Server2 on VLAN4 of the central site.

What rules would I need to add to allow PCs at the remote site (behind the USG 20w) to access Server2 on VLAN4 at the central site (behind the Zywall 310)?

Here's what the network looks like:

enter image description here

I suspect the solution may involve either Policy or Static Route rules (I currently have none set, though I've tinkered with them a bit, but was unable to get anything working).

Pierre.Vriens
  • 1,159
  • 34
  • 15
  • 19
Nelson Hoover
  • 45
  • 11
  • Post IP assigned to central router on lan1 and vpn4, server 2 ip config and firewall configuration on routers. Where you where you have routing between lan1 and vlan4? – Adam Silenko Dec 11 '16 at 18:04

1 Answers1

0

add route on remote router to VLAN4 network 192.168.40.0/24 by central router ip 192.168.10.x, allow traffic from 192.168.12.0/24 to 192.168.40.0/24 on central router

Adam Silenko
  • 173
  • 1
  • 7
  • Like I said, I've tried adding a route in the **remote** router, both as a Policy Route and a Static Route. Neither worked. The **central** site router has a security rule allowing traffic from _any_ to _VLAN4_ . All LANs and VLANs on the **central** router can access _VLAN4_ just fine. – Nelson Hoover Dec 11 '16 at 01:53
  • Can you post this firewall rules? You can also do alternative config adding 2nd VPN tunnel between remote lan1 and central vlan4 – Adam Silenko Dec 11 '16 at 02:33