Enter model number to find the articles related product applications, FAQ and user experience..
When establishing VPN tunnel, the WAN interface in "default WAN trunk" is required. (The behavior of Web GUI server and FTP server are the same.)
However, in some of routing requirements, the interface doesn't exist in default WAN trunk.
How to allow L2TP VPN when WAN interface doesn't exist in default WAN trunk?
You can add policy route to resolve this situation, becasue policy route priority is higher than default WAN trunk.
(1) Incoming: L2TP VPN, Source: L2TP IP address, Next-Hop: Auto, SNAT: Outgoing-interface.
(2) Incoming: ZyWALL, Source: WAN interface, Source Port: UDP1701, Next-Hop: L2TP VPN tunnel, SNAT: none.
(3) Incoming: ZyWALL, Source: WAN interface, Next-Hop: WAN interface, SNAT: none
Since UDP1701 port belongs to ESP packets, it must be routed into VPN tunnel.
Still have trouble with your device? Contact Zyxel technology support team directly!Contact Zyxel Support