Knowledge Base

How to allow two IPSec VPN clients with mode config to communicate with each other?

Scenario

Two IPSec VPN clients are connected to ZyWALL with mode config but they cannot communication with each other.

How to allow two IPSec VPN clients with mode config to communicate with each other?

Step

LAN subnet: 192.168.77.0/24
Assigned subnet for ZyWALL IPSec VPN clients (Mode Config): 192.168.66.0/24
 
Original VPN connection setting created by the wizard.
 
Create one more VPN connection based on the original VPN gateway.
Local policy is the subnet of the VPN clients (mode config).
 
On the ZyWALL IPSec VPN client, add one more phase 2 setting. Assign remote LAN address with the same subnet of mode config manually.
Open two tunnels on each ZyWALL IPSec VPN client.

 

Verification

ZyWALL IPSec VPN clients can ping each other. 192.168.66.4 <-> 192.168.66.5
ZyWALL IPSec VPN client can ping LAN PC.  192.168.66.4 ping 192.168.77.135 successfully



YES NO

Please leave your comment:

SUBMIT

Question Profile

LANGUAGE:
ARTICLE ID:018062
TYPE:Application / Configuration Example
FIRMWARE:4.35 and later versions
VIEWS:81
VOTES:0
TECHNOLOGY:
MODEL:ZyWALL 110,ZyWALL 1100,ZyWALL 310 (view more model name)

Still have trouble with your device? Contact Zyxel technology support team directly!

Contact Zyxel Support