Theme

Welcome · log in · join	food

	All Forums		Hot Topics		Gallery

Forums → Equipment Support → Hardware By Brand →

ZyXEL → Re: L2TP VPN on USG - quick how-to

uniqs
76

« zywall usg 50 problems • IPMAC Bindings »

This is a sub-selection from L2TP VPN on USG - quick how-to

Anav Sarcastic Llama? Naw, Just Acerbic Premium Member join:2001-07-16 Dartmouth, NS 1 edit	Anav to Brano Premium Member 2012-Mar-9 8:07 am to Brano Re: L2TP VPN on USG - quick how-to Brano, could you expand on two things. a. the route rule, what does it do... b. expand on our use of tunnel in the firewall rule. I only noticed a tunnel in my interface when updating to 3.0. I assumed this was only for ipv6?
	actions · 2012-Mar-9 8:07 am ·
Brano I hate Vogons MVM join:2002-06-25 Burlington, ON (Software) OPNsense Ubiquiti UniFi UAP-AC-PRO Ubiquiti NanoBeam M5 16	Brano MVM 2012-Mar-9 9:50 am said by Anav: a. the route rule, what does it do... Ensuring your return traffic from local LAN is routed back to your L2TP VPN and not elsewhere (i.e. by default to internet) said by Anav: b. expand on our use of tunnel in the firewall rule. I only noticed a tunnel in my interface when updating to 3.0. I assumed this was only for ipv6? TUNNEL is just a zone name. You can use any zone name that fits your needs or create new one i.e. L2TP_ZONE. I choose TUNNEL because it was there and empty. You can use your IPSEC_VPN zone instead too. Alternatively you can choose ANY as source in this FW rule. But I like to keep things restricted wherever possible. said by polarisdb: I was also wondering why creating an address object for the WAN interface is required? The ZyXEL documentation did the same thing with a static IP and I wasn't sure why... If you have static WAN IP then you're fine with static IP. However I have dynamic WAN IP and creating object of Interface type will ensure the object's value (IP) will change as my WAN IP changes.
	actions · 2012-Mar-9 9:50 am ·
polarisdb join:2004-07-12 USA	polarisdb Member 2012-Mar-9 10:28 am said by Brano: said by polarisdb: I was also wondering why creating an address object for the WAN interface is required? The ZyXEL documentation did the same thing with a static IP and I wasn't sure why... If you have static WAN IP then you're fine with static IP. However I have dynamic WAN IP and creating object of Interface type will ensure the object's value (IP) will change as my WAN IP changes. Bear with me, but I am still confused. I have a dynamic IP, but what I don't understand is why creating an address object pointing to the interface instead of using the interface itself (WAN1_IP in my case) is done?
	actions · 2012-Mar-9 10:28 am ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium Member join:2001-07-16 Dartmouth, NS	Anav Premium Member 2012-Mar-9 10:40 am said by polarisdb: said by Brano: said by polarisdb: I was also wondering why creating an address object for the WAN interface is required? The ZyXEL documentation did the same thing with a static IP and I wasn't sure why... If you have static WAN IP then you're fine with static IP. However I have dynamic WAN IP and creating object of Interface type will ensure the object's value (IP) will change as my WAN IP changes. Bear with me, but I am still confused. I have a dynamic IP, but what I don't understand is why creating an address object pointing to the interface instead of using the interface itself (WAN1_IP in my case) is done? I have a theory. Its a very good theory. Well tis a theory by Anne Elk (thats two nn's and an e), if your visually impaired and hearing this text!! Brano's real namee is Bran Ojectoriented. And there you have it. A theory by Anne Elk
	actions · 2012-Mar-9 10:40 am ·

Forums → Equipment Support → Hardware By Brand → ZyXEL	« zywall usg 50 problems • IPMAC Bindings »
This is a sub-selection from L2TP VPN on USG - quick how-to