ZyWall USG 100 disable Split tunnel option

Author	All Replies
Aleksandar join:2010-12-08 Beach Haven, NJ	ZyWall USG 100 disable Split tunnel option Hi there I would like to configure IPsec tunnel so that everything is routed through the tunnel. I checked disable split tunnel option (in greenbow client) . USG is 2.2 AQQ6, and I created two policy route user-any, incoming-IPSec tunnel, destination-any, next hop-TRUNK user-any, incoming-any, destination-LAN, next hop-IPsec tunnel And it is not working ! Can someone help me to configure it ? Thanks
	to forum · permalink · 2012-09-21 08:34:46 ·
superataru join:2004-12-07 Kearny, NJ	Hi. Do you want that VPN-clients reach internet through the VPN?
	to forum · permalink · 2012-09-21 11:29:34 ·
Aleksandar join:2010-12-08 Beach Haven, NJ	Hi yes I would like to do that. Clients should access internet through our company. I checked in greenbow IPsec client (Disable split tunnel) but still nothing.
	to forum · permalink · 2012-09-26 04:07:26 ·
superataru join:2004-12-07 Kearny, NJ	Listen, try setting remote as 0.0.0.0/32 Declare DNS servers in remote networks. Does it work?
	to forum · permalink · 2012-10-01 14:48:55 ·
Aleksandar join:2010-12-08 Beach Haven, NJ	Hi, yes I did that, all traffic now goes through the tunnel, but I have not some sort of a problem. If I have a local LAN, and I am connected with IPsec tunnel to remote location from that LAN, all the traffic is routed through the tunnel, and I cannot access local resources any more . Is that normal or not ? Thanks
	to forum · permalink · 2012-10-03 07:13:46 ·
Brano I hate Vogons Premium,MVM join:2002-06-25 Burlington, ON kudos:6 Reviews: ·Bell Fibe	reply to Aleksandar said by Aleksandar: user-any, incoming-IPSec tunnel, destination-any, next hop-TRUNK user-any, incoming-any, destination-LAN, next hop-IPsec tunnel Keep in mind one rule for all firewall, routing and other tables: All tables (rules) are evaluated from top to bottom and when there's a match it is executed/applied and no other rules are processed. So the order (position) matters. So make sure you check all your policy and firewall rules to ensure they're in right order. Suggest you post screenshot of your firewall and policy route tables.
	to forum · permalink · 2012-10-03 09:50:55 ·
superataru join:2004-12-07 Kearny, NJ 1 edit	reply to Aleksandar Well, if you want that all shoud be reached from remote, it is. removed by me Which is your topology?
	to forum · permalink · 2012-10-03 09:52:42 ·

Aleksandar join:2010-12-08 Beach Haven, NJ	topology location 1 int---USG 100---LAN \| DMZ topology location 2 LAN1-----USG 20----int -----ipsec-----int---USG50---LAN2 I managed for location 1 to configure, I am testing it now, but which routing policy I need to create for location 2 ? on USG 20 - from lan1 to tunnel if destination is LAN2 on USG 50 - from lan2 to tunnel if destination is LAN1 anything else ? I attached print screen of USG 100 settings
	to forum · permalink · 2012-10-08 09:16:16 ·
Aleksandar join:2010-12-08 Beach Haven, NJ	reply to Aleksandar Hi there, I still have a problem with no split tunnel option , now entire traffic is rerouted to tunnel, but then I lost my connection with LAN resources.... Please help
	to forum · permalink · 2012-10-24 03:10:01 ·

Equipment Support > Hardware By Brand > ZyXEL > ZyWall USG 100 disable Split tunnel option