dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1241
tweaker_ui
join:2006-04-03
Saint Louis, MO

tweaker_ui

Member

ZyXEL USG50 VPN Port Question

Anyone know if it's possible to change what port the ZyXEL uses for establishing a vpn connection? I've got something that is using port 500 to communicate with an internal cisco asa....but still need to use a site to site vpn between 2 usg 50's...problem is, when the site to site connection is made...it kills the connections to the internal asa's. so i was wondering if it was possible to my the ZyXEL do site to site over a different udp port other than 500.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

Can't be done. It's either or. If you want to use both at the same time get 2nd public IP.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Really, you cant change the port number or come in on a different port and then translate it to port 500 for a specific lanIP???

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

1 edit

Brano

MVM

In theory you could for most services. In reality not for IPSec. Also USG doesn't support that. You can either have IPSec terminated on USG or pass-through. Not both at a same time on one interface.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav to tweaker_ui

Premium Member

to tweaker_ui
Okay so if you had a second ISP it could be done.
Or how bout a second public IP from the same ISP????
Both of which are very typical when one is using CISCO or other higher end Routers (business case and business sense = requirements for multiple IPs and flexible routing).

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

1 edit

Brano

MVM

2nd ISP should work fine.
2nd IP from same ISP should work too. I'm thinking creating new virtual WAN interface (i.e. wan1:1) and assign it 2nd public IP and go from there.
tweaker_ui
join:2006-04-03
Saint Louis, MO

tweaker_ui

Member

thank all, i'll see bout getting a 2nd ip at both locations.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

1 edit

Brano

MVM

To ammend my statements. I see no reason why 2nd IP/interface should not work. I've never tried it myself though.