dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
25
JoeSchmoe007
Premium Member
join:2003-01-19
Brooklyn, NY

JoeSchmoe007

Premium Member

Re: Looking into ZyWALL USG100

OK, I just talked to Zyxel support on the phone.

From what I understood connecting to to CISCO 4050 via IPSec is possible.

[Correct me if I am wrong] Connecting to another site via L2TP is not possible because L2TP as a protocol is not meant for router-to-router connection - it is only meant for individual computers to connect TO the router. If I want to connect to this device:

»www.amazon.com/8-port-Fa ··· n+router

it needs to support IPSec for connection INTO it.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano

MVM

L2TP is utilizing IPSec for transport.

For site to site it's IPSec only.
For client to site it's L2TP over IPSec. I haven't really ever seen site to site requirement for L2TP (and USG doesn't support L2TP site to site).

Figure out your requirements, I'm pretty sure you'll be OK.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav to JoeSchmoe007

Premium Member

to JoeSchmoe007
Zyxel Support is correct. To reach another router using the USG one must use standard IPSEC VPN. To reach an external vpn router from a computer sitting behind the USG, one must use a client be it IPSEC VPN client, Windows L2TP native client, or an SSL VPN client.

This is the same for any VPN router. Only IPSEC is designed for VPN endpoint router to VPN endpoint router direct connectivity. Here the router decides via the router setup where to terminate the tunnels at either end. SSL VPN and L2TP in my limited knowledge is strictly for client (running on a computer) to vpn endpoint router connectivity.