Assuming there is only 'management' interfaces/IPs in this network, that is the 'proper' way to do it. You said: Will all traffic be blocked if all traffic to VLAN 10 (Network equipment) is blocked? If you do not need to accept INCOMING connections(a connection coming from WAN to ZONE_xxx) then you do not need a rule allowing traffic from WAN. If only traffic to WAN was allowed, replies from WAN would be dropped?
You said: I'm assuming that both traffic from and to WAN must be allowed for internet access. I would suggest setting them to 'Internal' so you don t have to mess around with setting routes for everything, you can use firewall/Security Policy to control access to other zones/networks, MUCH easier. If they are set to general, that means the built-in 'internal' routes are disabled and you will need to manually setup routes for these VLANs to all other networks including the internet. Also you said you have all VLANs set to 'General'. You said you have DHCP disabled on the VLANs, I assume you are manually assigning IPs?ģ. EDIT: actually it looks like ALL of your physical eth_xxx interfaces are in the same subnet, you need to change this I noticed your eth_wan1 interface(10.1.10.2) is in the same subnet as your eth_lan1 interface(10.1.10.3)- why? This is going to screw up routing. Click Close to end the wizard setup and apply all changes.In the doc linked above, you stated: Still none of my devices connected to the switch (or directly to the USG40) gets a connectionġ. The final screen will show a summary of the L2TP setup portion of the tunnel. The screen will show a summary of the IPSec setup portion of the L2TP tunnel. By default, with L2TP all traffic will be sent by the client through the tunnel, if you do not have DNS servers configured for the L2TP clients they will not be able to resolve domain names to get online. You may also want to assign some DNS server settings if you will be allowing internet traffic to go through the L2TP tunnel. The IP range must be different than the IP schemes being used by the LAN1, LAN2, DMZ, etc., to avoid routing issues. Create a Pre-Shared key and click on the Next button to continue the wizard setup.Ĭreate a range of IP addresses to be assigned to L2TP clients. You will be presented with three VPN setup options, select "VPN Settings for L2TP…" and click the Next button.įor the Phase 1 Setting select the WAN (internet) connection you wish to use to establish the tunnel with. Select the VPN Setup option to run the VPN wizard. Click on this "Quick Setup" option to launch the wizard. In the configuration menu there is an option for "Quick Setup". Login to the ZyWALL web configuration setup and go to the Configuration menu. This guide will assist you through the ZyWALL L2TP wizard setup.
0 kommentar(er)
