We have an USG60 from Zyxel which is serving 2 networks.
* Company LAN
* Company and Visitor WLAN
A VPN using L2TP from external connections to the company LAN is already configured and working when connecting from outside the company.
Now we want to be able to connect to the company LAN via the company and visitor WLAN. Trying it trivially (connecting using the same settings) does not work, and the connection simply times out and no trace of the connection appears in the FW log.
I have found and read these 3 previous posts:
http://serverfault.com/questions/682845/sonicwall-connecting-to-l2tp-vpn-from-dmz - Mentions that this problem might be because requests need to be adressed to the LAN port where the WLANS are connected to the FW.
http://www.dslreports.com/forum/r30248402-ZyXel-USG40-Multiple-IP-Ranges-for-L2TP-VPN - Anav mentions that "I don't think you can have two L2TP VPN setups."
http://www.dslreports.com/forum/r29877519-USG-100-multiple-VPN-with-multiple-WAN-ip-addresses - Shows a similar setup potentially working.
I have tried replicating the 1st link by creating a 2nd VPN, and this is where I run into troubles. On the USG60 I can only set 1 VPN for L2TP. This leads me to believe Anav is right in the 2nd link. The packets do arrive (and show up in the FW log) but I get a "Tunnel [VPN Name] Local IP mismatch" error.
I also tried creating static routes from the port where the WLANs are connected to the WAN port for TCP 50-51 and UDP 500, but the error stays the same.
The question now is: How can I accomplish this?
↧