Using SoftEther VPN Server with USG/UTM firewall Zyxel

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
robymos
Posts: 3
Joined: Wed Jun 05, 2019 2:48 pm

Using SoftEther VPN Server with USG/UTM firewall Zyxel

Post by robymos » Mon Mar 11, 2024 4:55 pm

Hello everyone!

I'd like to establish a VPN tunnel between 2 remote branches (BO and MO) both connected to a third site (HQ) on cloud with Ethersoft VPN Server installed on a Windows computer. The goal it's to communicate from BO and MO bidirectionally, nothing to communicate with on HQ.
I cannot establish a direct VPN Site2Site BO-MO (it will be obviuosly the simpliest solution) because MO and BO are connected with router 4G and SIM mobiles that don't allow to open incoming ports on the router (specifically UDP 500 and 4500), so my idea is to establish outgoing connections from branches BO and MO toward the cloud (HQ).

On MO and BO there are USG FLEX 100 Zyxel firewalls.

At the moment I only configured the BO VPN Gateway and VPN Connection on firewall toward HQ and I see the VPN tunnel it's connected, but no traffic incoming, only outgoing from BO... I guess I have to setup static routes or similar, but I don't understand where...

BO
LAN: 192.168.15.0/24
GW: 192.168.15.3

MO:
LAN: 10.0.0.0/24
GW: 10.0.0.2

HQ (Cloud)
LAN: 192.168.1.29/24
GW: 192.168.1.1

Thank you in advance for your attention

P.S.: If anyone has better ideas to reach the goal, I accept any suggestions!

Greetings

Roberto
Last edited by robymos on Tue Mar 12, 2024 11:43 am, edited 1 time in total.

solo
Posts: 1333
Joined: Sun Feb 14, 2021 10:31 am

Re: Using SoftEther VPN Server with USG/UTM firewall Zyxell

Post by solo » Mon Mar 11, 2024 11:57 pm

robymos wrote:
Mon Mar 11, 2024 4:55 pm
I'd like to establish a VPN tunnel between 2 remote branches (BO and MO) both connected to a third site (HQ) on cloud
If there are a few branch users then simply run the HQ in default setup and assign static IPs on a new subnet on the clients' VPN adapters, eg. 192.168.22.1+.

If you have many users and intend to communicate on the existing subnets, refer to L3 topics like https://www.vpnusers.com/viewtopic.php? ... 688#p96682

robymos
Posts: 3
Joined: Wed Jun 05, 2019 2:48 pm

Re: Using SoftEther VPN Server with USG/UTM firewall Zyxel

Post by robymos » Wed Apr 03, 2024 7:37 am

In the end I gave up on the idea of using SoftEther as I was unable in any way to communicate with the Zyxels.
I tried to follow the L3 topic you send me (also others I found), but in no way I was able to get them to talk each other (certainly my fault!)
Which I managed instead using OpenVPN on a Linux server in the cloud (HQ).
Thanks anyway to everyone for giving me ideas on which to test with SoftEther.
Greetings

Post Reply