Problem: We need to build a Site-to-Site VPN between to USGs / Zywalls, but one USG is behind a Fritzbox. The Fritzbox needs to be in routing mode, I can not change it to bridge mode.
What needs to be done to ensure VPN traffic goes to my USG?
Solution:
You can try to set up the USG is an exposed host on the Fritzbox.
This way the USG is not behind the NAT of the Fritzbox, but accessible straight away from the internet.
- Open the web interface of your FRITZ!Box by entering http://fritz.box/ in the search box of your web browser.
- Click the Internet in the FRITZ!Box user interface.
- Click Permit Access in the Internet menu.
- Click on the Port Forwarding tab.
- Click New Port Forwarding.
- Select the Exposed host from the drop-down list Port forwarding enabled for.
- Select the network device (e.g., a computer) that you would like to set up the exposed host for:
- If the network device's IP address is dynamically assigned by the FRITZ!Box's DHCP server, select the name of the network device from the drop-down list to computer.
- If the network device has a static IP address:
- Select Enter the IP address manually from the drop-down list to computer.
- Enter the IP address of the network device.
- If the network device's IP address is dynamically assigned by the FRITZ!Box's DHCP server, select the name of the network device from the drop-down list to computer.
| NOTE! Incoming connections to destination ports for which you configured separate port sharing rules in the FRITZ!Box is not forwarded to the exposed host. Instead, they are forwarded to the computer you specified in the separate port sharing rule. |
- Click OK to save the settings.
Also interesting:
Do you want to have a look directly on one of our test devices? Have a look here in our virtual Lab:
Virtual LAB - Site to Site VPN
KB-00171
Comments
0 comments
Please sign in to leave a comment.