How to access remote VPN network without login in User-Based mode

We can enable the Use-based mode to force LAN clients to log in once they access Internet. However, sometimes we would like to allow LAN clients to access the remote VPN network without login within Use-Based mode. Therefore, this article will guide us how to use Firewall rule to achieve that.

Example

User-Based Mode Setup

1. Go to User Management >> General Setup ,

1. Select User-Based
2. Click OK

2. To make the LAN clients log in with the specific username and password, go to User Management >> User Profile and click any available index number to create a new profile.

3. In profile settings,

1. Enable this account
2. Set up the username and password
3. Enable Web, Alert Tool, Telnet for Allow Authentication via
4. Click OK

Firewall Rule Setup

1. Go to Firewall >> Filter Setup, click set 2. Default Date Filter.

2. Click any available Rule.

3. In Rule settings,

1. Enable this rule
2. Enter your comments
3. Select LAN/DMZ/RT/VPN→ LAN/DMZ/RT/VPN in Direction
4. Click Advanced
5. Select the LAN to apply this rule
6. Select VPN
7. Click OK

4. Then ensure the Filter is on Pass immediately, and click OK for this Rule settings.

What is the difference with/without Firewall rules?

In User-Base mode, if the packet doesn't match any active Firewall Rules, then the LAN clients will need the User Authentication to access Internet.

With the VPN pass Rule

We can access the VPN server without login. It means that the packets match the rule which we allow the LAN clients to access any VPN tunnels without the User Authentication.

Without the VPN pass Rule

Before accessing the VPN server, we need to log in Vigor2926 first. It means that the packets don’t match any rules, so the LAN clients need the User Authentication to access Internet.