|
| Chapter 20 IPSec VPN | |
| Table 119 VPN > IPSec VPN > VPN Gateway > Edit (continued) | ||
| LABEL | DESCRIPTION |
|
| User Name | This field is required if the ZyWALL is in Client Mode for extended authentication. |
|
|
| Type the user name the ZyWALL sends to the remote IPSec router. The user |
|
|
| name can be |
|
|
| allowed. |
|
|
|
|
|
| Password | This field is required if the ZyWALL is in Client Mode for extended authentication. |
|
|
| Type the password the ZyWALL sends to the remote IPSec router. The password |
|
|
| can be |
|
|
|
|
|
| OK | Click OK to save your settings and exit this screen. |
|
|
|
|
|
| Cancel | Click Cancel to exit this screen without saving. |
|
|
|
|
|
20.4 The VPN Concentrator Screen
A VPN concentrator combines several IPSec VPN connections into one secure network.
Figure 256 VPN Topologies (Fully Meshed and Hub and Spoke)
12
In a
A VPN concentrator reduces the number of VPN connections that you have to set up and maintain in the network. You might also be able to consolidate the policy routes in each spoke router, depending on the IP addresses and subnets of each spoke.
However a VPN concentrator is not for every situation. The hub router is a single failure point, so a VPN concentrator is not as appropriate if the connection between spoke routers cannot be down occasionally (maintenance, for example). There is also more burden on the hub router. It receives VPN traffic from one spoke, decrypts it, inspects it to find out to which spoke to route it, encrypts it, and sends it to the appropriate spoke. Therefore, a VPN concentrator is more suitable when there is a minimum amount of traffic between spoke routers.
The VPN Concentrator summary screen displays the VPN concentrators in the ZyWALL. To access this screen, click VPN > IPSec VPN > Concentrator. The following screen appears.
| 369 |
ZyWALL USG 100/200 Series User’s Guide | |
|
|