ZyXEL Communications 2WG 14.20.2 Hub-and-spokeExample VPN Rule Addresses, 14.20.3Hub-and-spokeVPN Requirements and Suggestions

Chapter 14 IPSec VPN

Figure 220 Hub-and-spoke VPN Example

14.20.2 Hub-and-spoke Example VPN Rule Addresses

The VPN rules for this hub-and-spoke example would use the following address settings. Branch Office A:

•Remote Gateway: 10.0.0.1

•Local IP address: 192.168.167.0/255.255.255.0

•Remote IP address: 192.168.168.0~192.168.169.255

Headquarters:

Rule 1:

•Remote Gateway: 10.0.0.2

•Local IP address: 192.168.168.0~192.168.169.255

•Remote IP address:192.168.167.0/255.255.255.0

Rule 2:

•Remote Gateway: 10.0.0.3

•Local IP address: 192.168.167.0~192.168.168.255

•Remote IP address: 192.168.169.0/255.255.255.0

Branch Office B:

•Remote Gateway: 10.0.0.1

•Local IP address: 192.168.169.0/255.255.255.0

•Remote IP address: 192.168.167.0~192.168.168.255

14.20.3Hub-and-spoke VPN Requirements and Suggestions

Consider the following when implementing a hub-and-spoke VPN.

The local IP addresses configured in the VPN rules cannot overlap