Chapter 25 IPSec VPN

Branch office A’s ZyWALL uses one VPN rule to access both the headquarters (HQ) network and branch office B’s network.

Branch office B’s ZyWALL uses one VPN rule to access branch office A’s network only. Branch office B is not permitted to access the headquarters network.

Figure 334 IPSec VPN Concentrator Example

This IPSec VPN concentrator example uses the following settings.

Branch Office A (ZyNOS-based ZyWALL):

VPN Gateway (VPN Tunnel 1):

My Address: 10.0.0.2

Peer Gateway Address: 10.0.0.1

VPN Connection (VPN Tunnel 1):

Local Policy:192.168.11.0/255.255.255.0

Remote Policy: 192.168.1.0/255.255.255.0

Disable Policy Enforcement

Policy Route

Source: 192.168.11.0

Destination: 192.168.12.0

Next Hop: VPN Tunnel 1

Headquarters (ZyWALL USG):

VPN Gateway (VPN Tunnel 1):

My Address: 10.0.0.1

Peer Gateway Address: 10.0.0.2

466

 

ZyWALL USG 2000 User’s Guide