ZyXEL ZYWALL USG 100 User Guide - Page 68
What Can Go Wrong
View all ZyXEL ZYWALL USG 100 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 68 highlights
Chapter 4 Create Secure Connections Across the Internet • Primary Remote Gateway: 10.0.0.1 Network Policy (Phase 2): Local Network: 192.168.167.0/255.255.255.0; Remote Network: 192.168.168.0~192.168.169.255 Headquarters (ZLD-based ZyWALL): VPN Gateway (VPN Tunnel 1): • My Address: 10.0.0.1 • Peer Gateway Address: 10.0.0.2 VPN Connection (VPN Tunnel 1): • Local Policy: 192.168.168.0~192.168.169.255 • Remote Policy: 192.168.167.0/255.255.255.0 • Disable Policy Enforcement VPN Gateway (VPN Tunnel 2): • My Address: 10.0.0.1 • Peer Gateway Address: 10.0.0.3 VPN Connection (VPN Tunnel 2): • Local Policy: 192.168.167.0~192.168.168.255 • Remote Policy: 192.168.169.0/255.255.255.0 • Disable Policy Enforcement Branch Office B (ZLD-based ZyWALL): VPN Gateway: • My Address: 10.0.0.3 • Peer Gateway Address: 10.0.0.1 VPN Connection: • Local Policy: 192.168.169.0/255.255.255.0 • Remote Policy: 192.168.167.0~192.168.168.255 • Disable Policy Enforcement 4.3.1 What Can Go Wrong Consider the following when implementing a hub-and-spoke VPN. • This example uses a wide range for the ZyNOS-based ZyWALL's remote network, to use a narrower range, see Section 4.3 on page 67 for an example of configuring a VPN concentrator. • The local IP addresses configured in the VPN rules should not overlap. 68 ZyWALL USG100-PLUS User's Guide