ZyXEL P-661H-D1 User Guide - Page 239
Table 68, Telecommuters Using Unique VPN Rules Example
View all ZyXEL P-661H-D1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 239 highlights
Chapter 16 VPN at headquarters can overlap. The local IP addresses of the rules configured on the telecommuters' IPSec routers should not overlap. See the following table and figure for an example where three telecommuters each use a different VPN rule for a VPN connection with a ZyXEL Device located at headquarters. The ZyXEL Device at headquarters (HQ in the figure) identifies each incoming SA by its ID type and content and uses the appropriate VPN rule to establish the VPN connection. The ZyXEL Device at headquarters can also initiate VPN connections to the telecommuters since it can find the telecommuters by resolving their domain names. Figure 107 Telecommuters Using Unique VPN Rules Example LAN A 192.168.2.12 B LAN HQ LAN 192.168.3.2 C LAN 192.168.1.10 192.168.4.15 Table 68 Telecommuters Using Unique VPN Rules Example TELECOMMUTERS HEADQUARTERS All Telecommuter Rules: All Headquarters Rules: 0.0.0.0 My IP Address: bigcompanyhq.com Secure Gateway Address: bigcompanyhq.com Local IP Address: 192.168.1.10 Remote IP Address: 192.168.1.10 Local ID Type: E-mail Peer ID Type: E-mail Local ID Content: [email protected] Peer ID Content: [email protected] Telecommuter A (telecommutera.dydns.org) Local ID Type: IP Local ID Content: 192.168.2.12 Local IP Address: 192.168.2.12 Headquarters ZyXEL Device Rule 1: Peer ID Type: IP Peer ID Content: 192.168.2.12 Secure Gateway Address: telecommuter1.com Remote Address 192.168.2.12 P-661HNU-Fx User's Guide 239