ZyXEL Communications 2 Plus User Manual
Chapter 14 IPSec VPN
ZyWALL 2 Plus User’s Guide
293
14.17.1 Hub-and-spoke VPN Example
The following figure shows a basic hub-and-spoke VPN. Branch office A uses one VPN rule
to access both the headquarters (HQ) network and branch office B’s network. Branch office B
uses one VPN rule to access both the headquarters and branch office A’s networks.
to access both the headquarters (HQ) network and branch office B’s network. Branch office B
uses one VPN rule to access both the headquarters and branch office A’s networks.
Figure 194 Hub-and-spoke VPN Example
14.17.2 Hub-and-spoke Example VPN Rule Addresses
The VPN rules for this hub-and-spoke example would use the following address settings.
Branch Office A:
Branch Office A:
• Remote Gateway: 10.0.0.1
• Local IP address: 192.168.167.0/255.255.255.0
• Remote IP address: 192.168.168.0~192.168.169.255
• Local IP address: 192.168.167.0/255.255.255.0
• Remote IP address: 192.168.168.0~192.168.169.255
Headquarters:
Rule 1:
Rule 1:
• Remote Gateway: 10.0.0.2
• Local IP address: 192.168.168.0~192.168.169.255
• Remote IP address:192.168.167.0/255.255.255.0
• Local IP address: 192.168.168.0~192.168.169.255
• Remote IP address:192.168.167.0/255.255.255.0
Rule 2:
• Remote Gateway: 10.0.0.3
• Local IP address: 192.168.167.0~192.168.168.255
• Remote IP address: 192.168.169.0/255.255.255.0
• Local IP address: 192.168.167.0~192.168.168.255
• Remote IP address: 192.168.169.0/255.255.255.0
Branch Office B:
• Remote Gateway: 10.0.0.1
• Local IP address: 192.168.169.0/255.255.255.0
• Remote IP address: 192.168.167.0~192.168.168.255
• Local IP address: 192.168.169.0/255.255.255.0
• Remote IP address: 192.168.167.0~192.168.168.255