ZyXEL Communications 5 Series User Manual
ZyWALL 5/35/70 Series User’s Guide
109
C
H A P T E R
5
Tutorials
This chapter gives examples of how to configure some of your ZyWALL’s key features. See
the related chapter on a feature for more details.
the related chapter on a feature for more details.
5.1 Dynamic VPN Rule Configuration
Dynamic VPN rules allow VPN connections from IPSec routers with dynamic WAN IP
addresses. This tutorial shows how to configure a basic VPN (Virtual Private Network) tunnel
to allow a traveling sales manager named Bob (Y in the figure) using a ZyWALL P1 (B) to
securely connect to computers and servers on the office network X behind a ZyWALL 70 (A).
addresses. This tutorial shows how to configure a basic VPN (Virtual Private Network) tunnel
to allow a traveling sales manager named Bob (Y in the figure) using a ZyWALL P1 (B) to
securely connect to computers and servers on the office network X behind a ZyWALL 70 (A).
• The ZyWALLs are peers.
• ZyWALL B has a dynamically-assigned WAN IP addresses (represented by 0.0.0.0), so
only ZyWALL B can initiate (trigger) the VPN tunnel.
• ZyWALL B automatically initiates a VPN tunnel to ZyWALL A whenever Y tries to
connect to an IP address from 10.0.0.2 to 10.0.0.64 and passes the identification
authentication.
authentication.
Figure 44 Dynamic VPN Rule Example
This example uses the following settings.
Table 24 Dynamic VPN Rule Tutorial Settings
FIELD
ZYWALL A
(COMPANY)
(COMPANY)
ZYWALL B (BOB)
Gateway Policy Property Name (identifies the VPN rule)
A-B_Gateways
A-B_Gateways
My ZyWALL (ZyWALL’s WAN IP address)
1.2.3.4
0.0.0.0
Primary Remote Gateway Address (peer ZyWALL’s WAN
IP address)
IP address)
0.0.0.0
1.2.3.4
Network Policy Property Name (name of the policy that
identifies the networks behind the ZyWALLs)
identifies the networks behind the ZyWALLs)
X-Y_Networks
X-Y_Networks
X
Y
10.0.0.2~10.0.0.64
192.168.167.2
A
B
1.2.3.4
0.0.0.0