ZyXEL 35 用户指南

 

 

All contents copyright (c) 2006 ZyXEL Communications Corporation.   

126

As the figure shown below, each branch office have a VPN tunnel to headquarter, thus PCs in branch offices 

can access systems in headquarter via the tunnel. Through VPN routing, ZyWALL series now provide you a 

solution to let PCs in branch offices talk to each other through the existing VPN tunnels concentrated on the 

headquarter.  

 

The IP addresses we use in this example are as shown below. 

Branch_A

Headquarter

Branch_B

WAN:202.3.1.1 

LAN:192.168.3.1 

WAN:202.1.1.1 

LAN:192.168.1.1 

WAN:202.2.1.1 

LAN:192.168.2.1 

LAN of Branch_A

LAN of Headquarter

LAN of Branch_B

192.168.3.0/24 

192.168.1.0/24 

192.168.2.0/24 

1. Setup VPN in branch office A

 

Because VPN routing enables branch offices to talk to each other via tunnels concentrated on headquarter. In 

this step, we configure an IPSec rule in ZyWALL (Branch_A) for PCs behind branch office A to access both 

LAN segments of headquarter and branch office B. Because the LAN segments of headquarter and branch 

office B are continuous, we merge them into one single rule by including these two segments in Remote section. 

If by any chance, the two segments are not continuous, we strongly recommend you to setup different rules for 

these segments. 

1.

      

Go to SECURITY->VPN->Press Add button