ZyWALL User's Guide

Chapter 14 IPSec VPN

ZyWALL 2 Plus User’s Guide

293

14.17.1 Hub-and-spoke VPN Example

The following figure shows a basic hub-and-spoke VPN. Branch office A uses one VPN rule

to access both the headquarters (HQ) network and branch office B’s network. Branch office B

uses one VPN rule to access both the headquarters and branch office A’s networks.

Figure 194 Hub-and-spoke VPN Example

14.17.2 Hub-and-spoke Example VPN Rule Addresses

The VPN rules for this hub-and-spoke example would use the following address settings.

Branch Office A:

• Remote Gateway: 10.0.0.1

• Local IP address: 192.168.167.0/255.255.255.0

• Remote IP address: 192.168.168.0~192.168.169.255

Headquarters:

Rule 1:

• Remote Gateway: 10.0.0.2

• Local IP address: 192.168.168.0~192.168.169.255

• Remote IP address:192.168.167.0/255.255.255.0

Rule 2:

• Remote Gateway: 10.0.0.3

• Local IP address: 192.168.167.0~192.168.168.255

• Remote IP address: 192.168.169.0/255.255.255.0

Branch Office B:

• Remote Gateway: 10.0.0.1

• Local IP address: 192.168.169.0/255.255.255.0

• Remote IP address: 192.168.167.0~192.168.168.255