ZyXEL Communications 2WG User Manual

ZyWALL 2WG Support Notes

All contents copyright (c) 2006 ZyXEL Communications Corporation.

101

As the figure shown below, each branch office have a VPN tunnel to headquarter, thus PCs in branch offices

can access systems in headquarter via the tunnel. Through VPN routing, ZyWALL series now provide you a

solution to let PCs in branch offices talk to each other through the existing VPN tunnels concentrated on the

headquarter.

The IP addresses we use in this example are as shown below.

Branch_A

Headquarter

Branch_B

WAN:202.3.1.1

LAN:192.168.3.1

WAN:202.1.1.1

LAN:192.168.1.1

WAN:202.2.1.1

LAN:192.168.2.1

LAN of Branch_A

LAN of Headquarter

LAN of Branch_B

192.168.3.0/24

192.168.1.0/24

192.168.2.0/24

1. Setup VPN in branch office A

Because VPN routing enables branch offices to talk to each other via tunnels concentrated on headquarter. In

this step, we configure an IPSec rule in ZyWALL (Branch_A) for PCs behind branch office A to access both

LAN segments of headquarter and branch office B. Because the LAN segments of headquarter and branch

office B are continuous, we merge them into one single rule by including these two segments in Remote section.

If by any chance, the two segments are not continuous, we strongly recommend you to setup different rules for

these segments.

1.

Go to SECURITY->VPN->Press Add button