18 telecommuter vpn/ipsec examples, 1 telecommuters sharing one vpn rule example – ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0 User Manual

ZyWALL 5/35/70 Series User’s Guide

333

Chapter 19 VPN Screens

19.18 Telecommuter VPN/IPSec Examples

The following examples show how multiple telecommuters can make VPN connections to a
single ZyWALL at headquarters. The telecommuters use IPSec routers with dynamic WAN IP
addresses. The ZyWALL at headquarters has a static public IP address.

19.18.1 Telecommuters Sharing One VPN Rule Example

See the following figure and table for an example configuration that allows multiple
telecommuters (A, B and C in the figure) to use one VPN rule to simultaneously access a
ZyWALL at headquarters (HQ in the figure). The telecommuters do not have domain names
mapped to the WAN IP addresses of their IPSec routers. The telecommuters must all use the
same IPSec parameters but the local IP addresses (or ranges of addresses) should not overlap.

Gateway Domain Name

Update Timer

This field is applicable when you enter a domain name to identify the

ZyWALL and/or the remote secure gateway.
Enter the time period (between 2 and 60 minutes) to wait before the ZyWALL

updates the domain name and IP address mapping through a DNS server.

The ZyWALL rebuilds the VPN tunnel if it finds that the domain name is now

using a different IP address (any users of the VPN tunnel will be temporarily

disconnected).
Enter 0 to disable this feature.

Apply

Click Apply to save your changes back to the ZyWALL.

Reset

Click Reset to begin configuring this screen afresh.

Table 107 VPN: Global Setting (continued)

LABEL

DESCRIPTION