Figure 187 Overlap In A Dynamic Vpn Rule; Figure 188 Overlap In Ip Alias And Vpn Remote Networks - ZyXEL Communications ZyWALL 2 Plus User Manual
Interned security appliance
Hide thumbs
Also See for ZyWALL 2 Plus:
- User manual (678 pages) ,
- Quick start manual (137 pages) ,
- Firmware release notes (43 pages)
Table of Contents
Advertisement
Figure 187 Overlap in a Dynamic VPN Rule
192.168.1.0/24
• Setting Local and Remote IP Address Conflict Resolution to The Local Network
has the ZyWALL check if a packet's destination is also at the local network before
forwarding the packet. If it is, the ZyWALL sends the traffic to the local network.
• Setting Local and Remote IP Address Conflict Resolution to The Remote
Network disables the checking for local network IP addresses.
14.14.1.2 IP Alias
You could have an IP alias network that overlaps with the VPN remote network (see
188). For example, you have an IP alias network M (10.1.2.0/24) in ZyWALL X's LAN. For
the VPN rule, you configure the VPN network as follows.
• Local IP address start: 192.168.1.1, end: 192.168.1.254
• Remote IP address start: 10.1.2.240, end: 10.1.2.254
• IP addresses 10.1.2.240 to 10.1.2.254 overlap.
Figure 188 Overlap in IP Alias and VPN Remote Networks
In this case, if you want to send packets from network A to an overlapped IP (ex. 10.1.2.241)
that is in the IP alias network M, you have to set Local and Remote IP Address Conflict
Resolution to The Local Network.
ZyWALL 2 Plus User's Guide
Chapter 14 IPSec VPN
0.0.0.0
Figure
287
Advertisement
Chapters
Table of Contents
Troubleshooting
