The Vpn Concentrator Screen; Figure 224 Vpn Topologies (Fully Meshed And Hub And Spoke) - ZyXEL Communications ZyWALL USG 300 User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 300:
- User manual (1156 pages) ,
- Quick start manual (128 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
Chapter 21 IPSec VPN
Table 119 VPN > IPSec VPN > VPN Gateway > Edit (continued)
LABEL
Client Mode
User Name
Password
OK
Cancel
21.4 The VPN Concentrator Screen
A VPN concentrator combines several IPSec VPN connections into one secure network.
Figure 224 VPN Topologies (Fully Meshed and Hub and Spoke)
In a fully-meshed VPN topology (1 in the figure), there is a VPN connection between every
pair of routers. In a hub-and-spoke VPN topology (2 in the figure), there is a VPN connection
between each spoke router (B, C, D, and E) and the hub router (A), which uses the VPN
concentrator. The VPN concentrator routes VPN traffic between the spoke routers and itself.
A VPN concentrator reduces the number of VPN connections that you have to set up and
maintain in the network. You might also be able to consolidate the policy routes in each spoke
router, depending on the IP addresses and subnets of each spoke.
However a VPN concentrator is not for every situation. The hub router is a single failure point,
so a VPN concentrator is not as appropriate if the connection between spoke routers cannot be
down occasionally (maintenance, for example). There is also more burden on the hub router. It
receives VPN traffic from one spoke, decrypts it, inspects it to find out to which spoke to route
it, encrypts it, and sends it to the appropriate spoke. Therefore, a VPN concentrator is more
suitable when there is a minimum amount of traffic between spoke routers.
352
DESCRIPTION
Select this radio button if the ZyWALL provides a username and password to the
remote IPSec router for authentication. You also have to provide the User Name
and the Password.
This field is required if the ZyWALL is in Client Mode for extended authentication.
Type the user name the ZyWALL sends to the remote IPSec router. The user
name can be 1-31 ASCII characters. It is case-sensitive, but spaces are not
allowed.
This field is required if the ZyWALL is in Client Mode for extended authentication.
Type the password the ZyWALL sends to the remote IPSec router. The password
can be 1-31 ASCII characters. It is case-sensitive, but spaces are not allowed.
Click OK to save your settings and exit this screen.
Click Cancel to exit this screen without saving.
1
2
ZyWALL USG 300 User's Guide
Advertisement
Table of Contents
Troubleshooting
