Planet Networking & Communication MH-5001 User Manual page 129

MH-5001 User Manual
Step 10. Customize a Firewall rule from
Spoke 2 to Spoke 1
Enter the as
Rule Name
AllowVPN
as Spoke_2
(192.168.88.0), and Dest. IP
as Spoke_1 (192.168.40.0)
store this rule.
Step 11. Add a VPN Hub
Select Add to add a VPN Hub. Enter a name in the
Hub Name field. To add tunnels to the VPN Hub,
select a VPN tunnel from the Available
Tunnels list and select the right arrow. To
remove tunnels from the Members list, select the
tunnels and select the left arrow. Select Apply to
add the VPN Hub.
Note the Available Tunnel is the IPSec tunnel
which you have finished setting before. Please
refer the Table 15-1 IPSec tunnel information.
Configuring the VPN Spoke for the Branch_1
Step 12. Add a Firewall rule
Suppose Brach_1 Office has already added a
VPN tunnel to communicate with the Main Office.
Now, the Branch_1 has to add a firewall rule to
allow IPSec packets to come from Main Office
and Branch_2. Before adding the firewall rules,
please make sure to add the addresses first.
Please make sure that the Firewall is enabled.
Select WAN1-to-LAN1 to display the rules of this
direction. The default action of this direction is
Block with Logs. We have to allow the VPN
traffic from the WAN1 side to enter our LAN1
side. So we click the Insert button to add a
Firewall rule before the default rule.
ADVANCED SETTINGS > Firewall > Edit Rules > Insert
Source IP
B,
. Click to
Apply
ADVANCED SETTINGS > VPN Settings > VPN Hub > Add
ADVANCED SETTINGS > Firewall > Edit Rules
Virtual Private Network – Hub and Spoke VPN
126
Chapter 15