Tutorials; Dynamic Vpn Rule Configuration; Figure 40 Dynamic Vpn Rule Example; Table 23 Dynamic Vpn Rule Tutorial Settings - ZyXEL Communications ZYWALL 35 User Manual

C
H A P T E R
This chapter gives examples of how to configure some of your ZyWALL's key features. See
the related chapter on a feature for more details.

4.1 Dynamic VPN Rule Configuration

Dynamic VPN rules allow VPN connections from IPSec routers with dynamic WAN IP
addresses. This tutorial shows how to configure a basic VPN (Virtual Private Network) tunnel
to allow a traveling sales manager named Bob (Y in the figure) using a ZyWALL P1 (B) to
securely connect to computers and servers on the office network X behind a ZyWALL 70 (A).
• The ZyWALLs are peers.
• ZyWALL B has a dynamically-assigned WAN IP addresses (represented by 0.0.0.0), so
only ZyWALL B can initiate (trigger) the VPN tunnel.
• ZyWALL B automatically initiates a VPN tunnel to ZyWALL A whenever Y tries to
connect to an IP address from 10.0.0.2 to 10.0.0.64 and passes the identification
authentication.

Figure 40 Dynamic VPN Rule Example

X
10.0.0.2~10.0.0.64
This example uses the following settings.

Table 23 Dynamic VPN Rule Tutorial Settings

FIELD
Gateway Policy Property Name (identifies the VPN rule)
My ZyWALL (ZyWALL's WAN IP address)
Primary Remote Gateway Address (peer ZyWALL's WAN
IP address)
Network Policy Property Name (name of the policy that
identifies the networks behind the ZyWALLs)
ZyWALL 5/35/70 Series User's Guide
A
1.2.3.4
ZYWALL A
(COMPANY)
A-B_Gateways
1.2.3.4
0.0.0.0
X-Y_Networks
4

Tutorials

Y
B
0.0.0.0
192.168.167.2
ZYWALL B (BOB)
A-B_Gateways
0.0.0.0
1.2.3.4
X-Y_Networks
109