ZyXEL Communications ZYWALL USG 2000 Support Notes page 28

10) We will setup the FortiGate to ZyWALL policy in the new page. The source interface is
internal and Address name is Fortinet (192.168.2.0/255.255.255.0 address object). The
destination interface is wan1 and Address name is Zynet (192.168.1.0/255.255.255.0
address object). Schedule and service type are "always" and "ANY" to ensure that all
kinds of traffic can pass through the VPN tunnel at any time. There are three kinds of
"Action" available for user to configure, because the traffic is send from "internal" to
WAN and will be encrypted by IPSec VPN tunnel. Thus, we select "IPSEC" as action and
chose allow inbound and outbound traffic in the ZyWALL tunnel.
11) Switch to Firewall > Policy and click "Create New" button to add new policy for the VPN
traffic from ZyWALL to FortiGate.
12) We setup the ZyWALL to FortiGate policy in the new page. The source interface is wan1
and Address name is Zynet (192.168.1.0/255.255.255.0 address object). The destination
interface is internal and the Address name is Fortinet (192.168.2.0/255.255.255.0 address
object). Schedule and service type are always and ANY to ensure that all kinds of traffic
All contents copyright (c) 2008 ZyXEL Communications Corporation.
ZyWALL USG 2000 Support Notes
10
11
28