Telecommuter Vpn/Ipsec Examples; Telecommuters Sharing One Vpn Rule Example; Figure 100 Telecommuters Sharing One Vpn Rule Example - ZyXEL Communications ZyWALL 2Plus User Manual

Table 61 VPN: Global Setting (continued)
LABEL
VPN rules skip applying
to the overlap range of
local and remote IP
addresses
Apply
Reset

11.10 Telecommuter VPN/IPSec Examples

The following examples show how multiple telecommuters can make VPN connections to a
single ZyWALL at headquarters. The telecommuters use IPSec routers with dynamic WAN IP
addresses. The ZyWALL at headquarters has a static public IP address.

11.10.1 Telecommuters Sharing One VPN Rule Example

See the following figure and table for an example configuration that allows multiple
telecommuters (A, B and C in the figure) to use one VPN rule to simultaneously access a
ZyWALL at headquarters (HQ in the figure). The telecommuters do not have domain names
mapped to the WAN IP addresses of their IPSec routers. The telecommuters must all use the
same IPSec parameters but the local IP addresses (or ranges of addresses) should not overlap.

Figure 100 Telecommuters Sharing One VPN Rule Example

Chapter 11 IPSec VPN
DESCRIPTION
When you configure a VPN rule, the ZyWALL checks to make sure that the IP
addresses in the local and remote networks do not overlap. Select this check
box to disable the check if you need to configure a VPN policy with
overlapping local and remote IP addresses.
Note: If a VPN policy's local and remote IP addresses overlap,
you may not be able to access the device on your LAN
because the ZyWALL automatically triggers a VPN
tunnel to the remote device with the same IP address.
Click Apply to save your changes back to the ZyWALL.
Click Reset to begin configuring this screen afresh.
ZyWALL 2 Plus User's Guide
213