Table of Contents
Advertisement
DFL-900/1500 User Manual
Configuring the VPN Hub for Main Office
Step 1.
Add a Firewall rule
Suppose Main Office has already added two VPN
tunnels to communicate with two branch offices.
Now, the Main Office has to add a firewall rule to
allow IPSec packets to come from internet.
Before adding a firewall rule, please make sure to
add the addresses first.
Please make sure that the Firewall is enabled.
Select WAN1-to-WAN1 to display the rules of this
direction. The default action of this direction is
Block with Logs. We have to allow the VPN
traffic from the WAN1 side to enter another
WAN1 side. So we click the Insert button to
add a Firewall rule before the default rule.
Step 2.
Customize a Firewall rule from
Spoke1 to Spoke2
Enter the Rule Name as AllowVPNA, Source IP
as Spoke_1 (192.168.40.0), and Dest. IP as
Spoke_2(192.168.88.0). Click Apply to
store this rule.
If you have not yet configured the Source IP, Dest
IP or Service objects. Please refer Chapter 9 for
the setting information first.
Step 3.
Customize a Firewall rule from
Spoke 2 to Spoke 1
Enter the
as
Rule Name
AllowVPN
as Spoke_2
(192.168.88.0), and Dest. IP
as Spoke_1(192.168.40.0)
store this rule.
ADVANCED SETTINGS > Firewall > Edit Rules
ADVANCED SETTINGS > Firewall > Edit Rules > Insert
ADVANCED SETTINGS > Firewall > Edit Rules > Insert
B,
Source IP
. Click
to
Apply
Virtual Private Network – Hub and Spoke VPN
133
Chapter 15
Advertisement
Table of Contents
Troubleshooting
