Filter
Top Products
Chapter 20 IPSec VPN
ZyWALL 110/310/1100 Series User’s Guide
302
20.4.1 VPN Concentrator Requirements and Suggestions
Consider the following when using the VPN concentrator.
• The local IP addresses configured in the VPN rules should not overlap.
• The concentrator must have at least one separate VPN rule for each spoke. In the local policy,
specify the IP addresses of the networks with which the spoke is to be able to have a VPN tunnel.
This may require you to use more than one VPN rule for each spoke.
• To have all Internet access from the spoke routers go through the VPN tunnel, set the VPN rules
in the spoke routers to use 0.0.0.0 (any) as the remote IP address.
• Your firewall rules can still block VPN packets.
20.4.2 VPN Concentrator Screen
The VPN Concentrator summary screen displays the VPN concentrators in the ZyWALL. To access
this screen, click Configuration > VPN > IPSec VPN > Concentrator.
Figure 184 Configuration > VPN > IPSec VPN > Concentrator
Each field is discussed in the following table. See Section 20.4.3 on page 302 for more information.
20.4.3 The VPN Concentrator Add/Edit Screen
Use the VPN Concentrator Add/Edit screen to create or edit a VPN concentrator. To access this
screen, go to the VPN Concentrator summary screen (see Section 20.4 on page 301), and click
either the Add icon or an Edit icon.
Table 111 Configuration > VPN > IPSec VPN > Concentrator
LABEL DESCRIPTION
Add Click this to create a new entry.
Edit Select an entry and click this to be able to modify it.
Remove Select an entry and click this to delete it.
# This field is a sequential value, and it is not associated with a specific concentrator.
Name This field displays the name of the VPN concentrator.
Group Members These are the VPN connection policies that are part of the VPN concentrator.