beautypg.com

16 vpn and remote management – ZyXEL Communications ZyWALL 2 Plus User Manual

Page 291

background image

Chapter 14 IPSec VPN

ZyWALL 2 Plus User’s Guide

291

14.16 VPN and Remote Management

You can allow someone to use a service (like Telnet or HTTP) through a VPN tunnel to
manage the ZyWALL. One of the ZyWALL’s ports must be part of the VPN rule’s local
network. This can be the ZyWALL’s LAN port if you do not want to allow remote
management on the WAN port. You also have to configure remote management (REMOTE
MGMT) to allow management access for the service through the specific port.
In the following example, the VPN rule’s local network (A) includes the ZyWALL’s LAN IP
address of 192.168.1.7. Someone in the remote network (B) can use a service (like HTTP for
example) through the VPN tunnel to access the ZyWALL’s LAN interface. Remote
management must also be configured to allow HTTP access on the ZyWALL’s LAN interface.

Table 76 Telecommuters Using Unique VPN Rules Example

TELECOMMUTERS

HEADQUARTERS

All Telecommuter Rules:

All Headquarters Rules:

My ZyWALL 0.0.0.0

My ZyWALL: bigcompanyhq.com

Remote Gateway Address: bigcompanyhq.com

Local Network - Single IP Address: 192.168.1.10

Remote Network - Single IP Address:

192.168.1.10

Local ID Type: E-mail

Peer ID Type: E-mail

Local ID Content: [email protected]

Peer ID Content: [email protected]

Telecommuter A (telecommutera.dydns.org)

Headquarters ZyWALL Rule 1:

Local ID Type: IP

Peer ID Type: IP

Local ID Content: 192.168.2.12

Peer ID Content: 192.168.2.12

Local IP Address: 192.168.2.12

Remote Gateway Address:

telecommutera.dydns.org

Remote Address 192.168.2.12

Telecommuter B (telecommuterb.dydns.org)

Headquarters ZyWALL Rule 2:

Local ID Type: DNS

Peer ID Type: DNS

Local ID Content: telecommuterb.com

Peer ID Content: telecommuterb.com

Local IP Address: 192.168.3.2

Remote Gateway Address:

telecommuterb.dydns.org

Remote Address 192.168.3.2

Telecommuter C (telecommuterc.dydns.org)

Headquarters ZyWALL Rule 3:

Local ID Type: E-mail

Peer ID Type: E-mail

Local ID Content: [email protected]

Peer ID Content: [email protected]

Local IP Address: 192.168.4.15

Remote Gateway Address:

telecommuterc.dydns.org

Remote Address 192.168.4.15

See also other documents in the category ZyXEL Communications Hardware: