Hab jetzt auch eine lösung gefunden und zwar im zyxel knowledgebase:
Zitat:
Q: How can I have VPN routing between 14 branch offices?
A: Our solution for this is based on a well defined network topology.
if we can allocate all of the internal network like this,
Network A: 192.168.1.0/24
Network B: 192.168.2.0/24
......
Network E: 192.168.14.0/24
Then on ZyWALL-A we configure VPN like this,
MyIP=0.0.0.0
Secure Gateway= < IP of Central Office >
Local Network: 192.168.1.0/24
Remote Network: 192.168.0.0/16
On ZyWALL-B we configure VPN like this,
MyIP=0.0.0.0
Secure Gateway= < IP of Central Office >
Local Network: 192.168.2.0/24
Remote Network: 192.168.0.0/16
...etc...
On Central side, we need to have 14 corresponding VPN rules.
Since the addresses of the networks are continuous.
we can include them together in 192.168.0.0.
After saving the rules, we need to issue a CI command on each
of P652, "ipsec swSkipOverlapIp on"
So that local PC can access local P652, otherwise the local
management traffic would be tunneled into VPN. However the cost of
doing this would be reduced performance.
|
funzt einwandfrei.