|
Other manuals for this model:
manual abstract
HUB AND SPOKE VPN
HUB AND SPOKE VPN
Release Date: 2005/6/29
1 Introduction
This application note details the steps for creating VPN tunnels based on “hub and spoke” topology between
ASUS Internet Security Routers. All settings and screen dumps contained in this application note are taken from
ASUS Internet Security Routers running firmware 1.1.68A.410. However, the instructions are applicable to newer
firmware as well.
In the "hub and spoke" VPN topology, all branch offices connect to the central office and each office is able to
connect to resources on the central network, as well as other offices, by going through their local VPN gateway to
link to the central office.
It is recommended that you disable firewall initially to simplify the configuration procedure
when setting up “hub-and-spoke” VPN. You can then create proper ACL rules based on
Note
secure requirement in your network.
2 Dynamic IP for All Branch Offices
This topology allows all branch offices to use dynamic IP to construct a fully meshed VPN networks. Note that
only the headquarter requires static IP.
2.1 Network
Setup
Connect all the devices as indicated in Figure 2.1. You may change the IP address, subnet mask and default
gateway IP address of any device to match your true network environment.
Branch C
WAN: dynamic IP
LAN: 192.168.23.0/24
PC3
192.168.23.10
Internet
Headquarter
WAN: 66.228.128.1
LAN: 192.168.1.0/24
Server
192.168.1.20
Internet
Internet
Branch B
Branch A
WAN: dynamic IP
WAN: dynamic IP
PC2
LAN: 192.168.22.0/24
LAN: 192.168.21.0/24
192.168.22.10
PC1
192.168.21.10
Figure 2.1. Network Toppology Diagram – Dynamic IP for All Branch Offices
Copyright 2005, ASUSTeK Computer, Inc.
Page 1
...