VPN connection between corporate and branch net

Home Page Forums Network Management ZeroShell VPN connection between corporate and branch net

This topic contains 1 reply, has 0 voices, and was last updated by  matt@nednet.net 10 years, 5 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #41396

    I am planning on using zeroshell to connect a corp branch to a corp net over a private net. I’m submitting this plan to ensure I haven’t missed anything to set this up.

    Object: Connect corporate branch to corp net via a vpn tunnel over a private net. None of the private net traffic can
    go into the corp branch or corp net. All corp branch traffic bound for the internet must go down to the corp net then
    out it’s routers. All traffic for the corp branch must come through the corp net up to the branch net.
    Note: IP’s have been changed to protect the corporate identity.

    VPN00 between zs1 and zs2
    zs1 vpn00: 172.16.0.1
    zs2 vpn00: 172.16.0.2

    zs1: bridge eth0 vpn00
    zs1: default router 172.16.0.2
    zs2: route net 199.y.y.x gateway 172.16.0.1

    zs1: firewall eth1 allow any traffic from 192.168.0.11
    eth1 allow https from 192.168.0.2 (admin access from a privatenetdevice eth1 allow icmp from 192.168.0.2 (connectivity test from private net)
    block all other traffic

    zs2: firewall eth1 allow any traffic from 192.168.0.10
    eth1 allow https from 192.168.0.2 (admin access from priave net device)
    eth1 allow icmp from 192.168.0.2
    block all other traffic

    corp branch net—-eth0(zs1)eth1—-—-eth1(zs2)eth0-cisco
    199.y.y.x 199.y.y.254 192.168.0.10 192.168.0.11 200.z.z.x

    At the corp net end (cisco router) feeds another router to the Internet.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.