How to establish Hub and Spoke VPN between Nebula Devices (USG FLEX & NSG)?

Zyxel_Adam · September 2021

In the Hub-and-Spoke VPN topology, there is a VPN connection between each spoke router and the hub router, which uses the VPN concentrator. The VPN concentrator routes VPN traffic between the spoke routers and itself.

Scenario: Setup Hub and Spoke VPN between USG FLEX and NSG devices under the same organization.

1. Configure Hub and Spoke VPN on devices.
(Refer to USG FLEX on the left and NSG on the right.)

Image: https://us.v-cdn.net/6029482/uploads/editor/3g/7aqb0h12gh95.png

2. Select correct outgoing interface and toggle "Use VPN" on local interface that needs to be added to VPN tunnel.

Image: https://us.v-cdn.net/6029482/uploads/editor/8r/jmsn08j62yza.png

3. Enable Nebula VPN and choose Hub-and-Spoke for Nebula VPN topology.

4. Repeat step 1 to step 3 for all sites.

5. Check VPN connection result on all sites.

Site: USG FLEX 100W

Image: https://us.v-cdn.net/6029482/uploads/editor/9o/mt9gjsjfifzz.png

Site: NSG50

Image: https://us.v-cdn.net/6029482/uploads/editor/8m/uf4k2nqs2wyh.png

Site: NSG50_2

Note: If you would like to build a Site to Site VPN in different organizations, please refer to this post.

How to establish Hub and Spoke VPN between Nebula Devices (USG FLEX & NSG)?

Categories