Traffic Backhauling from Nebula VPN Spoke to Nebula VPN Hub

RobertoCuz
RobertoCuz Posts: 1
in Nebula
Dear All,
my first post here, so thanks for everyone's support.
We have a scenario with an ATP100 FW configured as a Nebula VPN Hub and 2 or more ATP100 FWs configured as Nebula VPN Spoke.

The requirement is to send all the Spoke LAN traffic to the HUB (both internet and intranet ).
Traffic will be sent then to another corporate firewall where all the security policies will be applied.

Did you ever manage such kind of topology?

From Nebula CC I can only see and set in the encryption domain the LAN subnet at HQ and LAN subnet at Spokes.
Ideally I should be able to add the 0.0.0.0 (or any ) as local VPN subnets at the Hub firewall

Many Thanks for let me know with any input and suggestion

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,510  Zyxel Employee
    100 Answers Sixth Anniversary 1000 Comments Zyxel Certified Sales Associate
    edited September 2022
    Hi @RobertoCuz,
    Welcome to Zyxel community.  :)
    It does not support at current design in Nebula,  I will move this topic to ideas section for future evaluation. 
    As workaround, you can use on premise mode for all sites, spoke sites traffic forward traffic to hub site via policy route.

    Ideal section: Traffic Backhauling from Nebula VPN Spoke to Nebula VPN Hub

    Don't miss this great chance to upgrade your Nebula org. for free!

    Untitled Image
    Untitled Image

Categories

Nebula Tips & Tricks


    Read more

    Nebula Help Center

    EnglishTiếng ViệtРусскийไทย中文(台灣)