IPSec VPN. How to create connection with multiple local and remote networks

Options
bk1
bk1 Posts: 5
Friend Collector First Comment
Hello. 
I Try configure IPSec with remote office. In connection settings I can add only 1 local and 1 remote network.
What should I do, if I have 3 networks:
10.80.6.0/24
10.80.10.0/24
10.80.12.0/24

Remote office has more networks:
10.88.12.0/24
10.76.0.0/16
10.10...
and etc.




Accepted Solution

All Replies

  • bk1
    bk1 Posts: 5
    Friend Collector First Comment
    edited November 2022
    Options
    @mMontana
    Yes, It is work, but it is really uncomfortable. I should to create 31+ VPN Connections.
    Maybe there is another option?
  • mMontana
    mMontana Posts: 1,337  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited November 2022
    Options
    Command line interface.
    If this arrangement sucks for you, sucks for me too, but it's the way that Zyxel request for making it work.
    I know there's a limit of tunnels (gateways) dependent from the device model, i don't know if there's a limit for subnets/connection/tunnel on the same gateway.
  • bk1
    bk1 Posts: 5
    Friend Collector First Comment
    Options
    @mMontana
    Thank you very much for answer
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,462  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @bk1.
    You also can add policy route for site to site VPN multiple subnet routing.
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,462  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @mMontana,
    Thanks for the example. ;)
    In site 1, add policy route for subnet 172.31.128.0/24 routing.
    src = 192.168.199.0/24
    dst= 172.31.128.0/24
    next hop = Site to Site VPN tunnel

    In site 2, add policy route for subnet 192.168.199.0/24 routing.
    src = 172.31.128.0/24
    dst= 192.168.199.0/24
    next hop = Site to Site VPN tunnel

Security Highlight