[2023 May Tips & Tricks] See how Zyxel optimizes your VPN experience

zyxel_Lin Posts: 73  Zyxel Employee
First Anniversary Friend Collector
edited May 2023 in Security Highlight

What is a Route-based VPN?

Route-based VPN is a type of VPN architecture that uses routes and policies to direct and control traffic between different VPN endpoints. In this type of VPN, the routing table is used to determine the best path for each packet of data, rather than relying solely on security policies. In a route-based VPN, each VPN tunnel is identified by a unique virtual tunnel interface (VTI) and each virtual tunnel interface has its own routing table. Traffic is routed based on the routing table associated with the virtual tunnel interface. This allows for more flexibility and scalability, as multiple tunnels can be established between the same endpoints, which provides failover and load balancing for VPN.

Route-based VPNs are often used in complex network environments, where multiple VPN tunnels need to be established between different locations, and where routing policies need to be granular and flexible.

Advantage of using route-based VPN over traditional policy-based VPN

The main advantage of using a route-based VPN over a policy-based VPN is that it offers greater flexibility and scalability.In policy-based VPNs, the policies that determine which traffic is allowed to pass through the VPN are based on specific criteria such as source and destination IP addresses, ports, and protocols. This can make it difficult to configure complex network topologies with multiple VPN connections, as each VPN connection requires its own set of policies. Policy-based VPNs are also limited in terms of available routing options, which can make it difficult to implement certain network topologies.

Route-based VPNs, on the other hand, use routing protocols to determine which traffic should be sent over the VPN connection. This allows for much greater flexibility and scalability, as the VPN connection can be used to route traffic to multiple destinations, rather than being limited to specific policies. Additionally, routing-based VPNs can be easier to configure and manage than policy-based VPNs, particularly in complex network environments. In summary, the main advantages of using route-based VPNs over policy-based VPNs are:

  1. Greater flexibility and scalability, particularly in complex network environments.
  2. Easier to configure and manage.
  3. More options for routing traffic over the VPN connection.

How to configure

Scenario for general use: See how to configure an IPSec site-to-site VPN by using VTI (Virtual Tunnel Interface).

Scenario for Hybrid Cloud: Transitioning to a hybrid cloud model changes nearly everything about how a company manages data and workloads. Route-based IPSec VPNs help to connect your on-premises networks to AWS/Azure Cloud networks. See how to configure it.