How to establish Site-to-site VPN when both Nebula gateways are in different Organizations?

Nebula_JasonNebula_Jason Zyxel Official Agent Posts: 205  mod
edited November 9, 2020 3:52PM in Configurations
In Figure1, there are two Nebula gateways that want to establish site-to-site VPN connection, but they are in different organizations.

Figure 1 Site-to-SIte VPN

All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks. This example was tested Nebula gateway, switch, APs with the last firmware version on Nebula Center Control (NCC).
Configuration Setting:

For Demo/Demo:

Go to "GATEWAY > Configure > Site-to-Site VPN > Non-Nebula VPN peers" and configure the parameters.

Name: Zyxel_Nebula

Public IP: 61.222.75.18

Private subnet: 192.168.3.1/24

IPsec policy: Default

Preshared Secret: <Pre-shared key> (Need to be the same as another site)

Availability: This site (Depends on the scenario)



For Zyxel.Nebula/test Jason NSG100:

Go to "GATEWAY > Configure > Site-to-Site VPN > Non-Nebula VPN peers" and configure the parameters.

Name: Demo

Public IP: 36.227.108.105

Private subnet: 192.168.1.199/24

IPsec policy: Default

Preshared Secret: <Pre-shared key> (Need to be the same as another site)

Availability: This site (Depends on the scenario)



Test the Result:
On Demo/Demo, go to Security gateway > Monitor > VPN connection

On Zyxel.Nebula/test Jason NSG100, go to Security gateway > Monitor > VPN connection


Jason
Eva61299Pureland
Sign In to comment.