Filter
Top Products
Chapter 25 IPSec VPN
ZyWALL USG 1000 User’s Guide
445
SA). Click a column’s heading cell to sort the table entries by that column’s
criteria. Click the heading cell again to reverse the sort order.
Figure 328 Configuration > VPN > IPSec VPN > VPN Connection
Each field is discussed in the following table. See Section 25.2.2 on page 453 and
Section 25.2.1 on page 446 for more information.
Table 117 Configuration > VPN > IPSec VPN > VPN Connection
LABEL DESCRIPTION
Use Policy
Route to
control
dynamic
IPSec rules
Select this to be able to use policy routes to manually specify the
destination addresses of dynamic IPSec rules. You must manually create
these policy routes. The ZyWALL automatically obtains source and
destination addresses for dynamic IPSec rules that do not match any of
the policy routes.
Clear this to have the ZyWALL automatically obtain source and
destination addresses for all dynamic IPSec rules.
See Section 6.4.2 on page 101 for how this option affects the routing
table.
Ignore
""Don't
Fragment""
setting in
packet header
Select this to fragment packets larger than the MTU (Maximum
Transmission Unit) that have the “don’t” fragment” bit in the IP header
turned on. When you clear this the ZyWALL drops packets larger than the
MTU that have the “don’t” fragment” bit in the header turned on.
Add Click this to create a new entry.
Edit Double-click an entry or select it and click Edit to open a screen where
you can modify the entry’s settings.
Remove To remove an entry, select it and click Remove. The ZyWALL confirms
you want to remove it before doing so.
Activate To turn on an entry, select it and click Activate.
Inactivate To turn off an entry, select it and click Inactivate.
Connect To connect an IPSec SA, select it and click Connect.