Filter
Top Products
Chapter 20 IPSec VPN
ZyWALL USG 100/200 Series User’s Guide
354
Each field is discussed in the following table. See Section 20.2.2 on page 360 and Section
20.2.1 on page 355 for more information.
Table 115 VPN > IPSec VPN > VPN Connection
LABEL DESCRIPTION
Use Policy
Route to
control
dynamic
IPSec rules
Leave this cleared to have the ZyWALL automatically obtain source and destination
addresses for dynamic IPSec rules. When you leave this option’s check box cleared,
you do not need to configure policy routes for the dynamic IPSec tunnels.
Only select this if you want to use policy routes to manually specify the destination
addresses of dynamic IPSec rules. You must configure a policy route for each
dynamic IPSec tunnel.
Ignore ""Don't
Fragment""
setting in
packet header
Select this to fragment packets larger than the MTU (Maximum Transmission Unit)
that have the “don’t” fragment” bit in the header turned on. When you clear this the
ZyWALL drops packets larger than the MTU that have the “don’t” fragment” bit in the
header turned on.
Total
Connection
This field displays the total number of VPN connection policies.
connection
per page
Select how many entries you want to display on each page.
Page x of x This is the number of the page of entries currently displayed and the total number of
pages of entries. Type a page number to go to or use the arrows to navigate the
pages of entries.
# This field is a sequential value, and it is not associated with a specific connection.
Name This field displays the name of the IPSec SA.
VPN Gateway This field displays the associated VPN gateway(s). If there is no VPN gateway, this
field displays “manual key”.
Encapsulation This field displays what encapsulation the IPSec SA uses.
Algorithm This field displays what encryption and authentication methods, respectively, the
IPSec SA uses.
Policy This field displays the local policy and the remote policy, respectively.
Add icon This column provides icons to add, edit, and remove VPN connections, as well as to
activate / deactivate and connect / disconnect VPN connections.
To add a VPN connection, click the Add icon at the top of the column. The VPN
Connection Add/Edit Manual screen appears.
To edit a VPN connection, click the Edit icon next to the connection. The VPN
Connection Add/Edit Manual or VPN Connection Add/Edit Gateway screen
appears accordingly.
To delete a VPN connection, click the Remove icon next to the connection. The web
configurator confirms that you want to delete the VPN connection.
To activate or deactivate an IPSec SA, click the Active icon next to the VPN
connection. Make sure you click Apply to save and apply the change.
To connect or disconnect an IPSec SA, click the Connect icon next to the VPN
connection.
Apply Click Apply to save your changes back to the ZyWALL.
Reset Click Reset to begin configuring this screen afresh.