Filter
Top Products
ZyWALL 2 and ZyWALL 2WE
27-4 VPN/IPSec Setup
Table 27-2 VPN Summary
LABEL DESCRIPTION
# This field displays the VPN rule number.
Active
Y signifies that this VPN rule is active.
Local Addr.
This field displays the IP address of the computer using the VPN IPSec feature of your
ZyWALL.
Remote Addr.
This field displays IP address (in a range) of computers on the remote network behind the
remote IPSec gateway.
Encap.
This field displays the encapsulation mode (Tunnel or Transport). The ZyWALL's
encapsulation mode should be identical to the secure remote gateway.
Algorithm
This field displays the authentication algorithm (SHA1 or MD5) and encryption algorithm
(DES or 3DES). The ZyWALL's authentication and encryption algorithms should be identical
to the secure remote gateway.
Gateway
This field displays the IP address of the remote secure gateway with which you're making the
VPN connection. This field displays 0.0.0.0 if the remote secure gateway has a dynamic
WAN IP address.
Click Apply to save your changes. Click Reset to begin configuring this screen afresh.
27.6 Keep Alive
When you initiate an IPSec tunnel with keep alive enabled, the ZyWALL automatically renegotiates the
tunnel when the IPSec SA lifetime period expires (see section 27.10 for more on the IPSec SA lifetime). In
effect, the IPSec tunnel becomes an “always on” connection after you initiate it. Both IPSec routers must
have a ZyWALL-compatible keep alive feature enabled in order for this feature to work.
If the ZyWALL has its maximum number of simultaneous IPSec tunnels connected to it and they all have
keep alive enabled, then no other tunnels can take a turn connecting to the ZyWALL because the ZyWALL
never drops the tunnels that are already connected.