Filter
Top Products
Chapter 20 IPSec VPN
ZyWALL 110/310/1100 Series User’s Guide
285
• In any VPN connection, you have to select address objects to specify the local policy and remote
policy. You should set up the address objects first.
• In a VPN gateway, you can select an Ethernet interface, virtual Ethernet interface, VLAN
interface, or virtual VLAN interface to specify what address the ZyWALL uses as its IP address
when it establishes the IKE SA. You should set up the interface first. See Chapter 7 on page 103.
• In a VPN gateway, you can enable extended authentication. If the ZyWALL is in server mode, you
should set up the authentication method (AAA server) first. The authentication method specifies
how the ZyWALL authenticates the remote IPSec router. See Chapter 31 on page 400.
• In a VPN gateway, the ZyWALL and remote IPSec router can use certificates to authenticate each
other. Make sure the ZyWALL and the remote IPSec router will trust each other’s certificates. See
Chapter 33 on page 413.
20.2 The VPN Connection Screen
Click Configuration > VPN > IPSec VPN to open the VPN Connection screen. The VPN
Connection screen lists the VPN connection policies and their associated VPN gateway(s), and
various settings. In addition, it also lets you activate or deactivate and connect or disconnect each
VPN connection (each IPSec SA). Click a column’s heading cell to sort the table entries by that
column’s criteria. Click the heading cell again to reverse the sort order.
Figure 178 Configuration > VPN > IPSec VPN > VPN Connection