Support User Manuals

ZyXEL Communications ZyWALL 2 Series Network Card User Manual

Open as PDF

of 614

ZyWALL 2 Series User’s Guide

37-8 VPN/IPSec Setup

Table 37-2 Menu 27.1.1: IPSec Setup

FIELD DESCRIPTION EXAMPLE

Peer ID type

Press [SPACE BAR] to choose IP, DNS, or E-mail and press [ENTER].

Select IP to identify the remote IPSec router by its IP address.

Select DNS to identify the remote IPSec router by a domain name.

Select E-mail to identify the remote IPSec router by an e-mail address.

Content

When you select IP in the Peer ID type field, type the IP address of the

computer with which you will make the VPN connection in the peer

Content field. The ZyWALL automatically uses the address in the Secure

Gateway Address field (refer to the Secure Gateway Address field

description) if you configure the peer Content field to 0.0.0.0 or leave it

blank.

It is recommended that you type an IP address other than 0.0.0.0 in the

peer Content field or use the DNS or E-mail ID type in the following

situations.

 When there is a NAT router between the two IPSec routers.

 When you want the ZyWALL to distinguish between VPN

connection requests that come in from remote IPSec routers with

dynamic WAN IP addresses.

When you select DNS or E-mail in the Peer ID type field, type a domain

name or e-mail address by which to identify the remote IPSec router in the

peer Content field. Use up to 31 ASCII characters including spaces,

although trailing spaces are truncated. The domain name or e-mail

address is for identification purposes only and can be any string.

Secure

Gateway

Address

Type the IP address or the domain name (up to 31 characters) of the

IPSec router with which you’re making the VPN connection.

Set this field to 0.0.0.0 if the remote IPSec router has a dynamic WAN IP

address (the Key Management field must be set to IKE, see later).

Zw50test.com.

tw

Protocol Enter 1 for ICMP, 6 for TCP, 17 for UDP, etc. 0 is the default and signifies

any protocol.

0

DNS Server If there is a private DNS server that services the VPN, type its IP address

here. The ZyWALL assigns this additional DNS server to the ZyWALL's

DHCP clients that have IP addresses in this IPSec rule's range of local

addresses.

A DNS server allows clients on the VPN to find other computers and

servers on the VPN by their (private) domain names.

previous next