Filter
Top Products
Chapter 20 IPSec VPN
ZyWALL USG 100/200 Series User’s Guide
359
Related Settings
Add this VPN
connection to
IPSec_VPN zone.
Select this check box to add the VPN connection policy to the IPSec_VPN
security zone. Any security rules or settings configured for the IPSec_VPN
security zone will also apply to this VPN connection policy.
More Settings/Less
Settings
Click this button to show or hide the Inbound/Outbound traffic NAT fields.
Inbound/Outbound
traffic NAT
Outbound Traffic
Source NAT This translation hides the source address of computers in the local network. It
may also be necessary if you want the ZyWALL to route packets from
computers outside the local network through the IPSec SA.
Source Select the address object that represents the original source address (or select
Create Object to configure a new one). This is the address object for the
computer or network outside the local network. The size of the original source
address range (Source) must be equal to the size of the translated source
address range (SNAT).
Destination Select the address object that represents the original destination address (or
select Create Object to configure a new one). This is the address object for the
remote network.
SNAT Select the address object that represents the translated source address (or
select Create Object to configure a new one). This is the address object for the
local network. The size of the original source address range (Source) must be
equal to the size of the translated source address range (SNAT).
Inbound Traffic
Source NAT This translation hides the source address of computers in the remote network.
Source Select the address object that represents the original source address (or select
Create Object to configure a new one). This is the address object for the
remote network. The size of the original source address range (Source) must
be equal to the size of the translated source address range (SNAT).
Destination Select the address object that represents the original destination address (or
select Create Object to configure a new one). This is the address object for the
local network.
SNAT Select the address object that represents the translated source address (or
select Create Object to configure a new one). This is the address that hides the
original source address. The size of the original source address range (Source)
must be equal to the size of the translated source address range (SNAT).
Destination NAT This translation forwards packets (for example, mail) from the remote network
to a specific computer (for example, the mail server) in the local network.
# This field is a sequential value, and it is not associated with a specific NAT
record. However, the order of records is the sequence in which conditions are
checked and executed.
Original IP Select the address object that represents the original destination address. This
is the address object for the remote network.
Mapped IP Select the address object that represents the desired destination address. For
example, this is the address object for the mail server.
Protocol Select the protocol required to use this translation. Choices are: TCP, UDP, or
All.
Table 116 VPN > IPSec VPN > VPN Connection > Edit (continued)
LABEL DESCRIPTION