ZyXEL Communications P-202 User Manual

Page 31

Advertising
background image

P-202H Plus v2 Support Notes

First of all, both P-202H Plus v2 must have VPN capabilities. Please check the
firmware version, V3.50 or later has the VPN capability.

If your P-202H Plus v2 is capable of VPN, you can find the VPN options in
Advanced>VPN tab.

For configuring a "box-to-box VPN", there are some tips:

1. If there is a NAT router running in the front of P-202H Plus v2, please

make sure the NAT router supports to pass through IPSec.

2. In NAT case (either run on the frond end router, or in P-202H Plus v2 VPN

box), only IPSec ESP tunneling mode is supported since NAT againsts AH
mode.

3. Source IP/Destination IP-- Please do not number the LANs (local and

remote) using the same exact range of private IP addresses. This will
make VPN destination addresses and the local LAN addresses are
indistinguishable, and VPN will not work.

4. Secure Gateway IP Address -- This must be a public, routable IP

address, private IP is not allowed. That means it can not be in the 10.x.x.x
subnet, the 192.168.x.x subnet, nor in the range 172.16.0.0 -
172.31.255.255 (these address ranges are reserved by internet standard
for private LAN numberings behind NAT devices). It is usually a static IP
so that we can pre-configure it in P-202H Plus v2 for making VPN
connections. If it is a dynamic IP given by ISP, you still can configure this
IP address after the remote P-202H Plus v2 is on-line and its WAN IP is
available from ISP.

7. Does P-202H Plus v2 support dynamic secure gateway IP?

If the remote VPN gateways uses dynamic IP, we enter 0.0.0.0 as the Secure
Gateway IP Address in P-202H Plus v2. In this case, the VPN connection can
only be initiated from dynamic side to fixed side in order to update its dynamic IP
to the fixed side. However, if both gateways use dynamic IP addresses, it is no
way to establish VPN connection at all.

8. What VPN gateway that has been tested with P-202H Plus v2
successfully?

We have tested P-202H Plus v2 successfully with the following third party VPN
gateways.

Cisco 1720 Router, IOS 12.2(2)XH, IP/ADSL /FW/IDS PLUS IPSEC 3DES

NetScreen 5, ScreenOS 2.6.0r6

SonicWALL SOHO 2

WatchGuard Firebox II

All contents copyright © 2006 ZyXEL Communications Corporation.

31


Advertising
Popular Brands
Popular manuals