Keep alive, 6 keep alive – ZyXEL Communications P-334W User Manual

Page 215

Advertising
background image

Prestige 334W User’s Guide

VPN Screens

16-5

Table 16-2 VPN: Summary

LABEL DESCRIPTION

Remote Addr.

This is the IP address(es) of computer(s) on the remote network behind the remote
IPSec router.

A single (static) IP address is displayed when the Remote Address Start and
Remote Address End/Mask fields in the Rule Setup IKE (or Manual) screen are
both configured to the same IP address.

The beginning and ending (static) IP addresses, in a range of computers are
displayed when the Remote Address Start and Remote Address End/Mask fields
in the Rule Setup IKE (or Manual) screen are configured for a range of IP
addresses.

A (static) IP address and a subnet mask are displayed when the Remote Address
Start and Remote Address End/Mask fields in the Rule Setup IKE (or Manual)
screen are configured for a subnet.

This field displays 0.0.0.0 when the Secure Gateway Address field is set to
0.0.0.0. In this case only the remote IPSec router can initiate the VPN.

Encap.

This field displays Tunnel or Transport mode (Tunnel is the default selection).

Algorithm

This field displays the security protocols used for an SA.

Both AH and ESP increase Prestige processing requirements and communications
latency (delay).

Gateway

This is the static WAN IP address or URL of the remote IPSec router. This field
displays 0.0.0.0 when you configure the Secure Gateway Addr field in the Rule
Setup IKE screen to 0.0.0.0.

Select the radio button next to a VPN index number and then click Edit to edit a specific VPN policy.
Click the radio button next to an empty VPN policy index number and then Edit to add a new VPN policy.

Select the radio button next to a VPN policy number you want to delete and then click Delete. When a
VPN policy is deleted, subsequent policies do not move up in the list.

16.6 Keep Alive

When you initiate an IPSec tunnel with keep alive enabled, the Prestige automatically renegotiates the
tunnel when the IPSec SA lifetime period expires (see Section 16.11 for more on the IPSec SA lifetime). In
effect, the IPSec tunnel becomes an “always on” connection after you initiate it. Both IPSec routers must
have a Prestige-compatible keep alive feature enabled in order for this feature to work.

Advertising
Popular Brands
Popular manuals