ZyXEL Communications 2WG User Manual

ZyWALL 2WG Support Notes

All contents copyright (c) 2006 ZyXEL Communications Corporation.

62

After pressing the Apply button, ZyWALL would create the certification request and send it to the CA server

for enrollment. After CA server agrees to issue the corresponding certificate, ZyWALL will receive it

automatically, and you will find a newly enrolled certificate in My Certificates.

Step 4. Using Certifica e in VPN on ZyWALL A

t

1. Activate the rule

2. Give this VPN rule a name "toZyWALL_B"

3. Select Key Management to "IKE"

4. Select Negotiation Mode to "Main"

5. Edit Local: Address Type="Subnet Address", Starting IP Address="10.1.33.0", End IP Address/Subnet

Mask="255.255.255.0"

6. Edit Remote: Address Type="Subnet Address", Starting IP Address="192.168.2.0", End IP Address/Subnet

Mask="255.255.255.0"

7. Authentication Key, Select Certificate, and choose certificate you enrolled for this device from drop down list.

8. Fill in My IP address= "192.168.1.35"

9. Peer ID type= "ANY"

10. Secure Gateway Address= "192.168.1.36"

11. Encapsulation Mode="Tunnel"

12. Leave other options as default.