Figure 179 menu 27.1.1 ipsec setup, Table 105 menu 27.1.1 ipsec setup – ZyXEL Communications P-334 User Manual

Page 319

Advertising
background image

Prestige 334 User’s Guide

Chapter 34 VPN/IPSec Setup

318

Figure 179 Menu 27.1.1 IPSec Setup

The following table describes the fields in this menu.

Menu 27.1.1 – IPSec Setup
Index= 1 Name= Taiwan
Active= Yes Keep Alive= No Nat Traversal= No
Local ID type Content=
My IP Addr= 0.0.0.0
Peer ID type= IP Content=
Secure Gateway Address= zw50test.zyxel.com.tw
Protocol= 0 DNS Server= 0.0.0.0

Local:

Remote:

Addr Type= SINGLE
Local IP Addr= 1.1.1.1
Port Start= 0
Addr Type= SUBNET
IP Addr Start= 4.4.4.4
Port Start= 0

End= N/A
End/Subnet Mask= 255.255.0.0
End= N/A

Enable Replay Detection = No
Key Management= IKE
Edit Key Management Setup= No

Press ENTER to Confirm or ESC to Cancel:

Table 105 Menu 27.1.1 IPSec Setup

FIELD

DESCRIPTION

Index

This is the VPN rule index number you selected in the previous menu.

Name

Enter a unique identification name for this VPN rule. The name may be up to 32
characters long but only 10 characters will be displayed in Menu 27.1 - IPSec
Summary.

Active

Press [SPACE BAR] to choose either Yes or No. Choose Yes and press [ENTER] to
activate the VPN tunnel. This field determines whether a VPN rule is applied before a
packet leaves the firewall.

Keep Alive

Press [SPACE BAR] to choose either Yes or No. Choose Yes and press [ENTER] to
have the Prestige automatically re-initiate the SA after the SA lifetime times out, even if
there is no traffic. The remote IPSec router must also have keep alive enabled in order
for this feature to work.

Nat Traversal

Select this check box to enable NAT traversal. NAT traversal allows you to set up a
VPN connection when there are NAT routers between the two IPSec routers.
The remote IPSec router must also have NAT traversal enabled. You can use NAT tra-
versal with ESP protocol using Transport or Tunnel mode, but not with AH protocol
nor with Manual key management.
In order for an IPSec router behind a NAT router to receive an initiating IPSec packet,
set the NAT router to forward UDP port 500 to the IPSec router behind the NAT router.

Local ID type

Press [SPACE BAR] to choose IP, DNS, or E-mail and press [ENTER].
Select IP to identify this Prestige by its IP address.
Select DNS to identify this Prestige by a domain name.
Select E-mail to identify this Prestige by an e-mail address.

Advertising
Popular Brands
Popular manuals