ZyWALL 2 and ZyWALL 2WE
| Table | |
LABEL | DESCRIPTION | |
|
| |
# | This field displays the VPN rule number. | |
|
| |
Active | Y signifies that this VPN rule is active. | |
|
| |
Local Addr. | This field displays the IP address of the computer using the VPN IPSec feature of your | |
ZyWALL. | ||
| ||
|
| |
Remote Addr. | This field displays IP address (in a range) of computers on the remote network behind the | |
remote IPSec gateway. | ||
| ||
|
| |
Encap. | This field displays the encapsulation mode (Tunnel or Transport). The ZyWALL's | |
encapsulation mode should be identical to the secure remote gateway. | ||
| ||
|
| |
| This field displays the authentication algorithm (SHA1 or MD5) and encryption algorithm | |
Algorithm | (DES or 3DES). The ZyWALL's authentication and encryption algorithms should be identical | |
| to the secure remote gateway. | |
|
| |
Gateway | This field displays the IP address of the remote secure gateway with which you're making the | |
VPN connection. This field displays 0.0.0.0 if the remote secure gateway has a dynamic | ||
| WAN IP address. | |
|
|
Click Apply to save your changes. Click Reset to begin configuring this screen afresh.
27.6 Keep Alive
When you initiate an IPSec tunnel with keep alive enabled, the ZyWALL automatically renegotiates the tunnel when the IPSec SA lifetime period expires (see section 27.10 for more on the IPSec SA lifetime). In effect, the IPSec tunnel becomes an “always on” connection after you initiate it. Both IPSec routers must have a
If the ZyWALL has its maximum number of simultaneous IPSec tunnels connected to it and they all have keep alive enabled, then no other tunnels can take a turn connecting to the ZyWALL because the ZyWALL never drops the tunnels that are already connected.
VPN/IPSec Setup |