Chapter 14 IPSec VPN
14.16 VPN SA Monitor
In the web configurator, click SECURITY > VPN > SA Monitor. Use this screen to display and manage active VPN connections.
A Security Association (SA) is the group of security settings related to a specific VPN tunnel. This screen displays active VPN connections. Use Refresh to display active VPN connections.
Figure 212 SECURITY > VPN > SA Monitor
The following table describes the labels in this screen.
Table 93 SECURITY > VPN > SA Monitor
LABEL | DESCRIPTION |
# | This is the security association index number. |
|
|
Name | This field displays the identification name for this VPN policy. |
|
|
Local Network | This field displays the IP address of the computer using the VPN IPSec feature of |
| your ZyWALL. |
|
|
Remote Network | This field displays IP address (in a range) of computers on the remote network |
| behind the remote IPSec router. |
|
|
Encapsulation | This field displays Tunnel or Transport mode. |
|
|
IPSec Algorithm | This field displays the security protocols used for an SA. |
| Both AH and ESP increase ZyWALL processing requirements and |
| communications latency (delay). |
|
|
Refresh | Click Refresh to display the current active VPN connection(s). |
|
|
Disconnect | Select a security association index number that you want to disconnect and then |
| click Disconnect. |
|
|
14.17 VPN Global Setting
Click SECURITY > VPN > Global Setting to open the VPN Global Setting screen. Use this screen to change settings that apply to all of your VPN tunnels.
14.17.1 Local and Remote IP Address Conflict Resolution
Normally, you do not configure your local VPN policy rule’s IP addresses to overlap with the remote VPN policy rule’s IP addresses (see Section 14.6.2 on page 319). For example, you usually would not configure both with 192.168.1.0. However, overlapping local and remote network IP addresses can occur with dynamic VPN rules or IP alias.
338 |
| |
ZyWALL 2WG User’s Guide |
| |
|
|
|