ZyWALL 2WG Support Notes
All contents copyright (c) 2006 ZyXEL Communications Corporation. 99
Using Pre-Shared Key for Device Authentication
The IKE protocol also provides primary authentication - verifying the identity of the remote system
before negotiating the encryption algorithm and keys. Two kinds of authentication methods are supported
on ZyWALL: pre-shared key & certificate.
If pre-shared key is used, a shared, symmetric key must be manually exchanged and configured on the
two entities. Three types of identity are available: IP, DNS and E-mail.
Here are some rules to follow in Authentication Key:
3) Pre-shared key must be configured identically on both entities
4) The Local ID Type & Content of Local ZyWALL must be the same as that of Peer ID Type &
Content of peer VPN gateway.
5) When IP is selected as ID Type, the Content must be in the format of X.X.X.X (e.g. 210.242.82.70)
6) When DNS/E-mail are selected as ID Type, the same string must be configured on both entities.