ZyXEL Communications 91-009-073003B manual 382

DESCRIPTION

Click this button to display a greater or lesser number of

configuration fields.

Use to configure any new settings objects that you need to use in this

screen.

Select this check box to activate this VPN connection.

Type the name used to identify this IPSec SA. You may use 1-31

alphanumeric characters, underscores(_), or dashes (-), but the first

character cannot be a number. This value is case-sensitive.

Select this if you want the ZyWALL to automatically renegotiate the

IPSec SA when the SA life time expires.

Select this check box to detect and reject old or duplicate packets to

protect against Denial-of-Service attacks.

Select this check box if you the ZyWALL to send NetBIOS (Network

Basic Input/Output System) packets through the IPSec SA.

NetBIOS packets are TCP or UDP packets that enable a computer to

connect to and communicate with a LAN. It may sometimes be

necessary to allow NetBIOS packets to pass through IPSec SAs in

order to allow local computers to find computers on the remote

network and vice versa.

Select the scenario that best describes your intended VPN connection.

Site-to-site- Choose this if the remote IPSec router has a static IP

address or a domain name. This ZyWALL can initiate the VPN tunnel.

Site-to-site with Dynamic Peer - Choose this if the remote IPSec

router has a dynamic IP address. Only the remote IPSec router can

initiate the VPN tunnel.

Remote Access (Server Role) - Choose this to allow incoming

connections from IPSec VPN clients. The clients have dynamic IP

addresses and are also known as dial-in users. Only the clients can

initiate the VPN tunnel.

Remote Access (Client Role) - Choose this to connect to an IPSec

server. This ZyWALL is the client (dial-in user) and can initiate the

VPN tunnel.

Select the VPN gateway this VPN connection is to use or select

Create Object to add another VPN gateway for this VPN connection

to use.