
P-2602H(W)(L)-DxA Series User’s Guide
Table 87 Edit VPN Policies
LABEL | DESCRIPTION |
|
|
Remote | Remote IP addresses must be static and correspond to the remote IPSec router's |
| configured local IP addresses. The remote fields do not apply when the Secure |
| Gateway IP Address field is configured to 0.0.0.0. In this case only the remote |
| IPSec router can initiate the VPN. |
| Two active SAs cannot have the local and remote IP address(es) both the same. |
| Two active SAs can have the same local or remote IP address, but not both. You |
| can configure multiple SAs between the same local and remote IP addresses, as |
| long as only one is active at any time. |
Remote Address | Use the |
Type | with a single IP address. Select Range for a specific range of IP addresses. |
| Select Subnet to specify IP addresses on a network by their subnet mask. |
IP Address Start | When the Remote Address Type field is configured to Single, enter a (static) IP |
| address on the network behind the remote IPSec router. When the Remote |
| Address Type field is configured to Range, enter the beginning (static) IP |
| address, in a range of computers on the network behind the remote IPSec router. |
| When the Remote Address Type field is configured to Subnet, enter a (static) IP |
| address on the network behind the remote IPSec router. |
End / Subnet Mask | When the Remote Address Type field is configured to Single, this field is N/A. |
| When the Remote Address Type field is configured to Range, enter the end |
| (static) IP address, in a range of computers on the network behind the remote |
| IPSec router. When the Remote Address Type field is configured to Subnet, |
| enter a subnet mask on the network behind the remote IPSec router. |
Address |
|
Information |
|
Local ID Type | Select IP to identify this ZyXEL Device by its IP address. |
| Select DNS to identify this ZyXEL Device by a domain name. |
| Select |
Content | When you select IP in the Local ID Type field, type the IP address of your |
| computer in the local Content field. The ZyXEL Device automatically uses the IP |
| address in the My IP Address field (refer to the My IP Address field description) |
| if you configure the local Content field to 0.0.0.0 or leave it blank. |
| It is recommended that you type an IP address other than 0.0.0.0 in the local |
| Content field or use the DNS or |
| When there is a NAT router between the two IPSec routers. |
| When you want the remote IPSec router to be able to distinguish between VPN |
| connection requests that come in from IPSec routers with dynamic WAN IP |
| addresses. |
| When you select DNS or |
| or |
| Use up to 31 ASCII characters including spaces, although trailing spaces are |
| truncated. The domain name or |
| and can be any string. |
My IP Address | Enter the WAN IP address of your ZyXEL Device. The VPN tunnel has to be |
| rebuilt if this IP address changes. |
| The following applies if this field is configured as 0.0.0.0: |
| The ZyXEL Device uses the current ZyXEL Device WAN IP address (static or |
| dynamic) to set up the VPN tunnel. |
| If the WAN connection goes down, the ZyXEL Device uses the dial backup IP |
| address for the VPN tunnel when using dial backup or the LAN IP address when |
| using traffic redirect. See Chapter 7 on page 93 for details on dial backup and |
| traffic redirect. |
232 | Chapter 17 VPN Screens |