Chapter 18 VPN Screens
If the remote secure gateway has a static WAN IP address, enter it in the Secure Gateway Address field. You may alternatively enter the remote secure gateway’s domain name (if it has one) in the Secure Gateway Address field.
You can also enter a remote secure gateway’s domain name in the Secure Gateway Address field if the remote secure gateway has a dynamic WAN IP address and is using DDNS. The ZyXEL Device has to rebuild the VPN tunnel each time the remote secure gateway’s WAN IP address changes (there may be a delay until the DDNS servers are updated with the remote gateway’s new WAN IP address).
18.4.1 Dynamic Secure Gateway Address
If the remote secure gateway has a dynamic WAN IP address and does not use DDNS, enter
0.0.0.0as the secure gateway’s address. In this case only the remote secure gateway can initiate SAs. This may be useful for telecommuters initiating a VPN tunnel to the company network (seeSection 18.18 on page 259for configuration examples).
The Secure Gateway IP Address may be configured as 0.0.0.0 only when using IKE key management and not Manual key management.
18.5 VPN Setup Screen
The following figure helps explain the main fields in the web configurator.
Figure 139 IPSec Summary Fields
Local and remote IP addresses must be static.
Click Security and VPN to open the VPN Setup screen. This is a menu of your IPSec rules (tunnels). The IPSec summary menu is
| 239 |
|
|