ZyXEL Communications USG 2000 443

Chapter 25 IPSec VPN

Application Scenarios

The ZyWALL’s application scenarios make it easier to configure your VPN connection settings.

Table 116 IPSec VPN Application Scenarios

SITE-TO-SITE	SITE-TO-SITE WITH	REMOTE ACCESS	REMOTE ACCESS
SITE-TO-SITE	DYNAMIC PEER	(SERVER ROLE)	(CLIENT ROLE)
	DYNAMIC PEER	(SERVER ROLE)	(CLIENT ROLE)

Choose this if the	Choose this if the	Choose this to allow	Choose this to
remote IPSec router	remote IPSec router	incoming	connect to an IPSec
has a static IP	has a dynamic IP	connections from	server.
address or a domain	address.	IPSec VPN clients.	This ZyWALL is the
name.	You don’t specify the	The clients have	This ZyWALL is the
This ZyWALL can	You don’t specify the	The clients have	client (dial-in user).
This ZyWALL can	remote IPSec	dynamic IP	Client role ZyWALLs
initiate the VPN	router’s address, but	addresses and are	Client role ZyWALLs
tunnel.	you specify the	also known as dial-in	initiate IPSec VPN
The remote IPSec	remote policy (the	users.	connections to a
The remote IPSec	addresses of the		server role ZyWALL.
router can also	devices behind the	You don’t specify the	This ZyWALL can
initiate the VPN	remote IPSec	addresses of the	This ZyWALL can
tunnel if this ZyWALL	router).	client IPSec routers	have a dynamic IP
has a static IP		or the remote policy.	address.
address or a domain	This ZyWALL must	This creates a	The IPSec server
name.	have a static IP	This creates a	The IPSec server
	address or a domain	dynamic IPSec VPN	doesn’t configure
	name.	rule that can let	this ZyWALL’s IP
		multiple clients	address or the
	Only the remote	connect.	addresses of the
	IPSec router can	Only the clients can	devices behind it.
	initiate the VPN	Only the clients can	Only this ZyWALL
	tunnel.	initiate the VPN	Only this ZyWALL
		tunnel.	can initiate the VPN
			tunnel.

Finding Out More

• See Section 6.5.15 on page 110 for related information on these screens.

	443
ZyWALL USG 2000 User’s Guide	443