ZyWALL 5/35/70 Series User’s Guide
between three encryption algorithms (DES, 3DES and AES), two authentication algorithms (MD5 and SHA1) and two key groups (DH1 and DH2) when you configure a VPN rule (see Section 19.12 on page 320). The ID type and content act as an extra level of identification for incoming SAs.
The type of ID can be a domain name, an IP address or an
Table 95 Local ID Type and Content Fields
LOCAL ID TYPE= | CONTENT= |
|
|
IP | Type the IP address of your computer or leave the field blank to have the ZyWALL |
| automatically use its own IP address. |
DNS | Type a domain name (up to 31 characters) by which to identify this ZyWALL. |
|
|
Type an | |
|
|
The domain name or
Table 96 Peer ID Type and Content Fields
PEER ID TYPE= | CONTENT= |
|
|
IP | Type the IP address of the computer with which you will make the VPN connection |
| or leave the field blank to have the ZyWALL automatically use the address in the |
| Remote Gateway Address field. |
DNS | Type a domain name (up to 31 characters) by which to identify the remote IPSec |
| router. |
Type an | |
| router. |
Subject Name | Type the subject name (up to 255 characters) by which to identify the remote IPSec |
| router. This option is available only when you set Authentication Key to |
| Certificate. |
The domain name or
Two IPSec routers must have matching ID type and content configuration in order to set up a VPN tunnel.
The two ZyWALLs in this example can complete negotiation and establish a VPN tunnel.
Table 97 Matching ID Type and Content Configuration Example
ZYWALL A | ZYWALL B |
|
|
Local ID type: | Local ID type: IP |
|
|
Local ID content: tom@yourcompany.com | Local ID content: 1.1.1.2 |
|
|
Chapter 19 VPN Screens | 308 |