ZyXEL Communications ZyWALL 1000 4.8.5 VPN Advanced Wizard

		Chapter 4 Wizard Setup
	Table 18 VPN Advanced Wizard: Step 2 (continued)
	LABEL	DESCRIPTION
	Certificate	Use the drop-down list box to select the certificate to use for this VPN tunnel. You
		must have certificates already configured in the My Certificates screen. Click
		Certificate under the Object menu to go to the My Certificates screen where you
		can view the ZyWALL's list of certificates.

	Next	Click Next to continue.

4.8.5 VPN Advanced Wizard - Remote Gateway

The Remote Gateway policy identifies the IPSec devices at either end of a VPN tunnel.

Name: Type the name used to identify this VPN connection (and VPN gateway). You may use 1-31 alphanumeric characters, underscores(_), or dashes (-), but the first character cannot be a number. This value is case-sensitive.

Secure Gateway: Enter the WAN IP address or domain name of the remote IPSec router (secure gateway). Use 0.0.0.0 if the remote IPSec router has a dynamic WAN IP address and no domain name.

Select an interface to use on your ZyWALL.

Select Pre-Shared Key to use a password for authentication. Both ends of the VPN tunnel must use the same pre-shared key. Use 8 to 31 case-sensitive ASCII characters or 16 to 62 hexadecimal (“0-9”, “A-F”) characters. Precede hexadecimal characters with “0x”.

Select Certificate to use a digital certificate for authentication. default uses the ZyWALL's default certificate. Click Object > Certificate to configure other certificates in the My Certificates screen.

4.8.5.1 Phase 1 Setting

There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and phase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA (Security Association).

	103
ZyWALL USG 1000 User’s Guide	103