ZyXEL Communications ZyWALL 1000 6.2 IPSec VPN, 6.2.2 Set up the VPN Gateway, 6.2.1 Set up the Ethernet Interfaces and Zones

Chapter 6 Tutorials

6.2 IPSec VPN

This example is going to show you how to create the VPN tunnel illustrated below.

Figure 59 VPN Example

172.23.37.240 220.123.143.10/24

192.168.1.33 ~ 192.168.1.232

192.168.10.0/24

In this example, the ZyWALL is router X (172.23.37.240/24), and the remote IPSec router is router Y (220.123.143.10/24). Create the VPN tunnel between IP addresses 192.168.1.33 to 192.168.1.232 on our local network A and the remote network B (192.168.10.0/24).

The ZyWALL has its default settings.

6.2.1 Set up the Ethernet Interfaces and Zones

This example uses the default Ethernet interface and zone settings so they do not need to be configured.

6.2.2 Set up the VPN Gateway

The VPN gateway manages the IKE SA. You do not have to set up any other objects before you configure the VPN gateway because this VPN tunnel does not use any certificates or extended authentication.

1Click VPN > IPSec VPN > VPN Gateway, and then click the Add icon.

2Give the VPN gateway a name (“VPN_GW_EXAMPLE”). Use the default proposal settings in this example--DES encryption, MD5 authentication, and DH1 key group. In the Property section, select ge4 in the Interface field, and enter 220.123.143.10 in the first Secure Gateway Address field. In the Authentication Method section, the pre- shared key is 12345678, and the routers are using each other’s IP addresses for authentication. Click OK.

132
132	ZyWALL USG 1000 User’s Guide