Chapter 20 IPSec VPN
Table 91 VPN > IPSec VPN > VPN Connection > Edit (continued)
LABEL | DESCRIPTION |
SNAT | Select the address object that represents the translated source address (or |
| select Create Object to configure a new one). This is the address that hides the |
| original source address. The size of the original source address range (Source) |
| must be equal to the size of the translated source address range (SNAT). |
Destination NAT | This translation forwards packets (for example, mail) from the remote network |
| to a specific computer (for example, the mail server) in the local network. |
|
|
# | This field is a sequential value, and it is not associated with a specific NAT |
| record. However, the order of records is the sequence in which conditions are |
| checked and executed. |
|
|
Original IP | Select the address object that represents the original destination address. This |
| is the address object for the remote network. |
|
|
Mapped IP | Select the address object that represents the desired destination address. For |
| example, this is the address object for the mail server. |
|
|
Protocol | Select the protocol required to use this translation. Choices are: TCP, UDP, or |
| All. |
|
|
Original Port | These fields are available if the protocol is TCP or UDP. Enter the original |
| destination port or range of original destination ports. The size of the original |
| port range must be the same size as the size of the mapped port range. |
|
|
Mapped Port | These fields are available if the protocol is TCP or UDP. Enter the translated |
| destination port or range of translated destination ports. The size of the original |
| port range must be the same size as the size of the mapped port range. |
|
|
Add icon | This column contains icons to add, move, and remove NAT records. |
| To add a NAT record, click the Add icon at the top of the column. |
| To move a NAT record, click the Move to N icon next to the record, and then |
| type the row number to which you want to move it. The records are renumbered |
| automatically. |
| To remove a NAT record, click the Remove icon next to the record. The |
| ZyWALL confirms that you want to delete the NAT record before doing so. |
|
|
OK | Click OK to save the changes. |
|
|
Cancel | Click Cancel to discard all changes and return to the main VPN screen. |
|
|
The VPN Connection Add/Edit Manual Key screen allows you to create a new VPN connection or edit an existing one using a manual key. This is useful if you have problems with IKE key management. To access this screen, go to the VPN Connection summary screen (see Section 20.3.1 on page 297), and click either the Add icon or an existing manual key entry’s Edit icon.
302 |
| |
ZyWALL USG 1000 User’s Guide |
| |
|
|
|