Chapter 20 IPSec VPN

Instead of using the pre-shared key, the ZyWALL and remote IPSec router check the signatures on each other’s certificates. Unlike pre-shared keys, the signatures do not have to match.

The local and peer ID type and content come from the certificates.

"You must set up the certificates for the ZyWALL and remote IPSec router first.

20.4.3VPN Gateway Summary

The VPN Gateway summary screen displays the VPN gateways in the ZyWALL, as well as the ZyWALL’s address, remote IPSec router’s address, and associated VPN connections for each one. In addition, it also lets you activate and deactivate each VPN gateway.

To access this screen, click VPN > Network > IPSec VPN > VPN Gateway. The following screen appears.

Figure 205 VPN > IPSec VPN > VPN Gateway

Each field is discussed in the following table. See Section 20.4.4 on page 313 for more information.

Table 95 VPN > IPSec VPN > VPN Gateway

LABEL

DESCRIPTION

#

This field is a sequential value, and it is not associated with a specific gateway.

 

 

Name

This field displays the name of the VPN gateway.

 

 

My address

This field displays the address of the VPN gateway. The address can be an

 

interface or a domain name.

 

 

Secure Gateway

This field displays the IP address(es) of the remote IPSec routers.

 

 

VPN Connection

This field displays VPN connections that use this VPN gateway.

 

 

312

 

ZyWALL USG 1000 User’s Guide