ZyWALL 2 Series User’s Guide
The following table describes the fields in this screen.
| Table | |
|
| |
LABEL | DESCRIPTION | |
|
| |
Active | Select this check box to activate this VPN tunnel. This option determines whether a VPN | |
rule is applied before a packet leaves the firewall. | ||
| ||
|
| |
| Select this check box to turn on the keep alive feature for this SA. | |
Keep Alive | Turn on Keep Alive to have the ZyWALL automatically reinitiate the SA after the SA | |
| lifetime times out, even if there is no traffic. The remote IPSec router must also have keep | |
| alive enabled in order for this feature to work. | |
|
| |
NAT Traversal | Select this check box to enable NAT traversal. NAT traversal allows you to set up a VPN | |
| connection when there are NAT routers between the two IPSec routers. | |
| The remote IPSec router must also have NAT traversal enabled. | |
| You can use NAT traversal with ESP protocol using Transport or Tunnel mode, but not | |
| with AH protocol nor with manual key management. In order for an IPSec router behind a | |
| NAT router to receive an initiating IPSec packet, set the NAT router to forward UDP port | |
| 500 to the IPSec router behind the NAT router. | |
|
| |
Name | Type up to 32 characters to identify this VPN policy. You may use any character, including | |
| spaces, but the ZyWALL drops trailing spaces. | |
|
| |
Key Management | Select IKE or Manual Key from the | |
(or IPSec Keying | is generally recommended. Manual Key is a useful option for troubleshooting. | |
Mode) |
| |
|
| |
Negotiation Mode | Select Main or Aggressive from the | |
| a secure gateway must have the same negotiation mode. | |
|
| |
Enable Extended | Select this check box to activate extended authentication. | |
Authentication |
| |
|
|
VPN Screens |