ZyWALL 2 Series User’s Guide
Table
LABEL | DESCRIPTION |
|
|
Remote:
Remote IP addresses must be static and correspond to the remote IPSec router's configured local IP addresses.
Two active SAs cannot have the local and remote IP address(es) both the same. Two active SAs can have the same local or remote IP address, but not both. You can configure multiple SAs between the same local and remote IP addresses, as long as only one is active at any time.
Address Type | Use the |
| Address. Select Single Address with a single IP address. Select Range Address |
| for a specific range of IP addresses. Select Subnet Address to specify IP addresses |
| on a network by their subnet mask. |
|
|
Starting IP | When the Address Type field is configured to Single Address, enter a (static) IP |
Address | address on the network behind the remote IPSec router. When the Addr Type field is |
| configured to Range Address, enter the beginning (static) IP address, in a range of |
| computers on the network behind the remote IPSec router. When the Address Type |
| field is configured to Subnet Address, enter a (static) IP address on the network |
| behind the remote IPSec router. |
Ending IP | When the Address Type field is configured to Single Address, this field is N/A. |
Address/Subnet | When the Address Type field is configured to Range Address, enter the end (static) |
Mask | IP address, in a range of computers on the network behind the remote IPSec router. |
| When the Address Type field is configured to Subnet Address, enter a subnet |
| mask on the network behind the remote IPSec router. |
|
|
DNS Server (for | If there is a private DNS server that services the VPN, type its IP address here. The |
IPSec VPN) | ZyWALL assigns this additional DNS server to the ZyWALL's DHCP clients that have |
| IP addresses in this IPSec rule's range of local addresses. |
| A DNS server allows clients on the VPN to find other computers and servers on the |
| VPN by their (private) domain names. |
|
|
My IP Address | Enter the WAN IP address of your ZyWALL. The VPN tunnel has to be rebuilt if this |
| IP address changes. |
| The following applies if this field is configured as 0.0.0.0: |
| The ZyWALL uses the current ZyWALL WAN IP address (static or dynamic) to |
| set up the VPN tunnel. |
| If the WAN connection goes down, the ZyWALL uses the dial backup IP |
| address for the VPN tunnel when using dial backup or the LAN IP address when |
| using traffic redirect. See the chapter on WAN for details on dial backup and |
| traffic redirect. |
|
|
VPN Screens |