ZyXEL MAX318M User Guide - Page 140

Table 60, Label, Description

Get ZyXEL MAX318M PDF manuals and user guides View all ZyXEL MAX318M manuals
Add to My Manuals
Save this manual to your list of manuals

Page 140 highlights

Chapter 8 Security This screen contains the following fields: Table 60 IPSec VPN: Add LABEL DESCRIPTION Property Enable Select Enable to activate this VPN policy. Connection Name Enter the name of the VPN connection. Connection Type Select the scenario that best describes your intended VPN connection. • Initiator - Choose this to connect to an IPSec server. The WiMAX Device is the client (dial-in user) and can initiate the VPN connection. • On Demand - Choose this if the remote IPSec router has a static IP address or a domain name. This WiMAX Device can initiate the VPN tunnel. • Responder - Choose this to allow incoming connections from IPSec VPN clients. The clients can have dynamic IP addresses and are also known as dial-in users. Only the clients can initiate the VPN tunnel. Gateway Information Local Endpoint Interface Select the interface for the VPN gateway. IP Address Enter the IP address of the WiMAX Device in the IKE SA. Remote Endpoint IP Address Enter the IP address of the remote IPSec router in the IKE SA. Authentication Method Pre-Shared Key Type your pre-shared key in this field. A pre-shared key identifies a communicating party during a phase 1 IKE negotiation. Local ID Type Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62 hexadecimal ("0-9", "A-F") characters. You must precede a hexadecimal key with a "0x" (zero x), which is not counted as part of the 16 to 62 character range for the key. For example, in "0x0123456789ABCDEF", "0x" denotes that the key is hexadecimal and "0123456789ABCDEF" is the key itself. Select IP to identify the WiMAX Device by its IP address. Select Domain Name to identify this WiMAX Device by a domain name. Content Select E-mail to identify this WiMAX Device by an e-mail address. When you select IP in the Local ID Type field, type the IP address of your computer in the Content field. If you configure the Content field to 0.0.0.0 or leave it blank, the WiMAX Device automatically uses the Pre-Shared Key (refer to the Pre-Shared Key field description). It is recommended that you type an IP address other than 0.0.0.0 in the Content field or use the Domain Name or E-mail ID type in the following situations. • When there is a NAT router between the two IPSec routers. • When you want the remote IPSec router to be able to distinguish between VPN connection requests that come in from IPSec routers with dynamic WAN IP addresses. When you select Domain Name or E-mail in the Local ID Type field, type a domain name or e-mail address by which to identify this WiMAX Device in the Local Content field. Use up to 31 ASCII characters including spaces, although trailing spaces are truncated. The domain name or e-mail address is for identification purposes only and can be any string. 140 WiMAX Device Configuration User's Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
Chapter 8 Security
WiMAX Device Configuration User’s Guide
140
This screen contains the following fields:
Table 60
IPSec VPN: Add
LABEL
DESCRIPTION
Property
Enable
Select
Enable
to activate this VPN policy.
Connection
Name
Enter the name of the VPN connection.
Connection
Type
Select the scenario that best describes your intended VPN connection.
Initiator
- Choose this to connect to an IPSec server. The WiMAX Device is
the client (dial-in user) and can initiate the VPN connection.
On Demand - Choose this if the remote IPSec router has a static IP address
or a domain name. This WiMAX Device can initiate the VPN tunnel.
Responder - Choose this to allow incoming connections from IPSec VPN
clients. The clients can have dynamic IP addresses and are also known as
dial-in users. Only the clients can initiate the VPN tunnel.
Gateway Information
Local Endpoint
Interface
Select the interface for the VPN gateway.
IP Address
Enter the IP address of the WiMAX Device in the IKE SA.
Remote Endpoint
IP Address
Enter the IP address of the remote IPSec router in the IKE SA.
Authentication Method
Pre-Shared
Key
Type your pre-shared key in this field. A pre-shared key identifies a
communicating party during a phase 1 IKE negotiation.
Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62 hexadecimal
("0-9", "A-F") characters. You must precede a hexadecimal key with a "0x” (zero
x), which is not counted as part of the 16 to 62 character range for the key. For
example, in "0x0123456789ABCDEF", “0x” denotes that the key is hexadecimal
and “0123456789ABCDEF” is the key itself.
Local ID Type
Select
IP
to identify the WiMAX Device by its IP address.
Select
Domain Name
to identify this WiMAX Device by a domain name.
Select
E-mail
to identify this WiMAX Device by an e-mail address.
Content
When you select IP in the
Local ID Type
field, type the IP address of your
computer in the
Content
field. If you configure the
Content
field to 0.0.0.0 or
leave it blank, the WiMAX Device automatically uses the
Pre-Shared Key
(refer
to the
Pre-Shared Key
field description).
It is recommended that you type an IP address other than 0.0.0.0 in the
Content
field or use the
Domain Name
or
E-mail ID
type in the following
situations.
When there is a NAT router between the two IPSec routers.
When you want the remote IPSec router to be able to distinguish between
VPN connection requests that come in from IPSec routers with dynamic WAN
IP addresses.
When you select
Domain Name
or
E-mail
in the
Local ID Type
field, type a
domain name or e-mail address by which to identify this WiMAX Device in the
Local Content
field. Use up to 31 ASCII characters including spaces, although
trailing spaces are truncated. The domain name or e-mail address is for
identification purposes only and can be any string.