ZyXEL ZYWALL USG 100 User Guide - Page 63
Create Secure Connections Across the Internet, 4.1 IPSec VPN, 4.1.1 Test the VPN Connection - ssl vpn setup
View all ZyXEL ZYWALL USG 100 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 63 highlights
CHAPTER 4 Create Secure Connections Across the Internet These sections cover using VPN to create secure connections across the Internet. • IPSec VPN on page 63 • VPN Concentrator Example on page 65 • Hub-and-spoke IPSec VPN Without VPN Concentrator on page 67 • ZyWALL IPSec VPN Client Configuration Provisioning on page 69 • SSL VPN on page 73 • L2TP VPN with Android, iOS, and Windows on page 75 • One-Time Password Version 2 (OTPv2) on page 90 4.1 IPSec VPN Besides using the VPN quick setup wizard to configure settings for an IPSec VPN tunnel, you can use the Configuration > VPN > IPSec VPN screens to configure and activate or deactivate VPN gateway and IPSec VPN connection policies. You can also connect or disconnect IPSec VPN connections. • Use the VPN Gateway screens to manage the ZyWALL's VPN gateways. A VPN gateway specifies the IPSec routers at either end of a VPN tunnel and the IKE SA settings (phase 1 settings). You can also activate or deactivate each VPN gateway. • Use the VPN Connection screens to specify which IPSec VPN gateway an IPSec VPN connection policy uses, which devices behind the IPSec routers can use the VPN tunnel, and the IPSec SA settings (phase 2 settings). You can also activate or deactivate and connect or disconnect each VPN connection (each IPSec SA). 4.1.1 Test the VPN Connection After you configure the VPN gateway and VPN connection settings, set up the VPN settings on the peer IPSec router and try to establish the VPN tunnel. To trigger the VPN, either try to connect to a device on the peer IPSec router's LAN or click Configuration > VPN > IPSec VPN > VPN Connection and use the VPN connection screen's Connect icon. 4.1.2 Configure Security Policies for the VPN Tunnel You configure security policies based on zones. The new VPN connection was assigned to the IPSec_VPN zone. By default, there are no security restrictions on the IPSec_VPN zone, so, next, you should set up security policies that apply to the IPSec_VPN zone. ZyWALL USG100-PLUS User's Guide 63