ZyXEL ISG50-PSTN User Guide - Page 371
The VPN Connection Add/Edit IKE Screen
View all ZyXEL ISG50-PSTN manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 371 highlights
Chapter 24 IPSec VPN Each field is discussed in the following table. See Section 24.2.2 on page 377 and Section 24.2.1 on page 371 for more information. Table 122 Configuration > VPN > IPSec VPN > VPN Connection LABEL Use Policy Route to control dynamic IPSec rules DESCRIPTION Select this to be able to use policy routes to manually specify the destination addresses of dynamic IPSec rules. You must manually create these policy routes. The ISG50 automatically obtains source and destination addresses for dynamic IPSec rules that do not match any of the policy routes. Clear this to have the ISG50 automatically obtain source and destination addresses for all dynamic IPSec rules. Ignore ""Don't Fragment"" setting in packet header Add Edit Remove Activate Inactivate Connect Disconnect Object References # Status See Section 6.5.1 on page 95 for how this option affects the routing table. Select this to fragment packets larger than the MTU (Maximum Transmission Unit) that have the "don't" fragment" bit in the IP header turned on. When you clear this the ISG50 drops packets larger than the MTU that have the "don't" fragment" bit in the header turned on. Click this to create a new entry. Double-click an entry or select it and click Edit to open a screen where you can modify the entry's settings. To remove an entry, select it and click Remove. The ISG50 confirms you want to remove it before doing so. To turn on an entry, select it and click Activate. To turn off an entry, select it and click Inactivate. To connect an IPSec SA, select it and click Connect. To disconnect an IPSec SA, select it and click Disconnect. Select an entry and click Object References to open a screen that shows which settings use the entry. See Section 12.3.2 on page 246 for an example. This field is a sequential value, and it is not associated with a specific connection. The activate (light bulb) icon is lit when the entry is active and dimmed when the entry is inactive. Name VPN Gateway Encapsulation Algorithm Policy Apply Reset The connect icon is lit when the interface is connected and dimmed when it is disconnected. This field displays the name of the IPSec SA. This field displays the associated VPN gateway(s). If there is no VPN gateway, this field displays "manual key". This field displays what encapsulation the IPSec SA uses. This field displays what encryption and authentication methods, respectively, the IPSec SA uses. This field displays the local policy and the remote policy, respectively. Click Apply to save your changes back to the ISG50. Click Reset to return the screen to its last-saved settings. 24.2.1 The VPN Connection Add/Edit (IKE) Screen The VPN Connection Add/Edit Gateway screen allows you to create a new VPN connection policy or edit an existing one. To access this screen, go to the Configuration > VPN Connection screen (see Section 24.2 on page 370), and click either the Add icon or an Edit icon. If you click ISG50 User's Guide 371