ZyXEL P-335U User Guide - Page 157
My IP Address, E-mail, Local ID Type, Local Content, Local, Content, Domain Name, IPSec,
View all ZyXEL P-335U manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 157 highlights
P-334U/P-335U User's Guide Table 53 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL DESCRIPTION My IP Address Enter the ZyXEL Device's static WAN IP address (if it has one) or leave the field set to 0.0.0.0. The ZyXEL Device uses its current WAN IP address (static or dynamic) in setting up the VPN tunnel if you leave this field as 0.0.0.0. If the WAN connection goes down, the ZyXEL Device uses the dial backup IP address for the VPN tunnel when using dial backup or the LAN IP address when using traffic redirect. Otherwise, you can enter one of the dynamic domain names that you have configured (in the DDNS screen) to have the ZyXEL Device use that dynamic domain name's IP address. The VPN tunnel has to be rebuilt if My IP Address changes after setup. Local ID Type Select IP to identify this ZyXEL Device by its IP address. Select DNS to identify this ZyXEL Device by a domain name. Select E-mail to identify this ZyXEL Device by an e-mail address. Local Content When you select IP in the Local ID Type field, type the IP address of your computer in the Local Content field. The ZyXEL Device automatically uses the IP address in the My IP Address field (refer to the My IP Address field description) if you configure the Local Content field to 0.0.0.0 or leave it blank. It is recommended that you type an IP address other than 0.0.0.0 in the Local Content field or use the Domain Name or E-mail ID type in the following situations. • When there is a NAT router between the two IPSec routers. • When you want the remote IPSec router to be able to distinguish between VPN connection requests that come in from IPSec routers with dynamic WAN IP addresses. When you select Domain Name or E-mail in the Local ID Type field, type a domain name or e-mail address by which to identify this ZyXEL Device in the Local Content field. Use up to 31 ASCII characters including spaces, although trailing spaces are truncated. The domain name or e-mail address is for identification purposes only and can be any string. Secure Gateway Address Type the WAN IP address or the domain name (up to 31 characters) of the IPSec router with which you're making the VPN connection. Set this field to 0.0.0.0 if the remote IPSec router has a dynamic WAN IP address (the IPSec Keying Mode field must be set to IKE). In order to have more than one active rule with the Secure Gateway Address field set to 0.0.0.0, the ranges of the local IP addresses cannot overlap between rules. If you configure an active rule with 0.0.0.0 in the Secure Gateway Address field and the LAN's full IP address range as the local IP address, then you cannot configure any other active rules with the Secure Gateway Address field set to 0.0.0.0. Peer ID Type Note: You can also enter a remote secure gateway's domain name in the Secure Gateway Address field if the remote secure gateway has a dynamic WAN IP address and is using DDNS. The ZyXEL Device has to rebuild the VPN tunnel each time the remote secure gateway's WAN IP address changes (there may be a delay until the DDNS servers are updated with the remote gateway's new WAN IP address). Select IP to identify the remote IPSec router by its IP address. Select DNS to identify the remote IPSec router by a domain name. Select E-mail to identify the remote IPSec router by an e-mail address. Chapter 13 IPSec VPN 157