ZyXEL VFG6005 User Guide - Page 64

2. Configure [Add - IPsec] Settings following the instructions below. Sequence Number Connection Name Rule Enable VPN Mode Local External Interface This defines the sequence of the IPsec rules. Name of the IPsec rule. Enable/Disable this IPsec rule Net-to-Net or Road Warrior Select the external WAN for the local VPN gateway. Local Internal IP Address Select the subnet IP address for the VPN gateway. Local Netmask Remote Gateway Remote Subnet IP Remote Netmask Connection Initiation IKE Key Mode Preshared Key L2TP Enable Advanced Options Phase 1 Mode Phase 1 ID Phase 1 Lifetime Phase 2 Lifetime Phase 1 Authentication Phase I Encryption Phase 1 Group Key Management Phase 2 Authentication Phase 2 Encryption Phase 2 Group Key Management Select the netmask for the local VPN gateway. Enter the IP address or domain name of the remote VPN gateway. This option is needed in Net-to-Net mode. Enter the subnet IP address of the remote VPN gateway. This option is needed in Net-to-Net mode. Enter the subnet netmask of the remote VPN gateway. This option is needed in Net-to-Net mode. Check the local VPN gateway to initiate the connection. This option is needed in Net-to-Net mode. PSK. Enter the preshared key. The key should be at least 8-digit ASCII string. Check the local VPN gateway to enable L2TP. This option is needed in Road Warrior mode. Check it if you need to configure the advanced options. Main. Enter the phase 1 ID. Enter the phase 1 lifetime. This value is between 3600 and 28800 seconds. Enter the phase 2 lifetime. This value is between 3600 and 28800 seconds. Select the phase 1 authentication as MD5 or SHA1. (SHA1 recommended) Select the phase 1 encryption as DES, 3DES or AES. (AES recommended) Select the phase 1 group key management as DH1, DH2 or DH5. Select the phase 2 authentication as MD5 or SHA1. (SHA1 recommended) Select the phase 2 encryption as DES, 3DES or AES. (AES recommended) Select the phase 2 group key management as DH1, DH2 or DH5. 55