ZyXEL VSG1432-B101 User Guide - Page 255
IPSec Settings > Add/Edit: Manual
View all ZyXEL VSG1432-B101 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 255 highlights
Chapter 21 IPSec Table 88 IPSec Settings > Add/Edit: Manual LABEL DESCRIPTION Tunnel access from local IP addresses Specify the IP addresses of the devices behind the ZyXEL Device that can use the VPN tunnel. The local IP addresses must correspond to the remote IPSec router's configured remote IP addresses. Two active SAs cannot have the local and remote IP address(es) both the same. Two active SAs can have the same local or remote IP address, but not both. You can configure multiple SAs between the same local and remote IP addresses, as long as only one is active at any time. IP Address for VPN Use the drop-down list box to choose Single Address or Subnet. Select Single Address for a single IP address. Select Subnet to specify IP addresses on a network by their subnet mask. When the local IP address type is configured to Single Address, enter a (static) IP address on the LAN behind your ZyXEL Device. IP Subnetmask When the local IP address type is configured to Subnet, enter a (static) IP address on the LAN behind your ZyXEL Device. When the local IP address type is configured to Single Address, this field is not available. Tunnel access from remote IP addresses When the local IP address type is configured to Subnet, enter a subnet mask on the LAN behind your ZyXEL Device. Specify the IP addresses of the devices behind the remote IPSec router that can use the VPN tunnel. The remote IP addresses must correspond to the remote IPSec router's configured local IP addresses. Two active SAs cannot have the local and remote IP address(es) both the same. Two active SAs can have the same local or remote IP address, but not both. You can configure multiple SAs between the same local and remote IP addresses, as long as only one is active at any time. IP Address for VPN Use the drop-down list box to choose Single Address or Subnet. Select Single Address with a single IP address. Select Subnet to specify IP addresses on a network by their subnet mask. When the remote IP address type is configured to Single Address, enter a (static) IP address on the network behind the remote IPSec router. IP Subnetmask When the remote IP address type is configured to Subnet, enter a (static) IP address on the network behind the remote IPSec router. When the remote IP address type is configured to Single Address, this field is not available. Protocol Key Exchange Method When the remote IP address type is configured to Subnet, enter a subnet mask on the network behind the remote IPSec router. This field displays ESP and the ZyXEL Device uses ESP (Encapsulation Security Payload) for VPN. The ESP protocol (RFC 2406) provides encryption as well as some of the services offered by AH. Select Auto(IKE) or Manual from the drop-down list box. Auto(IKE) provides more protection so it is generally recommended. Manual is a useful option for troubleshooting if you have problems using Auto(IKE) key management. VSG1432-B101 Series User's Guide 255