ZyXEL Vantage CNM User Guide - Page 142
Device Operation > Device Configuration > Security > VPN > VPN Rules, IKE > Gateway
View all ZyXEL Vantage CNM manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 142 highlights
Chapter 6 Device Security Settings Table 50 Device Operation > Device Configuration > Security > VPN > VPN Rules (IKE) > Gateway Policy Add/Edit LABEL DESCRIPTION My DDNS Domain Name This field is enabled if My ZyWALL Address Type is IP Address. Select the DDNS domain name associated with the device in the VPN tunnel. Use the DDNS screens to configure these domain names. Remote Gateway Address Type the WAN IP address or the domain name (up to 31 characters) of the IPSec router with which you're making the VPN connection. Set this field to 0.0.0.0 if the remote IPSec router has a dynamic WAN IP address. In order to have more than one active rule with the Remote Gateway Address field set to 0.0.0.0, the ranges of the local IP addresses cannot overlap between rules. Enable IPSec High Availability If you configure an active rule with 0.0.0.0 in the Remote Gateway Address field and the LAN's full IP address range as the local IP address, then you cannot configure any other active rules with the Remote Gateway Address field set to 0.0.0.0. Turn on the high availability feature to use a redundant (backup) VPN connection to another WAN interface on the remote IPSec router if the primary (regular) VPN connection goes down. The remote IPSec router must have a second WAN connection in order for you to use this. To use this, you must identify both the primary and the redundant remote IPSec routers by WAN IP address or domain name (you cannot set either to 0.0.0.0). Redundant Remote Type the WAN IP address or the domain name (up to 31 characters) Gateway of the backup IPSec router to use when the device cannot not connect to the primary remote gateway. Fail back to Primary Select this to have the device change back to using the primary Remote Gateway remote gateway if the connection becomes available again. when possible Fail Back Check Interval* Set how often the device should check the connection to the primary remote gateway while connected to the redundant remote gateway. Authentication Key Each gateway policy uses one or more network policies. If the fall back check interval is shorter than a network policy's SA life time, the fall back check interval is used as the check interval and network policy SA life time. If the fall back check interval is longer than a network policy's SA life time, the SA lifetime is used as the check interval and network policy SA life time. 142 Vantage CNM User's Guide