ZyXEL Communications 2602HWNLI-D7A User Manual

 

All contents copyright (c) 2007 ZyXEL Communications Corporation.   

206 

E-mail support@zyxel.com.tw 

 

Please note that, in Prestige, if "DNS" or "E-mail" type is choosen, you can still use a random string as 

the content, such as "this_is_Prestige". It's not neccessary to follow the format exactly.  

 

By default, Prestige takes IP as phase 1 ID type for itself and it's remote peer. But if it's remote peer is 

using DNS or E-mail, you have to ajust the settings to pass phase 1 ID checking.   

If your VPN connection is Prestige to Prestige, and both of them have static IP address, and there is no 

NAT router in between, you can ignore this option. Just leave Local/Peer ID type as IP, then skip this 

option.   

If either side of VPN tunneling end point is using dynamic IP address, you may need to configure ID for 

the one with dynamic IP address. And in this case, "Aggressive mode" is recommended to be applied in 

phase 1 negotiation .   

 

IPSec VPN is available for Prestige since ZyNOS V3.50. It is free upgrade, no registration is needed. 

 

By upgrading the firmware and also configurations (romfile) to ZyNOS V3.50, the IPSec VPN capability 

is ready in your Prestige. You then can configure VPN via web configurator. Please download the 

firmware from our web site. 

NOTE: For updating from ZyNOS V3.2x to V3.5x, please use console or TFTP update. This is because 

the memory allocation difference between these two versions.   

You can configure Prestige for VPN using SMT or Web configurator. Prestige 1 supports Web only. 

Prestige 1 supports 1 VPN connection. Prestige 10 supports 10 VPN connections. Prestige 50 supports 50 

tunnels. Prestige 100 supports 100 tunnels.