ZyXEL Communications NBG420N User Manual

Chapter 15 IPSec VPN

NBG420N User’s Guide

The following table describes the labels in this screen. 

You can allow someone to use a service (like Telnet or HTTP) through a VPN tunnel to 
manage the NBG420N. One of the NBG420N’s ports must be part of the VPN rule’s local 
network. This can be the NBG420N’s LAN port if you do not want to allow remote 
management on the WAN port. You also have to configure remote management (REMOTE 
MGMT) to allow management access for the service through the specific port. 
In the following example, the VPN rule’s local network (A) includes the NBG420N’s LAN IP 
address of 192.168.1.7. Someone in the remote network (B) can use a service (like HTTP for 
example) through the VPN tunnel to access the NBG420N’s LAN interface. Remote 
management must also be configured to allow HTTP access on the NBG420N’s LAN 
interface.

Figure 110   VPN for Remote Management Example

Table 66   Security > VPN > SA Monitor

#

This is the security association index number. 

Name

This field displays the identification name for this VPN policy.

Encapsulation

This field displays Tunnel or Transport mode. 

IPSec Algorithm

This field displays the security protocols used for an SA.
Both AH and ESP increase NBG420N processing requirements and 

communications latency (delay).

Refresh

Click Refresh to display the current active VPN connection(s).