ZyXEL Communications 5 Series User Manual
Chapter 4 Wizard Setup
ZyWALL 5/35/70 Series User’s Guide
103
The following table describes the labels in this screen.
Table 21 VPN Wizard: VPN Status
LABEL
DESCRIPTION
Gateway Policy
Property
Property
Name
This is the name of this VPN gateway policy.
Gateway Policy
Setting
Setting
My ZyWALL
This is the WAN IP address or the domain name of your ZyWALL in router
mode or the ZyWALL’s IP address in bridge mode.
mode or the ZyWALL’s IP address in bridge mode.
Remote Gateway
Address
Address
This is the IP address or the domain name used to identify the remote IPSec
router.
router.
Network Policy
Property
Property
Active
This displays whether this VPN network policy is enabled or not.
Name
This is the name of this VPN network policy.
Network Policy
Setting
Setting
Local Network
Starting IP Address
This is a (static) IP address on the LAN behind your ZyWALL.
Ending IP Address/
Subnet Mask
Subnet Mask
When the local network is configured for a single IP address, this field is N/A.
When the local network is configured for a range IP address, this is the end
(static) IP address, in a range of computers on the LAN behind your ZyWALL.
When the local network is configured for a subnet, this is a subnet mask on the
LAN behind your ZyWALL.
When the local network is configured for a range IP address, this is the end
(static) IP address, in a range of computers on the LAN behind your ZyWALL.
When the local network is configured for a subnet, this is a subnet mask on the
LAN behind your ZyWALL.
Remote Network
Starting IP Address
This is a (static) IP address on the network behind the remote IPSec router.
Ending IP Address/
Subnet Mask
Subnet Mask
When the remote network is configured for a single IP address, this field is N/A.
When the remote network is configured for a range IP address, this is the end
(static) IP address, in a range of computers on the network behind the remote
IPSec router. When the remote network is configured for a subnet, this is a
subnet mask on the network behind the remote IPSec router.
When the remote network is configured for a range IP address, this is the end
(static) IP address, in a range of computers on the network behind the remote
IPSec router. When the remote network is configured for a subnet, this is a
subnet mask on the network behind the remote IPSec router.
IKE Tunnel Setting
(IKE Phase 1)
(IKE Phase 1)
Negotiation Mode
This shows Main Mode or Aggressive Mode. Multiple SAs connecting through
a secure gateway must have the same negotiation mode.
a secure gateway must have the same negotiation mode.
Encryption
Algorithm
Algorithm
This is the method of data encryption. Options can be DES, 3DES or AES.
Authentication
Algorithm
Algorithm
MD5 (Message Digest 5) and SHA1 (Secure Hash Algorithm) are hash
algorithms used to authenticate packet data.
algorithms used to authenticate packet data.
Key Group
This is the key group you chose for phase 1 IKE setup.
SA Life Time
(Seconds)
(Seconds)
This is the length of time before an IKE SA automatically renegotiates.
Pre-Shared Key
This is a pre-shared key identifying a communicating party during a phase 1 IKE
negotiation.
negotiation.
IPSec Setting (IKE
Phase 2)
Phase 2)
Encapsulation Mode
This shows Tunnel mode or Transport mode.