ZyXEL Communications zywall 50 User Manual
ZyWALL 50 Internet Security Gateway
VPN/IPSec Setup
23-9
Table 23-4 Menu 27.1.1 — IPSec Setup
FIELD DESCRIPTION
EXAMPLE
Secure
Gateway IP
Addr
Gateway IP
Addr
This is the WAN IP address of the IPSec router with which you’re making
the VPN connection. If the peer has a dynamic WAN IP address, set this
field to 0.0.0.0. This may be useful for telecommuters initiating a VPN
tunnel to the company network. Only the telecommuter may initiate the
VPN tunnel in this case.
the VPN connection. If the peer has a dynamic WAN IP address, set this
field to 0.0.0.0. This may be useful for telecommuters initiating a VPN
tunnel to the company network. Only the telecommuter may initiate the
VPN tunnel in this case.
Real IP
address
Protocol
Enter 1 for ICMP, 6 for TCP, 17 for UDP, etc. 0 is the default and signifies
any protocol.
any protocol.
0
Local
Local IP addresses must be static and correspond to the peer’s configured
remote IP address range.
remote IP address range.
IP Addr Start Enter the beginning IP address of the computers on your local network
behind your ZyWALL. This must be a fixed IP address.
192.168.1.35
End Enter the end IP address of the computers on your local network behind
your ZyWALL.
192.168.1.38
Port Start 0 is the default and signifies any port. Type a port number from 0 to 65535.
Some of the most common IP ports are:
21, FTP; 53, DNS; 23, Telnet; 80, HTTP; 25, SMTP; 110, POP3
0
End Enter a port number in this field to define a port range. This port number
must be greater than that specified in the previous field.
Remote
Remote IP addresses must be static and correspond to the initiator’s
configured local IP address range.
configured local IP address range.
IP Addr Start Enter the beginning IP address of the computers on the remote network
behind the remote IPSec router. This must be a fixed IP address.
172.16.2.40
End Enter the end IP address of the computers on the remote network behind
the remote IPSec router.
172.16.2.46
Port Start 0 is the default and signifies any port. Type a port number from 0 to 65535.
Some of the most common IP ports are:
21, FTP; 53, DNS; 23, Telnet; 80, HTTP; 25, SMTP; 110, POP3
0
End Enter a port number in this field to define a port range. This port number
must be greater than that specified in the previous field.
Enable Replay
Detection
Detection
As a VPN setup is processing intensive, the system is vulnerable to Denial
of Service (DoS) attacks The IPSec receiver can detect and reject old or
duplicate packets to protect against replay attacks. Enable replay detection
by setting this field to Yes.
of Service (DoS) attacks The IPSec receiver can detect and reject old or
duplicate packets to protect against replay attacks. Enable replay detection
by setting this field to Yes.
No